Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 3977] Wireshark SSL dissector does not support DHE; sugges

Date: Tue, 8 Sep 2009 23:59:35 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3977


Ivan Sy <ivan_jr@xxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ivan_jr@xxxxxxxxx
           Severity|Minor                       |Enhancement




--- Comment #1 from Ivan Sy <ivan_jr@xxxxxxxxx>  2009-09-08 23:59:26 PDT ---
to parasietje@xxxxxxxxx:
can you attach a sample frame?

Here's an un-tested patch. we'll attach this for review once we can test it on
a frame.

Index: epan/dissectors/packet-ssl-utils.c
===================================================================
--- epan/dissectors/packet-ssl-utils.c  (revision 29813)
+++ epan/dissectors/packet-ssl-utils.c  (working copy)
@@ -1801,7 +1801,12 @@
 {
     gint i;

-    if(ssl_session->cipher_suite.kex!=KEX_RSA) {
+    if(ssl_session->cipher_suite.kex == KEX_DH) {
+        ssl_debug_printf("ssl_decrypt_pre_master_secret session uses DH (%d)
key exchange, which is impossible to decrypt.\n",
+            ssl_session->cipher_suite.kex);
+        return(-1);
+    
+} else if(ssl_session->cipher_suite.kex!=KEX_RSA &&
ssl_session->cipher_suite.kex != KEX_DH) {
         ssl_debug_printf("ssl_decrypt_pre_master_secret key %d different from
KEX_RSA(%d)\n",
             ssl_session->cipher_suite.kex, KEX_RSA);
         return(-1);


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.