mirror of
https://github.com/wader/fq.git
synced 2024-10-04 07:27:08 +03:00
b08ef00dd1
Replaces []Format with a Group type. A bit more type safe. Breaking change for RegisterFormat, now takes a first argument that is a "single" format group. Lots of naming cleanup. This is also preparation for decode group argument which will enable doing intresting probing, ex a format decoder could know it's decode as part of probe group (html could be probed possibly), or have "arg probe" group for decoder who inspect args to know if they should probe (-d /path/to/schema etc) to enable nice CLI-ergonomics. |
||
|---|---|---|
| .. | ||
| ciphersuites | ||
| keylog | ||
| rezlib | ||
| testdata | ||
| tlsdecrypt | ||
| alerts.go | ||
| extensions.go | ||
| README.md | ||
| tls.go | ||
| tls.md | ||
Dev notes
TLS deflate compression seems to actually be zlib, so zlib header + deflate. Also each record is compressed with a flush (trailing 0x00 0x00 0xff 0xff) so that they can be uncompressed individually.
https://lekensteyn.nl/files/wireshark-ssl-tls-decryption-secrets-sharkfest18eu.pdf
tshark -x -V -o tls.keylog_file:file.keylog -r file.pcap
Wireshark gui has TLS debug option to write key/iv etc
tcpdump -i en0 -w file.pcap
SSLKEYLOGFILE=file.keylog /path/to/sslkey-able/curl --http1.1 -tlsv1.2 --tls-max 1.2 -v https://host/path
TLS 1.3 dumps https://gitlab.com/wireshark/wireshark/-/issues/12779