[PATCH] wireshark Portfile change for SSL / TLS Decryption
Hey All, This patch will allow wireshark to decode SSL and TLS packets [1]. Tested with clean --all wireshark, configure, and install. Tested against test SSL data [2], decoded HTTP session. % port version Version: 1.520 [1] http://wiki.wireshark.org/SSL [2] http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=sna... --- Portfile.orig 2007-08-29 17:41:20.000000000 -0500 +++ Portfile 2007-08-29 17:41:01.000000000 -0500 @@ -27,7 +27,8 @@ port:gtk2 \ port:openssl \ port:libpcap \ - port:zlib + port:zlib \ + port:gnutls configure.args --enable-gtk2 \ --with-net-snmp=no --with-ucd-snmp=no \ @@ -37,6 +38,7 @@ --disable-ipv6 \ --with-pcap=${prefix} \ --with-ssl=${prefix} \ + --with-libgnutls-prefix=${prefix} \ --with-zlib=${prefix} \ --mandir=\\\${prefix}/share/man \ --infodir=\\\${prefix}/share/info \ [galt] ~% uuencode -m Portfile.patch Portfile.patch begin-base64 644 Portfile.patch LS0tIFBvcnRmaWxlLm9yaWcJMjAwNy0wOC0yOSAxNzo0MToyMC4wMDAwMDAwMDAgLTA1MDAKKysr IFBvcnRmaWxlCTIwMDctMDgtMjkgMTc6NDE6MDEuMDAwMDAwMDAwIC0wNTAwCkBAIC0yNyw3ICsy Nyw4IEBACiAJCXBvcnQ6Z3RrMiBcCiAJCXBvcnQ6b3BlbnNzbCBcCiAJCXBvcnQ6bGlicGNhcCBc Ci0JCXBvcnQ6emxpYgorCQlwb3J0OnpsaWIgXAorCQlwb3J0OmdudXRscwogCiBjb25maWd1cmUu YXJncwktLWVuYWJsZS1ndGsyIFwKIAkJLS13aXRoLW5ldC1zbm1wPW5vIC0td2l0aC11Y2Qtc25t cD1ubyBcCkBAIC0zNyw2ICszOCw3IEBACiAJCS0tZGlzYWJsZS1pcHY2IFwKIAkJLS13aXRoLXBj YXA9JHtwcmVmaXh9IFwKIAkJLS13aXRoLXNzbD0ke3ByZWZpeH0gXAorCQktLXdpdGgtbGliZ251 dGxzLXByZWZpeD0ke3ByZWZpeH0gXAogCQktLXdpdGgtemxpYj0ke3ByZWZpeH0gXAogCQktLW1h bmRpcj1cXFwke3ByZWZpeH0vc2hhcmUvbWFuIFwKIAkJLS1pbmZvZGlyPVxcXCR7cHJlZml4fS9z aGFyZS9pbmZvIFwK ==== -- Jon Passki, Partner The Hursk Group, LLC e. jon.passki@hursk.com o. 651/222.3020 "Obvia conspicimus, nubem pellente Mathesi." PGP: 1BB0 A946 927B 93C3 ED6A 0466 6692 6C2C 84BE 4122
On Aug 29, 2007, at 18:12, Jon Passki wrote:
This patch will allow wireshark to decode SSL and TLS packets [1]. Tested with clean --all wireshark, configure, and install. Tested against test SSL data [2], decoded HTTP session.
I'll Cc the maintainer of the port.
% port version Version: 1.520
[1] http://wiki.wireshark.org/SSL [2] http://wiki.wireshark.org/SampleCaptures? action=AttachFile&do=get&target=snakeoil2_070531.tgz
--- Portfile.orig 2007-08-29 17:41:20.000000000 -0500 +++ Portfile 2007-08-29 17:41:01.000000000 -0500 @@ -27,7 +27,8 @@ port:gtk2 \ port:openssl \ port:libpcap \ - port:zlib + port:zlib \ + port:gnutls
configure.args --enable-gtk2 \ --with-net-snmp=no --with-ucd-snmp=no \ @@ -37,6 +38,7 @@ --disable-ipv6 \ --with-pcap=${prefix} \ --with-ssl=${prefix} \ + --with-libgnutls-prefix=${prefix} \ --with-zlib=${prefix} \ --mandir=\\\${prefix}/share/man \ --infodir=\\\${prefix}/share/info \
[galt] ~% uuencode -m Portfile.patch Portfile.patch begin-base64 644 Portfile.patch LS0tIFBvcnRmaWxlLm9yaWcJMjAwNy0wOC0yOSAxNzo0MToyMC4wMDAwMDAwMDAgLTA1MD AKKysr IFBvcnRmaWxlCTIwMDctMDgtMjkgMTc6NDE6MDEuMDAwMDAwMDAwIC0wNTAwCkBAIC0yNy w3ICsy Nyw4IEBACiAJCXBvcnQ6Z3RrMiBcCiAJCXBvcnQ6b3BlbnNzbCBcCiAJCXBvcnQ6bGlicG NhcCBc Ci0JCXBvcnQ6emxpYgorCQlwb3J0OnpsaWIgXAorCQlwb3J0OmdudXRscwogCiBjb25maW d1cmUu YXJncwktLWVuYWJsZS1ndGsyIFwKIAkJLS13aXRoLW5ldC1zbm1wPW5vIC0td2l0aC11Y2 Qtc25t cD1ubyBcCkBAIC0zNyw2ICszOCw3IEBACiAJCS0tZGlzYWJsZS1pcHY2IFwKIAkJLS13aX RoLXBj YXA9JHtwcmVmaXh9IFwKIAkJLS13aXRoLXNzbD0ke3ByZWZpeH0gXAorCQktLXdpdGgtbG liZ251 dGxzLXByZWZpeD0ke3ByZWZpeH0gXAogCQktLXdpdGgtemxpYj0ke3ByZWZpeH0gXAogCQ ktLW1h bmRpcj1cXFwke3ByZWZpeH0vc2hhcmUvbWFuIFwKIAkJLS1pbmZvZGlyPVxcXCR7cHJlZm l4fS9z aGFyZS9pbmZvIFwK ====
On Wed, Aug 29, 2007 at 06:12:28PM -0500, Jon Passki wrote:
Hey All,
This patch will allow wireshark to decode SSL and TLS packets [1]. Tested with clean --all wireshark, configure, and install. Tested against test SSL data [2], decoded HTTP session.
Committed as a variant (+gnutls). Appears to work, please test. -eric
participants (3)
-
Eric Hall
-
Jon Passki
-
Ryan Schmidt