diff options
| author | Michael Tüxen <tuexen@fh-muenster.de> | 2012-03-28 09:31:04 +0000 |
|---|---|---|
| committer | Michael Tüxen <tuexen@fh-muenster.de> | 2012-03-28 09:31:04 +0000 |
| commit | 7e112bec91edca3d5302157800e5c7bc6999ee5b (patch) | |
| tree | d28c80372524cb92e8cd8feef1f4ca2808d7142d /epan/dissectors/packet-ssl-utils.c | |
| parent | 0949fc136425f07594374979661d45b442796cb3 (diff) | |
| download | wireshark-7e112bec91edca3d5302157800e5c7bc6999ee5b.tar.gz wireshark-7e112bec91edca3d5302157800e5c7bc6999ee5b.tar.bz2 wireshark-7e112bec91edca3d5302157800e5c7bc6999ee5b.zip | |
From Robin Seggelmann:
Support DTLS 1.2
Fix a bug in option handling.
svn path=/trunk/; revision=41816
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.c')
| -rw-r--r-- | epan/dissectors/packet-ssl-utils.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c index d6c20f400e..0d5084ca63 100644 --- a/epan/dissectors/packet-ssl-utils.c +++ b/epan/dissectors/packet-ssl-utils.c @@ -50,6 +50,7 @@ const value_string ssl_version_short_names[] = { { SSL_VER_TLS, "TLSv1" }, { SSL_VER_TLSv1DOT1, "TLSv1.1" }, { SSL_VER_DTLS, "DTLSv1.0" }, + { SSL_VER_DTLS1DOT2, "DTLSv1.2" }, { SSL_VER_PCT, "PCT" }, { SSL_VER_TLSv1DOT2, "TLSv1.2" }, { 0x00, NULL } @@ -410,6 +411,7 @@ const value_string ssl_31_content_type[] = { }; const value_string ssl_versions[] = { + { 0xfefd, "DTLS 1.2" }, { 0xfeff, "DTLS 1.0" }, { 0x0100, "DTLS 1.0 (OpenSSL pre 0.9.8f)" }, { 0x0303, "TLS 1.2" }, @@ -1909,7 +1911,8 @@ static gint prf(SslDecryptSession* ssl,StringInfo* secret,gchar* usage,StringInf if (ssl->version_netorder==SSLV3_VERSION){ ret = ssl3_prf(secret,usage,rnd1,rnd2,out); }else if (ssl->version_netorder==TLSV1_VERSION || ssl->version_netorder==TLSV1DOT1_VERSION || - ssl->version_netorder==DTLSV1DOT0_VERSION || ssl->version_netorder==DTLSV1DOT0_VERSION_NOT){ + ssl->version_netorder==DTLSV1DOT0_VERSION || ssl->version_netorder==DTLSV1DOT2_VERSION || + ssl->version_netorder==DTLSV1DOT0_VERSION_NOT){ ret = tls_prf(secret,usage,rnd1,rnd2,out); }else{ if (ssl->cipher_suite.dig == DIG_SHA384){ @@ -2571,6 +2574,7 @@ ssl_decrypt_record(SslDecryptSession*ssl,SslDecoder* decoder, gint ct, memcpy(out_str->data,out_str->data+(decoder->cipher_suite->block!=1 ? decoder->cipher_suite->block : 0),worklen); } if(ssl->version_netorder==DTLSV1DOT0_VERSION || + ssl->version_netorder==DTLSV1DOT2_VERSION || ssl->version_netorder==DTLSV1DOT0_VERSION_NOT){ worklen=worklen-decoder->cipher_suite->block; memcpy(out_str->data,out_str->data+decoder->cipher_suite->block,worklen); @@ -2607,6 +2611,7 @@ ssl_decrypt_record(SslDecryptSession*ssl,SslDecoder* decoder, gint ct, } } else if(ssl->version_netorder==DTLSV1DOT0_VERSION || + ssl->version_netorder==DTLSV1DOT2_VERSION || ssl->version_netorder==DTLSV1DOT0_VERSION_NOT){ /* Try rfc-compliant mac first, and if failed, try old openssl's non-rfc-compliant mac */ if(dtls_check_mac(decoder,ct,ssl->version_netorder,out_str->data,worklen,mac)>= 0) { |