mirror of
https://github.com/adulau/ssldump.git
synced 2024-11-07 12:06:27 +00:00
commit
00f968e1ea
24 changed files with 409 additions and 273 deletions
17
.github/workflows/build.yml
vendored
17
.github/workflows/build.yml
vendored
|
@ -25,27 +25,22 @@ jobs:
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
- name: Install macOS autogen prerequisites
|
|
||||||
run: brew install autoconf automake
|
|
||||||
if: ${{ runner.os == 'macOS' }}
|
|
||||||
- name: ./autogen.sh
|
|
||||||
run: ./autogen.sh
|
|
||||||
- name: Compiler version
|
- name: Compiler version
|
||||||
run: $CC -v
|
run: $CC -v
|
||||||
env:
|
env:
|
||||||
CC: ${{ matrix.compiler }}
|
CC: ${{ matrix.compiler }}
|
||||||
- name: Install Linux dependencies
|
- name: Install Linux dependencies
|
||||||
run: sudo apt install autoconf libssl-dev libpcap-dev libnet1-dev libjson-c-dev
|
run: sudo apt install cmake ninja-build libssl-dev libpcap-dev libnet1-dev libjson-c-dev
|
||||||
if: ${{ runner.os == 'Linux' }}
|
if: ${{ runner.os == 'Linux' }}
|
||||||
- name: Install macOS dependencies
|
- name: Install macOS dependencies
|
||||||
run: |
|
run: |
|
||||||
brew install openssl@3 libpcap libnet json-c
|
brew install cmake ninja openssl@3 libpcap libnet json-c
|
||||||
echo "LDFLAGS=-L$(brew --prefix openssl@3)/lib" >> $GITHUB_ENV
|
echo "LDFLAGS=-L$(brew --prefix openssl@3)/lib" >> $GITHUB_ENV
|
||||||
echo "CPPFLAGS=-I$(brew --prefix openssl@3)/include" >> $GITHUB_ENV
|
echo "CPPFLAGS=-I$(brew --prefix openssl@3)/include" >> $GITHUB_ENV
|
||||||
if: ${{ runner.os == 'macOS' }}
|
if: ${{ runner.os == 'macOS' }}
|
||||||
- name: ./configure
|
- name: cmake -B ${{github.workspace}}/build -G Ninja
|
||||||
run: ./configure
|
run: cmake -B ${{github.workspace}}/build -G Ninja
|
||||||
env:
|
env:
|
||||||
CC: ${{ matrix.compiler }}
|
CC: ${{ matrix.compiler }}
|
||||||
- name: make
|
- name: ninja -C ${{github.workspace}}/build
|
||||||
run: make
|
run: ninja -C ${{github.workspace}}/build
|
||||||
|
|
7
.github/workflows/codeql-analysis.yml
vendored
7
.github/workflows/codeql-analysis.yml
vendored
|
@ -31,10 +31,9 @@ jobs:
|
||||||
languages: ${{ matrix.language }}
|
languages: ${{ matrix.language }}
|
||||||
- name: Build Application using script
|
- name: Build Application using script
|
||||||
run: |
|
run: |
|
||||||
./autogen.sh
|
sudo apt install cmake ninja-build libssl-dev libpcap-dev libnet1-dev libjson-c-dev
|
||||||
sudo apt install autoconf libssl-dev libpcap-dev libnet1-dev libjson-c-dev
|
cmake -B ${{github.workspace}}/build -G Ninja
|
||||||
./configure
|
ninja -C ${{github.workspace}}/build
|
||||||
make
|
|
||||||
- name: Perform CodeQL Analysis
|
- name: Perform CodeQL Analysis
|
||||||
uses: github/codeql-action/analyze@v2
|
uses: github/codeql-action/analyze@v2
|
||||||
with:
|
with:
|
||||||
|
|
117
CMakeLists.txt
Normal file
117
CMakeLists.txt
Normal file
|
@ -0,0 +1,117 @@
|
||||||
|
cmake_minimum_required(VERSION 3.16.3)
|
||||||
|
include(CheckSymbolExists)
|
||||||
|
|
||||||
|
project(
|
||||||
|
ssldump
|
||||||
|
VERSION 1.8
|
||||||
|
DESCRIPTION 20230811
|
||||||
|
LANGUAGES C
|
||||||
|
)
|
||||||
|
|
||||||
|
configure_file(base/pcap-snoop.c.in base/pcap-snoop.c)
|
||||||
|
|
||||||
|
set(SOURCES
|
||||||
|
${CMAKE_BINARY_DIR}/base/pcap-snoop.c
|
||||||
|
base/network.c
|
||||||
|
base/proto_mod.c
|
||||||
|
base/tcppack.c
|
||||||
|
base/tcpconn.c
|
||||||
|
null/null_analyze.c
|
||||||
|
common/lib/r_data.c
|
||||||
|
common/lib/r_assoc.c
|
||||||
|
common/lib/r_errors.c
|
||||||
|
common/lib/debug.c
|
||||||
|
ssl/ssl_analyze.c
|
||||||
|
ssl/ssldecode.c
|
||||||
|
ssl/sslprint.c
|
||||||
|
ssl/ssl.enums.c
|
||||||
|
ssl/sslxprint.c
|
||||||
|
ssl/ciphersuites.c
|
||||||
|
ssl/ssl_rec.c
|
||||||
|
pcap/logpkt.c
|
||||||
|
pcap/pcap_logger.c
|
||||||
|
pcap/sys.c
|
||||||
|
)
|
||||||
|
|
||||||
|
set(CMAKE_MODULE_PATH "${PROJECT_SOURCE_DIR}/cmake/modules/" ${CMAKE_MODULE_PATH})
|
||||||
|
|
||||||
|
find_package(OpenSSL)
|
||||||
|
if(NOT OPENSSL_FOUND)
|
||||||
|
message( FATAL_ERROR
|
||||||
|
"Unable to find OpenSSL development files on this system
|
||||||
|
On Debian and Ubuntu systems you can install the required library and header files with
