[Wireshark-commits] master-3.2 29995b5: QUIC: ignore invalid short header packet to fix decryption

Fri, 14 Feb 2020 01:04:12 -0800 

URL: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=29995b501c2ce58e3164e23d14853e7b7fca7063
Submitter: "Anders Broman <a.broma...@gmail.com>"
Changed: branch: master-3.2
Repository: wireshark

Commits:

29995b5 by Peter Wu (pe...@lekensteyn.nl):

    QUIC: ignore invalid short header packet to fix decryption
    
    The unencrypted padding after the client Initial Packet was interpreted
    as a short header packet. At that point, the TLS dissector has not
    encountered the Server Hello yet and was not able to provide decryption
    secrets. The QUIC dissector wrongly assumed that decryption would never
    be possible from that point on.
    
    Add a comment to clarify why decryption was skipped, and avoid treating
    the zero padding as Short Header (SH) packets to fix decryption.
    
    Alternatively, the short header dissector could try to validate the DCID
    in SH packets, but that might result in failure to dissect legitimate SH
    packets when the handshake packets are missing.
    
    Ping-Bug: 13881
    Change-Id: Id20eb23c976226cb3ef78ac91f25a291f94dc805
    Reviewed-on: https://code.wireshark.org/review/36000
    Petri-Dish: Peter Wu <pe...@lekensteyn.nl>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Alexis La Goutte <alexis.lagou...@gmail.com>
    (cherry picked from commit a2368cd1243f49f9fe3376f09572bb747307c93b)
    Reviewed-on: https://code.wireshark.org/review/36103
    Petri-Dish: Anders Broman <a.broma...@gmail.com>
    Reviewed-by: Anders Broman <a.broma...@gmail.com>
    

Actions performed:

    from  26d9a5e   QUIC: recognize Connection ID between 1 and 3 bytes
     add  29995b5   QUIC: ignore invalid short header packet to fix decryption


Summary of changes:
 epan/dissectors/packet-quic.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)
___________________________________________________________________________
Sent via:    Wireshark-commits mailing list <wireshark-commits@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-commits
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-commits
             mailto:wireshark-commits-requ...@wireshark.org?subject=unsubscribe

Reply via email to