Answers to Common Questions from RSA – Part 1

If you’ve been following our blog, you know we are planning on answering some common questions that we were asked during the 2011 RSA Conference.  Today is the first post in this series.  The first questions we will be looking at are:

Does wolfSSL have sniffer, also known as SSL Inspection functionality?
What about resiliency in the TCP reassembly library?

Q:  Does wolfSSL have sniffer, also  know as SSL Inspection functionality?

Yes, wolfSSL has had SSL Inspection (sniffer) functionality since version 1.5.0.  We have provided a build option allowing the wolfSSL library to be built with this functionality.  This means you are able to collect SSL traffic packets and with the correct key file, are able to decrypt them as well.  This is useful for many reasons, some of which include:

– Analyzing Network Problems
– Detecting network misuse by internal and external users
– Monitoring network usage and data in motion
– Debugging client/server communications

To enable SSL Inspection (sniffer) support, build wolfSSL with the “–enable-sniffer” option on *nix or use the vcproj files on Windows. You will need to have pcap installed on *nix or WinPcap on Windows.  To learn more about functions provided and more detailed usage, please see either the wolfSSL Manual, or the “wolfSSL Additional Features” document.

Q:  What about resiliency in the TCP re-assembly library?

The wolfSSL TCP re-assembly library is currently functional, but not resilient.  This is something that several people have asked about, and something we are looking into.  If you have a need for a resilient TCP re-assembly library, or think this would be beneficial to your project, please let us know at