URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6eebb5aa8b8590233d625a9a8e2f0012579c79fe
Submitter: Peter Wu (peter@xxxxxxxxxxxxx)
Changed: branch: master-2.2
Repository: wireshark
Commits:
6eebb5a by Peter Wu (peter@xxxxxxxxxxxxx):
ssl-utils: ensure that the cipher suite matches decoder
When the cipher suite for the current decryption session is changed via
a Server Hello, it should not change the cipher suite field of the
decoder. Otherwise there is a mismatch between the cipher suite and the
capabilities of the decoder.
Fix this issue by making the decoder hold a pointer to the (constant)
SslCipherSuite structure rather than making a copy (and have the decoder
point to that data).
I also considered resetting the decoder once the cipher suite changes in
the Server Hello, but that breaks renegotiation.
Bug: 12665
Change-Id: Ieff38a535cd111d95933ec383378643b6fbab7bf
Reviewed-on: https://code.wireshark.org/review/16674
Reviewed-by: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Petri-Dish: Pascal Quantin <pascal.quantin@xxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
(cherry picked from commit ae0f130582c36978908a965aed32e446ba8d40db)
Reviewed-on: https://code.wireshark.org/review/16716
Actions performed:
from 9b2ec33 Transifex: Add master-22 branch
adds 6eebb5a ssl-utils: ensure that the cipher suite matches decoder
Summary of changes:
epan/dissectors/packet-ssl-utils.c | 134 +++++++++++++++++++-----------------
epan/dissectors/packet-ssl-utils.h | 11 ++-
epan/dissectors/packet-ssl.c | 5 +-
3 files changed, 80 insertions(+), 70 deletions(-)