diff options
author | Hauke Mehrtens <hauke@hauke-m.de> | 2013-12-07 00:55:08 +0100 |
---|---|---|
committer | Michael Mann <mmann78@netscape.net> | 2014-04-27 18:00:21 +0000 |
commit | 338269fe41d6617a089a81d7e2ed0aa4e71819d7 (patch) | |
tree | 2a0814a0469adc657fa3bad2e98f57b602cc6fc1 /epan/dissectors/packet-ssl.c | |
parent | 162a8c72f0ead25b443c8adf664d05faf7766517 (diff) | |
download | wireshark-338269fe41d6617a089a81d7e2ed0aa4e71819d7.tar.gz |
ssl/dtls: add keyfile support to dtls
This moves the keyfile and psk options from the ssl code into ssl-utils
and then uses them also for dtls.
This is the last missing part for bug 9499 from my side.
Change-Id: Ie2fe5bc565eabe1e6ce62498c985b8a36e913b0f
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-on: https://code.wireshark.org/review/1369
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Diffstat (limited to 'epan/dissectors/packet-ssl.c')
-rw-r--r-- | epan/dissectors/packet-ssl.c | 29 |
1 files changed, 4 insertions, 25 deletions
diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c index 6f17f1eb14..230422ba45 100644 --- a/epan/dissectors/packet-ssl.c +++ b/epan/dissectors/packet-ssl.c @@ -345,8 +345,7 @@ static gint ssl_decrypted_data_avail = 0; static uat_t *ssldecrypt_uat = NULL; static const gchar *ssl_keys_list = NULL; -static const gchar *ssl_psk = NULL; -static const gchar *ssl_keylog_filename = NULL; +static ssl_common_options_t ssl_options = { NULL, NULL}; /* List of dissectors to call for SSL data */ static heur_dissector_list_t ssl_heur_subdissector_list; @@ -2106,7 +2105,7 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo, if (!ssl) break; - if (ssl_generate_pre_master_secret(ssl, length, tvb, offset, ssl_psk, ssl_keylog_filename) < 0) { + if (ssl_generate_pre_master_secret(ssl, length, tvb, offset, ssl_options.psk, ssl_options.keylog_filename) < 0) { ssl_debug_printf("dissect_ssl3_handshake can't generate pre master secret\n"); break; } @@ -2276,7 +2275,7 @@ dissect_ssl3_hnd_hello_common(tvbuff_t *tvb, proto_tree *tree, if (!ssl_restore_session(ssl, ssl_session_hash)) { /* If we failed to find the previous session, we may still have * the master secret in the key log. */ - if (ssl_keylog_lookup(ssl, ssl_keylog_filename, NULL)) { + if (ssl_keylog_lookup(ssl, ssl_options.keylog_filename, NULL)) { ssl_debug_printf(" cannot find master secret in keylog file either\n"); } else { ssl_debug_printf(" found master secret in keylog file\n"); @@ -5619,27 +5618,7 @@ proto_register_ssl(void) "For troubleshooting ignore the mac check result and decrypt also if the Message Authentication Code (MAC) fails.", &ssl_ignore_mac_failed); #ifdef HAVE_LIBGNUTLS - prefs_register_string_preference(ssl_module, "psk", "Pre-Shared-Key", - "Pre-Shared-Key as HEX string, should be 0 to 16 bytes", - &ssl_psk); - - prefs_register_filename_preference(ssl_module, "keylog_file", "(Pre)-Master-Secret log filename", - "The filename of a file which contains a list of \n" - "(pre-)master secrets in one of the following formats:\n" - "\n" - "RSA <EPMS> <PMS>\n" - "RSA Session-ID:<SSLID> Master-Key:<MS>\n" - "CLIENT_RANDOM <CRAND> <MS>\n" - "\n" - "Where:\n" - "<EPMS> = First 8 bytes of the Encrypted PMS\n" - "<PMS> = The Pre-Master-Secret (PMS)\n" - "<SSLID> = The SSL Session ID\n" - "<MS> = The Master-Secret (MS)\n" - "<CRAND> = The Client's random number from the ClientHello message\n" - "\n" - "(All fields are in hex notation)", - &ssl_keylog_filename); + ssl_common_register_options(ssl_module, &ssl_options); #endif } |