ead632581a079ad14dec5432487bc42bd813dce6
[obnox/wireshark/wip.git] / epan / dissectors / packet-dtls.c
1 /* packet-dtls.c
2  * Routines for dtls dissection
3  * Copyright (c) 2006, Authesserre Samuel <sauthess@gmail.com>
4  * Copyright (c) 2007, Mikael Magnusson <mikma@users.sourceforge.net>
5  *
6  * $Id$
7  *
8  * Wireshark - Network traffic analyzer
9  * By Gerald Combs <gerald@wireshark.org>
10  * Copyright 1998 Gerald Combs
11  *
12  * This program is free software; you can redistribute it and/or
13  * modify it under the terms of the GNU General Public License
14  * as published by the Free Software Foundation; either version 2
15  * of the License, or (at your option) any later version.
16  *
17  * This program is distributed in the hope that it will be useful,
18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
20  * GNU General Public License for more details.
21  *
22  * You should have received a copy of the GNU General Public License
23  * along with this program; if not, write to the Free Software
24  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
25  *
26  *
27  * DTLS dissection and decryption.
28  * See RFC 4347 for details about DTLS specs.
29  *
30  * Notes :
31  * This dissector is based on the TLS dissector (packet-ssl.c); Because of the similarity
32  *   of DTLS and TLS, decryption works like TLS with RSA key exchange.
33  * This dissector uses the sames things (file, libraries) as the SSL dissector (gnutls, packet-ssl-utils.h)
34  *  to make it easily maintainable.
35  *
36  * It was developed to dissect and decrypt the OpenSSL v 0.9.8f DTLS implementation.
37  * It is limited to this implementation; there is no complete implementation.
38  *
39  * Implemented :
40  *  - DTLS dissection
41  *  - DTLS decryption (openssl one)
42  *
43  * Todo :
44  *  - activate correct Mac calculation when openssl will be corrected
45  *    (or if an other implementation works),
46  *    corrected code is ready and commented in packet-ssl-utils.h file.
47  *  - add missings things (desegmentation, reordering... that aren't present in actual OpenSSL implementation)
48  */
49
50 #ifdef HAVE_CONFIG_H
51 # include "config.h"
52 #endif
53
54 #include <glib.h>
55
56 #include <epan/packet.h>
57 #include <epan/conversation.h>
58 #include <epan/prefs.h>
59 #include <epan/asn1.h>
60 #include <epan/dissectors/packet-x509af.h>
61 #include <epan/emem.h>
62 #include <epan/tap.h>
63 #include <epan/reassemble.h>
64 #include "packet-ssl-utils.h"
65 #include <wsutil/file_util.h>
66 #include <epan/uat.h>
67
68 /* DTLS User Access Table */
69 static ssldecrypt_assoc_t *dtlskeylist_uats = NULL;
70 static guint ndtlsdecrypt = 0;
71
72 /* we need to remember the top tree so that subdissectors we call are created
73  * at the root and not deep down inside the DTLS decode
74  */
75 static proto_tree *top_tree;
76
77 /*********************************************************************
78  *
79  * Protocol Constants, Variables, Data Structures
80  *
81  *********************************************************************/
82
83 /* Initialize the protocol and registered fields */
84 static gint dtls_tap                            = -1;
85 static gint proto_dtls                          = -1;
86 static gint hf_dtls_record                      = -1;
87 static gint hf_dtls_record_content_type         = -1;
88 static gint hf_dtls_record_version              = -1;
89 static gint hf_dtls_record_epoch                = -1;
90 static gint hf_dtls_record_sequence_number      = -1;
91 static gint hf_dtls_record_length               = -1;
92 static gint hf_dtls_record_appdata              = -1;
93 static gint hf_dtls_change_cipher_spec          = -1;
94 static gint hf_dtls_alert_message               = -1;
95 static gint hf_dtls_alert_message_level         = -1;
96 static gint hf_dtls_alert_message_description   = -1;
97 static gint hf_dtls_handshake_protocol          = -1;
98 static gint hf_dtls_handshake_type              = -1;
99 static gint hf_dtls_handshake_length            = -1;
100 static gint hf_dtls_handshake_message_seq       = -1;
101 static gint hf_dtls_handshake_fragment_offset   = -1;
102 static gint hf_dtls_handshake_fragment_length   = -1;
103 static gint hf_dtls_handshake_client_version    = -1;
104 static gint hf_dtls_handshake_server_version    = -1;
105 static gint hf_dtls_handshake_random_time       = -1;
106 static gint hf_dtls_handshake_random_bytes      = -1;
107 static gint hf_dtls_handshake_cookie_len        = -1;
108 static gint hf_dtls_handshake_cookie            = -1;
109 static gint hf_dtls_handshake_cipher_suites_len = -1;
110 static gint hf_dtls_handshake_cipher_suites     = -1;
111 static gint hf_dtls_handshake_cipher_suite      = -1;
112 static gint hf_dtls_handshake_session_id        = -1;
113 static gint hf_dtls_handshake_comp_methods_len  = -1;
114 static gint hf_dtls_handshake_comp_methods      = -1;
115 static gint hf_dtls_handshake_comp_method       = -1;
116 static gint hf_dtls_handshake_extensions_len    = -1;
117 static gint hf_dtls_handshake_extension_type    = -1;
118 static gint hf_dtls_handshake_extension_len     = -1;
119 static gint hf_dtls_handshake_extension_data    = -1;
120 static gint hf_dtls_handshake_certificates_len  = -1;
121 static gint hf_dtls_handshake_certificates      = -1;
122 static gint hf_dtls_handshake_certificate       = -1;
123 static gint hf_dtls_handshake_certificate_len   = -1;
124 static gint hf_dtls_handshake_cert_types_count  = -1;
125 static gint hf_dtls_handshake_cert_types        = -1;
126 static gint hf_dtls_handshake_cert_type         = -1;
127 static gint hf_dtls_handshake_finished          = -1;
128 static gint hf_dtls_handshake_md5_hash          = -1;
129 static gint hf_dtls_handshake_sha_hash          = -1;
130 static gint hf_dtls_handshake_session_id_len    = -1;
131 static gint hf_dtls_handshake_dnames_len        = -1;
132 static gint hf_dtls_handshake_dnames            = -1;
133 static gint hf_dtls_handshake_dname_len         = -1;
134 static gint hf_dtls_handshake_dname             = -1;
135
136 static gint hf_dtls_fragments                   = -1;
137 static gint hf_dtls_fragment                    = -1;
138 static gint hf_dtls_fragment_overlap            = -1;
139 static gint hf_dtls_fragment_overlap_conflicts  = -1;
140 static gint hf_dtls_fragment_multiple_tails     = -1;
141 static gint hf_dtls_fragment_too_long_fragment  = -1;
142 static gint hf_dtls_fragment_error              = -1;
143 static gint hf_dtls_fragment_count              = -1;
144 static gint hf_dtls_reassembled_in              = -1;
145 static gint hf_dtls_reassembled_length          = -1;
146
147 /* Initialize the subtree pointers */
148 static gint ett_dtls                   = -1;
149 static gint ett_dtls_record            = -1;
150 static gint ett_dtls_alert             = -1;
151 static gint ett_dtls_handshake         = -1;
152 static gint ett_dtls_cipher_suites     = -1;
153 static gint ett_dtls_comp_methods      = -1;
154 static gint ett_dtls_extension         = -1;
155 static gint ett_dtls_certs             = -1;
156 static gint ett_dtls_cert_types        = -1;
157 static gint ett_dtls_dnames            = -1;
158
159 static gint ett_dtls_fragment          = -1;
160 static gint ett_dtls_fragments         = -1;
161
162 static GHashTable         *dtls_session_hash         = NULL;
163 static GHashTable         *dtls_key_hash             = NULL;
164 static GHashTable         *dtls_fragment_table       = NULL;
165 static GTree*              dtls_associations         = NULL;
166 static dissector_handle_t  dtls_handle               = NULL;
167 static StringInfo          dtls_compressed_data      = {NULL, 0};
168 static StringInfo          dtls_decrypted_data       = {NULL, 0};
169 static gint                dtls_decrypted_data_avail = 0;
170
171 static uat_t *dtlsdecrypt_uat      = NULL;
172 static gchar *dtls_keys_list       = NULL;
173 #ifdef HAVE_LIBGNUTLS
174 static gchar *dtls_debug_file_name = NULL;
175 #endif
176
177 static heur_dissector_list_t heur_subdissector_list;
178
179 static const fragment_items dtls_frag_items = {
180   /* Fragment subtrees */
181   &ett_dtls_fragment,
182   &ett_dtls_fragments,
183   /* Fragment fields */
184   &hf_dtls_fragments,
185   &hf_dtls_fragment,
186   &hf_dtls_fragment_overlap,
187   &hf_dtls_fragment_overlap_conflicts,
188   &hf_dtls_fragment_multiple_tails,
189   &hf_dtls_fragment_too_long_fragment,
190   &hf_dtls_fragment_error,
191   &hf_dtls_fragment_count,
192   /* Reassembled in field */
193   &hf_dtls_reassembled_in,
194   /* Reassembled length field */
195   &hf_dtls_reassembled_length,
196   /* Tag */
197   "Message fragments"
198 };
199
200 /* initialize/reset per capture state data (dtls sessions cache) */
201 static void
202 dtls_init(void)
203 {
204   module_t *dtls_module = prefs_find_module("dtls");
205   pref_t   *keys_list_pref;
206
207   ssl_common_init(&dtls_session_hash, &dtls_decrypted_data, &dtls_compressed_data);
208   fragment_table_init (&dtls_fragment_table);
209
210   /* We should have loaded "keys_list" by now. Mark it obsolete */
211   if (dtls_module) {
212     keys_list_pref = prefs_find_preference(dtls_module, "keys_list");
213     if (! prefs_get_preference_obsolete(keys_list_pref)) {
214       prefs_set_preference_obsolete(keys_list_pref);
215     }
216   }
217 }
218
219 /* parse dtls related preferences (private keys and ports association strings) */
220 static void
221 dtls_parse_uat(void)
222 {
223   ep_stack_t       tmp_stack;
224   SslAssociation  *tmp_assoc;
225   guint            i;
226
227   if (dtls_key_hash)
228   {
229       g_hash_table_foreach(dtls_key_hash, ssl_private_key_free, NULL);
230       g_hash_table_destroy(dtls_key_hash);
231   }
232
233   /* remove only associations created from key list */
234   tmp_stack = ep_stack_new();
235   g_tree_foreach(dtls_associations, ssl_assoc_from_key_list, tmp_stack);
236   while ((tmp_assoc = ep_stack_pop(tmp_stack)) != NULL) {
237     ssl_association_remove(dtls_associations, tmp_assoc);
238   }
239
240   /* parse private keys string, load available keys and put them in key hash*/
241   dtls_key_hash = g_hash_table_new(ssl_private_key_hash, ssl_private_key_equal);
242
243   ssl_set_debug(dtls_debug_file_name);
244
245   if (ndtlsdecrypt > 0)
246   {
247     for (i = 0; i < ndtlsdecrypt; i++)
248     {
249       ssldecrypt_assoc_t *d = &(dtlskeylist_uats[i]);
250       ssl_parse_key_list(d, dtls_key_hash, dtls_associations, dtls_handle, FALSE);
251     }
252   }
253
254   dissector_add_handle("sctp.port", dtls_handle);
255   dissector_add_handle("udp.port", dtls_handle);
256 }
257
258 static void
259 dtls_parse_old_keys(void)
260 {
261   gchar          **old_keys, **parts, *err;
262   guint            i;
263   GString         *uat_entry = g_string_new("");
264
265   /* Import old-style keys */
266   if (dtlsdecrypt_uat && dtls_keys_list && dtls_keys_list[0]) {
267     old_keys = g_strsplit(dtls_keys_list, ";", 0);
268     for (i = 0; old_keys[i] != NULL; i++) {
269       parts = g_strsplit(old_keys[i], ",", 4);
270       if (parts[0] && parts[1] && parts[2] && parts[3]) {
271         g_string_printf(uat_entry, "\"%s\",\"%s\",\"%s\",\"%s\",\"\"",
272                         parts[0], parts[1], parts[2], parts[3]);
273         if (!uat_load_str(dtlsdecrypt_uat, uat_entry->str, &err)) {
274           ssl_debug_printf("dtls_parse: Can't load UAT string %s: %s\n",
275                            uat_entry->str, err);
276         }
277       }
278       g_strfreev(parts);
279     }
280     g_strfreev(old_keys);
281   }
282   g_string_free(uat_entry, TRUE);
283
284 }
285
286 /*
287  * DTLS Dissection Routines
288  *
289  */
290
291 /* record layer dissector */
292 static gint dissect_dtls_record(tvbuff_t *tvb, packet_info *pinfo,
293                                 proto_tree *tree, guint32 offset,
294                                 guint *conv_version,
295                                 SslDecryptSession *conv_data);
296
297 /* change cipher spec dissector */
298 static void dissect_dtls_change_cipher_spec(tvbuff_t *tvb,
299                                             proto_tree *tree,
300                                             guint32 offset,
301                                             guint *conv_version, guint8 content_type);
302
303 /* alert message dissector */
304 static void dissect_dtls_alert(tvbuff_t *tvb, packet_info *pinfo,
305                                proto_tree *tree, guint32 offset,
306                                guint *conv_version);
307
308 /* handshake protocol dissector */
309 static void dissect_dtls_handshake(tvbuff_t *tvb, packet_info *pinfo,
310                                    proto_tree *tree, guint32 offset,
311                                    guint32 record_length,
312                                    guint *conv_version,
313                                    SslDecryptSession *conv_data, guint8 content_type);
314
315
316 static void dissect_dtls_hnd_cli_hello(tvbuff_t *tvb,
317                                        proto_tree *tree,
318                                        guint32 offset, guint32 length,
319                                        SslDecryptSession* ssl);
320
321 static int dissect_dtls_hnd_hello_verify_request(tvbuff_t *tvb,
322                                                   proto_tree *tree,
323                                                   guint32 offset,
324                                                   SslDecryptSession* ssl);
325
326 static int dissect_dtls_hnd_srv_hello(tvbuff_t *tvb,
327                                        proto_tree *tree,
328                                        guint32 offset, guint32 length,
329                                        SslDecryptSession* ssl);
330
331 static void dissect_dtls_hnd_cert(tvbuff_t *tvb,
332                                   proto_tree *tree, guint32 offset, packet_info *pinfo);
333
334 static void dissect_dtls_hnd_cert_req(tvbuff_t *tvb,
335                                       proto_tree *tree,
336                                       guint32 offset);
337
338 static void dissect_dtls_hnd_finished(tvbuff_t *tvb,
339                                       proto_tree *tree,
340                                       guint32 offset,
341                                       guint* conv_version);
342
343 /*
344  * Support Functions
345  *
346  */
347 /*static void ssl_set_conv_version(packet_info *pinfo, guint version);*/
348 static gint  dtls_is_valid_handshake_type(guint8 type);
349
350 static gint  dtls_is_authoritative_version_message(guint8 content_type,
351                                                    guint8 next_byte);
352 static gint  looks_like_dtls(tvbuff_t *tvb, guint32 offset);
353
354 /*********************************************************************
355  *
356  * Main dissector
357  *
358  *********************************************************************/
359 /*
360  * Code to actually dissect the packets
361  */
362 static void
363 dissect_dtls(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
364 {
365
366   conversation_t    *conversation;
367   void              *conv_data;
368   proto_item        *ti;
369   proto_tree        *dtls_tree;
370   guint32            offset;
371   gboolean           first_record_in_frame;
372   SslDecryptSession *ssl_session;
373   guint*             conv_version;
374
375   ti                    = NULL;
376   dtls_tree             = NULL;
377   offset                = 0;
378   first_record_in_frame = TRUE;
379   ssl_session           = NULL;
380   top_tree              = tree;
381
382   /* Track the version using conversations allows
383    * us to more frequently set the protocol column properly
384    * for continuation data frames.
