From Adam Langley:
Decrypt resumed, SSL sessions from keylog file- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7396 svn path=/trunk/; revision=43458
This commit is contained in:
parent
464464d8b6
commit
9adf66b3fb
|
@ -2280,6 +2280,9 @@ ssl_decrypt_pre_master_secret(SslDecryptSession*ssl_session,
|
|||
{
|
||||
gint i;
|
||||
|
||||
if (!encrypted_pre_master)
|
||||
return -1;
|
||||
|
||||
if(ssl_session->cipher_suite.kex == KEX_DH) {
|
||||
ssl_debug_printf("ssl_decrypt_pre_master_secret session uses DH (%d) key exchange, which is impossible to decrypt\n",
|
||||
KEX_DH);
|
||||
|
@ -3607,7 +3610,7 @@ ssl_save_session(SslDecryptSession* ssl, GHashTable *session_hash)
|
|||
ssl_print_string("ssl_save_session stored master secret", master_secret);
|
||||
}
|
||||
|
||||
void
|
||||
gboolean
|
||||
ssl_restore_session(SslDecryptSession* ssl, GHashTable *session_hash)
|
||||
{
|
||||
StringInfo* ms;
|
||||
|
@ -3615,11 +3618,12 @@ ssl_restore_session(SslDecryptSession* ssl, GHashTable *session_hash)
|
|||
|
||||
if (!ms) {
|
||||
ssl_debug_printf("ssl_restore_session can't find stored session\n");
|
||||
return;
|
||||
return FALSE;
|
||||
}
|
||||
ssl_data_set(&ssl->master_secret, ms->data, ms->data_len);
|
||||
ssl->state |= SSL_MASTER_SECRET;
|
||||
ssl_debug_printf("ssl_restore_session master key retrieved\n");
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
int
|
||||
|
@ -3823,6 +3827,9 @@ ssl_keylog_lookup(SslDecryptSession* ssl_session,
|
|||
FILE* ssl_keylog;
|
||||
int ret = -1;
|
||||
|
||||
if (!ssl_keylog_filename)
|
||||
return -1;
|
||||
|
||||
ssl_debug_printf("trying to use SSL keylog in %s\n", ssl_keylog_filename);
|
||||
|
||||
ssl_keylog = ws_fopen(ssl_keylog_filename, "r");
|
||||
|
|
|
@ -438,8 +438,8 @@ ssl_change_cipher(SslDecryptSession *ssl_session, gboolean server);
|
|||
/** Try to find the pre-master secret for the given encrypted pre-master secret
|
||||
from a log of secrets.
|
||||
@param ssl_session the store for the decrypted pre_master_secret
|
||||
@param ssl_keylog_filename a file that contains a log of pre-master secrets
|
||||
@param encrypted_pre_master the rsa encrypted pre_master_secret
|
||||
@param ssl_keylog_filename a file that contains a log of secrets (may be NULL)
|
||||
@param encrypted_pre_master the rsa encrypted pre_master_secret (may be NULL)
|
||||
@return 0 on success */
|
||||
int
|
||||
ssl_keylog_lookup(SslDecryptSession* ssl_session,
|
||||
|
@ -534,7 +534,7 @@ ssl_parse_key_list(const ssldecrypt_assoc_t * uats, GHashTable *key_hash, GTree*
|
|||
extern void
|
||||
ssl_save_session(SslDecryptSession* ssl, GHashTable *session_hash);
|
||||
|
||||
extern void
|
||||
extern gboolean
|
||||
ssl_restore_session(SslDecryptSession* ssl, GHashTable *session_hash);
|
||||
|
||||
extern gint
|
||||
|
|
|
@ -2136,8 +2136,6 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo,
|
|||
}
|
||||
} else {
|
||||
/* try to find the key in the key log */
|
||||
if (!ssl_keylog_filename)
|
||||
break;
|
||||
if (ssl_keylog_lookup(ssl, ssl_keylog_filename, &encrypted_pre_master)<0)
|
||||
break;
|
||||
}
|
||||
|
@ -2288,7 +2286,15 @@ dissect_ssl3_hnd_hello_common(tvbuff_t *tvb, proto_tree *tree,
|
|||
(tvb_memeql(tvb, offset+33, ssl->session_id.data, session_id_length) == 0))
|
||||
{
|
||||
/* client/server id match: try to restore a previous cached session*/
|
||||
ssl_restore_session(ssl, ssl_session_hash);
|
||||
if (!ssl_restore_session(ssl, ssl_session_hash)) {
|
||||
/* If we failed to find the previous session, we may still have
|
||||
* the master secret in the key log. */
|
||||
if (ssl_keylog_lookup(ssl, ssl_keylog_filename, NULL)) {
|
||||
ssl_debug_printf(" cannot find master secret in keylog file either\n");
|
||||
} else {
|
||||
ssl_debug_printf(" found master secret in keylog file\n");
|
||||
}
|
||||
}
|
||||
} else {
|
||||
tvb_memcpy(tvb,ssl->session_id.data, offset+33, session_id_length);
|
||||
ssl->session_id.data_len = session_id_length;
|
||||
|
|
Loading…
Reference in New Issue