Evan Huus
changed
bug 9515
Comment # 20
on bug 9515
from Evan Huus
Hmmm, I tend to agree with Michael... even the "original" approach (before
these patches) where the protocols just used `call_dissector` with the ssl
handle seems weird... the application-layer protocol proxy-ing the call to the
ssl dissector and then re-dissecting it themselves? yuck.
I'm not sure how feasible this is, but in an ideal world, when a STARTTLS
message is seen:
- the application-layer protocol would tell the TCP dissector that "this
conversation is SSL-encrypted from frame x onwards"
- the TCP dissector would then call SSL directly for those frames, along with a
hint of "this is the application-layer protocol to use for the payload"
I have no idea if this would work, but simply adding a "ssl-start-frame" to the
tcp conversation data (defaulting to -1) and then if that is set, call SSL for
those frames instead of whatever the normal dissector would be (but passing the
normal dissector along as a hint).
Thoughts?
(P.S. I have no principled objections to the code in the existing patches - if
after some conversation/exploration we decide that it is the best way to
proceed architecturally, then +1)
You are receiving this mail because:
- You are watching all bug changes.