Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 7950] New: HTTP fragments don't get re-assembled correctly across SSL records

Wireshark-bugs: [Wireshark-bugs] [Bug 7950] New: HTTP fragments don't get re-assembled correctly

Date: Thu, 1 Nov 2012 20:51:26 -0700 (PDT)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7950

           Summary: HTTP fragments don't get re-assembled correctly across
                    SSL records
           Product: Wireshark
           Version: 1.8.2
          Platform: x86
        OS/Version: Ubuntu
            Status: NEW
          Severity: Minor
          Priority: Low
         Component: Dissection engine (libwireshark)
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: bugs.wireshark@xxxxxxxxxxx


Build Information:
wireshark 1.8.2

Copyright 1998-2012 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.13, with Cairo 1.12.2, with Pango 1.30.1, with
GLib 2.34.0, with libpcap, with libz 1.2.7, with POSIX capabilities (Linux),
with SMI 0.4.8, with c-ares 1.9.1, with Lua 5.1, without Python, with GnuTLS
2.12.14, with Gcrypt 1.5.0, with MIT Kerberos, with GeoIP, with PortAudio
V19-devel (built Dec 10 2011 11:43:10), with AirPcap.

Running on Linux 3.2.0-32-generic, with locale en_DK.UTF-8, with libpcap
version
1.1.1, with libz 1.2.3.4, GnuTLS 2.12.14, Gcrypt 1.5.0, without AirPcap.

Built using gcc 4.7.2.
--
I have a single SSL packet (#14) containing two Application Data records. The
first is a single byte of an HTTP request, the second is the remaining 636
bytes. Together, they form the whole request, but Wireshark thinks they're both
"Continuation or non-HTTP traffic".

Btw, packet #16 is correctly identified as "Continuation or non-HTTP traffic",
obviously the HTTP Response header is missing.

Attached is the pcap-file, the master keys you'll need and the log output from
the SSL dissector.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 7950] HTTP fragments don't get re-assembled correctly across SSL records
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 7950] HTTP fragments don't get re-assembled correctly across SSL records
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 7950] HTTP fragments don't get re-assembled correctly across SSL records
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 7949] print valid SSL associations in error dialog if the entered string is invalid
Next by Date: [Wireshark-bugs] [Bug 7950] HTTP fragments don't get re-assembled correctly across SSL records
Previous by thread: [Wireshark-bugs] [Bug 7949] print valid SSL associations in error dialog if the entered string is invalid
Next by thread: [Wireshark-bugs] [Bug 7950] HTTP fragments don't get re-assembled correctly across SSL records
Index(es):
- Date
- Thread