Ask Your Question
0

WS4.4 hang during initialization after RSA key entry

asked 2025-01-14 19:54:15 +0000

Wheezer gravatar image

Trying to decode a TLS stream in WS 4.4, I loaded an RSA key file as per instructions but WS hung at that point, so I force-quitted and it hasn't started since. It hangs at the point of "Initialising tap listeners" or sometimes "Loading module preferences" with 100% CPU usage according to Activity Monitor.

I've tried removing the application and its configuration as per instructions, restarting the machine from cold and then reinstalling from scratch, but no help. I've browsed around SO and found this but it relates to an older version of WS and the config files it says to delete aren't anywhere to be found, at least by me. Having said that, it is the exact same problem, I think - trying to load RSA keys, then crashing, then hanging on restart. Some other posts refer to this issue but on Windows, and the fixes don't carry across.

Running WS 4.4 application bundle downloaded from here on MacOS Sequoia/Intel

edit retag flag offensive close merge delete

Comments

How large is the key file? Are you opening Wireshark and immediately trying to dissect TLS, perhaps by double clicking a capture file to open Wireshark, or does this happen if you start Wireshark without opening a file or starting a capture?

https://gitlab.com/wireshark/wireshar...https://gitlab.com/wireshark/wireshar...

johnthacker gravatar imagejohnthacker ( 2025-01-14 21:54:15 +0000 )edit

I put a long answer to this comment earlier, but it seems to have gotten lost. Anyway, things have moved on a little bit. To answer your question though, the key file is the RSA key file, not the SSLKEYLOGFILE, so it's just the size of an RSA private key. And it hangs when launching the app - not opening a capture file and before you get to do a capture of any sort.

Wheezer gravatar imageWheezer ( 2025-01-15 19:28:37 +0000 )edit

When I said earlier that things have moved on, I tried installing under a different user, and it seems to work ok. Suggests these a bit of per-user config that's left behind in the de-installation process, that broke in the original crash, that's preventing the app from starting. Any thoughts what that might be?

Wheezer gravatar imageWheezer ( 2025-01-15 19:29:53 +0000 )edit

You can look at your preference files to see what is different, but I can imagine a similar situation to the SSLKEYLOG issue where if the RSA Key file is the same as the TLS debug log there could be an infinite loop

johnthacker gravatar imagejohnthacker ( 2025-01-15 23:45:40 +0000 )edit

Hallelujah - the culprit is the "ssl_keys" file in the config directory. I deleted it, and now WS starts. I was looking in the wrong place for the config directory. Thanks for your help.

Wheezer gravatar imageWheezer ( 2025-01-16 10:18:41 +0000 )edit
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2025-01-16 10:26:10 +0000

Wheezer gravatar image

In the end my issue was not reading the documentation properly. The problem was that the first force-quit left the ssl_keys file in a broken state, and WS hung on startup trying to make sense of it. There was an old Windows answer on SO saying to delete this file, but I couldn't find it on MacOS. When I read Appendix B3 of the documentation, thought I knew where $XDG_CONFIG_HOME on MacOS was. If I'd backed up a page and seen that $XDG_CONFIG_HOME was actually ~/.config, I'd've found it days ago. So, I deleted the ssl_keys file in the ~/.config/wireshark directory and WS now starts properly. Thanks to @johnthacker for keeping me focused on it.

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2025-01-14 19:54:15 +0000

Seen: 28 times

Last updated: yesterday