Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 3977] Wireshark SSL dissector does not support DHE; sugges

Date: Wed, 9 Sep 2009 06:27:46 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3977





--- Comment #3 from parasietje@xxxxxxxxx  2009-09-09 06:27:45 PDT ---
Patch compiles perfectly. I've got two additional suggestions.
1) Change "key" to "key exchange", signifying ssl_session->cipher_suite.kex
shouldn't be interpreted as a key or session number.
2) Remove the . in the end of the scentence (consistency)

Index: epan/dissectors/packet-ssl-utils.c
===================================================================
--- epan/dissectors/packet-ssl-utils.c  (revision 29813)
+++ epan/dissectors/packet-ssl-utils.c  (working copy)
@@ -1801,7 +1801,12 @@
 {
     gint i;

-    if(ssl_session->cipher_suite.kex!=KEX_RSA) {
-         ssl_debug_printf("ssl_decrypt_pre_master_secret key %d different from
KEX_RSA(%d)\n",
+    if(ssl_session->cipher_suite.kex == KEX_DH) {
+        ssl_debug_printf("ssl_decrypt_pre_master_secret session uses DH (%d)
key exchange, which is impossible to decrypt\n",
+            ssl_session->cipher_suite.kex);
+        return(-1);
+    
+} else if(ssl_session->cipher_suite.kex!=KEX_RSA &&
ssl_session->cipher_suite.kex != KEX_DH) {
+         ssl_debug_printf("ssl_decrypt_pre_master_secret key exchange %d
different from KEX_RSA(%d)\n",
             ssl_session->cipher_suite.kex, KEX_RSA);
         return(-1);


Thank you for the effort! Bug closed for all I care :-)


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.