385    *
386    * Also: We use the copy in conv_version as our cached copy,
387    *       so that we don't have to search the conversation
388    *       table every time we want the version; when setting
389    *       the conv_version, must set the copy in the conversation
390    *       in addition to conv_version
391    */
392   conversation = find_or_create_conversation(pinfo);
393   conv_data    = conversation_get_proto_data(conversation, proto_dtls);
394
395   /* manage dtls decryption data */
396   /*get a valid ssl session pointer*/
397   if (conv_data != NULL)
398     ssl_session = conv_data;
399   else {
400     SslService dummy;
401
402     ssl_session = se_alloc0(sizeof(SslDecryptSession));
403     ssl_session_init(ssl_session);
404     ssl_session->version = SSL_VER_UNKNOWN;
405     conversation_add_proto_data(conversation, proto_dtls, ssl_session);
406
407     /* we need to know witch side of conversation is speaking */
408     if (ssl_packet_from_server(ssl_session, dtls_associations, pinfo)) {
409       dummy.addr = pinfo->src;
410       dummy.port = pinfo->srcport;
411     }
412     else {
413       dummy.addr = pinfo->dst;
414       dummy.port = pinfo->destport;
415     }
416     ssl_debug_printf("dissect_dtls server %s:%d\n",
417                      ep_address_to_str(&dummy.addr),dummy.port);
418
419     /* try to retrive private key for this service. Do it now 'cause pinfo
420      * is not always available
421      * Note that with HAVE_LIBGNUTLS undefined private_key is allways 0
422      * and thus decryption never engaged*/
423     ssl_session->private_key = g_hash_table_lookup(dtls_key_hash, &dummy);
424     if (!ssl_session->private_key)
425       ssl_debug_printf("dissect_dtls can't find private key for this server!\n");
426   }
427   conv_version= & ssl_session->version;
428
429   /* try decryption only the first time we see this packet
430    * (to keep cipher synchronized) */
431   if (pinfo->fd->flags.visited)
432     ssl_session = NULL;
433
434   /* Initialize the protocol column; we'll set it later when we
435    * figure out what flavor of DTLS it is (actually only one
436    version exists). */
437   col_set_str(pinfo->cinfo, COL_PROTOCOL, "DTLS");
438
439   /* clear the the info column */
440   col_clear(pinfo->cinfo, COL_INFO);
441
442   /* Create display subtree for SSL as a whole */
443   if (tree)
444     {
445       ti = proto_tree_add_item(tree, proto_dtls, tvb, 0, -1, ENC_NA);
446       dtls_tree = proto_item_add_subtree(ti, ett_dtls);
447     }
448
449   /* iterate through the records in this tvbuff */
450   while (tvb_reported_length_remaining(tvb, offset) != 0)
451     {
452       /* on second and subsequent records per frame
453        * add a delimiter on info column
454        */
455       if (!first_record_in_frame)
456         {
457           col_append_str(pinfo->cinfo, COL_INFO, ", ");
458         }
459
460       /* first try to dispatch off the cached version
461        * known to be associated with the conversation
462        */
463       switch(*conv_version) {
464       case SSL_VER_DTLS:
465         offset = dissect_dtls_record(tvb, pinfo, dtls_tree,
466                                      offset, conv_version,
467                                      ssl_session);
468         break;
469
470         /* that failed, so apply some heuristics based
471          * on this individual packet
472          */
473       default:
474         if (looks_like_dtls(tvb, offset))
475           {
476             /* looks like dtls */
477             offset = dissect_dtls_record(tvb, pinfo, dtls_tree,
478                                          offset, conv_version,
479                                          ssl_session);
480           }
481         else
482           {
483             /* looks like something unknown, so lump into
484              * continuation data
485              */
486             offset = tvb_length(tvb);
487             col_append_str(pinfo->cinfo, COL_INFO,
488                              "Continuation Data");
489
490             /* Set the protocol column */
491             col_set_str(pinfo->cinfo, COL_PROTOCOL, "DTLS");
492           }
493         break;
494       }
495
496       /* set up for next record in frame, if any */
497       first_record_in_frame = FALSE;
498     }
499
500   tap_queue_packet(dtls_tap, pinfo, NULL);
501 }
502
503 static gboolean
504 dissect_dtls_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
505 {
506   /* Stronger confirmation of DTLS packet is provided by verifying the
507    * payload length against the remainder of the UDP packet size. */
508   guint length = tvb_length(tvb);
509   guint offset = 0;
510
511   if (tvb_reported_length(tvb) == length) {
512     while (offset + 13 <= length && looks_like_dtls(tvb, offset)) {
513       /* Advance offset to the end of the current DTLS record */
514       offset += tvb_get_ntohs(tvb, offset + 11) + 13;
515       if (offset == length) {
516         dissect_dtls(tvb, pinfo, tree);
517         return TRUE;
518       }
519     }
520
521     if (pinfo->fragmented && offset >= 13) {
522       dissect_dtls(tvb, pinfo, tree);
523       return TRUE;
524     }
525     return FALSE;
526   }
527
528   /* We've got a truncated packet - do our best with what we've got. */
529   while (tvb_length_remaining(tvb, offset) >= 3) {
530     if (!looks_like_dtls(tvb, offset))
531       return FALSE;
532
533     offset += 3;
534     if (tvb_length_remaining(tvb, offset) >= 10 ) {
535       offset += tvb_get_ntohs(tvb, offset + 8) + 10;
536     } else {
537       /* Dissect what we've got, which might be as little as 3 bytes. */
538       dissect_dtls(tvb, pinfo, tree);
539       return TRUE;
540     }
541     if (offset == length) {
542       /* Can this ever happen?  Well, just in case ... */
543       dissect_dtls(tvb, pinfo, tree);
544       return TRUE;
545     }
546   }
547
548   /* One last check to see if the current offset is at least less than the
549    * original number of bytes present before truncation or we're dealing with
550    * a packet fragment that's also been truncated. */
551   if ((length >= 3) && (offset <= tvb_reported_length(tvb) || pinfo->fragmented)) {
552     dissect_dtls(tvb, pinfo, tree);
553     return TRUE;
554   }
555   return FALSE;
556 }
557
558 static gint
559 decrypt_dtls_record(tvbuff_t *tvb, packet_info *pinfo, guint32 offset,
560                     guint32 record_length, guint8 content_type, SslDecryptSession* ssl,
561                     gboolean save_plaintext)
562 {
563   gint        ret;
564   SslDecoder *decoder;
565
566   ret = 0;
567
568   /* if we can decrypt and decryption have success
569    * add decrypted data to this packet info */
570   ssl_debug_printf("decrypt_dtls_record: app_data len %d, ssl state %X\n",
571                    record_length, ssl->state);
572   if (!ssl || (!save_plaintext && !(ssl->state & SSL_HAVE_SESSION_KEY))) {
573     ssl_debug_printf("decrypt_dtls_record: no session key\n");
574     return ret;
575   }
576
577   /* retrive decoder for this packet direction */
578   if (ssl_packet_from_server(ssl, dtls_associations, pinfo) != 0) {
579     ssl_debug_printf("decrypt_dtls_record: using server decoder\n");
580     decoder = ssl->server;
581   }
582   else {
583     ssl_debug_printf("decrypt_dtls_record: using client decoder\n");
584     decoder = ssl->client;
585   }
586
587   /* ensure we have enough storage space for decrypted data */
588   if (record_length > dtls_decrypted_data.data_len)
589     {
590       ssl_debug_printf("decrypt_dtls_record: allocating %d bytes"
591                        " for decrypt data (old len %d)\n",
592                        record_length + 32, dtls_decrypted_data.data_len);
593       dtls_decrypted_data.data = g_realloc(dtls_decrypted_data.data,
594                                            record_length + 32);
595       dtls_decrypted_data.data_len = record_length + 32;
596     }
597
598   /* run decryption and add decrypted payload to protocol data, if decryption
599    * is successful*/
600   dtls_decrypted_data_avail = dtls_decrypted_data.data_len;
601   if (ssl->state & SSL_HAVE_SESSION_KEY) {
602     if (ssl_decrypt_record(ssl, decoder, content_type, tvb_get_ptr(tvb, offset, record_length), record_length,
603                            &dtls_compressed_data, &dtls_decrypted_data, &dtls_decrypted_data_avail) == 0)
604       ret = 1;
605   }
606   else if (ssl->cipher == 0x0001 || ssl->cipher == 0x0002) {
607     /* Non-encrypting cipher RSA-NULL-MD5 or RSA-NULL-SHA */
608     memcpy(dtls_decrypted_data.data, tvb_get_ptr(tvb, offset, record_length), record_length);
609     dtls_decrypted_data_avail = dtls_decrypted_data.data_len = record_length;
610     ret = 1;
611   }
612
613   if (ret && save_plaintext) {
614     ssl_add_data_info(proto_dtls, pinfo, dtls_decrypted_data.data, dtls_decrypted_data_avail,
615                       tvb_raw_offset(tvb)+offset, 0);
616   }
617
618   return ret;
619 }
620
621
622
623
624
625 /*********************************************************************
626  *
627  * DTLS Dissection Routines
628  *
629  *********************************************************************/
630 static gint
631 dissect_dtls_record(tvbuff_t *tvb, packet_info *pinfo,
632                     proto_tree *tree, guint32 offset,
633                     guint *conv_version,
634                     SslDecryptSession* ssl)
635 {
636
637   /*
638    *    struct {
639    *        uint8 major, minor;
640    *    } ProtocolVersion;
641    *
642    *
643    *    enum {
644    *        change_cipher_spec(20), alert(21), handshake(22),
645    *        application_data(23), (255)
646    *    } ContentType;
647    *
648    *    struct {
649    *        ContentType type;
650    *        ProtocolVersion version;
651    *        uint16 epoch;               // New field
652    *        uint48 sequence_number;     // New field
653    *        uint16 length;
654    *        opaque fragment[TLSPlaintext.length];
655    *    } DTLSPlaintext;
656    */
657
658   guint32         record_length;
659   guint16         version;
660   guint16         epoch;
661   gdouble         sequence_number;
662   gint64          sequence_number_temp;
663   guint8          content_type;
664   guint8          next_byte;
665   proto_tree     *ti;
666   proto_tree     *dtls_record_tree;
667   SslAssociation *association;
668   SslDataInfo    *appl_data;
669
670   ti               = NULL;
671   dtls_record_tree = NULL;
672
673   /*
674    * Get the record layer fields of interest
675    */
676   content_type          = tvb_get_guint8(tvb, offset);
677   version               = tvb_get_ntohs(tvb, offset + 1);
678   epoch                 = tvb_get_ntohs(tvb, offset + 3);
679   sequence_number       = tvb_get_ntohl(tvb, offset + 7);
680   sequence_number_temp  = tvb_get_ntohs(tvb, offset + 5);
681   sequence_number_temp  = sequence_number_temp<<32;
682   sequence_number      += sequence_number_temp;
683   record_length         = tvb_get_ntohs(tvb, offset + 11);
684
685   if(ssl){
686     if(ssl_packet_from_server(ssl, dtls_associations, pinfo)){
687      if (ssl->server) {
688       ssl->server->seq=(guint32)sequence_number;
689       ssl->server->epoch=epoch;
690      }
691     }
692     else{
693      if (ssl->client) {
694       ssl->client->seq=(guint32)sequence_number;
695       ssl->client->epoch=epoch;
696      }
697     }
698   }
699   if (!ssl_is_valid_content_type(content_type)) {
700
701     /* if we don't have a valid content_type, there's no sense
702      * continuing any further
703      */
704     col_append_str(pinfo->cinfo, COL_INFO, "Continuation Data");
705
706     /* Set the protocol column */
707     col_set_str(pinfo->cinfo, COL_PROTOCOL, "DTLS");
708     return offset + 13 + record_length;
709   }
710
711   /*
712    * If GUI, fill in record layer part of tree
713    */
714
715   if (tree)
716     {
717       /* add the record layer subtree header */
718       tvb_ensure_bytes_exist(tvb, offset, 13 + record_length);
719       ti = proto_tree_add_item(tree, hf_dtls_record, tvb,
720                                offset, 13 + record_length, ENC_NA);
721       dtls_record_tree = proto_item_add_subtree(ti, ett_dtls_record);
722     }
723
724   if (dtls_record_tree)
725     {
726
727       /* show the one-byte content type */
728       proto_tree_add_item(dtls_record_tree, hf_dtls_record_content_type,
729                           tvb, offset, 1, ENC_BIG_ENDIAN);
730       offset++;
731
732       /* add the version */
733       proto_tree_add_item(dtls_record_tree, hf_dtls_record_version, tvb,
734                           offset, 2, ENC_BIG_ENDIAN);
735       offset += 2;
736
737       /* show epoch */
738       proto_tree_add_uint(dtls_record_tree, hf_dtls_record_epoch, tvb, offset, 2, epoch);
739
740       offset += 2;
741
742       /* add sequence_number */
743
744       proto_tree_add_double(dtls_record_tree, hf_dtls_record_sequence_number, tvb, offset, 6, sequence_number);
745
746       offset += 6;
747
748       /* add the length */
749       proto_tree_add_uint(dtls_record_tree, hf_dtls_record_length, tvb,
750                           offset, 2, record_length);
751       offset += 2;    /* move past length field itself */
752
753     }
754   else
755     {
756       /* if no GUI tree, then just skip over those fields */
757       offset += 13;
758     }
759
760
761   /*
762    * if we don't already have a version set for this conversation,
763    * but this message's version is authoritative (i.e., it's
764    * not client_hello, then save the version to to conversation
765    * structure and print the column version
766    */
767   next_byte = tvb_get_guint8(tvb, offset);
768   if (*conv_version == SSL_VER_UNKNOWN
769       && dtls_is_authoritative_version_message(content_type, next_byte))
770     {
771       if (version == DTLSV1DOT0_VERSION ||
772           version == DTLSV1DOT0_VERSION_NOT)
773         {
774
775           *conv_version = SSL_VER_DTLS;
776           if (ssl) {
777             ssl->version_netorder = version;
778             ssl->state |= SSL_VERSION;
779           }
780           /*ssl_set_conv_version(pinfo, ssl->version);*/
781         }
782     }
783   if (check_col(pinfo->cinfo, COL_PROTOCOL))
784     {
785       if (version == DTLSV1DOT0_VERSION)
786         {
787           col_set_str(pinfo->cinfo, COL_PROTOCOL,
788                       val_to_str_const(SSL_VER_DTLS, ssl_version_short_names, "SSL"));
789         }
790       else
791         {
792           col_set_str(pinfo->cinfo, COL_PROTOCOL,"DTLS");
793         }
794     }
795
796   /*
797    * now dissect the next layer
798    */
799   ssl_debug_printf("dissect_dtls_record: content_type %d\n",content_type);
800
801   /* PAOLO try to decrypt each record (we must keep ciphers "in sync")
802    * store plain text only for app data */
803
804   switch (content_type) {
805   case SSL_ID_CHG_CIPHER_SPEC:
806     col_append_str(pinfo->cinfo, COL_INFO, "Change Cipher Spec");
807     dissect_dtls_change_cipher_spec(tvb, dtls_record_tree,
808                                     offset, conv_version, content_type);
809     break;
810   case SSL_ID_ALERT:
811     {
812       tvbuff_t* decrypted;
813       decrypted = 0;
814       if (ssl&&decrypt_dtls_record(tvb, pinfo, offset,
815                                    record_length, content_type, ssl, FALSE))
816         ssl_add_record_info(proto_dtls, pinfo, dtls_decrypted_data.data,
817                             dtls_decrypted_data_avail, offset);
818
819       /* try to retrive and use decrypted alert record, if any. */
820       decrypted = ssl_get_record_info(tvb, proto_dtls, pinfo, offset);
821       if (decrypted) {
822         dissect_dtls_alert(decrypted, pinfo, dtls_record_tree, 0,
823                            conv_version);
824         add_new_data_source(pinfo, decrypted, "Decrypted SSL record");
825       } else {
826         dissect_dtls_alert(tvb, pinfo, dtls_record_tree, offset,
827                            conv_version);
828       }
829       break;
830     }
831   case SSL_ID_HANDSHAKE:
832     {
833       tvbuff_t* decrypted;
834       decrypted = 0;
835       /* try to decrypt handshake record, if possible. Store decrypted
836        * record for later usage. The offset is used as 'key' to itentify
837        * this record into the packet (we can have multiple handshake records
838        * in the same frame) */
839       if (ssl && decrypt_dtls_record(tvb, pinfo, offset,
840                                      record_length, content_type, ssl, FALSE))
841         ssl_add_record_info(proto_dtls, pinfo, dtls_decrypted_data.data,
842                             dtls_decrypted_data_avail, offset);
843
844       /* try to retrive and use decrypted handshake record, if any. */
845       decrypted = ssl_get_record_info(tvb, proto_dtls, pinfo, offset);
846       if (decrypted) {
847         dissect_dtls_handshake(decrypted, pinfo, dtls_record_tree, 0,
848                                tvb_length(decrypted), conv_version, ssl, content_type);
849         add_new_data_source(pinfo, decrypted, "Decrypted SSL record");
850       } else {
851         dissect_dtls_handshake(tvb, pinfo, dtls_record_tree, offset,
852                                record_length, conv_version, ssl, content_type);
853       }
854       break;
855     }
856   case SSL_ID_APP_DATA:
857     if (ssl)
858       decrypt_dtls_record(tvb, pinfo, offset,
859                           record_length, content_type, ssl, TRUE);
860
861     /* show on info colum what we are decoding */
862     col_append_str(pinfo->cinfo, COL_INFO, "Application Data");
863
864     if (!dtls_record_tree)
865       break;
866
867     /* we need dissector information when the selected packet is shown.
868      * ssl session pointer is NULL at that time, so we can't access
869      * info cached there*/
870     association = ssl_association_find(dtls_associations, pinfo->srcport, pinfo->ptype == PT_TCP);
871     association = association ? association : ssl_association_find(dtls_associations, pinfo->destport, pinfo->ptype == PT_TCP);
872
873     proto_item_set_text(dtls_record_tree,
874                         "%s Record Layer: %s Protocol: %s",
875                         val_to_str_const(*conv_version, ssl_version_short_names, "SSL"),
876                         val_to_str(content_type, ssl_31_content_type, "unknown"),
877                         association?association->info:"Application Data");
878
879     /* show decrypted data info, if available */
880     appl_data = ssl_get_data_info(proto_dtls, pinfo, tvb_raw_offset(tvb)+offset);
881     if (appl_data && (appl_data->plain_data.data_len > 0))
882       {
883         tvbuff_t *next_tvb;
884         gboolean  dissected;
885         /* try to dissect decrypted data*/
886         ssl_debug_printf("dissect_dtls_record decrypted len %d\n",
887                          appl_data->plain_data.data_len);
888
889         /* create a new TVB structure for desegmented data */
890         next_tvb = tvb_new_child_real_data(tvb,
891                                            appl_data->plain_data.data,
892                                            appl_data->plain_data.data_len,
893                                            appl_data->plain_data.data_len);
894
895         add_new_data_source(pinfo, next_tvb, "Decrypted DTLS data");
896
897         /* find out a dissector using server port*/
898         if (association && association->handle) {
899           ssl_debug_printf("dissect_dtls_record found association %p\n", (void *)association);
900           ssl_print_text_data("decrypted app data",appl_data->plain_data.data, appl_data->plain_data.data_len);
901
902           dissected = call_dissector_only(association->handle, next_tvb, pinfo, top_tree);
903         }
904         else {
905           /* try heuristic subdissectors */
906           dissected = dissector_try_heuristic(heur_subdissector_list, next_tvb, pinfo, top_tree);
907         }
908         if (dissected)
909           break;
910       }
911
912     proto_tree_add_item(dtls_record_tree, hf_dtls_record_appdata, tvb,
913                         offset, record_length, ENC_NA);
914     break;
915
916   default:
917     /* shouldn't get here since we check above for valid types */
918     col_append_str(pinfo->cinfo, COL_INFO, "Bad DTLS Content Type");
919     break;
920   }
921   offset += record_length; /* skip to end of record */
922
923   return offset;
924 }
925
926 /* dissects the change cipher spec procotol, filling in the tree */
927 static void
928 dissect_dtls_change_cipher_spec(tvbuff_t *tvb,
929                                 proto_tree *tree, guint32 offset,
930                                 guint* conv_version, guint8 content_type)
931 {
932   /*
933    * struct {
934    *     enum { change_cipher_spec(1), (255) } type;
935    * } ChangeCipherSpec;
936    *
937    */
938   if (tree)
939     {
940       proto_item_set_text(tree,
941                           "%s Record Layer: %s Protocol: Change Cipher Spec",
942                           val_to_str_const(*conv_version, ssl_version_short_names, "SSL"),
943                           val_to_str(content_type, ssl_31_content_type, "unknown"));
944       proto_tree_add_item(tree, hf_dtls_change_cipher_spec, tvb,
945                           offset, 1, ENC_NA);
946     }
947 }
948
949 /* dissects the alert message, filling in the tree */
950 static void
951 dissect_dtls_alert(tvbuff_t *tvb, packet_info *pinfo,
952                    proto_tree *tree, guint32 offset,
953                    guint* conv_version)
954 {
955   /*     struct {
956    *         AlertLevel level;
957    *         AlertDescription description;
958    *     } Alert;
959    */
960
961   proto_tree  *ti;
962   proto_tree  *ssl_alert_tree;
963   const gchar *level;
964   const gchar *desc;
965   guint8       byte;
966
967   ssl_alert_tree = NULL;
968
969   if (tree)
970     {
971       ti = proto_tree_add_item(tree, hf_dtls_alert_message, tvb,
972                                offset, 2, ENC_NA);
973       ssl_alert_tree = proto_item_add_subtree(ti, ett_dtls_alert);
974     }
975
976   /*
977    * set the record layer label
978    */
979
980   /* first lookup the names for the alert level and description */
981   byte  = tvb_get_guint8(tvb, offset); /* grab the level byte */
982   level = match_strval(byte, ssl_31_alert_level);
983
984   byte  = tvb_get_guint8(tvb, offset+1); /* grab the desc byte */
985   desc  = match_strval(byte, ssl_31_alert_description);
986
987   /* now set the text in the record layer line */
988   if (level && desc)
989     {
990       if (check_col(pinfo->cinfo, COL_INFO))
991         col_append_fstr(pinfo->cinfo, COL_INFO,
992                         "Alert (Level: %s, Description: %s)",
993                         level, desc);
994     }
995   else
996     {
997       col_append_str(pinfo->cinfo, COL_INFO, "Encrypted Alert");
998     }
999
1000   if (tree)
1001     {
1002       if (level && desc)
1003         {
1004           proto_item_set_text(tree, "%s Record Layer: Alert "
1005                               "(Level: %s, Description: %s)",
1006                               val_to_str_const(*conv_version, ssl_version_short_names, "SSL"),
1007                               level, desc);
1008           proto_tree_add_item(ssl_alert_tree, hf_dtls_alert_message_level,
1009                               tvb, offset++, 1, ENC_BIG_ENDIAN);
1010
1011           proto_tree_add_item(ssl_alert_tree, hf_dtls_alert_message_description,
1012                               tvb, offset, 1, ENC_BIG_ENDIAN);
1013         }
1014       else
1015         {
1016           proto_item_set_text(tree,
1017                               "%s Record Layer: Encrypted Alert",
1018                               val_to_str_const(*conv_version, ssl_version_short_names, "SSL"));
1019           proto_item_set_text(ssl_alert_tree,
1020                               "Alert Message: Encrypted Alert");
1021         }
1022     }
1023 }
1024
1025
1026 /* dissects the handshake protocol, filling the tree */
1027 static void
1028 dissect_dtls_handshake(tvbuff_t *tvb, packet_info *pinfo,
1029                        proto_tree *tree, guint32 offset,
1030                        guint32 record_length, guint *conv_version,
1031                        SslDecryptSession* ssl, guint8 content_type)
1032 {
1033   /*     struct {
1034    *         HandshakeType msg_type;
1035    *         uint24 length;
