From e44c8bc4e23c3a4e655877c95aa81ec29612014a Mon Sep 17 00:00:00 2001 From: William Robinet Date: Sat, 3 Oct 2020 10:20:35 +0200 Subject: [PATCH 1/5] Add line return after "certificate_types" in output, see the problem in https://github.com/adulau/ssldump/issues/36#issuecomment-702586335 --- ssl/sslprint.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/sslprint.c b/ssl/sslprint.c index badb60c..3a9f058 100644 --- a/ssl/sslprint.c +++ b/ssl/sslprint.c @@ -418,7 +418,7 @@ int ssl_print_enum(ssl,name,dtable,value) } dtable++; } - + printf("\n"); return(R_NOT_FOUND); } From 78aec50f9f790485e943451e161749dabf252cc1 Mon Sep 17 00:00:00 2001 From: William Robinet Date: Sat, 3 Oct 2020 10:32:19 +0200 Subject: [PATCH 2/5] Reorganize README files --- README.md | 10 +++++----- README => README.old | 0 2 files changed, 5 insertions(+), 5 deletions(-) rename README => README.old (100%) diff --git a/README.md b/README.md index 5c27e60..86f9a5a 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,12 @@ # ssldump - (de-facto repository gathering patches around the cyberspace) -![C/C++ CI](https://github.com/adulau/ssldump/workflows/C/C++%20CI/badge.svg) +![Clang CI](https://github.com/adulau/ssldump/workflows/Clang%20CI/badge.svg) +![GCC CI](https://github.com/adulau/ssldump/workflows/GCC%20CI/badge.svg) + +# Release and tagging - Current version of ssldump is v1.2 (released: 2020-09-22) - [ChangeLog](https://raw.githubusercontent.com/adulau/ssldump/master/ChangeLog) +- Previous version of ssldump is v1.1 (released: 2019-12-28) - [ChangeLog](https://raw.githubusercontent.com/adulau/ssldump/master/ChangeLog) # What about the original ssldump? @@ -28,10 +32,6 @@ other too (but this is just a collateral damage). I used it for a relatively small project called Passive SSL. For more information, [Passive SSL Passive Detection and Reconnaissance Techniques, to Find, Track, and Attribute Vulnerable ”Devices”](https://www.first.org/resources/papers/conf2015/first_2015_-_leverett_-_dulaunoy_-_passive_detection_20150604.pdf). Additional back-end code available is in the [crl-monitor ](https://github.com/adulau/crl-monitor/tree/master/bin/x509) repository. -# Release and tagging - -- Current version of ssldump is v1.1 (released: 2019-12-28) - [ChangeLog](https://raw.githubusercontent.com/adulau/ssldump/master/ChangeLog) - # Build instructions On Debian & Ubuntu: diff --git a/README b/README.old similarity index 100% rename from README rename to README.old From c651800ab1c3a3b8f9f96a257a8d87e881dd99b2 Mon Sep 17 00:00:00 2001 From: William Robinet Date: Sun, 30 Aug 2020 19:23:29 +0200 Subject: [PATCH 3/5] Remove unused RCSSTRING variable globally --- base/network.c | 1 - base/pcap-snoop.c | 1 - base/print_utils.c | 1 - base/proto_mod.c | 1 - base/tcpconn.c | 1 - base/tcppack.c | 1 - common/lib/debug.c | 1 - common/lib/r_assoc.c | 1 - common/lib/r_assoc_test.c | 1 - common/lib/r_bitfield.c | 1 - common/lib/r_data.c | 1 - common/lib/r_errors.c | 1 - common/lib/r_list.c | 1 - common/lib/r_replace.c | 1 - common/lib/r_time.c | 1 - common/lib/threads/pthreads/pthread.c | 1 - null/null_analyze.c | 1 - ssl/ciphersuites.c | 1 - ssl/main.c | 1 - ssl/ssl_analyze.c | 1 - ssl/ssl_rec.c | 1 - ssl/ssldecode.c | 1 - ssl/sslprint.c | 1 - ssl/sslxprint.c | 1 - 24 files changed, 24 deletions(-) diff --git a/base/network.c b/base/network.c index be52116..63e6205 100644 --- a/base/network.c +++ b/base/network.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: network.c,v 1.10 2002/09/09 21:02:58 ekr Exp $"; #include #include diff --git a/base/pcap-snoop.c b/base/pcap-snoop.c index bab93fb..fe60c39 100644 --- a/base/pcap-snoop.c +++ b/base/pcap-snoop.c @@ -47,7 +47,6 @@ */ -static char *RCSSTRING="$Id: pcap-snoop.c,v 1.14 2002/09/09 21:02:58 ekr Exp $"; #include diff --git a/base/print_utils.c b/base/print_utils.c index 961c3fd..2bb8898 100644 --- a/base/print_utils.c +++ b/base/print_utils.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: print_utils.c,v 1.2 2000/10/17 16:09:58 ekr Exp $"; int explain(char *format,...) { va_list ap; diff --git a/base/proto_mod.c b/base/proto_mod.c index 19f4b31..6153768 100644 --- a/base/proto_mod.c +++ b/base/proto_mod.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: proto_mod.c,v 1.3 2001/07/20 23:33:14 ekr Exp $"; #include "network.h" diff --git a/base/tcpconn.c b/base/tcpconn.c index 64535b7..04755cf 100644 --- a/base/tcpconn.c +++ b/base/tcpconn.c @@ -43,7 +43,6 @@ ekr@rtfm.com Tue Dec 29 15:13:03 1998 */ -static char *RCSSTRING="$Id: tcpconn.c,v 1.7 2002/08/17 01:33:16 ekr Exp $"; #include "network.h" #include "tcpconn.h" diff --git a/base/tcppack.c b/base/tcppack.c index fcdc360..d053798 100644 --- a/base/tcppack.c +++ b/base/tcppack.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: tcppack.c,v 1.11 2002/09/09 21:02:58 ekr Exp $"; #include "network.h" #ifndef _WIN32 diff --git a/common/lib/debug.c b/common/lib/debug.c index fe19530..17afdbf 100644 --- a/common/lib/debug.c +++ b/common/lib/debug.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: debug.c,v 1.3 2001/12/24 06:06:26 ekr Exp $"; #include diff --git a/common/lib/r_assoc.c b/common/lib/r_assoc.c index 2fee9af..0154c64 100644 --- a/common/lib/r_assoc.c +++ b/common/lib/r_assoc.c @@ -54,7 +54,6 @@ ekr@rtfm.com Sun Jan 17 17:57:15 1999 */ -static char *RCSSTRING="$Id: r_assoc.c,v 1.4 2001/12/24 06:06:26 ekr Exp $"; #include #include "r_assoc.h" diff --git a/common/lib/r_assoc_test.c b/common/lib/r_assoc_test.c index f1847f1..03ef065 100644 --- a/common/lib/r_assoc_test.c +++ b/common/lib/r_assoc_test.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: r_assoc_test.c,v 1.2 2000/10/17 16:10:00 ekr Exp $"; #include #include diff --git a/common/lib/r_bitfield.c b/common/lib/r_bitfield.c index 5ca2839..abd4ca5 100644 --- a/common/lib/r_bitfield.c +++ b/common/lib/r_bitfield.c @@ -8,7 +8,6 @@ */ -static char *RCSSTRING="$Id: r_bitfield.c,v 1.3 2001/12/24 06:06:26 ekr Exp $"; #include #include "r_bitfield.h" diff --git a/common/lib/r_data.c b/common/lib/r_data.c index d3e136e..c3ca644 100644 --- a/common/lib/r_data.c +++ b/common/lib/r_data.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: r_data.c,v 1.3 2001/07/20 23:33:15 ekr Exp $"; #include #include diff --git a/common/lib/r_errors.c b/common/lib/r_errors.c index a65f671..8cb9d2f 100644 --- a/common/lib/r_errors.c +++ b/common/lib/r_errors.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: r_errors.c,v 1.3 2001/12/24 06:06:27 ekr Exp $"; #include #include diff --git a/common/lib/r_list.c b/common/lib/r_list.c index f2205df..d2a6711 100644 --- a/common/lib/r_list.c +++ b/common/lib/r_list.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: r_list.c,v 1.4 2001/12/24 06:06:27 ekr Exp $"; #include #include "r_list.h" diff --git a/common/lib/r_replace.c b/common/lib/r_replace.c index ebe4786..fcc5c7f 100644 --- a/common/lib/r_replace.c +++ b/common/lib/r_replace.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: r_replace.c,v 1.2 2000/10/17 16:10:00 ekr Exp $"; #include "r_common.h" diff --git a/common/lib/r_time.c b/common/lib/r_time.c index c6357e8..322dd1d 100644 --- a/common/lib/r_time.c +++ b/common/lib/r_time.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: r_time.c,v 1.6 2002/09/09 21:02:58 ekr Exp $"; #include #include diff --git a/common/lib/threads/pthreads/pthread.c b/common/lib/threads/pthreads/pthread.c index 486bab1..eaeb783 100644 --- a/common/lib/threads/pthreads/pthread.c +++ b/common/lib/threads/pthreads/pthread.c @@ -8,7 +8,6 @@ */ -static char *RCSSTRING="$Id: pthread.c,v 1.1.1.1 2000/10/09 00:45:39 ekr Exp $"; #include #include diff --git a/null/null_analyze.c b/null/null_analyze.c index 8792632..fa84d38 100644 --- a/null/null_analyze.c +++ b/null/null_analyze.