ssl: fix wrong detection of non-resumed renegotiated session

If the heuristics fail to detect a resumed session, then it must mark the session as a normal session. This will also prevent from applying secrets that do not apply to this renegotiated session. Bug: 12793 Change-Id: I90f794a7bbaf7f1839e39656ac318183ecf48887 Reviewed-on: https://code.wireshark.org/review/17376 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2016-08-30 00:10:50 +02:00 · 2016-08-30 00:10:50 +02:00 · 7c75370224
parent cbd3648738
commit 7c75370224
1 changed files with 2 additions and 0 deletions
--- a/epan/dissectors/packet-ssl-utils.c
+++ b/epan/dissectors/packet-ssl-utils.c
@ -5091,9 +5091,11 @@ ssl_dissect_change_cipher_spec(ssl_common_dissect_t *hf, tvbuff_t *tvb,
            } else {
                /* Can happen if the capture somehow starts in the middle */
                ssl_debug_printf("%s No Session resumption, missing packets?\n", G_STRFUNC);
+                session->is_session_resumed = FALSE;
            }
        } else {
            ssl_debug_printf("%s Not using Session resumption\n", G_STRFUNC);
+            session->is_session_resumed = FALSE;
        }
    }
    if (is_from_server && session->is_session_resumed)