You're already using up the clienthello callback to get the extensions. Why not get the ciphers offered up by the client in the clienthello packet with SSL_client_hello_get0_ciphers() while you're at it?
Not to mention that it would better conform to the definition of JA3 as a fingerprint of the clienthello packet, not of the negociated SSL session.
You're already using up the clienthello callback to get the extensions. Why not get the ciphers offered up by the client in the clienthello packet with SSL_client_hello_get0_ciphers() while you're at it?
Not to mention that it would better conform to the definition of JA3 as a fingerprint of the clienthello packet, not of the negociated SSL session.