https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14381
--- Comment #6 from Alexis La Goutte <alexis.lagou...@gmail.com> ---
(In reply to Peter Wu from comment #5)
> I considered suggesting changing the port number, but there does not seem to
> be a dedicated port for TLS traffic:
> https://docs.mongodb.com/manual/reference/default-mongodb-port/
> https://docs.mongodb.com/manual/tutorial/configure-ssl-clients/
> https://docs.mongodb.com/manual/tutorial/configure-ssl/
> https://docs.mongodb.com/manual/core/security-transport-encryption/
>
> Two possibilities:
>
> Use ssl_dissector_add(0, mongo_handle) to avoid interpreting the port as TLS
> by default.
>
> In order to recognize TLS again and be able to dissect decrypted TLS data,
> change dissect_mongo to recognize TLS. If TLS is detected, set the appdata
> dissector to mongodb and call the TLS dissector with ssl_starttls_ack(...,
> mongo_handle) + call_dissector(tls_handle, ...).
>
> or
>
> change the TLS dissector to reject the data if it does not look like TLS at
> all (like Michael did in the above path). One limitation is that it does not
> help with dissecting the decrypted data as mongo, for that to work the
> previous approach is necessary.
>
> For a quick fix, I suggest just changing mongo to use ssl_dissector_add(0,
> mongo_handle). This will regress on bug 14275 in the sense that TLS traffic
> is not automatically marked as such, but for decryption more changes were
> needed anyway.
i prefer solution 1 :)
--
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
