osmocom
/
wireshark
14
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

ESP: honor enable_null_encryption_decode_heuristic preference when the ESP packet does not match any known SA 

Otherwise checking the enable_encryption_decode preference will completely ignore enable_null_encryption_decode_heuristic

Change-Id: I34744ddb2080453dab7cd7d34f47b4984969993c
Reviewed-on: https://code.wireshark.org/review/4897
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
This commit is contained in:
Pascal Quantin 2014-10-21 19:38:25 +02:00
parent 48da429a04
commit 001dbaf763
1 changed files with 657 additions and 666 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
epan/dissectors/packet-ipsec.c
View File

@ -1313,7 +1313,6 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
guint32 saved_match_uint;
#ifdef HAVE_LIBGCRYPT
gboolean get_address_ok = FALSE;
gboolean null_encryption_decode_heuristic = FALSE;
guint8 *decrypted_data = NULL;
guint8 *authenticator_data = NULL;
@ -1426,14 +1425,7 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
/* Create strings for src, dst addresses */
ip_src = address_to_str(wmem_packet_scope(), &pinfo->src);
ip_dst = address_to_str(wmem_packet_scope(), &pinfo->dst);
get_address_ok = TRUE;
/* The packet cannot be decoded using the SAD */
if(g_esp_enable_null_encryption_decode_heuristic && !get_address_ok)
null_encryption_decode_heuristic = TRUE;
if(get_address_ok)
{
/* Get the SPI */
if (tvb_length(tvb) >= 4)
{
@ -2061,6 +2053,11 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
}
}
}
else if(g_esp_enable_null_encryption_decode_heuristic)
{
/* The packet does not belong to a Security Association */
null_encryption_decode_heuristic = TRUE;
}
if(decrypt_ok && (decrypted_len > esp_iv_len))
{
@ -2153,12 +2150,6 @@ dissect_esp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
}
}
}
else
{
/* The packet does not belong to a security Association */
null_encryption_decode_heuristic = g_esp_enable_null_encryption_decode_heuristic;
}
}
/*
If the packet is present in the security association database and the field g_esp_enable_authentication_check set.