On Monday, 7 June 2021 21:01:04 CEST, Arran Cudbard-Bell wrote:
The tables to convert extension IDs and compression methods to
humanly readable names are not available outside ssl/t1_trace.c.
SSL_trace() itself produces reams of helpful information as
handshakes progress, and is particularly useful for dealing with
encrypted handshakes, where wireshark et al don't provide useful
output.
Note that many tools are able to produce a keyfile that wireshark can use
to decrypt the encrypted parts of handshake and exchanged data too.
Look for SSLKEYLOGFILE in https://wiki.wireshark.org/TLS
It's supported in clients like Firefox and curl, as well as in servers,
like httpd: https://github.com/apache/httpd/pull/74
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00 Brno, Czech Republic
