Analyzing TLS handshake packets

[Manjesh HS <manjesh29hs () gmail com>]

Hi Wireshark User Community,
In my project, there is a LDAP client utility and a LDAP server utility
running on different nodes in the TCP/IP network. There is a need to
establish TLS (LDAPS) connection mode of communication between them in
order to exchange some information.

This functionality is broken recently. A TCP dump file was generated on the
problematic setup to analyze the TLS handshake mechanism. When it was
analyzed through Wireshark tool, it is reporting that the "Client Hello"
packet generated by LDAPS client utility (the one that initiates TLS
handshake), as a malformed packet by reporting an error as "compression
methods length", incompatible as per the protocol specifications. We are
suspectingthat the TLS protocol specifications are violated during this TLS
handshake.

The screenshot of the same has been attached with this mail.

How this issue can happen ? What are the factors that can lead to such an
issue ? Is it an issue with incompatible versions of openSSL/TLS/cipher
suite between client and server ?

Please share your suggestions/comments in order to investigate this issue
further.


- Manjesh.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe