diff options
author | Martin Kaiser <wireshark@kaiser.cx> | 2014-03-09 20:41:16 +0100 |
---|---|---|
committer | Martin Kaiser <wireshark@kaiser.cx> | 2014-03-10 19:14:43 +0000 |
commit | 21aa7168c7565445ee544ee78fb6c836a63cd4ed (patch) | |
tree | fa04576b4285366f855785505822aead934e3bf8 /epan | |
parent | 5de268aacbc85553bb6b2a78492cfd6f52785b55 (diff) |
SSL/TLS payload decryption:
don't make private key and keylog file mutually exclusive
if we find a private key that does not match or is not usable for
getting the pre-master secret (e.g. because we're using an ephemeral
cipher suite), don't give up and exit with an error
continue reading the keylog file and search for our master secret there
Change-Id: I59fb460339e3e606a077b3a902fa1f9777b5e118
Reviewed-on: https://code.wireshark.org/review/590
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/packet-ssl-utils.c | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c index b39d40ecd7..9afa2e0362 100644 --- a/epan/dissectors/packet-ssl-utils.c +++ b/epan/dissectors/packet-ssl-utils.c @@ -2516,17 +2516,17 @@ ssl_generate_pre_master_secret(SslDecryptSession *ssl_session, /* go with ssl key processessing; encrypted_pre_master * will be used for master secret store*/ ret = ssl_decrypt_pre_master_secret(ssl_session, &encrypted_pre_master, ssl_session->private_key); - if (ret < 0) { - ssl_debug_printf("ssl_generate_pre_master_secret: can't decrypt pre master secret\n"); - return -1; - } - return 0; - } else if (keylog_filename != NULL) { + if (ret == 0) + return 0; + + ssl_debug_printf("ssl_generate_pre_master_secret: can't decrypt pre master secret\n"); + } + + if (keylog_filename != NULL) { /* try to find the key in the key log */ - if (ssl_keylog_lookup(ssl_session, keylog_filename, &encrypted_pre_master) < 0) { - return -1; - } - return 0; + ret = ssl_keylog_lookup(ssl_session, keylog_filename, &encrypted_pre_master); + if (ret == 0) + return 0; } } return -1; |