Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Patch Wireshark 3.0.2 to hook TPKT dissector into TLS decryption
--- packet-tpkt.c.orig 2019-06-21 14:47:47.831026881 +0000
+++ packet-tpkt.c 2019-06-21 15:05:31.115056289 +0000
@@ -22,6 +22,7 @@
#include <epan/show_exception.h>
#include "packet-tpkt.h"
+#include "packet-tls.h"
void proto_register_tpkt(void);
void proto_reg_handoff_tpkt(void);
@@ -42,6 +43,7 @@
static gboolean tpkt_desegment = TRUE;
#define TCP_PORT_TPKT_RANGE "102"
+#define SSL_PORT_TPKT 3389
/* find the dissector for OSI TP (aka COTP) */
static dissector_handle_t osi_tp_handle;
@@ -668,7 +670,8 @@
port_range = range_copy(wmem_epan_scope(), tpkt_tcp_port_range);
dissector_add_uint_range("tcp.port", port_range, tpkt_handle);
+ ssl_dissector_add(SSL_PORT_TPKT, tpkt_handle);
/*
tpkt_ascii_handle = create_dissector_handle(dissect_ascii_tpkt, proto_tpkt);
dissector_add_uint("tcp.port", TCP_PORT_TPKT, tpkt_ascii_handle);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.