Ethereal-dev: Re: [Ethereal-dev] Fwd: SSL Dissector Bug (EAP-TLS) with 802.1Xand SSL

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Paolo Abeni <paolo.abeni@xxxxxxxx>
Date: Fri, 17 Feb 2006 10:57:16 +0100
On Thu, 2006-02-16 at 21:45 +0100, Thomas Sillaber wrote: 
> capture file is attached

The attached patch should fix the issue.

pinfo->net_src and pinfo->net_dst where used to set up conversation, but
this fields are null on eap stream. use pinfo->src and pinfo->dst
instead.

The patch also enable strict checking in the 'follow ssl stream' dialog.

Paolo


 
 
 --
 Email.it, the professional e-mail, gratis per te: http://www.email.it/f
 
 Sponsor:
 Noleggia on line i tuoi DVD preferiti, 3 DVD subito GRATIS a casa tua!
 Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=4630&d=17-2
Index: gtk/ssl-dlg.c
===================================================================
--- gtk/ssl-dlg.c	(revision 17329)
+++ gtk/ssl-dlg.c	(working copy)
@@ -171,6 +171,10 @@
     return 0;
 }
 
+extern int 
+packet_is_ssl(epan_dissect_t* edt);
+
+
 /* Follow the SSL stream, if any, to which the last packet that we called
    a dissection routine on belongs (this might be the most recently
    selected packet, or it might be the last packet in the file). */
@@ -193,19 +197,25 @@
     GString* msg;
 
     /* we got ssl so we can follow */
-    if (cfile.edt->pi.ipproto != 6) {
-            simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
-                          "Error following stream.  Please make\n"
-                          "sure you have an SSL packet selected.");
-            return;
+    if (!packet_is_ssl(cfile.edt)) {
+        simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
+                      "Error following stream.  Please make\n"
+                      "sure you have an SSL packet selected.");
+        return;
     }
 
     follow_info = g_new0(follow_info_t, 1);
-    
     /* Create a new filter that matches all packets in the SSL stream,
        and set the display filter entry accordingly */
     reset_tcp_reassembly();
     follow_filter = build_follow_filter(&cfile.edt->pi);
+    if (!follow_filter)
+    {
+        simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
+                      "Error creating filter for this stream.\n"
+                      "A network layer header is needed");
+        return;
+    }
 
     /* Set the display filter entry accordingly */
     filter_te = OBJECT_GET_DATA(w, E_DFILTER_TE_KEY);
Index: gtk/menu.c
===================================================================
--- gtk/menu.c	(revision 17329)
+++ gtk/menu.c	(working copy)
@@ -1959,7 +1959,7 @@
 	return node_data->enabled;
 }
 
-static int 
+int 
 packet_is_ssl(epan_dissect_t* edt)
 {
   GPtrArray* array;
Index: epan/dissectors/packet-ssl.c
===================================================================
--- epan/dissectors/packet-ssl.c	(revision 17329)
+++ epan/dissectors/packet-ssl.c	(working copy)
@@ -1216,11 +1216,11 @@
             
         /* we need to know witch side of conversation is speaking*/
         if (ssl_packet_from_server(pinfo->srcport)) {
-            dummy.addr = pinfo->net_src;
+            dummy.addr = pinfo->src;
             dummy.port = pinfo->srcport;
         }
         else {
-            dummy.addr = pinfo->net_dst;
+            dummy.addr = pinfo->dst;
             dummy.port = pinfo->destport;
         }
         ssl_debug_printf("dissect_ssl server %hhd.%hhd.%hhd.%hhd:%d\n",