URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e7e52e9b0d35e9d7eb7eddfa3bc027ace0dfece6
Submitter: "Peter Wu <peter@xxxxxxxxxxxxx>"
Changed: branch: master-3.2
Repository: wireshark
Commits:
e7e52e9 by Peter Wu (peter@xxxxxxxxxxxxx):
DTLS: try harder to decrypt broken traces with double CCS
A retransmitted ChangeCipherSpec could result in resetting the cipher.
The subsequent Finished message and application data messages would
therefore fail to decrypt. In legitimate TLS sessions, there should not
be a CCS without starting a new handshake, so that remains unaffected.
To ease debugging this issue, log the packet number and add some extra
details to the debug log. Move or remove ssl_packet_from_server calls to
avoid redundant work and to keep the debug log cleaner.
Additionally, try harder to dissect handshake messages if we know for
sure that they are decrypted. This allows inspection of a broken
Finished message that had a too large fragment length.
Tested with a private capture file from Stig Bjørlykke.
Change-Id: If6f15f8b72c467ea9ef15ddcaf2c5ebe980c27c8
Reviewed-on: https://code.wireshark.org/review/36929
Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@xxxxxxxxxxxxx>
Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
(cherry picked from commit 17298cc0fbe1655ee07db54457f476f0799b8152)
Reviewed-on: https://code.wireshark.org/review/36974
Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
Actions performed:
from d863846 capinfos: fix absolute and relative time display.
add e7e52e9 DTLS: try harder to decrypt broken traces with double CCS
Summary of changes:
epan/dissectors/packet-dtls.c | 50 ++++++++++++++++++++------------------
epan/dissectors/packet-tls-utils.c | 14 +++++------
2 files changed, 33 insertions(+), 31 deletions(-)