summaryrefslogtreecommitdiff
path: root/openssl-listen
diff options
context:
space:
mode:
authorPeter Wu <lekensteyn@gmail.com>2013-10-01 23:02:53 +0200
committerPeter Wu <lekensteyn@gmail.com>2013-10-01 23:02:53 +0200
commit1927a4fa8d871188842cddde7755f4d34f804dd2 (patch)
treec52264a0d88559401ce288b662476551d2863917 /openssl-listen
parent7bb3df540d659fe6c674a26b9a10704629a9bf6f (diff)
downloadwireshark-notes-1927a4fa8d871188842cddde7755f4d34f804dd2.tar.gz
generate-wireshark-cs: fix ECDH, add PSK, drop SIG_
ssl_get_keyex_alg.txt contains the current supported list of cipher suites for key exchange by the ssl_get_keyex_alg() function. It was generated with: awk -F '[ :;\t]+' '/^gint ssl_get_keyex_alg/{p=1} /case/{if(p)a[$3]=0} /return/{for(i in a)print i, $3;delete a} /^} /{if(p)exit}' packet-ssl-utils.c This file can then be converted and sorted with: while read num name; do echo $((num)) $name; done < ssl_get_keyex_alg.txt | sort -n > /tmp/1 To get the current cipher suites list: awk -F '[ {,]+' '/,KEX_/{print $2, $3}' packet-ssl-utils.c > /tmp/2 Check which cipher suites are missing or have an incorrect key exchange: diff -y /tmp/[12] It turned out that the ECDH cipher suites were incorrectly marked as DH (tested on top of SVN rev 52320). Therefore adjust the generate-wireshark-cs file.
Diffstat (limited to 'openssl-listen')
-rwxr-xr-xopenssl-listen1
1 files changed, 1 insertions, 0 deletions
diff --git a/openssl-listen b/openssl-listen
index dd37e44..65cf714 100755
--- a/openssl-listen
+++ b/openssl-listen
@@ -11,6 +11,7 @@ ecd_pub=secp384r1-dsa.crt
ecc_prv=secp384r1-rsa.pem
ecc_pub=secp384r1-rsa.crt
PSK=12345678
+PSK=0102030405060708091011121314151617181920
pkdir=$1
portbase=${2:-4430}