Fix for sniffer with TLS v1.2 static ECDH ciphers. The sniffer will now correctly try using the key for ECC if the RSA key decode fails. ZD 11476.

2021-01-12 09:49:32 -08:00
parent 88faef9bd9
commit aaec9832e4
1 changed files with 2 additions and 0 deletions
--- a/src/sniffer.c
+++ b/src/sniffer.c
@ -2111,6 +2111,8 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
                /* If we can do ECC, this isn't fatal. Not loading an ECC
                    * key will be fatal, though. */
                SetError(RSA_DECODE_STR, error, session, 0);
+                if (keys->ecKey == NULL)
+                    keys->ecKey = session->sslServer->buffers.key; /* try ECC */
            #endif
            }
        #ifdef HAVE_ECC