ssl_finalize_decryption(ssl, &dtls_master_key_map);
ssl_change_cipher(ssl, ssl_packet_from_server(session, dtls_associations, pinfo));
}
+ /* Heuristic: any later ChangeCipherSpec is not a resumption of this
+ * session. Set the flag after ssl_finalize_decryption such that it has
+ * a chance to use resume using Session Tickets. */
+ if (is_from_server)
+ session->is_session_resumed = FALSE;
break;
case SSL_ID_ALERT:
{
break;
case SSL_HND_SVR_HELLO_DONE:
- if (ssl)
- ssl->state |= SSL_SERVER_HELLO_DONE;
+ /* This is not an abbreviated handshake, it is certainly not resumed. */
+ session->is_session_resumed = FALSE;
break;
case SSL_HND_CERT_VERIFY:
* Normally this should be done at the Finished message, but that may be
* encrypted so we do it here, at the last cleartext message. */
if (is_from_server && ssl) {
- if (!(ssl->state & SSL_SERVER_HELLO_DONE)) {
+ if (session->is_session_resumed) {
const char *resumed = NULL;
if (ssl->session_ticket.data_len) {
resumed = "Session Ticket";
}
if (resumed) {
ssl_debug_printf("%s Session resumption using %s\n", G_STRFUNC, resumed);
- session->is_session_resumed = TRUE;
} else {
/* Can happen if the capture somehow starts in the middle */
ssl_debug_printf("%s No Session resumption, missing packets?\n", G_STRFUNC);
- session->is_session_resumed = FALSE;
}
} else {
ssl_debug_printf("%s Not using Session resumption\n", G_STRFUNC);
- session->is_session_resumed = FALSE;
}
}
if (is_from_server && session->is_session_resumed)
ssl_try_set_version(session, ssl, SSL_ID_HANDSHAKE, SSL_HND_SERVER_HELLO,
is_dtls, tvb_get_ntohs(tvb, offset));
+ /* Initially assume that the session is resumed. If this is not the case, a
+ * ServerHelloDone will be observed before the ChangeCipherSpec message
+ * which will reset this flag. */
+ session->is_session_resumed = TRUE;
+
/* show the server version */
proto_tree_add_item(tree, hf->hf.hs_server_version, tvb,
offset, 2, ENC_BIG_ENDIAN);
#define SSL_PRE_MASTER_SECRET (1<<6)
#define SSL_CLIENT_EXTENDED_MASTER_SECRET (1<<7)
#define SSL_SERVER_EXTENDED_MASTER_SECRET (1<<8)
-#define SSL_SERVER_HELLO_DONE (1<<9)
#define SSL_NEW_SESSION_TICKET (1<<10)
#define SSL_EXTENDED_MASTER_SECRET_MASK (SSL_CLIENT_EXTENDED_MASTER_SECRET|SSL_SERVER_EXTENDED_MASTER_SECRET)
ssl_finalize_decryption(ssl, &ssl_master_key_map);
ssl_change_cipher(ssl, ssl_packet_from_server(session, ssl_associations, pinfo));
}
+ /* Heuristic: any later ChangeCipherSpec is not a resumption of this
+ * session. Set the flag after ssl_finalize_decryption such that it has
+ * a chance to use resume using Session Tickets. */
+ if (is_from_server)
+ session->is_session_resumed = FALSE;
break;
case SSL_ID_ALERT:
{
break;
case SSL_HND_SVR_HELLO_DONE:
- if (ssl)
- ssl->state |= SSL_SERVER_HELLO_DONE;
+ /* This is not an abbreviated handshake, it is certainly not resumed. */
+ session->is_session_resumed = FALSE;
break;
case SSL_HND_CERT_VERIFY: