From 1927a4fa8d871188842cddde7755f4d34f804dd2 Mon Sep 17 00:00:00 2001 From: Peter Wu Date: Tue, 1 Oct 2013 23:02:53 +0200 Subject: generate-wireshark-cs: fix ECDH, add PSK, drop SIG_ ssl_get_keyex_alg.txt contains the current supported list of cipher suites for key exchange by the ssl_get_keyex_alg() function. It was generated with: awk -F '[ :;\t]+' '/^gint ssl_get_keyex_alg/{p=1} /case/{if(p)a[$3]=0} /return/{for(i in a)print i, $3;delete a} /^} /{if(p)exit}' packet-ssl-utils.c This file can then be converted and sorted with: while read num name; do echo $((num)) $name; done < ssl_get_keyex_alg.txt | sort -n > /tmp/1 To get the current cipher suites list: awk -F '[ {,]+' '/,KEX_/{print $2, $3}' packet-ssl-utils.c > /tmp/2 Check which cipher suites are missing or have an incorrect key exchange: diff -y /tmp/[12] It turned out that the ECDH cipher suites were incorrectly marked as DH (tested on top of SVN rev 52320). Therefore adjust the generate-wireshark-cs file. --- notes.txt | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'notes.txt') diff --git a/notes.txt b/notes.txt index b2f38b5..a78c21e 100644 --- a/notes.txt +++ b/notes.txt @@ -1,5 +1,15 @@ /tmp/wireshark/configure --prefix=/tmp/wsroot --with-ssl --with-gtk2 --without-gtk3 +# libgcrypt RC2 fixing +# Fix compile issue (missing fig2dev in doc, Makefile.in in tests is not +# generated (Makefile/autotools of the repo too old?)) +sed '/SUBDIRS/s/ doc tests//' -i Makefile.am && ./autogen.sh +mkdir build && cd build +../configure --disable-static --disable-padlock-support --prefix=/tmp/libgcrypt/prefix +make install +# for libgcrypt-config test in wireshark ./configure +PATH=/tmp/libgcrypt/prefix/bin:$PATH + # find which suites are not supported yet (unsupported.txt) awk -vsrc=/tmp/wireshark/epan/dissectors/packet-ssl-utils.c -F'[ {,]+' 'BEGIN{while(getline