![]() When you click OK the traffic should be decoded immediately. To decrypt this data go to Preferences > Protocols > SSL and browse for the (Pre)-Master-Secret log filename (/tmp/keylog.txt) This is because everything is SSL-encrypted. All you will see isn’t very understandable. Now fire up Wireshark (as of version 2.0.0 XQuartz is gone! So make sure you update Wireshark if you already had it installed). With these two files you can anlyze the traffic. There should be a file at /tmp/keylog.txt and /tmp/tcpdump.out. I’m not exactly sure if this is needed, but it gave me more consistent results. If your on both a wire and wifi disable one of them since you’re never sure which device is getting the packets. Make sure the INTERFACE variable is right (run ifconfig and look voor the various devices). These keys are used in Wireshark to decode the traffic (it’s called the NSS Key Log Format) The SSLKEYLOGFILE is an environment variable used by both Chrome and Firefox to write the used keys to disk. $(which tcpdump) -i $ -s0 -XX -w /tmp/tcpdump.out port 443 & # start the capture (change the interface) #/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome & Applications/Firefox.app/Contents/MacOS/firefox & ![]() # let your browser (Chrome and Firefox) know you want to save the keys to disk In theory this method should work for both HTTP/2 and HTTP/1.1, but I think I found an easier method for my purpose. My starting point was the article ‘ Debugging HTTPS or SSL Connections to a Third Party‘. I think it should be possible with wireshark, but with tcpdump it was a lot easier for me to direct the output to a file and do some pre-filtering on port 443 (the SSL port). A lot of packets were captured, but I couldn’t find the right ones. Wireshark can, of course, be used to capture traffic but I used tcpdump. And since Hadi Hariri made it sound very easy I gave it a shot. But I wanted more, the raw decoded HTTP/2 packets. This inspector is of course a great way to analyze your traffic, since it’s in the browser you don’t need to worry about ssl decoding. When you click the first entry (something like ‘200 GET / ‘) you should see HTTP/2.0 at the Version field on the right. Now enable the network inspector in Firefox ( alt-command-Q ) and enter in the location bar. When you changed a setting you should restart the browser for the settings to become active. In my version of Firefox there are 4 settings, which should all be set to true. Go to about:config in your location bar and search for ‘spdy.enabled’. Http/2 should be enabled by default, but when you want to disable it (to show the HTTP/1.1 SSL traffic for example) or have to troubleshoot you might have to change things. There are plenty of good explanations and when you follow all the links at the Sources-section of this article you should have enough information to understand this article. But with a but of tuning it should work on other Mac version, Linux and Chrome too. ![]() This article is written for Mac (Yosemite) and Firefox (42). The method I’ll explain to decode HTTP/2 can also be applied to HTTP/1.1Ī little warning : my network/security knowledge is a bit rusty since I’m a Java programmer and don’t do this stuff on a daily basis. He made it sound very easy, but since I wrote this article it was a bit harder. Hadi mentioned Wireshark had support to solve this problem. Soon I faced SSL-decoded-packet-problems (in practice all HTTP/2 traffic is encrypted). Since I’m a curious guy I wanted to know what was happening at packet level in this awesomeness. Many of the solutions of HTTP/2 are solutions to problems I face daily. ![]() Moreover, while the client is up and running, we can use Wireshark to sniff the WebSocket packets: 8.Last JavaOne I attended ‘HTTP 2.0 – What do I need to know?’, an excellent talk by Hadi Hariri. In the logs, we can see the connection and the message exchange. Hence, let’s give a meaningful implementation to these methods: public class StompClientSessionHandler extends StompSessionHandlerAdapter void afterConnected(StompSession session, StompHeaders connectedHeaders) Intentionally, the StompSessionHandlerAdapter class does not provide implementations except for the method getPayloadType. Next, let’s define a handler that extends the StompSessionHandlerAdapter. This creates a WebSocket client and then registers a STOMP client session handler. StompSessionHandler sessionHandler = new StompClientSessionHandler() tMessageConverter(new MappingJackson2MessageConverter()) WebSocketStompClient stompClient = new WebSocketStompClient(client) WebSocketClient client = new StandardWebSocketClient()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |