Hi Peter
I am sorry to resume this after a long time but i could not answer before.
I do not have much knowledge of the heuristic dissectors but i suspect
it might fail in case of my protocol because my protocol starts like
http and then then after a couple of requests/responses it'll start
exchanging binary vpn data, so if my understanding of an heuristic
dissector is correct, then the app data might be interpreted as http.
Besides my protocol dissector is written in LUA and i do not know how
it relates to heuristic as well.
I am looking for a simple mechanism where if I have the pre-master
secret, i can also set the app_data protocol, override any other
auto-imposed choice that might have been set.
Exposing ssl_dissector_add through a config setting also could be enough.
Your list of proposed changes is interesting but still seems to be
lacking a user defined choice of app data protocol when using
pre/master secrets (keylog file).
If I am missing something please let me know.
thanks
gianrico
