Wireshark-users: [Wireshark-users] Export as PDML bug corrected in the nightlies, but ...
Title: Message
Hi,
I'm glad that
WireShark windows binary is now SSL-capable, thx to every one responsible
for that :)
But two annoying
bugs still prevent me from using it...
Here's what I do
:
I use WS to capture
the dialog between my web browser and two HTTP servers.
The protocol is
encrypted (https+certificate), but I have access to the decryption keys of
theses servers.
Of course I need the
encrypted datas to be readable :)
When WS is given the
decription keys, reading the top the SSL debug file informs me that all is going
well.
First case, using
latest stable WS (0.99.3).
Both servers are
being correctly decrypted.
But I can't export
my capture file to a PDML file, the export aborts after a few lines
generated.
Second case, using
the latest nightlies (tried with 0.99.4-SVN-19394, 0.99.4-SVN-19402 and
0.99.4-SVN-19374).
Though I did not
find the above bug while browsing the mailing list, this bug is now history in
the nightlies: well done!
But with the
nightlies, I can't no more decrypt all my SSL-encrypted data the way WS 0.99.3
manages to.
In detail
:
- The datas on
my second server is always decrypted and well exported in XML, so far so
good.
- For the
first server, all outgoing data (GET & POST) are well
decrypted.
But all incoming
datas (from the browser point of view) are not.
In fact, the
"Decrypted SSL record" tab does not appear for this host.
So logically the
datas are encrypted in the export XML file.
Strangely, all
theses datas are correctly decrypted ... in the SSL debug
file.
I don't understand
why one of my two servers is always decrypted.
If I specify the
decryption parameters for only the server that fails being decrypted, it still
fails.
Any
hint?
Any hope for this
bug being solved quickly?
Thx in advance for
your support, feel free to ask me any complementary questions if
needed.
And of course thanks
for making such a superb tool available for free.
Olivier.
