Re: packet-hislip & tls

[Jaap Keuter <jaap.keuter () xs4all nl>]

Hi Guido,

I’m not sure we have another protocol which supports switching back to plain text after going TLS. Therefore I’m not 
sure if there is intrinsic support for it. 
My first instinct would be to setup a new conversation, starting the frame after ‘close notify’, with the HiSLIP 
dissector assigned to it. I’m not sure how that would interact with the existing HiSLIP over TLS conversation though, 
so YMMV.
Hopefully someone else has a better idea.

Thanks,
Jaap

> On 29 Jan 2020, at 23:05, Guido Kiener <Guido.Kiener () rohde-schwarz com> wrote:
>
> Hi all,
>
> Our working group defines the HiSLIP 2.0 protocol over TLS. I could extend the new messages (e.g. like STARTTLS) and 
> pass over the encrypted data with ssl_starttls_ack(tls_handle, pinfo, hislip_handle);
>
> For performance/debug reason we also have a requirement to switch back the TLS connection (sockets) to plain text 
> (e.g. when sensitive data is already exchanged). This is done with the ‘close notify’ alerts. I can see the plain 
> text within the TLS dissector marked as ‘Continuation Data’, but I would like to see the packets again with the 
> hislip dissector.
>
> Question: Can you please give me a hint how I can fall back to the hislip dissector? Is there another dissector 
> (code) where I can copy the logic?
>
> -Guido
>
>  

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe