On Thu, Dec 25, 2008 at 4:49 PM, Sake Blok <sake@xxxxxxxxxx> wrote:
> I usually try to either limit the ciphers that are presented by the
> test-client or I limit the list of acceptable ciphers on the server for
> troubleshooting purposes. Are you able to do so in your setup?
>
No.
> If not ...
>
>> I have the master-key available, which is all I should need. If
>> Wireshark does not possess this capability, is there a work around to
>> decrypt these packets so I can analyze them?
>
> Currently there is feature in Wireshark to accept master secrets of
> individual SSL sessions. If the availability of master-keys would be
> more general (as debugging output or something like that), it could
> indeed be useful. You might want to file an enhancement request on
> http://bugzilla.wireshark.org for it.
>
Ok.
> Just for my curiosity, what is your setup that allows you to export the
> master secret?
>
I wrote a small program using openssl to act as a MITM between a
proprietary client and server (which use a proprietary protocol). My
goal is to reverse engineer the protocol to figure out how it works.
