diff options
author | Peter Wu <peter@lekensteyn.nl> | 2015-11-14 12:47:28 +0100 |
---|---|---|
committer | Peter Wu <peter@lekensteyn.nl> | 2015-11-16 21:47:43 +0000 |
commit | 4002f98413cd07abf53535e83beb63ccde939db7 (patch) | |
tree | 5f0e35a706dc334acc2a37697e660202b7629421 /epan/dissectors/packet-ssl-utils.h | |
parent | c90990068ff2f442bdfb2475dc9dd3a55cdb2e46 (diff) | |
download | wireshark-4002f98413cd07abf53535e83beb63ccde939db7.tar.gz |
ssl,dtls: use ProtocolVersion from Server Hello
A DTLS capture from Jitsi Videobridge for Windows x64 (v519) using a
(patched?) BouncyCastle 1.51.0 exposed the odd behavior where the
ProtocolVersion from the record layer was always fixed to DTLSv1.2 while
the server agrees to use DTLSv1.0.
This resulted in a Malformed packet dissection of the ServerKeyExchange
message which mistakenly expects a SignatureAndHash field. Fix this
by using the protocol version from the ServerHello. Keep the fallback
in case a capture starts in the middle of a SSL conversation.
(Also display "DTLS" instead of "SSL" when the version is not yet
determined for DTLS packets.)
Bug: 11709
Change-Id: I0719977e3b2208da1960121b01dc109fa76bfcb6
Reviewed-on: https://code.wireshark.org/review/11821
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.h')
-rw-r--r-- | epan/dissectors/packet-ssl-utils.h | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h index 5ccaf8abd0..3bbf44f858 100644 --- a/epan/dissectors/packet-ssl-utils.h +++ b/epan/dissectors/packet-ssl-utils.h @@ -585,6 +585,11 @@ extern gboolean ssl_is_valid_handshake_type(guint8 hs_type, gboolean is_dtls); extern void +ssl_try_set_version(SslSession *session, SslDecryptSession *ssl, + guint8 content_type, guint8 handshake_type, + gboolean is_dtls, guint16 version); + +extern void ssl_calculate_handshake_hash(SslDecryptSession *ssl_session, tvbuff_t *tvb, guint32 offset, guint32 length); /* common header fields, subtrees and expert info for SSL and DTLS dissectors */ @@ -761,7 +766,8 @@ ssl_dissect_hnd_cli_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb, extern void ssl_dissect_hnd_srv_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info* pinfo, proto_tree *tree, guint32 offset, guint32 length, - SslSession *session, SslDecryptSession *ssl); + SslSession *session, SslDecryptSession *ssl, + gboolean is_dtls); extern void ssl_dissect_hnd_new_ses_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb, |