Wireshark-dev: [Wireshark-dev] SSL/DTSL: allow setting of app data dissector when using keylog
From: Gianrico <[email protected]>
Date: Mon, 23 Feb 2015 15:32:48 +0100
Hi all,

I am looking for advices/opinions for a new feature.

Basically I would like to have the possibility of specifying the inner
app data protocol when dissecting/decrypting ssl/dtls using the keylog
file.

There are situations when the inner protocol might be a custom
protocol (ssl vpn in my case).
At the moment it looks like you can specify the inner protocol only
when using the ssl key and uat table.

By the way, for obvious reasons, when troubleshooting with third party
captures it is becoming more frequent to receive the (pre)-master
secret (when RSA in use).

I have proposed this patch :

https://code.wireshark.org/review/#/c/7233/

Peter properly noted that this is a hack and it would be better to
keep the keylog file clean and move the setting somewhere else.

I would like to have, anyway, the flexibility of having multiple app
data dissector when multiple (pre)master kays are in the keylog file
(see again proposed patch for an example)

Please let me know your thoughts and if that makes sense to be
implemented or should i just keep it for me.

thanks

-- 

Gianrico D'Angelis