Merge pull request #82 from wllm-rbnt/cmake

cmake
This commit is contained in:
Alexandre Dulaunoy 2023-08-13 11:54:03 +02:00 committed by GitHub
commit 00f968e1ea
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
24 changed files with 409 additions and 273 deletions

View file

@ -25,27 +25,22 @@ jobs:
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Install macOS autogen prerequisites
run: brew install autoconf automake
if: ${{ runner.os == 'macOS' }}
- name: ./autogen.sh
run: ./autogen.sh
- name: Compiler version - name: Compiler version
run: $CC -v run: $CC -v
env: env:
CC: ${{ matrix.compiler }} CC: ${{ matrix.compiler }}
- name: Install Linux dependencies - name: Install Linux dependencies
run: sudo apt install autoconf libssl-dev libpcap-dev libnet1-dev libjson-c-dev run: sudo apt install cmake ninja-build libssl-dev libpcap-dev libnet1-dev libjson-c-dev
if: ${{ runner.os == 'Linux' }} if: ${{ runner.os == 'Linux' }}
- name: Install macOS dependencies - name: Install macOS dependencies
run: | run: |
brew install openssl@3 libpcap libnet json-c brew install cmake ninja openssl@3 libpcap libnet json-c
echo "LDFLAGS=-L$(brew --prefix openssl@3)/lib" >> $GITHUB_ENV echo "LDFLAGS=-L$(brew --prefix openssl@3)/lib" >> $GITHUB_ENV
echo "CPPFLAGS=-I$(brew --prefix openssl@3)/include" >> $GITHUB_ENV echo "CPPFLAGS=-I$(brew --prefix openssl@3)/include" >> $GITHUB_ENV
if: ${{ runner.os == 'macOS' }} if: ${{ runner.os == 'macOS' }}
- name: ./configure - name: cmake -B ${{github.workspace}}/build -G Ninja
run: ./configure run: cmake -B ${{github.workspace}}/build -G Ninja
env: env:
CC: ${{ matrix.compiler }} CC: ${{ matrix.compiler }}
- name: make - name: ninja -C ${{github.workspace}}/build
run: make run: ninja -C ${{github.workspace}}/build

View file

@ -31,10 +31,9 @@ jobs:
languages: ${{ matrix.language }} languages: ${{ matrix.language }}
- name: Build Application using script - name: Build Application using script
run: | run: |
./autogen.sh sudo apt install cmake ninja-build libssl-dev libpcap-dev libnet1-dev libjson-c-dev
sudo apt install autoconf libssl-dev libpcap-dev libnet1-dev libjson-c-dev cmake -B ${{github.workspace}}/build -G Ninja
./configure ninja -C ${{github.workspace}}/build
make
- name: Perform CodeQL Analysis - name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2 uses: github/codeql-action/analyze@v2
with: with:

117
CMakeLists.txt Normal file
View file

@ -0,0 +1,117 @@
cmake_minimum_required(VERSION 3.16.3)
include(CheckSymbolExists)
project(
ssldump
VERSION 1.8
DESCRIPTION 20230811
LANGUAGES C
)
configure_file(base/pcap-snoop.c.in base/pcap-snoop.c)
set(SOURCES
${CMAKE_BINARY_DIR}/base/pcap-snoop.c
base/network.c
base/proto_mod.c
base/tcppack.c
base/tcpconn.c
null/null_analyze.c
common/lib/r_data.c
common/lib/r_assoc.c
common/lib/r_errors.c
common/lib/debug.c
ssl/ssl_analyze.c
ssl/ssldecode.c
ssl/sslprint.c
ssl/ssl.enums.c
ssl/sslxprint.c
ssl/ciphersuites.c
ssl/ssl_rec.c
pcap/logpkt.c
pcap/pcap_logger.c
pcap/sys.c
)
set(CMAKE_MODULE_PATH "${PROJECT_SOURCE_DIR}/cmake/modules/" ${CMAKE_MODULE_PATH})
find_package(OpenSSL)
if(NOT OPENSSL_FOUND)
message( FATAL_ERROR
"Unable to find OpenSSL development files on this system
On Debian and Ubuntu systems you can install the required library and header files with
apt install libssl-dev
On Fedora systems, with
dnf install openssl-devel" )
endif()
#dnf install openssl-devel libpcap-devel libnet-devel json-c-devel
find_package(PCAP)
if(NOT PCAP_FOUND)
message( FATAL_ERROR
"Unable to find libpcap development files on this system
On Debian and Ubuntu systems you can install the required library and header files with
apt install libpcap-dev
On Fedora systems, with
dnf install libpcap-devel" )
endif()
find_package(LIBNET)
if(NOT LIBNET_FOUND)
message( FATAL_ERROR
"Unable to find libnet development files on this system
On Debian and Ubuntu systems you can install the required library and header files with
apt install libnet1-dev
On Fedora systems, with
dnf install libnet-devel" )
endif()
find_package(JSONC)
if(NOT JSONC_FOUND)
message( FATAL_ERROR
"Unable to find libjson-c development files on this system
On Debian and Ubuntu systems you can install the required library and header files with
apt install libjson-c-dev
On Fedora systems, with
dnf install json-c-devel" )
endif()
add_executable(${PROJECT_NAME} ${SOURCES})
check_symbol_exists(strdup "string.h" HAVE_STRDUP)
if(HAVE_STRDUP)
add_definitions(-DHAVE_STRDUP)
endif()
add_definitions(-DLINUX)
add_definitions(-DOPENSSL)
add_definitions(-D_DEFAULT_SOURCE=1)
target_include_directories(ssldump
PRIVATE
${PROJECT_SOURCE_DIR}/common/include
${PROJECT_SOURCE_DIR}/common/lib
${PROJECT_SOURCE_DIR}/null
${PROJECT_SOURCE_DIR}/ssl
${PROJECT_SOURCE_DIR}/base
${PROJECT_SOURCE_DIR}/pcap
${OPENSSL_INCLUDE_DIR}
${PCAP_INCLUDE_DIR}
${LIBNET_INCLUDE_DIR}
${JSONC_INCLUDE_DIR}
)
target_link_libraries(ssldump
PRIVATE
${OPENSSL_LIBRARIES}
${PCAP_LIBRARY}
${LIBNET_LIBRARY}
${JSONC_LIBRARIES}
)
set(CMAKE_INSTALL_PREFIX "/usr/local")
install(TARGETS ssldump DESTINATION ${CMAKE_INSTALL_PREFIX}/bin)
set(CMAKE_INSTALL_MANDIR "/usr/local/share/man")
install(FILES ssldump.1 DESTINATION ${CMAKE_INSTALL_MANDIR}/man1)

View file

@ -1,37 +0,0 @@
sbin_PROGRAMS = ssldump
man_MANS = ssldump.1
ssldump_SOURCES = \
base/pcap-snoop.c\
base/network.c\
base/proto_mod.c\
base/tcppack.c\
base/tcpconn.c\
null/null_analyze.c\
common/lib/r_data.c\
common/lib/r_assoc.c\
common/lib/r_errors.c\
common/lib/debug.c\
ssl/ssl_analyze.c\
ssl/ssldecode.c\
ssl/sslprint.c\
ssl/ssl.enums.c\
ssl/sslxprint.c\
ssl/ciphersuites.c\
ssl/ssl_rec.c\
pcap/logpkt.c\
pcap/pcap_logger.c\
pcap/sys.c
ssldump_CPPFLAGS = \
-I$(top_srcdir)\
-I$(top_srcdir)/common/include\
-I$(top_srcdir)/common/lib\
-I$(top_srcdir)/null\
-I$(top_srcdir)/ssl\
-I$(top_srcdir)/base\
-I$(top_srcdir)/pcap\
-D_DEFAULT_SOURCE=1\
-DLINUX\
-DOPENSSL

View file

@ -21,7 +21,7 @@ includes a JSON output option, supports [JA3](https://github.com/salesforce/ja3)
# How to do I run ssldump? # How to do I run ssldump?
`./ssldump -j -ANH -n -i any | jq` will run ssldump on all interfaces and output the result in JSON format including ja3 hashes. `./ssldump -j -ANH -n -i any | jq` will run ssldump on all interfaces and output the result in JSON format including ja3 hashes.
