Hello Paolo,
This is certainly something alot of people have been hoping to do (myself included). There are a couple of serious problems though regarding the licensing.
Your code is derived from Eric Rescorla's ssldump code. His code very explictly has an advertising clause in the license, making it incompatible with the GPL. This means the Ethereal project cannot distribute the code. You might be able to contact him and see if you can get permission to relicense the code under the GPL (I remember at one point somebody on the mailing list said he asked him and said it was ok but you would need to approach him yourself).
The bigger issue though is that Rescorla's code relies heavily on OpenSSL, which also includes an advertising clause making it incompatible with the GPL. The OpenSSL group will not relicense their code to make it GPL compatible, so this is a major showstopper.
I went through the same exercise a few years ago when I started an ssldump port to Ethereal, and the amount of work associated with replacing the OpenSSL functionality caused me to give up. I looked at a number of alternative crypto libraries and at the time couldn't find any that were either mature enough or well enough documented to use.
Nonetheless, I believe this is still definitely good work, and I look forwarding to patching my Ethereal source to support this.
Thanks,
Devin
-----Original Message-----
From: ethereal-dev-bounces@xxxxxxxxxxxx on behalf of Paolo Abeni
Sent: Wed 4/13/2005 6:04 AM
To: ethereal-dev@xxxxxxxxxxxx
Cc:
Subject: [Ethereal-dev] ssl decryption patch
Hi,
I have assembled a patch for the ssl dissector that enables ssl
decryption when it is possible [*]. It support session key
renegotiation
and ssl sessions cache. Decrypted application data is re-inserted into
ethereal dissection process.
The patch is derived from ssldump code and requires the ssl library and
headers.
The patch require also a couple of new file (attached) to be put into
the epan/dissectors/ directory.
I have tested the patch only on a gnu/linux (Mandrake 11) system.
There is an issue about decryption. Basically I need to perform some
operations only when processing the packets sequentially [**], but a I
don't known any reliable method to get this information at dissection
time.
The not-so-clean hack is to use the proto_tree pointer as
'processing selected/out of order packet' flag. It's ugly and does not
work always, so I'm open to any suggestion...
Best regards,
Paolo Abeni
[*] Only sessions with RSA key exchange can be decrypted, providing the
host private key via the preferences. For more information see the
ssldump documentation
[**] that is, when processing packets provided by a capture file or a
live capture, and not when dissecting a random packet selected by user
via the GUI
Gruppo Telecom Italia - Direzione e coordinamento di Telecom Italia S.p.A.
====================================================================
CONFIDENTIALITY NOTICE
This message and its attachments are addressed solely to the persons
above and may contain confidential information. If you have received
the message in error, be informed that any use of the content hereof
is prohibited. Please return it immediately to the sender and delete
the message. Should you have any questions, please send an e_mail to
MailAdmin@xxxxxxxxx. Thank you
====================================================================
