forked from Mirrors/sngrep
tls: fix connection encrypted flags #117
From now on connection is considered encrypted only when sngrep captures change_cipher_spec message and has both client and server cipher contexts. Before gathering all that information, all application_data messages will be ignored.
This commit is contained in:
parent
19af2ac5cb
commit
2b6ca86f72
|
@ -393,6 +393,7 @@ tls_process_record(struct SSLConnection *conn, const uint8_t *payload,
|
|||
break;
|
||||
case change_cipher_spec:
|
||||
// From now on, this connection will be encrypted using MasterSecret
|
||||
if (conn->client_cipher_ctx.cipher && conn->server_cipher_ctx.cipher)
|
||||
conn->encrypted = 1;
|
||||
break;
|
||||
case application_data:
|
||||
|
|
|
@ -366,6 +366,7 @@ tls_process_record(struct SSLConnection *conn, const uint8_t *payload,
|
|||
break;
|
||||
case change_cipher_spec:
|
||||
// From now on, this connection will be encrypted using MasterSecret
|
||||
if (conn->client_cipher_ctx.cipher && conn->server_cipher_ctx.cipher)
|
||||
conn->encrypted = 1;
|
||||
break;
|
||||
case application_data:
|
||||
|
|
Loading…
Reference in New Issue