For more details, check the man page. For more details, check the man page.
@ -29,7 +29,7 @@ For more details, check the man page.
This example will query ja3er.com service to display the known ja3 hashes from the TLS handshaked in the pcap. This example will query ja3er.com service to display the known ja3 hashes from the TLS handshaked in the pcap.
`ssldump -r yourcapture.pcap -j | jq -r 'select(.ja3_fp != null) | .ja3_fp' | parallel 'curl -s -X GET 'https://ja3er.com/search/{}' | jq .'` `ssldump -r yourcapture.pcap -j | jq -r 'select(.ja3_fp != null) | .ja3_fp' | parallel 'curl -s -X GET 'https://ja3er.com/search/{}' | jq .'`
# Why do you maintain this repository? # Why do you maintain this repository?
@ -53,41 +53,39 @@ other too (but this is just a collateral damage).
# Build instructions # Build instructions
On Debian & Ubuntu: Install dependencies on Debian & Ubuntu (as root):
``` ```
apt install build-essential autoconf libssl-dev libpcap-dev libnet1-dev libjson-c-dev apt install build-essential git cmake ninja-build libssl-dev libpcap-dev libnet1-dev libjson-c-dev
./autogen.sh
./configure --prefix=/usr/local
make
(optional) make install
``` ```
On Fedora, CentOS, RHEL & Rocky: On Fedora, CentOS, RHEL & Rocky (as root):
``` ```
dnf install autoconf automake gcc make openssl-devel libpcap-devel libnet-devel json-c-devel dnf install git cmake ninja-build gcc openssl-devel libpcap-devel libnet-devel json-c-devel
./autogen.sh
./configure --prefix=/usr/local
make
(optional) make install
``` ```
Optional configuration features (aka ./configure options): On OpenBSD (as root):
``` ```
--disable-optimization disable compiler optimizations (change from -O2 to -O0) pkg_add git cmake ninja json-c libnet
--enable-debug enable debug info (add "-g -DDEBUG" to CFLAGS)
--enable-asan enable AddressSanitizer and other checks
add "-fsanitize=address,undefined,leak -Wformat -Werror=format-security
-Werror=array-bounds" to CFLAGS
use libasan with GCC and embedded ASAN with Clang
``` ```
Configuration examples: On FreeBSD (as root):
```
pkg install git cmake ninja json-c libnet
``` ```
- Use GCC with libasan, debug info and custom CFLAGS:
./configure CC=/usr/bin/gcc --enable-asan --enable-debug CFLAGS="-Wall"
- Use Clang with ASAN and no optimizations (-O0) On MacOS (as root):
./configure CC=/usr/bin/clang --enable-asan --disable-optimization ```
brew install cmake ninja openssl@3 libpcap libnet json-c
```
Compile & install:
```
git clone https://github.com/adulau/ssldump.git
cd ssldump
cmake -G Ninja -B build
ninja -C build
./build/ssldump -v
(optional, as root) ninja -C build install
``` ```
# Notes # Notes

View file

@ -1,5 +0,0 @@
#!/bin/sh
autoreconf -v -i

View file

View file

@ -51,7 +51,9 @@
#include <pcap.h> #include <pcap.h>
#include <unistd.h> #include <unistd.h>
#ifndef __OpenBSD__
#include <pcap-bpf.h> #include <pcap-bpf.h>
