Merge pull request #85 from wllm-rbnt/fixes

Various fixes
This commit is contained in:
Alexandre Dulaunoy 2023-08-16 21:42:42 +02:00 committed by GitHub
commit 4f948aaeff
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
25 changed files with 292 additions and 282 deletions

View file

@ -84,20 +84,20 @@ abort:
if(_status) {
network_handler_destroy(mod, &handler);
}
return (_status);
return _status;
}
int network_handler_destroy(proto_mod *mod, n_handler **handlerp) {
n_handler *handler = 0;
if(!handlerp || !*handlerp)
return (0);
return 0;
handler = *handlerp;
mod->vtbl->destroy_ctx(mod->handle, &handler->ctx);
free(*handlerp);
*handlerp = 0;
return (0);
return 0;
}
int network_process_packet(n_handler *handler,
@ -124,7 +124,7 @@ int network_process_packet(n_handler *handler,
printf(
"Malformed packet, packet too small to contain IP header, skipping "
"...\n");
return (0);
return 0;
}
memset(&p.i_addr.so_st, 0x0, sizeof(struct sockaddr_storage));
@ -145,7 +145,7 @@ int network_process_packet(n_handler *handler,
if((off & 0x1fff) || /*Later fragment*/
(off & 0x2000)) { /*More fragments*/
/* fprintf(stderr,"Fragmented packet! rejecting\n"); */
return (0);
return 0;
}
hlen = p.l3_hdr.ip->ip_hl * 4;
@ -157,7 +157,7 @@ int network_process_packet(n_handler *handler,
printf(
"Malformed packet, size from IP header is larger than size "
"reported by libpcap, skipping ...\n");
return (0);
return 0;
}
if(p.len == 0) {
@ -190,7 +190,7 @@ int network_process_packet(n_handler *handler,
printf(
"Malformed packet, size from IP header is larger than size "
"reported by libpcap, skipping ...\n");
return (0);
return 0;
}
if(p.len == 0) {
@ -210,7 +210,7 @@ int network_process_packet(n_handler *handler,
break;
}
return (0);
return 0;
}
int packet_copy(packet *in, packet **out) {
@ -239,16 +239,16 @@ abort:
if(_status) {
packet_destroy(p);
}
return (_status);
return _status;
}
int packet_destroy(packet *p) {
if(!p)
return (0);
return 0;
FREE(p->base);
FREE(p);
return (0);
return 0;
}
int timestamp_diff(struct timeval *t1,
@ -263,7 +263,7 @@ int timestamp_diff(struct timeval *t1,
if(t0->tv_usec <= t1->tv_usec) {
diff->tv_sec = t1->tv_sec - t0->tv_sec;
diff->tv_usec = t1->tv_usec - t0->tv_usec;
return (0);
return 0;
}
/*Hard case*/
@ -273,7 +273,7 @@ int timestamp_diff(struct timeval *t1,
diff->tv_sec = t1->tv_sec - (t0->tv_sec + 1);
diff->tv_usec = 1000000 - d;
return (0);
return 0;
}
int lookuphostname(struct sockaddr_storage *so_st, char **namep) {
@ -295,7 +295,7 @@ int lookuphostname(struct sockaddr_storage *so_st, char **namep) {
inet_ntop(so_st->ss_family, addr, *namep, INET6_ADDRSTRLEN);
}
return (0);
return 0;
}
int addrtotext(struct sockaddr_storage *so_st, char **namep) {
@ -309,5 +309,5 @@ int addrtotext(struct sockaddr_storage *so_st, char **namep) {
}
inet_ntop(so_st->ss_family, addr, *namep, INET6_ADDRSTRLEN);
return (0);
return 0;
}

View file

@ -165,7 +165,8 @@ void pcap_cb(u_char *ptr, const struct pcap_pkthdr *hdr, const u_char *data) {
n_handler *n;
int len;
struct ether_header *e_hdr = (struct ether_header *)data;
int type, cleaned_conn;
int type = ETHERTYPE_IP;
int cleaned_conn;
n = (n_handler *)ptr;
if(hdr->caplen != hdr->len)
@ -545,7 +546,7 @@ char *collapse_args(int argc, char **argv) {
char *ret;
if(!argc)
return (0);
return 0;
for(i = 0; i < argc; i++) {
len += strlen(argv[i]) + 1;
@ -563,5 +564,5 @@ char *collapse_args(int argc, char **argv) {
ret[len++] = ' ';
}
return (ret);
return ret;
}

View file

@ -53,7 +53,7 @@ int explain(char *format, ...) {
vprintf(format, ap);
va_end(ap);
return (0);
return 0;
}
int exdump(name, data) char *name;
@ -82,5 +82,5 @@ Data *data;
INDENT_POP;
if(data->len > 8 && i % 12)
LF;
return (0);
return 0;
}

View file

@ -69,15 +69,15 @@ abort:
if(_status) {
destroy_proto_handler(&handler);
}
return (_status);
return _status;
}
int destroy_proto_handler(proto_handler **handlerp) {
if(!handlerp || !*handlerp)
return (0);
return 0;
(*handlerp)->vtbl->destroy(&(*handlerp)->obj);
free(*handlerp);
*handlerp = 0;
return (0);
return 0;
}

View file

@ -64,7 +64,7 @@ static int zero_conn PROTO_LIST((tcp_conn * conn));
static int zero_conn(tcp_conn *conn) {
memset(conn, 0, sizeof(tcp_conn));
return (0);
return 0;
}
int tcp_find_conn(tcp_conn **connp,
@ -81,7 +81,7 @@ int tcp_find_conn(tcp_conn **connp,
!memcmp(daddr, &conn->conn.r_addr, sizeof(struct sockaddr_storage))) {
*directionp = DIR_I2R;
*connp = &(conn->conn);
return (0);
return 0;
}
}
@ -90,12 +90,12 @@ int tcp_find_conn(tcp_conn **connp,
!memcmp(daddr, &conn->conn.i_addr, sizeof(struct sockaddr_storage))) {
*directionp = DIR_R2I;
*connp = &(conn->conn);
return (0);
return 0;
}
}
}
return (R_NOT_FOUND);
return R_NOT_FOUND;
}
int tcp_create_conn(tcp_conn **connp,
@ -106,7 +106,7 @@ int tcp_create_conn(tcp_conn **connp,
conn_struct *conn = 0;
if(!(conn = (conn_struct *)malloc(sizeof(conn_struct))))
return (R_NO_MEMORY);
return R_NO_MEMORY;
conn->prev = 0;
@ -126,7 +126,7 @@ int tcp_create_conn(tcp_conn **connp,
first_conn->prev = conn;
first_conn = conn;
return (0);
return 0;
}
int tcp_destroy_conn(tcp_conn *conn) {
@ -153,7 +153,7 @@ int tcp_destroy_conn(tcp_conn *conn) {
free(conn->backptr);
free(conn);
return (0);
return 0;
}
int clean_old_conn(void) {
@ -198,7 +198,7 @@ int free_tcp_segment_queue(segment *seg) {
seg = tmp;
}
return (0);
return 0;
}
int copy_tcp_segment_queue(segment **out, segment *in) {
@ -221,5 +221,5 @@ abort:
if(_status) {
free_tcp_segment_queue(base);
}
return (_status);
return _status;
}

View file

@ -94,12 +94,12 @@ int process_tcp_packet(proto_mod *handler, proto_ctx *ctx, packet *p) {
if((p->tcp->th_flags & TH_SYN) != TH_SYN) {
DBG((0, "TCP: rejecting packet from unknown connection, seq: %u\n",
ntohl(p->tcp->th_seq)));
return (0);
return 0;
}
if((r = new_connection(handler, ctx, p, &conn)))
ABORT(r);
return (0);
return 0;
}
stream = direction == DIR_R2I ? &conn->r2i : &conn->i2r;
@ -155,7 +155,7 @@ int process_tcp_packet(proto_mod *handler, proto_ctx *ctx, packet *p) {
_status = 0;
abort:
return (_status);
return _status;
}
static int new_connection(proto_mod *handler,
@ -194,7 +194,7 @@ static int new_connection(proto_mod *handler,
*connp = conn;
_status = 0;
abort:
return (_status);
return _status;
}
/*#define STRIM(_seq,s) { \
@ -235,13 +235,13 @@ static int process_data_segment(tcp_conn *conn,
fprintf(stderr,
"Malformed packet, computed TCP segment size is negative, skipping "
"...\n");
return (0);
return 0;
}
if(stream->close) {
DBG((0, "Rejecting packet received after FIN: %u:%u(%u)",
ntohl(p->tcp->th_seq), ntohl(p->tcp->th_seq + l), l));
return (0);
return 0;
}
/*The idea here is to pass all available segments
@ -278,7 +278,7 @@ static int process_data_segment(tcp_conn *conn,
/* Check to see if this packet has been processed already */
right_edge = seq + (p->len - (p->tcp->th_off) * 4);
if(!(p->tcp->th_flags & (TH_RST)) && SEQ_LT(right_edge, stream->seq))
return (0);
return 0;
if(SEQ_LT(stream->seq, seq)) {
/* Out of order segment */
@ -380,7 +380,7 @@ static int process_data_segment(tcp_conn *conn,
_status = 0;
abort:
return (_status);
return _status;
}
static int print_tcp_packet(packet *p) {
@ -389,7 +389,7 @@ static int print_tcp_packet(packet *p) {
struct timeval *ts = &p->ts;
if(!(NET_print_flags & NET_PRINT_TCP_HDR))
return (0);
return 0;
lookuphostname(&p->i_addr.so_st, &src);
lookuphostname(&p->r_addr.so_st, &dst);
@ -422,7 +422,7 @@ static int print_tcp_packet(packet *p) {
}
free(src);
free(dst);
return (0);
return 0;
}
int STRIM(UINT4 _seq, segment *s) {
@ -457,5 +457,5 @@ int STRIM(UINT4 _seq, segment *s) {
}
}
return (0);
return 0;
}

View file

@ -72,7 +72,7 @@
if(!_r) \
_r = -1; \
REPORT_ERROR_("ERETURN", _r); \
return (_r); \
return _r; \
} while(0)
#endif

View file

@ -56,7 +56,7 @@ int debug(int class, char *format, ...) {
vfprintf(stderr, format, ap);
fprintf(stderr, "\n");
va_end(ap);
return (0);
return 0;
}
int xdump(char *name, UCHAR *data, int len) {
@ -73,5 +73,5 @@ int xdump(char *name, UCHAR *data, int len) {
}
if(i % 12)
printf("\n");
return (0);
return 0;
}

View file

@ -102,7 +102,7 @@ abort:
if(_status) {
r_assoc_destroy(&assoc);
}
return (_status);
return _status;
}
int r_assoc_destroy(r_assoc **assocp) {
@ -110,7 +110,7 @@ int r_assoc_destroy(r_assoc **assocp) {
int i;
if(!assocp || !*assocp)
return (0);
return 0;
assoc = *assocp;
for(i = 0; i < assoc->size; i++)
@ -119,7 +119,7 @@ int r_assoc_destroy(r_assoc **assocp) {
free(assoc->chains);
free(assoc);
return (0);
return 0;
}
static int destroy_assoc_chain(r_assoc_el *chain) {
@ -137,7 +137,7 @@ static int destroy_assoc_chain(r_assoc_el *chain) {
chain = nxt;
}
return (0);
return 0;
}
static int copy_assoc_chain(r_assoc_el **newp, r_assoc_el *old) {
@ -146,7 +146,7 @@ static int copy_assoc_chain(r_assoc_el **newp, r_assoc_el *old) {
if(!old) {
*newp = 0;
return (0);
return 0;
}
for(; old; old = old->next) {
if(!(tmp = (r_assoc_el *)calloc(sizeof(r_assoc_el), 1)))
@ -182,7 +182,7 @@ abort:
if(_status) {
destroy_assoc_chain(new);
}
return (_status);
return _status;
}
static int r_assoc_fetch_bucket(r_assoc *assoc,
@ -197,11 +197,11 @@ static int r_assoc_fetch_bucket(r_assoc *assoc,
for(bucket = assoc->chains[hash_value]; bucket; bucket = bucket->next) {
if(bucket->key_len == len && !memcmp(bucket->key, key, len)) {
*bucketp = bucket;
return (0);
return 0;
}
}
return (R_NOT_FOUND);
return R_NOT_FOUND;
}
int r_assoc_fetch(r_assoc *assoc, char *key, int len, void **datap) {
@ -211,11 +211,11 @@ int r_assoc_fetch(r_assoc *assoc, char *key, int len, void **datap) {
if((r = r_assoc_fetch_bucket(assoc, key, len, &bucket))) {
if(r != R_NOT_FOUND)
ERETURN(r);
return (r);
return r;
}
*datap = bucket->data;
return (0);
return 0;
}
int r_assoc_insert(r_assoc *assoc,
@ -267,7 +267,7 @@ abort:
free(new_bucket->key);
free(new_bucket);
}
return (_status);
return _status;
}
int r_assoc_copy(r_assoc **newp, r_assoc *old) {
@ -292,7 +292,7 @@ abort:
if(_status) {
r_assoc_destroy(&new);
}
return (_status);
return _status;
}
int r_assoc_init_iter(r_assoc *assoc, r_assoc_iterator *iter) {
@ -313,7 +313,7 @@ int r_assoc_init_iter(r_assoc *assoc, r_assoc_iterator *iter) {
}
}
return (0);
return 0;
}
int r_assoc_iter(r_assoc_iterator *iter, void **key, int *keyl, void **val) {
@ -321,7 +321,7 @@ int r_assoc_iter(r_assoc_iterator *iter, void **key, int *keyl, void **val) {
r_assoc_el *ret;
if(!iter->next)
return (R_EOD);
return R_EOD;
ret = iter->next;
*key = ret->key;
@ -348,7 +348,7 @@ int r_assoc_iter(r_assoc_iterator *iter, void **key, int *keyl, void **val) {
}
}
return (0);
return 0;
}
/* Delete the last returned value*/
@ -368,7 +368,7 @@ int r_assoc_iter_delete(r_assoc_iterator *iter) {
iter->prev->destroy(iter->prev->data);
free(iter->prev->data);
free(iter->prev);
return (0);
return 0;
}
/*This is a hack from AMS. Supposedly, it's pretty good for strings, even
@ -381,5 +381,5 @@ hash_compute(char *key, int len, int bits) {
h &= (1 << bits) - 1;
return (h);
return h;
}

View file

@ -124,5 +124,5 @@ int fetch_test(r_assoc *assoc) {
exit(1);
}
}
return (0);
return 0;
}

View file

@ -32,14 +32,14 @@ abort:
if(_status) {
r_bitfield_destroy(&set);
}
return (_status);
return _status;
}
int r_bitfield_destroy(r_bitfield **setp) {
r_bitfield *set;
if(!setp || !*setp)
return (0);
return 0;
set = *setp;
@ -47,7 +47,7 @@ int r_bitfield_destroy(r_bitfield **setp) {
RFREE(set);
*setp = 0;
return (0);
return 0;
}
int r_bitfield_set(r_bitfield *set, int bit) {
@ -77,7 +77,7 @@ int r_bitfield_set(r_bitfield *set, int bit) {
_status = 0;
abort:
return (_status);
return _status;
}
int r_bitfield_isset(r_bitfield *set, int bit) {
@ -86,11 +86,11 @@ int r_bitfield_isset(r_bitfield *set, int bit) {
int _status;
if(bit < set->base)
return (0);
return 0;
/* Resize? */
if(word > set->len)
return (0);
return 0;
return (set->data[word] & (1 << bbit));
return set->data[word] & (1 << bbit);
}

