From dbdb3729deaef9af95dfdd69578706c39d40b0f9 Mon Sep 17 00:00:00 2001 From: Anders Broman Date: Wed, 3 May 2006 05:29:04 +0000 Subject: From Paolo Abeni: authesserre samuel kindly pointed out an issue with session renegotiation in the current ssl decryption code. Encrypted handshake message are decrypted, but the dissector try to interpret the encrypted code. Renegotiation messages are therefore ignored. The attached pcap trace and key can be used to trigger the issue. The attached patch fix the problem storing the decrypted version of encrypted handshake message and dissecting it when available. The patch also fix bad issue with des cipher (alike the issue fixed in my previous post) svn path=/trunk/; revision=18081 --- gtk/ssl-dlg.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'gtk') diff --git a/gtk/ssl-dlg.c b/gtk/ssl-dlg.c index 8f3034534b..44787804ce 100644 --- a/gtk/ssl-dlg.c +++ b/gtk/ssl-dlg.c @@ -141,10 +141,10 @@ ssl_queue_packet_data(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_ follow_info_t* follow_info = tapdata; SslDecryptedRecord* rec; int proto_ssl = (int) ssl; - StringInfo* data = p_get_proto_data(pinfo->fd, proto_ssl); + SslPacketInfo* pi = p_get_proto_data(pinfo->fd, proto_ssl); /* skip packet without decrypted data payload*/ - if (!data) + if (!pi || !pi->app_data.data) return 0; /* compute packet direction */ @@ -162,10 +162,10 @@ ssl_queue_packet_data(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_ rec->is_server = 1; /* update stream counter */ - follow_info->bytes_written[rec->is_server] += data->data_len; + follow_info->bytes_written[rec->is_server] += pi->app_data.data_len; /* extract decrypted data and queue it locally */ - rec->data = data; + rec->data = &pi->app_data; follow_info->ssl_decrypted_data = g_list_append( follow_info->ssl_decrypted_data,rec); -- cgit v1.2.3