case SSL_HND_SERVER_HELLO:
offset = ssl_dissect_hnd_hello_ext_key_share_entry(hf, tvb, key_share_tree, offset, offset_end);
break;
+ case SSL_HND_HELLO_RETRY_REQUEST:
+ proto_tree_add_item(key_share_tree, hf->hf.hs_ext_key_share_selected_group, tvb, offset, 2, ENC_BIG_ENDIAN );
+ offset += 2;
+ break;
default: /* no default */
break;
}
case SSL_HND_CLIENT_HELLO:
case SSL_HND_SERVER_HELLO:
case SSL_HND_NEWSESSION_TICKET:
+ case SSL_HND_HELLO_RETRY_REQUEST:
case SSL_HND_CERTIFICATE:
case SSL_HND_SERVER_KEY_EXCHG:
case SSL_HND_CERT_REQUEST:
#endif
} /* }}} */
+void
+ssl_dissect_hnd_hello_retry_request(ssl_common_dissect_t *hf, tvbuff_t *tvb,
+ packet_info* pinfo, proto_tree *tree, guint32 offset, guint32 length,
+ SslSession *session, SslDecryptSession *ssl)
+{
+ /* struct {
+ * ProtocolVersion server_version;
+ * Extension extensions<2..2^16-1>;
+ * } HelloRetryRequest;
+ */
+ guint16 start_offset = offset;
+
+ proto_tree_add_item(tree, hf->hf.hs_server_version, tvb,
+ offset, 2, ENC_BIG_ENDIAN);
+ offset += 2;
+
+ /* remaining data are extensions */
+ if (length > offset - start_offset) {
+ ssl_dissect_hnd_hello_ext(hf, tvb, tree, pinfo, offset,
+ length - (offset - start_offset), SSL_HND_HELLO_RETRY_REQUEST,
+ session, ssl);
+ }
+}
+
/* Certificate and Certificate Request dissections. {{{ */
void
ssl_dissect_hnd_cert(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree,
SSL_HND_SERVER_HELLO = 2,
SSL_HND_HELLO_VERIFY_REQUEST = 3,
SSL_HND_NEWSESSION_TICKET = 4,
+ SSL_HND_HELLO_RETRY_REQUEST = 6,
SSL_HND_CERTIFICATE = 11,
SSL_HND_SERVER_KEY_EXCHG = 12,
SSL_HND_CERT_REQUEST = 13,
gint hs_ext_key_share_group;
gint hs_ext_key_share_key_exchange_length;
gint hs_ext_key_share_key_exchange;
+ gint hs_ext_key_share_selected_group;
gint hs_ext_psk_identities_length;
gint hs_ext_psk_identity_ke_modes_length;
gint hs_ext_psk_identity_ke_mode;
SslSession *session, SslDecryptSession *ssl,
gboolean is_dtls);
+extern void
+ssl_dissect_hnd_hello_retry_request(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info* pinfo,
+ proto_tree *tree, guint32 offset, guint32 length,
+ SslSession *session, SslDecryptSession *ssl);
+
extern void
ssl_dissect_hnd_new_ses_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb,
proto_tree *tree, guint32 offset,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
- -1, -1, -1, \
+ -1, -1, -1, -1, \
}, \
/* ett */ { \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
FT_BYTES, BASE_NONE, NULL, 0x0, \
NULL, HFILL } \
}, \
+ { & name .hf.hs_ext_key_share_selected_group, \
+ { "Selected Group", prefix ".handshake.extensions_key_share_selected_group", \
+ FT_UINT16, BASE_DEC, VALS(ssl_extension_curves), 0x00, \
+ NULL, HFILL } \
+ }, \
{ & name .hf.hs_ext_psk_identities_length, \
{ "Identities Length", prefix ".handshake.extensions.psk.identities.length", \
FT_UINT16, BASE_DEC, NULL, 0x0, \