https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15240
Bug ID: 15240
Summary: Adequate and valid filter does not produce target.
Product: Wireshark
Version: 2.6.2
Hardware: x86
OS: Fedora
Status: UNCONFIRMED
Severity: Normal
Priority: Low
Component: Dissection engine (libwireshark)
Assignee: bugzilla-ad...@wireshark.org
Reporter: ricky.t...@gmail.com
Target Milestone: ---
Created attachment 16682
--> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16682&action=edit
curl commands involving POST request and hostname 'wireshark.org'
Build Information:
Wireshark 2.6.2 (v2.6.2)
Compiled (64-bit) with Qt 5.11.1, with libpcap, with POSIX capabilities
(Linux),
with libnl 3, with GLib 2.57.1, with zlib 1.2.11, with SMI 0.4.8, with c-ares
1.13.0, with Lua 5.1.5, with GnuTLS 3.6.3, with Gcrypt 1.8.3, with MIT
Kerberos,
with MaxMind DB resolver, without nghttp2, without LZ4, without Snappy, without
libxml2, with QtMultimedia, without SBC, without SpanDSP, without bcg729.
Running on Linux 4.18.16-300.fc29.x86_64, with Intel(R) Core(TM) i5 CPU M
430 @ 2.27GHz (with SSE4.2), with 3733 MB of physical memory, with locale
fi_FI.UTF-8, with libpcap version 1.9.0-PRE-GIT (with TPACKET_V3), with GnuTLS
3.6.4, with Gcrypt 1.8.3, with zlib 1.2.11, binary plugins supported (0
loaded).
--
To reproduce – Run commands
$ curl -vOLX POST https://www.wireshark.org/download/docs/wsdg_html.zip
(It downloads 191 319 B sized file)
$ curl --request POST -v -output https://www.wireshark.org
Wireshark filter: '(ssl.handshake.type == 1) && (ssl.record.version == 0x304)'.
Actual result: no eligible target.
Expected result: eligible target to be present. Presence of TLS v.1.3 as SSL
record version is illustrated by that curl command:
$ curl -vOLX POST https://www.wireshark.org/download/docs/wsdg_html.zip
(...)
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, [no content] (0):
{ [1 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [15 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [3723 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [80 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, [no content] (0):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
Additional information:
$ curl -V
curl 7.61.1 (x86_64-redhat-linux-gnu) libcurl/7.61.1 OpenSSL/1.1.1 zlib/1.2.11
brotli/1.0.5 libidn2/2.0.5 libpsl/0.20.2 (+libidn2/2.0.5)
libssh/0.8.3/openssl/zlib nghttp2/1.34.0
--
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via: Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives: https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe