https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2763
Summary: when try to decrypt ssl in pdml or psml -->
ERROR:(print.c:707):get_field_data: code should not be
reached
Product: Wireshark
Version: 1.0.0
Platform: PC
OS/Version: Ubuntu
Status: NEW
Severity: Minor
Priority: Low
Component: TShark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: riccardo.bacchiorri@xxxxxxxxx
Build Information:
TShark 1.0.0
Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GLib 2.16.1, with libpcap 0.9.8, with libz 1.2.3.3, with POSIX
capabilities (Linux), with libpcre 7.4, without SMI, with ADNS, with Lua 5.1,
with GnuTLS 2.0.4, with Gcrypt 1.2.4, with MIT Kerberos.
Running on Linux 2.6.24-19-generic, with libpcap version 0.9.8.
Built using gcc 4.2.3 (Ubuntu 4.2.3-2ubuntu7).
--
We installed tshark to monitor internal HTTPS CLIENT/SERVER session.
The command we give is :
tshark -f "port 443" -t e -T psml -V -i eth0
or
tshark -f "port 443" -t e -T pdml -V -i eth0
We configure preferences file :~/.wireshark/preferences.
ssl.keys_list:
192.168.254.114,443,http,/root/script/crypto_annuser/cert/apache_nopwd.key
ssl.debug_file: ~/script/crypto_annuser/log/debug_ssl.log
When we try to capture traffic from command line, tshark stops with error:
<field name="ssl.record.length" showname="Length: 32" size="2" pos="57"
show="32" value="0020"/>
<field name="ssl.alert_message" showname="Alert Message" size="2" pos="0"
show="" value="">
**
** ERROR:(print.c:707):get_field_data: code should not be reached
<field name="ssl.alert_message.level" showname="Level: Warning (1)"
size="1" pos="0" show="1" value="Aborted
If we use -T text or fields, or disabling flag -V, all seems ok.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
