1 | initial version |
Sample capture attached to issue 12779 - Add TLS 1.3 support:
tls13-22-hrr.pcap: picotls client with boringssl 2fce1bed (draft -22 with HelloRetryRequest)
The implementation of HelloRetryRequest
seems to vary by draft version.
In the current Wireshark code, packet-tls-utils.c looks for a magic string:
/** * Scan a Server Hello handshake message for the negotiated version. For TLS 1.3 * draft 22 and newer, it also checks whether it is a HelloRetryRequest. */ void tls_scan_server_hello(tvbuff_t *tvb, guint32 offset, guint32 offset_end, guint16 *server_version, gboolean *is_hrr) { /* SHA256("HelloRetryRequest") */ static const guint8 tls13_hrr_random_magic[] = { 0xcf, 0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11, 0xbe, 0x1d, 0x8c, 0x02, 0x1e, 0x65, 0xb8, 0x91, 0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e, 0x07, 0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c };
The filter would be:
tls.handshake.random == cf:21:ad:74:e5:9a:61:11:be:1d:8c:02:1e:65:b8:91:c2:a2:11:16:7a:bb:8c:5e:07:9e:09:e2:c8:a8:33:9c
Another approach would be to search the Info column for "Hello Retry Request".
See the filtcols Lua plugin.