TLS 1.3 changes: Address review feedback

Only minor changes, new consts, and documentation updates.

Part of GH-1335. Addresses GH-1323.

NEWS

@@ -162,7 +162,7 @@ New Functionality
   The zkg source tree resides in ``auxil/package-manager`` as an
   additional Git submodule.
 
-- Addad a new ``ssl_probable_encrypted_handshake_message`` event, which
+- Added a new ``ssl_probable_encrypted_handshake_message`` event, which
   is raised for encrypted TLS 1.3 handshake messages.
 
 Changed Functionality
@@ -295,6 +295,10 @@ Removed Functionality
   the Zeek distribution and will get built unless overridden with the
   ``--with-caf=`` configuration option.
 
+- ``server_appdata`` and ``client_appdata`` were removed from ``SSL::Info``.
+  These variables were only used internally, and did not give a correct coung
+  in all circumstances.
+
 Deprecated Functionality
 ------------------------
 

scripts/base/protocols/ssl/consts.zeek

@@ -137,6 +137,53 @@ export {
 		[120] = "no_application_protocol",
 	} &default=function(i: count):string { return fmt("unknown-%d", i); };
 
+	# Map SSL Extension values to consts for easier readability of code.
+	# More information can be found here:
+	# http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xml
+	const SSL_EXTENSION_SERVER_NAME = 0;
+	const SSL_EXTENSION_MAX_FRAGMENT_LENGTH = 1;
+	const SSL_EXTENSION_CLIENT_CERTIFICATE_URL = 2;
+	const SSL_EXTENSION_TRUSTED_CA_KEYS = 3;
+	const SSL_EXTENSION_TRUNCATED_HMAC = 4;
+	const SSL_EXTENSION_STATUS_REQUEST = 5;
+	const SSL_EXTENSION_USER_MAPPING = 6;
+	const SSL_EXTENSION_CLIENT_AUTHZ = 7;
+	const SSL_EXTENSION_SERVER_AUTHZ = 8;
+	const SSL_EXTENSION_CERT_TYPE = 9;
+	const SSL_EXTENSION_SUPPORTED_GROUPS = 10;
+	const SSL_EXTENSION_EC_POINT_FORMATS = 11;
+	const SSL_EXTENSION_SRP = 12;
+	const SSL_EXTENSION_SIGNATURE_ALGORITHMS = 13;
+	const SSL_EXTENSION_USE_SRTP = 14;
+	const SSL_EXTENSION_HEARTBEAT = 15;
+	const SSL_EXTENSION_APPLICATION_LAYER_PROTOCOL_NEGOTIATION = 16;
+	const SSL_EXTENSION_STATUS_REQUEST_V2 = 17;
+	const SSL_EXTENSION_SIGNED_CERTIFICATE_TIMESTAMP = 18;
+	const SSL_EXTENSION_CLIENT_CERTIFICATE_TYPE = 19;
+	const SSL_EXTENSION_SERVER_CERTIFICATE_TYPE = 20;
+	const SSL_EXTENSION_PADDING = 21;
+	const SSL_EXTENSION_ENCRYPT_THEN_MAC = 22;
+	const SSL_EXTENSION_EXTENDED_MASTER_SECRET = 23;
+	const SSL_EXTENSION_TOKEN_BINDING = 24;
+	const SSL_EXTENSION_CACHED_INFO = 25;
+	const SSL_EXTENSION_SESSIONTICKET_TLS = 35;
+	const SSL_EXTENSION_KEY_SHARE = 40;
+	const SSL_EXTENSION_PRE_SHARED_KEY = 41;
+	const SSL_EXTENSION_EARLY_DATA = 42;
+	const SSL_EXTENSION_SUPPORTED_VERSIONS = 43;
+	const SSL_EXTENSION_COOKIE = 44;
+	const SSL_EXTENSION_PSK_KEY_EXCHANGE_MODES = 45;
+	const SSL_EXTENSION_TICKETEARLYDATAINFO = 46;
+	const SSL_EXTENSION_CERTIFICATE_AUTHORITIES = 47;
+	const SSL_EXTENSION_OID_FILTERS = 48;
+	const SSL_EXTENSION_NEXT_PROTOCOL_NEGOTIATION = 13172;
+	const SSL_EXTENSION_ORIGIN_BOUND_CERTIFICATES = 13175;
+	const SSL_EXTENSION_ENCRYPTED_CLIENT_CERTIFICATES = 13180;
+	const SSL_EXTENSION_CHANNEL_ID = 30031;
+	const SSL_EXTENSION_CHANNEL_ID_NEW = 30032;
+	const SSL_EXTENSION_PADDING_TEMP = 35655;
+	const SSL_EXTENSION_RENEGOTIATION_INFO = 65281;
+
 	## Mapping between numeric codes and human readable strings for SSL/TLS
 	## extensions.
 	# More information can be found here:

scripts/base/protocols/ssl/main.zeek

@@ -303,14 +303,14 @@ event ssl_extension(c: connection, is_orig: bool, code: count, val: string) &pri
 	{
 	set_session(c);
 
-	if ( is_orig && code == 35 && |val| > 0 ) # 35 == SessionTicket TLS
+	if ( is_orig && code == SSL_EXTENSION_SESSIONTICKET_TLS && |val| > 0 )
 		# In this case, we might have an empty ID. Set back to F in client_hello event
 		# if it is not empty after all.
 		c$ssl$client_ticket_empty_session_seen = T;
-	else if ( is_orig && code == 41 ) # 41 == pre_shared_key
+	else if ( is_orig && code == SSL_EXTENSION_PRE_SHARED_KEY )
 		# In this case, the client sent a PSK extension which can be used for resumption
 		c$ssl$client_psk_seen = T;
-	else if ( ! is_orig && code == 41 && c$ssl$client_psk_seen )
+	else if ( ! is_orig && code == SSL_EXTENSION_PRE_SHARED_KEY && c$ssl$client_psk_seen )
 		# In this case, the server accepted the PSK offered by the client.
 		c$ssl$resumed = T;
 	}

src/analyzer/protocol/ssl/events.bif

@@ -583,7 +583,7 @@ event ssl_encrypted_data%(c: connection, is_orig: bool, record_version: count, c
 ## not correct; the client can send more handshake packets before the finished message, e.g.,
 ## when client certificates are used.
 ##
-## Note that :zeek:see:SSL::ssl_encrypted_data is also raised for these messages.
+## Note that :zeek:see::ssl_encrypted_data is also raised for these messages.
 ##
 ## c: The connection.
 ##