From 5c20a7401b35d2e6391672e14d0b794b9ec6a8ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Peter=20Kov=C3=A1=C5=99?= <peter.kovar@reflexion.tv>
Date: Sat, 10 Aug 2024 20:26:32 +0200
Subject: [PATCH 1/2] Add TLS Version 1.3 Handling
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Peter Kovář <peter.kovar@reflexion.tv>
---
 ssl/ssldecode.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ssl/ssldecode.c b/ssl/ssldecode.c
index 5e6a853..7960001 100644
--- a/ssl/ssldecode.c
+++ b/ssl/ssldecode.c
@@ -555,6 +555,7 @@ int ssl_restore_session(ssl_obj *ssl, ssl_decoder *d) {
     case TLSV1_VERSION:
     case TLSV11_VERSION:
     case TLSV12_VERSION:
+    case TLSV13_VERSION:
       if((r = ssl_generate_keying_material(ssl, d)))
         ABORT(r);
       break;
@@ -655,6 +656,7 @@ int ssl_process_client_key_exchange(ssl_obj *ssl,
     case TLSV1_VERSION:
     case TLSV11_VERSION:
     case TLSV12_VERSION:
+    case TLSV13_VERSION:
       if((r = ssl_generate_keying_material(ssl, d)))
         ABORT(r);
       break;

From 00171e1bf932c9b92077e23ec7ad8b4740603db0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Peter=20Kov=C3=A1=C5=99?= <peter.kovar@reflexion.tv>
Date: Sat, 10 Aug 2024 20:29:32 +0200
Subject: [PATCH 2/2] Add ECH
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Peter Kovář <peter.kovar@reflexion.tv>
---
 ssl/ssl.enums.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ssl/ssl.enums.c b/ssl/ssl.enums.c
index feb8513..c4ac065 100644
--- a/ssl/ssl.enums.c
+++ b/ssl/ssl.enums.c
@@ -244,7 +244,7 @@ static int decode_HandshakeType_ClientHello(ssl_obj *ssl,
   SSL_DECODE_UINT16(ssl, "extensions len", 0, data, &exlen);
   if(exlen) {
     explain(ssl, "extensions\n");
-    while(data->len) {
+    while(data->len > 0) {
       SSL_DECODE_UINT16(ssl, "extension type", 0, data, &ex);
       if(!ja3_ex_str)
         ja3_ex_str = calloc(7, 1);
@@ -1714,6 +1714,7 @@ decoder extension_decoder[] = {
     {55, "external_id_hash", decode_extension},
     {56, "external_session_id", decode_extension},
     {13172, "next_protocol_negotiation", decode_extension},
+    {0xfe0d, "encrypted_client_hello", decode_extension},
     {0xff01, "renegotiation_info", decode_extension},
     {-1}};