Wireshark-bugs: [Wireshark-bugs] [Bug 11173] New: HTTP2 dissector decodes

Date: Mon, 04 May 2015 06:32:30 +0000
Bug ID 11173
Summary HTTP2 dissector decodes
Product Wireshark
Version 1.99.x (Experimental)
Hardware x86
OS Mac OS X 10.10
Status UNCONFIRMED
Severity Major
Priority Low
Component TShark
Assignee [email protected]
Reporter [email protected]

Created attachment 13586 [details]
pcap file

Build Information:
TShark (Wireshark) 1.99.5 (v1.99.5-0-g7e8595c from master)

Copyright 1998-2015 Gerald Combs <[email protected]> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, without POSIX capabilities, with libz 1.2.3,
with GLib 2.36.0, with SMI 0.4.8, without c-ares, without ADNS, with Lua 5.2,
with GnuTLS 2.12.19, with Gcrypt 1.5.0, with MIT Kerberos, with GeoIP.

Running on Mac OS X 10.10.3, build 14D136 (Darwin 14.3.0), with locale
ja_JP.UTF-8, with libpcap version 1.5.3 - Apple version 47, with libz 1.2.5,
with GnuTLS 2.12.19, with Gcrypt 1.5.0.
Intel(R) Core(TM) i5-4258U CPU @ 2.40GHz (with SSE4.2)

Built using llvm-gcc 4.2.1 (Based on Apple Inc. build 5658) (LLVM build
2336.9.00).
--
I'm trying to dump HTTP/2 frames with tshark.
But I can't see HTTP/2 frames except the frames in the first SSL record.
Is this a bug?

I am running the command of tshark following:

  tshark -r /tmp/test.pcap -o "http2.heuristic_http2: TRUE" -o
"ssl.desegment_ssl_records: TRUE" -o "ssl.desegment_ssl_application_data: TRUE"
-o "ssl.keylog_file:/tmp/ssl_key.log" -o "ssl.debug_file:/tmp/debug.log"

ssl_key.log is generated by Firefox as follows:

  SSLKEYLOGFILE=/tmp/ssl_key.log
/Applications/Firefox.app/Contents/MacOS/firefox-bin


You are receiving this mail because:
  • You are watching all bug changes.