This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

where is “ssl_set_master_secret() called in Wireshark?

1	I'm not able to find where is it called? or how is it used? here is a link for this function from wireshark documentation. ssl wireshark asked 09 Apr '15, 15:21 flora 156●31●33●38 accept rate: 100%

One Answer:

I believe that this ssl_set_master_secret() function is exported for third-party plugins. These can then supply secrets to the SSL dissector.

For offline captures, it might be easier to include a SSL keylog file next to the capture which is more portable than a binary plugin. For live captures, you can still use the SSL keylog file if the SSL client/server can provide such secrets (NSS can do this, CyaSSL can be patched, OpenSSL can also be forced with a debugger/interposing library).

answered 10 Apr '15, 06:14

Lekensteyn
2.2k●3●7●24
accept rate: 30%