https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5503
Summary: SSL/TLS dissector: add support for "Certificate
Status" messages (aka OCSP stapling)
Product: Wireshark
Version: SVN
Platform: All
OS/Version: All
Status: NEW
Severity: Enhancement
Priority: Medium
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: wireshark.bugz@xxxxxxxx
Kaspar Brand <wireshark.bugz@xxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #5633| |review_for_checkin?
Flag| |
Created an attachment (id=5633)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5633)
Handle "Certificate Status" messages in the SSL/TLS dissector
Build Information:
--
The attached patch adds support for parsing Certificate Status messages to the
SSL/TLS dissector. These messages carry OCSP responses for (server)
certificates, a technique also known as "OCSP stapling".
I'm not 100% sure I got everything right with exporting/exposing
dissect_ocsp_OCSPResponse from the OCSP ASN.1 module, so please bear with me.
At least it successfully handles cert status messages as seen in the wild, so
it can't be that wrong...
For the sake of reference: the certificate_status TLS handshake message is
defined in RFC 4366 (section 3.6 in particular).
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
