Age | Commit message (Collapse) | Author | Files | Lines |
|
These steps were used for creating the tests for
https://code.wireshark.org/review/19850
("test: add (D)TLS test for AEAD ciphers")
|
|
Append to PATH to avoid clobbering it when putting ccache in $PATH.
Enable SBC codec for testing.
Enable debug-prefix-map, should make relocatable debug builds easier
(where I build in a different directory and move it).
|
|
|
|
Ninja is awesome, it is faster than Unix Makefiles!
|
|
|
|
|
|
* generate-wireshark-cs: fix key sizes for export ciphers
* notes, openssl-{connect,listen}: support more cipher suites,
including NULL.
|
|
|
|
|
|
The CLIENT_RANDOM is applicable to clients only, so remove it from
ServerHello. Also update notes with cmake+gcrypt instructions.
|
|
See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9499
|
|
|
|
The new ssl_get_keyex_alg.txt.diff has been generated with the
following patches applied:
- (unrelated) ssl: Support PSK larger than 16 octets
- Use correct key exchange type for ECDHE ciphers
- (unrelated) ssl: drop unused SIG_ field and constants
- Add more PSK and Camellia ciphers
- Simplify determining key exchange algorithm, more PSK support
|
|
ssl_get_keyex_alg.txt contains the current supported list of cipher
suites for key exchange by the ssl_get_keyex_alg() function.
It was generated with:
awk -F '[ :;\t]+' '/^gint ssl_get_keyex_alg/{p=1}
/case/{if(p)a[$3]=0} /return/{for(i in a)print i, $3;delete a} /^}
/{if(p)exit}' packet-ssl-utils.c
This file can then be converted and sorted with:
while read num name; do echo $((num)) $name;
done < ssl_get_keyex_alg.txt | sort -n > /tmp/1
To get the current cipher suites list:
awk -F '[ {,]+' '/,KEX_/{print $2, $3}' packet-ssl-utils.c > /tmp/2
Check which cipher suites are missing or have an incorrect key exchange:
diff -y /tmp/[12]
It turned out that the ECDH cipher suites were incorrectly marked as
DH (tested on top of SVN rev 52320). Therefore adjust the
generate-wireshark-cs file.
|
|
|
|
|
|
|
|
|
|
|