diff options
| author | Michal Pazdera <michal.pazdera@gmail.com> | 2015-09-14 10:28:30 +0200 |
|---|---|---|
| committer | Peter Wu <peter@lekensteyn.nl> | 2015-10-07 17:35:42 +0000 |
| commit | ca63acaae0e483454bae331fb14db2824a87f6d7 (patch) | |
| tree | e43eca95a615b73025b3ed81acac197fa19f1656 | |
| parent | 6a162872079285fd56edf1d1defc89328cf11bfe (diff) | |
| download | wireshark-ca63acaae0e483454bae331fb14db2824a87f6d7.tar.gz | |
Multiple SSL content in one packet fix
When SSL packet contains multiple encrypted contents the WS shows only the
last record due the wrong indexing of the structure where the decrypted
contents are stored. Should use tvb_raw_offset(tvb)+offset instead of
offset as I think was intended.
Added the same fix for DTLS.
Bug: 11523
Change-Id: I0a977a0e6ebe7c45e526fa5152b8614463abd4fa
Reviewed-on: https://code.wireshark.org/review/10528
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit 9f171ee584719bf7e5bfb8a580ef9941a9012357)
Reviewed-on: https://code.wireshark.org/review/10830
Reviewed-by: Tomáš Kukosa <tomas.kukosa@unify.com>
| -rw-r--r-- | epan/dissectors/packet-dtls.c | 12 | ||||
| -rw-r--r-- | epan/dissectors/packet-ssl.c | 12 |
2 files changed, 12 insertions, 12 deletions
diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c index aa7c0dfdcb..067d2dcc91 100644 --- a/epan/dissectors/packet-dtls.c +++ b/epan/dissectors/packet-dtls.c @@ -885,10 +885,10 @@ dissect_dtls_record(tvbuff_t *tvb, packet_info *pinfo, if (ssl&&decrypt_dtls_record(tvb, pinfo, offset, record_length, content_type, ssl, FALSE)) ssl_add_record_info(proto_dtls, pinfo, dtls_decrypted_data.data, - dtls_decrypted_data_avail, offset); + dtls_decrypted_data_avail, tvb_raw_offset(tvb)+offset); /* try to retrieve and use decrypted alert record, if any. */ - decrypted = ssl_get_record_info(tvb, proto_dtls, pinfo, offset); + decrypted = ssl_get_record_info(tvb, proto_dtls, pinfo, tvb_raw_offset(tvb)+offset); if (decrypted) { dissect_dtls_alert(decrypted, pinfo, dtls_record_tree, 0, session); @@ -910,10 +910,10 @@ dissect_dtls_record(tvbuff_t *tvb, packet_info *pinfo, if (ssl && decrypt_dtls_record(tvb, pinfo, offset, record_length, content_type, ssl, FALSE)) ssl_add_record_info(proto_dtls, pinfo, dtls_decrypted_data.data, - dtls_decrypted_data_avail, offset); + dtls_decrypted_data_avail, tvb_raw_offset(tvb)+offset); /* try to retrieve and use decrypted handshake record, if any. */ - decrypted = ssl_get_record_info(tvb, proto_dtls, pinfo, offset); + decrypted = ssl_get_record_info(tvb, proto_dtls, pinfo, tvb_raw_offset(tvb)+offset); if (decrypted) { dissect_dtls_handshake(decrypted, pinfo, dtls_record_tree, 0, tvb_length(decrypted), session, is_from_server, @@ -1004,10 +1004,10 @@ dissect_dtls_record(tvbuff_t *tvb, packet_info *pinfo, if (ssl && decrypt_dtls_record(tvb, pinfo, offset, record_length, content_type, ssl, FALSE)) ssl_add_record_info(proto_dtls, pinfo, dtls_decrypted_data.data, - dtls_decrypted_data_avail, offset); + dtls_decrypted_data_avail, tvb_raw_offset(tvb)+offset); /* try to retrieve and use decrypted alert record, if any. */ - decrypted = ssl_get_record_info(tvb, proto_dtls, pinfo, offset); + decrypted = ssl_get_record_info(tvb, proto_dtls, pinfo, tvb_raw_offset(tvb)+offset); if (decrypted) { dissect_dtls_heartbeat(decrypted, pinfo, dtls_record_tree, 0, session, tvb_length (decrypted), TRUE); diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c index b49a87b021..89e32cb79e 100644 --- a/epan/dissectors/packet-ssl.c +++ b/epan/dissectors/packet-ssl.c @@ -1611,10 +1611,10 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, if (ssl&&decrypt_ssl3_record(tvb, pinfo, offset, record_length, content_type, ssl, FALSE)) ssl_add_record_info(proto_ssl, pinfo, ssl_decrypted_data.data, - ssl_decrypted_data_avail, offset); + ssl_decrypted_data_avail, tvb_raw_offset(tvb)+offset); /* try to retrieve and use decrypted alert record, if any. */ - decrypted = ssl_get_record_info(tvb, proto_ssl, pinfo, offset); + decrypted = ssl_get_record_info(tvb, proto_ssl, pinfo, tvb_raw_offset(tvb)+offset); if (decrypted) { add_new_data_source(pinfo, decrypted, "Decrypted SSL record"); dissect_ssl3_alert(decrypted, pinfo, ssl_record_tree, 0, session); @@ -1634,10 +1634,10 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, if (ssl && decrypt_ssl3_record(tvb, pinfo, offset, record_length, content_type, ssl, FALSE)) ssl_add_record_info(proto_ssl, pinfo, ssl_decrypted_data.data, - ssl_decrypted_data_avail, offset); + ssl_decrypted_data_avail, tvb_raw_offset(tvb)+offset); /* try to retrieve and use decrypted handshake record, if any. */ - decrypted = ssl_get_record_info(tvb, proto_ssl, pinfo, offset); + decrypted = ssl_get_record_info(tvb, proto_ssl, pinfo, tvb_raw_offset(tvb)+offset); if (decrypted) { /* add desegmented data to the data source list */ add_new_data_source(pinfo, decrypted, "Decrypted SSL record"); @@ -1690,10 +1690,10 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, if (ssl && decrypt_ssl3_record(tvb, pinfo, offset, record_length, content_type, ssl, FALSE)) ssl_add_record_info(proto_ssl, pinfo, ssl_decrypted_data.data, - ssl_decrypted_data_avail, offset); + ssl_decrypted_data_avail, tvb_raw_offset(tvb)+offset); /* try to retrieve and use decrypted handshake record, if any. */ - decrypted = ssl_get_record_info(tvb, proto_ssl, pinfo, offset); + decrypted = ssl_get_record_info(tvb, proto_ssl, pinfo, tvb_raw_offset(tvb)+offset); if (decrypted) { add_new_data_source(pinfo, decrypted, "Decrypted SSL record"); dissect_ssl3_heartbeat(decrypted, pinfo, ssl_record_tree, 0, session, tvb_length (decrypted), TRUE); |