|
||||||
|
apt install libssl-dev
|
||||||
|
On Fedora systems, with
|
||||||
|
dnf install openssl-devel" )
|
||||||
|
endif()
|
||||||
|
|
||||||
|
#dnf install openssl-devel libpcap-devel libnet-devel json-c-devel
|
||||||
|
|
||||||
|
find_package(PCAP)
|
||||||
|
if(NOT PCAP_FOUND)
|
||||||
|
message( FATAL_ERROR
|
||||||
|
"Unable to find libpcap development files on this system
|
||||||
|
On Debian and Ubuntu systems you can install the required library and header files with
|
||||||
|
apt install libpcap-dev
|
||||||
|
On Fedora systems, with
|
||||||
|
dnf install libpcap-devel" )
|
||||||
|
endif()
|
||||||
|
|
||||||
|
find_package(LIBNET)
|
||||||
|
if(NOT LIBNET_FOUND)
|
||||||
|
message( FATAL_ERROR
|
||||||
|
"Unable to find libnet development files on this system
|
||||||
|
On Debian and Ubuntu systems you can install the required library and header files with
|
||||||
|
apt install libnet1-dev
|
||||||
|
On Fedora systems, with
|
||||||
|
dnf install libnet-devel" )
|
||||||
|
endif()
|
||||||
|
|
||||||
|
find_package(JSONC)
|
||||||
|
if(NOT JSONC_FOUND)
|
||||||
|
message( FATAL_ERROR
|
||||||
|
"Unable to find libjson-c development files on this system
|
||||||
|
On Debian and Ubuntu systems you can install the required library and header files with
|
||||||
|
apt install libjson-c-dev
|
||||||
|
On Fedora systems, with
|
||||||
|
dnf install json-c-devel" )
|
||||||
|
endif()
|
||||||
|
|
||||||
|
add_executable(${PROJECT_NAME} ${SOURCES})
|
||||||
|
|
||||||
|
check_symbol_exists(strdup "string.h" HAVE_STRDUP)
|
||||||
|
if(HAVE_STRDUP)
|
||||||
|
add_definitions(-DHAVE_STRDUP)
|
||||||
|
endif()
|
||||||
|
|
||||||
|
add_definitions(-DLINUX)
|
||||||
|
add_definitions(-DOPENSSL)
|
||||||
|
add_definitions(-D_DEFAULT_SOURCE=1)
|
||||||
|
|
||||||
|
target_include_directories(ssldump
|
||||||
|
PRIVATE
|
||||||
|
${PROJECT_SOURCE_DIR}/common/include
|
||||||
|
${PROJECT_SOURCE_DIR}/common/lib
|
||||||
|
${PROJECT_SOURCE_DIR}/null
|
||||||
|
${PROJECT_SOURCE_DIR}/ssl
|
||||||
|
${PROJECT_SOURCE_DIR}/base
|
||||||
|
${PROJECT_SOURCE_DIR}/pcap
|
||||||
|
${OPENSSL_INCLUDE_DIR}
|
||||||
|
${PCAP_INCLUDE_DIR}
|
||||||
|
${LIBNET_INCLUDE_DIR}
|
||||||
|
${JSONC_INCLUDE_DIR}
|
||||||
|
)
|
||||||
|
|
||||||
|
target_link_libraries(ssldump
|
||||||
|
PRIVATE
|
||||||
|
${OPENSSL_LIBRARIES}
|
||||||
|
${PCAP_LIBRARY}
|
||||||
|
${LIBNET_LIBRARY}
|
||||||
|
${JSONC_LIBRARIES}
|
||||||
|
)
|
||||||
|
|
||||||
|
set(CMAKE_INSTALL_PREFIX "/usr/local")
|
||||||
|
install(TARGETS ssldump DESTINATION ${CMAKE_INSTALL_PREFIX}/bin)
|
||||||
|
|
||||||
|
set(CMAKE_INSTALL_MANDIR "/usr/local/share/man")
|
||||||
|
install(FILES ssldump.1 DESTINATION ${CMAKE_INSTALL_MANDIR}/man1)
|
37
Makefile.am
37
Makefile.am
|
@ -1,37 +0,0 @@
|
||||||
sbin_PROGRAMS = ssldump
|
|
||||||
man_MANS = ssldump.1
|
|
||||||
|
|
||||||
ssldump_SOURCES = \
|
|
||||||
base/pcap-snoop.c\
|
|
||||||
base/network.c\
|
|
||||||
base/proto_mod.c\
|
|
||||||
base/tcppack.c\
|
|
||||||
base/tcpconn.c\
|
|
||||||
null/null_analyze.c\
|
|
||||||
common/lib/r_data.c\
|
|
||||||
common/lib/r_assoc.c\
|
|
||||||
common/lib/r_errors.c\
|
|
||||||
common/lib/debug.c\
|
|
||||||
ssl/ssl_analyze.c\
|
|
||||||
ssl/ssldecode.c\
|
|
||||||
ssl/sslprint.c\
|
|
||||||
ssl/ssl.enums.c\
|
|
||||||
ssl/sslxprint.c\
|
|
||||||
ssl/ciphersuites.c\
|
|
||||||
ssl/ssl_rec.c\
|
|
||||||
pcap/logpkt.c\
|
|
||||||
pcap/pcap_logger.c\
|
|
||||||
pcap/sys.c
|
|
||||||
|
|
||||||
|
|
||||||
ssldump_CPPFLAGS = \
|
|
||||||
-I$(top_srcdir)\
|
|
||||||
-I$(top_srcdir)/common/include\
|
|
||||||
-I$(top_srcdir)/common/lib\
|
|
||||||
-I$(top_srcdir)/null\
|
|
||||||
-I$(top_srcdir)/ssl\
|
|
||||||
-I$(top_srcdir)/base\
|
|
||||||
-I$(top_srcdir)/pcap\
|
|
||||||
-D_DEFAULT_SOURCE=1\
|
|
||||||
-DLINUX\
|
|
||||||
-DOPENSSL
|
|
50
README.md
50
README.md
|
@ -21,7 +21,7 @@ includes a JSON output option, supports [JA3](https://github.com/salesforce/ja3)
|
||||||
|
|
||||||
# How to do I run ssldump?
|
# How to do I run ssldump?
|
||||||
|
|
||||||
`./ssldump -j -ANH -n -i any | jq` will run ssldump on all interfaces and output the result in JSON format including ja3 hashes.
|
`./ssldump -j -ANH -n -i any | jq` will run ssldump on all interfaces and output the result in JSON format including ja3 hashes.
|
||||||
|
|
||||||
For more details, check the man page.
|
For more details, check the man page.
|
||||||
|
|
||||||
|
@ -29,7 +29,7 @@ For more details, check the man page.
|
||||||
|
|
||||||
This example will query ja3er.com service to display the known ja3 hashes from the TLS handshaked in the pcap.
|
This example will query ja3er.com service to display the known ja3 hashes from the TLS handshaked in the pcap.
|
||||||
|
|
||||||
`ssldump -r yourcapture.pcap -j | jq -r 'select(.ja3_fp != null) | .ja3_fp' | parallel 'curl -s -X GET 'https://ja3er.com/search/{}' | jq .'`
|
`ssldump -r yourcapture.pcap -j | jq -r 'select(.ja3_fp != null) | .ja3_fp' | parallel 'curl -s -X GET 'https://ja3er.com/search/{}' | jq .'`
|
||||||
|
|
||||||
# Why do you maintain this repository?
|
# Why do you maintain this repository?
|
||||||
|
|
||||||
|
@ -53,41 +53,39 @@ other too (but this is just a collateral damage).
|
||||||
|
|
||||||
# Build instructions
|
# Build instructions
|
||||||
|
|
||||||
On Debian & Ubuntu:
|
Install dependencies on Debian & Ubuntu (as root):
|
||||||
```
|
```
|
||||||
apt install build-essential autoconf libssl-dev libpcap-dev libnet1-dev libjson-c-dev
|
apt install build-essential git cmake ninja-build libssl-dev libpcap-dev libnet1-dev libjson-c-dev
|
||||||
./autogen.sh
|
|
||||||
./configure --prefix=/usr/local
|
|
||||||
make
|
|
||||||
(optional) make install
|
|
||||||
```
|
```
|
||||||
|
|
||||||
On Fedora, CentOS, RHEL & Rocky:
|
On Fedora, CentOS, RHEL & Rocky (as root):
|
||||||
```
|
```
|
||||||
dnf install autoconf automake gcc make openssl-devel libpcap-devel libnet-devel json-c-devel
|
dnf install git cmake ninja-build gcc openssl-devel libpcap-devel libnet-devel json-c-devel
|
||||||
./autogen.sh
|
|
||||||
./configure --prefix=/usr/local
|
|
||||||
make
|
|
||||||
(optional) make install
|
|
||||||
```
|
```
|
||||||
|
|
||||||
Optional configuration features (aka ./configure options):
|
On OpenBSD (as root):
|
||||||
```
|
```
|
||||||
--disable-optimization disable compiler optimizations (change from -O2 to -O0)
|
pkg_add git cmake ninja json-c libnet
|
||||||
--enable-debug enable debug info (add "-g -DDEBUG" to CFLAGS)
|
|
||||||
--enable-asan enable AddressSanitizer and other checks
|
|
||||||
add "-fsanitize=address,undefined,leak -Wformat -Werror=format-security
|
|
||||||
-Werror=array-bounds" to CFLAGS
|
|
||||||
use libasan with GCC and embedded ASAN with Clang
|
|
||||||
```
|
```
|
||||||
|
|
||||||
Configuration examples:
|
On FreeBSD (as root):
|
||||||
|
```
|
||||||
|
pkg install git cmake ninja json-c libnet
|
||||||
```
|
```
|
||||||
- Use GCC with libasan, debug info and custom CFLAGS:
|
|
||||||
./configure CC=/usr/bin/gcc --enable-asan --enable-debug CFLAGS="-Wall"
|
|
||||||
|
|
||||||
- Use Clang with ASAN and no optimizations (-O0)
|
On MacOS (as root):
|
||||||
./configure CC=/usr/bin/clang --enable-asan --disable-optimization
|
```
|
||||||
|
brew install cmake ninja openssl@3 libpcap libnet json-c
|
||||||
|
```
|
||||||
|
|
||||||
|
Compile & install:
|
||||||
|
```
|
||||||
|
git clone https://github.com/adulau/ssldump.git
|
||||||
|
cd ssldump
|
||||||
|
cmake -G Ninja -B build
|
||||||
|
ninja -C build
|
||||||
|
./build/ssldump -v
|
||||||
|
(optional, as root) ninja -C build install
|
||||||
```
|
```
|
||||||
|
|
||||||
# Notes
|
# Notes
|
||||||
|
|
|
@ -1,5 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
autoreconf -v -i
|
|
||||||
|
|
||||||
|
|
|
@ -51,7 +51,9 @@
|
||||||
|
|
||||||
#include <pcap.h>
|
#include <pcap.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
#ifndef __OpenBSD__
|
||||||
#include <pcap-bpf.h>
|
#include <pcap-bpf.h>
|
||||||
|
#endif
|
||||||
#ifndef _WIN32
|
#ifndef _WIN32
|
||||||
#include <sys/param.h>
|
#include <sys/param.h>
|
||||||
#endif
|
#endif
|
||||||
|
@ -118,7 +120,7 @@ int usage()
|
||||||
|
|
||||||
int print_version()
|
int print_version()
|
||||||
{
|
{
|
||||||
printf(PACKAGE_STRING "\n");
|
printf("Version: @ssldump_VERSION@ (@ssldump_DESCRIPTION@)\n");
|
||||||
printf("Maintained by a bunch of volunteers, see https://github.com/adulau/ssldump/blob/master/CREDITS\n");
|
printf("Maintained by a bunch of volunteers, see https://github.com/adulau/ssldump/blob/master/CREDITS\n");
|
||||||
printf("Copyright (C) 2015-2023 the aforementioned volunteers\n");
|
printf("Copyright (C) 2015-2023 the aforementioned volunteers\n");
|
||||||
printf("Copyright (C) 1998-2001 RTFM, Inc.\n");
|
printf("Copyright (C) 1998-2001 RTFM, Inc.\n");
|
49
cmake/modules/FindJSONC.cmake
Normal file
49
cmake/modules/FindJSONC.cmake
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
# From https://github.com/fastogt/cmake/blob/master/FindJSON-C.cmake
|
||||||
|
# Copyright (c) 2018, FastoGT
|
||||||
|
# License: BSD 3-Clause
|
||||||
|
# Modified by: Micah Snyder
|
||||||
|
|
||||||
|
# JSONC_FOUND - true if library and headers were found
|
||||||
|
# JSONC_INCLUDE_DIRS - include directories
|
||||||
|
# JSONC_LIBRARIES - library directories
|
||||||
|
|
||||||
|
if(JSONC_USE_STATIC)
|
||||||
|
add_library(jsonc STATIC IMPORTED GLOBAL)
|
||||||
|
else()
|
||||||
|
add_library(jsonc SHARED IMPORTED GLOBAL)
|
||||||
|
endif(JSONC_USE_STATIC)
|
||||||
|
|
||||||
|
find_package(PkgConfig QUIET)
|
||||||
|
PKG_CHECK_MODULES(PC_JSONC QUIET json-c)
|
||||||
|
|
||||||
|
find_path(JSONC_INCLUDE_DIR json.h
|
||||||
|
HINTS ${PC_JSONC_INCLUDEDIR} ${PC_JSONC_INCLUDE_DIRS} PATH_SUFFIXES json-c json)
|
||||||
|
|
||||||
|
if(JSONC_USE_STATIC)
|
||||||
|
find_library(JSONC_LIBRARY NAMES libjson-c.a libjson-c-static.a
|
||||||
|
HINTS ${PC_JSONC_LIBDIR} ${PC_JSONC_LIBRARY_DIRS})
|
||||||
|
else()
|
||||||
|
find_library(JSONC_LIBRARY NAMES json-c libjson-c
|
||||||
|
HINTS ${PC_JSONC_LIBDIR} ${PC_JSONC_LIBRARY_DIRS})
|
||||||
|
endif(JSONC_USE_STATIC)
|
||||||
|
|
||||||
|
set(JSONC_LIBRARIES ${JSONC_LIBRARY})
|
||||||
|
set(JSONC_INCLUDE_DIRS ${JSONC_INCLUDE_DIR})
|
||||||
|
|
||||||
|
include(FindPackageHandleStandardArgs)
|
||||||
|
find_package_handle_standard_args(JSONC DEFAULT_MSG JSONC_LIBRARIES JSONC_INCLUDE_DIRS)
|
||||||
|
|
||||||
|
if(JSONC_FOUND AND NOT TARGET JSONC::jsonc)
|
||||||
|
add_library(JSONC::jsonc UNKNOWN IMPORTED)
|
||||||
|
set_target_properties(JSONC::jsonc PROPERTIES
|
||||||
|
IMPORTED_LOCATION "${JSONC_LIBRARY}"
|
||||||
|
INTERFACE_COMPILE_OPTIONS "${PC_JSONC_CFLAGS_OTHER}"
|
||||||
|
INTERFACE_INCLUDE_DIRECTORIES "${JSONC_INCLUDE_DIRS}"
|
||||||
|
)
|
||||||
|
endif()
|
||||||
|
|
||||||
|
mark_as_advanced(
|
||||||
|
JSONC_INCLUDE_DIR
|
||||||
|
JSONC_LIBRARY
|
||||||
|
)
|
||||||
|
|
111
cmake/modules/FindLIBNET.cmake
Normal file
111
cmake/modules/FindLIBNET.cmake
Normal file
|
@ -0,0 +1,111 @@
|
||||||
|
# Copyright 2013 Ettercap Development Team.
|
||||||
|
#
|
||||||
|
# Distributed under GPL license.
|
||||||
|
#
|
||||||
|
|
||||||
|
# Look for the header file
|
||||||
|
find_path(LIBNET_INCLUDE_DIR
|
||||||
|
NAMES libnet.h
|
||||||
|
PATH_SUFFIXES libnet11 libnet-1.1)
|
||||||
|
mark_as_advanced(LIBNET_INCLUDE_DIR)
|
||||||
|
|
||||||
|
#Look for the library
|
||||||
|
find_library(LIBNET_LIBRARY
|
||||||
|
NAMES net libnet
|
||||||
|
PATH_SUFFIXES libnet11 libnet-1.1)
|
||||||
|
mark_as_advanced(LIBNET_LIBRARY)
|
||||||
|
|
||||||
|
# Make sure we've got an include dir.
|
||||||
|
if(NOT LIBNET_INCLUDE_DIR)
|
||||||
|
if(LIBNET_FIND_REQUIRED AND NOT LIBNET_FIND_QUIETLY)
|
||||||
|
message(FATAL_ERROR "Could not find LIBNET include directory.")
|
||||||
|
endif()
|
||||||
|
return()
|
||||||
|
endif()
|
||||||
|
|
||||||
|
if(NOT LIBNET_LIBRARY)
|
||||||
|
if(LIBNET_FIND_REQUIRED AND NOT LIBNET_FIND_QUIETLY)
|
||||||
|
message(FATAL_ERROR "Could not find LIBNET library.")
