Wireshark-users: Re: [Wireshark-users] in >wireshark-2.0.2, tshark follow ssl stream segfaults
From: Jeff Morriss <[email protected]>
Date: Thu, 14 Jul 2016 18:10:17 -0400


On Thu, Jul 14, 2016 at 5:30 PM, Miroslav Rovis <[email protected]> wrote:
I've just posted on the bug report:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12616#c7

and since I'm not so savvy, I'm more comfortable writing to ML. I'll
post to bugzilla if the case becomes clearer.

On 160713-08:36+0200, Miroslav Rovis wrote:
> On 160712-18:37-0400, Jeff Morriss wrote:

This below:
> ...
> > > tshark -o "ssl.keylog_file: dump_160606_1xxx_SSLKEYLOGFILE.txt" -r \
> > >         "dump_160606_1328_g0n.pcap" -T fields -e data -qz follow,ssl,raw,0
> > > \
> > >         | grep -E '[[:print:]]' > dump_160606_1328_g0n_s000-ssl.raw

is the exact command that I used again, but on the updated Wireshark,
that contains Jeff's patch (let me repaste what I already posted on the
Bugzilla for clarity):

(As mentioned on the bug, just for completeness of this email thread) it looks like there were 2 problems and I only fixed one.  Followups should go to the bug.