Hi,
I'm using tshark with tls.keylog_file option to decrypt my websocket TLS stream. After I run it through tshark, I get a layer 'DATA-TEXT-LINES' which contains the decrypted data. However, this data seems truncated, as I see through the wireshark GUI which has the full decrypted data. I searched through the forums where someone suggested changing ITEM_LABEL_LENGTH in epan/proto.h . So I did that and rebuilt from source, however that also doesn't seem to help.
Any help would be appreciated. I'm using version 3.6.5