http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=54122
User: alagoutte
Date: 2013/12/15 04:16 PM
Log:
From Peter Wu via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9546
PSK stream does not get decrypted with other TLS streams
Fix PSK decryption with keylog file
Session IDs may be empty (length zero). Currently, these sessions are
still stored in the session cache which is quite useless as is is very
likely that multiple TLS streams have no Session ID in their Hello
messages. This causes the wrong premaster secret to be restored when the
ClientHello is dissected (via dissect_ssl3_hnd_hello_common).
In the PSK case, this will prevent the SSL keylog file from being
consulted. When processing the ClientKeyExchange, the
ssl_generate_pre_master_secret function is called to set the pre-master
key... but this does not happen when ssl.psk is not available. In this
case, the PMK that was restored in ClientHello is used. This results in
faulty dissection.
RSA does not have this problem because it always tries to use the
private server key (and falls back to the keylog file).
This fix prevents empty session IDs from being stored with a PMK,
making the dissector use the keylog file for PSK.
Directory: /trunk/epan/dissectors/
Changes Path Action
+12 -0 packet-ssl-utils.c Modified