Wireshark-bugs: [Wireshark-bugs] [Bug 4544] New: unencrypted traffic in STARTTLS session is not
Date: Mon, 1 Mar 2010 02:51:38 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4544

           Summary: unencrypted traffic in STARTTLS session is not
                    dissected when using SSL decryption
           Product: Wireshark
           Version: 1.3.x (Experimental)
          Platform: x86
        OS/Version: Windows XP
            Status: NEW
          Severity: Normal
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: ivan_pozdeev@xxxxxxx


Created an attachment (id=4344)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=4344)
capture of SMTP-STARTTLS session

Build Information:
Version 1.3.3 (SVN Rev 31863 from /trunk)

Compiled with GTK+ 2.18.5, with GLib 2.22.3, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, without libpcre, with SMI 0.4.8,
with c-ares 1.7.0, with Lua 5.1, without Python, with GnuTLS 2.8.5, with Gcrypt
1.4.5, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built Feb 10
2010), with AirPcap, with new_packet_list.

Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1.1
(packet.dll version 4.1.0.1753), based on libpcap version 1.0 branch 1_0_rel0b
(20091008), GnuTLS 2.8.5, Gcrypt 1.4.5, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 30729
--
When SSL decryption is on and an eligible connection is seen, SSL dissector
takes over the TCP port replacing the regular protocol dissector for that port.
Consequently, the unencrypted part of conversation is seen as 'Ignored Unknown
Record's.

The expected SSL dissector's behaviour is not to push out any regular
dissectors but be instantiated by them 'at the right time' (e.g. after a
STARTTLS command).

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.