|
||||||
|
endif()
|
||||||
|
return()
|
||||||
|
endif()
|
||||||
|
|
||||||
|
#=============================================================
|
||||||
|
# _LIBNET_GET_VERSION
|
||||||
|
# Internal function to parse the version number in libnet.h
|
||||||
|
# _OUT_version = The full version number
|
||||||
|
# _OUT_version_major = The major version number only
|
||||||
|
# _OUT_version_minor = The minor version number only
|
||||||
|
# _libnet_hdr = Header file to parse
|
||||||
|
#=============================================================
|
||||||
|
function(_LIBNET_GET_VERSION _OUT_version _OUT_version_major _OUT_version_minor _libnet_hdr)
|
||||||
|
file(READ ${_libnet_hdr} _contents)
|
||||||
|
if(_contents)
|
||||||
|
string(REGEX REPLACE ".*#define LIBNET_VERSION[ \t]+\"([0-9.a-zA-Z-]+)\".*" "\\1" ${_OUT_version} "${_contents}")
|
||||||
|
|
||||||
|
if(NOT ${_OUT_version} MATCHES "[0-9.a-zA-Z-]+")
|
||||||
|
message(FATAL_ERROR "Version parsing failed for LIBNET_VERSION!")
|
||||||
|
endif()
|
||||||
|
|
||||||
|
set(${_OUT_version} ${${_OUT_version}} PARENT_SCOPE)
|
||||||
|
|
||||||
|
string(REGEX REPLACE "^([0-9]+)\\.[0-9]+.*" "\\1" ${_OUT_version_major} "${${_OUT_version}}")
|
||||||
|
string(REGEX REPLACE "^[0-9]+\\.([0-9]+).*" "\\1" ${_OUT_version_minor} "${${_OUT_version}}")
|
||||||
|
|
||||||
|
if(NOT ${_OUT_version_major} MATCHES "[0-9]+" OR NOT ${_OUT_version_minor} MATCHES "[0-9]+")
|
||||||
|
message(FATAL_ERROR "Version parsing failed for detailed LIBNET_VERSION!:
|
||||||
|
'${_OUT_version}' '${_OUT_version_major}' '${_OUT_version_minor}'")
|
||||||
|
endif()
|
||||||
|
|
||||||
|
set(${_OUT_version_major} ${${_OUT_version_major}} PARENT_SCOPE)
|
||||||
|
set(${_OUT_version_minor} ${${_OUT_version_minor}} PARENT_SCOPE)
|
||||||
|
|
||||||
|
else()
|
||||||
|
message(FATAL_ERROR "Include file ${_libnet_hdr} does not exist")
|
||||||
|
endif()
|
||||||
|
endfunction()
|
||||||
|
|
||||||
|
if(LIBNET_FIND_VERSION)
|
||||||
|
set(LIBNET_FAILED_VERSION_CHECK true)
|
||||||
|
_libnet_get_version(LIBNET_VERSION LIBNET_VERSION_MAJOR LIBNET_VERSION_MINOR ${LIBNET_INCLUDE_DIR}/libnet.h)
|
||||||
|
|
||||||
|
if(LIBNET_FIND_VERSION_EXACT)
|
||||||
|
if(LIBNET_VERSION VERSION_EQUAL LIBNET_FIND_VERSION)
|
||||||
|
set(LIBNET_FAILED_VERSION_CHECK false)
|
||||||
|
endif()
|
||||||
|
else()
|
||||||
|
if(LIBNET_VERSION VERSION_EQUAL LIBNET_FIND_VERSION OR
|
||||||
|
LIBNET_VERSION VERSION_GREATER LIBNET_FIND_VERSION)
|
||||||
|
set(LIBNET_FAILED_VERSION_CHECK false)
|
||||||
|
endif()
|
||||||
|
endif()
|
||||||
|
|
||||||
|
if(LIBNET_FAILED_VERSION_CHECK)
|
||||||
|
if(LIBNET_FIND_REQUIRED AND NOT LIBNET_FIND_QUIETLY)
|
||||||
|
if(LIBNET_FIND_VERSION_EXACT)
|
||||||
|
message(FATAL_ERROR "LIBNET version check failed.
|
||||||
|
Version ${LIBNET_VERSION} was found, version ${LIBNET_FIND_VERSION} is needed exactly.")
|
||||||
|
else()
|
||||||
|
message(FATAL_ERROR "LIBNET version check failed.
|
||||||
|
Version ${LIBNET_VERSION} was found, at least version ${LIBNET_FIND_VERSION} is required")
|
||||||
|
endif()
|
||||||
|
endif()
|
||||||
|
|
||||||
|
# If the version check fails, exit out of the module here
|
||||||
|
return()
|
||||||
|
endif()
|
||||||
|
|
||||||
|
endif()
|
||||||
|
|
||||||
|
#handle the QUIETLY and REQUIRED arguments and set LIBNET_FOUND to TRUE if
|
||||||
|
# all listed variables are TRUE
|
||||||
|
include(FindPackageHandleStandardArgs)
|
||||||
|
find_package_handle_standard_args(LIBNET DEFAULT_MSG LIBNET_LIBRARY LIBNET_INCLUDE_DIR)
|
||||||
|
|
||||||
|
if(LIBNET_FOUND)
|
||||||
|
set(LIBNET_LIBRARY ${LIBNET_LIBRARY})
|
||||||
|
set(LIBNET_INCLUDE_DIR ${LIBNET_INCLUDE_DIR})
|
||||||
|
set(LIBNET_VERSION ${LIBNET_VERSION})
|
||||||
|
set(LIBNET_VERSION_MAJOR ${LIBNET_VERSION_MAJOR})
|
||||||
|
set(LIBNET_VERSION_MINOR ${LIBNET_VERSION_MINOR})
|
||||||
|
endif()
|
86
cmake/modules/FindPCAP.cmake
Normal file
86
cmake/modules/FindPCAP.cmake
Normal file
|
@ -0,0 +1,86 @@
|
||||||
|
# - Try to find libpcap include dirs and libraries
|
||||||
|
#
|
||||||
|
# Usage of this module as follows:
|
||||||
|
#
|
||||||
|
# find_package(PCAP)
|
||||||
|
#
|
||||||
|
# Variables used by this module, they can change the default behaviour and need
|
||||||
|
# to be set before calling find_package:
|
||||||
|
#
|
||||||
|
# PCAP_ROOT_DIR Set this variable to the root installation of
|
||||||
|
# libpcap if the module has problems finding the
|
||||||
|
# proper installation path.
|
||||||
|
#
|
||||||
|
# Variables defined by this module:
|
||||||
|
#
|
||||||
|
# PCAP_FOUND System has libpcap, include and library dirs found
|
||||||
|
# PCAP_INCLUDE_DIR The libpcap include directories.
|
||||||
|
# PCAP_LIBRARY The libpcap library (possibly includes a thread
|
||||||
|
# library e.g. required by pf_ring's libpcap)
|
||||||
|
# HAVE_PF_RING If a found version of libpcap supports PF_RING
|
||||||
|
|
||||||
|
find_path(PCAP_ROOT_DIR
|
||||||
|
NAMES include/pcap.h Include/pcap.h
|
||||||
|
)
|
||||||
|
|
||||||
|
find_path(PCAP_INCLUDE_DIR
|
||||||
|
NAMES pcap.h
|
||||||
|
HINTS ${PCAP_ROOT_DIR}/include
|
||||||
|
)
|
||||||
|
|
||||||
|
if ( MSVC AND COMPILER_ARCHITECTURE STREQUAL "x86_64" )
|
||||||
|
set(_pcap_lib_hint_path ${PCAP_ROOT_DIR}/lib/x64)
|
||||||
|
else()
|
||||||
|
set(_pcap_lib_hint_path ${PCAP_ROOT_DIR}/lib)
|
||||||
|
endif()
|
||||||
|
|
||||||
|
find_library(PCAP_LIBRARY
|
||||||
|
NAMES pcap wpcap
|
||||||
|
HINTS ${_pcap_lib_hint_path}
|
||||||
|
)
|
||||||
|
|
||||||
|
include(FindPackageHandleStandardArgs)
|
||||||
|
find_package_handle_standard_args(PCAP DEFAULT_MSG
|
||||||
|
PCAP_LIBRARY
|
||||||
|
PCAP_INCLUDE_DIR
|
||||||
|
)
|
||||||
|
|
||||||
|
include(CheckCSourceCompiles)
|
||||||
|
set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY})
|
||||||
|
check_c_source_compiles("int main() { return 0; }" PCAP_LINKS_SOLO)
|
||||||
|
set(CMAKE_REQUIRED_LIBRARIES)
|
||||||
|
|
||||||
|
# check if linking against libpcap also needs to link against a thread library
|
||||||
|
if (NOT PCAP_LINKS_SOLO)
|
||||||
|
find_package(Threads)
|
||||||
|
if (THREADS_FOUND)
|
||||||
|
set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY} ${CMAKE_THREAD_LIBS_INIT})
|
||||||
|
check_c_source_compiles("int main() { return 0; }" PCAP_NEEDS_THREADS)
|
||||||
|
set(CMAKE_REQUIRED_LIBRARIES)
|
||||||
|
endif ()
|
||||||
|
if (THREADS_FOUND AND PCAP_NEEDS_THREADS)
|
||||||
|
set(_tmp ${PCAP_LIBRARY} ${CMAKE_THREAD_LIBS_INIT})
|
||||||
|
list(REMOVE_DUPLICATES _tmp)
|
||||||
|
set(PCAP_LIBRARY ${_tmp}
|
||||||
|
CACHE STRING "Libraries needed to link against libpcap" FORCE)
|
||||||
|
else ()
|
||||||
|
message(FATAL_ERROR "Couldn't determine how to link against libpcap")
|
||||||
|
endif ()
|
||||||
|
endif ()
|
||||||
|
|
||||||
|
string(FIND "${PCAP_LIBRARY}" "wpcap" _pcap_lib_is_wpcap)
|
||||||
|
if ( _pcap_lib_is_wpcap GREATER_EQUAL 0 )
|
||||||
|
set(HAVE_WPCAP TRUE)
|
||||||
|
endif()
|
||||||
|
|
||||||
|
include(CheckFunctionExists)
|
||||||
|
set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY})
|
||||||
|
check_function_exists(pcap_get_pfring_id HAVE_PF_RING)
|
||||||
|
check_function_exists(pcap_dump_open_append HAVE_PCAP_DUMP_OPEN_APPEND)
|
||||||
|
set(CMAKE_REQUIRED_LIBRARIES)
|
||||||
|
|
||||||
|
mark_as_advanced(
|
||||||
|
PCAP_ROOT_DIR
|
||||||
|
PCAP_INCLUDE_DIR
|
||||||
|
PCAP_LIBRARY
|
||||||
|
)
|
|
@ -1 +0,0 @@
|
||||||
SUBDIRS = lib
|
|
182
configure.ac
182
configure.ac
|
@ -1,182 +0,0 @@
|
||||||
# -*- Autoconf -*-
|
|
||||||
# Process this file with autoconf to produce a configure script.
|
|
||||||
|
|
||||||
AC_PREREQ([2.69])
|
|
||||||
AC_INIT([ssldump], [1.4])
|
|
||||||
AM_INIT_AUTOMAKE([subdir-objects])
|
|
||||||
AC_CONFIG_SRCDIR([base/pcap-snoop.c])
|
|
||||||
AC_CONFIG_HEADERS([config.h])
|
|
||||||
|
|
||||||
AC_CANONICAL_HOST
|
|
||||||
|
|
||||||
# Checks for programs.
|
|
||||||
: ${CFLAGS=""}
|
|
||||||
AC_PROG_CC([gcc clang])
|
|
||||||
AM_PROG_CC_C_O
|
|
||||||
AC_PROG_MAKE_SET
|
|
||||||
AC_PROG_INSTALL
|
|
||||||
|
|
||||||
# Checks for header files.
|
|
||||||
AC_CHECK_HEADERS([arpa/inet.h memory.h netdb.h netinet/in.h stdlib.h string.h sys/param.h sys/socket.h sys/time.h unistd.h],,[AC_MSG_ERROR([Missing header.])])
