From a5bb470a553cbd4dc90a874760ec17e4bd914f7d Mon Sep 17 00:00:00 2001 From: Peter Wu Date: Fri, 17 Mar 2017 13:39:13 +0100 Subject: TLS13: update end_of_early_data to draft -19 It changed from an alert to a handshake message. Change-Id: Ic24776e612a291153290543ba1ec8680d9d74264 Ping-Bug: 12779 Reviewed-on: https://code.wireshark.org/review/20586 Reviewed-by: Alexis La Goutte Petri-Dish: Alexis La Goutte Tested-by: Petri Dish Buildbot Reviewed-by: Michael Mann --- epan/dissectors/packet-dtls.c | 1 + epan/dissectors/packet-ssl-utils.c | 2 ++ epan/dissectors/packet-ssl-utils.h | 1 + epan/dissectors/packet-ssl.c | 29 +++++++++++++---------------- 4 files changed, 17 insertions(+), 16 deletions(-) (limited to 'epan/dissectors') diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c index 526a080c54..1330dc47e0 100644 --- a/epan/dissectors/packet-dtls.c +++ b/epan/dissectors/packet-dtls.c @@ -1332,6 +1332,7 @@ dissect_dtls_handshake(tvbuff_t *tvb, packet_info *pinfo, case SSL_HND_SUPPLEMENTAL_DATA: case SSL_HND_KEY_UPDATE: case SSL_HND_ENCRYPTED_EXTS: + case SSL_HND_END_OF_EARLY_DATA: /* TLS 1.3 */ case SSL_HND_ENCRYPTED_EXTENSIONS: /* TLS 1.3 */ /* TODO: does this need further dissection? */ break; diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c index 55fc59a77f..ebf5e5ba6a 100644 --- a/epan/dissectors/packet-ssl-utils.c +++ b/epan/dissectors/packet-ssl-utils.c @@ -558,6 +558,7 @@ const value_string ssl_31_handshake_type[] = { { SSL_HND_SERVER_HELLO, "Server Hello" }, { SSL_HND_HELLO_VERIFY_REQUEST, "Hello Verify Request"}, { SSL_HND_NEWSESSION_TICKET, "New Session Ticket" }, + { SSL_HND_END_OF_EARLY_DATA, "End of Early Data" }, { SSL_HND_HELLO_RETRY_REQUEST, "Hello Retry Request" }, { SSL_HND_ENCRYPTED_EXTENSIONS, "Encrypted Extensions" }, { SSL_HND_CERTIFICATE, "Certificate" }, @@ -6823,6 +6824,7 @@ ssl_is_valid_handshake_type(guint8 hs_type, gboolean is_dtls) case SSL_HND_CLIENT_HELLO: case SSL_HND_SERVER_HELLO: case SSL_HND_NEWSESSION_TICKET: + case SSL_HND_END_OF_EARLY_DATA: case SSL_HND_HELLO_RETRY_REQUEST: case SSL_HND_ENCRYPTED_EXTENSIONS: case SSL_HND_CERTIFICATE: diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h index b1e1485813..918ae59945 100644 --- a/epan/dissectors/packet-ssl-utils.h +++ b/epan/dissectors/packet-ssl-utils.h @@ -59,6 +59,7 @@ typedef enum { SSL_HND_SERVER_HELLO = 2, SSL_HND_HELLO_VERIFY_REQUEST = 3, SSL_HND_NEWSESSION_TICKET = 4, + SSL_HND_END_OF_EARLY_DATA = 5, SSL_HND_HELLO_RETRY_REQUEST = 6, SSL_HND_ENCRYPTED_EXTENSIONS = 8, SSL_HND_CERTIFICATE = 11, diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c index d108345c47..51284b3a1c 100644 --- a/epan/dissectors/packet-ssl.c +++ b/epan/dissectors/packet-ssl.c @@ -553,8 +553,7 @@ static gint dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, /* alert message dissector */ static void dissect_ssl3_alert(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint32 offset, - const SslSession *session, gboolean is_from_server, - SslDecryptSession *ssl); + const SslSession *session); /* handshake protocol dissector */ static void dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo, @@ -1764,9 +1763,9 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, break; case SSL_ID_ALERT: if (decrypted) { - dissect_ssl3_alert(decrypted, pinfo, ssl_record_tree, 0, session, is_from_server, ssl); + dissect_ssl3_alert(decrypted, pinfo, ssl_record_tree, 0, session); } else { - dissect_ssl3_alert(tvb, pinfo, ssl_record_tree, offset, session, is_from_server, ssl); + dissect_ssl3_alert(tvb, pinfo, ssl_record_tree, offset, session); } break; case SSL_ID_HANDSHAKE: @@ -1854,8 +1853,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, static void dissect_ssl3_alert(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint32 offset, - const SslSession *session, gboolean is_from_server, - SslDecryptSession *ssl) + const SslSession *session) { /* struct { * AlertLevel level; @@ -1887,16 +1885,6 @@ dissect_ssl3_alert(tvbuff_t *tvb, packet_info *pinfo, desc_byte = tvb_get_guint8(tvb, offset+1); /* grab the desc byte */ desc = try_val_to_str(desc_byte, ssl_31_alert_description); - /* - * TLS 1.3: clients send an Alert at warning (1) level with description - * end_of_early_data (1) to end 0-RTT application data. - */ - if (level_byte == 1 && desc_byte == 1 && !is_from_server && ssl) { - ssl_load_keyfile(ssl_options.keylog_filename, &ssl_keylog_file, &ssl_master_key_map); - tls13_change_key(ssl, &ssl_master_key_map, FALSE, TLS_SECRET_HANDSHAKE); - ssl->has_early_data = FALSE; - } - /* now set the text in the record layer line */ if (level && desc) { @@ -2123,6 +2111,15 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo, ssl_master_key_map.tickets); break; + case SSL_HND_END_OF_EARLY_DATA: + /* https://tools.ietf.org/html/draft-ietf-tls-tls13-19#section-4.5 */ + if (!is_from_server && ssl) { + ssl_load_keyfile(ssl_options.keylog_filename, &ssl_keylog_file, &ssl_master_key_map); + tls13_change_key(ssl, &ssl_master_key_map, FALSE, TLS_SECRET_HANDSHAKE); + ssl->has_early_data = FALSE; + } + break; + case SSL_HND_HELLO_RETRY_REQUEST: ssl_dissect_hnd_hello_retry_request(&dissect_ssl3_hf, tvb, pinfo, ssl_hand_tree, offset, offset + length, session, ssl, FALSE); -- cgit v1.2.1