diff options
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.h')
-rw-r--r-- | epan/dissectors/packet-ssl-utils.h | 43 |
1 files changed, 32 insertions, 11 deletions
diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h index a74f3b911c..19fcf2c26f 100644 --- a/epan/dissectors/packet-ssl-utils.h +++ b/epan/dissectors/packet-ssl-utils.h @@ -31,13 +31,13 @@ #include <epan/prefs.h> #include <epan/wmem/wmem.h> #include <epan/expert.h> +#include <epan/conversation.h> #include <wsutil/wsgcrypt.h> #ifdef HAVE_LIBGNUTLS #include <gnutls/x509.h> #include <gnutls/pkcs12.h> -#include <epan/conversation.h> #include "ws_symbol_export.h" /* #define SSL_FAST 1 */ @@ -353,6 +353,16 @@ typedef struct _SslSession { guint32 version; gint8 client_cert_type; gint8 server_cert_type; + + /* The address/proto/port of the server as determined from heuristics + * (e.g. ClientHello) or set externally (via ssl_set_master_secret()). */ + address srv_addr; + port_type srv_ptype; + guint srv_port; + + /* The Application layer protocol if known (for STARTTLS support) */ + dissector_handle_t app_handle; + guint32 last_nontls_frame; } SslSession; /* RFC 5246, section 8.1 says that the master secret is always 48 bytes */ @@ -389,10 +399,6 @@ typedef struct _SslDecryptSession { StringInfo app_data_segment; SslSession session; - address srv_addr; - port_type srv_ptype; - guint srv_port; - } SslDecryptSession; typedef struct _SslAssociation { @@ -452,14 +458,29 @@ gboolean ssldecrypt_uat_fld_password_chk_cb(void*, const char*, unsigned, const extern void ssl_lib_init(void); -/** Initialize an ssl session struct - @param ssl pointer to ssl session struct to be initialized */ -extern void -ssl_session_init(SslDecryptSession* ssl); +/** Retrieve a SslSession, creating it if it did not already exist. + * @param conversation The SSL conversation. + * @param ssl_handle The dissector handle for SSL or DTLS. + */ +extern SslDecryptSession * +ssl_get_session(conversation_t *conversation, dissector_handle_t ssl_handle); /** Set server address and port */ extern void -ssl_set_server(SslDecryptSession* ssl, address *addr, port_type ptype, guint32 port); +ssl_set_server(SslSession *session, address *addr, port_type ptype, guint32 port); + +/** Marks this packet as the last one before switching to SSL that is supposed + * to encapsulate this protocol. + * @param ssl_handle The dissector handle for SSL or DTLS. + * @param pinfo Packet Info. + * @param app_handle Dissector handle for the protocol inside the decrypted + * Application Data record. + * @return 0 for the first STARTTLS acknowledgement (success) or if ssl_handle + * is NULL. >0 if STARTTLS was started before. + */ +extern guint32 +ssl_starttls_ack(dissector_handle_t ssl_handle, packet_info *pinfo, + dissector_handle_t app_handle); /** set the data and len for the stringInfo buffer. buf should be big enough to * contain the provided data @@ -561,7 +582,7 @@ extern gint ssl_assoc_from_key_list(gpointer key _U_, gpointer data, gpointer user_data); extern gint -ssl_packet_from_server(SslDecryptSession* ssl, GTree* associations, packet_info *pinfo); +ssl_packet_from_server(SslSession *session, GTree *associations, packet_info *pinfo); /* add to packet data a copy of the specified real data */ extern void |