Stop displaying the application data (in this case, HTML) in the tree and
and "Decrypted SSL data" tab twice since each already includes both of the
application data record layers combined.
svn path=/trunk/; revision=20247
The attached patch changes the way the ssl-session-id is displayed.
Currently it is not shown, only the length is shown like this:
Session ID Length: 32
Session ID (32 bytes)
To me, it is not useful to repeat the length and omit the ID itself.
With this patch the ssl-session-id is shown like this:
Session ID Length: 32
Session ID: A4B2FB0EE6D8F58DEFF68E38B1E5B4C25F1869D4BC86A96E...
svn path=/trunk/; revision=20212
Much simplified patch to use column fences on the COL_INFO field to
prevent sebsequent calls to the SSL dissector for the same packet
clearing the information placed by earlier calls. After each SSL record
is processed a col_set_fence() call is now issued to preserve what has
been written.
svn path=/trunk/; revision=20020
null. This allows the encrypted payload's dissector to fill in columns such
as protocol and info without turning on packet coloring or otherwise rescanning
the packet list.
svn path=/trunk/; revision=20018
Attached is a fix for bug #1156: "If a dissector depends on a new
datasource created by a new tvb, that dissector's protocol can't be
filtered on."
Thanks,
Steve
I change the code slightly to avoid dereferenceing a NULL pointer.
While the original code was fine and safe on unix dereferencing a null pointer in this way would be unsafe and cause a segmentation violation on windows if tree is NULL.
svn path=/trunk/; revision=19791
- register H.225.0 over TLS (configurable port 1300)
- register SIP over TLS (fixed port 5061)
- new function proto_tree_get_root()
svn path=/trunk/; revision=19059
this break old preference settings but as we havent shipped any win32 version with this feature yet it shouldnt be any drama
see wiki for updates on the new format
(we still need many many updates and cleanups to the code but the non-backward compatible preference change must go in asap)
svn path=/trunk/; revision=18609
This fixes a redefine of AF_INET6 on AIX 4.3.3. We pull in <sys/socket.h> so the OS can define it first, nullifying the #define in epan/inet_v6defs.h.
svn path=/trunk/; revision=18522
authesserre samuel <sauthess@gmail.com> kindly pointed out an issue with session renegotiation in the current ssl decryption code.
Encrypted handshake message are decrypted, but the dissector try to interpret the encrypted code. Renegotiation messages are therefore ignored. The attached pcap trace and key can be used to trigger the issue.
The attached patch fix the problem storing the decrypted version of encrypted handshake message and dissecting it when available. The patch also fix bad issue with des cipher (alike the issue fixed in my previous post)
svn path=/trunk/; revision=18081
pinfo->net_src and pinfo->net_dst where used to set up conversation, but
this fields are null on eap stream. use pinfo->src and pinfo->dst
instead.
The patch also enable strict checking in the 'follow ssl stream' dialog.
svn path=/trunk/; revision=17333
- enable the 'follow SSL stream' menu item only when a ssl packet is selected.
- when 'following' an ssl stream, show ssl decrypted data only for current conversation.
- fix a typo in ssl preference description.
svn path=/trunk/; revision=17301
the attached patch fix a couple of possible memory leak in the ssl
decryption code, add some indentation fix, more comments and add the
preference to select the debug output (missing in previous patch)
svn path=/trunk/; revision=17281
The attached patch cleanup the debug infrastructure for ssl dissector.
Debug messages are by default off and can be enabled via the ssl
dissector preference. Debug output can be directed to stderr or file.
svn path=/trunk/; revision=17253
The attached patch fix bug 732.
The problem was in the client key dissection. On ssl v3 the encrypted
data is the whole record data, on tls v1 the encrypted data is preceded
by the 2 bytes length of the encrypted data itself.
svn path=/trunk/; revision=17244
the attached patch clean a bit the ssl decryption related code, removing
a macro I used when the code was still for an external plugin.
svn path=/trunk/; revision=17217
>There is still an issue into the HAVE_LIBGNUTLS macro definition. I'm
>fixing it and cleaning a bit the windows side configuration. I hope to
>post soon the fix.
The attached patch should fix the issue. I missed to modify the
config.win32 file and I misstyped a few macros name.
svn path=/trunk/; revision=17200
I have developed an external plugin to enable ssl decryption in
ethereal.
Me
- Remove unnecessary $Id$ from acinclude.m4
- Added packet-ssl-utils.h to Makefile.common
- Fixed a few warnings
TODO
- Lots of warning fixes (see separate mail)
- Reformat function headers to read like the others do
(return value<newline>function-name...)
- Test on Windows platform
- Review the patch to packet-ssl.c and new files packet-ssl-utils.[hc]
svn path=/trunk/; revision=17156