View file

@ -66,7 +66,7 @@ abort:
if(_status)
r_data_destroy(&d_);
return (_status);
return _status;
}
int r_data_alloc(Data **dp, int l) {
@ -86,7 +86,7 @@ abort:
if(_status)
r_data_destroy(&d_);
return (_status);
return _status;
}
int r_data_make(Data *dp, UCHAR *d, int l) {
@ -96,12 +96,12 @@ int r_data_make(Data *dp, UCHAR *d, int l) {
memcpy(dp->data, d, l);
dp->len = l;
return (0);
return 0;
}
int r_data_destroy(Data **dp) {
if(!dp || !*dp)
return (0);
return 0;
if((*dp)->data)
free((*dp)->data);
@ -109,30 +109,30 @@ int r_data_destroy(Data **dp) {
free(*dp);
*dp = 0;
return (0);
return 0;
}
int r_data_copy(Data *dst, Data *src) {
if(!(dst->data = (UCHAR *)malloc(src->len)))
ERETURN(R_NO_MEMORY);
memcpy(dst->data, src->data, dst->len = src->len);
return (0);
return 0;
}
int r_data_zfree(Data *d) {
if(!d)
return (0);
return 0;
if(!d->data)
return (0);
return 0;
memset(d->data, 0, d->len);
free(d->data);
return (0);
return 0;
}
int r_data_compare(Data *d1, Data *d2) {
if(d1->len < d2->len)
return (-1);
return -1;
if(d2->len < d1->len)
return (-1);
return (memcmp(d1->data, d2->data, d1->len));
return -1;
return memcmp(d1->data, d2->data, d1->len);
}

View file

@ -73,7 +73,7 @@ int r_list_create(r_list **listp) {
_status = 0;
abort:
return (_status);
return _status;
}
int r_list_destroy(r_list **listp) {
@ -81,7 +81,7 @@ int r_list_destroy(r_list **listp) {
r_list_el *el;
if(!listp || !*listp)
return (0);
return 0;
list = *listp;
el = list->first;
@ -99,7 +99,7 @@ int r_list_destroy(r_list **listp) {
free(list);
*listp = 0;
return (0);
return 0;
}
int r_list_copy(r_list **outp, r_list *in) {
@ -138,7 +138,7 @@ int r_list_copy(r_list **outp, r_list *in) {
abort:
if(_status)
r_list_destroy(&out);
return (_status);
return _status;
}
int r_list_insert(list, value, copy, destroy) r_list *list;
@ -164,7 +164,7 @@ int(*destroy) PROTO_LIST((void **val));
_status = 0;
abort:
return (_status);
return _status;
}
int r_list_append(list, value, copy, destroy) r_list *list;
@ -193,22 +193,22 @@ int(*destroy) PROTO_LIST((void **val));
_status = 0;
abort:
return (_status);
return _status;
}
int r_list_init_iter(r_list *list, r_list_iterator *iter) {
iter->list = list;
iter->ptr = list->first;
return (0);
return 0;
}
int r_list_iter(r_list_iterator *iter, void **val) {
if(!iter->ptr)
return (R_EOD);
return R_EOD;
*val = iter->ptr->data;
iter->ptr = iter->ptr->next;
return (0);
return 0;
}

View file

@ -53,10 +53,10 @@ char *strdup(char *str) {
char *n;
if(!(n = (char *)malloc(len + 1)))
return (0);
return 0;
memcpy(n, str, len + 1);
return (n);
return n;
}
#endif

View file

@ -94,7 +94,7 @@ int r_timeval_diff(struct timeval *t1,
if(t0->tv_usec <= t1->tv_usec) {
diff->tv_sec = t1->tv_sec - t0->tv_sec;
diff->tv_usec = t1->tv_usec - t0->tv_usec;
return (0);
return 0;
}
/*Hard case*/
@ -104,7 +104,7 @@ int r_timeval_diff(struct timeval *t1,
diff->tv_sec = t1->tv_sec - (t0->tv_sec + 1);
diff->tv_usec = 1000000 - d;
return (0);
return 0;
}
int r_timeval_add(struct timeval *t1, struct timeval *t2, struct timeval *sum) {
@ -123,7 +123,7 @@ int r_timeval_add(struct timeval *t1, struct timeval *t2, struct timeval *sum) {
sum->tv_sec = tv_sec;
sum->tv_usec = tv_usec;
return (0);
return 0;
}
UINT8

View file

@ -31,7 +31,7 @@ static void *r_thread_real_create(void *arg) {
thread_count--;
free(h);
return (0);
return 0;
}
int r_thread_fork(func, arg, id) void(*func) PROTO_LIST((void *));
@ -52,7 +52,7 @@ r_thread *id;
_status = 0;
abort:
return (_status);
return _status;
}
int r_thread_yield(void) {
@ -62,7 +62,7 @@ int r_thread_yield(void) {
int r_thread_exit(void) {
thread_count--;
pthread_exit(0);
return (0);
return 0;
}
int r_thread_wait_last(void) {
@ -72,7 +72,7 @@ int r_thread_wait_last(void) {
DBG((0, "%d threads left", thread_count));
} while(thread_count);
return (0);
return 0;
}
int r_rwlock_create(r_rwlock **lockp) {
@ -86,20 +86,20 @@ int r_rwlock_create(r_rwlock **lockp) {
ERETURN(R_INTERNAL);
*lockp = (void *)lock;
return (0);
return 0;
}
int r_rwlock_destroy(r_rwlock **lock) {
pthread_rwlock_t *plock;
if(!lock || !*lock)
return (0);
return 0;
plock = (pthread_rwlock_t *)(*lock);
pthread_rwlock_destroy(plock);
return (0);
return 0;
}
int r_rwlock_lock(r_rwlock *lock, int action) {
@ -127,5 +127,5 @@ int r_rwlock_lock(r_rwlock *lock, int action) {
_status = 0;
abort:
return (_status);
return _status;
}

View file

@ -83,22 +83,26 @@ static int create_null_analyzer(void *handle,
DBG((0, "Creating analyzer for connection %d\n", obj->num));
*objp = (proto_obj *)obj;
return (0);
return 0;
}
int destroy_null_analyzer(proto_obj **objp) {
#ifdef DEBUG
null_analyzer *obj;
#endif
if(!objp || !*objp)
return (0);
return 0;
#ifdef DEBUG
obj = (null_analyzer *)*objp;
#endif
DBG((0, "Destroying analyzer for connection %d\n", obj->num));
free(*objp);
*objp = 0;
return (0);
return 0;
}
int data_null_analyzer(proto_obj *_obj, segment *seg, int direction) {
@ -123,7 +127,7 @@ int data_null_analyzer(proto_obj *_obj, segment *seg, int direction) {
printf("====\n");
}
return (0);
return 0;
}
int fin_null_analyzer(proto_obj *_obj, packet *p, int direction) {
@ -131,7 +135,7 @@ int fin_null_analyzer(proto_obj *_obj, packet *p, int direction) {
null_analyzer *obj = (null_analyzer *)_obj;
#endif
DBG((0, "Received FIN on connection %d\n", obj->num));
return (0);
return 0;
}
static struct proto_mod_vtbl_ null_vtbl = {

