Wireshark-dev: Re: [Wireshark-dev] [Ethereal-dev] Dissector SSL : patch + bugs
From: "authesserre samuel" <sauthess@xxxxxxxxx>
Date: Fri, 23 Jun 2006 08:55:39 +0200
Hi, it's not the last one... I've put last one on ethereal-dev (on wireshark-dev too) but size of patch is highter than 40ko so a person have to check it (it isn't sent before this...) "Why the 2 mailings lists don't have the same configuration ??" I have resend another patch made on wireshark svn on ethreal-dev mailing list because a person tell me that patch cannot be applied correctly since I've not news regards, Samuel On 6/23/06, ronnie sahlberg <ronniesahlberg@xxxxxxxxx> wrote:
did anyone check this patch in? On 5/19/06, authesserre samuel <sauthess@xxxxxxxxx> wrote: > > Sorry for spam I forgot to attach the file.... > I correct my mistake... > > sorry for this mistake > > > Samuel > > > > On 5/19/06, authesserre samuel < sauthess@xxxxxxxxx> wrote: > > > > hi, > > > > You will find at the end of this mail the patch for 0.99.0 version of ethereal that integrate modifications for TLS 1.1 and renegotiation (made in colaboration with Paolo Abeni < paolo.abeni@xxxxxxxx>, the decryption modifications author) > > I have, I think follow your advices... > > put the patch in ethereal 0.99.0 directory and run "patch -p1 < ethereal-0.99.0-TLS1.1.patch" command. > > To not have problem with TCP checksums disable it in options. (I haven't time to find problem now but I will search later) > > > > I have one question : how the ethereal file versionning work ? (for example $Id: packet-tcp.c 17681 2006-03-20 10:52:53Z sahlberg $) > > If someone can explain me how thats work or where I can find solution I will thank him ;) > > > > I wish that's will be useful > > > > regards, > > > > > > Samuel > > > > > > > > > > On 5/18/06, authesserre samuel <sauthess@xxxxxxxxx> wrote: > > > > > > hi, > > > > > > Thanks for your answer ;) > > > I will follow your advices... > > > I precise that for comparisons I have followed the scheme in the file that I modify (== 0x300 isnt mine ;) ) > > > It's my first work on ethereal's dissector and I have some difficulties ;) > > > I have made another adaptation of ssl dissector to decrypt DTLS, dissection is ok and decryption too but HMAC calculation isn't good that's why I work on TLS 1.1 before finish my dissector and give you the result ;) > > > > > > I have found the problem : TCP checksum calculation aren't good so desegmentation is impossible..... (I have tested in tcp dissector to not test checksum and in ssl debug I can see decrypted data (with good HMAC calculation ;) ) ) > > > I will search to correct the problem > > > > > > thanks > > > > > > > > > Samuel > > > > > > > > > ---------- Forwarded message ---------- > > > From: Jaap Keuter < jaap.keuter@xxxxxxxxx> > > > Date: May 18, 2006 3:13 PM > > > Subject: Re: [Ethereal-dev] Dissector SSL : patch + bugs > > > To: Ethereal development < ethereal-dev@xxxxxxxxxxxx > > > > > > > Hi Samuel, > > > > > > Thank you for looking into this. I've glanced through your code (I'm no > > > expert on this stuff) and can only make the following suggestions: > > > 1. Please supply patches against the development tree. 'svn diff' or > > > 'diff -ur' provide the most usable patch files. This way you can leave out > > > the SAMUEL marks and can we look at just the changes. > > > 2. Please don't leave out the dot in the version, use TLSV1DOT1_... as > > > symbol > > > 3. Please use the defines. You define TLSV1DOT1_VERSION, so please use > > > that in the code, in comparisons like ->version == TLSV1DOT1_VERSION). > > > > > > Thanx, > > > Jaap > > > > > > On Thu, 18 May 2006, authesserre samuel wrote: > > > > > > > Hi, > > > > > > > > This little mail to give you a little adaptation of SSL/TLS dissector who > > > > allow TLS 1.1 dissection. (all differences are marked by /* SAMUEL */ that > > > > allow you to compare easily the 2 versions) > > > > I have realized this with mod_gnutls for apache (the only free > > > > implementation I've found of TLS 1.1) and opera (who is the only web > > > > navigator that use TLS 1.1). > > > > > > > > I have founded an error in the original plugin that I don't success to > > > > correct : > > > > the TCP desegmentation doesn't work correctly, I give you capture of TLS 1.0and > > > > 1.1 but the result is the same. I have compared http dissector with ssl > > > > dissector and the source are similar (the desegmentation part... ;) ) so I > > > > don't understand where the problem come from (the pinfo->can_desegment = 0 > > > > in all time so this can't work correctly, but normally it should be equal to > > > > 1 ??). > > > > > > > > Use of mod_gnutls allow me to see an other bug : it's due to segmentation of > > > > application data in SSL/TLS : the gnutls module put header and data of HTTP > > > > traffic in differents TCP packets so the data is bad analysed and the plugin > > > > show "data (n bytes)" (in the log the capture and decryption is good) (see > > > > packet 24 and 25 of the TLS 1.1 capture for exemple) > > > > The problem is that we can't see the data of the packet whereas the data are > > > > correctly decrypted.... > > > > > > > > I have already send a mail to the creator of the decryption part of the > > > > plugin but I think that the error came with the first version of the plugin > > > > so I ask you help... > > > > > > > > best regards > > > > > > > > -- > > > > ++++++++++++++++++++++++++ > > > > + Authesserre Samuel + > > > > + 12 rue de la défense passive+ > > > > + 14000 CAEN + > > > > + FRANCE + > > > > + 06-27-28-13-32 + > > > > + sauthess@xxxxxxxxx + > > > > ++++++++++++++++++++++++++ > > > > > > > > > > _______________________________________________ > > > Ethereal-dev mailing list > > > Ethereal-dev@xxxxxxxxxxxx > > > http://www.ethereal.com/mailman/listinfo/ethereal-dev > > > > > > > > > > > > -- > > > > > > ++++++++++++++++++++++++++ > > > + Authesserre Samuel + > > > + 12 rue de la défense passive+ > > > + 14000 CAEN + > > > + FRANCE + > > > + 06-27-28-13-32 + > > > + sauthess@xxxxxxxxx + > > > ++++++++++++++++++++++++++ > > > > > > > > > > -- > > > > ++++++++++++++++++++++++++ > > + Authesserre Samuel + > > + 12 rue de la défense passive+ > > + 14000 CAEN + > > + FRANCE + > > + 06-27-28-13-32 + > > + sauthess@xxxxxxxxx + > > ++++++++++++++++++++++++++ > > > > > -- > > ++++++++++++++++++++++++++ > + Authesserre Samuel + > + 12 rue de la défense passive+ > + 14000 CAEN + > + FRANCE + > + 06-27-28-13-32 + > + sauthess@xxxxxxxxx + > ++++++++++++++++++++++++++ > _______________________________________________ > Ethereal-dev mailing list > Ethereal-dev@xxxxxxxxxxxx > http://www.ethereal.com/mailman/listinfo/ethereal-dev > > > > _______________________________________________ Wireshark-dev mailing list Wireshark-dev@xxxxxxxxxxxxx http://www.wireshark.org/mailman/listinfo/wireshark-dev
-- ++++++++++++++++++++++++++ + Authesserre Samuel + + 12 rue de la défense passive+ + 14000 CAEN + + FRANCE + + 06-27-28-13-32 + + sauthess@xxxxxxxxx + ++++++++++++++++++++++++++
- References:
- Re: [Wireshark-dev] [Ethereal-dev] Dissector SSL : patch + bugs
- From: ronnie sahlberg
- Re: [Wireshark-dev] [Ethereal-dev] Dissector SSL : patch + bugs
- Prev by Date: Re: [Wireshark-dev] [Ethereal-dev] displaying multiple pdu's in one packet as multiple packets for summary window
- Next by Date: [Wireshark-dev] Windows file dialogs should behave now much more like they should
- Previous by thread: Re: [Wireshark-dev] [Ethereal-dev] Dissector SSL : patch + bugs
- Next by thread: Re: [Wireshark-dev] [Ethereal-dev] displaying multiple pdu's in one packet as multiple packets for summary window
- Index(es):