Wireshark-dev: [Wireshark-dev] Incomplete SSL dissection (when not on standard port)
From: Kaul <[email protected]>
Date: Wed, 22 Feb 2012 22:50:19 +0200
I sniff traffic on port 8443, which is SSL based.
Unless I add to HTTP dissector that port, as SSL based, de-segmentation of SSL records fails (meaning, if it began from the middle of one TCP packet and ends in another, it is not dissected properly).
'Decode As' is what I've used before trying the trick to add to the HTTP dissector prefs the SSL port - any idea why it doesn't work?
I have a hunch that the HTTP method calls 'ssl_dissector_add()', while 'decode as' will call dissect_ssl(), which probably misses registering the dissector to that port, but perhaps I'm missing something else.

Any ideas? (I can open a bug about this of course).