diff options
author | Peter Wu <peter@lekensteyn.nl> | 2016-11-30 21:43:09 +0100 |
---|---|---|
committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2016-12-06 05:58:39 +0000 |
commit | 89bc07c5d59ead31cad3ab5eea4378b6bb60bce9 (patch) | |
tree | 535fc1fc686d9a4e4ed54b62e575a7865c6a046b /epan/dissectors/packet-ssl-utils.c | |
parent | f96e9d067ba314c947a3caeafc909e9542042a64 (diff) | |
download | wireshark-89bc07c5d59ead31cad3ab5eea4378b6bb60bce9.tar.gz |
DTLS: add support for use_srtp extension (RFC 5764)
Decryption support will be added later. Tested with
dtls-srtp-ws-sip.pcapng from the linked bug.
Change-Id: Ida1a2da754ef9aef16ad15ff64455b6f8e703ffd
Ping-Bug: 13193
Reviewed-on: https://code.wireshark.org/review/18996
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.c')
-rw-r--r-- | epan/dissectors/packet-ssl-utils.c | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c index 152fa7c6b9..32984f208a 100644 --- a/epan/dissectors/packet-ssl-utils.c +++ b/epan/dissectors/packet-ssl-utils.c @@ -53,6 +53,7 @@ #include "packet-x509if.h" #include "packet-ssl-utils.h" #include "packet-ssl.h" +#include "packet-dtls.h" #if defined(HAVE_LIBGNUTLS) && defined(HAVE_LIBGCRYPT) #include <gnutls/abstract.h> #endif @@ -6128,7 +6129,8 @@ ssl_try_set_version(SslSession *session, SslDecryptSession *ssl, static gint ssl_dissect_hnd_hello_ext(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree, packet_info* pinfo, guint32 offset, guint32 left, guint8 hnd_type, - SslSession *session, SslDecryptSession *ssl); + SslSession *session, SslDecryptSession *ssl, + gboolean is_dtls); void ssl_dissect_hnd_cli_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint32 offset, @@ -6243,7 +6245,7 @@ ssl_dissect_hnd_cli_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb, if (length > offset - start_offset) { ssl_dissect_hnd_hello_ext(hf, tvb, tree, pinfo, offset, length - (offset - start_offset), SSL_HND_CLIENT_HELLO, - session, ssl); + session, ssl, dtls_hfs != NULL); } } @@ -6327,7 +6329,7 @@ ssl_dissect_hnd_srv_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb, if (length > offset - start_offset) { ssl_dissect_hnd_hello_ext(hf, tvb, tree, pinfo, offset, length - (offset - start_offset), SSL_HND_SERVER_HELLO, - session, ssl); + session, ssl, is_dtls); } } /* Client Hello and Server Hello dissections. }}} */ @@ -6384,7 +6386,8 @@ ssl_dissect_hnd_new_ses_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb, void ssl_dissect_hnd_hello_retry_request(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info* pinfo, proto_tree *tree, guint32 offset, guint32 length, - SslSession *session, SslDecryptSession *ssl) + SslSession *session, SslDecryptSession *ssl, + gboolean is_dtls) { /* struct { * ProtocolVersion server_version; @@ -6401,7 +6404,7 @@ ssl_dissect_hnd_hello_retry_request(ssl_common_dissect_t *hf, tvbuff_t *tvb, if (length > offset - start_offset) { ssl_dissect_hnd_hello_ext(hf, tvb, tree, pinfo, offset, length - (offset - start_offset), SSL_HND_HELLO_RETRY_REQUEST, - session, ssl); + session, ssl, is_dtls); } } @@ -6768,7 +6771,8 @@ ssl_dissect_hnd_cert_url(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tr static gint ssl_dissect_hnd_hello_ext(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree, packet_info* pinfo, guint32 offset, guint32 left, guint8 hnd_type, - SslSession *session, SslDecryptSession *ssl) + SslSession *session, SslDecryptSession *ssl, + gboolean is_dtls) { guint16 extension_length; guint16 ext_type; @@ -6856,6 +6860,14 @@ ssl_dissect_hnd_hello_ext(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *t case SSL_HND_HELLO_EXT_SERVER_NAME: offset = ssl_dissect_hnd_hello_ext_server_name(hf, tvb, ext_tree, offset, ext_len); break; + case SSL_HND_HELLO_EXT_USE_SRTP: + if (is_dtls) { + offset = dtls_dissect_hnd_hello_ext_use_srtp(tvb, ext_tree, offset, ext_len); + } else { + // XXX expert info: This extension MUST only be used with DTLS, and not with TLS. + offset += ext_len; + } + break; case SSL_HND_HELLO_EXT_HEARTBEAT: proto_tree_add_item(ext_tree, hf->hf.hs_ext_heartbeat_mode, tvb, offset, 1, ENC_BIG_ENDIAN); |