1036    *         uint16 message_seq;          //new field
1037    *         uint24 fragment_offset;      //new field
1038    *         uint24 fragment_length;      //new field
1039    *         select (HandshakeType) {
1040    *             case hello_request:       HelloRequest;
1041    *             case client_hello:        ClientHello;
1042    *             case server_hello:        ServerHello;
1043    *             case hello_verify_request: HelloVerifyRequest;     //new field
1044    *             case certificate:         Certificate;
1045    *             case server_key_exchange: ServerKeyExchange;
1046    *             case certificate_request: CertificateRequest;
1047    *             case server_hello_done:   ServerHelloDone;
1048    *             case certificate_verify:  CertificateVerify;
1049    *             case client_key_exchange: ClientKeyExchange;
1050    *             case finished:            Finished;
1051    *         } body;
1052    *     } Handshake;
1053    */
1054
1055   proto_tree  *ti;
1056   proto_tree  *ssl_hand_tree;
1057   const gchar *msg_type_str;
1058   guint8       msg_type;
1059   guint32      length;
1060   guint16      message_seq;
1061   guint32      fragment_offset;
1062   guint32      fragment_length;
1063   gboolean     first_iteration;
1064
1065   ti              = NULL;
1066   ssl_hand_tree   = NULL;
1067   msg_type_str    = NULL;
1068   first_iteration = TRUE;
1069
1070   /* just as there can be multiple records per packet, there
1071    * can be multiple messages per record as long as they have
1072    * the same content type
1073    *
1074    * we really only care about this for handshake messages
1075    */
1076
1077   /* set record_length to the max offset */
1078   record_length += offset;
1079   for (; offset < record_length; offset += fragment_length,
1080          first_iteration = FALSE) /* set up for next pass, if any */
1081     {
1082       fragment_data *frag_msg = NULL;
1083       tvbuff_t      *new_tvb  = NULL;
1084       const gchar   *frag_str = NULL;
1085       gboolean       fragmented;
1086
1087       msg_type        = tvb_get_guint8(tvb, offset);
1088       msg_type_str    = match_strval(msg_type, ssl_31_handshake_type);
1089       length          = tvb_get_ntoh24(tvb, offset + 1);
1090       message_seq     = tvb_get_ntohs(tvb,offset + 4);
1091       fragment_offset = tvb_get_ntoh24(tvb, offset + 6);
1092       fragment_length = tvb_get_ntoh24(tvb, offset + 9);
1093       fragmented      = fragment_length != length;
1094
1095       if (!msg_type_str && !first_iteration)
1096         {
1097           /* only dissect / report messages if they're
1098            * either the first message in this record
1099            * or they're a valid message type
1100            */
1101           return;
1102         }
1103
1104       /* on second and later iterations, add comma to info col */
1105       if (!first_iteration)
1106         {
1107           col_append_str(pinfo->cinfo, COL_INFO, ", ");
1108         }
1109
1110       /*
1111        * Update our info string
1112        */
1113       if (check_col(pinfo->cinfo, COL_INFO))
1114         col_append_str(pinfo->cinfo, COL_INFO, (msg_type_str != NULL)
1115                         ? msg_type_str : "Encrypted Handshake Message");
1116
1117       /* Handle fragments of known message type */
1118       if (fragmented)
1119         {
1120           gboolean frag_hand;
1121
1122           switch (msg_type) {
1123           case SSL_HND_HELLO_REQUEST:
1124           case SSL_HND_CLIENT_HELLO:
1125           case SSL_HND_HELLO_VERIFY_REQUEST:
1126           case SSL_HND_SERVER_HELLO:
1127           case SSL_HND_CERTIFICATE:
1128           case SSL_HND_SERVER_KEY_EXCHG:
1129           case SSL_HND_CERT_REQUEST:
1130           case SSL_HND_SVR_HELLO_DONE:
1131           case SSL_HND_CERT_VERIFY:
1132           case SSL_HND_CLIENT_KEY_EXCHG:
1133           case SSL_HND_FINISHED:
1134             frag_hand = TRUE;
1135             break;
1136           default:
1137             /* Ignore encrypted handshake messages */
1138             frag_hand = FALSE;
1139             break;
1140           }
1141
1142           if (frag_hand) {
1143             /* Fragmented handshake message */
1144             pinfo->fragmented = TRUE;
1145
1146             /* Don't pass the reassembly code data that doesn't exist */
1147             tvb_ensure_bytes_exist(tvb, offset, fragment_length);
1148
1149             frag_msg = fragment_add(tvb, offset+12, pinfo, message_seq,
1150                                     dtls_fragment_table,
1151                                     fragment_offset, fragment_length, TRUE);
1152             fragment_set_tot_len(pinfo, message_seq, dtls_fragment_table,
1153                                  length);
1154
1155             if (frag_msg && (fragment_length + fragment_offset) == length)
1156               {
1157                 /* Reassembled */
1158                 new_tvb = process_reassembled_data(tvb, offset+12, pinfo,
1159                                                    "Reassembled DTLS",
1160                                                    frag_msg,
1161                                                    &dtls_frag_items,
1162                                                    NULL, tree);
1163                 frag_str = " (Reassembled)";
1164               }
1165             else
1166               {
1167                 frag_str = " (Fragment)";
1168               }
1169
1170             if (check_col(pinfo->cinfo, COL_INFO))
1171               col_append_str(pinfo->cinfo, COL_INFO, frag_str);
1172           }
1173         }
1174
1175       if (tree)
1176         {
1177           /* set the label text on the record layer expanding node */
1178           if (first_iteration)
1179             {
1180               proto_item_set_text(tree, "%s Record Layer: %s Protocol: %s%s",
1181                                   val_to_str_const(*conv_version, ssl_version_short_names, "SSL"),
1182                                   val_to_str(content_type, ssl_31_content_type, "unknown"),
1183                                   (msg_type_str!=NULL) ? msg_type_str :
1184                                   "Encrypted Handshake Message",
1185                                   (frag_str!=NULL) ? frag_str : "");
1186             }
1187           else
1188             {
1189               proto_item_set_text(tree, "%s Record Layer: %s Protocol: %s%s",
1190                                   val_to_str_const(*conv_version, ssl_version_short_names, "SSL"),
1191                                   val_to_str(content_type, ssl_31_content_type, "unknown"),
1192                                   "Multiple Handshake Messages",
1193                                   (frag_str!=NULL) ? frag_str : "");
1194             }
1195
1196           /* add a subtree for the handshake protocol */
1197           ti = proto_tree_add_item(tree, hf_dtls_handshake_protocol, tvb,
1198                                    offset, fragment_length + 12, ENC_NA);
1199           ssl_hand_tree = proto_item_add_subtree(ti, ett_dtls_handshake);
1200
1201           if (ssl_hand_tree)
1202             {
1203               /* set the text label on the subtree node */
1204               proto_item_set_text(ssl_hand_tree, "Handshake Protocol: %s%s",
1205                                   (msg_type_str != NULL) ? msg_type_str :
1206                                   "Encrypted Handshake Message",
1207                                   (frag_str!=NULL) ? frag_str : "");
1208             }
1209         }
1210
1211       /* if we don't have a valid handshake type, just quit dissecting */
1212       if (!msg_type_str)
1213         return;
1214
1215       /* if we are doing ssl decryption we must dissect some requests type */
1216       if (ssl_hand_tree || ssl)
1217         {
1218           tvbuff_t *sub_tvb = NULL;
1219
1220           /* add nodes for the message type and message length */
1221           if (ssl_hand_tree)
1222             proto_tree_add_uint(ssl_hand_tree, hf_dtls_handshake_type,
1223                                 tvb, offset, 1, msg_type);
1224           offset++;
1225           if (ssl_hand_tree)
1226             proto_tree_add_uint(ssl_hand_tree, hf_dtls_handshake_length,
1227                                 tvb, offset, 3, length);
1228           offset += 3;
1229
1230           if (ssl_hand_tree)
1231             proto_tree_add_uint(ssl_hand_tree, hf_dtls_handshake_message_seq,
1232                                 tvb, offset, 2, message_seq);
1233           offset += 2;
1234           if (ssl_hand_tree)
1235             proto_tree_add_uint(ssl_hand_tree, hf_dtls_handshake_fragment_offset,
1236                                 tvb, offset, 3, fragment_offset);
1237           offset += 3;
1238           if (ssl_hand_tree)
1239             proto_tree_add_uint(ssl_hand_tree, hf_dtls_handshake_fragment_length,
1240                                 tvb, offset, 3, fragment_length);
1241           offset += 3;
1242
1243           if (fragmented && !new_tvb)
1244             {
1245               /* Skip fragmented messages not reassembled yet */
1246               continue;
1247             }
1248
1249           if (new_tvb)
1250             {
1251               sub_tvb = new_tvb;
1252             }
1253           else
1254             {
1255               sub_tvb = tvb_new_subset(tvb, offset, fragment_length,
1256                                         fragment_length);
1257             }
1258
1259           /* now dissect the handshake message, if necessary */
1260           switch (msg_type) {
1261           case SSL_HND_HELLO_REQUEST:
1262             /* hello_request has no fields, so nothing to do! */
1263             break;
1264
1265           case SSL_HND_CLIENT_HELLO:
1266             dissect_dtls_hnd_cli_hello(sub_tvb, ssl_hand_tree, 0, length, ssl);
1267             break;
1268
1269           case SSL_HND_HELLO_VERIFY_REQUEST:
1270             dissect_dtls_hnd_hello_verify_request(sub_tvb, ssl_hand_tree, 0,  ssl);
1271             break;
1272
1273           case SSL_HND_SERVER_HELLO:
1274             dissect_dtls_hnd_srv_hello(sub_tvb, ssl_hand_tree, 0, length, ssl);
1275             break;
1276
1277           case SSL_HND_CERTIFICATE:
1278             dissect_dtls_hnd_cert(sub_tvb, ssl_hand_tree, 0, pinfo);
1279             break;
1280
1281           case SSL_HND_SERVER_KEY_EXCHG:
1282             /* unimplemented */
1283             break;
1284
1285           case SSL_HND_CERT_REQUEST:
1286             dissect_dtls_hnd_cert_req(sub_tvb, ssl_hand_tree, 0);
1287             break;
1288
1289           case SSL_HND_SVR_HELLO_DONE:
1290             /* server_hello_done has no fields, so nothing to do! */
1291             break;
1292
1293           case SSL_HND_CERT_VERIFY:
1294             /* unimplemented */
1295             break;
1296
1297           case SSL_HND_CLIENT_KEY_EXCHG:
1298             {
1299               /* here we can have all the data to build session key */
1300               StringInfo encrypted_pre_master;
1301               gint ret;
1302               guint encrlen = length, skip;
1303               skip = 0;
1304
1305               if (!ssl)
1306                 break;
1307
1308               /* check for required session data */
1309               ssl_debug_printf("dissect_dtls_handshake found SSL_HND_CLIENT_KEY_EXCHG, state %X\n",
1310                                ssl->state);
1311               if ((ssl->state & (SSL_CIPHER|SSL_CLIENT_RANDOM|SSL_SERVER_RANDOM|SSL_VERSION)) !=
1312                   (SSL_CIPHER|SSL_CLIENT_RANDOM|SSL_SERVER_RANDOM|SSL_VERSION)) {
1313                 ssl_debug_printf("dissect_dtls_handshake not enough data to generate key (required state %X)\n",
1314                                  (SSL_CIPHER|SSL_CLIENT_RANDOM|SSL_SERVER_RANDOM|SSL_VERSION));
1315                 break;
1316               }
1317
1318               encrypted_pre_master.data = se_alloc(encrlen);
1319               encrypted_pre_master.data_len = encrlen;
1320               tvb_memcpy(tvb, encrypted_pre_master.data, offset+skip, encrlen);
1321
1322               if (!ssl->private_key) {
1323                 ssl_debug_printf("dissect_dtls_handshake can't find private key\n");
