On Thu, Apr 14, 2016 at 3:07 PM, <[email protected]> wrote: Guys, I am trying to decode a new TLS extension in the Client Hello packet. I have the following statement in my LUA: local ssl_ext_table = DissectorTable.get("ssl.handshake.extension.type") This is getting an error. Would appreciate any help that anyone can give. >Where did you get that string? I can't find it in the SSL dissector. That is the name of the field. >In order to get a dissector table (DissectorTable.get()) such a dissector >table has to exist. (A common mistake is to believe that there is a dissector >table for every field (hf) in Wireshark-->there isn't even though there are >sometimes fields that share a name with a dissector table--"tcp.port" is a >good example.) Yes, I was thinking that maybe there is not such a table. >So: you're getting an error because the SSL dissector does not publish such a >table; in other words the dissector is not prepared to have other dissectors >dissecting TLS extensions. >Your best path forward would likely be to just modify the SSL dissector's C >code; ideally you could then push that code to Wireshark so future versions >will dissect the extension too. Sure. Happy to do that (once it all works!) but I was having trouble finding where that SSL dissector's C code actually was. It looks like it may be invoking gnutls libraries? Thanks for your help. Nalini
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
