Wireshark mailing list archives
Re: Can't decrypt "snakeoil2" sample SSL session from wiki
From: Sake Blok <sake () euronet nl>
Date: Mon, 10 Sep 2012 22:59:21 +0200
On 10 sep 2012, at 22:45, Gerald Combs wrote:
On 9/10/12 1:32 PM, Sake Blok wrote:Usually that means that you are using a private key that does not match the certificate. But it is the 3rd time I hear problems (on Linux) with decrypting the traffic with a key that is indeed matching the certificate. It might be the version of your SSL libraries that has a bug. Or Wireshark has a bug in the linux version. Could you file a bugreport on https://bugs.wireshark.org?For what it's worth the Buildbot tests decryption of rsasnakeoil2.cap via test/suite-decryption.sh. We currently run tests on Windows XP, Windows 7, Ubuntu 12.04 and Solaris 10.
The latest test being done had the following version info: TShark 1.9.0-SVN-44852 (SVN Rev 44852 from /trunk) Copyright 1998-2012 Gerald Combs <gerald () wireshark org> and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled (64-bit) with GLib 2.32.3, with libpcap, with libz 1.2.3.4, with POSIX capabilities (Linux), without libnl, with SMI 0.4.8, with c-ares 1.7.5, without Lua, without Python, with GnuTLS 2.12.14, with Gcrypt 1.5.0, with MIT Kerberos, with GeoIP. Running on Linux 3.2.0-29-generic, with locale en_US.UTF-8, with libpcap version 1.1.1, with libz 1.2.3.4. Built using gcc 4.6.3. And it decrypted OK. Your version info: Compiled (32-bit) with GTK+ 2.24.10, with Cairo 1.10.2, with Pango 1.29.4, with GLib 2.30.3, with libpcap, with libz 1.2.5.1, with POSIX capabilities (Linux), without SMI, without c-ares, without ADNS, without Lua, without Python, with GnuTLS 2.12.18, with Gcrypt 1.5.0, without Kerberos, without GeoIP, without PortAudio, with AirPcap. Running on Linux 3.2.12-gentoogbe, without locale, with libpcap version 1.1.1, with libz 1.2.5.1, GnuTLS 2.12.18, Gcrypt 1.5.0, without AirPcap. Built using gcc 4.5.3. You might want to try GnuTLS 2.12.14? Or it could be a 64 bit problem in one of the libraries. Maybe someone with a 64 bit ubuntu can check? I lack the time at the moment :-( Cheers, Sake ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Can't decrypt "snakeoil2" sample SSL session from wiki Grant Edwards (Sep 10)
- Re: Can't decrypt "snakeoil2" sample SSL session from wiki Sake Blok (Sep 10)
- Re: Can't decrypt "snakeoil2" sample SSL session from wiki Gerald Combs (Sep 10)
- Re: Can't decrypt "snakeoil2" sample SSL session from wiki Sake Blok (Sep 10)
- Re: Can't decrypt "snakeoil2" sample SSL session from wiki Bas Nedermeijer (Sep 13)
- Re: Can't decrypt "snakeoil2" sample SSL session from wiki Gerald Combs (Sep 10)
- Re: Can't decrypt "snakeoil2" sample SSL session from wiki Sake Blok (Sep 10)