Wireshark-commits: [Wireshark-commits] master 2c772e3: ssl: move decoder init from ClientKeyExchang
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Tue, 15 Jul 2014 23:07:12 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2c772e38256e22974e05eef01d59efe2120df5d5
Submitter: Evan Huus (eapache@xxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

2c772e3 by Peter Wu (peter@xxxxxxxxxxxxx):

    ssl: move decoder init from ClientKeyExchange to ChangeCipherSpec
    
    My previous change removed master-key retrieval in the Server Hello.
    This broke decryption when ClientKeyExchange is missing. That was done
    because decryption is only needed after ChangeCipherSpec.
    
    This patch moves the remaining initialization in ClientKeyExchange to
    ChangeCipherSpec. In theory this could fix decryption of DTLS traffic
    when an abbreviated handshake is used (and thus keyring material is
    never generated in ClientKeyExchange since it is not called).
    
    It also avoids saving a session ticket with an empty key which can
    happen when no RSA key is present, but the NewSessionTicket message
    is received. This could lead to garbage decryption.
    
    Change-Id: If0f475232c270b1d7b006c1f9af0e8d8098c6b65
    Reviewed-on: https://code.wireshark.org/review/3019
    Reviewed-by: Hauke Mehrtens <hauke@xxxxxxxxxx>
    Reviewed-by: Evan Huus <eapache@xxxxxxxxx>
    

Actions performed:

    from  aecbb98   ssl: unify common Hello dissection to ssl-utils
    adds  2c772e3   ssl: move decoder init from ClientKeyExchange to ChangeCipherSpec


Summary of changes:
 epan/dissectors/packet-dtls.c      |   16 ++++-------
 epan/dissectors/packet-ssl-utils.c |   56 ++++++++++++++++++++++++++++++++++++
 epan/dissectors/packet-ssl-utils.h |    4 +++
 epan/dissectors/packet-ssl.c       |   17 ++++-------
 4 files changed, 72 insertions(+), 21 deletions(-)