authesserre samuel <sauthess@gmail.com> kindly pointed out an issue with session renegotiation in the current ssl decryption code.
Encrypted handshake message are decrypted, but the dissector try to interpret the encrypted code. Renegotiation messages are therefore ignored. The attached pcap trace and key can be used to trigger the issue.
The attached patch fix the problem storing the decrypted version of encrypted handshake message and dissecting it when available. The patch also fix bad issue with des cipher (alike the issue fixed in my previous post)
svn path=/trunk/; revision=18081
pinfo->net_src and pinfo->net_dst where used to set up conversation, but
this fields are null on eap stream. use pinfo->src and pinfo->dst
instead.
The patch also enable strict checking in the 'follow ssl stream' dialog.
svn path=/trunk/; revision=17333
- enable the 'follow SSL stream' menu item only when a ssl packet is selected.
- when 'following' an ssl stream, show ssl decrypted data only for current conversation.
- fix a typo in ssl preference description.
svn path=/trunk/; revision=17301
the attached patch clean a bit the ssl decryption related code, removing
a macro I used when the code was still for an external plugin.
svn path=/trunk/; revision=17217
the attached patch set correctly the title of the 'Follow SSL stream'
dialog, to fix one issue reported by Nail Devis.
Unfortunaly there isn't an easy way to enable the 'Follow SSL stream'
dialog only for ssl session without knowing the value of proto_ssl (the
ssl protocol id), because the ssl dissector can run on user specified
ports (configured via preferences)
svn path=/trunk/; revision=17187
I have developed an external plugin to enable ssl decryption in
ethereal.
Me
- Remove unnecessary $Id$ from acinclude.m4
- Added packet-ssl-utils.h to Makefile.common
- Fixed a few warnings
TODO
- Lots of warning fixes (see separate mail)
- Reformat function headers to read like the others do
(return value<newline>function-name...)
- Test on Windows platform
- Review the patch to packet-ssl.c and new files packet-ssl-utils.[hc]
svn path=/trunk/; revision=17156