Is anyone using the RSA key method of TLS decode with WS4.x?

asked 2025-01-17 21:36:39 +0000

Wheezer
1 ●1

Reason for asking: my previous post I thought WS hanging was user error, and it partly was, but now, after properly cleaning out the (broken) personal config, reinstalling the MacOS version from scratch, I still can't load RSA key files without WS hanging. I've tried two ways: (1) Preferences->RSA keys - opens the file dialog correctly but hangs with spinning colour wheel and 100% CPU when you've selected a file and clicked OK. (2) Preference->Protocols->TLS->RSA key file - same behaviour. There is one difference I've observed. Method (2) creates an ssl_keys file in your personal config which then prevents WS from starting properly (this was my previous post). Method (1) doesn't seem to do that, so WS will re-start ok. Reason I want to use the RSA keys method is that I'm trying to debug secure IMAP/TLS and the SSLKEYLOGFILE isn't generated by dovecot/postfix, far as I'm aware. Before I file a bug, I wanted to check if anyone has been using this method successfully on WS4.x. I'm doing this on MacOS Sequoia, but any success anywhere will be good to know about. Thanks for your help.

edit retag flag offensive close merge delete

Comments

There are test/keys and test/captures available in the source repository.

Can you pick a set, test and report back so we can look at a common capture file.

Chuckc ( 2025-01-17 23:01:59 +0000 )edit

Thanks @Chuckc - I picked a couple of keys - specifically tls-over-tls.key and rsa-p-lt-q.p8 from the repo you reference - and still get the same behaviour. To be clear, I don't get as far as looking at a capture file. WS hangs/100% CPU at the point I click OK on selecting the key file.

Wheezer ( 2025-01-19 11:13:23 +0000 )edit

ok - so I just tried it on a different laptop which had WS4.4.0 installed. Trying to load the same tls-over-tls.key file I got a full on crash. I've pasted as much as the comment box will take below. Let me know if you want more and I can share the whole thing in a google-doc or something.. Thanks for your help.

Translated Report (Full Report Below)

Process:               Wireshark [949]
Path:                  /Applications/Wireshark.app/Contents/MacOS/Wireshark
Identifier:            org.wireshark.Wireshark
Version:               4.4.0 (4.4.0)
Code Type:             X86-64 (Translated)
Parent Process:        launchd [1]
User ID:               501

Date/Time:             2025-01-19 11:09:45.9307 +0000
OS Version:            macOS 15.1.1 (24B91)
Report Version:        12
Anonymous UUID:        2AEB67A1-5A51-36B6-44DF-6922C81962D9

Sleep/Wake UUID:       14BACDBC-172B-4B9C-BC34-B4CE0EE2E8F9

Time Awake Since Boot: 3100000 seconds
Time Since Wake:       3466 seconds

System Integrity Protection: enabled

Notes:
PC register does not match crashing frame ...

(more)

Wheezer ( 2025-01-19 11:25:09 +0000 )edit

Please raise an issue on the Wireshark GitLab instance, attaching as much info as possible, ideally the capture and the key. An issue can be marked as "Confidential" to restrict access to the issue and attachments to core developers.

grahamb ( 2025-01-19 11:40:53 +0000 )edit

Please add full output of wireshark -v or copy text from Help->About Wireshark:Wireshark tab.
This will include a list of libraries and versions that may help to diagnose.

Chuckc ( 2025-01-19 12:15:04 +0000 )edit

see more comments

Is anyone using the RSA key method of TLS decode with WS4.x?

Comments

Translated Report (Full Report Below)

1 Answer

Your Answer

Question Tools

Stats

Related questions

Is anyone using the RSA key method of TLS decode with WS4.x? edit

Comments

Translated Report (Full Report Below)

1 Answer

Your Answer

Question Tools

Stats

Related questions

Is anyone using the RSA key method of TLS decode with WS4.x?