Question about psk_key_exchange_modes extension

cisco / joy

A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.

Other

1.3k stars 329 forks source link

Question about psk_key_exchange_modes extension #231

Closed alonbright closed 5 years ago

alonbright commented 5 years ago

Hi, I started to explore your DB a bit, and I found out that the content in the json of extension _psk_key_exchangemodes (extension 0x002d) is always empty, though it seems like from here:

https://github.com/cisco/joy/blob/4157222240994440c2f7835e699404a9e0f5fe53/fingerprinting/tls_fingerprint.py#L57

that you want to extract the value of that extension. Am i missing something?

Thanks!

banderson84 commented 5 years ago

Hi,

Yes, it is always missing... because of a bug I introduced into the fingerprint database post-processing. Thank you very much for pointing this out! I will push a fixed database soon.

Thanks, Blake

bhudson33 commented 5 years ago

blake has this been committed and fixed?

seredvladislav commented 5 years ago

Is there any updates? Bug has been fixed or not?

banderson84 commented 5 years ago

Sorry, I forgot to close the issue. Yes, it was fixed about 5 months ago.