URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7a674c006b3d09735c9340ad74f02556fbd91cbd
Submitter: Alexis La Goutte (alexis.lagoutte@xxxxxxxxx)
Changed: branch: master
Repository: wireshark
Commits:
7a674c0 by Peter Wu (peter@xxxxxxxxxxxxx):
ssl: fix TLS renegotiation, add test for this
A handshake starts a new session, be sure to clear the previous state to
avoid creating a decoder with wrong secrets.
Renegotiations are also kind of transparant to the application layer, so
be sure to re-use an existing SslFlow. This fixes the Follow SSL stream
functionality which would previously ignore everything except for the
first session.
The capture file contains a crafted HTTP request/response over TLS 1.2,
interleaved with renegotiations. The HTTP response contains the Python
script used to generate the traffic. Surprise!
Change-Id: I0110ce76893d4a79330845e53e47e10f1c79e47e
Reviewed-on: https://code.wireshark.org/review/17480
Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
Actions performed:
from 36c8065 strtoi(.c): fix extra ';' outside of a function [-Wextra-semi]
adds 7a674c0 ssl: fix TLS renegotiation, add test for this
Summary of changes:
epan/dissectors/packet-ssl-utils.c | 57 +++++++++++++++++++++++++++++++---
test/captures/tls-renegotiation.pcap | Bin 0 -> 12935 bytes
test/suite-decryption.sh | 17 ++++++++++
3 files changed, 70 insertions(+), 4 deletions(-)
create mode 100644 test/captures/tls-renegotiation.pcap