Any idea why isn't the SSL dissector using the straightforward desgementation facilities available by Wireshark?
It is left over from ancient times? It seems like a complex piece of work, instead of nicely using the PDUs dissection infrastructure - and I believe that SSL is a classic protocol for this.
Specifically, it seems to fail to desegment segmented records in the handshake process (on SSL on a non-standard port, coincidence?).
I wonder how much of an effort it'd be to 'convert' it. Anyone looked at it before?
TIA,
Y.