Wireshark mailing list archives
Re: Listener (Tap) in Lua to write SSL cert bytes
From: Evan Huus <eapache () gmail com>
Date: Fri, 24 May 2013 12:47:13 -0400
On Fri, May 24, 2013 at 12:08 PM, Rion Carter <rion () rubion com> wrote:
When I look at the capture in the UI I see this:
Secure Sockets Layer
-TLSv1 Record Layer: Handshake Protocol: Certificate
--Content Type: Handshake (22)
--Version: TLS 1.0 (0x0301)
--Length: 1295
--Handshake Protocol: Certificate
----Handshake Type: Certificate (11)
----Length: 1291
----Certificates Length: 1288
----Certificates (1288 bytes)
------Certificate Length: 1285
------Certificate (...)
It is the 'Certificate' field that contains what I need. When I try
Field.New("certificate") in my Lua script I get a message of "A field with
this name must exist".
If you select the field then look in the status-bar at the bottom that will give you the field name (looks like ssl.handshake.certificate was right the first time). It sounds like you don't want the value of the field, but the raw packet bytes that the field was extracted from. I'm not sure how to do that in Lua, hopefully somebody else will. Evan
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Listener (Tap) in Lua to write SSL cert bytes Rion Carter (May 24)
- Re: Listener (Tap) in Lua to write SSL cert bytes Evan Huus (May 24)
- Re: Listener (Tap) in Lua to write SSL cert bytes Rion Carter (May 24)
- Re: Listener (Tap) in Lua to write SSL cert bytes Evan Huus (May 24)
- Re: Listener (Tap) in Lua to write SSL cert bytes Rion Carter (May 24)
- Re: Listener (Tap) in Lua to write SSL cert bytes Rion Carter (May 24)
- Re: Listener (Tap) in Lua to write SSL cert bytes Evan Huus (May 24)