diff options
author | Kenny Root <kenny@the-b.org> | 2016-06-15 23:54:43 -0700 |
---|---|---|
committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2016-06-16 17:05:37 +0000 |
commit | b22e1aeb58a2e620efca1a2f1cf37f179f3773a8 (patch) | |
tree | c7ffc52cffb76d7efec8aa5ad59e132a86a815dc /epan | |
parent | 9a5e6a6884b2369527638fecd49c4c58d8c10378 (diff) |
ssh: packets after SSH_MSG_NEWKEYS are encrypted
According to RFC 4253 section 7.3, once the SSH_MSG_NEWKEYS is received
all packets after that will be encrypted using the negotiated keys. This
can happen in the middle of a frame, so account for the offset in the
frame where this happens.
Change-Id: Ibc3b06a4bdfe38ae15b0e65afac6f5d3646cb58d
Reviewed-on: https://code.wireshark.org/review/15965
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Diffstat (limited to 'epan')
-rw-r--r-- | epan/dissectors/packet-ssh.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/epan/dissectors/packet-ssh.c b/epan/dissectors/packet-ssh.c index fefbd40169..31a33feda5 100644 --- a/epan/dissectors/packet-ssh.c +++ b/epan/dissectors/packet-ssh.c @@ -82,6 +82,7 @@ struct ssh_peer_data { guint32 frame_key_start; guint32 frame_key_end; + int frame_key_end_offset; gchar* kex_proposal; @@ -464,7 +465,8 @@ ssh_dissect_ssh2(tvbuff_t *tvb, packet_info *pinfo, if ((peer_data->frame_key_start == 0) || ((peer_data->frame_key_start <= pinfo->num) && - ((peer_data->frame_key_end == 0) || (pinfo->num <= peer_data->frame_key_end)))) { + ((peer_data->frame_key_end == 0) || (pinfo->num < peer_data->frame_key_end) || + ((pinfo->num == peer_data->frame_key_end) && (offset < peer_data->frame_key_end_offset))))) { offset = ssh_dissect_key_exchange(tvb, pinfo, global_data, offset, ssh2_tree, is_response, need_desegmentation); @@ -708,6 +710,7 @@ ssh_dissect_key_exchange(tvbuff_t *tvb, packet_info *pinfo, case SSH_MSG_NEWKEYS: if (peer_data->frame_key_end == 0) { peer_data->frame_key_end = pinfo->num; + peer_data->frame_key_end_offset = offset; ssh_choose_algo(global_data->peer_data[CLIENT_PEER_DATA].enc_proposals[is_response], global_data->peer_data[SERVER_PEER_DATA].enc_proposals[is_response], &peer_data->enc); |