1324                 break;
1325               }
1326
1327               /* go with ssl key processessing; encrypted_pre_master
1328                * will be used for master secret store*/
1329               ret = ssl_decrypt_pre_master_secret(ssl, &encrypted_pre_master, ssl->private_key);
1330               if (ret < 0) {
1331                 ssl_debug_printf("dissect_dtls_handshake can't decrypt pre master secret\n");
1332                 break;
1333               }
1334               if (ssl_generate_keyring_material(ssl)<0) {
1335                 ssl_debug_printf("dissect_dtls_handshake can't generate keyring material\n");
1336                 break;
1337               }
1338               ssl->state |= SSL_HAVE_SESSION_KEY;
1339               ssl_save_session(ssl, dtls_session_hash);
1340               ssl_debug_printf("dissect_dtls_handshake session keys successfully generated\n");
1341             }
1342             break;
1343
1344           case SSL_HND_FINISHED:
1345             dissect_dtls_hnd_finished(sub_tvb, ssl_hand_tree,
1346                                       0, conv_version);
1347             break;
1348           }
1349
1350         }
1351       else{
1352         offset += 12;        /* skip the handshake header when handshake is not processed*/
1353       }
1354     }
1355 }
1356
1357 static gint
1358 dissect_dtls_hnd_hello_common(tvbuff_t *tvb, proto_tree *tree,
1359                               guint32 offset, SslDecryptSession* ssl, gint from_server)
1360 {
1361   /* show the client's random challenge */
1362   nstime_t gmt_unix_time;
1363   guint8   session_id_length;
1364
1365   if (ssl)
1366     {
1367       /* get proper peer information*/
1368       StringInfo* rnd;
1369       if (from_server)
1370         rnd = &ssl->server_random;
1371       else
1372         rnd = &ssl->client_random;
1373
1374       /* get provided random for keyring generation*/
1375       tvb_memcpy(tvb, rnd->data, offset, 32);
1376       rnd->data_len = 32;
1377       if (from_server)
1378         ssl->state |= SSL_SERVER_RANDOM;
1379       else
1380         ssl->state |= SSL_CLIENT_RANDOM;
1381       ssl_debug_printf("dissect_dtls_hnd_hello_common found random state %X\n",
1382                        ssl->state);
1383
1384       session_id_length = tvb_get_guint8(tvb, offset + 32);
1385       /* check stored session id info */
1386       if (from_server && (session_id_length == ssl->session_id.data_len) &&
1387           (tvb_memeql(tvb, offset+33, ssl->session_id.data, session_id_length) == 0))
1388         {
1389           /* clinet/server id match: try to restore a previous cached session*/
1390           ssl_restore_session(ssl, dtls_session_hash);
1391         }
1392       else {
1393         tvb_memcpy(tvb,ssl->session_id.data, offset+33, session_id_length);
1394         ssl->session_id.data_len = session_id_length;
1395       }
1396     }
1397
1398   if (tree)
1399     {
1400       /* show the time */
1401       gmt_unix_time.secs  = tvb_get_ntohl(tvb, offset);
1402       gmt_unix_time.nsecs = 0;
1403       proto_tree_add_time(tree, hf_dtls_handshake_random_time,
1404                           tvb, offset, 4, &gmt_unix_time);
1405       offset += 4;
1406
1407       /* show the random bytes */
1408       proto_tree_add_item(tree, hf_dtls_handshake_random_bytes,
1409                           tvb, offset, 28, ENC_NA);
1410       offset += 28;
1411
1412       /* show the session id */
1413       session_id_length = tvb_get_guint8(tvb, offset);
1414       proto_tree_add_item(tree, hf_dtls_handshake_session_id_len,
1415                           tvb, offset++, 1, ENC_BIG_ENDIAN);
1416       if (session_id_length > 0)
1417         {
1418           proto_tree_add_bytes_format(tree, hf_dtls_handshake_session_id,
1419                                       tvb, offset, session_id_length,
1420                                       NULL, "Session ID (%u byte%s)",
1421                                       session_id_length,
1422                                       plurality(session_id_length, "", "s"));
1423           offset += session_id_length;
1424         }
1425
1426     }
1427
1428   /* XXXX */
1429   return offset;
1430 }
1431
1432 static gint
1433 dissect_dtls_hnd_hello_ext(tvbuff_t *tvb,
1434                            proto_tree *tree, guint32 offset, guint32 left)
1435 {
1436   guint16     extension_length;
1437   guint16     ext_type;
1438   guint16     ext_len;
1439   proto_item *pi;
1440   proto_tree *ext_tree;
1441
1442   if (left < 2)
1443     return offset;
1444
1445   extension_length = tvb_get_ntohs(tvb, offset);
1446   proto_tree_add_uint(tree, hf_dtls_handshake_extensions_len,
1447                       tvb, offset, 2, extension_length);
1448   offset += 2;
1449   left   -= 2;
1450
1451   while (left >= 4)
1452     {
1453       ext_type = tvb_get_ntohs(tvb, offset);
1454       ext_len  = tvb_get_ntohs(tvb, offset + 2);
1455
1456       pi = proto_tree_add_text(tree, tvb, offset, 4 + ext_len,
1457                                "Extension: %s",
1458                                val_to_str(ext_type,
1459                                           tls_hello_extension_types,
1460                                           "Unknown %u"));
1461       ext_tree = proto_item_add_subtree(pi, ett_dtls_extension);
1462       if (!ext_tree)
1463         ext_tree = tree;
1464
1465       proto_tree_add_uint(ext_tree, hf_dtls_handshake_extension_type,
1466                           tvb, offset, 2, ext_type);
1467       offset += 2;
1468
1469       proto_tree_add_uint(ext_tree, hf_dtls_handshake_extension_len,
1470                           tvb, offset, 2, ext_len);
1471       offset += 2;
1472
1473       proto_tree_add_bytes_format(ext_tree, hf_dtls_handshake_extension_data,
1474                                   tvb, offset, ext_len, NULL,
1475                                   "Data (%u byte%s)", ext_len,
1476                                   plurality(ext_len, "", "s"));
1477       offset += ext_len;
1478       left   -= 2 + 2 + ext_len;
1479     }
1480
1481   return offset;
1482 }
1483
1484 static void
1485 dissect_dtls_hnd_cli_hello(tvbuff_t *tvb,
1486                            proto_tree *tree, guint32 offset, guint32 length,
1487                            SslDecryptSession*ssl)
1488 {
1489   /* struct {
1490    *     ProtocolVersion client_version;
1491    *     Random random;
1492    *     SessionID session_id;
1493    *     opaque cookie<0..32>;                   //new field
1494    *     CipherSuite cipher_suites<2..2^16-1>;
1495    *     CompressionMethod compression_methods<1..2^8-1>;
1496    *     Extension client_hello_extension_list<0..2^16-1>;
1497    * } ClientHello;
1498    *
1499    */
1500
1501   proto_tree *ti;
1502   proto_tree *cs_tree;
1503   guint16     cipher_suite_length;
1504   guint8      compression_methods_length;
1505   guint8      compression_method;
1506   guint16     start_offset   = offset;
1507   guint8      cookie_length;
1508
1509   if (tree || ssl)
1510     {
1511       /* show the client version */
1512       if (tree)
1513         proto_tree_add_item(tree, hf_dtls_handshake_client_version, tvb,
1514                             offset, 2, ENC_BIG_ENDIAN);
1515       offset += 2;
1516
1517       /* show the fields in common with server hello */
1518       offset = dissect_dtls_hnd_hello_common(tvb, tree, offset, ssl, 0);
1519
1520       /* look for a cookie */
1521       cookie_length = tvb_get_guint8(tvb, offset);
1522       if (!tree)
1523         return;
1524
1525       proto_tree_add_uint(tree, hf_dtls_handshake_cookie_len,
1526                           tvb, offset, 1, cookie_length);
1527       offset ++;            /* skip opaque length */
1528
1529       if (cookie_length > 0)
1530         {
1531           proto_tree_add_bytes_format(tree, hf_dtls_handshake_cookie,
1532                                       tvb, offset, cookie_length,
1533                                       NULL, "Cookie (%u byte%s)",
1534                                       cookie_length,
1535                                       plurality(cookie_length, "", "s"));
1536           offset += cookie_length;
1537         }
1538
1539       /* tell the user how many cipher suites there are */
1540       cipher_suite_length = tvb_get_ntohs(tvb, offset);
1541
1542       proto_tree_add_uint(tree, hf_dtls_handshake_cipher_suites_len,
1543                           tvb, offset, 2, cipher_suite_length);
1544       offset += 2;            /* skip opaque length */
1545
1546       if (cipher_suite_length > 0)
1547         {
1548           tvb_ensure_bytes_exist(tvb, offset, cipher_suite_length);
1549           ti = proto_tree_add_none_format(tree,
1550                                           hf_dtls_handshake_cipher_suites,
1551                                           tvb, offset, cipher_suite_length,
1552                                           "Cipher Suites (%u suite%s)",
1553                                           cipher_suite_length / 2,
1554                                           plurality(cipher_suite_length/2, "", "s"));
1555
1556           /* make this a subtree */
1557           cs_tree = proto_item_add_subtree(ti, ett_dtls_cipher_suites);
1558           if (!cs_tree)
1559             {
1560               cs_tree = tree; /* failsafe */
1561             }
1562
1563           while (cipher_suite_length > 0)
1564             {
1565               proto_tree_add_item(cs_tree, hf_dtls_handshake_cipher_suite,
1566                                   tvb, offset, 2, ENC_BIG_ENDIAN);
1567               offset += 2;
1568               cipher_suite_length -= 2;
1569             }
1570         }
1571
1572       /* tell the user how man compression methods there are */
1573       compression_methods_length = tvb_get_guint8(tvb, offset);
1574       proto_tree_add_uint(tree, hf_dtls_handshake_comp_methods_len,
1575                           tvb, offset, 1, compression_methods_length);
1576       offset++;
1577
1578       if (compression_methods_length > 0)
1579         {
1580           tvb_ensure_bytes_exist(tvb, offset, compression_methods_length);
1581           ti = proto_tree_add_none_format(tree,
1582                                           hf_dtls_handshake_comp_methods,
1583                                           tvb, offset, compression_methods_length,
1584                                           "Compression Methods (%u method%s)",
1585                                           compression_methods_length,
1586                                           plurality(compression_methods_length,
1587                                                     "", "s"));
1588
1589           /* make this a subtree */
1590           cs_tree = proto_item_add_subtree(ti, ett_dtls_comp_methods);
1591           if (!cs_tree)
1592             {
1593               cs_tree = tree; /* failsafe */
1594             }
1595
1596           while (compression_methods_length > 0)
1597             {
1598               compression_method = tvb_get_guint8(tvb, offset);
1599               if (compression_method < 64)
1600                 proto_tree_add_uint(cs_tree, hf_dtls_handshake_comp_method,
1601                                     tvb, offset, 1, compression_method);
1602               else if (compression_method > 63 && compression_method < 193)
1603                 proto_tree_add_text(cs_tree, tvb, offset, 1,
1604                                     "Compression Method: Reserved - to be assigned by IANA (%u)",
1605                                     compression_method);
1606               else
1607                 proto_tree_add_text(cs_tree, tvb, offset, 1,
1608                                     "Compression Method: Private use range (%u)",
1609                                     compression_method);
1610               offset++;
1611               compression_methods_length--;
1612             }
1613         }
1614
1615       if (length > offset - start_offset)
1616         {
1617           dissect_dtls_hnd_hello_ext(tvb, tree, offset,
1618                                               length -
1619                                               (offset - start_offset));
1620         }
1621     }
1622 }
1623
1624
1625 static int
1626 dissect_dtls_hnd_hello_verify_request(tvbuff_t *tvb, proto_tree *tree,
