SSL_MD5_CTX md5;
guint8 tmp[16];
+ memset(&md5, 0, sizeof(md5));
ssl_md5_init(&md5);
ssl_md5_update(&md5,r1->data,r1->data_len);
ssl_md5_update(&md5,r2->data,r2->data_len);
rnd1=r1; rnd2=r2;
+ memset(&md5,0,sizeof(md5));
ssl_md5_init(&md5);
memset(&sha,0,sizeof(sha));
ssl_sha_init(&sha);
SSL_MD5_CTX md5;
ssl_debug_printf("ssl_generate_keyring_material MD5(client_random)\n");
+
+ memset(&md5, 0, sizeof(md5));
ssl_md5_init(&md5);
ssl_md5_update(&md5,c_wk,ssl_session->cipher_suite.eff_bits/8);
ssl_md5_update(&md5,ssl_session->client_random.data,
/* PAOLO: here we can have all the data to build session key*/
StringInfo encrypted_pre_master;
int ret;
+ unsigned encrlen = length, skip = 0;
if (!ssl)
break;
break;
}
- /* get encrypted data, we must skip tls record len && version and
- * 2 bytes of record data */
- encrypted_pre_master.data = se_alloc(length - 2);
- encrypted_pre_master.data_len = length-2;
- tvb_memcpy(tvb, encrypted_pre_master.data, offset+2, length-2);
+ /* get encrypted data, on tls1 we have to byte to skip
+ * (it's the encrypted len and should be equal to record len - 2)
+ */
+ if (ssl->version == SSL_VER_TLS)
+ {
+ encrlen = tvb_get_ntohs(tvb, offset);
+ skip = 2;
+ if (encrlen > length - 2)
+ {
+ ssl_debug_printf("dissect_ssl3_handshake wrong encrypted length (%d max %d)\n",
+ encrlen, length);
+ break;
+ }
+ }
+ encrypted_pre_master.data = se_alloc(encrlen);
+ encrypted_pre_master.data_len = encrlen;
+ tvb_memcpy(tvb, encrypted_pre_master.data, offset+skip, encrlen);
if (!ssl->private_key) {
ssl_debug_printf("dissect_ssl3_handshake can't find private key\n");