-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ClientHello custom extension field #483
Comments
Since adding an extension will change the length of the extensions field and the length of the ClientHelllo, you need to recreate the changed ClientHello and then feed it into the HandshakeHashes object. Honestly, I'm not sure what you want to do: if you have a middle box that wants to change the CH message, then it needs to be a TLS endpoint, as that's the only way to calculate correct Finished message... |
Yes you are right, I have a middle box that append the custom CH field, adding an information that I want to extract on tlsliste-ng. The problem is that it raises a SSL_ERROR_BAD_MAC_ALERT during handshake. Is there a way to disable MAC verification on tlslite-ng ? |
No, there isn't an API to do that. |
Thanks @tomato42 for your help. One more question, is it possible to plug an flask/uwsgi app on tlslite-ng? I'm trying to change tls.py to do it, with no success so far. |
no idea, never used flask or uwsgi, see into |
Hi, I would like to extract data from an custom extension field injected after the browser sent clienthello. The value is injected in our routers. Where is a good starting point to restore the packet integrity (HMAC, size)?
Thanks
The text was updated successfully, but these errors were encountered: