[Privoxy-users] Weird TLS problem with Apple watch

Ian Silvester iansilvester at fastmail.fm
Sat Feb 29 15:50:55 UTC 2020 

Hi Rainer,

My understanding is that the watch communicates only with the iPhone, and relies on the latter to do all communication out to the internet, correct? In this packet capture then, .91 is the device running privoxy and .66 is the phone?

Thanks,

Ian


On Mon, 17 Feb 2020, at 10:22, Rainer Sokoll wrote:
> Hi,
> 
> if my Iphone uses privoxy as network proxy, the apple watch cannot 
> connect to the internet (Siri fails)
> Once my Iphone connects directly to the Internet, Siri on the watch has 
> no problems.
> Note that on the Iphone itself, everything including Siri works fine, 
> with or without Privoxy.
> 
> I think this packet is the problem:
> 
> ----8<----
> No.     Time           Source                Destination           
> Protocol Length Info
>      64 3.098025       192.168.1.91          192.168.1.66          
> TLSv1.2  143    Application Data, Encrypted Alert
> 
> Frame 64: 143 bytes on wire (1144 bits), 143 bytes captured (1144 bits)
> Ethernet II, Src: Wibrain_34:02:2b (00:1e:06:34:02:2b), Dst: 
> Apple_17:13:32 (d0:d2:b0:17:13:32)
> Internet Protocol Version 4, Src: 192.168.1.91, Dst: 192.168.1.66
> Transmission Control Protocol, Src Port: 8118, Dst Port: 57881, Seq: 1, 
> Ack: 1, Len: 77
>     Source Port: 8118
>     Destination Port: 57881
>     [Stream index: 8]
>     [TCP Segment Len: 77]
>     Sequence number: 1    (relative sequence number)
>     [Next sequence number: 78    (relative sequence number)]
>     Acknowledgment number: 1    (relative ack number)
>     1000 .... = Header Length: 32 bytes (8)
>     Flags: 0x018 (PSH, ACK)
>     Window size value: 1761
>     [Calculated window size: 1761]
>     [Window size scaling factor: -1 (unknown)]
>     Checksum: 0x8461 [unverified]
>     [Checksum Status: Unverified]
>     Urgent pointer: 0
>     Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), 
> Timestamps
>     [SEQ/ACK analysis]
>     [Timestamps]
>         [Time since first frame in this TCP stream: 0.000000000 seconds]
>         [Time since previous frame in this TCP stream: 0.000000000 
> seconds]
>     TCP payload (77 bytes)
> Transport Layer Security
>     TLSv1.2 Record Layer: Application Data Protocol: Application Data
>         Content Type: Application Data (23)
>         Version: TLS 1.2 (0x0303)
>         Length: 41
>         Encrypted Application Data: 
> 0000000000000076922168004e5187f9111c81720d87eb49…
>     TLSv1.2 Record Layer: Encrypted Alert
>         Content Type: Alert (21)
>         Version: TLS 1.2 (0x0303)
>         Length: 26
>         Alert Message: Encrypted Alert
> ----8<----
> 
> Note: Encrypted Alert (Type 21)
> According to RfC 5246 (https://tools.ietf.org/html/rfc5246#page-28) 
> there was a decryption error.
> 
> To be honest, I am not sure…
> 
> Any comment is appreciated.
> 
> Rainer
> _______________________________________________
> Privoxy-users mailing list
> Privoxy-users at lists.privoxy.org
> https://lists.privoxy.org/mailman/listinfo/privoxy-users
>

More information about the Privoxy-users mailing list