Wireshark-bugs: [Wireshark-bugs] [Bug 3977] Wireshark SSL dissector does not support DHE; sugges
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3977
--- Comment #3 from parasietje@xxxxxxxxx 2009-09-09 06:27:45 PDT ---
Patch compiles perfectly. I've got two additional suggestions.
1) Change "key" to "key exchange", signifying ssl_session->cipher_suite.kex
shouldn't be interpreted as a key or session number.
2) Remove the . in the end of the scentence (consistency)
Index: epan/dissectors/packet-ssl-utils.c
===================================================================
--- epan/dissectors/packet-ssl-utils.c (revision 29813)
+++ epan/dissectors/packet-ssl-utils.c (working copy)
@@ -1801,7 +1801,12 @@
{
gint i;
- if(ssl_session->cipher_suite.kex!=KEX_RSA) {
- ssl_debug_printf("ssl_decrypt_pre_master_secret key %d different from
KEX_RSA(%d)\n",
+ if(ssl_session->cipher_suite.kex == KEX_DH) {
+ ssl_debug_printf("ssl_decrypt_pre_master_secret session uses DH (%d)
key exchange, which is impossible to decrypt\n",
+ ssl_session->cipher_suite.kex);
+ return(-1);
+
+} else if(ssl_session->cipher_suite.kex!=KEX_RSA &&
ssl_session->cipher_suite.kex != KEX_DH) {
+ ssl_debug_printf("ssl_decrypt_pre_master_secret key exchange %d
different from KEX_RSA(%d)\n",
ssl_session->cipher_suite.kex, KEX_RSA);
return(-1);
Thank you for the effort! Bug closed for all I care :-)
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.