(12-04-2018, 10:05 AM)Codehunter Wrote: I found an issue by accident in TIdSSLIOHandlerSocketOpenSSL.OnStatusInfoEx for the need of writing an NSS-file to decrypt TLS-1.2-communication with Wireshark. It seems that the declaration of SSL3_STATE in IdSSLOpenSSLHeaders.pas shifts the memory content from the DLL one byte to left. When i shift the S3-Pointer via Dec(PByte(S3)) also one byte to left so it will work fine.
I have checked in a fix for IdSSLOpenSSLHeaders.pas. There was indeed a 1-off error in the declaration of the SSL3_STATE.write_mac_secret field, which is right above the server_random and client_random fields.
That being said, you really should not be accessing OpenSSL's record fields directly anymore. Use appropriate accessor functions from the OpenSSL API instead. In fact, once Indy is (eventually) updated to support OpenSSL 1.1+, direct access to record fields will no longer be possible at all, as ALL of OpenSSL's records were changed to opaque types in 1.1, so you MUST use accessor functions only. So, you may as well get in the habit of doing it now, because it is coming down the line in the future.