Re: TDS : TLS Exchange

[Graham Bloice <graham.bloice () trihedral com>]

Yep, that's what's happening, see here:
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-tds/60f56408-0188-4cd5-8b90-25c6f2423868,
somewhat similar to the STARTTLS behaviour in SMTP for example.

There's currently no code in the TDS dissector to hand-off to the TLS
dissector.

On Fri, 14 Aug 2020 at 14:50, nalini.elkins () insidethestack com <
nalini.elkins () insidethestack com> wrote:

> Hello List,
>
> I have a trace from a Microsoft SQL server using TDS.
>
> Tabular Data Stream <https://en.wikipedia.org/wiki/Tabular_Data_Stream>
>
> Tabular Data Stream
>
> During the early development of Sybase SQL Server, the developers at
> Sybase perceived the lack of a commonly acc...
> <https://en.wikipedia.org/wiki/Tabular_Data_Stream>
>
>
> It looks like the first part of it is the TLS exchange.   I am attaching
> trace.   Any thoughts on a potential breakout of this?
>
> If I decode as TLS, then the application data packets appear to decode
> fine but not the TLS handshake.
>
> Thoughts?
>
> Nalini Elkins
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org
> ?subject=unsubscribe



-- 
Graham Bloice
Software Developer
Trihedral UK Limited

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe