URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ae0f130582c36978908a965aed32e446ba8d40db
Submitter: Peter Wu (peter@xxxxxxxxxxxxx)
Changed: branch: master
Repository: wireshark
Commits:
ae0f130 by Peter Wu (peter@xxxxxxxxxxxxx):
ssl-utils: ensure that the cipher suite matches decoder
When the cipher suite for the current decryption session is changed via
a Server Hello, it should not change the cipher suite field of the
decoder. Otherwise there is a mismatch between the cipher suite and the
capabilities of the decoder.
Fix this issue by making the decoder hold a pointer to the (constant)
SslCipherSuite structure rather than making a copy (and have the decoder
point to that data).
I also considered resetting the decoder once the cipher suite changes in
the Server Hello, but that breaks renegotiation.
Bug: 12665
Change-Id: Ieff38a535cd111d95933ec383378643b6fbab7bf
Reviewed-on: https://code.wireshark.org/review/16674
Reviewed-by: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Petri-Dish: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
Actions performed:
from fc6c9e4 IPv6: Fix dissection with IPv6 No Next Header
adds ae0f130 ssl-utils: ensure that the cipher suite matches decoder
Summary of changes:
epan/dissectors/packet-ssl-utils.c | 134 +++++++++++++++++++-----------------
epan/dissectors/packet-ssl-utils.h | 11 ++-
epan/dissectors/packet-ssl.c | 5 +-
3 files changed, 80 insertions(+), 70 deletions(-)