#endif
#ifndef _WIN32 #ifndef _WIN32
#include <sys/param.h> #include <sys/param.h>
#endif #endif
@ -118,7 +120,7 @@ int usage()
int print_version() int print_version()
{ {
printf(PACKAGE_STRING "\n"); printf("Version: @ssldump_VERSION@ (@ssldump_DESCRIPTION@)\n");
printf("Maintained by a bunch of volunteers, see https://github.com/adulau/ssldump/blob/master/CREDITS\n"); printf("Maintained by a bunch of volunteers, see https://github.com/adulau/ssldump/blob/master/CREDITS\n");
printf("Copyright (C) 2015-2023 the aforementioned volunteers\n"); printf("Copyright (C) 2015-2023 the aforementioned volunteers\n");
printf("Copyright (C) 1998-2001 RTFM, Inc.\n"); printf("Copyright (C) 1998-2001 RTFM, Inc.\n");

View file

@ -0,0 +1,49 @@
# From https://github.com/fastogt/cmake/blob/master/FindJSON-C.cmake
# Copyright (c) 2018, FastoGT
# License: BSD 3-Clause
# Modified by: Micah Snyder
# JSONC_FOUND - true if library and headers were found
# JSONC_INCLUDE_DIRS - include directories
# JSONC_LIBRARIES - library directories
if(JSONC_USE_STATIC)
add_library(jsonc STATIC IMPORTED GLOBAL)
else()
add_library(jsonc SHARED IMPORTED GLOBAL)
endif(JSONC_USE_STATIC)
find_package(PkgConfig QUIET)
PKG_CHECK_MODULES(PC_JSONC QUIET json-c)
find_path(JSONC_INCLUDE_DIR json.h
HINTS ${PC_JSONC_INCLUDEDIR} ${PC_JSONC_INCLUDE_DIRS} PATH_SUFFIXES json-c json)
if(JSONC_USE_STATIC)
find_library(JSONC_LIBRARY NAMES libjson-c.a libjson-c-static.a
HINTS ${PC_JSONC_LIBDIR} ${PC_JSONC_LIBRARY_DIRS})
else()
find_library(JSONC_LIBRARY NAMES json-c libjson-c
HINTS ${PC_JSONC_LIBDIR} ${PC_JSONC_LIBRARY_DIRS})
endif(JSONC_USE_STATIC)
set(JSONC_LIBRARIES ${JSONC_LIBRARY})
set(JSONC_INCLUDE_DIRS ${JSONC_INCLUDE_DIR})
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(JSONC DEFAULT_MSG JSONC_LIBRARIES JSONC_INCLUDE_DIRS)
if(JSONC_FOUND AND NOT TARGET JSONC::jsonc)
add_library(JSONC::jsonc UNKNOWN IMPORTED)
set_target_properties(JSONC::jsonc PROPERTIES
IMPORTED_LOCATION "${JSONC_LIBRARY}"
INTERFACE_COMPILE_OPTIONS "${PC_JSONC_CFLAGS_OTHER}"
INTERFACE_INCLUDE_DIRECTORIES "${JSONC_INCLUDE_DIRS}"
)
endif()
mark_as_advanced(
JSONC_INCLUDE_DIR
JSONC_LIBRARY
)

View file

@ -0,0 +1,111 @@
# Copyright 2013 Ettercap Development Team.
#
# Distributed under GPL license.
#
# Look for the header file
find_path(LIBNET_INCLUDE_DIR
NAMES libnet.h
PATH_SUFFIXES libnet11 libnet-1.1)
mark_as_advanced(LIBNET_INCLUDE_DIR)
#Look for the library
find_library(LIBNET_LIBRARY
NAMES net libnet
PATH_SUFFIXES libnet11 libnet-1.1)
mark_as_advanced(LIBNET_LIBRARY)
# Make sure we've got an include dir.
if(NOT LIBNET_INCLUDE_DIR)
if(LIBNET_FIND_REQUIRED AND NOT LIBNET_FIND_QUIETLY)
message(FATAL_ERROR "Could not find LIBNET include directory.")
endif()
return()
endif()
if(NOT LIBNET_LIBRARY)
if(LIBNET_FIND_REQUIRED AND NOT LIBNET_FIND_QUIETLY)
message(FATAL_ERROR "Could not find LIBNET library.")
endif()
return()
endif()
#=============================================================
# _LIBNET_GET_VERSION
# Internal function to parse the version number in libnet.h
# _OUT_version = The full version number
# _OUT_version_major = The major version number only
# _OUT_version_minor = The minor version number only
# _libnet_hdr = Header file to parse
#=============================================================
function(_LIBNET_GET_VERSION _OUT_version _OUT_version_major _OUT_version_minor _libnet_hdr)
file(READ ${_libnet_hdr} _contents)
if(_contents)
string(REGEX REPLACE ".*#define LIBNET_VERSION[ \t]+\"([0-9.a-zA-Z-]+)\".*" "\\1" ${_OUT_version} "${_contents}")
if(NOT ${_OUT_version} MATCHES "[0-9.a-zA-Z-]+")
message(FATAL_ERROR "Version parsing failed for LIBNET_VERSION!")
endif()
set(${_OUT_version} ${${_OUT_version}} PARENT_SCOPE)
string(REGEX REPLACE "^([0-9]+)\\.[0-9]+.*" "\\1" ${_OUT_version_major} "${${_OUT_version}}")
string(REGEX REPLACE "^[0-9]+\\.([0-9]+).*" "\\1" ${_OUT_version_minor} "${${_OUT_version}}")
if(NOT ${_OUT_version_major} MATCHES "[0-9]+" OR NOT ${_OUT_version_minor} MATCHES "[0-9]+")
message(FATAL_ERROR "Version parsing failed for detailed LIBNET_VERSION!:
'${_OUT_version}' '${_OUT_version_major}' '${_OUT_version_minor}'")
endif()
set(${_OUT_version_major} ${${_OUT_version_major}} PARENT_SCOPE)
set(${_OUT_version_minor} ${${_OUT_version_minor}} PARENT_SCOPE)
else()
message(FATAL_ERROR "Include file ${_libnet_hdr} does not exist")
endif()
endfunction()
if(LIBNET_FIND_VERSION)
set(LIBNET_FAILED_VERSION_CHECK true)
_libnet_get_version(LIBNET_VERSION LIBNET_VERSION_MAJOR LIBNET_VERSION_MINOR ${LIBNET_INCLUDE_DIR}/libnet.h)
if(LIBNET_FIND_VERSION_EXACT)
if(LIBNET_VERSION VERSION_EQUAL LIBNET_FIND_VERSION)
set(LIBNET_FAILED_VERSION_CHECK false)
endif()
else()
if(LIBNET_VERSION VERSION_EQUAL LIBNET_FIND_VERSION OR
LIBNET_VERSION VERSION_GREATER LIBNET_FIND_VERSION)
set(LIBNET_FAILED_VERSION_CHECK false)
endif()
endif()
if(LIBNET_FAILED_VERSION_CHECK)
if(LIBNET_FIND_REQUIRED AND NOT LIBNET_FIND_QUIETLY)
if(LIBNET_FIND_VERSION_EXACT)
message(FATAL_ERROR "LIBNET version check failed.
Version ${LIBNET_VERSION} was found, version ${LIBNET_FIND_VERSION} is needed exactly.")
else()
message(FATAL_ERROR "LIBNET version check failed.
Version ${LIBNET_VERSION} was found, at least version ${LIBNET_FIND_VERSION} is required")
endif()
endif()
# If the version check fails, exit out of the module here
return()
endif()
endif()
#handle the QUIETLY and REQUIRED arguments and set LIBNET_FOUND to TRUE if
# all listed variables are TRUE
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(LIBNET DEFAULT_MSG LIBNET_LIBRARY LIBNET_INCLUDE_DIR)
if(LIBNET_FOUND)
set(LIBNET_LIBRARY ${LIBNET_LIBRARY})
set(LIBNET_INCLUDE_DIR ${LIBNET_INCLUDE_DIR})
set(LIBNET_VERSION ${LIBNET_VERSION})
set(LIBNET_VERSION_MAJOR ${LIBNET_VERSION_MAJOR})
set(LIBNET_VERSION_MINOR ${LIBNET_VERSION_MINOR})
endif()

View file