View file

@ -65,7 +65,7 @@ static int create_pcap_logger(proto_obj **objp,
struct sockaddr_storage *r_addr,
u_short r_port,
struct timeval *base_time) {
int r, _status;
int _status;
logpkt_ctx_t *pcap_obj = 0;
struct sockaddr_in src_addr, dst_addr;
@ -92,21 +92,21 @@ abort:
if(_status) {
destroy_pcap_logger((proto_obj **)&pcap_obj);
}
return (_status);
return _status;
}
static int destroy_pcap_logger(proto_obj **objp) {
logpkt_ctx_t *pcap_obj;
if(!objp || !*objp)
return (0);
return 0;
pcap_obj = (logpkt_ctx_t *)*objp;
free(pcap_obj);
*objp = 0;
return (0);
return 0;
}
static int data_pcap_logger(proto_obj *_obj,

View file

@ -238,7 +238,7 @@ int ssl_find_cipher(int num, SSL_CipherSuite **cs) {
for(c = CipherSuites; c->number != -1; c++) {
if(c->number == num) {
*cs = c;
return (0);
return 0;
}
}

View file

@ -29,7 +29,7 @@ static int decode_ContentType_ChangeCipherSpec(ssl_obj *ssl,
}
LF;
return (0);
return 0;
}
static int decode_ContentType_Alert(ssl_obj *ssl,
int dir,
@ -40,7 +40,7 @@ static int decode_ContentType_Alert(ssl_obj *ssl,
if(ssl->record_encryption == REC_CIPHERTEXT) {
LF;
return (0);
return 0;
}
if(data->len != 2) {
@ -64,7 +64,7 @@ static int decode_ContentType_Alert(ssl_obj *ssl,
0);
LF;
}
return (0);
return 0;
}
static int decode_ContentType_Handshake(ssl_obj *ssl,
int dir,
@ -79,7 +79,7 @@ static int decode_ContentType_Handshake(ssl_obj *ssl,
if(ssl->record_encryption == REC_CIPHERTEXT) {
LF;
return (0);
return 0;
}
while(data->len > 0) {
@ -108,7 +108,7 @@ static int decode_ContentType_Handshake(ssl_obj *ssl,
}
ssl_decode_switch(ssl, HandshakeType_decoder, t, dir, seg, &d);
}
return (0);
return 0;
}
static int decode_ContentType_application_data(ssl_obj *ssl,
int dir,
@ -125,13 +125,13 @@ static int decode_ContentType_application_data(ssl_obj *ssl,
if(NET_print_flags & NET_PRINT_JSON) {
json_object_object_add(jobj, "msg_data",
json_object_new_string_len(d.data, d.len));
json_object_new_string_len((char *) d.data, d.len));
} else
P_(P_AD) { print_data(ssl, &d); }
else {
LF;
}
return (0);
return 0;
}
decoder ContentType_decoder[] = {
{20, "ChangeCipherSpec", decode_ContentType_ChangeCipherSpec},
@ -150,7 +150,7 @@ static int decode_HandshakeType_HelloRequest(ssl_obj *ssl,
json_object_new_string("HelloRequest"));
LF;
return (0);
return 0;
}
static int decode_HandshakeType_ClientHello(ssl_obj *ssl,
int dir,
@ -218,7 +218,7 @@ static int decode_HandshakeType_ClientHello(ssl_obj *ssl,
for(; cslen; cslen -= 2) {
if(ssl_decode_enum(ssl, 0, 2, cipher_suite_decoder, 0, data, &cs))
return (1);
return 1;
ssl_print_cipher_suite(ssl, (vj << 8) | vn, P_HL, cs);
if(!ja3_cs_str)
ja3_cs_str = calloc(7, 1);
@ -335,7 +335,7 @@ static int decode_HandshakeType_ClientHello(ssl_obj *ssl,
free(ja3_ec_str);
free(ja3_ecp_str);
return (0);
return 0;
}
static int decode_HandshakeType_ServerHello(ssl_obj *ssl,
int dir,
@ -477,7 +477,7 @@ static int decode_HandshakeType_ServerHello(ssl_obj *ssl,
free(ja3s_c_str);
free(ja3s_ex_str);
return (0);
return 0;
}
static int decode_HandshakeType_Certificate(ssl_obj *ssl,
int dir,
@ -528,7 +528,7 @@ static int decode_HandshakeType_Certificate(ssl_obj *ssl,
}
}
return (0);
return 0;
}
static int decode_HandshakeType_SessionTicket(ssl_obj *ssl,
@ -565,6 +565,7 @@ static int decode_HandshakeType_SessionTicket(ssl_obj *ssl,
}
}
}
return 0;
}
static int decode_HandshakeType_EncryptedExtensions(ssl_obj *ssl,
@ -592,6 +593,7 @@ static int decode_HandshakeType_EncryptedExtensions(ssl_obj *ssl,
LF;
}
}
return 0;
}
static int decode_HandshakeType_ServerKeyExchange(ssl_obj *ssl,
@ -628,7 +630,7 @@ static int decode_HandshakeType_ServerKeyExchange(ssl_obj *ssl,
SSL_DECODE_OPAQUE_ARRAY(ssl, "signature", -((1 << 15) - 1), P_ND, data, 0);
}
return (0);
return 0;
}
static int decode_HandshakeType_CertificateRequest(ssl_obj *ssl,
int dir,
@ -662,7 +664,7 @@ static int decode_HandshakeType_CertificateRequest(ssl_obj *ssl,
INDENT_POP;
len -= (ca.len + 2);
}
return (0);
return 0;
}
static int decode_HandshakeType_ServerHelloDone(ssl_obj *ssl,
int dir,
@ -675,7 +677,7 @@ static int decode_HandshakeType_ServerHelloDone(ssl_obj *ssl,
LF;
ssl_update_handshake_messages(ssl, data);
return (0);
return 0;
}
static int decode_HandshakeType_CertificateVerify(ssl_obj *ssl,
int dir,
@ -695,7 +697,7 @@ static int decode_HandshakeType_CertificateVerify(ssl_obj *ssl,
SSL_DECODE_UINT16(ssl, "signature_type", P_HL, data, &signature_type);
}
SSL_DECODE_OPAQUE_ARRAY(ssl, "Signature", -((1 << 15) - 1), P_HL, data, 0);
return (0);
return 0;
}
static int decode_HandshakeType_ClientKeyExchange(ssl_obj *ssl,
int dir,
@ -731,7 +733,7 @@ static int decode_HandshakeType_ClientKeyExchange(ssl_obj *ssl,
ssl_process_client_key_exchange(ssl, ssl->decoder, NULL, 0);
}
}
return (0);
return 0;
}
static int decode_HandshakeType_Finished(ssl_obj *ssl,
int dir,
@ -759,7 +761,7 @@ static int decode_HandshakeType_Finished(ssl_obj *ssl,
}
ssl_process_handshake_finished(ssl, ssl->decoder, data);
return (0);
return 0;
}
static int decode_HandshakeType_KeyUpdate(ssl_obj *ssl,
@ -1191,7 +1193,7 @@ static int decode_AlertLevel_warning(ssl_obj *ssl,
jobj = ssl->cur_json_st;
json_object_object_add(jobj, "alert_level",
json_object_new_string("warning"));
return (0);
return 0;
}
static int decode_AlertLevel_fatal(ssl_obj *ssl,
int dir,
@ -1200,7 +1202,7 @@ static int decode_AlertLevel_fatal(ssl_obj *ssl,
struct json_object *jobj;
jobj = ssl->cur_json_st;
json_object_object_add(jobj, "alert_level", json_object_new_string("fatal"));
return (0);
return 0;
}
decoder AlertLevel_decoder[] = {{1, "warning", decode_AlertLevel_warning},
{2, "fatal", decode_AlertLevel_fatal},
@ -1210,139 +1212,139 @@ static int decode_AlertDescription_close_notify(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_unexpected_message(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_bad_record_mac(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_decryption_failed(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_record_overflow(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_decompression_failure(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_handshake_failure(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_bad_certificate(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_unsupported_certificate(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_certificate_revoked(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_certificate_expired(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_certificate_unknown(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_illegal_parameter(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_unknown_ca(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_access_denied(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_decode_error(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_decrypt_error(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_export_restriction(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_protocol_version(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_insufficient_security(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_internal_error(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_user_canceled(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_AlertDescription_no_renegotiation(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
decoder AlertDescription_decoder[] = {
{0, "close_notify", decode_AlertDescription_close_notify},
@ -1379,25 +1381,25 @@ static int decode_client_certificate_type_rsa_sign(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_client_certificate_type_dss_sign(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_client_certificate_type_rsa_fixed_dh(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
static int decode_client_certificate_type_dss_fixed_dh(ssl_obj *ssl,
int dir,
segment *seg,
Data *data) {
return (0);
return 0;
}
decoder client_certificate_type_decoder[] = {
{1, "rsa_sign", decode_client_certificate_type_rsa_sign},
@ -1439,7 +1441,7 @@ static int decode_extension_server_name(ssl_obj *ssl,
data->len -= l;
data->data += l;
}
return (0);
return 0;
}
static int decode_extension_encrypt_then_mac(ssl_obj *ssl,
int dir,
@ -1455,7 +1457,7 @@ static int decode_extension_encrypt_then_mac(ssl_obj *ssl,
data->data += l;
dir == DIR_I2R ? *etm = 1 : ++*etm;
return (0);
return 0;
}
static int decode_extension_extended_master_secret(ssl_obj *ssl,
int dir,
@ -1471,7 +1473,7 @@ static int decode_extension_extended_master_secret(ssl_obj *ssl,
data->data += l;
dir == DIR_I2R ? *ems = 1 : ++*ems;
return (0);
return 0;
}
static int decode_extension(ssl_obj *ssl, int dir, segment *seg, Data *data) {
int r;
@ -1479,7 +1481,7 @@ static int decode_extension(ssl_obj *ssl, int dir, segment *seg, Data *data) {
SSL_DECODE_UINT16(ssl, "extension length", 0, data, &l);
data->len -= l;
data->data += l;
return (0);
return 0;
}
decoder supported_groups_decoder[] = {
@ -1521,7 +1523,7 @@ static int decode_extension_supported_groups(ssl_obj *ssl,
data->data += l;
}
ssl->cur_ja3_ec_str = ja3_ec_str;
return (0);
return 0;
}
decoder ec_point_formats_decoder[] = {{
@ -1572,7 +1574,7 @@ static int decode_extension_ec_point_formats(ssl_obj *ssl,
}
ssl->cur_ja3_ecp_str = ja3_ecp_str;
return (0);
return 0;
}
static int decode_extension_supported_versions(ssl_obj *ssl,
@ -1595,6 +1597,7 @@ static int decode_extension_supported_versions(ssl_obj *ssl,
}
if(dir == DIR_R2I)
ssl->version = version; // Server sets the tls version
return 0;
}
decoder tls13_certificate_types[] = {{0, "x509", 0},
@ -1623,6 +1626,7 @@ static int decode_extension_client_certificate_type(ssl_obj *ssl,
if(dir == DIR_R2I)
ssl->extensions->client_certificate_type =
certificate_type; // Server sets the client_certificate_type
return 0;
}
static int decode_extension_server_certificate_type(ssl_obj *ssl,
@ -1647,6 +1651,7 @@ static int decode_extension_server_certificate_type(ssl_obj *ssl,
if(dir == DIR_R2I)
ssl->extensions->server_certificate_type =
certificate_type; // Server sets the server_certificate_type
return 0;
}
decoder extension_decoder[] = {
@ -1738,7 +1743,7 @@ static int decode_server_name_type_host_name(ssl_obj *ssl,
data->len -= l;
data->data += l;
return (0);
return 0;
}
static int decode_server_name(ssl_obj *ssl, int dir, segment *seg, Data *data) {
int r;
@ -1746,7 +1751,7 @@ static int decode_server_name(ssl_obj *ssl, int dir, segment *seg, Data *data) {
SSL_DECODE_UINT16(ssl, "server name length", 0, data, &l);
data->len -= l;
data->data += l;
return (0);
return 0;
}
decoder server_name_type_decoder[] = {

