Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 565152

Summary: net-analyzer/wireshark-2.0.0_rc3 saves different tcp streams (non-decryptable/non-gunzip'able)
Product: Gentoo Linux Reporter: miro.rovis
Component: Current packagesAssignee: Gentoo Netmon project <netmon>
Status: RESOLVED UPSTREAM    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://ask.wireshark.org
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: emerge --info

Description miro.rovis 2015-11-08 16:28:10 UTC 
I started from, part only telling here, from:

SSL Decode & My Hard-Earned Advice for SPDY/HTTP2 in Firefox
https://forums.gentoo.org/viewtopic-t-1029408.html#7821356

(there you can download, from: 
http://www.CroatiaFidelis.hr/foss/cap/cap-150927-TLS-why-js/ 

e.g.: dump_150927_1848_g0n.pcap

and I checked with the current testing net-analyzer/wireshark-2.0.0_rc2, but I got all different then with previous: net-analyzer/wireshark-1.12.8-r1

Nothing is same. E.g. the:

# tshark -r dump_150927_1848_g0n.pcap -q -z conv,ip 

(which exact line pls. find in the Forums topci linked)

is reverted, what should be OUTPUT is INPUT, and also names are resolved

And also SSL streams don't get decrypted correctly anymore (or something else is not right).

I tried and dumped: dump_150927_1848_g0n_s09.dump. (pls find there how), but nothing can be gunzip'ed in the end (again, follow there).

I expect it is similar with decrypting SSL streams.

Masking the wireshark-2 and reinstalling wireshark-1, all can be done, as I posted there.

Reproducible: Always
Comment 1 miro.rovis 2015-11-08 16:30:49 UTC 
Created attachment 416302 [details]
emerge --info