1627                                       guint32 offset, SslDecryptSession* ssl)
1628 {
1629   /*
1630    * struct {
1631    *    ProtocolVersion server_version;
1632    *    opaque cookie<0..32>;
1633    * } HelloVerifyRequest;
1634    */
1635
1636   guint8 cookie_length;
1637
1638
1639   if (tree || ssl)
1640     {
1641       /* show the client version */
1642       if (tree)
1643         proto_tree_add_item(tree, hf_dtls_handshake_server_version, tvb,
1644                             offset, 2, ENC_BIG_ENDIAN);
1645       offset += 2;
1646
1647
1648       /* look for a cookie */
1649       cookie_length = tvb_get_guint8(tvb, offset);
1650       if (!tree)
1651         return offset;
1652
1653       proto_tree_add_uint(tree, hf_dtls_handshake_cookie_len,
1654                           tvb, offset, 1, cookie_length);
1655       offset ++;            /* skip opaque length */
1656
1657       if (cookie_length > 0)
1658         {
1659           proto_tree_add_bytes_format(tree, hf_dtls_handshake_cookie,
1660                                       tvb, offset, cookie_length,
1661                                       NULL, "Cookie (%u byte%s)",
1662                                       cookie_length,
1663                                       plurality(cookie_length, "", "s"));
1664           offset += cookie_length;
1665         }
1666     }
1667     return offset;
1668 }
1669
1670 static int
1671 dissect_dtls_hnd_srv_hello(tvbuff_t *tvb,
1672                            proto_tree *tree, guint32 offset, guint32 length, SslDecryptSession* ssl)
1673 {
1674   /* struct {
1675    *     ProtocolVersion server_version;
1676    *     Random random;
1677    *     SessionID session_id;
1678    *     CipherSuite cipher_suite;
1679    *     CompressionMethod compression_method;
1680    *     Extension server_hello_extension_list<0..2^16-1>;
1681    * } ServerHello;
1682    */
1683
1684   guint16 start_offset;
1685
1686   start_offset = offset;
1687
1688   if (tree || ssl)
1689     {
1690       /* show the server version */
1691       if (tree)
1692         proto_tree_add_item(tree, hf_dtls_handshake_server_version, tvb,
1693                             offset, 2, ENC_BIG_ENDIAN);
1694       offset += 2;
1695
1696       /* first display the elements conveniently in
1697        * common with client hello
1698        */
1699       offset = dissect_dtls_hnd_hello_common(tvb, tree, offset, ssl, 1);
1700
1701       /* PAOLO: handle session cipher suite  */
1702       if (ssl) {
1703         /* store selected cipher suite for decryption */
1704         ssl->cipher = tvb_get_ntohs(tvb, offset);
1705         if (ssl_find_cipher(ssl->cipher,&ssl->cipher_suite) < 0) {
1706           ssl_debug_printf("dissect_dtls_hnd_srv_hello can't find cipher suite %X\n", ssl->cipher);
1707           goto no_cipher;
1708         }
1709
1710         ssl->state |= SSL_CIPHER;
1711         ssl_debug_printf("dissect_dtls_hnd_srv_hello found cipher %X, state %X\n",
1712                          ssl->cipher, ssl->state);
1713
1714         /* if we have restored a session now we can have enought material
1715          * to build session key, check it out*/
1716         if ((ssl->state &
1717              (SSL_CIPHER|SSL_CLIENT_RANDOM|SSL_SERVER_RANDOM|SSL_VERSION|SSL_MASTER_SECRET)) !=
1718             (SSL_CIPHER|SSL_CLIENT_RANDOM|SSL_SERVER_RANDOM|SSL_VERSION|SSL_MASTER_SECRET)) {
1719           ssl_debug_printf("dissect_dtls_hnd_srv_hello not enough data to generate key (required state %X)\n",
1720                            (SSL_CIPHER|SSL_CLIENT_RANDOM|SSL_SERVER_RANDOM|SSL_VERSION|SSL_MASTER_SECRET));
1721           goto no_cipher;
1722         }
1723
1724         ssl_debug_printf("dissect_dtls_hnd_srv_hello trying to generate keys\n");
1725         if (ssl_generate_keyring_material(ssl)<0) {
1726           ssl_debug_printf("dissect_dtls_hnd_srv_hello can't generate keyring material\n");
1727           goto no_cipher;
1728         }
1729         ssl->state |= SSL_HAVE_SESSION_KEY;
1730       }
1731     no_cipher:
1732       if (!tree)
1733         return offset;
1734
1735       /* now the server-selected cipher suite */
1736       proto_tree_add_item(tree, hf_dtls_handshake_cipher_suite,
1737                           tvb, offset, 2, ENC_BIG_ENDIAN);
1738       offset += 2;
1739
1740       /* and the server-selected compression method */
1741       proto_tree_add_item(tree, hf_dtls_handshake_comp_method,
1742                           tvb, offset, 1, ENC_BIG_ENDIAN);
1743       offset++;
1744
1745       if (length > offset - start_offset)
1746         {
1747           offset = dissect_dtls_hnd_hello_ext(tvb, tree, offset,
1748                                               length -
1749                                               (offset - start_offset));
1750         }
1751     }
1752     return offset;
1753 }
1754
1755 static void
1756 dissect_dtls_hnd_cert(tvbuff_t *tvb,
1757                       proto_tree *tree, guint32 offset, packet_info *pinfo)
1758 {
1759
1760   /* opaque ASN.1Cert<2^24-1>;
1761    *
1762    * struct {
1763    *     ASN.1Cert certificate_list<1..2^24-1>;
1764    * } Certificate;
1765    */
1766
1767   guint32     certificate_list_length;
1768   proto_tree *ti;
1769   proto_tree *subtree;
1770   asn1_ctx_t  asn1_ctx;
1771
1772   asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
1773
1774   if (tree)
1775     {
1776       certificate_list_length = tvb_get_ntoh24(tvb, offset);
1777       proto_tree_add_uint(tree, hf_dtls_handshake_certificates_len,
1778                           tvb, offset, 3, certificate_list_length);
1779       offset += 3;            /* 24-bit length value */
1780
1781       if (certificate_list_length > 0)
1782         {
1783           tvb_ensure_bytes_exist(tvb, offset, certificate_list_length);
1784           ti = proto_tree_add_none_format(tree,
1785                                           hf_dtls_handshake_certificates,
1786                                           tvb, offset, certificate_list_length,
1787                                           "Certificates (%u byte%s)",
1788                                           certificate_list_length,
1789                                           plurality(certificate_list_length,
1790                                                     "", "s"));
1791
1792           /* make it a subtree */
1793           subtree = proto_item_add_subtree(ti, ett_dtls_certs);
1794           if (!subtree)
1795             {
1796               subtree = tree; /* failsafe */
1797             }
1798
1799           /* iterate through each certificate */
1800           while (certificate_list_length > 0)
1801             {
1802               /* get the length of the current certificate */
1803               guint32 cert_length = tvb_get_ntoh24(tvb, offset);
1804               certificate_list_length -= 3 + cert_length;
1805
1806               proto_tree_add_item(subtree, hf_dtls_handshake_certificate_len,
1807                                   tvb, offset, 3, ENC_BIG_ENDIAN);
1808               offset += 3;
1809
1810               dissect_x509af_Certificate(FALSE, tvb, offset, &asn1_ctx, subtree, hf_dtls_handshake_certificate);
1811               offset += cert_length;
1812             }
1813         }
1814
1815     }
1816 }
1817
1818 static void
1819 dissect_dtls_hnd_cert_req(tvbuff_t *tvb,
1820                           proto_tree *tree, guint32 offset)
1821 {
1822   /*
1823    *    enum {
1824    *        rsa_sign(1), dss_sign(2), rsa_fixed_dh(3), dss_fixed_dh(4),
1825    *        (255)
1826    *    } ClientCertificateType;
1827    *
1828    *    opaque DistinguishedName<1..2^16-1>;
1829    *
1830    *    struct {
1831    *        ClientCertificateType certificate_types<1..2^8-1>;
1832    *        DistinguishedName certificate_authorities<3..2^16-1>;
1833    *    } CertificateRequest;
1834    *
1835    */
1836
1837   proto_tree *ti;
1838   proto_tree *subtree;
1839   guint8      cert_types_count;
1840   gint        dnames_length;
1841
1842   if (tree)
1843     {
1844       cert_types_count = tvb_get_guint8(tvb, offset);
1845       proto_tree_add_uint(tree, hf_dtls_handshake_cert_types_count,
1846                           tvb, offset, 1, cert_types_count);
1847       offset++;
1848
1849       if (cert_types_count > 0)
1850         {
1851           ti = proto_tree_add_none_format(tree,
1852                                           hf_dtls_handshake_cert_types,
1853                                           tvb, offset, cert_types_count,
1854                                           "Certificate types (%u type%s)",
1855                                           cert_types_count,
1856                                           plurality(cert_types_count, "", "s"));
1857           subtree = proto_item_add_subtree(ti, ett_dtls_cert_types);
1858           if (!subtree)
1859             {
1860               subtree = tree;
1861             }
1862
1863           while (cert_types_count > 0)
1864             {
1865               proto_tree_add_item(subtree, hf_dtls_handshake_cert_type,
1866                                   tvb, offset, 1, ENC_BIG_ENDIAN);
1867               offset++;
1868               cert_types_count--;
1869             }
1870         }
1871
1872       dnames_length = tvb_get_ntohs(tvb, offset);
1873       proto_tree_add_uint(tree, hf_dtls_handshake_dnames_len,
1874                           tvb, offset, 2, dnames_length);
1875       offset += 2;
1876
1877       if (dnames_length > 0)
1878         {
1879           tvb_ensure_bytes_exist(tvb, offset, dnames_length);
1880           ti = proto_tree_add_none_format(tree,
1881                                           hf_dtls_handshake_dnames,
1882                                           tvb, offset, dnames_length,
1883                                           "Distinguished Names (%d byte%s)",
1884                                           dnames_length,
1885                                           plurality(dnames_length, "", "s"));
1886           subtree = proto_item_add_subtree(ti, ett_dtls_dnames);
1887           if (!subtree)
1888             {
1889               subtree = tree;
1890             }
1891
1892           while (dnames_length > 0)
1893             {
1894               /* get the length of the current certificate */
1895               guint16 name_length = tvb_get_ntohs(tvb, offset);
1896               dnames_length -= 2 + name_length;
1897
1898               proto_tree_add_item(subtree, hf_dtls_handshake_dname_len,
1899                                   tvb, offset, 2, ENC_BIG_ENDIAN);
1900               offset += 2;
1901
1902               proto_tree_add_bytes_format(subtree,
1903                                           hf_dtls_handshake_dname,
1904                                           tvb, offset, name_length, NULL,
1905                                           "Distinguished Name (%u byte%s)",
1906                                           name_length,
1907                                           plurality(name_length, "", "s"));
1908               offset += name_length;
1909             }
1910         }
1911     }
1912
1913 }
1914
1915 static void
1916 dissect_dtls_hnd_finished(tvbuff_t *tvb, proto_tree *tree, guint32 offset,
1917                           guint* conv_version)
1918 {
1919   /*
1920    *     struct {
1921    *         opaque verify_data[12];
1922    *     } Finished;
1923    */
1924
1925   /* this all needs a tree, so bail if we don't have one */
1926   if (!tree)
1927     {
1928       return;
1929     }
1930
1931   switch(*conv_version) {
1932   case SSL_VER_DTLS:
1933     proto_tree_add_item(tree, hf_dtls_handshake_finished,
1934                         tvb, offset, 12, ENC_NA);
1935     break;
1936   }
1937 }
1938
1939 /*********************************************************************
1940  *
1941  * Support Functions
1942  *
1943  *********************************************************************/
1944 #if 0
1945 static void
1946 ssl_set_conv_version(packet_info *pinfo, guint version)
1947 {
1948   conversation_t *conversation;
1949
1950   if (pinfo->fd->flags.visited)
1951     {
1952       /* We've already processed this frame; no need to do any more
1953        * work on it.
