diff options
| author | Peter Wu <peter@lekensteyn.nl> | 2017-01-25 21:52:27 +0100 |
|---|---|---|
| committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2017-01-28 15:40:56 +0000 |
| commit | 8f81dd4f8274c2bd9b8438a59cbe232c09f5e573 (patch) | |
| tree | 276ccc504634beb9ead71a9a302696873333c840 /epan/dissectors/packet-dtls.c | |
| parent | 0ce7b55fb4e3a3819135702f8c2baf88b979df73 (diff) | |
| download | wireshark-8f81dd4f8274c2bd9b8438a59cbe232c09f5e573.tar.gz | |
TLS: fix decryption of renegotiated sessions
Renegotiated sessions may interleave application data with handshake
records. These handshake records should however not be included in the
flow associated with the application data. This fixes a regression in
the previous patch, now the "1.12 Step: SSL Decryption (renegotiation)"
test passes again.
Also remove duplicate DTLS data sources for decrypted records.
Change-Id: I46d416ffba11a7c25c5a682b3b53f06d10d4ab79
Fixes: v2.3.0rc0-2152-g77404250d5 ("(D)TLS: consolidate and simplify decrypted records handling")
Reviewed-on: https://code.wireshark.org/review/19822
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-dtls.c')
| -rw-r--r-- | epan/dissectors/packet-dtls.c | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c index 7b25cafbf2..dd08f58da4 100644 --- a/epan/dissectors/packet-dtls.c +++ b/epan/dissectors/packet-dtls.c @@ -827,7 +827,6 @@ dissect_dtls_record(tvbuff_t *tvb, packet_info *pinfo, if (decrypted) { dissect_dtls_alert(decrypted, pinfo, dtls_record_tree, 0, session); - add_new_data_source(pinfo, decrypted, "Decrypted SSL record"); } else { dissect_dtls_alert(tvb, pinfo, dtls_record_tree, offset, session); @@ -843,7 +842,6 @@ dissect_dtls_record(tvbuff_t *tvb, packet_info *pinfo, dissect_dtls_handshake(decrypted, pinfo, dtls_record_tree, 0, tvb_reported_length(decrypted), session, is_from_server, ssl, content_type); - add_new_data_source(pinfo, decrypted, "Decrypted SSL record"); } else { dissect_dtls_handshake(tvb, pinfo, dtls_record_tree, offset, record_length, session, is_from_server, ssl, @@ -923,7 +921,6 @@ dissect_dtls_record(tvbuff_t *tvb, packet_info *pinfo, if (decrypted) { dissect_dtls_heartbeat(decrypted, pinfo, dtls_record_tree, 0, session, tvb_reported_length (decrypted), TRUE); - add_new_data_source(pinfo, decrypted, "Decrypted SSL record"); } else { dissect_dtls_heartbeat(tvb, pinfo, dtls_record_tree, offset, session, record_length, FALSE); |