|
|
||||||
AC_HEADER_STDC
|
|
||||||
AC_HEADER_TIME
|
|
||||||
|
|
||||||
# Checks for typedefs, structures, and compiler characteristics.
|
|
||||||
AC_CHECK_SIZEOF([unsigned short])
|
|
||||||
AC_CHECK_SIZEOF([unsigned int])
|
|
||||||
AC_CHECK_SIZEOF([unsigned long])
|
|
||||||
AC_CHECK_SIZEOF([unsigned long long])
|
|
||||||
|
|
||||||
# Checks for library functions.
|
|
||||||
AC_CHECK_FUNCS([malloc realloc gethostbyaddr gettimeofday inet_ntoa isascii memmove memset strchr strdup strstr strtol])
|
|
||||||
|
|
||||||
have_pcap=no
|
|
||||||
AC_SEARCH_LIBS([pcap_create], [pcap], [have_pcap=yes])
|
|
||||||
|
|
||||||
if test "x${have_pcap}" = xyes; then
|
|
||||||
AC_CHECK_HEADERS([pcap.h pcap-bpf.h], [], [have_pcap=no])
|
|
||||||
fi
|
|
||||||
|
|
||||||
if test "x${have_pcap}" = xno; then
|
|
||||||
AC_MSG_ERROR([
|
|
||||||
---------------------------------------
|
|
||||||
Unable to find libpcap on this system
|
|
||||||
Check 'config.log' for more information
|
|
||||||
|
|
||||||
On Debian and Ubuntu systems you can
|
|
||||||
install the required library and header
|
|
||||||
files with
|
|
||||||
apt install libpcap-dev
|
|
||||||
---------------------------------------
|
|
||||||
])
|
|
||||||
fi
|
|
||||||
|
|
||||||
have_ssl=no
|
|
||||||
AC_SEARCH_LIBS([OPENSSL_init_ssl], [ssl], [have_ssl=yes])
|
|
||||||
AC_SEARCH_LIBS(CRYPTO_new_ex_data, [crypto], [have_crypto=yes])
|
|
||||||
|
|
||||||
if test "x${have_ssl}" = xyes; then
|
|
||||||
AC_CHECK_HEADERS([openssl/ssl.h], [], [have_ssl=no])
|
|
||||||
fi
|
|
||||||
|
|
||||||
if test "x${have_ssl}" = xno; then
|
|
||||||
AC_MSG_ERROR([
|
|
||||||
---------------------------------------
|
|
||||||
Unable to find libssl on this system
|
|
||||||
Check 'config.log' for more information
|
|
||||||
|
|
||||||
On Debian and Ubuntu systems you can
|
|
||||||
install the required library and header
|
|
||||||
files with
|
|
||||||
apt install libssl-dev
|
|
||||||
---------------------------------------
|
|
||||||
])
|
|
||||||
fi
|
|
||||||
|
|
||||||
have_libnet=no
|
|
||||||
AC_SEARCH_LIBS([libnet_init], [net], [have_libnet=yes])
|
|
||||||
|
|
||||||
if test "x${have_libnet}" = xyes; then
|
|
||||||
AC_CHECK_HEADERS([libnet.h], [], [have_libnet=no])
|
|
||||||
fi
|
|
||||||
|
|
||||||
if test "x${have_libnet}" = xno; then
|
|
||||||
AC_MSG_ERROR([
|
|
||||||
---------------------------------------
|
|
||||||
Unable to find libnet on this system
|
|
||||||
Check 'config.log' for more information
|
|
||||||
|
|
||||||
On Debian and Ubuntu systems you can
|
|
||||||
install the required library and header
|
|
||||||
files with
|
|
||||||
apt install libnet1-dev
|
|
||||||
---------------------------------------
|
|
||||||
])
|
|
||||||
fi
|
|
||||||
|
|
||||||
have_libjson_c=no
|
|
||||||
AC_SEARCH_LIBS([json_object_new_object], [json-c], [have_libjson_c=yes])
|
|
||||||
|
|
||||||
if test "x${have_libjson_c}" = xyes; then
|
|
||||||
AC_CHECK_HEADERS([json-c/json.h], [], [have_libjson_c=no])
|
|
||||||
fi
|
|
||||||
|
|
||||||
if test "x${have_libjson_c}" = xno; then
|
|
||||||
AC_MSG_ERROR([
|
|
||||||
---------------------------------------
|
|
||||||
Unable to find libjson-c on this system
|
|
||||||
Check 'config.log' for more information
|
|
||||||
|
|
||||||
On Debian and Ubuntu systems you can
|
|
||||||
install the required library and header
|
|
||||||
files with
|
|
||||||
apt install libjson-c-dev
|
|
||||||
---------------------------------------
|
|
||||||
])
|
|
||||||
fi
|
|
||||||
|
|
||||||
AC_ARG_ENABLE([optimization],
|
|
||||||
[ --disable-optimization disable compiler optimizations],
|
|
||||||
[optimization=${enableval}], [optimization=yes])
|
|
||||||
|
|
||||||
if test "x${optimization}" = xno; then
|
|
||||||
CFLAGS="$CFLAGS -O0"
|
|
||||||
else
|
|
||||||
CFLAGS="$CFLAGS -O2"
|
|
||||||
fi
|
|
||||||
|
|
||||||
AC_ARG_ENABLE([debug],
|
|
||||||
[ --enable-debug enable debug info],
|
|
||||||
[debug=${enableval}], [debug=no])
|
|
||||||
|
|
||||||
if test "x${debug}" = xyes; then
|
|
||||||
CFLAGS="$CFLAGS -g -DDEBUG"
|
|
||||||
fi
|
|
||||||
|
|
||||||
AC_ARG_ENABLE([asan],
|
|
||||||
[ --enable-asan enable AddressSanitizer and other checks],
|
|
||||||
[asan=${enableval}], [asan=no])
|
|
||||||
|
|
||||||
if test "x${asan}" = xyes; then
|
|
||||||
AS_CASE([$CC],
|
|
