Re: Certificate Request not being displayed by Wireshark even when that info is in the packet

[Jaime Hablutzel <hablutzel1 () gmail com>]

Hi Peter, I'm sorry for the delay.

I've just found the "Certificate Request" in a subsequent "TCP
Out-Of-Order" packet (see https://filebin.ca/4kArOrO9xTaL).

Thank you.

On Mon, Jun 3, 2019 at 9:05 AM Peter Wu <peter () lekensteyn nl> wrote:

> Hi Jaime,
>
> On Sun, Jun 02, 2019 at 10:59:18PM -0500, Jaime Hablutzel wrote:
> > I'm not an expert in the TLS protocol but I've just stumbled upon the
> > following packet (and I didn't have enough time to debug this further),
> > https://filebin.ca/4jHrWy2tkGQ6, which contains the "Certificate
> Request"
> > list of accepted certificates, but Wireshark is failing to display it as
> it
> > can be observed in https://i.imgur.com/HrKevzC.png.
> >
> > Is it possibly a bug?.
>
> Could you share a capture file with the next non-empty TCP segment?  The
> hidden part is a TLS record of 3577 (0xdf9) bytes and fits a handshake
> message (Certificate Request) of 3569 (0xdf1) bytes. If TCP reassembly
> is enabled, it should have been reconstructed in the next TCP segment.
> --
> Kind regards,
> Peter Wu
> https://lekensteyn.nl
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org
> ?subject=unsubscribe



-- 
Jaime Hablutzel -  +51 994690880

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe