![wireshark logo](/images/wireshark-logo.png)
Wireshark mailing list archives
Re: Decoding New TLS CLient Hello Extension
From: <nalini.elkins () insidethestack com>
Date: Fri, 15 Apr 2016 13:10:31 +0000 (UTC)
Guys, Thanks all for your support. We will give this back to the community when it is all working OK. I am working with the TLS group at IETF & things are quite unstable at the moment with TLS1.3. But, it will be good to have a dissector for the new record types & extensions. Having said that, things are changing, if not daily, then quite often. If anyone wants to, I am happy to talk at SharkFest. Thanks, Nalini ElkinsInside Products, Inc.www.insidethestack.com(831) 659-8360 From: Graham Bloice <graham.bloice () trihedral com> To: Developer support list for Wireshark <wireshark-dev () wireshark org> Cc: nalini.elkins () insidethestack com Sent: Friday, April 15, 2016 2:05 AM Subject: Re: [Wireshark-dev] Decoding New TLS CLient Hello Extension On 15 April 2016 at 02:24, Jeff Morriss <jeff.morriss.ws () gmail com> wrote: [Resending with the list in Cc:; I'm not sure why gmail's web interface decided to drop the list when I hit reply.] On Thu, Apr 14, 2016 at 3:48 PM, <nalini.elkins () insidethestack com> wrote: On Thu, Apr 14, 2016 at 3:07 PM, <nalini.elkins () insidethestack com> wrote: >Your best path forward would likely be to just modify the SSL dissector's C code; ideally you could then push that code to Wireshark so future versions will dissect the extension too. Sure. Happy to do that (once it all works!) but I was having trouble finding where that SSL dissector's C code actually was. It looks like it may be invoking gnutls libraries? Thanks for your help. epan/dissectors/packet-ssl.c, also available here: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-ssl.c I think the TLS client extension stuff is in packet-ssl-utils.c, in function ssl_dissect_hnd_hello_ext(). https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-ssl-utils.c -- Graham Bloice
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Decoding New TLS CLient Hello Extension nalini.elkins (Apr 14)
- Re: Decoding New TLS CLient Hello Extension Jeff Morriss (Apr 14)
- Re: Decoding New TLS CLient Hello Extension nalini.elkins (Apr 14)
- Re: Decoding New TLS CLient Hello Extension Jeff Morriss (Apr 14)
- Re: Decoding New TLS CLient Hello Extension Graham Bloice (Apr 15)
- Re: Decoding New TLS CLient Hello Extension nalini.elkins (Apr 15)
- Re: Decoding New TLS CLient Hello Extension nalini.elkins (Apr 14)
- Re: Decoding New TLS CLient Hello Extension Jeff Morriss (Apr 14)