diff --git a/NEWS b/NEWS index 8bde1613fc..1a5391ff23 100644 --- a/NEWS +++ b/NEWS @@ -157,11 +157,13 @@ New Functionality Configuring with ``--disable-zkg`` disables the zkg inclusion. You can continue to install and use zkg independently. You're also free to use the config file in ``$prefix/etc/zkg/config`` with other zkg - installations. + installations. The zkg source tree resides in ``auxil/package-manager`` as an additional Git submodule. +- Addad a new ``ssl_probable_encrypted_handshake_message`` event, which + is raised for encrypted TLS 1.3 handshake messages. Changed Functionality --------------------- @@ -241,6 +243,31 @@ Changed Functionality can be triggered by anybody controlling one of the endpoints (instead of both). For discussion, see https://github.com/zeek/zeek/issues/343. +- TLS 1.3 support was improved in several ways: + + * In the past, some TLS 1.3 sessions were misidentified as using session + resumption when, in fact, they were not resumed. This was caused by + the TLS session ID which no longer has any meaning in TLS 1.3. This was + fixed. + + * Similarly, in the past, TLS 1.3 sessions that use TLS 1.3 PSKs for + session resumption were not marked as resumed. This also was fixed. + + * The way in which session establishment for TLS 1.3 is performed was + rewritten. This causes the ``ssl_encrypted_data`` event to be correctly + raised; in the past this did not work for some sessions. A new + ``ssl_probable_encrypted_handshake_message`` event was added that is + raised for encrypted TLS 1.3 handshake packets. + + * In the same vein, hello retry requests in TLS 1.3 should now always + be handled correctly; in the past this only happened in some cases. + + Please note: When a connection uses Hello Retry requests you will see + two client hello and two server hello events in a single connection. + + This happened in the past, but may become more common now; this might + trigger unexpected behavior in your scripts. + Removed Functionality --------------------- diff --git a/testing/btest/Baseline/scripts.base.protocols.ssl.tls13_encrypted_handshake_events/.stdout b/testing/btest/Baseline/scripts.base.protocols.ssl.tls13_encrypted_handshake_events/.stdout new file mode 100644 index 0000000000..791f1947fe --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.ssl.tls13_encrypted_handshake_events/.stdout @@ -0,0 +1,13 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +Probable handshake, F, 23 +encrypted, [orig_h=192.168.186.133, orig_p=43056/tcp, resp_h=192.168.186.134, resp_p=9090/tcp], F, TLSv12, 23 +Probable handshake, F, 716 +encrypted, [orig_h=192.168.186.133, orig_p=43056/tcp, resp_h=192.168.186.134, resp_p=9090/tcp], F, TLSv12, 23 +Probable handshake, F, 281 +encrypted, [orig_h=192.168.186.133, orig_p=43056/tcp, resp_h=192.168.186.134, resp_p=9090/tcp], F, TLSv12, 23 +Probable handshake, F, 69 +encrypted, [orig_h=192.168.186.133, orig_p=43056/tcp, resp_h=192.168.186.134, resp_p=9090/tcp], F, TLSv12, 23 +Probable handshake, T, 69 +Established! +encrypted, [orig_h=192.168.186.133, orig_p=43056/tcp, resp_h=192.168.186.134, resp_p=9090/tcp], T, TLSv12, 23 +encrypted, [orig_h=192.168.186.133, orig_p=43056/tcp, resp_h=192.168.186.134, resp_p=9090/tcp], T, TLSv12, 23 diff --git a/testing/btest/Baseline/scripts.base.protocols.ssl.tls13_encrypted_handshake_events/ssl.log b/testing/btest/Baseline/scripts.base.protocols.ssl.tls13_encrypted_handshake_events/ssl.log new file mode 100644 index 0000000000..075c2d3eb5 --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.ssl.tls13_encrypted_handshake_events/ssl.log @@ -0,0 +1,11 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +#separator \x09 +#set_separator , +#empty_field (empty) +#unset_field - +#path ssl +#open XXXX-XX-XX-XX-XX-XX +#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name resumed last_alert next_protocol established cert_chain_fuids client_cert_chain_fuids subject issuer client_subject client_issuer +#types time string addr port addr port string string string string bool string string bool vector[string] vector[string] string string string string +XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 192.168.186.133 43056 192.168.186.134 9090 TLSv13 TLS_AES_256_GCM_SHA384 secp256r1 - F - - T - - - - - - +#close XXXX-XX-XX-XX-XX-XX diff --git a/testing/btest/Traces/tls/tls13_wolfssl.pcap b/testing/btest/Traces/tls/tls13_wolfssl.pcap new file mode 100644 index 0000000000..d86dd5c671 Binary files /dev/null and b/testing/btest/Traces/tls/tls13_wolfssl.pcap differ diff --git a/testing/btest/scripts/base/protocols/ssl/tls13_encrypted_handshake_events.test b/testing/btest/scripts/base/protocols/ssl/tls13_encrypted_handshake_events.test new file mode 100644 index 0000000000..3293315723 --- /dev/null +++ b/testing/btest/scripts/base/protocols/ssl/tls13_encrypted_handshake_events.test @@ -0,0 +1,22 @@ +# @TEST-EXEC: zeek -b -C -r $TRACES/tls/tls13_wolfssl.pcap %INPUT +# @TEST-EXEC: btest-diff ssl.log +# @TEST-EXEC: btest-diff .stdout + +@load base/protocols/ssl + +redef SSL::disable_analyzer_after_detection=F; + +event ssl_encrypted_data(c: connection, is_orig: bool, record_version: count, content_type: count, length: count) + { + print "encrypted", c$id, is_orig, SSL::version_strings[record_version], content_type; + } + +event ssl_established(c: connection) + { + print "Established!"; + } + +event ssl_probable_encrypted_handshake_message(c: connection, is_orig: bool, length: count) + { + print "Probable handshake", is_orig, length; + }