@ -0,0 +1,86 @@
# - Try to find libpcap include dirs and libraries
#
# Usage of this module as follows:
#
# find_package(PCAP)
#
# Variables used by this module, they can change the default behaviour and need
# to be set before calling find_package:
#
# PCAP_ROOT_DIR Set this variable to the root installation of
# libpcap if the module has problems finding the
# proper installation path.
#
# Variables defined by this module:
#
# PCAP_FOUND System has libpcap, include and library dirs found
# PCAP_INCLUDE_DIR The libpcap include directories.
# PCAP_LIBRARY The libpcap library (possibly includes a thread
# library e.g. required by pf_ring's libpcap)
# HAVE_PF_RING If a found version of libpcap supports PF_RING
find_path(PCAP_ROOT_DIR
NAMES include/pcap.h Include/pcap.h
)
find_path(PCAP_INCLUDE_DIR
NAMES pcap.h
HINTS ${PCAP_ROOT_DIR}/include
)
if ( MSVC AND COMPILER_ARCHITECTURE STREQUAL "x86_64" )
set(_pcap_lib_hint_path ${PCAP_ROOT_DIR}/lib/x64)
else()
set(_pcap_lib_hint_path ${PCAP_ROOT_DIR}/lib)
endif()
find_library(PCAP_LIBRARY
NAMES pcap wpcap
HINTS ${_pcap_lib_hint_path}
)
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(PCAP DEFAULT_MSG
PCAP_LIBRARY
PCAP_INCLUDE_DIR
)
include(CheckCSourceCompiles)
set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY})
check_c_source_compiles("int main() { return 0; }" PCAP_LINKS_SOLO)
set(CMAKE_REQUIRED_LIBRARIES)
# check if linking against libpcap also needs to link against a thread library
if (NOT PCAP_LINKS_SOLO)
find_package(Threads)
if (THREADS_FOUND)
set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY} ${CMAKE_THREAD_LIBS_INIT})
check_c_source_compiles("int main() { return 0; }" PCAP_NEEDS_THREADS)
set(CMAKE_REQUIRED_LIBRARIES)
endif ()
if (THREADS_FOUND AND PCAP_NEEDS_THREADS)
set(_tmp ${PCAP_LIBRARY} ${CMAKE_THREAD_LIBS_INIT})
list(REMOVE_DUPLICATES _tmp)
set(PCAP_LIBRARY ${_tmp}
CACHE STRING "Libraries needed to link against libpcap" FORCE)
else ()
message(FATAL_ERROR "Couldn't determine how to link against libpcap")
endif ()
endif ()
string(FIND "${PCAP_LIBRARY}" "wpcap" _pcap_lib_is_wpcap)
if ( _pcap_lib_is_wpcap GREATER_EQUAL 0 )
set(HAVE_WPCAP TRUE)
endif()
include(CheckFunctionExists)
set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARY})
check_function_exists(pcap_get_pfring_id HAVE_PF_RING)
check_function_exists(pcap_dump_open_append HAVE_PCAP_DUMP_OPEN_APPEND)
set(CMAKE_REQUIRED_LIBRARIES)
mark_as_advanced(
PCAP_ROOT_DIR
PCAP_INCLUDE_DIR
PCAP_LIBRARY
)

View file

@ -1 +0,0 @@
SUBDIRS = lib

View file

View file

@ -1,182 +0,0 @@
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
AC_PREREQ([2.69])
AC_INIT([ssldump], [1.4])
AM_INIT_AUTOMAKE([subdir-objects])
AC_CONFIG_SRCDIR([base/pcap-snoop.c])
AC_CONFIG_HEADERS([config.h])
AC_CANONICAL_HOST
# Checks for programs.
: ${CFLAGS=""}
AC_PROG_CC([gcc clang])
AM_PROG_CC_C_O
AC_PROG_MAKE_SET
AC_PROG_INSTALL
# Checks for header files.
AC_CHECK_HEADERS([arpa/inet.h memory.h netdb.h netinet/in.h stdlib.h string.h sys/param.h sys/socket.h sys/time.h unistd.h],,[AC_MSG_ERROR([Missing header.])])
AC_HEADER_STDC
AC_HEADER_TIME
# Checks for typedefs, structures, and compiler characteristics.
AC_CHECK_SIZEOF([unsigned short])
AC_CHECK_SIZEOF([unsigned int])
AC_CHECK_SIZEOF([unsigned long])
AC_CHECK_SIZEOF([unsigned long long])
# Checks for library functions.
AC_CHECK_FUNCS([malloc realloc gethostbyaddr gettimeofday inet_ntoa isascii memmove memset strchr strdup strstr strtol])
have_pcap=no
AC_SEARCH_LIBS([pcap_create], [pcap], [have_pcap=yes])
if test "x${have_pcap}" = xyes; then
AC_CHECK_HEADERS([pcap.h pcap-bpf.h], [], [have_pcap=no])
fi
if test "x${have_pcap}" = xno; then
AC_MSG_ERROR([
---------------------------------------
Unable to find libpcap on this system
Check 'config.log' for more information
On Debian and Ubuntu systems you can
install the required library and header
files with
apt install libpcap-dev
---------------------------------------
])
fi
have_ssl=no
AC_SEARCH_LIBS([OPENSSL_init_ssl], [ssl], [have_ssl=yes])
AC_SEARCH_LIBS(CRYPTO_new_ex_data, [crypto], [have_crypto=yes])
if test "x${have_ssl}" = xyes; then
AC_CHECK_HEADERS([openssl/ssl.h], [], [have_ssl=no])
fi
if test "x${have_ssl}" = xno; then
AC_MSG_ERROR([
---------------------------------------
Unable to find libssl on this system
Check 'config.log' for more information
On Debian and Ubuntu systems you can
install the required library and header
files with
apt install libssl-dev
---------------------------------------
])
fi
have_libnet=no
AC_SEARCH_LIBS([libnet_init], [net], [have_libnet=yes])
if test "x${have_libnet}" = xyes; then
AC_CHECK_HEADERS([libnet.h], [], [have_libnet=no])
fi
if test "x${have_libnet}" = xno; then
AC_MSG_ERROR([
---------------------------------------
Unable to find libnet on this system
Check 'config.log' for more information
On Debian and Ubuntu systems you can
install the required library and header
files with
apt install libnet1-dev
---------------------------------------
])
fi
have_libjson_c=no
AC_SEARCH_LIBS([json_object_new_object], [json-c], [have_libjson_c=yes])
if test "x${have_libjson_c}" = xyes; then
AC_CHECK_HEADERS([json-c/json.h], [], [have_libjson_c=no])
fi
if test "x${have_libjson_c}" = xno; then
AC_MSG_ERROR([
---------------------------------------
Unable to find libjson-c on this system
Check 'config.log' for more information
On Debian and Ubuntu systems you can
install the required library and header
files with
apt install libjson-c-dev
---------------------------------------
])
fi
AC_ARG_ENABLE([optimization],
[ --disable-optimization disable compiler optimizations],
[optimization=${enableval}], [optimization=yes])
if test "x${optimization}" = xno; then
CFLAGS="$CFLAGS -O0"
else
CFLAGS="$CFLAGS -O2"
fi
AC_ARG_ENABLE([debug],
[ --enable-debug enable debug info],
[debug=${enableval}], [debug=no])
if test "x${debug}" = xyes; then
CFLAGS="$CFLAGS -g -DDEBUG"
fi
AC_ARG_ENABLE([asan],
[ --enable-asan enable AddressSanitizer and other checks],
[asan=${enableval}], [asan=no])
if test "x${asan}" = xyes; then
AS_CASE([$CC],
[*gcc*], [AC_CHECK_LIB(asan, _init)],
[*clang*], [have_clang=yes],
[have_clang=no])
if (test "x${ac_cv_lib_asan__init}" = xyes || test "x$have_clang" = xyes); then
