Wireshark · Wireshark-dev: Re: [Wireshark-dev] Listener (Tap) in Lua to write SSL cert bytes

Wireshark-dev: Re: [Wireshark-dev] Listener (Tap) in Lua to write SSL cert bytes

Date: Fri, 24 May 2013 12:47:13 -0400

On Fri, May 24, 2013 at 12:08 PM, Rion Carter <rion@xxxxxxxxxx> wrote:

When I look at the capture in the UI I see this:

Secure Sockets Layer
-TLSv1 Record Layer: Handshake Protocol: Certificate
--Content Type: Handshake (22)

--Version: TLS 1.0 (0x0301)
--Length: 1295
--Handshake Protocol: Certificate
----Handshake Type: Certificate (11)
----Length: 1291
----Certificates Length: 1288
----Certificates (1288 bytes)
------Certificate Length: 1285
------Certificate (...)

It is the 'Certificate' field that contains what I need. When I try Field.New("certificate") in my Lua script I get a message of "A field with this name must exist".

If you select the field then look in the status-bar at the bottom that will give you the field name (looks like ssl.handshake.certificate was right the first time).

It sounds like you don't want the value of the field, but the raw packet bytes that the field was extracted from. I'm not sure how to do that in Lua, hopefully somebody else will.

Evan

Follow-Ups:
- Re: [Wireshark-dev] Listener (Tap) in Lua to write SSL cert bytes
  - From: Rion Carter

References:
- [Wireshark-dev] Listener (Tap) in Lua to write SSL cert bytes
  - From: Rion Carter
- Re: [Wireshark-dev] Listener (Tap) in Lua to write SSL cert bytes
  - From: Evan Huus
- Re: [Wireshark-dev] Listener (Tap) in Lua to write SSL cert bytes
  - From: Rion Carter

Prev by Date: Re: [Wireshark-dev] Listener (Tap) in Lua to write SSL cert bytes
Next by Date: Re: [Wireshark-dev] Listener (Tap) in Lua to write SSL cert bytes
Previous by thread: Re: [Wireshark-dev] Listener (Tap) in Lua to write SSL cert bytes
Next by thread: Re: [Wireshark-dev] Listener (Tap) in Lua to write SSL cert bytes
Index(es):
- Date
- Thread