TLS: fix decryption of renegotiated sessions
Renegotiated sessions may interleave application data with handshake records. These handshake records should however not be included in the flow associated with the application data. This fixes a regression in the previous patch, now the "1.12 Step: SSL Decryption (renegotiation)" test passes again. Also remove duplicate DTLS data sources for decrypted records. Change-Id: I46d416ffba11a7c25c5a682b3b53f06d10d4ab79 Fixes: v2.3.0rc0-2152-g77404250d5 ("(D)TLS: consolidate and simplify decrypted records handling") Reviewed-on: https://code.wireshark.org/review/19822 Reviewed-by: Peter Wu <peter@lekensteyn.nl> Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This commit is contained in:
parent
0ce7b55fb4
commit
8f81dd4f82
|
@ -827,7 +827,6 @@ dissect_dtls_record(tvbuff_t *tvb, packet_info *pinfo,
|
|||
if (decrypted) {
|
||||
dissect_dtls_alert(decrypted, pinfo, dtls_record_tree, 0,
|
||||
session);
|
||||
add_new_data_source(pinfo, decrypted, "Decrypted SSL record");
|
||||
} else {
|
||||
dissect_dtls_alert(tvb, pinfo, dtls_record_tree, offset,
|
||||
session);
|
||||
|
@ -843,7 +842,6 @@ dissect_dtls_record(tvbuff_t *tvb, packet_info *pinfo,
|
|||
dissect_dtls_handshake(decrypted, pinfo, dtls_record_tree, 0,
|
||||
tvb_reported_length(decrypted), session, is_from_server,
|
||||
ssl, content_type);
|
||||
add_new_data_source(pinfo, decrypted, "Decrypted SSL record");
|
||||
} else {
|
||||
dissect_dtls_handshake(tvb, pinfo, dtls_record_tree, offset,
|
||||
record_length, session, is_from_server, ssl,
|
||||
|
@ -923,7 +921,6 @@ dissect_dtls_record(tvbuff_t *tvb, packet_info *pinfo,
|
|||
if (decrypted) {
|
||||
dissect_dtls_heartbeat(decrypted, pinfo, dtls_record_tree, 0,
|
||||
session, tvb_reported_length (decrypted), TRUE);
|
||||
add_new_data_source(pinfo, decrypted, "Decrypted SSL record");
|
||||
} else {
|
||||
dissect_dtls_heartbeat(tvb, pinfo, dtls_record_tree, offset,
|
||||
session, record_length, FALSE);
|
||||
|
|
|
@ -4482,10 +4482,15 @@ ssl_add_record_info(gint proto, packet_info *pinfo, const guchar *data, gint dat
|
|||
rec->type = type;
|
||||
rec->next = NULL;
|
||||
|
||||
if (flow) {
|
||||
/* TODO allow Handshake records also to be reassembled. There needs to be
|
||||
* one "flow" for each record type (appdata, handshake). "seq" for the
|
||||
* record should then be relative within this flow. */
|
||||
if (flow && type == SSL_ID_APP_DATA) {
|
||||
rec->seq = flow->byte_seq;
|
||||
rec->flow = flow;
|
||||
flow->byte_seq += data_len;
|
||||
ssl_debug_printf("%s stored decrypted record seq=%d nxtseq=%d flow=%p\n",
|
||||
G_STRFUNC, rec->seq, rec->seq + data_len, flow);
|
||||
}
|
||||
|
||||
/* Remember decrypted records. */
|
||||
|
|
Loading…
Reference in New Issue