Huzzah! A new
tls-grab has been released. Version
2.0.0 is available
now. This version has a number of improvements:
- It's dumber! Which is a good thing, in this case. The previous version was trying to be too clever and didn't show certificates it should have. Now
tls-grabwill show the first certificate in the chain.
- The CLI flag parsing now uses pflag over the stdlib's flag library. This makes the CLI more GNU-ish, which in my opinion is more comfortable.
- Debug logging! Not super useful for y'all, but it helps me out.
- Proper SNI support, allowing you to override the hostname provided in the handshake.
tls-grabalways supported SNI, but you couldn't connect to a server and use a different hostname. Now you can, with
- Removed the
-serverflag, just specify the server's name on the command line. Even more comfortable! I wish I had done this earlier, forgetting to include the flag each time was rather annoying...
Next up is creating a man page and some OS packaging. Though that later bit is part of a larger plan, more on that another time.