Start renaming SSL to TLS.

Rename the "ssl" protocol to "tls" and add an "ssl" alias. Prefer "TLS" over "SSL" in user interface text and in the documentation. Fix the test_tls_master_secret test while we're here. Bug: 14922 Change-Id: Iab6ba2c7c4c0f8f6dd0f6d5d90fac5e9486612f8 Reviewed-on: https://code.wireshark.org/review/29649 Petri-Dish: Gerald Combs <gerald@wireshark.org> Reviewed-by: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Gerald Combs <gerald@wireshark.org>
wireshark · Sep 13, 2018 · cd95e19 · cd95e19
1 parent 63743a3
commit cd95e19
Show file tree

Hide file tree

Showing 51 changed files with 448 additions and 442 deletions.
diff --git a/doc/tshark.pod b/doc/tshark.pod
@@ -99,7 +99,7 @@ L<https://www.wireshark.org/docs/man-pages/wireshark.html> is a detailed
 description of the way B<Wireshark> handles this, which is the same way
 B<Tshark> handles this.
 
-Compressed file support uses (and therefore requires) the zlib library. 
+Compressed file support uses (and therefore requires) the zlib library.
 If the zlib library is not present when compiling B<TShark>, it will be
 possible to compile it, but the resulting program will be unable to read
 compressed files.
@@ -130,7 +130,7 @@ Read filters in B<TShark>, which allow you to select which packets are
 to be decoded or written to a file, are very powerful; more fields are
 filterable in B<TShark> than in other protocol analyzers, and the syntax
 you can use to create your filters is richer.  As B<TShark> progresses,
-expect more and more protocol fields to be allowed in read filters. 
+expect more and more protocol fields to be allowed in read filters.
 Read filters use the same syntax as display and color filters in
 B<Wireshark>; a read filter is specified with the B<-R> option.
 
@@ -1214,7 +1214,7 @@ I<prot> specifies the transport protocol.  It can be one of:
 
   tcp   TCP
   udp   UDP
-  ssl   SSL
+  tls   TLS or SSL
 
 I<mode> specifies the output mode.  It can be one of:
 
@@ -1227,7 +1227,7 @@ Since the output in B<ascii> or B<ebcdic> mode may contain newlines, the length
 of each section of output plus a newline precedes each section of output.
 
 I<filter> specifies the stream to be displayed. UDP/TCP streams are selected
-with either the stream index or IP address plus port pairs. SSL streams are
+with either the stream index or IP address plus port pairs. TLS streams are
 selected with the stream index. For example:
 
   ip-addr0:port0,ip-addr1:port1

diff --git a/doc/wireshark.pod.template b/doc/wireshark.pod.template
@@ -1462,7 +1462,7 @@ save it as text to a file.
 
 =item Analyze:Follow UDP Stream
 
-=item Analyze:Follow SSL Stream
+=item Analyze:Follow TLS Stream
 
 (Similar to Analyze:Follow TCP Stream)
 

diff --git a/docbook/release-notes.asciidoc b/docbook/release-notes.asciidoc
@@ -49,6 +49,9 @@ since version 2.6.0:
 * The BOOTP dissector has been renamed to DHCP. With the exception of
   “bootp.dhcp”, the old “bootp.*” display filter fields are still supported
   but may be removed in a future release.
+* The SSL dissector has been renamed to TLS. As with BOOTP the old
+  “ssl.*” display filter fields are supported but may be removed in a
+  future release.
 
 === Removed Features and Support
 

diff --git a/docbook/wsdg_src/WSDG_chapter_libraries.asciidoc b/docbook/wsdg_src/WSDG_chapter_libraries.asciidoc
@@ -229,7 +229,7 @@ https://www.winpcap.org/install/[]
 
 === GnuTLS (optional)
 
-The GNU Transport Layer Security Library is used to dissect SSL and TLS
+The GNU Transport Layer Security Library is used to dissect TLS and SSL
 protocols (aka: HTTPS).
 
 [[ChLibsUnixGNUTLS]]

diff --git a/docbook/wsug_src/WSUG_chapter_advanced.asciidoc b/docbook/wsug_src/WSUG_chapter_advanced.asciidoc
@@ -18,10 +18,10 @@ This chapter will describe some of Wireshark’s advanced features.
 It can be very helpful to see protocol in the way that the application
 layer sees it. Perhaps you are looking for passwords in a Telnet stream,
 or you are trying to make sense of a data stream. Maybe you just need a
-display filter to show only the packets in an SSL stream. If so,
+display filter to show only the packets in a TLS or SSL stream. If so,
 Wireshark’s ability to follow protocol streams will be useful to you.
 
-Simply select a TCP, UDP, SSL, or HTTP packet in the packet list of the stream/connection you are
+Simply select a TCP, UDP, TLS, or HTTP packet in the packet list of the stream/connection you are
 interested in and then select the Follow TCP Stream menu item from the Wireshark
 Tools menu (or use the context menu in the packet list). Wireshark will set an
 appropriate display filter and pop up a dialog box with all the data from the

diff --git a/docbook/wsug_src/WSUG_chapter_statistics.asciidoc b/docbook/wsug_src/WSUG_chapter_statistics.asciidoc
@@ -129,7 +129,7 @@ be counted for each packet. Example: In the screenshot IP has 99.9% and TCP
 Protocol layers can consist of packets that won’t contain any higher layer
 protocol, so the sum of all higher layer packets may not sum up to the protocols
 packet count. Example: In the screenshot TCP has 98.5% but the sum of the
-subprotocols (SSL, HTTP, etc) is much less. This can be caused by continuation
+subprotocols (TLS, HTTP, etc) is much less. This can be caused by continuation
 frames, TCP protocol overhead, and other undissected data.
 
 A single packet can contain the same protocol more than once. In this case, the

diff --git a/docbook/wsug_src/WSUG_chapter_use.asciidoc b/docbook/wsug_src/WSUG_chapter_use.asciidoc
@@ -541,7 +541,7 @@ image::wsug_graphics/ws-analyze-menu.png[{screenshot-attrs}]
 |menu:User Specified Decodes...[]   ||This menu item allows the user to force Wireshark to decode certain packets as a particular protocol, see <<ChAdvDecodeAsShow>>
 |menu:Follow[TCP Stream]            ||This menu item brings up a separate window and displays all the TCP segments captured that are on the same TCP connection as a selected packet, see <<ChAdvFollowStreamSection>>
 |menu:Follow[UDP Stream]            ||Same functionality as “Follow TCP Stream” but for UDP streams.
-|menu:Follow[SSL Stream]            ||Same functionality as “Follow TCP Stream” but for SSL streams. See the wiki page on link:{wireshark-wiki-url}SSL[SSL] for instructions on providing SSL keys.
+|menu:Follow[TLS Stream]            ||Same functionality as “Follow TCP Stream” but for TLS or SSL streams. See the wiki page on link:{wireshark-wiki-url}SSL[SSL] for instructions on providing TLS keys.
 |menu:Follow[HTTP Stream]           ||Same functionality as “Follow TCP Stream” but for HTTP streams.
 |menu:Expert Info[]                 ||Open a dialog showing some expert information about the captured packets. The amount of information will depend on the protocol and varies from  very detailed to non-existent. XXX - add a new section about this and link from here
 |menu:Conversation Filter[...]      ||In this menu you will find conversation filter for various protocols.

diff --git a/docbook/wsug_src/WSUG_chapter_work.asciidoc b/docbook/wsug_src/WSUG_chapter_work.asciidoc
@@ -113,7 +113,7 @@ The following table gives an overview of which functions are available  in this
 |menu:SCTP[]|| Allows you to analyze and prepare a filter for this SCTP association.
 |menu:Follow TCP Stream[]|menu:Analyze[]| Allows you to view all the data on a TCP  stream between a pair of nodes.
 |menu:Follow UDP Stream[]|menu:Analyze[]| Allows you to view all the data on a UDP datagram stream between a pair of nodes.
-|menu:Follow SSL Stream[]|menu:Analyze[]| Same as “Follow TCP Stream” but for SSL. XXX - add a new section describing this better.
+|menu:Follow TLS Stream[]|menu:Analyze[]| Same as “Follow TCP Stream” but for TLS or SSL. XXX - add a new section describing this better.
 |menu:Copy/ Summary (Text)[]|| Copy the summary fields as displayed to the clipboard, as tab-separated text.
 |menu:Copy/ Summary (CSV)[]|| Copy the summary fields as displayed to the clipboard, as comma-separated text.
 |menu:Copy/ As Filter[]|| Prepare a display filter based on the currently selected item and copy that filter to the clipboard.
@@ -157,7 +157,7 @@ description of each item.
 |menu:Colorize with Filter[]|| This menu item uses a display filter with the information from the selected protocol item to build a new colorizing rule.
 |menu:Follow TCP Stream[]|menu:Analyze[]| Allows you to view all the data on a TCP stream between a pair of nodes.
 |menu:Follow UDP Stream[]|menu:Analyze[]| Allows you to view all the data on a UDP datagram stream between a pair of nodes.
-|menu:Follow SSL Stream[]|menu:Analyze[]| Same as “Follow TCP Stream” but for SSL. XXX - add a new section describing this better.
+|menu:Follow TLS Stream[]|menu:Analyze[]| Same as “Follow TCP Stream” but for TLS. XXX - add a new section describing this better.
 |menu:Copy/ Description[]|menu:Edit[]| Copy the displayed text of the selected field to the system  clipboard.
 |menu:Copy/ Fieldname[]|menu:Edit[]| Copy the name of the selected field to the system clipboard.
 |menu:Copy/ Value[]|menu:Edit[]| Copy the value of the selected field to the system clipboard.

diff --git a/epan/dissectors/asn1/credssp/packet-credssp-template.c b/epan/dissectors/asn1/credssp/packet-credssp-template.c
@@ -158,7 +158,7 @@ void proto_register_credssp(void) {
 /*--- proto_reg_handoff_credssp --- */
 void proto_reg_handoff_credssp(void) {
 
-  heur_dissector_add("ssl", dissect_credssp_heur, "CredSSP over SSL", "credssp_ssl", proto_credssp, HEURISTIC_ENABLE);
+  heur_dissector_add("tls", dissect_credssp_heur, "CredSSP over TLS", "credssp_tls", proto_credssp, HEURISTIC_ENABLE);
   exported_pdu_tap = find_tap_id(EXPORT_PDU_TAP_NAME_LAYER_7);
 }
 
diff --git a/epan/dissectors/asn1/ldap/ldap.cnf b/epan/dissectors/asn1/ldap/ldap.cnf
@@ -441,7 +441,7 @@ ldap_conv_info_t *ldap_info;
   if (ldap_info && ldap_info->start_tls_pending &&
       hf_index == hf_ldap_extendedResponse_resultCode && resultCode == 0) {
     /* The conversation will continue using SSL */
-    ssl_starttls_ack(find_dissector("ssl"), actx->pinfo, ldap_handle);
+    ssl_starttls_ack(find_dissector("tls"), actx->pinfo, ldap_handle);
     ldap_info->start_tls_pending = FALSE;
   }
 

diff --git a/epan/dissectors/asn1/ldap/packet-ldap-template.c b/epan/dissectors/asn1/ldap/packet-ldap-template.c
@@ -217,7 +217,7 @@ static dissector_handle_t gssapi_handle;
 static dissector_handle_t gssapi_wrap_handle;
 static dissector_handle_t ntlmssp_handle;
 static dissector_handle_t spnego_handle;
-static dissector_handle_t ssl_handle;
+static dissector_handle_t tls_handle;
 static dissector_handle_t ldap_handle ;
 
 static void prefs_register_ldap(void); /* forward declaration for use in preferences registration */
@@ -2205,8 +2205,8 @@ void proto_register_ldap(void) {
     " To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.",
     &ldap_desegment);
 
-  prefs_register_uint_preference(ldap_module, "ssl.port", "LDAPS TCP Port",
-                                 "Set the port for LDAP operations over SSL",
+  prefs_register_uint_preference(ldap_module, "tls.port", "LDAPS TCP Port",
+                                 "Set the port for LDAP operations over TLS",
                                  10, &global_ldaps_tcp_port);
   /* UAT */
   attributes_uat = uat_new("Custom LDAP AttributeValue types",
@@ -2260,7 +2260,7 @@ proto_reg_handoff_ldap(void)
 
   ntlmssp_handle = find_dissector_add_dependency("ntlmssp", proto_ldap);
 
-  ssl_handle = find_dissector_add_dependency("ssl", proto_ldap);
+  tls_handle = find_dissector_add_dependency("tls", proto_ldap);
 
   prefs_register_ldap();
 

diff --git a/epan/dissectors/packet-aim.c b/epan/dissectors/packet-aim.c
@@ -4548,7 +4548,7 @@ proto_reg_handoff_aim(void)
 
 	ssl_dissector_add(0, aim_handle);
 	/* Heuristics disabled by default, it is really weak... */
-	heur_dissector_add("ssl", dissect_aim_ssl_heur, "AIM over SSL", "aim_ssl", proto_aim, HEURISTIC_DISABLE);
+	heur_dissector_add("tls", dissect_aim_ssl_heur, "AIM over TLS", "aim_tls", proto_aim, HEURISTIC_DISABLE);
 
 
 	aim_init_family(proto_aim_admin, ett_aim_admin, FAMILY_ADMIN, aim_fnac_family_admin);

diff --git a/epan/dissectors/packet-amqp.c b/epan/dissectors/packet-amqp.c
@@ -44,7 +44,7 @@ void proto_reg_handoff_amqp(void);
 /*  Generic data  */
 
 #define AMQP_PORT   5672
-static guint amqps_port = 5671; /* AMQP over TLS/SSL */
+static guint amqps_port = 5671; /* AMQP over SSL/TLS */
 
 /*
  * This dissector handles AMQP 0-9, 0-10 and 1.0. The conversation structure
@@ -13404,9 +13404,9 @@ proto_register_amqp(void)
 
     amqp_module = prefs_register_protocol(proto_amqp, proto_reg_handoff_amqp);
 
-    prefs_register_uint_preference(amqp_module, "ssl.port",
+    prefs_register_uint_preference(amqp_module, "tls.port",
                                    "AMQPS listening TCP Port",
-                                   "Set the TCP port for AMQP over TLS/SSL"
+                                   "Set the TCP port for AMQP over SSL/TLS"
                                    "(if other than the default of 5671)",
                                    10, &amqps_port);
 
@@ -13430,7 +13430,7 @@ proto_reg_handoff_amqp(void)
         initialize = TRUE;
     }
 
-    /* Register for TLS/SSL payload dissection */
+    /* Register for SSL/TLS payload dissection */
     if (old_amqps_port != amqps_port) {
         if (old_amqps_port != 0)
             ssl_dissector_delete(old_amqps_port, amqp_tcp_handle);

diff --git a/epan/dissectors/packet-couchbase.c b/epan/dissectors/packet-couchbase.c
@@ -2584,8 +2584,8 @@ proto_register_couchbase(void)
                                  " to reassemble TCP streams\" in the TCP protocol settings.",
                                  &couchbase_desegment_body);
 
-  prefs_register_uint_preference(couchbase_module, "ssl_port", "SSL/TLS Data Port",
-                                 "The port used for communicating with the data service via ssl/tls",
+  prefs_register_uint_preference(couchbase_module, "tls_port", "SSL/TLS Data Port",
+                                 "The port used for communicating with the data service via SSL/TLS",
                                  10, &couchbase_ssl_port_pref);
 
 

diff --git a/epan/dissectors/packet-credssp.c b/epan/dissectors/packet-credssp.c
@@ -534,7 +534,7 @@ void proto_register_credssp(void) {
 /*--- proto_reg_handoff_credssp --- */
 void proto_reg_handoff_credssp(void) {
 
-  heur_dissector_add("ssl", dissect_credssp_heur, "CredSSP over SSL", "credssp_ssl", proto_credssp, HEURISTIC_ENABLE);
+  heur_dissector_add("tls", dissect_credssp_heur, "CredSSP over TLS", "credssp_tls", proto_credssp, HEURISTIC_ENABLE);
   exported_pdu_tap = find_tap_id(EXPORT_PDU_TAP_NAME_LAYER_7);
 }
 
diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c
@@ -17,7 +17,7 @@
  * Notes :
  * This dissector is based on the TLS dissector (packet-ssl.c); Because of the similarity
  *   of DTLS and TLS, decryption works like TLS with RSA key exchange.
- * This dissector uses the sames things (file, libraries) as the SSL dissector (gnutls, packet-ssl-utils.h)
+ * This dissector uses the sames things (file, libraries) as the TLS dissector (gnutls, packet-ssl-utils.h)
  *  to make it easily maintainable.
  *
  * It was developed to dissect and decrypt the OpenSSL v 0.9.8f DTLS implementation.

diff --git a/epan/dissectors/packet-eap.c b/epan/dissectors/packet-eap.c
@@ -97,7 +97,7 @@ static expert_field ei_eap_dictionary_attacks = EI_INIT;
 
 static dissector_handle_t eap_handle;
 
-static dissector_handle_t ssl_handle;
+static dissector_handle_t tls_handle;
 
 const value_string eap_code_vals[] = {
   { EAP_REQUEST,  "Request" },
@@ -1144,7 +1144,7 @@ dissect_eap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
               show_fragment_seq_tree(fd_head, &eap_tls_frag_items,
                                      eap_tree, pinfo, next_tvb, &frag_tree_item);
 
-              call_dissector(ssl_handle, next_tvb, pinfo, eap_tree);
+              call_dissector(tls_handle, next_tvb, pinfo, eap_tree);
 
               /*
                * We're finished reassembing this frame.
@@ -1158,7 +1158,7 @@ dissect_eap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
 
           } else { /* this data is NOT fragmented */
             next_tvb = tvb_new_subset_length_caplen(tvb, offset, tvb_len, size);
-            call_dissector(ssl_handle, next_tvb, pinfo, eap_tree);
+            call_dissector(tls_handle, next_tvb, pinfo, eap_tree);
           }
         }
       }
@@ -1687,7 +1687,7 @@ proto_reg_handoff_eap(void)
   /*
    * Get a handle for the SSL/TLS dissector.
    */
-  ssl_handle = find_dissector_add_dependency("ssl", proto_eap);
+  tls_handle = find_dissector_add_dependency("tls", proto_eap);
 
   dissector_add_uint("ppp.protocol", PPP_EAP, eap_handle);
   dissector_add_uint("eapol.type", EAPOL_EAP, eap_handle);

diff --git a/epan/dissectors/packet-fix.c b/epan/dissectors/packet-fix.c
@@ -538,7 +538,7 @@ proto_reg_handoff_fix(void)
 {
     /* Let the tcp dissector know that we're interested in traffic      */
     heur_dissector_add("tcp", dissect_fix_heur, "FIX over TCP", "fix_tcp", proto_fix, HEURISTIC_ENABLE);
-    heur_dissector_add("ssl", dissect_fix_heur_ssl, "FIX over SSL", "fix_ssl", proto_fix, HEURISTIC_ENABLE);
+    heur_dissector_add("tls", dissect_fix_heur_ssl, "FIX over TLS", "fix_tls", proto_fix, HEURISTIC_ENABLE);
     dissector_add_uint_range_with_preference("tcp.port", "", fix_handle);
 }
 

diff --git a/epan/dissectors/packet-http.c b/epan/dissectors/packet-http.c
@@ -141,7 +141,7 @@ static expert_field ei_http_bad_header_name = EI_INIT;
 
 static dissector_handle_t http_handle;
 static dissector_handle_t http_tcp_handle;
-static dissector_handle_t http_ssl_handle;
+static dissector_handle_t http_tls_handle;
 static dissector_handle_t http_sctp_handle;
 
 static dissector_handle_t media_handle;
@@ -3634,12 +3634,12 @@ dissect_ssdp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_
 
 static void
 range_delete_http_ssl_callback(guint32 port, gpointer ptr _U_) {
-	ssl_dissector_delete(port, http_ssl_handle);
+	ssl_dissector_delete(port, http_tls_handle);
 }
 
 static void
 range_add_http_ssl_callback(guint32 port, gpointer ptr _U_) {
-	ssl_dissector_add(port, http_ssl_handle);
+	ssl_dissector_add(port, http_tls_handle);
 }
 
 static void reinit_http(void) {
@@ -3974,7 +3974,7 @@ proto_register_http(void)
 
 	http_handle = register_dissector("http", dissect_http, proto_http);
 	http_tcp_handle = register_dissector("http-over-tcp", dissect_http_tcp, proto_http);
-	http_ssl_handle = register_dissector("http-over-tls", dissect_http_ssl, proto_http); /* RFC 2818 */
+	http_tls_handle = register_dissector("http-over-tls", dissect_http_ssl, proto_http); /* RFC 2818 */
 	http_sctp_handle = register_dissector("http-over-sctp", dissect_http_sctp, proto_http);
 
 	http_module = prefs_register_protocol(proto_http, reinit_http);
@@ -4014,7 +4014,7 @@ proto_register_http(void)
 					&global_http_sctp_range, 65535);
 
 	range_convert_str(wmem_epan_scope(), &global_http_ssl_range, SSL_DEFAULT_RANGE, 65535);
-	prefs_register_range_preference(http_module, "ssl.port", "SSL/TLS Ports",
+	prefs_register_range_preference(http_module, "tls.port", "SSL/TLS Ports",
 					"SSL/TLS Ports range",
 					&global_http_ssl_range, 65535);
 	/* UAT */
@@ -4148,7 +4148,7 @@ proto_reg_handoff_http(void)
 	 * SSL/TLS Application-Layer Protocol Negotiation (ALPN) protocol
 	 * ID.
 	 */
-	dissector_add_string("ssl.handshake.extensions_alpn_str", "http/1.1", http_ssl_handle);
+	dissector_add_string("tls.handshake.extensions_alpn_str", "http/1.1", http_tls_handle);
 
 	ntlmssp_handle = find_dissector_add_dependency("ntlmssp", proto_http);
 	gssapi_handle = find_dissector_add_dependency("gssapi", proto_http);

diff --git a/epan/dissectors/packet-http2.c b/epan/dissectors/packet-http2.c
@@ -3349,11 +3349,11 @@ proto_reg_handoff_http2(void)
     /*
      * SSL/TLS Application-Layer Protocol Negotiation (ALPN) protocol ID.
      */
-    dissector_add_string("ssl.handshake.extensions_alpn_str", "h2", http2_handle);
+    dissector_add_string("tls.handshake.extensions_alpn_str", "h2", http2_handle);
     dissector_add_string("http.upgrade", "h2", http2_handle);
     dissector_add_string("http.upgrade", "h2c", http2_handle);
 
-    heur_dissector_add("ssl", dissect_http2_heur_ssl, "HTTP2 over SSL", "http2_ssl", proto_http2, HEURISTIC_ENABLE);
+    heur_dissector_add("tls", dissect_http2_heur_ssl, "HTTP2 over TLS", "http2_tls", proto_http2, HEURISTIC_ENABLE);
     heur_dissector_add("http", dissect_http2_heur, "HTTP2 over TCP", "http2_tcp", proto_http2, HEURISTIC_ENABLE);
 
     stats_tree_register("http2", "http2", "HTTP2", 0, http2_stats_tree_packet, http2_stats_tree_init, NULL);

diff --git a/epan/dissectors/packet-imap.c b/epan/dissectors/packet-imap.c
@@ -38,7 +38,7 @@ static gint ett_imap = -1;
 static gint ett_imap_reqresp = -1;
 
 static dissector_handle_t imap_handle;
-static dissector_handle_t ssl_handle;
+static dissector_handle_t tls_handle;
 
 static gboolean imap_ssl_heuristic = TRUE;
 
@@ -133,9 +133,9 @@ dissect_imap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_
   if (session_state->ssl_heur_tries_left > 0) {
     session_state->ssl_heur_tries_left--;
     if (!check_imap_heur(tvb)) {
-      ssl_starttls_post_ack(ssl_handle, pinfo, imap_handle);
+      ssl_starttls_post_ack(tls_handle, pinfo, imap_handle);
       session_state->ssl_heur_tries_left = 0;
-      return call_dissector(ssl_handle, tvb, pinfo, tree);
+      return call_dissector(tls_handle, tvb, pinfo, tree);
     }
   }
 
@@ -304,7 +304,7 @@ dissect_imap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_
           if (session_state->ssl_requested) {
             if (!is_request && strncmp(tokenbuf, "ok", tokenlen) == 0) {
               /* STARTTLS accepted, next reply will be TLS. */
-              ssl_starttls_ack(ssl_handle, pinfo, imap_handle);
+              ssl_starttls_ack(tls_handle, pinfo, imap_handle);
               if (session_state->ssl_heur_tries_left > 0) {
                 session_state->ssl_heur_tries_left = 0;
               }
@@ -417,7 +417,7 @@ proto_reg_handoff_imap(void)
 {
   dissector_add_uint_with_preference("tcp.port", TCP_PORT_IMAP, imap_handle);
   ssl_dissector_add(TCP_PORT_SSL_IMAP, imap_handle);
-  ssl_handle = find_dissector("ssl");
+  tls_handle = find_dissector("tls");
 }
 /*
  * Editor modelines  -  http://www.wireshark.org/tools/modelines.html