QUIC: gQUIC Q044 always use CHLO from gQUIC (with tag)
Bug: 15131 Change-Id: I26af8d31939725824fd57000bc9ce57e8034def9 Reviewed-on: https://code.wireshark.org/review/29575 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This commit is contained in:
parent
b804d0d5ee
commit
9fcb4af6b6
|
@ -352,6 +352,7 @@ set(DISSECTOR_PUBLIC_HEADERS
|
|||
packet-gmr1_common.h
|
||||
packet-gmr1_rr.h
|
||||
packet-gprscdr.h
|
||||
packet-gquic.h
|
||||
packet-gre.h
|
||||
packet-gsm_a_common.h
|
||||
packet-gsm_a_rr.h
|
||||
|
|
|
@ -25,6 +25,7 @@ QUIC source code in Chromium : https://code.google.com/p/chromium/codesearch#chr
|
|||
#include <epan/conversation.h>
|
||||
#include <epan/dissectors/packet-http2.h>
|
||||
#include <wsutil/strtoi.h>
|
||||
#include "packet-gquic.h"
|
||||
|
||||
void proto_register_gquic(void);
|
||||
void proto_reg_handoff_gquic(void);
|
||||
|
@ -186,6 +187,7 @@ static expert_field ei_gquic_tag_length = EI_INIT;
|
|||
static expert_field ei_gquic_tag_unknown = EI_INIT;
|
||||
static expert_field ei_gquic_version_invalid = EI_INIT;
|
||||
|
||||
|
||||
typedef struct gquic_info_data {
|
||||
guint8 version;
|
||||
gboolean version_valid;
|
||||
|
@ -1097,7 +1099,7 @@ static guint32 get_len_packet_number(guint8 puflags){
|
|||
return 6;
|
||||
}
|
||||
|
||||
static gboolean is_gquic_unencrypt(tvbuff_t *tvb, packet_info *pinfo, guint offset, guint16 len_pkn, gquic_info_data_t *gquic_info){
|
||||
gboolean is_gquic_unencrypt(tvbuff_t *tvb, packet_info *pinfo, guint offset, guint16 len_pkn, gquic_info_data_t *gquic_info){
|
||||
guint8 frame_type;
|
||||
guint8 num_ranges, num_revived, num_blocks = 0, num_timestamp;
|
||||
guint32 len_stream = 0, len_offset = 0, len_data = 0, len_largest_observed = 1, len_missing_packet = 1;
|
||||
|
@ -1986,8 +1988,7 @@ dissect_gquic_frame_type(tvbuff_t *tvb, packet_info *pinfo, proto_tree *gquic_tr
|
|||
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
int
|
||||
dissect_gquic_unencrypt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *gquic_tree, guint offset, guint8 len_pkn, gquic_info_data_t *gquic_info){
|
||||
proto_item *ti_prflags;
|
||||
proto_tree *prflags_tree;
|
||||
|
@ -2015,6 +2016,44 @@ dissect_gquic_unencrypt(tvbuff_t *tvb, packet_info *pinfo, proto_tree *gquic_tre
|
|||
|
||||
}
|
||||
|
||||
int
|
||||
dissect_gquic_ietf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *gquic_tree, guint offset, guint32 version){
|
||||
conversation_t *conv;
|
||||
gquic_info_data_t *gquic_info;
|
||||
guint64 pkn;
|
||||
|
||||
/* get conversation, create if necessary*/
|
||||
conv = find_or_create_conversation(pinfo);
|
||||
|
||||
/* get associated state information, create if necessary */
|
||||
gquic_info = (gquic_info_data_t *)conversation_get_proto_data(conv, proto_gquic);
|
||||
|
||||
if (!gquic_info) {
|
||||
gquic_info = wmem_new(wmem_file_scope(), gquic_info_data_t);
|
||||
gquic_info->version = (guint8)version;
|
||||
gquic_info->encoding = ENC_LITTLE_ENDIAN;
|
||||
gquic_info->version_valid = TRUE;
|
||||
gquic_info->server_port = 443;
|
||||
conversation_add_proto_data(conv, proto_gquic, gquic_info);
|
||||
}
|
||||
|
||||
proto_tree_add_item_ret_uint64(gquic_tree, hf_gquic_packet_number, tvb, offset, 4, ENC_BIG_ENDIAN, &pkn);
|
||||
offset += 4;
