Ethereal-dev: [Ethereal-dev] Re: packet-ssl.c patch for certificates
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Yaniv Kaul <ykaul@xxxxxxxxxxxx>
Date: Thu, 29 Jul 2004 19:06:47 +0200
Same patch as output of 'svn diff' (not 'cvs diff'). Does it matter? Yaniv Kaul wrote:
Attached please find a patch to packet-ssl.c which adds the long-waited certificates dissection.There's a lot more to do, of course.Specifically, I don't know how to add OIDs (the algorithms OIDs, for example).------------------------------------------------------------------------ --- packet-ssl.orig.c 2004-07-29 06:18:36.000000000 +0200 +++ packet-ssl.c 2004-07-29 16:48:34.000000000 +0200 @@ -96,6 +96,7 @@ #include <epan/conversation.h> #include "prefs.h" +#include "packet-x509af.h" static gboolean ssl_desegment = TRUE; @@ -170,6 +171,7 @@ static int hf_pct_handshake_hash_spec = -1; static int hf_pct_handshake_cert_spec = -1; static int hf_pct_handshake_cert = -1; +static int hf_pct_handshake_server_cert = -1; static int hf_pct_handshake_exch_spec = -1; static int hf_pct_handshake_hash = -1; static int hf_pct_handshake_cipher = -1; @@ -713,7 +715,7 @@ guint32 offset); static void dissect_ssl3_hnd_cert(tvbuff_t *tvb, - proto_tree *tree, guint32 offset); + proto_tree *tree, guint32 offset, packet_info *pinfo); static void dissect_ssl3_hnd_cert_req(tvbuff_t *tvb, proto_tree *tree, @@ -756,10 +758,10 @@ /* server hello dissector */ static void dissect_ssl2_hnd_server_hello(tvbuff_t *tvb, proto_tree *tree, - guint32 offset); + guint32 offset, packet_info *pinfo); static void dissect_pct_msg_server_hello(tvbuff_t *tvb, proto_tree *tree, - guint32 offset); + guint32 offset, packet_info *pinfo); static void dissect_pct_msg_server_verify(tvbuff_t *tvb, @@ -1427,7 +1429,7 @@ break; case SSL_HND_CERTIFICATE: - dissect_ssl3_hnd_cert(tvb, ssl_hand_tree, offset); + dissect_ssl3_hnd_cert(tvb, ssl_hand_tree, offset, pinfo); break; case SSL_HND_SERVER_KEY_EXCHG: @@ -1650,7 +1652,7 @@ static void dissect_ssl3_hnd_cert(tvbuff_t *tvb, - proto_tree *tree, guint32 offset) + proto_tree *tree, guint32 offset, packet_info *pinfo) { /* opaque ASN.1Cert<2^24-1>; @@ -1698,14 +1700,15 @@ tvb, offset, 3, FALSE); offset += 3; - proto_tree_add_bytes_format(subtree, + /*proto_tree_add_bytes_format(subtree, hf_ssl_handshake_certificate, tvb, offset, cert_length, tvb_get_ptr(tvb, offset, cert_length), "Certificate (%u byte%s)", cert_length, plurality(cert_length, "", "s")); - + */ + dissect_x509af_Certificate(FALSE, tvb, offset, pinfo, subtree, hf_ssl_handshake_certificate); offset += cert_length; } } @@ -2075,7 +2078,7 @@ break; case SSL2_HND_SERVER_HELLO: - dissect_ssl2_hnd_server_hello(tvb, ssl_record_tree, offset); + dissect_ssl2_hnd_server_hello(tvb, ssl_record_tree, offset, pinfo); break; case SSL2_HND_ERROR: @@ -2099,7 +2102,7 @@ dissect_pct_msg_client_hello(tvb, ssl_record_tree, offset); break; case PCT_MSG_SERVER_HELLO: - dissect_pct_msg_server_hello(tvb, ssl_record_tree, offset); + dissect_pct_msg_server_hello(tvb, ssl_record_tree, offset, pinfo); break; case PCT_MSG_CLIENT_MASTER_KEY: dissect_pct_msg_client_master_key(tvb, ssl_record_tree, offset); @@ -2322,7 +2325,7 @@ } static void -dissect_pct_msg_server_hello(tvbuff_t *tvb, proto_tree *tree, guint32 offset) +dissect_pct_msg_server_hello(tvbuff_t *tvb, proto_tree *tree, guint32 offset, packet_info *pinfo) {/* structure: char SH_MSG_SERVER_HELLO@@ -2405,7 +2408,8 @@ offset += 2; if(SH_CERT_LENGTH) { - proto_tree_add_text(tree, tvb, offset, SH_CERT_LENGTH, "Server Certificate (%d bytes)", SH_CERT_LENGTH); + dissect_x509af_Certificate(FALSE, tvb, offset, pinfo, tree, hf_pct_handshake_server_cert); + //proto_tree_add_text(tree, tvb, offset, SH_CERT_LENGTH, "Server Certificate (%d bytes)", SH_CERT_LENGTH); offset += SH_CERT_LENGTH; } @@ -2622,7 +2626,7 @@ static void dissect_ssl2_hnd_server_hello(tvbuff_t *tvb, - proto_tree *tree, guint32 offset) + proto_tree *tree, guint32 offset, packet_info *pinfo) { /* struct { * uint8 msg_type; @@ -2696,13 +2700,15 @@ /* now the variable length fields */ if (certificate_length > 0) { - proto_tree_add_bytes_format(tree, hf_ssl_handshake_certificate, + /*proto_tree_add_bytes_format(tree, hf_ssl_handshake_certificate, tvb, offset, certificate_length, tvb_get_ptr(tvb, offset, certificate_length), "Certificate (%u byte%s)", certificate_length, plurality(certificate_length, "", "s")); - offset += certificate_length; + */ + dissect_x509af_Certificate(FALSE, tvb, offset, pinfo, tree, hf_ssl_handshake_certificate); + offset += certificate_length; } if (cipher_spec_length > 0) @@ -3386,7 +3392,7 @@ "PCT Certificate specification", HFILL } }, { &hf_pct_handshake_cert, - { "Cert Spec", "pct.handshake.cert", + { "Cert", "pct.handshake.cert", FT_UINT16, BASE_HEX, VALS(pct_cert_type), 0x0, "PCT Certificate", HFILL } }, @@ -3410,6 +3416,11 @@ FT_UINT16, BASE_HEX, VALS(pct_error_code), 0x0, "PCT Error Code", HFILL } }, + { &hf_pct_handshake_server_cert, + { "Server Cert", "pct.handshake.server_cert", + FT_BYTES, BASE_NONE, NULL , 0x0, + "PCT Server Certificate", HFILL } + }, }; /* Setup protocol subtree array */
Index: packet-ssl.c
===================================================================
--- packet-ssl.c (revision 11567)
+++ packet-ssl.c (working copy)
@@ -96,6 +96,7 @@
#include <epan/conversation.h>
#include "prefs.h"
+#include "packet-x509af.h"
static gboolean ssl_desegment = TRUE;
@@ -170,6 +171,7 @@
static int hf_pct_handshake_hash_spec = -1;
static int hf_pct_handshake_cert_spec = -1;
static int hf_pct_handshake_cert = -1;
+static int hf_pct_handshake_server_cert = -1;
static int hf_pct_handshake_exch_spec = -1;
static int hf_pct_handshake_hash = -1;
static int hf_pct_handshake_cipher = -1;
@@ -713,7 +715,7 @@
guint32 offset);
static void dissect_ssl3_hnd_cert(tvbuff_t *tvb,
- proto_tree *tree, guint32 offset);
+ proto_tree *tree, guint32 offset, packet_info *pinfo);
static void dissect_ssl3_hnd_cert_req(tvbuff_t *tvb,
proto_tree *tree,
@@ -756,10 +758,10 @@
/* server hello dissector */
static void dissect_ssl2_hnd_server_hello(tvbuff_t *tvb,
proto_tree *tree,
- guint32 offset);
+ guint32 offset, packet_info *pinfo);
static void dissect_pct_msg_server_hello(tvbuff_t *tvb,
proto_tree *tree,
- guint32 offset);
+ guint32 offset, packet_info *pinfo);
static void dissect_pct_msg_server_verify(tvbuff_t *tvb,
@@ -1427,7 +1429,7 @@
break;
case SSL_HND_CERTIFICATE:
- dissect_ssl3_hnd_cert(tvb, ssl_hand_tree, offset);
+ dissect_ssl3_hnd_cert(tvb, ssl_hand_tree, offset, pinfo);
break;
case SSL_HND_SERVER_KEY_EXCHG:
@@ -1650,7 +1652,7 @@
static void
dissect_ssl3_hnd_cert(tvbuff_t *tvb,
- proto_tree *tree, guint32 offset)
+ proto_tree *tree, guint32 offset, packet_info *pinfo)
{
/* opaque ASN.1Cert<2^24-1>;
@@ -1698,14 +1700,15 @@
tvb, offset, 3, FALSE);
offset += 3;
- proto_tree_add_bytes_format(subtree,
+ /*proto_tree_add_bytes_format(subtree,
hf_ssl_handshake_certificate,
tvb, offset, cert_length,
tvb_get_ptr(tvb, offset, cert_length),
"Certificate (%u byte%s)",
cert_length,
plurality(cert_length, "", "s"));
-
+ */
+ dissect_x509af_Certificate(FALSE, tvb, offset, pinfo, subtree, hf_ssl_handshake_certificate);
offset += cert_length;
}
}
@@ -2075,7 +2078,7 @@
break;
case SSL2_HND_SERVER_HELLO:
- dissect_ssl2_hnd_server_hello(tvb, ssl_record_tree, offset);
+ dissect_ssl2_hnd_server_hello(tvb, ssl_record_tree, offset, pinfo);
break;
case SSL2_HND_ERROR:
@@ -2099,7 +2102,7 @@
dissect_pct_msg_client_hello(tvb, ssl_record_tree, offset);
break;
case PCT_MSG_SERVER_HELLO:
- dissect_pct_msg_server_hello(tvb, ssl_record_tree, offset);
+ dissect_pct_msg_server_hello(tvb, ssl_record_tree, offset, pinfo);
break;
case PCT_MSG_CLIENT_MASTER_KEY:
dissect_pct_msg_client_master_key(tvb, ssl_record_tree, offset);
@@ -2322,7 +2325,7 @@
}
static void
-dissect_pct_msg_server_hello(tvbuff_t *tvb, proto_tree *tree, guint32 offset)
+dissect_pct_msg_server_hello(tvbuff_t *tvb, proto_tree *tree, guint32 offset, packet_info *pinfo)
{
/* structure:
char SH_MSG_SERVER_HELLO
@@ -2405,7 +2408,8 @@
offset += 2;
if(SH_CERT_LENGTH) {
- proto_tree_add_text(tree, tvb, offset, SH_CERT_LENGTH, "Server Certificate (%d bytes)", SH_CERT_LENGTH);
+ dissect_x509af_Certificate(FALSE, tvb, offset, pinfo, tree, hf_pct_handshake_server_cert);
+ //proto_tree_add_text(tree, tvb, offset, SH_CERT_LENGTH, "Server Certificate (%d bytes)", SH_CERT_LENGTH);
offset += SH_CERT_LENGTH;
}
@@ -2622,7 +2626,7 @@
static void
dissect_ssl2_hnd_server_hello(tvbuff_t *tvb,
- proto_tree *tree, guint32 offset)
+ proto_tree *tree, guint32 offset, packet_info *pinfo)
{
/* struct {
* uint8 msg_type;
@@ -2696,13 +2700,15 @@
/* now the variable length fields */
if (certificate_length > 0)
{
- proto_tree_add_bytes_format(tree, hf_ssl_handshake_certificate,
+ /*proto_tree_add_bytes_format(tree, hf_ssl_handshake_certificate,
tvb, offset, certificate_length,
tvb_get_ptr(tvb, offset, certificate_length),
"Certificate (%u byte%s)",
certificate_length,
plurality(certificate_length, "", "s"));
- offset += certificate_length;
+ */
+ dissect_x509af_Certificate(FALSE, tvb, offset, pinfo, tree, hf_ssl_handshake_certificate);
+ offset += certificate_length;
}
if (cipher_spec_length > 0)
@@ -3386,7 +3392,7 @@
"PCT Certificate specification", HFILL }
},
{ &hf_pct_handshake_cert,
- { "Cert Spec", "pct.handshake.cert",
+ { "Cert", "pct.handshake.cert",
FT_UINT16, BASE_HEX, VALS(pct_cert_type), 0x0,
"PCT Certificate", HFILL }
},
@@ -3410,6 +3416,11 @@
FT_UINT16, BASE_HEX, VALS(pct_error_code), 0x0,
"PCT Error Code", HFILL }
},
+ { &hf_pct_handshake_server_cert,
+ { "Server Cert", "pct.handshake.server_cert",
+ FT_BYTES, BASE_NONE, NULL , 0x0,
+ "PCT Server Certificate", HFILL }
+ },
};
/* Setup protocol subtree array */
- Follow-Ups:
- Re: [Ethereal-dev] Re: packet-ssl.c patch for certificates
- From: Olivier Biot
- Re: [Ethereal-dev] Re: packet-ssl.c patch for certificates
- From: Ronnie Sahlberg
- Re: [Ethereal-dev] Re: packet-ssl.c patch for certificates
- From: Ronnie Sahlberg
- Re: [Ethereal-dev] Re: packet-ssl.c patch for certificates
- References:
- [Ethereal-dev] packet-ssl.c patch for certificates
- From: Yaniv Kaul
- [Ethereal-dev] packet-ssl.c patch for certificates
- Prev by Date: RE: [Ethereal-dev] CRC wish list
- Next by Date: Re: [Ethereal-dev] Re: packet-ssl.c patch for certificates
- Previous by thread: [Ethereal-dev] packet-ssl.c patch for certificates
- Next by thread: Re: [Ethereal-dev] Re: packet-ssl.c patch for certificates
- Index(es):
- Get Wireshark
- Download
- Code of Conduct