diff options
| author | Peter Wu <peter@lekensteyn.nl> | 2016-01-13 01:48:34 +0100 |
|---|---|---|
| committer | Michael Mann <mmann78@netscape.net> | 2016-01-31 13:51:58 +0000 |
| commit | 543908bcdf791afafc4c5489e8e97e7779c3dc16 (patch) | |
| tree | 3bab13f1089ff9b5c15e96bcd7d26c78c6b49008 /epan/dissectors/packet-aim.c | |
| parent | 4a79cf2e1ab056faaddd252aa56520435b318a56 (diff) | |
| download | wireshark-543908bcdf791afafc4c5489e8e97e7779c3dc16.tar.gz | |
aim: allow SSL decryption
Very weak form of heuristics has been added based on the FLAP id byte,
but disabled by default. Make it possible to use this protocol in the
RSA keys list dialog.
Bug: 11990
Change-Id: I61f24ae9679c738194393bed0d012d2a752171b2
Reviewed-on: https://code.wireshark.org/review/13195
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Diffstat (limited to 'epan/dissectors/packet-aim.c')
| -rw-r--r-- | epan/dissectors/packet-aim.c | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/epan/dissectors/packet-aim.c b/epan/dissectors/packet-aim.c index 4a9c4b85a0..b99d6b00c4 100644 --- a/epan/dissectors/packet-aim.c +++ b/epan/dissectors/packet-aim.c @@ -32,6 +32,7 @@ #include "packet-tcp.h" #include "packet-aim.h" +#include "packet-ssl.h" #include <epan/prefs.h> #include <epan/expert.h> @@ -462,6 +463,8 @@ static expert_field ei_aim_messageblock_len = EI_INIT; /* desegmentation of AIM over TCP */ static gboolean aim_desegment = TRUE; +static dissector_handle_t aim_handle; + const aim_subtype *aim_get_subtype( guint16 famnum, guint16 subtype ) @@ -1462,6 +1465,19 @@ dissect_aim(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) return tvb_reported_length(tvb); } +static int +dissect_aim_ssl_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) +{ + dissector_handle_t *app_handle = (dissector_handle_t *) data; + /* XXX improve heuristics */ + if (tvb_reported_length(tvb) < 1 || tvb_get_guint8(tvb, 0) != 0x2a) { + return FALSE; + } + dissect_aim(tvb, pinfo, tree, NULL); + *app_handle = aim_handle; + return TRUE; +} + /* Register the protocol with Wireshark */ void @@ -1696,6 +1712,7 @@ proto_register_aim(void) /* Register the protocol name and description */ proto_aim = proto_register_protocol("AOL Instant Messenger", "AIM", "aim"); + aim_handle = register_dissector("aim", dissect_aim, proto_aim); /* Required function calls to register the header fields and subtrees used */ proto_register_field_array(proto_aim, hf, array_length(hf)); @@ -1715,10 +1732,10 @@ proto_register_aim(void) void proto_reg_handoff_aim(void) { - dissector_handle_t aim_handle; - - aim_handle = create_dissector_handle(dissect_aim, proto_aim); dissector_add_uint("tcp.port", TCP_PORT_AIM, aim_handle); + ssl_dissector_add(0, aim_handle); + /* Heuristics disabled by default, it is really weak... */ + heur_dissector_add("ssl", dissect_aim_ssl_heur, "AIM over SSL", "aim_ssl", proto_aim, HEURISTIC_DISABLE); } /* |