URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a2368cd1243f49f9fe3376f09572bb747307c93b
Submitter: "Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark
Commits:
a2368cd by Peter Wu (peter@xxxxxxxxxxxxx):
QUIC: ignore invalid short header packet to fix decryption
The unencrypted padding after the client Initial Packet was interpreted
as a short header packet. At that point, the TLS dissector has not
encountered the Server Hello yet and was not able to provide decryption
secrets. The QUIC dissector wrongly assumed that decryption would never
be possible from that point on.
Add a comment to clarify why decryption was skipped, and avoid treating
the zero padding as Short Header (SH) packets to fix decryption.
Alternatively, the short header dissector could try to validate the DCID
in SH packets, but that might result in failure to dissect legitimate SH
packets when the handshake packets are missing.
Ping-Bug: 13881
Change-Id: Id20eb23c976226cb3ef78ac91f25a291f94dc805
Reviewed-on: https://code.wireshark.org/review/36000
Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
Actions performed:
from f5c70db extcap: Check for valid PID before killing child process
add a2368cd QUIC: ignore invalid short header packet to fix decryption
Summary of changes:
epan/dissectors/packet-quic.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)