Wireshark · Wireshark-dev: Re: [Wireshark-dev] [PATCH] add SSLKEYLOGFILE capability to allow Wireshark TLS decoding of payloads

Wireshark-dev: Re: [Wireshark-dev] [PATCH] add SSLKEYLOGFILE capability to allow Wireshark TLS

From: Jaap Keuter <jaap.keuter@xxxxxxxxx>

Date: Mon, 2 May 2022 18:14:25 +0200

Well, the referenced developments are about additional TLS endpoint types (rather than browsers) being able to write to key log files.

I’ll leave reading of the file into Wireshark to the applicable experts.

On 2 May 2022, at 09:32, Dario Lombardo <lomato@xxxxxxxxx> wrote:
There is merge request

https://gitlab.com/wireshark/wireshark/-/merge_requests/1640

that has been closed because of some criticism. Feel free to revamp the topic.

On Mon, May 2, 2022 at 8:45 AM Jaap Keuter <jaap.keuter@xxxxxxxxx> wrote:
More and more programs are leveraging the SSLKEYLOGFILE for our benefit.

Begin forwarded message:

From: Jouni Malinen <j@xxxxx>
Subject: Re: [PATCH] add SSLKEYLOGFILE capability to allow Wireshark TLS decoding of payloads
Date: 1 May 2022 at 18:04:53 CEST
To: Alexander Clouter <alex+hostapd@xxxxxxxxxxx>
Cc: hostap@xxxxxxxxxxxxxxxxxxx

On Thu, Apr 28, 2022 at 11:07:35PM +0100, Alexander Clouter wrote:
A port of the trivial patch I wrote for FreeRADIUS to allow TLS decoding in Wireshark for hostapd/wpa_supplicant:

https://github.com/FreeRADIUS/freeradius-server/commit/df0eb0a8849611cb44e0baeadfd3e6fcd20bc7b9

Thanks, applied. Though, I moved this to be within the
CONFIG_TESTING_OPTIONS=y build option to avoid accidental exposure of
private keys from production builds.

--
Jouni Malinen PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap

___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

--
Naima is online.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

Follow-Ups:
- Re: [Wireshark-dev] [PATCH] add SSLKEYLOGFILE capability to allow Wireshark TLS decoding of payloads
  - From: John Sullivan

References:
- [Wireshark-dev] Fwd: [PATCH] add SSLKEYLOGFILE capability to allow Wireshark TLS decoding of payloads
  - From: Jaap Keuter
- Re: [Wireshark-dev] Fwd: [PATCH] add SSLKEYLOGFILE capability to allow Wireshark TLS decoding of payloads
  - From: Dario Lombardo

Prev by Date: Re: [Wireshark-dev] Fwd: [PATCH] add SSLKEYLOGFILE capability to allow Wireshark TLS decoding of payloads
Next by Date: Re: [Wireshark-dev] [PATCH] add SSLKEYLOGFILE capability to allow Wireshark TLS decoding of payloads
Previous by thread: Re: [Wireshark-dev] Fwd: [PATCH] add SSLKEYLOGFILE capability to allow Wireshark TLS decoding of payloads
Next by thread: Re: [Wireshark-dev] [PATCH] add SSLKEYLOGFILE capability to allow Wireshark TLS decoding of payloads
Index(es):
- Date
- Thread