Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: Re: [Wireshark-dev] SSL + DTLS

From: "authesserre samuel" <sauthess@xxxxxxxxx>
Date: Thu, 29 Jun 2006 11:18:03 +0200
PS : thanks for your modifications ! I will follow your advice and
take the last svn before starting to work

On 6/29/06, authesserre samuel <sauthess@xxxxxxxxx> wrote:
hi,


I was talking about modifying directly openssl implementation allowing
me to make test on dtls dissector implementation.
In ethereal I can use (its the fact actually) gnutls because the only
usefull fonction to realize dissector is the cryptographics ones no
the send or receive one (based on tcp) that's why I choose to continue
with modifying dtls dissector in the same scheme as ssl one and
modifying openssl dtls implementation to have a complete dtls
implementation (and dissection with wireshark ;) )
so I can make mistake but the dtls dissector can be added on win32
version (like ssl?), the fact is dtls ans ssl dissectors use the same
functions in packet-ssl-utils.h so I think there is no problem (dtls
dissector don't use openssl at all).
tell me if I am right

regards,

samuel


On 6/29/06, ronnie sahlberg <ronniesahlberg@xxxxxxxxx> wrote:
> it would just mean that dtls decryption would not work out of the box
> for win32 users since we can not ship win32 versions of ethereal
> linked with openssl.
>
> no drama.   if there is enough interest in the feature someone will
> implement the required gnutls magic if you dont have time.    if not
> it just mean there is no interest.
>
>
> i have associates that need the ssl decryption feature now so dont
> worry about ssl.    ill do the updates required to ssl.
> (beware     preference breaking update/change estimated to go in in 10 minutes)
>
> please ty to follow the ssl changes i do to svn for your dtls code.
>
>
>
>
>
>
> On 6/29/06, authesserre samuel <sauthess@xxxxxxxxx> wrote:
> > hi,
> >
> > it isn't compatible  at all(bsd licence), and i have already posted on
> > gnutls mailing list to propose a dtls implementation.
> > in a first time i think it could be a good idea to have an
> > implementation that work correctly and in a second time another to
> > test interoperability
> > I have only one month to consacrate to project i don't think that i
> > could make gnutls implementation in this time....(i will do all i can
> > because i would like a gpl'ed implementation)
> > gnutls have the advantage that it implement TLS 1.1 but in other side
> > it have to change a lot of things for UDP adaptation
> >
> > I will try to finish openssl implem and in a second time i will look
> > at gnutls (if you are ready to help me  ;) )
> >
> > regards,
> >
> > samuel
> >
> > On 6/28/06, Joerg Mayer <jmayer@xxxxxxxxx> wrote:
> > > On Wed, Jun 28, 2006 at 11:31:28AM +0200, authesserre samuel wrote:
> > > > but dtls work on openssl version 0.9.b who contains many errors (I
> > > > have listed them on openssl-dev mailing list and correct 2 of them)
> > > > but in current time i havent time to finish implementation of dtls
> > > > (i'll try to correct it during july and dtls dissector in the same
> > > > time)
> > >
> > > Would it be feasible to use another lib than openssl (gnutls + gcrypt)
> > > instead? I'm still not really convinced that the way we provide openssl
> > > is really compatible with gpl (and especially distros enabling it).
> > >
> > >  Ciao
> > >       Joerg
> > > --
> > > Joerg Mayer                                           <jmayer@xxxxxxxxx>
> > > We are stuck with technology when what we really want is just stuff that
> > > works. Some say that should read Microsoft instead of technology.
> > > _______________________________________________
> > > Wireshark-dev mailing list
> > > Wireshark-dev@xxxxxxxxxxxxx
> > > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> > >
> >
> >
> > --
> > Authesserre Samuel
> > 12 rue de la défense passive
> > 14000 CAEN
> > FRANCE
> > 06-27-28-13-32
> > sauthess@xxxxxxxxx
> > _______________________________________________
> > Wireshark-dev mailing list
> > Wireshark-dev@xxxxxxxxxxxxx
> > http://www.wireshark.org/mailman/listinfo/wireshark-dev
> >
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-dev
>


--
Authesserre Samuel
12 rue de la défense passive
14000 CAEN
FRANCE
06-27-28-13-32
sauthess@xxxxxxxxx



--
Authesserre Samuel
12 rue de la défense passive
14000 CAEN
FRANCE
06-27-28-13-32
sauthess@xxxxxxxxx