@@ -248,95 +248,65 @@ uint64_t QUICParser::quic_get_variable_length(const uint8_t* start, uint64_t& of
248248 }
249249} // QUICParser::quic_get_variable_length
250250
251- bool QUICParser::quic_obtain_tls_data (TLSData& payload )
251+ bool QUICParser::quic_parse_tls_extensions ( )
252252{
253- quic_tls_extension_lengths_pos = 0 ;
254- quic_tls_ext_type_pos = 0 ;
255- quic_tls_ext_pos = 0 ;
256- while (payload.start + sizeof (tls_ext) <= payload.end ) {
257- tls_ext* ext = (tls_ext*) payload.start ;
258- uint16_t type = ntohs (ext->type );
259- uint16_t length = ntohs (ext->length );
260-
261- // Store extension type
262- if (quic_tls_ext_type_pos < MAX_QUIC_TLS_EXT_LEN) {
263- quic_tls_ext_type[quic_tls_ext_type_pos] = type;
264- quic_tls_ext_type_pos += 1 ;
265- }
266-
267- // Store extension type length
268- if (quic_tls_extension_lengths_pos < MAX_QUIC_TLS_EXT_LEN) {
269- quic_tls_extension_lengths[quic_tls_extension_lengths_pos] = length;
270- quic_tls_extension_lengths_pos += 1 ;
271- }
272-
273- //
274- payload.start += sizeof (tls_ext);
275-
276- if (payload.start + length > payload.end ) {
277- break ;
278- }
279-
280- // Save value payload except for length
281- if (quic_tls_ext_pos + length < CURRENT_BUFFER_SIZE) {
253+ const bool extensions_parsed = tls_parser.parse_extensions ([this ](
254+ uint16_t extension_type,
255+ const uint8_t * extension_payload,
256+ uint16_t extension_length) {
257+ if (extension_type == TLS_EXT_SERVER_NAME && extension_length != 0 ) {
258+ tls_parser.parse_server_names (extension_payload, extension_length);
259+ } else if (
260+ (extension_type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS_V1
261+ || extension_type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS
262+ || extension_type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS_V2)
263+ && extension_length != 0 ) {
264+ tls_parser.parse_quic_user_agent (extension_payload, extension_length);
265+ }
266+ if (quic_tls_ext_pos + extension_length < CURRENT_BUFFER_SIZE) {
282267#ifndef QUIC_CH_FULL_TLS_EXT
283- if (type == TLS_EXT_ALPN || type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS_V1
284- || type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS
285- || type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS_V2) {
268+ if (extension_type == TLS_EXT_ALPN || extension_type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS_V1
269+ || extension_type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS
270+ || extension_type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS_V2) {
286271#endif
287- memcpy (quic_tls_ext + quic_tls_ext_pos, payload. start , length );
288- quic_tls_ext_pos += length ;
272+ memcpy (quic_tls_ext + quic_tls_ext_pos, extension_payload, extension_length );
273+ quic_tls_ext_pos += extension_length ;
289274#ifndef QUIC_CH_FULL_TLS_EXT
290- }
275+ }
291276#endif
292- }
293-
294- // Legacy extract specific fields
295- if (type == TLS_EXT_SERVER_NAME && length != 0 ) {
296- tls_parser.tls_get_server_name (payload, sni, BUFF_SIZE);
297- } else if (
298- (type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS_V1
299- || type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS
300- || type == TLS_EXT_QUIC_TRANSPORT_PARAMETERS_V2)
301- && length != 0 ) {
302- tls_parser.tls_get_quic_user_agent (payload, user_agent, BUFF_SIZE);
303- }
304- payload.start += length;
305- }
306- return payload.obejcts_parsed != 0 ;
277+ }
278+ tls_parser.add_extension (extension_type, extension_length);
279+ });
280+ if (!extensions_parsed){
281+ return false ;
282+ }
283+ tls_parser.save_server_names (sni, BUFF_SIZE);
284+ tls_parser.save_quic_user_agent (user_agent, BUFF_SIZE);
285+
286+ const size_t copy_count = std::min<size_t >(tls_parser.get_extensions ().size (), MAX_QUIC_TLS_EXT_LEN);
287+ std::transform (tls_parser.get_extensions ().begin (),
288+ tls_parser.get_extensions ().begin () + static_cast <ssize_t >(copy_count),
289+ std::begin (quic_tls_ext_type),
290+ [](const TLSExtension& typeLength) {
291+ return typeLength.type ;
292+ });
293+ std::transform (tls_parser.get_extensions ().begin (),
294+ tls_parser.get_extensions ().begin () + static_cast <ssize_t >(copy_count),
295+ std::begin (quic_tls_extension_lengths),
296+ [](const TLSExtension& typeLength) {
297+ return typeLength.length ;
298+ });
299+ quic_tls_ext_type_pos = quic_tls_extension_lengths_pos = copy_count;
300+ return true ;
307301}
308302
309303bool QUICParser::quic_parse_tls ()
310304{
311- TLSData payload = {
312- payload.start = final_payload + quic_crypto_start,
313- payload.end = final_payload + quic_crypto_start + quic_crypto_len,
314- payload.obejcts_parsed = 0 ,
315- };
316-
317- if (!tls_parser.tls_check_handshake (payload)) {
318- return false ;
319- }
320- if (!tls_parser.tls_skip_random (payload)) {
321- return false ;
322- }
323- if (!tls_parser.tls_skip_sessid (payload)) {
305+ if (!tls_parser.parse_quic_tls (final_payload + quic_crypto_start, quic_crypto_len)){
324306 return false ;
325307 }
326- if (!tls_parser.tls_skip_cipher_suites (payload)) {
327- return false ;
328- }
329- if (!tls_parser.tls_skip_compression_met (payload)) {
330- return false ;
331- }
332- if (!tls_parser.tls_check_ext_len (payload)) {
333- return false ;
334- }
335- // If no parameters were extracted. We also accept the QUIC connection. (no error check here)
336- quic_obtain_tls_data (payload);
337-
338- return true ;
339- } // QUICPlugin::quic_parse_tls
308+ return quic_parse_tls_extensions ();
309+ }
340310
341311uint8_t QUICParser::quic_draft_version (uint32_t version)
342312{
@@ -1394,7 +1364,7 @@ bool QUICParser::quic_parse_headers(const Packet& pkt, bool forceInitialParsing)
13941364
13951365bool QUICParser::quic_set_server_port (const Packet& pkt)
13961366{
1397- tls_handshake hs = tls_parser.tls_get_handshake ();
1367+ TLSHandshake hs = tls_parser.get_handshake ();
13981368
13991369 switch (packet_type) {
14001370 case INITIAL:
0 commit comments