1954        */
1955       return;
1956     }
1957
1958   conversation = find_or_create_conversation(pinfo);
1959
1960   if (conversation_get_proto_data(conversation, proto_dtls) != NULL)
1961     {
1962       /* get rid of the current data */
1963       conversation_delete_proto_data(conversation, proto_dtls);
1964     }
1965   conversation_add_proto_data(conversation, proto_dtls, GINT_TO_POINTER(version));
1966 }
1967 #endif
1968
1969 static gint
1970 dtls_is_valid_handshake_type(guint8 type)
1971 {
1972
1973   switch (type) {
1974   case SSL_HND_HELLO_REQUEST:
1975   case SSL_HND_CLIENT_HELLO:
1976   case SSL_HND_SERVER_HELLO:
1977   case SSL_HND_HELLO_VERIFY_REQUEST:
1978   case SSL_HND_CERTIFICATE:
1979   case SSL_HND_SERVER_KEY_EXCHG:
1980   case SSL_HND_CERT_REQUEST:
1981   case SSL_HND_SVR_HELLO_DONE:
1982   case SSL_HND_CERT_VERIFY:
1983   case SSL_HND_CLIENT_KEY_EXCHG:
1984   case SSL_HND_FINISHED:
1985     return 1;
1986   }
1987   return 0;
1988 }
1989
1990 static gint
1991 dtls_is_authoritative_version_message(guint8 content_type, guint8 next_byte)
1992 {
1993   if (content_type == SSL_ID_HANDSHAKE
1994       && dtls_is_valid_handshake_type(next_byte))
1995     {
1996       return (next_byte != SSL_HND_CLIENT_HELLO);
1997     }
1998   else if (ssl_is_valid_content_type(content_type)
1999            && content_type != SSL_ID_HANDSHAKE)
2000     {
2001       return 1;
2002     }
2003   return 0;
2004 }
2005
2006 /* this applies a heuristic to determine whether
2007  * or not the data beginning at offset looks like a
2008  * valid dtls record.
2009  */
2010 static gint
2011 looks_like_dtls(tvbuff_t *tvb, guint32 offset)
2012 {
2013   /* have to have a valid content type followed by a valid
2014    * protocol version
2015    */
2016   guint8  byte;
2017   guint16 version;
2018
2019   /* see if the first byte is a valid content type */
2020   byte = tvb_get_guint8(tvb, offset);
2021   if (!ssl_is_valid_content_type(byte))
2022     {
2023       return 0;
2024     }
2025
2026   /* now check to see if the version byte appears valid */
2027   version = tvb_get_ntohs(tvb, offset + 1);
2028   if (version != DTLSV1DOT0_VERSION && version != DTLSV1DOT0_VERSION_NOT)
2029     {
2030       return 0;
2031     }
2032
2033   return 1;
2034 }
2035
2036 /* UAT */
2037
2038 #ifdef HAVE_LIBGNUTLS
2039 static void
2040 dtlsdecrypt_free_cb(void* r)
2041 {
2042   ssldecrypt_assoc_t* h = r;
2043
2044   g_free(h->ipaddr);
2045   g_free(h->port);
2046   g_free(h->protocol);
2047   g_free(h->keyfile);
2048   g_free(h->password);
2049 }
2050 #endif
2051
2052 #if 0
2053 static void
2054 dtlsdecrypt_update_cb(void* r _U_, const char** err _U_)
2055 {
2056   return;
2057 }
2058 #endif
2059
2060 #ifdef HAVE_LIBGNUTLS
2061 static void *
2062 dtlsdecrypt_copy_cb(void* dest, const void* orig, size_t len _U_)
2063 {
2064   const ssldecrypt_assoc_t* o = orig;
2065   ssldecrypt_assoc_t*       d = dest;
2066
2067   d->ipaddr    = g_strdup(o->ipaddr);
2068   d->port      = g_strdup(o->port);
2069   d->protocol  = g_strdup(o->protocol);
2070   d->keyfile   = g_strdup(o->keyfile);
2071   d->password  = g_strdup(o->password);
2072
2073   return d;
2074 }
2075
2076 UAT_CSTRING_CB_DEF(sslkeylist_uats,ipaddr,ssldecrypt_assoc_t)
2077 UAT_CSTRING_CB_DEF(sslkeylist_uats,port,ssldecrypt_assoc_t)
2078 UAT_CSTRING_CB_DEF(sslkeylist_uats,protocol,ssldecrypt_assoc_t)
2079 UAT_FILENAME_CB_DEF(sslkeylist_uats,keyfile,ssldecrypt_assoc_t)
2080 UAT_CSTRING_CB_DEF(sslkeylist_uats,password,ssldecrypt_assoc_t)
2081 #endif
2082
2083 void proto_reg_handoff_dtls(void);
2084
2085 /*********************************************************************
2086  *
2087  * Standard Wireshark Protocol Registration and housekeeping
2088  *
2089  *********************************************************************/
2090 void
2091 proto_register_dtls(void)
2092 {
2093
2094   /* Setup list of header fields See Section 1.6.1 for details*/
2095   static hf_register_info hf[] = {
2096     { &hf_dtls_record,
2097       { "Record Layer", "dtls.record",
2098         FT_NONE, BASE_NONE, NULL, 0x0,
2099         NULL, HFILL }
2100     },
2101     { &hf_dtls_record_content_type,
2102       { "Content Type", "dtls.record.content_type",
2103         FT_UINT8, BASE_DEC, VALS(ssl_31_content_type), 0x0,
2104         NULL, HFILL}
2105     },
2106     { &hf_dtls_record_version,
2107       { "Version", "dtls.record.version",
2108         FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0,
2109         "Record layer version.", HFILL }
2110     },
2111     { &hf_dtls_record_epoch,
2112       { "Epoch", "dtls.record.epoch",
2113         FT_UINT16, BASE_DEC, NULL, 0x0,
2114         NULL, HFILL }
2115     },
2116     { &hf_dtls_record_sequence_number,
2117       { "Sequence Number", "dtls.record.sequence_number",
2118         FT_DOUBLE, BASE_NONE, NULL, 0x0,
2119         NULL, HFILL }
2120     },
2121     { &hf_dtls_record_length,
2122       { "Length", "dtls.record.length",
2123         FT_UINT16, BASE_DEC, NULL, 0x0,
2124         "Length of DTLS record data", HFILL }
2125     },
2126     { &hf_dtls_record_appdata,
2127       { "Encrypted Application Data", "dtls.app_data",
2128         FT_BYTES, BASE_NONE, NULL, 0x0,
2129         "Payload is encrypted application data", HFILL }
2130     },
2131     { &hf_dtls_change_cipher_spec,
2132       { "Change Cipher Spec Message", "dtls.change_cipher_spec",
2133         FT_NONE, BASE_NONE, NULL, 0x0,
2134         "Signals a change in cipher specifications", HFILL }
2135     },
2136     { & hf_dtls_alert_message,
2137       { "Alert Message", "dtls.alert_message",
2138         FT_NONE, BASE_NONE, NULL, 0x0,
2139         NULL, HFILL }
2140     },
2141     { & hf_dtls_alert_message_level,
2142       { "Level", "dtls.alert_message.level",
2143         FT_UINT8, BASE_DEC, VALS(ssl_31_alert_level), 0x0,
2144         "Alert message level", HFILL }
2145     },
2146     { &hf_dtls_alert_message_description,
2147       { "Description", "dtls.alert_message.desc",
2148         FT_UINT8, BASE_DEC, VALS(ssl_31_alert_description), 0x0,
2149         "Alert message description", HFILL }
2150     },
2151     { &hf_dtls_handshake_protocol,
2152       { "Handshake Protocol", "dtls.handshake",
2153         FT_NONE, BASE_NONE, NULL, 0x0,
2154         "Handshake protocol message", HFILL}
2155     },
2156     { &hf_dtls_handshake_type,
2157       { "Handshake Type", "dtls.handshake.type",
2158         FT_UINT8, BASE_DEC, VALS(ssl_31_handshake_type), 0x0,
2159         "Type of handshake message", HFILL}
2160     },
2161     { &hf_dtls_handshake_length,
2162       { "Length", "dtls.handshake.length",
2163         FT_UINT24, BASE_DEC, NULL, 0x0,
2164         "Length of handshake message", HFILL }
2165     },
2166     { &hf_dtls_handshake_message_seq,
2167       { "Message Sequence", "dtls.handshake.message_seq",
2168         FT_UINT16, BASE_DEC, NULL, 0x0,
2169         "Message sequence of handshake message", HFILL }
2170     },
2171     { &hf_dtls_handshake_fragment_offset,
2172       { "Fragment Offset", "dtls.handshake.fragment_offset",
2173         FT_UINT24, BASE_DEC, NULL, 0x0,
2174         "Fragment offset of handshake message", HFILL }
2175     },
2176     { &hf_dtls_handshake_fragment_length,
2177       { "Fragment Length", "dtls.handshake.fragment_length",
2178         FT_UINT24, BASE_DEC, NULL, 0x0,
2179         "Fragment length of handshake message", HFILL }
2180     },
2181     { &hf_dtls_handshake_client_version,
2182       { "Version", "dtls.handshake.client_version",
2183         FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0,
2184         "Maximum version supported by client", HFILL }
2185     },
2186     { &hf_dtls_handshake_server_version,
2187       { "Version", "dtls.handshake.server_version",
2188         FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0,
2189         "Version selected by server", HFILL }
2190     },
2191     { &hf_dtls_handshake_random_time,
2192       { "Random.gmt_unix_time", "dtls.handshake.random_time",
2193         FT_ABSOLUTE_TIME, ABSOLUTE_TIME_LOCAL, NULL, 0x0,
2194         "Unix time field of random structure", HFILL }
2195     },
2196     { &hf_dtls_handshake_random_bytes,
2197       { "Random.bytes", "dtls.handshake.random",
2198         FT_NONE, BASE_NONE, NULL, 0x0,
2199         "Random challenge used to authenticate server", HFILL }
2200     },
2201     { &hf_dtls_handshake_cipher_suites_len,
2202       { "Cipher Suites Length", "dtls.handshake.cipher_suites_length",
2203         FT_UINT16, BASE_DEC, NULL, 0x0,
2204         "Length of cipher suites field", HFILL }
2205     },
2206     { &hf_dtls_handshake_cipher_suites,
2207       { "Cipher Suites", "dtls.handshake.ciphersuites",
2208         FT_NONE, BASE_NONE, NULL, 0x0,
2209         "List of cipher suites supported by client", HFILL }
2210     },
2211     { &hf_dtls_handshake_cipher_suite,
2212       { "Cipher Suite", "dtls.handshake.ciphersuite",
2213         FT_UINT16, BASE_HEX|BASE_EXT_STRING, &ssl_31_ciphersuite_ext, 0x0,
2214         NULL, HFILL }
2215     },
2216     { &hf_dtls_handshake_cookie_len,
2217       { "Cookie Length", "dtls.handshake.cookie_length",
2218         FT_UINT8, BASE_DEC, NULL, 0x0,
2219         "Length of the cookie field", HFILL }
2220     },
2221     { &hf_dtls_handshake_cookie,
2222       { "Cookie", "dtls.handshake.cookie",
2223         FT_BYTES, BASE_NONE, NULL, 0x0,
2224         NULL, HFILL }
2225     },
2226     { &hf_dtls_handshake_session_id,
2227       { "Session ID", "dtls.handshake.session_id",
2228         FT_BYTES, BASE_NONE, NULL, 0x0,
2229         "Identifies the DTLS session, allowing later resumption", HFILL }
2230     },
2231     { &hf_dtls_handshake_comp_methods_len,
2232       { "Compression Methods Length", "dtls.handshake.comp_methods_length",
2233         FT_UINT8, BASE_DEC, NULL, 0x0,
2234         "Length of compression methods field", HFILL }
2235     },
2236     { &hf_dtls_handshake_comp_methods,
2237       { "Compression Methods", "dtls.handshake.comp_methods",
2238         FT_NONE, BASE_NONE, NULL, 0x0,
2239         "List of compression methods supported by client", HFILL }
2240     },
2241     { &hf_dtls_handshake_comp_method,
2242       { "Compression Method", "dtls.handshake.comp_method",
2243         FT_UINT8, BASE_DEC, VALS(ssl_31_compression_method), 0x0,
2244         NULL, HFILL }
2245     },
2246     { &hf_dtls_handshake_extensions_len,
2247       { "Extensions Length", "dtls.handshake.extensions_length",
2248         FT_UINT16, BASE_DEC, NULL, 0x0,
2249         "Length of hello extensions", HFILL }
2250     },
2251     { &hf_dtls_handshake_extension_type,
2252       { "Type", "dtls.handshake.extension.type",
2253         FT_UINT16, BASE_HEX, VALS(tls_hello_extension_types), 0x0,
2254         "Hello extension type", HFILL }
2255     },
2256     { &hf_dtls_handshake_extension_len,
2257       { "Length", "dtls.handshake.extension.len",
2258         FT_UINT16, BASE_DEC, NULL, 0x0,
2259         "Length of a hello extension", HFILL }
2260     },
2261     { &hf_dtls_handshake_extension_data,
2262       { "Data", "dtls.handshake.extension.data",
2263         FT_BYTES, BASE_NONE, NULL, 0x0,
2264         "Hello Extension data", HFILL }
2265     },
2266     { &hf_dtls_handshake_certificates_len,
2267       { "Certificates Length", "dtls.handshake.certificates_length",
2268         FT_UINT24, BASE_DEC, NULL, 0x0,
2269         "Length of certificates field", HFILL }
2270     },
2271     { &hf_dtls_handshake_certificates,
2272       { "Certificates", "dtls.handshake.certificates",
2273         FT_NONE, BASE_NONE, NULL, 0x0,
2274         "List of certificates", HFILL }
2275     },
2276     { &hf_dtls_handshake_certificate,
2277       { "Certificate", "dtls.handshake.certificate",
2278         FT_BYTES, BASE_NONE, NULL, 0x0,
2279         NULL, HFILL }
2280     },
2281     { &hf_dtls_handshake_certificate_len,
2282       { "Certificate Length", "dtls.handshake.certificate_length",
2283         FT_UINT24, BASE_DEC, NULL, 0x0,
2284         "Length of certificate", HFILL }
2285     },
2286     { &hf_dtls_handshake_cert_types_count,
2287       { "Certificate types count", "dtls.handshake.cert_types_count",
2288         FT_UINT8, BASE_DEC, NULL, 0x0,
2289         "Count of certificate types", HFILL }
2290     },
2291     { &hf_dtls_handshake_cert_types,
2292       { "Certificate types", "dtls.handshake.cert_types",
2293         FT_NONE, BASE_NONE, NULL, 0x0,
2294         "List of certificate types", HFILL }
2295     },
2296     { &hf_dtls_handshake_cert_type,
2297       { "Certificate type", "dtls.handshake.cert_type",
2298         FT_UINT8, BASE_DEC, VALS(ssl_31_client_certificate_type), 0x0,
2299         NULL, HFILL }
2300     },
2301     { &hf_dtls_handshake_finished,
2302       { "Verify Data", "dtls.handshake.verify_data",
2303         FT_NONE, BASE_NONE, NULL, 0x0,
2304         "Opaque verification data", HFILL }
2305     },
2306     { &hf_dtls_handshake_md5_hash,
2307       { "MD5 Hash", "dtls.handshake.md5_hash",
2308         FT_NONE, BASE_NONE, NULL, 0x0,
2309         "Hash of messages, master_secret, etc.", HFILL }
2310     },
2311     { &hf_dtls_handshake_sha_hash,
2312       { "SHA-1 Hash", "dtls.handshake.sha_hash",
2313         FT_NONE, BASE_NONE, NULL, 0x0,
2314         "Hash of messages, master_secret, etc.", HFILL }
2315     },
2316     { &hf_dtls_handshake_session_id_len,
2317       { "Session ID Length", "dtls.handshake.session_id_length",
2318         FT_UINT8, BASE_DEC, NULL, 0x0,
2319         "Length of session ID field", HFILL }
2320     },
2321     { &hf_dtls_handshake_dnames_len,
2322       { "Distinguished Names Length", "dtls.handshake.dnames_len",
2323         FT_UINT16, BASE_DEC, NULL, 0x0,
2324         "Length of list of CAs that server trusts", HFILL }
2325     },
2326     { &hf_dtls_handshake_dnames,
2327       { "Distinguished Names", "dtls.handshake.dnames",
2328         FT_NONE, BASE_NONE, NULL, 0x0,
2329         "List of CAs that server trusts", HFILL }
2330     },
2331     { &hf_dtls_handshake_dname_len,
2332       { "Distinguished Name Length", "dtls.handshake.dname_len",
2333         FT_UINT16, BASE_DEC, NULL, 0x0,
2334         "Length of distinguished name", HFILL }
2335     },
2336     { &hf_dtls_handshake_dname,
2337       { "Distinguished Name", "dtls.handshake.dname",
2338         FT_BYTES, BASE_NONE, NULL, 0x0,
2339         "Distinguished name of a CA that server trusts", HFILL }
2340     },
2341     { &hf_dtls_fragments,
2342       { "Message fragments", "dtls.fragments",
2343         FT_NONE, BASE_NONE, NULL, 0x00, NULL, HFILL }
2344     },
2345     { &hf_dtls_fragment,
2346       { "Message fragment", "dtls.fragment",
2347         FT_FRAMENUM, BASE_NONE, NULL, 0x00, NULL, HFILL }
2348     },
2349     { &hf_dtls_fragment_overlap,
2350       { "Message fragment overlap", "dtls.fragment.overlap",
2351         FT_BOOLEAN, BASE_NONE, NULL, 0x0, NULL, HFILL }
2352     },
2353     { &hf_dtls_fragment_overlap_conflicts,
2354       { "Message fragment overlapping with conflicting data",
2355         "dtls.fragment.overlap.conflicts",
2356        FT_BOOLEAN, BASE_NONE, NULL, 0x0, NULL, HFILL }
2357     },
2358     { &hf_dtls_fragment_multiple_tails,
2359       { "Message has multiple tail fragments",
2360         "dtls.fragment.multiple_tails",
2361         FT_BOOLEAN, BASE_NONE, NULL, 0x0, NULL, HFILL }
2362     },
2363     { &hf_dtls_fragment_too_long_fragment,
2364       { "Message fragment too long", "dtls.fragment.too_long_fragment",
2365         FT_BOOLEAN, BASE_NONE, NULL, 0x0, NULL, HFILL }
2366     },
2367     { &hf_dtls_fragment_error,
2368       { "Message defragmentation error", "dtls.fragment.error",
2369         FT_FRAMENUM, BASE_NONE, NULL, 0x00, NULL, HFILL }
2370     },
2371     { &hf_dtls_fragment_count,
2372       { "Message fragment count", "dtls.fragment.count",
2373         FT_UINT32, BASE_DEC, NULL, 0x00, NULL, HFILL }
2374     },
2375     { &hf_dtls_reassembled_in,
2376       { "Reassembled in", "dtls.reassembled.in",
2377         FT_FRAMENUM, BASE_NONE, NULL, 0x00, NULL, HFILL }
2378     },
2379     { &hf_dtls_reassembled_length,
2380       { "Reassembled DTLS length", "dtls.reassembled.length",
2381         FT_UINT32, BASE_DEC, NULL, 0x00, NULL, HFILL }
2382     },
2383   };
2384
2385   /* Setup protocol subtree array */
2386   static gint *ett[] = {
2387     &ett_dtls,
2388     &ett_dtls_record,
2389     &ett_dtls_alert,
2390     &ett_dtls_handshake,
2391     &ett_dtls_cipher_suites,
2392     &ett_dtls_comp_methods,
2393     &ett_dtls_extension,
2394     &ett_dtls_certs,
2395     &ett_dtls_cert_types,
2396     &ett_dtls_dnames,
2397     &ett_dtls_fragment,
2398     &ett_dtls_fragments,
2399   };
2400
2401   /* Register the protocol name and description */
2402   proto_dtls = proto_register_protocol("Datagram Transport Layer Security",
2403                                        "DTLS", "dtls");
2404
2405   /* Required function calls to register the header fields and
2406    * subtrees used */
2407   proto_register_field_array(proto_dtls, hf, array_length(hf));
2408   proto_register_subtree_array(ett, array_length(ett));
2409
2410 #ifdef HAVE_LIBGNUTLS
2411   {
2412     module_t *dtls_module = prefs_register_protocol(proto_dtls, proto_reg_handoff_dtls);
2413
2414     static uat_field_t dtlskeylist_uats_flds[] = {
2415       UAT_FLD_CSTRING_OTHER(sslkeylist_uats, ipaddr, "IP address", ssldecrypt_uat_fld_ip_chk_cb, "IPv4 or IPv6 address"),
2416       UAT_FLD_CSTRING_OTHER(sslkeylist_uats, port, "Port", ssldecrypt_uat_fld_port_chk_cb, "Port Number"),
2417       UAT_FLD_CSTRING_OTHER(sslkeylist_uats, protocol, "Protocol", ssldecrypt_uat_fld_protocol_chk_cb, "Protocol"),
2418       UAT_FLD_FILENAME_OTHER(sslkeylist_uats, keyfile, "Key File", ssldecrypt_uat_fld_fileopen_chk_cb, "Path to the keyfile."),
2419       UAT_FLD_CSTRING_OTHER(sslkeylist_uats, password," Password (p12 file)", ssldecrypt_uat_fld_password_chk_cb, "Password"),
2420       UAT_END_FIELDS
2421     };
2422
2423     dtlsdecrypt_uat = uat_new("DTLS RSA Keylist",
2424                               sizeof(ssldecrypt_assoc_t),
2425                               "dtlsdecrypttablefile",         /* filename */
2426                               TRUE,                           /* from_profile */
2427                               (void*) &dtlskeylist_uats,      /* data_ptr */
2428                               &ndtlsdecrypt,                  /* numitems_ptr */
2429                               UAT_CAT_FFMT,                   /* category */
2430                               "ChK12ProtocolsSection",        /* TODO, need revision - help */
2431                               dtlsdecrypt_copy_cb,
2432                               NULL, /* dtlsdecrypt_update_cb? */
2433                               dtlsdecrypt_free_cb,
2434                               dtls_parse_uat,
2435                               dtlskeylist_uats_flds);
2436
2437     prefs_register_uat_preference(dtls_module, "cfg",
2438                                   "RSA keys list",
2439                                   "A table of RSA keys for DTLS decryption",
2440                                   dtlsdecrypt_uat);
2441
2442     prefs_register_string_preference(dtls_module, "debug_file", "DTLS debug file",
2443                                      "redirect dtls debug to file name; leave empty to disable debug, "
2444                                      "use \"" SSL_DEBUG_USE_STDERR "\" to redirect output to stderr\n",
2445                                      (const gchar **)&dtls_debug_file_name);
2446
2447     prefs_register_string_preference(dtls_module, "keys_list", "RSA keys list (deprecated)",
2448                                      "Semicolon-separated list of private RSA keys used for DTLS decryption. "
2449                                      "Used by versions of Wireshark prior to 1.6",
2450                                      (const gchar **)&dtls_keys_list);
2451
2452   }
2453 #endif
2454
2455   register_dissector("dtls", dissect_dtls, proto_dtls);
2456   dtls_handle = find_dissector("dtls");
2457
2458   dtls_associations = g_tree_new(ssl_association_cmp);
2459
2460   register_init_routine(dtls_init);
2461   ssl_lib_init();
2462   dtls_tap = register_tap("dtls");
2463   ssl_debug_printf("proto_register_dtls: registered tap %s:%d\n",
2464                    "dtls", dtls_tap);
2465
2466   register_heur_dissector_list("dtls", &heur_subdissector_list);
2467 }
2468
2469
2470 /* If this dissector uses sub-dissector registration add a registration
2471  * routine.  This format is required because a script is used to find
2472  * these routines and create the code that calls these routines.
2473  */
2474 void
2475 proto_reg_handoff_dtls(void)
2476 {
2477   static gboolean initialized = FALSE;
2478
2479   /* add now dissector to default ports.*/
2480   dtls_parse_uat();
2481   dtls_parse_old_keys();
2482
2483   if (initialized == FALSE)
2484     heur_dissector_add("udp", dissect_dtls_heur, proto_dtls);
2485
2486   initialized = TRUE;
2487 }