diff options
author | Alex Badea <abadea@ixiacom.com> | 2015-09-16 17:34:20 +0300 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2015-09-21 14:57:03 +0000 |
commit | 5e635ad7149be25c6934718f5bedc11ce1b769e4 (patch) | |
tree | 6251df66189a41f870d5a5ba074c96e3c7521d36 | |
parent | e2735ecfdd7a96ce909cf5e2be27da1d49d7b321 (diff) | |
download | wireshark-5e635ad7149be25c6934718f5bedc11ce1b769e4.tar.gz |
ssl: determine DTLS by positively checking for UDP
TLS can be tunnelled over other protocols (e.g. TLS over EAP
over 802.1x), which are neither TCP nor UDP. In this case,
we would assume DTLS, which is typically wrong. Assume TLS
instead.
Change-Id: I45d70789f7fa793861297fc2e7a5f2be311bbbb1
Reviewed-on: https://code.wireshark.org/review/10416
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
-rw-r--r-- | epan/dissectors/packet-ssl-utils.c | 2 | ||||
-rw-r--r-- | epan/dissectors/packet-ssl.c | 6 |
2 files changed, 4 insertions, 4 deletions
diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c index 9285bacdaa..47c35c1dd3 100644 --- a/epan/dissectors/packet-ssl-utils.c +++ b/epan/dissectors/packet-ssl-utils.c @@ -4327,7 +4327,7 @@ ssl_packet_from_server(SslSession *session, GTree *associations, packet_info *pi (session->srv_port == pinfo->srcport) && ADDRESSES_EQUAL(&session->srv_addr, &pinfo->src); } else { - ret = ssl_association_find(associations, pinfo->srcport, pinfo->ptype == PT_TCP) != 0; + ret = ssl_association_find(associations, pinfo->srcport, pinfo->ptype != PT_UDP) != 0; } ssl_debug_printf("packet_from_server: is from server - %s\n", (ret)?"TRUE":"FALSE"); diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c index 079e7fbd60..a581372ccd 100644 --- a/epan/dissectors/packet-ssl.c +++ b/epan/dissectors/packet-ssl.c @@ -1716,9 +1716,9 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, /* Unknown protocol handle, ssl_starttls_ack was not called before. * Try to find an appropriate dissection handle and cache it. */ SslAssociation *association; - association = ssl_association_find(ssl_associations, pinfo->srcport, pinfo->ptype == PT_TCP); - association = association ? association: ssl_association_find(ssl_associations, pinfo->destport, pinfo->ptype == PT_TCP); - association = association ? association: ssl_association_find(ssl_associations, 0, pinfo->ptype == PT_TCP); + association = ssl_association_find(ssl_associations, pinfo->srcport, pinfo->ptype != PT_UDP); + association = association ? association: ssl_association_find(ssl_associations, pinfo->destport, pinfo->ptype != PT_UDP); + association = association ? association: ssl_association_find(ssl_associations, 0, pinfo->ptype != PT_UDP); if (association) session->app_handle = association->handle; } |