[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wireshark-users
Subject:    Re: [Wireshark-users] Problem deciphering an openssl stream
From:       Philippe Fremy <phil () freehackers ! org>
Date:       2010-10-11 11:47:39
Message-ID: 4CB2F95B.7070805 () freehackers ! org
[Download RAW message or body]

kolos_ws@ural2.hu wrote:
> Hi Philippe,
>
>> Very interesting documentation. Certainly worth adding to the SSL
>> wiki page.
>>
>> Is there any way I can validate that my client is using a DH algorithm ?
>>
>> I looked at the trace again, the thing that looks like choosing the
>> protocol is the following :
>>
>> TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
>>     Content Type: Change Cipher Spec (20)
>>     Version: TLS 1.0 (0x0301)
>>     Length: 1
>>     Change Cipher Spec Message
>>
>> But it does not mention any protocol names. Nor does it in the debug
>> log.
>
> In the trace, look at the Server Hello.
>
> It should contain something like 'Cipher Suite'.
>
> I've just done a quick test, and for me, it looks like:
> "Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)"
>
Handshake Protocol: Server Hello
[...]
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)

I don't see any DH here, so maybe that's not the problem.

> If you're using Firefox as your client, you can view what it's
> configured to use by typing 'about:config' in your address bar.

It's a SOAP call done from a python soap implementation. I should be
able to configure it somewhere but I am not sure of what I should put.

cheers,

Philippe




___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@wireshark.org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@wireshark.org?subject=unsubscribe
[prev in list] [next in list] [prev in thread] [next in thread]