A tool called Radview, to simulate 28k modem
connection, breaks up the SSL records and sends it in
multiple TCP packets.
In ssl/sslprint.c:process_v2_hello(), the check for the
record length fails because the rest is in another TCP
packet. This causes the client_secret to be null and
crashes when tried to decode ClientKeyExchange.
The problem seems to be that ssldump needs another
layer in the application to collect "fragmented"
records before processing a complete one.
Sometimes, the client_secret or the server_secret would
be set to some "lucky" random data that it won't cause
crashes, but the decrypting fails.
Logged In: YES
user_id=928659
Duplicate of 858025. I forgot to log in and submitted twice.