Re: [Wireshark-dev] Decoding New TLS CLient Hello Extension

Fri, 15 Apr 2016 06:18:25 -0700 

Guys,
Thanks all for your support.   We will give this back to the community when it 
is all working OK.
I am working with the TLS group at IETF & things are quite unstable at the 
moment with TLS1.3.  But, it will be good to have a dissector for the new 
record types & extensions.   Having said that, things are changing, if not 
daily, then quite often.
If anyone wants to, I am happy to talk at SharkFest. Thanks,
Nalini ElkinsInside Products, Inc.www.insidethestack.com(831) 659-8360

      From: Graham Bloice <[email protected]>
 To: Developer support list for Wireshark <[email protected]> 
Cc: [email protected]
 Sent: Friday, April 15, 2016 2:05 AM
 Subject: Re: [Wireshark-dev] Decoding New TLS CLient Hello Extension
   


On 15 April 2016 at 02:24, Jeff Morriss <[email protected]> wrote:

  [Resending with the list in Cc:; I'm not sure why gmail's web interface 
decided to drop the list when I hit reply.]
 
 On Thu, Apr 14, 2016 at 3:48 PM, <[email protected]> wrote:
 
   
          
 On Thu, Apr 14, 2016 at 3:07 PM, <[email protected]> wrote:
 
  >Your best path forward would likely be to just modify the SSL dissector's C 
code; ideally you could then push that code to Wireshark so future versions 
will dissect the  extension too. 
  Sure.  Happy to do that (once it all works!) but I was having trouble finding 
where that SSL dissector's C code actually was.  It looks like it may be 
invoking gnutls libraries?  Thanks for your help.
 
              
 
  epan/dissectors/packet-ssl.c, also available here:
 
 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-ssl.c
 


I think the TLS client extension stuff is in packet-ssl-utils.c, in function 
ssl_dissect_hnd_hello_ext().
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-ssl-utils.c


-- 
Graham Bloice

  
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:[email protected]?subject=unsubscribe

Reply via email to