View file

@ -133,7 +133,7 @@ int parse_ssl_flag(int flag) {
}
}
return (0);
return 0;
}
static int parse_ssl_flags(char *str) {
@ -165,7 +165,7 @@ static int parse_ssl_flags(char *str) {
}
}
return (0);
return 0;
}
static int create_ssl_ctx(void *handle, proto_ctx **ctxp) {
@ -179,7 +179,7 @@ static int create_ssl_ctx(void *handle, proto_ctx **ctxp) {
*ctxp = (proto_ctx *)ctx;
_status = 0;
abort:
return (_status);
return _status;
}
static int destroy_ssl_ctx(void *handle, proto_ctx **ctxp) {
@ -245,14 +245,14 @@ abort:
if(_status) {
destroy_ssl_analyzer((proto_obj **)&obj);
}
return (_status);
return _status;
}
static int destroy_ssl_analyzer(proto_obj **objp) {
ssl_obj *obj;
if(!objp || !*objp)
return (0);
return 0;
obj = (ssl_obj *)*objp;
DBG((0, "Destroying SSL analyzer"));
@ -272,7 +272,7 @@ static int destroy_ssl_analyzer(proto_obj **objp) {
free(*objp);
*objp = 0;
return (0);
return 0;
}
static int free_r_queue(r_queue *q) {
@ -280,7 +280,7 @@ static int free_r_queue(r_queue *q) {
if(q->q)
free_tcp_segment_queue(q->q);
free(q);
return (0);
return 0;
}
static int create_r_queue(r_queue **qp) {
@ -303,7 +303,7 @@ abort:
if(_status) {
free_r_queue(q);
}
return (_status);
return _status;
}
static int read_ssl_record(ssl_obj *obj,
@ -368,7 +368,7 @@ static int read_ssl_record(ssl_obj *obj,
_status = 0;
abort:
return (_status);
return _status;
}
static int read_data(r_queue *q,
@ -403,7 +403,7 @@ static int read_data(r_queue *q,
if(q->read_left) {
if((r = copy_tcp_segment_queue(&q->q, seg)))
ABORT(r);
return (SSL_NO_DATA);
return SSL_NO_DATA;
}
if(seg && tocpy == (seg->len - offset)) {
@ -422,7 +422,7 @@ static int read_data(r_queue *q,
_status = 0;
abort:
return (_status);
return _status;
}
static int data_ssl_analyzer(proto_obj *_obj, segment *seg, int direction) {
@ -443,19 +443,19 @@ static int data_ssl_analyzer(proto_obj *_obj, segment *seg, int direction) {
r = process_v2_hello(ssl, seg);
if(r == SSL_NO_DATA)
return (0);
return 0;
if(r == 0)
return (0);
return 0;
}
if(ssl->i_state == SSL_ST_SENT_NOTHING) {
r = process_beginning_plaintext(ssl, seg, direction);
if(r == SSL_NO_DATA)
return (0);
return 0;
if(r == 0)
return (0);
return 0;
}
while(!(r = read_ssl_record(ssl, q, seg, offset, &last, &offset))) {
@ -499,7 +499,7 @@ static int data_ssl_analyzer(proto_obj *_obj, segment *seg, int direction) {
_status = 0;
abort:
return (_status);
return _status;
}
static int print_ssl_header(ssl_obj *obj,
@ -526,7 +526,7 @@ static int print_ssl_header(ssl_obj *obj,
ssl_print_direction_indicator(obj, direction);
return (0);
return 0;
}
static int print_ssl_record(ssl_obj *obj,
@ -556,7 +556,7 @@ static int print_ssl_record(ssl_obj *obj,
json_object_put(obj->cur_json_st);
obj->cur_json_st = NULL;
return (0);
return 0;
}
int close_ssl_analyzer(proto_obj *_obj, packet *p, int dir) {
@ -577,7 +577,7 @@ int close_ssl_analyzer(proto_obj *_obj, packet *p, int dir) {
ssl_print_direction_indicator(ssl, dir);
explain(ssl, " TCP %s", what);
LF;
return (0);
return 0;
}
static struct proto_mod_vtbl_ ssl_vtbl = {

View file

@ -149,14 +149,14 @@ abort:
if(_status) {
ssl_destroy_rec_decoder(&dec);
}
return (_status);
return _status;
}
int ssl_destroy_rec_decoder(ssl_rec_decoder **dp) {
ssl_rec_decoder *d;
if(!dp || !*dp)
return (0);
return 0;
d = *dp;
r_data_destroy(&d->mac_key);
@ -170,7 +170,7 @@ int ssl_destroy_rec_decoder(ssl_rec_decoder **dp) {
#endif
*dp = 0;
return (0);
return 0;
}
#define MSB(a) ((a >> 8) & 0xff)
@ -180,6 +180,7 @@ int tls13_update_rec_key(ssl_rec_decoder *d, UCHAR *newkey, UCHAR *newiv) {
d->write_key->data = newkey;
d->implicit_iv->data = newiv;
d->seq = 0;
return 0;
}
int tls13_decode_rec_data(ssl_obj *ssl,
@ -190,8 +191,8 @@ int tls13_decode_rec_data(ssl_obj *ssl,
int inl,
UCHAR *out,
int *outl) {
int pad, i;
int r, encpadl, x, _status = 0;
int i;
int x, _status = 0;
UCHAR aad[5], aead_nonce[12], *tag;
int taglen = d->cs->enc == ENC_AES128_CCM_8 ? 8 : 16;
CRDUMP("CipherText", in, inl);
@ -386,7 +387,7 @@ int ssl_decode_rec_data(ssl_obj *ssl,
}
}
#endif
return (0);
return 0;
}
#ifdef OPENSSL
@ -400,7 +401,7 @@ static int fmt_seq(UINT4 num, UCHAR *buf) {
netnum = htonl(num);
memcpy(buf + 4, &netnum, 4);
return (0);
return 0;
}
static int tls_check_mac(ssl_rec_decoder *d,
@ -447,7 +448,7 @@ static int tls_check_mac(ssl_rec_decoder *d,
ERETURN(SSL_BAD_MAC);
HMAC_CTX_free(hm);
return (0);
return 0;
}
int ssl3_check_mac(ssl_rec_decoder *d,
@ -503,7 +504,7 @@ int ssl3_check_mac(ssl_rec_decoder *d,
EVP_MD_CTX_free(mc);
return (0);
return 0;
}
#endif

View file

@ -144,10 +144,10 @@ int ssl_restore_session PROTO_LIST((ssl_obj * ssl, ssl_decoder *d));
/*The password code is not thread safe*/
static int password_cb(char *buf, int num, int rwflag, void *userdata) {
if(num < strlen(ssl_password) + 1)
return (0);
return 0;
strcpy(buf, ssl_password);
return (strlen(ssl_password));
return strlen(ssl_password);
}
int ssl_decode_ctx_create(ssl_decode_ctx **dp,
@ -201,9 +201,9 @@ int ssl_decode_ctx_create(ssl_decode_ctx **dp,
*dp = d;
_status = 0;
abort:
return (_status);
return _status;
#else
return (0);
return 0;
#endif
}
@ -216,14 +216,13 @@ int ssl_decode_ctx_destroy(ssl_decode_ctx **dp) {
fclose(d->ssl_key_log_file);
}
r_assoc *x = d->session_cache;
r_assoc_destroy(&d->session_cache);
SSL_CTX_free(d->ssl_ctx);
SSL_free(d->ssl);
free(d);
#endif
return (0);
return 0;
}
int ssl_decoder_create(ssl_decoder **dp, ssl_decode_ctx *ctx) {
@ -241,7 +240,7 @@ int ssl_decoder_create(ssl_decoder **dp, ssl_decode_ctx *ctx) {
abort:
if(_status)
ssl_decoder_destroy(&d);
return (_status);
return _status;
#else
return 0;
#endif
@ -252,7 +251,7 @@ int ssl_decoder_destroy(ssl_decoder **dp) {
ssl_decoder *d;
if(!dp || !*dp)
return (0);
return 0;
d = *dp;
r_data_destroy(&d->client_random);
r_data_destroy(&d->server_random);
@ -268,7 +267,7 @@ int ssl_decoder_destroy(ssl_decoder **dp) {
free(d);
*dp = 0;
#endif
return (0);
return 0;
}
int ssl_set_client_random(ssl_decoder *d, UCHAR *msg, int len) {
@ -279,7 +278,7 @@ int ssl_set_client_random(ssl_decoder *d, UCHAR *msg, int len) {
if((r = r_data_create(&d->client_random, msg, len)))
ERETURN(r);
#endif
return (0);
return 0;
}
int ssl_set_server_random(ssl_decoder *d, UCHAR *msg, int len) {
@ -290,7 +289,7 @@ int ssl_set_server_random(ssl_decoder *d, UCHAR *msg, int len) {
if((r = r_data_create(&d->server_random, msg, len)))
ERETURN(r);
#endif
return (0);
return 0;
}
int ssl_set_client_session_id(ssl_decoder *d, UCHAR *msg, int len) {
@ -303,7 +302,7 @@ int ssl_set_client_session_id(ssl_decoder *d, UCHAR *msg, int len) {
ERETURN(r);
}
#endif
return (0);
return 0;
}
int ssl_process_server_session_id(ssl_obj *ssl,
@ -344,9 +343,9 @@ abort:
r_data_destroy(&d->session_id);
r_data_create(&d->session_id, msg, len);
}
return (_status);
return _status;
#else
return (0);
return 0;
#endif
}
@ -377,9 +376,9 @@ int ssl_process_client_session_id(ssl_obj *ssl,
} else {
_status = -1;
}
return (_status);
return _status;
#else
return (0);
return 0;
#endif
}
@ -394,6 +393,7 @@ int ssl_process_handshake_finished(ssl_obj *ssl, ssl_decoder *dec, Data *data) {
dec->s_to_c_n = 0;
}
}
return 0;
}
int ssl_process_change_cipher_spec(ssl_obj *ssl,
@ -414,7 +414,7 @@ int ssl_process_change_cipher_spec(ssl_obj *ssl,
}
}
#endif
return (0);
return 0;
}
int ssl_decode_record(ssl_obj *ssl,
ssl_decoder *dec,
@ -441,10 +441,10 @@ int ssl_decode_record(ssl_obj *ssl,
} else if(!rd) {
if(state & SSL_ST_SENT_CHANGE_CIPHER_SPEC) {
ssl->record_encryption = REC_CIPHERTEXT;
return (SSL_NO_DECRYPT);
return SSL_NO_DECRYPT;
} else {
ssl->record_encryption = REC_PLAINTEXT;
return (0);
return 0;
}
}
@ -471,9 +471,9 @@ int ssl_decode_record(ssl_obj *ssl,
_status = 0;
abort:
FREE(out);
return (_status);
return _status;
#else
return (0);
return 0;
#endif
}
@ -499,7 +499,7 @@ int ssl_update_handshake_messages(ssl_obj *ssl, Data *data) {
ssl->decoder->handshake_messages = hms;
}
#endif
return (0);
return 0;
}
static int ssl_create_session_lookup_key(ssl_obj *ssl,
@ -526,7 +526,7 @@ static int ssl_create_session_lookup_key(ssl_obj *ssl,
_status = 0;
abort:
return (_status);
return _status;
}
/* Look up the session id in the session cache and generate
@ -565,9 +565,9 @@ int ssl_restore_session(ssl_obj *ssl, ssl_decoder *d) {
_status = 0;
abort:
FREE(lookup_key);
return (_status);
return _status;
#else
return (0);
return 0;
#endif
}
@ -598,9 +598,9 @@ abort:
r_data_zfree(msd);
}
FREE(lookup_key);
return (_status);
return _status;
#else
return (0);
return 0;
#endif
}
@ -623,17 +623,17 @@ int ssl_process_client_key_exchange(ssl_obj *ssl,
if(!d->ctx->ssl_key_log_file || ssl_read_key_log_file(ssl, d) || !d->MS) {
if(ssl->cs->kex != KEX_RSA)
return (-1);
return -1;
if(d->ephemeral_rsa)
return (-1);
return -1;
pk = SSL_get_privatekey(d->ctx->ssl);
if(!pk)
return (-1);
return -1;
if(EVP_PKEY_id(pk) != EVP_PKEY_RSA)
return (-1);
return -1;
RSA_get0_key(EVP_PKEY_get0_RSA(pk), &n, NULL, NULL);
if((r = r_data_alloc(&d->PMS, BN_num_bytes(n))))
@ -668,7 +668,7 @@ int ssl_process_client_key_exchange(ssl_obj *ssl,
_status = 0;
abort:
return (_status);
return _status;
#else
return 0;
#endif
@ -714,7 +714,7 @@ static int tls_P_hash(ssl_obj *ssl,
HMAC_CTX_free(hm);
CRDUMPD("P_hash out", out);
return (0);
return 0;
}
static int tls_prf(ssl_obj *ssl,
@ -770,7 +770,7 @@ abort:
r_data_destroy(&seed);
r_data_destroy(&S1);
r_data_destroy(&S2);
return (_status);
return _status;
}
static int tls12_prf(ssl_obj *ssl,
@ -819,7 +819,7 @@ static int tls12_prf(ssl_obj *ssl,
abort:
r_data_destroy(&sha_out);
r_data_destroy(&seed);
return (_status);
return _status;
}
static int ssl3_generate_export_iv(ssl_obj *ssl,
@ -836,7 +836,7 @@ static int ssl3_generate_export_iv(ssl_obj *ssl,
memcpy(out->data, tmp, out->len);
return (0);
return 0;
}
static int ssl3_prf(ssl_obj *ssl,
@ -907,7 +907,7 @@ static int ssl3_prf(ssl_obj *ssl,
MD5_Init(&md5);
}
return (0);
return 0;
}
static int ssl_generate_keying_material(ssl_obj *ssl, ssl_decoder *d) {
@ -1071,7 +1071,7 @@ abort:
r_data_zfree(key_block);
free(key_block);
}
return (_status);
return _status;
}
static int hkdf_expand_label(ssl_obj *ssl,
@ -1081,7 +1081,7 @@ static int hkdf_expand_label(ssl_obj *ssl,
Data *context,
uint16_t length,
UCHAR **out) {
int r;
int r = -1;
size_t outlen = length;
EVP_PKEY_CTX *pctx;
@ -1173,7 +1173,6 @@ int ssl_tls13_update_keying_material(ssl_obj *ssl,
int ssl_tls13_generate_keying_material(ssl_obj *ssl, ssl_decoder *d) {
int r, _status;
Data out;
UCHAR *s_wk_h, *s_iv_h, *c_wk_h, *c_iv_h, *s_wk, *s_iv, *c_wk, *c_iv;
if(!(d->ctx->ssl_key_log_file && ssl_read_key_log_file(ssl, d) == 0 &&
d->SHTS && d->CHTS && d->STS && d->CTS)) {
@ -1183,38 +1182,38 @@ int ssl_tls13_generate_keying_material(ssl_obj *ssl, ssl_decoder *d) {
if(hkdf_expand_label(ssl, d, d->SHTS, "key", NULL, ssl->cs->eff_bits / 8,
&s_wk_h)) {
fprintf(stderr, "s_wk_h hkdf_expand_label failed\n");
goto abort;
ABORT(-1);
}
if(hkdf_expand_label(ssl, d, d->SHTS, "iv", NULL, 12, &s_iv_h)) {
fprintf(stderr, "s_iv_h hkdf_expand_label failed\n");
goto abort;
ABORT(-1);
}
if(hkdf_expand_label(ssl, d, d->CHTS, "key", NULL, ssl->cs->eff_bits / 8,
&c_wk_h)) {
fprintf(stderr, "c_wk_h hkdf_expand_label failed\n");
goto abort;
ABORT(-1);
}
if(hkdf_expand_label(ssl, d, d->CHTS, "iv", NULL, 12, &c_iv_h)) {
fprintf(stderr, "c_iv_h hkdf_expand_label failed\n");
goto abort;
ABORT(-1);
}
if(hkdf_expand_label(ssl, d, d->STS, "key", NULL, ssl->cs->eff_bits / 8,
&s_wk)) {
fprintf(stderr, "s_wk hkdf_expand_label failed\n");
goto abort;
ABORT(-1);
}
if(hkdf_expand_label(ssl, d, d->STS, "iv", NULL, 12, &s_iv)) {
fprintf(stderr, "s_iv hkdf_expand_label failed\n");
goto abort;
ABORT(-1);
}
if(hkdf_expand_label(ssl, d, d->CTS, "key", NULL, ssl->cs->eff_bits / 8,
&c_wk)) {
fprintf(stderr, "c_wk hkdf_expand_label failed\n");
goto abort;
ABORT(-1);
}
if(hkdf_expand_label(ssl, d, d->CTS, "iv", NULL, 12, &c_iv)) {
fprintf(stderr, "c_iv hkdf_expand_label failed\n");
goto abort;
ABORT(-1);
}
CRDUMP("Server Handshake Write key", s_wk_h, ssl->cs->eff_bits / 8);
CRDUMP("Server Handshake IV", s_iv_h, 12);
@ -1235,7 +1234,7 @@ int ssl_tls13_generate_keying_material(ssl_obj *ssl, ssl_decoder *d) {
ABORT(r);
return 0;
abort:
return r;
return _status;
}
static int ssl_generate_session_hash(ssl_obj *ssl, ssl_decoder *d) {
@ -1286,7 +1285,7 @@ static int ssl_generate_session_hash(ssl_obj *ssl, ssl_decoder *d) {
_status = 0;
abort:
return (_status);
return _status;
}
static int read_hex_string(char *str, UCHAR *buf, int n) {
@ -1300,8 +1299,8 @@ static int read_hex_string(char *str, UCHAR *buf, int n) {
return 0;
}
static int ssl_read_key_log_file(ssl_obj *ssl, ssl_decoder *d) {
int r, _status, n, i;
unsigned int t;
int r = -1;
int _status, n, i;
size_t l = 0;
char *line, *d_client_random, *label, *client_random, *secret;
if(ssl->version == TLSV13_VERSION &&
@ -1365,6 +1364,6 @@ static int ssl_read_key_log_file(ssl_obj *ssl, ssl_decoder *d) {
abort:
if(d->ctx->ssl_key_log_file != NULL)
fseek(d->ctx->ssl_key_log_file, 0, SEEK_SET);
return (_status);
return _status;
}
#endif

