- the StringInfo allocator may fail when a 0 data length is requested
- many wrong values into the cipher_suites table
- duplicated code for ssl session state checking before each
ssl_generate_keyring_material() call
- missing initialization of 'server_data_for_iv.data_len' and
'client_data_for_iv.data_len' in ssl_session_init()
From Jaap Keuter:
- Some code rationalisation
- Gammatical/factual corrections in output and comments
- Whitespace cleanup
svn path=/trunk/; revision=25684
- add ability to read server private key from encrypted PKCS#12 file
- use 0.0.0.0|any|ANY as a wildcard IP address (e.g. if one certificate is used in more servers)
svn path=/trunk/; revision=23995
This patch updates the DTLS dissector to be compatible with OpenSSL 0.9.8f in
the following ways:
* Handle both SSL version number 0xfeff (RFC 4347 and OpenSSL 0.9.8f), and
0x100 (Used by OpenSSL 0.9.8e and earlier)
* Reassemble fragmented handshake messages.
svn path=/trunk/; revision=23369
most have been tagged unused (few have been deleted if dissector has not been
modified since a long time)
move packet-ssl-utils.c to DISSECTOR_SRC
svn path=/trunk/; revision=21431
now that it is no longer a static variable in packet-ssl-utils.h.
Leaving it as static caused a warning turned error that it was unused
in the current file (packet-ssl-utils.h). Resolution: Move the variable
to packet-ssl.c and declare as extern in packet-dtls.c - the only other
place that needs it.
svn path=/trunk/; revision=21161
authesserre samuel <sauthess@gmail.com> kindly pointed out an issue with session renegotiation in the current ssl decryption code.
Encrypted handshake message are decrypted, but the dissector try to interpret the encrypted code. Renegotiation messages are therefore ignored. The attached pcap trace and key can be used to trigger the issue.
The attached patch fix the problem storing the decrypted version of encrypted handshake message and dissecting it when available. The patch also fix bad issue with des cipher (alike the issue fixed in my previous post)
svn path=/trunk/; revision=18081
The attached patch cleanup the debug infrastructure for ssl dissector.
Debug messages are by default off and can be enabled via the ssl
dissector preference. Debug output can be directed to stderr or file.
svn path=/trunk/; revision=17253
>There is still an issue into the HAVE_LIBGNUTLS macro definition. I'm
>fixing it and cleaning a bit the windows side configuration. I hope to
>post soon the fix.
The attached patch should fix the issue. I missed to modify the
config.win32 file and I misstyped a few macros name.
svn path=/trunk/; revision=17200
Set up to build on Windows if we have GNU TLS.
Define "ssl_data_set()" regardless of whether we have GNU TLS or
not, as it's used in either case.
Get rid of an extra #include of epan/gnuc_format_check.h.
svn path=/trunk/; revision=17177
I have developed an external plugin to enable ssl decryption in
ethereal.
Me
- Remove unnecessary $Id$ from acinclude.m4
- Added packet-ssl-utils.h to Makefile.common
- Fixed a few warnings
TODO
- Lots of warning fixes (see separate mail)
- Reformat function headers to read like the others do
(return value<newline>function-name...)
- Test on Windows platform
- Review the patch to packet-ssl.c and new files packet-ssl-utils.[hc]
svn path=/trunk/; revision=17156
Jaap Keuter