Wireshark mailing list archives
Re: Decoding New TLS CLient Hello Extension
From: <nalini.elkins () insidethestack com>
Date: Fri, 15 Apr 2016 13:10:31 +0000 (UTC)
Guys,
Thanks all for your support. We will give this back to the community when it is all working OK.
I am working with the TLS group at IETF & things are quite unstable at the moment with TLS1.3. But, it will be good to
have a dissector for the new record types & extensions. Having said that, things are changing, if not daily, then
quite often.
If anyone wants to, I am happy to talk at SharkFest. Thanks,
Nalini ElkinsInside Products, Inc.www.insidethestack.com(831) 659-8360
From: Graham Bloice <graham.bloice () trihedral com>
To: Developer support list for Wireshark <wireshark-dev () wireshark org>
Cc: nalini.elkins () insidethestack com
Sent: Friday, April 15, 2016 2:05 AM
Subject: Re: [Wireshark-dev] Decoding New TLS CLient Hello Extension
On 15 April 2016 at 02:24, Jeff Morriss <jeff.morriss.ws () gmail com> wrote:
[Resending with the list in Cc:; I'm not sure why gmail's web interface decided to drop the list when I hit reply.]
On Thu, Apr 14, 2016 at 3:48 PM, <nalini.elkins () insidethestack com> wrote:
On Thu, Apr 14, 2016 at 3:07 PM, <nalini.elkins () insidethestack com> wrote:
>Your best path forward would likely be to just modify the SSL dissector's C code; ideally you could then push that
code to Wireshark so future versions will dissect the extension too.
Sure. Happy to do that (once it all works!) but I was having trouble finding where that SSL dissector's C code
actually was. It looks like it may be invoking gnutls libraries? Thanks for your help.
epan/dissectors/packet-ssl.c, also available here:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-ssl.c
I think the TLS client extension stuff is in packet-ssl-utils.c, in function ssl_dissect_hnd_hello_ext().
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-ssl-utils.c
--
Graham Bloice
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Decoding New TLS CLient Hello Extension nalini.elkins (Apr 14)
- Re: Decoding New TLS CLient Hello Extension Jeff Morriss (Apr 14)
- Re: Decoding New TLS CLient Hello Extension nalini.elkins (Apr 14)
- Re: Decoding New TLS CLient Hello Extension Jeff Morriss (Apr 14)
- Re: Decoding New TLS CLient Hello Extension Graham Bloice (Apr 15)
- Re: Decoding New TLS CLient Hello Extension nalini.elkins (Apr 15)
- Re: Decoding New TLS CLient Hello Extension nalini.elkins (Apr 14)
- Re: Decoding New TLS CLient Hello Extension Jeff Morriss (Apr 14)