Wireshark-bugs: [Wireshark-bugs] [Bug 3444] Need the ability to export SSL decrypted captures
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3444
--- Comment #12 from Sake <sake@xxxxxxxxxx> 2009-05-05 12:01:39 PDT ---
(In reply to comment #9)
> We have already some parts implemented.
> There is function ssl_set_master_secret() which sets master key and additional
> parameters into SSL decoders.
>
> We need only some of its parameters for this functionality.
> It would be called in following way
> ssl_set_master_secret(frame_num=0, addr_srv, addr_cli, ptype=PT_TCP, port_srv,
> port_cli, version=SSL_VER_UNKNOWN, cipher=0, _master_secret,
> _client_random=NULL, _server_random=NULL, client_seq=0, server_seq=0)
Hmmm... I don't see this function being used anywhere at the moment. Was it
prepared for something, but never used? Or is it a leftover from earlier times?
Looks like things can be done more easily, there is a ssl_session_hash which
keeps a record of all the master keys, indexed by the ssl_session_id. We could
use ssl_save_session(ssl, ssl_session_hash) to add the master keys to this
table. Then in the master key file all the master keys need to be indexed by
ssl_session_id, instead of srcip:sport->dstip:dport.
(This will also solve the problem when TCP ports are being reused)
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.