URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=29995b501c2ce58e3164e23d14853e7b7fca7063
Submitter: "Anders Broman <a.broman58@xxxxxxxxx>"
Changed: branch: master-3.2
Repository: wireshark
Commits:
29995b5 by Peter Wu (peter@xxxxxxxxxxxxx):
QUIC: ignore invalid short header packet to fix decryption
The unencrypted padding after the client Initial Packet was interpreted
as a short header packet. At that point, the TLS dissector has not
encountered the Server Hello yet and was not able to provide decryption
secrets. The QUIC dissector wrongly assumed that decryption would never
be possible from that point on.
Add a comment to clarify why decryption was skipped, and avoid treating
the zero padding as Short Header (SH) packets to fix decryption.
Alternatively, the short header dissector could try to validate the DCID
in SH packets, but that might result in failure to dissect legitimate SH
packets when the handshake packets are missing.
Ping-Bug: 13881
Change-Id: Id20eb23c976226cb3ef78ac91f25a291f94dc805
Reviewed-on: https://code.wireshark.org/review/36000
Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
(cherry picked from commit a2368cd1243f49f9fe3376f09572bb747307c93b)
Reviewed-on: https://code.wireshark.org/review/36103
Petri-Dish: Anders Broman <a.broman58@xxxxxxxxx>
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
Actions performed:
from 26d9a5e QUIC: recognize Connection ID between 1 and 3 bytes
add 29995b5 QUIC: ignore invalid short header packet to fix decryption
Summary of changes:
epan/dissectors/packet-quic.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)