Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] SSL decoding with start_tls

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: d_m_richards@xxxxxxxxxxx
Date: Sun, 30 Jun 2013 06:06:00 +0000 (UTC)
Added bug 8871 for the TLS decryption with XMPP starttls along with a proposed fix.

From: "David Richards" <d_m_richards@xxxxxxxxxxx>
To: wireshark-dev@xxxxxxxxxxxxx
Sent: Friday, June 28, 2013 1:56:01 PM
Subject: Re: [Wireshark-dev] SSL decoding with start_tls

Got XMPP starttls decryption working.  Just need to get organized to submit the necessary changes.

I also have some mods to .gitignore for Windows builds.  Mostly it's a bunch of missed file extensions to ignore (.lib, .pdb, etc.).  Should that be put in as a bug as well?

Turns out the SSL dissector call was already there but the XMPP desegmentation logic was preventing it from being properly called.  Also, the packet_info can_desegment and saved_can_desegment were not being manipulated correctly.  I looked at packet-smtp.c which was doing similar starttls handling.

The bug references were helpful.  Thanks.


On 6/27/2013 10:32 AM, mmann78@xxxxxxxxxxxx wrote:
Basically the problem is that XMPP needs to be registered to work with SSL.
 
See bug 8625 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8625) and revs 49152 (http://anonsvn.wireshark.org/viewvc?view=revision&revision=49152) and 49183 (http://anonsvn.wireshark.org/viewvc?view=revision&revision=491583) for an example of the the steps you'd need to do to add SSL to the XMPP dissector.
 
-----Original Message-----
From: David Richards <d_m_richards@xxxxxxxxxxx>
To: wireshark-dev <wireshark-dev@xxxxxxxxxxxxx>
Sent: Wed, Jun 26, 2013 3:19 pm
Subject: [Wireshark-dev] SSL decoding with start_tls

I see that the feature to decode SSL/TLS streams with start_tls does not appear to work with XMPP.  I want to know:

1) Am I missing something and it should work?

If no, then:

2) Was it intentionally left out because it's inherently different or harder to do than others?
3) Can someone point me to the code that does this feature so I can add XMPP support?

Dave Richards


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe


___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube