Wireshark-bugs: [Wireshark-bugs] [Bug 3977] Wireshark SSL dissector does not support DHE; sugges
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3977
Ivan Sy <ivan_jr@xxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ivan_jr@xxxxxxxxx
Severity|Minor |Enhancement
--- Comment #1 from Ivan Sy <ivan_jr@xxxxxxxxx> 2009-09-08 23:59:26 PDT ---
to parasietje@xxxxxxxxx:
can you attach a sample frame?
Here's an un-tested patch. we'll attach this for review once we can test it on
a frame.
Index: epan/dissectors/packet-ssl-utils.c
===================================================================
--- epan/dissectors/packet-ssl-utils.c (revision 29813)
+++ epan/dissectors/packet-ssl-utils.c (working copy)
@@ -1801,7 +1801,12 @@
{
gint i;
- if(ssl_session->cipher_suite.kex!=KEX_RSA) {
+ if(ssl_session->cipher_suite.kex == KEX_DH) {
+ ssl_debug_printf("ssl_decrypt_pre_master_secret session uses DH (%d)
key exchange, which is impossible to decrypt.\n",
+ ssl_session->cipher_suite.kex);
+ return(-1);
+
+} else if(ssl_session->cipher_suite.kex!=KEX_RSA &&
ssl_session->cipher_suite.kex != KEX_DH) {
ssl_debug_printf("ssl_decrypt_pre_master_secret key %d different from
KEX_RSA(%d)\n",
ssl_session->cipher_suite.kex, KEX_RSA);
return(-1);
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.