"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "epan/dissectors/packet-quic.c" between
wireshark-3.4.5.tar.xz and wireshark-3.4.6.tar.xz

About: Wireshark is a network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network.

packet-quic.c  (wireshark-3.4.5.tar.xz):packet-quic.c  (wireshark-3.4.6.tar.xz)
skipping to change at line 2430 skipping to change at line 2430
} }
quic_pp_state_t *client_pp = &quic_info->client_pp; quic_pp_state_t *client_pp = &quic_info->client_pp;
quic_pp_state_t *server_pp = &quic_info->server_pp; quic_pp_state_t *server_pp = &quic_info->server_pp;
quic_pp_state_t *pp_state = !from_server ? client_pp : server_pp; quic_pp_state_t *pp_state = !from_server ? client_pp : server_pp;
/* Try to lookup secrets if not available. */ /* Try to lookup secrets if not available. */
if (!quic_info->client_pp.next_secret) { if (!quic_info->client_pp.next_secret) {
/* Query TLS for the cipher suite. */ /* Query TLS for the cipher suite. */
if (!tls_get_cipher_info(pinfo, 0, &quic_info->cipher_algo, &quic_info-> cipher_mode, &quic_info->hash_algo)) { if (!tls_get_cipher_info(pinfo, 0, &quic_info->cipher_algo, &quic_info-> cipher_mode, &quic_info->hash_algo)) {
// No previous TLS handshake found or unsupported ciphers, fail. /* We end up here if:
// This is an optimization that allows skipping checks for future * no previous TLS handshake is found
// packets in case the capture starts in midst of a connection where * the used ciphers are unsupported
// the handshake is not present. * some (unencrypted) padding is misdetected as SH coalesced pack
// If this breaks decryption because packets prior to the Server et
// Hello are somehow misdetected as Short Packet, then this Because of the third scenario, we can't set quic_info->skip_decry
// optimization should probably be removed. ption
quic_info->skip_decryption = TRUE; to TRUE; otherwise we will stop decrypting the entire session, ev
*error = "Missing TLS handshake or unsupported ciphers"; en if
we are able to.
Unfortunately, this way, we lost the optimization that allows ski
pping checks
for future packets in case the capture starts in midst of a
connection where the handshake is not present.
Note that even if we have a basic logic to detect unencrypted pad
ding (via
check_dcid_on_coalesced_packet()), there is not a proper way to d
etect it
other than checking if the decryption successed
*/
*error = "Missing TLS handshake, unsupported ciphers or padding";
return NULL; return NULL;
} }
/* Retrieve secrets for both the client and server. */ /* Retrieve secrets for both the client and server. */
if (!quic_get_traffic_secret(pinfo, quic_info->hash_algo, client_pp, TRU E) || if (!quic_get_traffic_secret(pinfo, quic_info->hash_algo, client_pp, TRU E) ||
!quic_get_traffic_secret(pinfo, quic_info->hash_algo, server_pp, FAL SE)) { !quic_get_traffic_secret(pinfo, quic_info->hash_algo, server_pp, FAL SE)) {
quic_info->skip_decryption = TRUE; quic_info->skip_decryption = TRUE;
*error = "Secrets are not available"; *error = "Secrets are not available";
return NULL; return NULL;
} }
 End of changes. 1 change blocks. 
9 lines changed or deleted 21 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)