Welcome! Log In Create A New Profile

Advanced

Re: tcpdump tls

Slawa Olhovchenkov
July 27, 2020 05:56AM
On Mon, Jul 27, 2020 at 04:32:20PM +0700, Eugene Grosbein wrote:

> 27.07.2020 16:15, Slawa Olhovchenkov пишет:
> > On Mon, Jul 27, 2020 at 02:43:44PM +0700, Eugene Grosbein wrote:
>
> >> В случае сеансовых ключей RSA можно попробовать в Wireshark:
> >> меню Редактирование/Параметры (Edit/Preference),
> >> дальше Protocols/TLS и там есть место вставить серверный ключ.
> >
> > И брать его из браузера? Как?
>
> Тут имелся в виду фиксированный серверный приватный ключ.
>
> >> Для DHE/ECDHE сложнее, но вроде бы можно настроить популярные браузеры
> >> дампить сессионные ключи, чтобы потом можно было их использовать в Wireshark,
> >> в (Pre)-Master-Secret log filename.
> >
> > Отлично, меня это устроит, какие ключевые слова гуглить?
>
> Я гуглил так: wireshark decode https
> Второй ссылкой было https://support.citrix.com/article/CTX116557
> How to Decrypt SSL and TLS Traffic Using Wireshark
>
> Четвертой https://wiki.wireshark.org/TLS#TLS_Decryption

Key logging is enabled by setting the environment variable
SSLKEYLOGFILE to point to a file. Note: starting with NSS 3.24 (used
by Firefox 48 and 49 only), the SSLKEYLOGFILE approach is disabled by
default for optimized builds using the Makefile (those using gyp via
build.sh are not affected). Distributors can re-enable it at compile
time though (using the NSS_ALLOW_SSLKEYLOGFILE=1 make variable) which
is done for the official Firefox binaries. (See bug 1188657.) Notably,
Debian does not have this option enabled, see Debian bug 842292.

и народ на SO жалуется что хромы не пишут. даже с --ssl-key-log-file.

The SSLKEYLOGFILE was originally disabled when the Mozilla team were
debugging an NSS issue in Firefox 65. I had reported the bug here
originally. It was subsequently reenabled in Firefox 66. However, once
again for Firefox 67 it had accidentally been disabled in release
builds again. I once again reopened that original bugzilla ticket to
report it. And they then opened up a new bugzilla task that you linked
in your post. A recent commit has removed the conditional that should
now prevent that bug from reoccurring in future releases. My guess,
the SSLKEYLOGFILE env. variable will work again when Firefox 68
releases, and on some Nightly version very shortly.

ну ок, я понял как это врубить по крайне мере у себя.
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru
Subject Author Posted

tcpdump tls

Slawa Olhovchenkov July 26, 2020 01:48PM

Re: tcpdump tls

Daniel Podolsky July 26, 2020 02:00PM

Re: tcpdump tls

Slawa Olhovchenkov July 26, 2020 02:02PM

Re: tcpdump tls

Илья Шипицин July 26, 2020 02:04PM

Re: tcpdump tls

Илья Шипицин July 26, 2020 02:06PM

Re: tcpdump tls

Evgeniy Berdnikov July 27, 2020 02:58AM

Re: tcpdump tls

Slawa Olhovchenkov July 27, 2020 05:14AM

Re: tcpdump tls

Eugene Grosbein July 27, 2020 03:46AM

Re: tcpdump tls

Илья Шипицин July 27, 2020 04:30AM

Re: tcpdump tls

Slawa Olhovchenkov July 27, 2020 05:16AM

Re: tcpdump tls

Eugene Grosbein July 27, 2020 05:34AM

Re: tcpdump tls

Slawa Olhovchenkov July 27, 2020 05:56AM

Re: tcpdump tls

Илья Шипицин July 27, 2020 05:46AM

Re: tcpdump tls

Slawa Olhovchenkov July 27, 2020 06:00AM

Re: tcpdump tls

Daniel Podolsky July 27, 2020 07:10AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 60
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready