Open daveschaefer opened 10 years ago
Apparently the hex contstants in ssl_scan_sock.py may be raw captures from a Wireshark trace. We may be able to trace a client hello with a newer version of openssl, or perhaps we could decipher the constants and write them in a more maintainable way.
While working on this a long while back I found a number of things that should be fixed. Created #45 to track it all.
consider closing this issue, because SNI is implemented in OpenSSL long time ago, and I've also fixed it implementing a round-robin for OpenSSL scanner
If you do not scan with SNI, ssl_scan_sock gets a 'protocol version' error from some sites:
Perhaps this is happening because we're sending an old client_hello message from an older TLS spec? This should be updated.