https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4544
Summary: unencrypted traffic in STARTTLS session is not
dissected when using SSL decryption
Product: Wireshark
Version: 1.3.x (Experimental)
Platform: x86
OS/Version: Windows XP
Status: NEW
Severity: Normal
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: ivan_pozdeev@xxxxxxx
Created an attachment (id=4344)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4344)
capture of SMTP-STARTTLS session
Build Information:
Version 1.3.3 (SVN Rev 31863 from /trunk)
Compiled with GTK+ 2.18.5, with GLib 2.22.3, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8,
with c-ares 1.7.0, with Lua 5.1, without Python, with GnuTLS 2.8.5, with Gcrypt
1.4.5, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Feb 10
2010), with AirPcap, with new_packet_list.
Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1.1
(packet.dll version 4.1.0.1753), based on libpcap version 1.0 branch 1_0_rel0b
(20091008), GnuTLS 2.8.5, Gcrypt 1.4.5, without AirPcap.
Built using Microsoft Visual C++ 9.0 build 30729
--
When SSL decryption is on and an eligible connection is seen, SSL dissector
takes over the TCP port replacing the regular protocol dissector for that port.
Consequently, the unencrypted part of conversation is seen as 'Ignored Unknown
Record's.
The expected SSL dissector's behaviour is not to push out any regular
dissectors but be instantiated by them 'at the right time' (e.g. after a
STARTTLS command).
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
