Wireshark-bugs: [Wireshark-bugs] [Bug 3177] New: Jabber dissector: Detect and dissect SSL payloa
Date: Tue, 6 Jan 2009 03:39:50 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3177

           Summary: Jabber dissector: Detect and dissect SSL payload.
           Product: Wireshark
           Version: SVN
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Enhancement
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: wireshark.org@xxxxxxxxxxxxxxxxxxx



Florian Forster <wireshark.org@xxxxxxxxxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2648|                            |review_for_checkin?
               Flag|                            |


Created an attachment (id=2648)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2648)
Patch for XMPP/SSL dissection against revision 27162

Build Information:
wireshark 1.1.2 (SVN Rev 27162)

Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.11, with GLib 2.16.6, with libpcap 0.9.8, with libz
1.2.3.3, without POSIX capabilities, with libpcre 7.6, without SMI, without
c-ares, without ADNS, without Lua, with GnuTLS 2.4.2, with Gcrypt 1.4.1, with
MIT Kerberos, without GeoIP, without PortAudio, without AirPcap.

Running on Linux 2.6.26-1-amd64, with libpcap version 0.9.8.

Built using gcc 4.3.2.
--
Hi,

the attached patch tries to detect binary payload within a Jabber
communication.
If the dissector thinks a packet is carrying binary payload, it will pass the
contents to the SSL dissector instead of the XML dissector.

This lets one observe the initial (unencrypted) connection up to the `STARTTLS'
part and then provides some information about the SSL/TLS key setup and stuff.

Regards,
-octo


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.