wm: dnsparser

--- a/common.h

+++ b/common.h

@@ -81,10 +81,17 @@

 	DNS_RCODE = 0x000F,

 	/* tls record */

+	TLS_RECORD = 4,

 	TLS_RECORD_CONTENTTYPE = 1,

 	TLS_RECORD_VERSION = 1,

 	TLS_RECORD_LEN = 2,

+	/* tls record versions */

+	TLS_RECORD_10 = 0x301,

+	TLS_RECORD_11 = 0x302,

+	TLS_RECORD_12 = 0x303,

+	TLS_RECORD_13 = 0x304,

 	/* tls 1.2 handshake */

 	TLS_HANDSHAKE_TYPE = 1,

 	TLS_HANDSHAKE_LEN = 3,

@@ -144,6 +151,7 @@

*/

 typedef struct

+	char *name;

 	int (*parse)();

 	void (*print)();

 }Parser;

@@ -281,20 +289,31 @@

 /* tls.c */

 typedef struct

-	uint16_t srcport;

-	uint16_t dstport;

+	uint8_t len;

+	uint8_t data[];

+}TlsTuple;

-	uint32_t seqnum;

-	uint32_t acknum;

+typedef struct

+{

+	uint8_t type;

+	uint32_t len;

+	uint16_t version;

-	uint16_t offset;

-	uint16_t flags;

+	uint8_t random[32];

-	uint16_t winsize;

-	uint8_t sum;

+	TlsTuple sessionId;

+	TlsTuple cipherSuits;

+	TlsTuple compressionMethods;

+	TlsTuple extensions;

+}TlsHandshake;

+typedef struct

+{

+	uint8_t contenttype;

+	uint16_t rversion; /* record version */

+	uint16_t len;

-	uint16_t urgentptr;

-	/* we don't care about options */

+	TlsHandshake handshake;

 }Tls;

 extern Parser tlsParser;

--- a/dns.c

+++ b/dns.c

@@ -217,6 +217,7 @@

 Parser dnsParser = {

+	.name = "dns",

 	.parse = parseDns,

 	.print = printDns,

};

\ No newline at end of file

--- a/ether.c

+++ b/ether.c

@@ -52,6 +52,7 @@

 Parser etherParser = {

+	.name = "ethernet",

 	.parse = parseEther,

 	.print = printEther,

};

\ No newline at end of file

--- a/pkt.c

+++ b/pkt.c

@@ -79,6 +79,7 @@

 Parser pktParser = {

+	.name = "ipv4",

 	.parse = parsePkt,

 	.print = printPkt,

};

\ No newline at end of file

--- a/tcp.c

+++ b/tcp.c

@@ -54,6 +54,7 @@

 Parser tcpParser = {

+	.name = "tcp",

 	.parse = parseTcp,

 	.print = printTcp,

};

\ No newline at end of file

--- a/tls.c

+++ b/tls.c

@@ -1,0 +1,57 @@

+#include <stdio.h>

+#include <stdint.h>

+#include <pcap.h>

+#include "common.h"

+int

+parseTlsRecord(const u_char *pkt, Tls tls)

+{

+	int pos = 0;

+	tls.contenttype = pkt[pos];

+	pos += TLS_RECORD_CONTENTTYPE;

+	tls.rversion = pkt[pos];

+	pos += TLS_RECORD_VERSION;

+	tls.len = get2(pkt + TLS_RECORD_LEN);

+	pos += TLS_RECORD_LEN;

+	return 1;

+}

+int

+parseTlsHandshake(const u_char *pkt, TlsHandshake hs)

+{

+}

+int

+parseTls(const u_char *pkt, Tls tls)

+{

+	int pos = 0;

+	parseTlsRecord(pkt + pos, tls);

+	parseTlsHandshake(pkt + TLS_RECORD, tls.handshake);

+}

+void

+printTls(Tcp tcp)

+{/*

+		printf("tcp pkt:\n"

+		"\tsrcport: %d\tdstport: %d\n"

+		"\tseqnum: %d\tacknum: %d\n"

+		"\toffset: %d\tflags: %b (%x)\n"

+		"\twinsize: %d (%x)\tsum: %d\n",

+		tcp.srcport, tcp.dstport,

+		tcp.seqnum, tcp.acknum,

+		tcp.offset, tcp.flags, tcp.flags,

+		tcp.winsize, tcp.winsize, tcp.sum);

+*/}

+Parser tlsParser = {

+	.name = "tls",

+	.parse = parseTls,

+	.print = printTcp,

+};

\ No newline at end of file

--- a/udp.c

+++ b/udp.c

@@ -33,6 +33,7 @@

 Parser udpParser = {

+	.name = "udp",

 	.parse = parseUdp,

 	.print = printDns,

};

\ No newline at end of file