|
||||
|
||||
if (is_gquic_unencrypt(tvb, pinfo, offset, tvb_reported_length_remaining(tvb, offset), gquic_info)){
|
||||
offset = dissect_gquic_unencrypt(tvb, pinfo, gquic_tree, offset, tvb_reported_length_remaining(tvb, offset), gquic_info);
|
||||
}else { /* Payload... (encrypted... TODO FIX !) */
|
||||
col_add_str(pinfo->cinfo, COL_INFO, "Payload (Encrypted)");
|
||||
proto_tree_add_item(gquic_tree, hf_gquic_payload, tvb, offset, -1, ENC_NA);
|
||||
offset += tvb_reported_length_remaining(tvb, offset);
|
||||
}
|
||||
|
||||
col_append_fstr(pinfo->cinfo, COL_INFO, ", PKN: %" G_GINT64_MODIFIER "u", pkn);
|
||||
|
||||
return offset;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
dissect_gquic_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
|
||||
void *data _U_)
|
||||
|
|
|
@ -0,0 +1,31 @@
|
|||
/* packet-gquic.h
|
||||
* Routines for (Google) Quick UDP Internet Connections dissection
|
||||
* Copyright 2013, Alexis La Goutte <alexis.lagoutte at gmail dot com>
|
||||
*
|
||||
* Wireshark - Network traffic analyzer
|
||||
* By Gerald Combs <gerald@wireshark.org>
|
||||
* Copyright 1998 Gerald Combs
|
||||
*
|
||||
* SPDX-License-Identifier: GPL-2.0-or-later
|
||||
*/
|
||||
|
||||
#ifndef __PACKET_GQUIC_H__
|
||||
#define __PACKET_GQUIC_H__
|
||||
|
||||
int
|
||||
dissect_gquic_ietf(tvbuff_t *tvb, packet_info *pinfo, proto_tree *gquic_tree, guint offset, guint32 version);
|
||||
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Editor modelines - http://www.wireshark.org/tools/modelines.html
|
||||
*
|
||||
* Local variables:
|
||||
* c-basic-offset: 4
|
||||
* tab-width: 8
|
||||
* indent-tabs-mode: nil
|
||||
* End:
|
||||
*
|
||||
* vi: set shiftwidth=4 tabstop=8 expandtab:
|
||||
* :indentSize=4:tabSize=8:noTabs=true:
|
||||
*/
|
|
@ -27,6 +27,7 @@
|
|||
#include "packet-tls.h"
|
||||
#include <epan/prefs.h>
|
||||
#include <wsutil/pint.h>
|
||||
#include "packet-gquic.h"
|
||||
|
||||
#if GCRYPT_VERSION_NUMBER >= 0x010600 /* 1.6.0 */
|
||||
/* Whether to provide support for authentication in addition to decryption. */
|
||||
|
@ -1901,6 +1902,10 @@ dissect_quic_long_header(tvbuff_t *tvb, packet_info *pinfo, proto_tree *quic_tre
|
|||
|
||||
offset = dissect_quic_long_header_common(tvb, pinfo, quic_tree, offset, quic_packet, &version, &dcid, &scid);
|
||||
|
||||
if (conn->version == 0x51303434) { /* gQUIC Q044 */
|
||||
return dissect_gquic_ietf(tvb, pinfo, quic_tree, offset, conn->version);
|
||||
}
|
||||
|
||||
if (long_packet_type == QUIC_LPT_INITIAL) {
|
||||
proto_tree_add_item_ret_varint(quic_tree, hf_quic_token_length, tvb, offset, -1, ENC_VARINT_QUIC, &token_length, &len_token_length);
|
||||
offset += len_token_length;
|
||||
|
@ -2069,7 +2074,7 @@ quic_get_message_tvb(tvbuff_t *tvb, const guint offset)
|
|||
guint version = tvb_get_ntohl(tvb, offset + 1);
|
||||
// If this is not a VN packet but a valid long form, extract a subset.
|
||||
// TODO check for valid QUIC versions as future versions might change the format.
|
||||
if (version != 0) {
|
||||
if (version != 0 && !is_gquic_version(version)) {
|
||||
guint8 cid_lengths = tvb_get_guint8(tvb, offset + 5);
|
||||
guint8 dcil = cid_lengths >> 4;
|
||||
guint8 scil = cid_lengths & 0xf;
|
||||
|
|
Loading…
Reference in New Issue