View file

@ -62,14 +62,14 @@ extern decoder HandshakeType_decoder[];
int process_beginning_plaintext(ssl_obj *ssl, segment *seg, int direction) {
Data d;
if(seg->len == 0)
return (SSL_NO_DATA);
return SSL_NO_DATA;
d.data = seg->data;
d.len = seg->len;
/* this looks like SSL data. Ignore it*/
if(d.data[0] == 0x16)
return (SSL_BAD_CONTENT_TYPE);
return SSL_BAD_CONTENT_TYPE;
if(logger)
logger->vtbl->data(ssl->logger_obj, d.data, d.len, direction);
@ -83,7 +83,7 @@ int process_beginning_plaintext(ssl_obj *ssl, segment *seg, int direction) {
LF;
}
return (0);
return 0;
}
int process_v2_hello(ssl_obj *ssl, segment *seg) {
@ -200,7 +200,7 @@ abort:
ssl->cur_json_st = NULL;
}
return (_status);
return _status;
}
int ssl_decode_switch(ssl_obj *ssl,
@ -219,7 +219,7 @@ int ssl_decode_switch(ssl_obj *ssl,
INDENT_POP;
}
INDENT_POP;
return (0);
return 0;
}
dtable++;
}
@ -253,7 +253,7 @@ int ssl_expand_record(ssl_obj *ssl,
if(d.len != length) {
explain(ssl, " Short record: %u bytes available (expecting: %u)\n", length,
d.len);
return (0);
return 0;
}
version = ssl->version ? ssl->version : (vermaj * 256 + vermin);
@ -267,7 +267,7 @@ int ssl_expand_record(ssl_obj *ssl,
r = ssl_decode_record(ssl, ssl->decoder, direction, ct, version, &d);
if(r == SSL_BAD_MAC) {
explain(ssl, " bad MAC\n");
return (0);
return 0;
}
if(r) {
@ -305,7 +305,7 @@ int ssl_expand_record(ssl_obj *ssl,
}
}
return (0);
return 0;
}
int ssl_decode_uintX(ssl_obj *ssl,
@ -334,7 +334,7 @@ int ssl_decode_uintX(ssl_obj *ssl,
P_(p) { explain(ssl, "%s = %d\n", name, *x); }
*x = v;
return (0);
return 0;
}
int ssl_decode_opaque_array(ssl_obj *ssl,
@ -373,19 +373,19 @@ int ssl_decode_opaque_array(ssl_obj *ssl,
P_(p) { exdump(ssl, name, x); }
return (0);
return 0;
}
int ssl_lookup_enum(ssl_obj *ssl, decoder *dtable, UINT4 val, char **ptr) {
while(dtable && dtable->type != -1) {
if(dtable->type == val) {
*ptr = dtable->name;
return (0);
return 0;
}
dtable++;
}
return (R_NOT_FOUND);
return R_NOT_FOUND;
}
int ssl_decode_enum(ssl_obj *ssl,
@ -410,7 +410,7 @@ int ssl_decode_enum(ssl_obj *ssl,
ERETURN(r);
}
return (0);
return 0;
}
int ssl_print_enum(ssl_obj *ssl, char *name, decoder *dtable, UINT4 value) {
@ -423,23 +423,23 @@ int ssl_print_enum(ssl_obj *ssl, char *name, decoder *dtable, UINT4 value) {
INDENT_INCR;
explain(ssl, "%s", dtable->name);
INDENT_POP;
return (0);
return 0;
}
dtable++;
}
LF;
return (R_NOT_FOUND);
return R_NOT_FOUND;
}
int ssl_get_enum_str(ssl_obj *ssl, char *outstr, decoder *dtable, UINT4 value) {
while(dtable && dtable->type != -1) {
if(dtable->type == value) {
strncpy(outstr, dtable->name, 20);
return (0);
return 0;
}
dtable++;
}
return (R_NOT_FOUND);
return R_NOT_FOUND;
}
int explain(ssl_obj *ssl, char *format, ...) {
@ -458,7 +458,7 @@ int explain(ssl_obj *ssl, char *format, ...) {
vprintf(format, ap);
va_end(ap);
}
return (0);
return 0;
}
int exdump(ssl_obj *ssl, char *name, Data *data) {
@ -484,7 +484,7 @@ int exdump(ssl_obj *ssl, char *name, Data *data) {
INDENT_POP;
LF;
}
return (0);
return 0;
}
int exstr(ssl_obj *ssl, char *outstr, Data *data) {
@ -500,7 +500,7 @@ int exstr(ssl_obj *ssl, char *outstr, Data *data) {
}
}
return (0);
return 0;
}
int combodump(ssl_obj *ssl, char *name, Data *data) {
@ -552,7 +552,7 @@ int combodump(ssl_obj *ssl, char *name, Data *data) {
P_(P_NR) { printf("\\fR"); }
if(name)
INDENT_POP;
return (0);
return 0;
}
int print_data(ssl_obj *ssl, Data *d) {
@ -607,7 +607,7 @@ int print_data(ssl_obj *ssl, Data *d) {
}
}
return (0);
return 0;
}
int ssl_print_direction_indicator(ssl_obj *ssl, int dir) {
struct json_object *jobj;
@ -659,7 +659,7 @@ int ssl_print_direction_indicator(ssl_obj *ssl, int dir) {
}
#endif
return (0);
return 0;
}
int ssl_print_timestamp(ssl_obj *ssl, struct timeval *ts) {
@ -697,7 +697,7 @@ int ssl_print_timestamp(ssl_obj *ssl, struct timeval *ts) {
memcpy(&ssl->time_last, ts, sizeof(struct timeval));
return (0);
return 0;
}
int ssl_print_record_num(ssl_obj *ssl) {
@ -719,7 +719,7 @@ int ssl_print_record_num(ssl_obj *ssl) {
json_object_object_add(jobj, "record_count",
json_object_new_int(ssl->record_count));
return (0);
return 0;
}
int ssl_print_cipher_suite(ssl_obj *ssl, int version, int p, UINT4 val) {
@ -730,7 +730,7 @@ int ssl_print_cipher_suite(ssl_obj *ssl, int version, int p, UINT4 val) {
P_(p) {
if((r = ssl_lookup_enum(ssl, cipher_suite_decoder, val, &str))) {
explain(ssl, "Unknown value 0x%x", val);
return (0);
return 0;
}
/* Now the tricky bit. If the cipher suite begins with TLS_
@ -741,5 +741,5 @@ int ssl_print_cipher_suite(ssl_obj *ssl, int version, int p, UINT4 val) {
explain(ssl, "%s", str);
}
}
return (0);
return 0;
}

View file

@ -183,7 +183,7 @@ abort:
#endif
if(_status && cert_obj)
json_object_put(cert_obj);
return (_status);
return _status;
}
int sslx_print_dn(ssl_obj *ssl, Data *data, int pf) {
@ -214,7 +214,7 @@ abort :
#ifdef OPENSSL
if(n) X509_NAME_free(n);
#endif
return (_status);
return _status;
}
static int sslx__print_dn(ssl_obj *ssl, char *x) {
@ -233,7 +233,7 @@ static int sslx__print_dn(ssl_obj *ssl, char *x) {
x = slash ? slash + 1 : 0;
};
return (0);
return 0;
}
#ifdef OPENSSL
@ -246,6 +246,6 @@ static int sslx__print_serial(ssl_obj *ssl, ASN1_INTEGER *a) {
INIT_DATA(d, a->data, a->length);
exdump(ssl, 0, &d);
return (0);
return 0;
}
#endif