On Wed, Dec 19, 2018 at 03:47:25PM +0100, T.Tributh wrote:
> Shall I open a ticket for openssl?
Before you do that, it would be good to have clarity about the
specific behaviour you're seeing and how it differs from what you
want, and whether you want to see changes in the client or in the
server.
To that end, please post a "tshark" decode of a TLS 1.2 handshake
(thus avoiding encrypted handshake records that make much of the
TLS 1.3 handshake opaque, and your tshark may not yet support TLS
1.3). With reference to that handshake explain what you'd like
to see happen differently on either the client or server end.
Capture a PCAP file of the traffic with
# pcap=$(mktemp -t ocsp)
# port=25 # or 587, 465, ...
# tcpdump -s0 -w "${pcap}" tcp port "${port}"
extract traffic for a specific connection of interest
(you may need to look through the pcap interactively
looking for the connection you wanted).
# conn=$(mktemp -t session)
# client_port=... # provide the desired value
# tcpdump -s0 -r "${pcap}" -w "${conn}" tcp port "${client_port}"
and post the decoded handshake from:
# tshark -r "${conn}" -d "tcp.port==${port},ssl" -V |
sed -ne '/^Secure Sockets Layer/,/^$/p'
Make sure to not rewrap the text.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
