https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4400
Summary: Cannot follow SSL stream with cipher
TLS_RSA_WITH_NULL_SHA suite
Product: Wireshark
Version: unspecified
Platform: All
OS/Version: Windows XP
Status: NEW
Severity: Enhancement
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: laurent.boulard@xxxxxxxxx
Build Information:
Version 1.2.5 (SVN Rev 31296)
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.16.2, with GLib 2.20.3, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 0.4.8,
with c-ares 1.6.0, with Lua 5.1, with GnuTLS 2.8.1, with Gcrypt 1.4.4, with MIT
Kerberos, with GeoIP, with PortAudio V19-devel (built Dec 17 2009), with
AirPcap.
Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1.1
(packet.dll version 4.1.0.1753), based on libpcap version 1.0 branch 1_0_rel0b
(20091008), GnuTLS 2.8.1, Gcrypt 1.4.4, without AirPcap.
Built using Microsoft Visual C++ 9.0 build 30729
--
The project I work on is using SSL for authentication. We can see the data
output but it is mixed with MAC data.
We tried to use Wireshark to separate data flow from SSL flow. Unfortunately, a
quick look at Wireshark showed that any ENC_NULL encoding is treated as an
error when creating a SSL decoder.
I would like to know if support for ENC_NULL in SSL parser is planned.
If this is not the case, would add parsing of ENC_NULL possible if I (or
someone else) is providing a patch ?
Thanks,
Laurent.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
