Dissector bug, header decompression failed

zhanleewo / spdyshark

Automatically exported from code.google.com/p/spdyshark

0 stars 0 forks source link

Dissector bug, header decompression failed #1

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago

I've installed Wireshark 1.7.1 with spdyshark's patch, and I've built a small 
Python spdy-server starting from this project [1].

After some issues (like using the 'DES-CBC3-SHA' cypher Wireshark can decrypt 
SSL fine) [2], I've told Wireshark to use the private key in use and dissect 
the encripted data with spdy dissector (spdyshark).

It almost works ok, but I get this message:

Dissector bug, protocol SPDY: tvbuff.c:958: failed assertion "tvb && 
tvb->initialized"

Moreover, I also get an "Error: Header decompression failed" (I'm using Firefox 
12 with SPDY-enabled as the client).

I'm attaching a screenshot which explains better the problem.

[1] https://github.com/colinmarc/python-spdy
[2] 
http://japhr.blogspot.com.ar/2011/05/ssl-that-can-be-sniffed-by-wireshark.html

Regards

Original issue reported on code.google.com by fernandezm on 16 May 2012 at 6:58

Attachments:

tvbuff_failed_assertion.png

GoogleCodeExporter commented 8 years ago

In a totally different new configuration, I've installed mod_spdy[1] in my 
local Apache Server and made Wireshark capture when Chrome is getting 
https://localhost, and I'm getting the same error messages and behavior.

So I'm getting realized this is, in fact, a bug. :-/

[1] http://code.google.com/p/mod-spdy/

Regards

Original comment by fernandezm on 17 May 2012 at 4:52

GoogleCodeExporter commented 8 years ago

If you can reproduce this with a test certificate and provide the key and pcap, 
that'd be great.

Original comment by hkhalil@google.com on 22 May 2012 at 5:17

GoogleCodeExporter commented 8 years ago

No problem, it is a self-signed test certificate. I'm attaching the key and the 
pcap example, sniffed with Wireshark between a mod_spdy Apache server and a 
Chrome browser.

I hope you can reproduce it, if you need anything else, just make a comment.

Thank you!

Original comment by fernandezm on 22 May 2012 at 6:19

Attachments:

GoogleCodeExporter commented 8 years ago

Looks like you're trying to dissect SPDY 2, which is no longer supported by 
spdyshark.

You can enable SPDY 3 in Chrome via about:flags.

Original comment by hkhalil@google.com on 23 May 2012 at 5:23

Changed state: WontFix

GoogleCodeExporter commented 8 years ago

Oh, I didn't know the last version was not SPDY v3 *and* v2 compatible. 

Taking into account that v3 is not widely deployed (even Google servers doesn't 
support it yet), is possible to add SPDY v2 and v3 (in the same codebase) 
support a longer time?

Regards

Original comment by fernandezm on 23 May 2012 at 6:35

GoogleCodeExporter commented 8 years ago

Google servers do support it. :)

SPDY 3 is enabled for 95% of users on Chrome 20. mod_spdy already supports SPDY 
3. The code overhead for maintaining SPDY 2 and 3 support in wireshark just 
isn't worthwhile.

Original comment by hkhalil@google.com on 23 May 2012 at 8:00