Wireshark · Ethereal-dev: Re: [Ethereal-dev] Decoding SSL/TLS application protocol data withEthereal

Ethereal-dev: Re: [Ethereal-dev] Decoding SSL/TLS application protocol data withEthereal

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "J.Smith" <temp201@xxxxxxxxxxx>

Date: Sun, 9 Jan 2005 18:29:56 +0100

"Alok" <alokdube@xxxxxxxxxx> wrote:


no, I actually joined the list with the idea of getting that to work :) so
its nice to know someone else can give me company... would you mind it?

Well in practice I found the mailing list to be the best company forEthereal issues there is.

;)

Most of the people on the list are very knowledgeable of the codebase, andcan come up with good ideas and practical tips on how best to approachthings. My guess is that you would probably best of to discuss these kind ofthings on the list (instead of sending me private-emails), or post patcheswith the work you have done so far and ask people for feedback.

From my understanding, it is possible... somewhere in the packet-ssl.cafter
during the negotiation you could capture the session key, and then, after
that, you could do a tcp_dissect_pdu and feed it down to the http
dissector..
the problem was the ssl_ctx stuff.. I got stuck there. Are you familiarwith
that bit?

Well unfortunately Im not a developer myself. In fact, I can barely run astacktrace and wouldnt be able to wrote "hello world" not even if my lifedepended on it. I am , however, a fairly decent system administrator thatjust has a real-world need to do some trouble-shooting that requires using anetwork sniffer every now and then.



Hope this helps,



Sincerely,


John Smith.

----- Original Message -----From: "Alok" <alokdube@xxxxxxxxxx>

To: "J.Smith" <temp201@xxxxxxxxxxx>
Sent: Sunday, January 09, 2005 4:22 PM

Subject: Re: [Ethereal-dev] Decoding SSL/TLS application protocol datawithEthereal


Ok, assuming that your reply of '' ??" either means that you dont

understand

my question, or that your system has been infected by a virus
 ;)

no, I actually joined the list with the idea of getting that to work :) so
its nice to know someone else can give me company... would you mind it?

I ended up travelling and my linux PC is back in office so I did not
actually finish this.

From my understanding, it is possible... somewhere in the packet-ssl.cafter

during the negotiation you could capture the session key, and then, after
that, you could do a tcp_dissect_pdu and feed it down to the http
dissector..

the problem was the ssl_ctx stuff.. I got stuck there. Are you familiarwith

that bit?

Follow-Ups:
- Re: [Ethereal-dev] Decoding SSL/TLS application protocol data withEthereal
  - From: Alok

References:
- [Ethereal-dev] Decoding SSL/TLS application protocol data with Ethereal
  - From: J.Smith
- Re: [Ethereal-dev] Decoding SSL/TLS application protocol data withEthereal
  - From: J.Smith

Prev by Date: Re: [Ethereal-dev] netxray.c patch
Next by Date: Re: [Ethereal-dev] Decoding SSL/TLS application protocol data withEthereal
Previous by thread: Re: [Ethereal-dev] Decoding SSL/TLS application protocol data withEthereal
Next by thread: Re: [Ethereal-dev] Decoding SSL/TLS application protocol data withEthereal
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$