Wireshark-commits: [Wireshark-commits] rev 36876: /trunk/epan/dissectors/ /trunk/epan/dissectors/:
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: gerald@xxxxxxxxxxxxx
Date: Tue, 26 Apr 2011 22:51:39 GMT
http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=36876

User: gerald
Date: 2011/04/26 03:51 PM

Log:
 From Adam Langley via bug 4349:
 
 This patch adds support for getting the pre-master secret of a TLS
 connection from a log file. Currently Wireshark can decrypt and TLS
 connection only if it has the server's private key.
 
 I commonly have a use case where I control the TLS client, but not the
 server.  In order to decrypt in this case, I've added support to NSS
 (used by Chrome and Firefox) to log the keys to a file on disk:
 
 https://bugzilla.mozilla.org/show_bug.cgi?id=536474
 
 Given this file, Wireshark can then decrypt the resulting TLS connections.
 
 The format is such that Wireshark opens and linearly scans the file each
 time it sees a ClientKeyExchange. If the key log grows too large, this
 is pretty inefficient. However, it's simple and the number of
 interesting TLS connections when debugging is usually very small.

Directory: /trunk/epan/dissectors/
  Changes    Path                  Action
  +101 -0    packet-ssl-utils.c    Modified
  +11 -0     packet-ssl-utils.h    Modified
  +19 -12    packet-ssl.c          Modified