From f5f221b3a51bb2d2d69cc530f302702d502ac84c Mon Sep 17 00:00:00 2001 From: Stefan Becker Date: Wed, 23 Nov 2011 21:21:04 +0200 Subject: [PATCH] tls: handle incoming ChangeCipherSpec After that message all the remaining handshake messages are encrypted and therefore fail to parse. Well, we're not really interested in the contents, so why should we spent time decoding them? --- src/core/sipe-tls.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/core/sipe-tls.c b/src/core/sipe-tls.c index a14f5bf9..a936d403 100644 --- a/src/core/sipe-tls.c +++ b/src/core/sipe-tls.c @@ -85,6 +85,7 @@ struct tls_internal_state { guchar *digest); gpointer cipher_context; guint64 sequence_number; + gboolean encrypted; }; /* @@ -913,8 +914,18 @@ static gboolean tls_record_parse(struct tls_internal_state *state, } switch (bytes[TLS_RECORD_OFFSET_TYPE]) { + case TLS_RECORD_TYPE_CHANGE_CIPHER_SPEC: + debug_print(state, "Change Cipher Spec\n"); + if (incoming) state->encrypted = TRUE; + break; + case TLS_RECORD_TYPE_HANDSHAKE: - success = handshake_parse(state); + if (incoming && state->encrypted) { + debug_print(state, "Encrypted handshake message\n"); + debug_hex(state, 0); + } else { + success = handshake_parse(state); + } break; default: -- 2.11.4.GIT