mirror of
https://github.com/wader/fq.git
synced 2024-12-27 15:42:07 +03:00
051a70bd4b
All other ranges and slicing uses exclusive end so i think it make sense to make it consistent. Update docs and add additional example for non-byte-aligned field. Also fixes issue showing zero bit ranges as start-NA. |
||
---|---|---|
.. | ||
ciphersuites | ||
keylog | ||
rezlib | ||
testdata | ||
tlsdecrypt | ||
alerts.go | ||
extensions.go | ||
README.md | ||
tls.go | ||
tls.md |
Dev notes
TLS deflate compression seems to actually be zlib, so zlib header + deflate. Also each record is compressed with a flush (trailing 0x00 0x00 0xff 0xff) so that they can be uncompressed individually.
https://lekensteyn.nl/files/wireshark-ssl-tls-decryption-secrets-sharkfest18eu.pdf
tshark -x -V -o tls.keylog_file:file.keylog -r file.pcap
Wireshark gui has TLS debug option to write key/iv etc
tcpdump -i en0 -w file.pcap
SSLKEYLOGFILE=file.keylog /path/to/sslkey-able/curl --http1.1 -tlsv1.2 --tls-max 1.2 -v https://host/path
TLS 1.3 dumps https://gitlab.com/wireshark/wireshark/-/issues/12779