| Bug ID |
10338
|
| Summary |
MySQL: Request Unknown (133) (SSL: Handshake response packet)
|
| Classification |
Unclassified
|
| Product |
Wireshark
|
| Version |
Git
|
| Hardware |
All
|
| OS |
All
|
| Status |
UNCONFIRMED
|
| Severity |
Minor
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Build Information:
Paste the COMPLETE build information from "Help->About Wireshark", "wireshark
-v", or "tshark -v".
--
After the MySQL protocol has established a SSL connection the first packet is a
HandshakeResponse packet (aka Login Request).
http://dev.mysql.com/doc/internals/en/ssl.html
http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::HandshakeResponse
When SSL is not used the login request is parsed ok, but not when it's in the
SSL connection.
This is because dissect_mysql_pdu() uses this:
if (packet_number == 1) {
col_set_str(pinfo->cinfo, COL_INFO, "Login Request");
offset = mysql_dissect_login(tvb, pinfo, offset, mysql_tree, conn_data);
The loginrequest within the SSL stream is not packet_number 1. (it however is
the first packet in the ssl stream)
If I change it to:
"if ((packet_number == 1) || (packet_number == 2)) {"
then it works, but that's probably not the correct way of doing it.
You are receiving this mail because:
- You are watching all bug changes.