Wireshark-dev: Re: [Wireshark-dev] SSL + DTLS
From: "authesserre samuel" <[email protected]>
Date: Thu, 29 Jun 2006 11:17:07 +0200
hi,


I was talking about modifying directly openssl implementation allowing
me to make test on dtls dissector implementation.
In ethereal I can use (its the fact actually) gnutls because the only
usefull fonction to realize dissector is the cryptographics ones no
the send or receive one (based on tcp) that's why I choose to continue
with modifying dtls dissector in the same scheme as ssl one and
modifying openssl dtls implementation to have a complete dtls
implementation (and dissection with wireshark ;) )
so I can make mistake but the dtls dissector can be added on win32
version (like ssl?), the fact is dtls ans ssl dissectors use the same
functions in packet-ssl-utils.h so I think there is no problem (dtls
dissector don't use openssl at all).
tell me if I am right

regards,

samuel


On 6/29/06, ronnie sahlberg <[email protected]> wrote:
it would just mean that dtls decryption would not work out of the box
for win32 users since we can not ship win32 versions of ethereal
linked with openssl.

no drama.   if there is enough interest in the feature someone will
implement the required gnutls magic if you dont have time.    if not
it just mean there is no interest.


i have associates that need the ssl decryption feature now so dont
worry about ssl.    ill do the updates required to ssl.
(beware     preference breaking update/change estimated to go in in 10 minutes)

please ty to follow the ssl changes i do to svn for your dtls code.






On 6/29/06, authesserre samuel <[email protected]> wrote:
> hi,
>
> it isn't compatible  at all(bsd licence), and i have already posted on
> gnutls mailing list to propose a dtls implementation.
> in a first time i think it could be a good idea to have an
> implementation that work correctly and in a second time another to
> test interoperability
> I have only one month to consacrate to project i don't think that i
> could make gnutls implementation in this time....(i will do all i can
> because i would like a gpl'ed implementation)
> gnutls have the advantage that it implement TLS 1.1 but in other side
> it have to change a lot of things for UDP adaptation
>
> I will try to finish openssl implem and in a second time i will look
> at gnutls (if you are ready to help me  ;) )
>
> regards,
>
> samuel
>
> On 6/28/06, Joerg Mayer <[email protected]> wrote:
> > On Wed, Jun 28, 2006 at 11:31:28AM +0200, authesserre samuel wrote:
> > > but dtls work on openssl version 0.9.b who contains many errors (I
> > > have listed them on openssl-dev mailing list and correct 2 of them)
> > > but in current time i havent time to finish implementation of dtls
> > > (i'll try to correct it during july and dtls dissector in the same
> > > time)
> >
> > Would it be feasible to use another lib than openssl (gnutls + gcrypt)
> > instead? I'm still not really convinced that the way we provide openssl
> > is really compatible with gpl (and especially distros enabling it).
> >
> >  Ciao
> >       Joerg
> > --
> > Joerg Mayer                                           <[email protected]>
> > We are stuck with technology when what we really want is just stuff that
> > works. Some say that should read Microsoft instead of technology.
> > _______________________________________________
> > Wireshark-dev mailing list
> > [email protected]
> > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> >
>
>
> --
> Authesserre Samuel
> 12 rue de la défense passive
> 14000 CAEN
> FRANCE
> 06-27-28-13-32
> [email protected]
> _______________________________________________
> Wireshark-dev mailing list
> [email protected]
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>
_______________________________________________
Wireshark-dev mailing list
[email protected]
http://www.wireshark.org/mailman/listinfo/wireshark-dev


--
Authesserre Samuel
12 rue de la défense passive
14000 CAEN
FRANCE
06-27-28-13-32
[email protected]