Wireshark-bugs: [Wireshark-bugs] [Bug 5423] New: SSL decryption does not work for Opera or Chrom

Date: Sat, 20 Nov 2010 07:41:43 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5423

           Summary: SSL decryption does not work for Opera or Chromium
                    connections on OSX
           Product: Wireshark
           Version: SVN
          Platform: Other
        OS/Version: Mac OS X 10.6
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: henry.story@xxxxxxxxxxx


Created an attachment (id=5491)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=5491)
Chromium 9.0.590.0 (66648) libpcap

Build Information:
Version 1.5.0 (SVN Rev 34961 from /trunk)

Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.22.0, with GLib 2.26.0, with libpcap 1.1.1, with
libz 1.2.5, without POSIX capabilities, without libpcre, without SMI, without
c-ares, without ADNS, without Lua, without Python, with GnuTLS 2.8.6, with
Gcrypt 1.4.6, with MIT Kerberos, without GeoIP, without PortAudio, without
AirPcap.

Running on Mac OS 10.6.5 (Darwin 10.5.0), with libpcap version 1.1.1, with libz
1.2.5, GnuTLS 2.8.6, Gcrypt 1.4.6.

Built using gcc 4.2.1 (Apple Inc. build 5664).

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
I seem to be able to decrypt SSL sessions by following the
http://wiki.wireshark.org/SSL HOWTO for Safari, but not for Opera or Chrome. To
test this I have a very simple java server available at
https://github.com/bblfish/TLS_test

That is one class that you can start with one line.  To download use 
$ git clone git://github.com/bblfish/TLS_test.git
the rest is explained on that page. It contains the public and private key I am
using.

I will attach the trace for Opera, Safari, and Chromium packets I collected on
localhost.
In each case I did the following:
1. Start wireshark, and start listening on lo0
2. open browser
3. connect to https://localhost:8443
3.1 refuse the request for client side certificate (in case that is a problem)
3.2 connect and accept client side certificate

(3.1 and 3.2 are not really possible in Safari as it sends the client
certificate without asking the user)

This is important because now with firesheep and the growing use of SSL it will
be very important to be able to debug SSL enabled sessions on all browsers. The
web is very likely moving to 100% https everywhere. ( My web site and tweets
give more reasons for this http://bblfish.net/ )

The latest Chromium snapshots can be fetched from 
http://build.chromium.org/f/chromium/snapshots/

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.