Wireshark-dev: Re: [Wireshark-dev] Issue with decrypting renegotiation handshake
From: Peter Wu <[email protected]>
Date: Sat, 24 Sep 2016 10:47:11 +0200
Hi Anil,

On Fri, Sep 23, 2016 at 06:50:26PM +0530, Anil wrote:
> Hi,
> wireshark is not able to decrypt Renegotiation Handshake if the cipher used
> is of type ECDHE/DHE
> (ephemeral diffe hellman)
> we have used the (Pre)-Master-Secret log filename option

Congratulations, you are the first one to report an issue with
decryption of renegotiated sessions (the problem has existed for at
least a year).

It is supposedly fixed since commit v2.3.0rc0-566-g7a674c0 in the master
branch. Are you able to test that? If you are on macOS or Windows,
automated builds are available at

By the way, are you not able to replicate the issue with RSA key
exchanges or have you just not tested it? I could reproduce the issue
with a cipher using the RSA key exchange.
Kind regards,
Peter Wu