URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=aeaf42724def75fdf5d591d27c4ab6ca2f64d342
Submitter: Peter Wu (peter@xxxxxxxxxxxxx)
Changed: branch: master-2.2
Repository: wireshark
Commits:
aeaf427 by Peter Wu (peter@xxxxxxxxxxxxx):
eap: fix EAPOL conversation tracking, fixes TLS decryption
Use new heuristics based on the EAP Code field to determine whether a
field originates from the client or server. This is more reliable than
using "pinfo->match_uint" for two reasons: (1) the heuristics dissector
does not set "match_uint" (resulting in an arbitrary match on the
previous value) and (2) with EAP over EAPOL, there is no matching port
number (resulting in two conversations with different addresses and port
number zero).
To fix TLS decryption, make sure to create a single conversation for
both direction and allow the port type to be PT_NONE (to avoid reporting
all packets as originating from the server).
Bug: 12879
Change-Id: I7b4267a27ffcf68bf9d3f6a90d6e6e2093733f51
Reviewed-on: https://code.wireshark.org/review/17703
Petri-Dish: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@xxxxxxxxxxxxx>
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
(cherry picked from commit f2e79776a78ad245c3fa0e079601f5ea7b9cce2f)
Reviewed-on: https://code.wireshark.org/review/17715
Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
Actions performed:
from 63ca6bb Fix a test to work with Xcode 8.
adds aeaf427 eap: fix EAPOL conversation tracking, fixes TLS decryption
Summary of changes:
epan/dissectors/packet-eap.c | 64 ++++++++++++++++++++++++++++--------
epan/dissectors/packet-ssl-utils.c | 2 +-
2 files changed, 51 insertions(+), 15 deletions(-)