||||||
[*gcc*], [AC_CHECK_LIB(asan, _init)],
|
|
||||||
[*clang*], [have_clang=yes],
|
|
||||||
[have_clang=no])
|
|
||||||
|
|
||||||
if (test "x${ac_cv_lib_asan__init}" = xyes || test "x$have_clang" = xyes); then
|
|
||||||
CFLAGS="$CFLAGS \
|
|
||||||
-fsanitize=address,undefined,leak \
|
|
||||||
-Wformat \
|
|
||||||
-Werror=format-security \
|
|
||||||
-Werror=array-bounds"
|
|
||||||
else
|
|
||||||
AC_MSG_WARN("AddressSanitizer not supported")
|
|
||||||
asan=no
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
AC_CONFIG_FILES([Makefile
|
|
||||||
common/Makefile
|
|
||||||
common/lib/Makefile
|
|
||||||
null/Makefile
|
|
||||||
ssl/Makefile
|
|
||||||
pcap/Makefile
|
|
||||||
base/Makefile])
|
|
||||||
|
|
||||||
AC_OUTPUT
|
|
||||||
|
|
||||||
echo
|
|
||||||
echo "################################################"
|
|
||||||
echo "SSLDump build setup"
|
|
||||||
echo " Host system: $host_os"
|
|
||||||
echo " Host architecture: $host_cpu"
|
|
||||||
echo " Compiler: $CC"
|
|
||||||
echo " Installation prefix: $prefix"
|
|
||||||
echo " CFLAGS: $CFLAGS"
|
|
||||||
echo " LDFLAGS: $LDFLAGS"
|
|
||||||
echo " LIBS: $LIBS"
|
|
||||||
echo " Optimizations enabled: $optimization"
|
|
||||||
echo " Debug info enabled: $debug"
|
|
||||||
echo " ASAN enabled: $asan"
|
|
||||||
echo "################################################"
|
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
|
|
||||||
#include <pcap.h>
|
#include <pcap.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
#ifndef __OpenBSD__
|
||||||
#include <pcap-bpf.h>
|
#include <pcap-bpf.h>
|
||||||
|
#endif
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
#include <json-c/json.h>
|
#include <json.h>
|
||||||
#include <openssl/md5.h>
|
#include <openssl/md5.h>
|
||||||
#include "network.h"
|
#include "network.h"
|
||||||
#include "ssl_h.h"
|
#include "ssl_h.h"
|
||||||
|
|
|
@ -44,7 +44,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
#include <json-c/json.h>
|
#include <json.h>
|
||||||
#include <arpa/inet.h>
|
#include <arpa/inet.h>
|
||||||
#include <netdb.h>
|
#include <netdb.h>
|
||||||
#include "network.h"
|
#include "network.h"
|
||||||
|
|
|
@ -44,7 +44,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
#include <json-c/json.h>
|
#include <json.h>
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
#include <stdarg.h>
|
#include <stdarg.h>
|
||||||
#include "network.h"
|
#include "network.h"
|
||||||
|
|
|
@ -44,7 +44,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
#include <json-c/json.h>
|
#include <json.h>
|
||||||
#include "network.h"
|
#include "network.h"
|
||||||
#include "ssl_h.h"
|
#include "ssl_h.h"
|
||||||
#include "sslprint.h"
|
#include "sslprint.h"
|
||||||
|
|
|
@ -61,7 +61,7 @@ ssldump \- dump SSL traffic on a network
|
||||||
.na
|
.na
|
||||||
.B ssldump
|
.B ssldump
|
||||||
[
|
[
|
||||||
.B \-aAdeFHjnNPqtTvxXy
|
.B \-aAdeFHjnNPqtTvxXyz
|
||||||
] [
|
] [
|
||||||
.B \-i
|
.B \-i
|
||||||
.I interface
|
.I interface
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
9th April 2023 - version 1.7
|
9th April 2023 - version 1.7
|
||||||
|
|
||||||
```
|
```
|
||||||
.na ssldump [ -aAdeFHjnNPqtTvxXy ] [ -i interface ]
|
.na ssldump [ -aAdeFHjnNPqtTvxXyz ] [ -i interface ]
|
||||||
.ti +8 [ -k keyfile ] [ -l sslkeylogfile ] [ -p password ] [ -r dumpfile ] [ -w outputpcap ]
|
.ti +8 [ -k keyfile ] [ -l sslkeylogfile ] [ -p password ] [ -r dumpfile ] [ -w outputpcap ]
|
||||||
.ti +8 [ -S [ crypto | d | ht | H | nroff ] ] [ expression ]
|
.ti +8 [ -S [ crypto | d | ht | H | nroff ] ] [ expression ]
|
||||||
|
|
||||||
|
@ -138,6 +138,8 @@ _/dev/bpf*_.
|
||||||
* **-y**
|
* **-y**
|
||||||
Decorate the output for processing with nroff/troff. Not very
|
Decorate the output for processing with nroff/troff. Not very
|
||||||
useful for the average user.
|
useful for the average user.
|
||||||
|
* **-z**
|
||||||
|
Add timestamp in front of TCP packet description (-T)
|
||||||
* _expression_
|
* _expression_
|
||||||
Selects what packets _ssldump_ will examine. Technically speaking,
|
Selects what packets _ssldump_ will examine. Technically speaking,
|
||||||
_ssldump_ supports the full expression syntax from PCAP and tcpdump.
|
_ssldump_ supports the full expression syntax from PCAP and tcpdump.
|
||||||
|
|
Loading…
Reference in a new issue