CFLAGS="$CFLAGS \
-fsanitize=address,undefined,leak \
-Wformat \
-Werror=format-security \
-Werror=array-bounds"
else
AC_MSG_WARN("AddressSanitizer not supported")
asan=no
fi
fi
AC_CONFIG_FILES([Makefile
common/Makefile
common/lib/Makefile
null/Makefile
ssl/Makefile
pcap/Makefile
base/Makefile])
AC_OUTPUT
echo
echo "################################################"
echo "SSLDump build setup"
echo " Host system: $host_os"
echo " Host architecture: $host_cpu"
echo " Compiler: $CC"
echo " Installation prefix: $prefix"
echo " CFLAGS: $CFLAGS"
echo " LDFLAGS: $LDFLAGS"
echo " LIBS: $LIBS"
echo " Optimizations enabled: $optimization"
echo " Debug info enabled: $debug"
echo " ASAN enabled: $asan"
echo "################################################"

View file

View file

View file

@ -1,7 +1,9 @@
#include <pcap.h> #include <pcap.h>
#include <unistd.h> #include <unistd.h>
#ifndef __OpenBSD__
#include <pcap-bpf.h> #include <pcap-bpf.h>
#endif
#include <sys/types.h> #include <sys/types.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <fcntl.h> #include <fcntl.h>

View file

View file

@ -1,4 +1,4 @@
#include <json-c/json.h> #include <json.h>
#include <openssl/md5.h> #include <openssl/md5.h>
#include "network.h" #include "network.h"
#include "ssl_h.h" #include "ssl_h.h"

View file

@ -44,7 +44,7 @@
*/ */
#include <json-c/json.h> #include <json.h>
#include <arpa/inet.h> #include <arpa/inet.h>
#include <netdb.h> #include <netdb.h>
#include "network.h" #include "network.h"

View file

@ -44,7 +44,7 @@
*/ */
#include <json-c/json.h> #include <json.h>
#include <ctype.h> #include <ctype.h>
#include <stdarg.h> #include <stdarg.h>
#include "network.h" #include "network.h"

View file

@ -44,7 +44,7 @@
*/ */
#include <json-c/json.h> #include <json.h>
#include "network.h" #include "network.h"
#include "ssl_h.h" #include "ssl_h.h"
#include "sslprint.h" #include "sslprint.h"

View file

@ -61,7 +61,7 @@ ssldump \- dump SSL traffic on a network
.na .na
.B ssldump .B ssldump
[ [
.B \-aAdeFHjnNPqtTvxXy .B \-aAdeFHjnNPqtTvxXyz
] [ ] [
.B \-i .B \-i
.I interface .I interface

View file

@ -3,7 +3,7 @@
9th April 2023 - version 1.7 9th April 2023 - version 1.7
``` ```
.na ssldump [ -aAdeFHjnNPqtTvxXy ] [ -i interface ] .na ssldump [ -aAdeFHjnNPqtTvxXyz ] [ -i interface ]
.ti +8 [ -k keyfile ] [ -l sslkeylogfile ] [ -p password ] [ -r dumpfile ] [ -w outputpcap ] .ti +8 [ -k keyfile ] [ -l sslkeylogfile ] [ -p password ] [ -r dumpfile ] [ -w outputpcap ]
.ti +8 [ -S [crypto|d|ht|H|nroff] ] [ expression ] .ti +8 [ -S [crypto|d|ht|H|nroff] ] [ expression ]
@ -138,6 +138,8 @@ _/dev/bpf*_.
* **-y** * **-y**
Decorate the output for processing with nroff/troff. Not very Decorate the output for processing with nroff/troff. Not very
useful for the average user. useful for the average user.
* **-z**
Add timestamp in front of TCP packet description (-T)
* _expression_ * _expression_
Selects what packets _ssldump_ will examine. Technically speaking, Selects what packets _ssldump_ will examine. Technically speaking,
_ssldump_ supports the full expression syntax from PCAP and tcpdump. _ssldump_ supports the full expression syntax from PCAP and tcpdump.