Wireshark mailing list archives
Improving the SSL keys dialog, how to handle migrations?
From: Peter Wu <peter () lekensteyn nl>
Date: Sat, 3 Oct 2015 18:52:33 +0200
Hi, So far SSL/DTLS private RSA key files were entered in an UAT dialog (ssl_keys) using address, port, protocol, keyfile and password. Since the public key part of a private key is sufficient to match SSL sessions for decryption (https://code.wireshark.org/review/10766), I want to remove the former fields. The address+port mapping to SSL can already be substituted by Decode As... SSL. The port to app_handle (subprotocol) mapping is problematic (see https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10984#c12) and I would like to remove it here, but I can imagine that some users want to override the app_handle anyway. For those use cases, I am considering a new Decode As setting (ssl.tcp_port, ssl.udp_port). (Limitation: since you can only override per port, setting tcp/443 to spdy instead of http might not have the intended effect.) How should I handle the UAT change? For simple preferences there is prefs_register_obsolete_preference, but there is nothing for UATs AFAIK. Maybe I can use Wireshark 2.0 as an excuse to break backwards compatibility for this setting? Alternative option is to create a new "ssl_keys2" file and import from "ssl_keys" if it does not already exist (but this makes the code more ugly). Suggestions are welcome! -- Kind regards, Peter Wu https://lekensteyn.nl ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Improving the SSL keys dialog, how to handle migrations? Peter Wu (Oct 03)
- Re: Improving the SSL keys dialog, how to handle migrations? Pascal Quantin (Oct 03)
- Re: Improving the SSL keys dialog, how to handle migrations? Peter Wu (Oct 03)
- Re: Improving the SSL keys dialog, how to handle migrations? Pascal Quantin (Oct 03)