Wireshark-commits: [Wireshark-commits] master 70d34ee: ssl, dtls: fix CertificateVerify dissection
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Thu, 12 Mar 2015 12:48:06 +0000 (UTC)
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=70d34eee2b26c8b83e590c8a8ba0aaa942558d24
Submitter: Michael Mann (mmann78@xxxxxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

70d34ee by Peter Wu (peter@xxxxxxxxxxxxx):

    ssl,dtls: fix CertificateVerify dissection for TLSv1.2
    
    TLSv1.2 gained an additional SignatureAndHashAlgorithm field for fields
    marked with the digitally-signed attribute. This was already implemented
    before for ServerKeyExchange, let's reuse that.
    
    Note that the SignatureAndHashAlgorithm tree and fields (hash algo,
    signature algo) are repurposed in a different context, but since the
    structure is the same it is kept like this.
    
    By the way, add support for DTLSv1.2 too. RFC 6347 section 4.2.6
    suggests that the implementation is the same (as far as the dissector is
    concerned).
    
    Also update the comments and remove the additional "Signature with
    client's private key" subtree since the CertificateVerify message has no
    other items.
    
    Bug: 11045
    Change-Id: I025901b85e607f04d60357ff14187cc13db2ae5d
    Reviewed-on: https://code.wireshark.org/review/7650
    Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
    Tested-by: Peter Wu <peter@xxxxxxxxxxxxx>
    Reviewed-by: Michael Mann <mmann78@xxxxxxxxxxxx>
    

Actions performed:

    from  95ce392   Fix the Lua FPM dissector test.
    adds  70d34ee   ssl,dtls: fix CertificateVerify dissection for TLSv1.2


Summary of changes:
 epan/dissectors/packet-dtls.c      |    2 +-
 epan/dissectors/packet-ssl-utils.c |   60 ++++++++++++++++++++++++++++++------
 epan/dissectors/packet-ssl-utils.h |   18 +++++++++++
 epan/dissectors/packet-ssl.c       |   55 +--------------------------------
 4 files changed, 70 insertions(+), 65 deletions(-)