sample/fetch support for TLS extensions

Discussion:

sample/fetch support for TLS extensions

Alexey Elymanov

2018-10-16 12:17:47 UTC

I would like to propose a little patch, based on current ssl_capture
(ssl_sock.c) scheme.
Purpose is to be able to sample/fetch TLS extensions, it could be useful
for debugging or fingerprinting purposes (for example, cURL and Firefox
provide different sets of extensions in ClientHello message).

it provides two hooks, which should be enough for further Lua
processing/request forwarding/analysis: smp_fetch_ssl_fc_exts_bin,
smp_fetch_ssl_fc_exts_hex

Lukas Tribus

2018-10-18 21:17:24 UTC

Hello Alexey,

I would like to propose a little patch, based on current ssl_capture (ssl_sock.c) scheme.
Purpose is to be able to sample/fetch TLS extensions, it could be useful for debugging or fingerprinting purposes (for example, cURL and Firefox provide different sets of extensions in ClientHello message).
it provides two hooks, which should be enough for further Lua processing/request forwarding/analysis: smp_fetch_ssl_fc_exts_bin, smp_fetch_ssl_fc_exts_hex

Looping in Thierry (LUA), Emeric (SSL).

lukas

1 Reply
1 View
Permalink to this page
Disable enhanced parsing

Thread Navigation

Alexey Elymanov 2018-10-16 12:17:47 UTC

Lukas Tribus 2018-10-18 21:17:24 UTC

about - legalese

Loading...