mirror of
https://github.com/adulau/ssldump.git
synced 2024-11-24 02:17:05 +00:00
add support to decrypt resumed sessions
This commit is contained in:
parent
761cd5924e
commit
94563cee7e
3 changed files with 45 additions and 1 deletions
|
@ -202,6 +202,9 @@ static int decode_HandshakeType_ClientHello(ssl,dir,seg,data)
|
|||
exdump(ssl,"resume ",&session_id);
|
||||
}
|
||||
|
||||
ssl_process_client_session_id(ssl,ssl->decoder,session_id.data,
|
||||
session_id.len);
|
||||
|
||||
P_(P_HL){
|
||||
SSL_DECODE_UINT16(ssl,"cipher Suites len",0,data,&cslen);
|
||||
explain(ssl,"cipher suites\n");
|
||||
|
|
|
@ -326,6 +326,45 @@ int ssl_process_server_session_id(ssl,d,msg,len)
|
|||
#endif
|
||||
}
|
||||
|
||||
int ssl_process_client_session_id(ssl,d,msg,len)
|
||||
ssl_obj *ssl;
|
||||
ssl_decoder *d;
|
||||
UCHAR *msg;
|
||||
int len;
|
||||
{
|
||||
#ifdef OPENSSL
|
||||
int _status;
|
||||
|
||||
/* First check if the client set session id */
|
||||
//todo: check that session_id in decoder and msg are the same (and if not then take from msg?)
|
||||
if(d->session_id)
|
||||
{
|
||||
/* Remove the master secret */
|
||||
//todo: better save and destroy only when successfully read key log
|
||||
r_data_destroy(&d->MS);
|
||||
|
||||
if(d->ctx->ssl_key_log_file && (ssl_read_key_log_file(d)==0) && d->MS)
|
||||
{
|
||||
//we found master secret for session in keylog
|
||||
//try to save session
|
||||
_status = ssl_save_session(ssl,d);
|
||||
}
|
||||
else
|
||||
{
|
||||
//just return error
|
||||
_status = -1;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
_status = -1;
|
||||
}
|
||||
return(_status);
|
||||
#else
|
||||
return(0);
|
||||
#endif
|
||||
}
|
||||
|
||||
int ssl_process_change_cipher_spec(ssl,d,direction)
|
||||
ssl_obj *ssl;
|
||||
ssl_decoder *d;
|
||||
|
|
|
@ -62,6 +62,8 @@ int ssl_set_client_session_id PROTO_LIST((ssl_decoder *dp,
|
|||
UCHAR *msg,int len));
|
||||
int ssl_process_server_session_id PROTO_LIST((ssl_obj *obj,ssl_decoder *dp,
|
||||
UCHAR *msg,int len));
|
||||
int ssl_process_client_session_id PROTO_LIST((ssl_obj *obj,ssl_decoder *dp,
|
||||
UCHAR *msg,int len));
|
||||
int ssl_process_client_key_exchange PROTO_LIST((struct ssl_obj_ *,
|
||||
ssl_decoder *d,UCHAR *msg,int len));
|
||||
int ssl_process_change_cipher_spec PROTO_LIST((ssl_obj *ssl,
|
||||
|
|
Loading…
Reference in a new issue