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: null_analyze.c,v 1.6 2001/11/26 22:28:16 ekr Exp $"; #include #include "network.h" diff --git a/ssl/ciphersuites.c b/ssl/ciphersuites.c index eb07c73..345a561 100644 --- a/ssl/ciphersuites.c +++ b/ssl/ciphersuites.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: ciphersuites.c,v 1.3 2002/08/17 01:33:17 ekr Exp $"; #include diff --git a/ssl/main.c b/ssl/main.c index 8c36157..2fe9cc9 100644 --- a/ssl/main.c +++ b/ssl/main.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: main.c,v 1.2 2000/10/17 16:10:01 ekr Exp $"; #include #include diff --git a/ssl/ssl_analyze.c b/ssl/ssl_analyze.c index 5a6b7ea..b70d756 100644 --- a/ssl/ssl_analyze.c +++ b/ssl/ssl_analyze.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: ssl_analyze.c,v 1.8 2002/01/21 18:46:13 ekr Exp $"; #include "network.h" #include "debug.h" diff --git a/ssl/ssl_rec.c b/ssl/ssl_rec.c index 91f9a93..d1d40fd 100644 --- a/ssl/ssl_rec.c +++ b/ssl/ssl_rec.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: ssl_rec.c,v 1.3 2000/11/03 06:38:06 ekr Exp $"; #include "network.h" #include "ssl_h.h" diff --git a/ssl/ssldecode.c b/ssl/ssldecode.c index b56775f..eca3d13 100644 --- a/ssl/ssldecode.c +++ b/ssl/ssldecode.c @@ -57,7 +57,6 @@ #include "ssldecode.h" #include "ssl_rec.h" #include "r_assoc.h" -static char *RCSSTRING="$Id: ssldecode.c,v 1.9 2002/08/17 01:33:17 ekr Exp $"; #define PRF(ssl,secret,usage,rnd1,rnd2,out) (ssl->version==SSLV3_VERSION)? \ ssl3_prf(ssl,secret,usage,rnd1,rnd2,out): \ diff --git a/ssl/sslprint.c b/ssl/sslprint.c index 3a9f058..04a7d7a 100644 --- a/ssl/sslprint.c +++ b/ssl/sslprint.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: sslprint.c,v 1.8 2002/08/17 01:33:17 ekr Exp $"; #include #include diff --git a/ssl/sslxprint.c b/ssl/sslxprint.c index 0ba9897..588186f 100644 --- a/ssl/sslxprint.c +++ b/ssl/sslxprint.c @@ -44,7 +44,6 @@ */ -static char *RCSSTRING="$Id: sslxprint.c,v 1.3 2000/11/03 06:38:06 ekr Exp $"; #include "network.h" #include "ssl_h.h" From 749258b45c0b57fe771497f176223f36bee6a1fd Mon Sep 17 00:00:00 2001 From: William Robinet Date: Sat, 3 Oct 2020 12:42:16 +0200 Subject: [PATCH 4/5] Fix for uninitialized variables and possible overflow --- ssl/ssl_analyze.c | 2 +- ssl/ssldecode.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ssl/ssl_analyze.c b/ssl/ssl_analyze.c index b70d756..b8c5b48 100644 --- a/ssl/ssl_analyze.c +++ b/ssl/ssl_analyze.c @@ -466,7 +466,7 @@ static int data_ssl_analyzer(_obj,seg,direction) { int _status,r; r_queue *q; - segment *last,*q_next,*assembled; + segment *last,*q_next=NULL,*assembled; ssl_obj *ssl=(ssl_obj *)_obj; int offset=0; diff --git a/ssl/ssldecode.c b/ssl/ssldecode.c index eca3d13..49b6e1d 100644 --- a/ssl/ssldecode.c +++ b/ssl/ssldecode.c @@ -489,7 +489,7 @@ static int ssl_create_session_lookup_key(ssl,id,idlen,keyp,keyl) *keyl=idlen; key+=idlen; - sprintf(key,"%s:%d",ssl->server_name,ssl->server_port); + snprintf((char *)key,l,"%s:%d",ssl->server_name,ssl->server_port); *keyl+=strlen(key); _status=0; @@ -906,7 +906,7 @@ static int ssl_generate_keying_material(ssl,d) UCHAR _key_c[16],_key_s[16]; int needed; int r,_status; - UCHAR *ptr,*c_wk,*s_wk,*c_mk,*s_mk,*c_iv,*s_iv; + UCHAR *ptr,*c_wk,*s_wk,*c_mk=NULL,*s_mk=NULL,*c_iv=NULL,*s_iv=NULL; if(!d->MS){ if(r=r_data_alloc(&d->MS,48)) From 5b86d1abf3109ff8b27a63cfa07740d42c8f817d Mon Sep 17 00:00:00 2001 From: William Robinet Date: Sat, 3 Oct 2020 13:16:11 +0200 Subject: [PATCH 5/5] Link README to README.md --- README | 1 + 1 file changed, 1 insertion(+) create mode 120000 README diff --git a/README b/README new file mode 120000 index 0000000..42061c0 --- /dev/null +++ b/README @@ -0,0 +1 @@ +README.md \ No newline at end of file