Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC
Bug 565152 - net-analyzer/wireshark-2.0.0_rc3 saves different tcp streams (non-decryptable/non-gunzip'able)
Summary: net-analyzer/wireshark-2.0.0_rc3 saves different tcp streams (non-decryptable...
Status: RESOLVED UPSTREAM
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Netmon Herd
URL: https://ask.wireshark.org
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-11-08 16:28 UTC by miro.rovis
Modified: 2015-11-22 19:24 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments
emerge --info (file_565152.txt,16.40 KB, text/plain)
2015-11-08 16:30 UTC, miro.rovis
Details

Note You need to log in before you can comment on or make changes to this bug.
Description miro.rovis 2015-11-08 16:28:10 UTC
I started from, part only telling here, from:

SSL Decode & My Hard-Earned Advice for SPDY/HTTP2 in Firefox
https://forums.gentoo.org/viewtopic-t-1029408.html#7821356

(there you can download, from: 
http://www.CroatiaFidelis.hr/foss/cap/cap-150927-TLS-why-js/ 

e.g.: dump_150927_1848_g0n.pcap

and I checked with the current testing net-analyzer/wireshark-2.0.0_rc2, but I got all different then with previous: net-analyzer/wireshark-1.12.8-r1

Nothing is same. E.g. the:

# tshark -r dump_150927_1848_g0n.pcap -q -z conv,ip 

(which exact line pls. find in the Forums topci linked)

is reverted, what should be OUTPUT is INPUT, and also names are resolved

And also SSL streams don't get decrypted correctly anymore (or something else is not right).

I tried and dumped: dump_150927_1848_g0n_s09.dump. (pls find there how), but nothing can be gunzip'ed in the end (again, follow there).

I expect it is similar with decrypting SSL streams.

Masking the wireshark-2 and reinstalling wireshark-1, all can be done, as I posted there.

Reproducible: Always
Comment 1 miro.rovis 2015-11-08 16:30:49 UTC
Created attachment 416302 [details]
emerge --info