diff options
| author | Peter Wu <peter@lekensteyn.nl> | 2019-01-18 01:54:22 +0100 |
|---|---|---|
| committer | Anders Broman <a.broman58@gmail.com> | 2019-01-18 06:10:17 +0000 |
| commit | e8f9ac33525a40aacd0a72010c2c84884ae2ccb7 (patch) | |
| tree | 0263f0788d367d828f1059948803c180d05ba0d4 /wiretap | |
| parent | ae394464df207c39ddb67b2dfd59ce791e53a156 (diff) | |
wiretap,file.c: ensure DSBs are reapplied on redissection
After redissection, the TLS dissector did not remember the DSB secrets
anymore. Since the secrets callback is only invoked on the sequential
read in wtap, be sure to reapply the existing DSBs to the new session.
Bug: 15252
Change-Id: I125f095acb8d577c2439a10e3e65c8b3cfd976b9
Reviewed-on: https://code.wireshark.org/review/31584
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'wiretap')
| -rw-r--r-- | wiretap/pcapng.c | 6 | ||||
| -rw-r--r-- | wiretap/wtap-int.h | 6 | ||||
| -rw-r--r-- | wiretap/wtap.c | 25 |
3 files changed, 30 insertions, 7 deletions
diff --git a/wiretap/pcapng.c b/wiretap/pcapng.c index 035f5b6a9e..55fd663360 100644 --- a/wiretap/pcapng.c +++ b/wiretap/pcapng.c @@ -2646,11 +2646,7 @@ pcapng_process_idb(wtap *wth, pcapng_t *pcapng, wtapng_block_t *wblock) static void pcapng_process_dsb(wtap *wth, wtapng_block_t *wblock) { - const wtapng_dsb_mandatory_t *dsb = (wtapng_dsb_mandatory_t*)wtap_block_get_mandatory_data(wblock->block); - - if (wth->add_new_secrets) { - wth->add_new_secrets(dsb->secrets_type, dsb->secrets_data, dsb->secrets_len); - } + wtapng_process_dsb(wth, wblock->block); /* Store DSB such that it can be saved by the dumper. */ g_array_append_val(wth->dsbs, wblock->block); diff --git a/wiretap/wtap-int.h b/wiretap/wtap-int.h index 9271ac39fa..486b03685f 100644 --- a/wiretap/wtap-int.h +++ b/wiretap/wtap-int.h @@ -326,6 +326,12 @@ wtap_full_file_read(wtap *wth, int *err, gchar **err_info, gint64 *data_offset); */ gboolean wtap_full_file_seek_read(wtap *wth, gint64 seek_off, wtap_rec *rec, Buffer *buf, int *err, gchar **err_info); + +/** + * Invokes the callback with the given decryption secrets block. + */ +void +wtapng_process_dsb(wtap *wth, wtap_block_t dsb); #endif /* __WTAP_INT_H__ */ /* diff --git a/wiretap/wtap.c b/wiretap/wtap.c index b7498d337c..fe43e3b457 100644 --- a/wiretap/wtap.c +++ b/wiretap/wtap.c @@ -1266,8 +1266,29 @@ void wtap_set_cb_new_ipv6(wtap *wth, wtap_new_ipv6_callback_t add_new_ipv6) { } void wtap_set_cb_new_secrets(wtap *wth, wtap_new_secrets_callback_t add_new_secrets) { - if (wth) - wth->add_new_secrets = add_new_secrets; + /* Is a valid wth given that supports DSBs? */ + if (!wth || !wth->dsbs) + return; + + wth->add_new_secrets = add_new_secrets; + /* + * Send all DSBs that were read so far to the new callback. file.c + * relies on this to support redissection (during redissection, the + * previous secrets are lost and has to be resupplied). + */ + for (guint i = 0; i < wth->dsbs->len; i++) { + wtap_block_t dsb = g_array_index(wth->dsbs, wtap_block_t, i); + wtapng_process_dsb(wth, dsb); + } +} + +void +wtapng_process_dsb(wtap *wth, wtap_block_t dsb) +{ + const wtapng_dsb_mandatory_t *dsb_mand = (wtapng_dsb_mandatory_t*)wtap_block_get_mandatory_data(dsb); + + if (wth->add_new_secrets) + wth->add_new_secrets(dsb_mand->secrets_type, dsb_mand->secrets_data, dsb_mand->secrets_len); } gboolean |