Merge pull request #37 from wllm-rbnt/fixes

Fixes
2024-11-22 01:17:04 +00:00 · 2020-10-04 20:45:37 +02:00 · 2020-10-04 20:45:37 +02:00 · c7c4d18efa
commit c7c4d18efa
parent 84585e318f 5b86d1abf3
27 changed files with 98 additions and 121 deletions
--- a/88
+++ b/88
@ -1,88 +0,0 @@
-
-# Old original README file from SSLDUMP 0.9b3 and probably outdated
-
-$Id: README,v 1.9 2002/08/17 01:33:15 ekr Exp $
-
-SSLDUMP 0.9b3
-
-ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP
-connections on the chosen network interface and attempts to interpret
-them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it
-decodes the records and displays them in a textual form to stdout. If
-provided with the appropriate keying material, it will also decrypt
-the connections and display the application data traffic.
-
-ssldump depends on the libpcap packet capture library. Some systems
-(e.g. FreeBSD) now have libpcap as part of their standard install. On
-other systems, you will need to install it.  You can obtain the
-distribution from:
-	http://www.tcpdump.org/
-
-If linked with OpenSSL, ssldump can display certificates in decoded
-form and decrypt traffic (provided that it has the appropriate keying
-material). Again, OpenSSL may be installed on your system. Otherwise
-you can obtain it from:
-	http://www.openssl.org/
-
-See the file INSTALL for instructions on building and installing
-ssldump.
-
-STABILITY
-This is a beta release of ssldump. The UNIX portions have received
-extensive testing and are believed to be quite solid. The Windows
-port is substantially less stable. 
-
-CHANGES SINCE 0.9b2
-	Security fix: some potential over and underflows
-	Added support for VLANs.
-	Added -P flag to disable promiscuous mode.
-	Fixed bugs in the TCP reassembly code.
-	A lot of bug fixes.
-
-See the ChangeLog for a more complete list of changes.
-
-MAILING LIST
-For support questions and general discussion on ssldump, please
-subscribe to the ssldump-users mailing list. Subscription is by
-majordomo. To subscribe, send a message with no subject and a body
-consisting of the single line:
-
-subscribe ssldump-users
-
-to majordomo@rtfm.com. Note, you cannot send messages to the list
-unless you are subscribed.
-
-BUG REPORTS
-Please send bug reports either to the ssldump-users mailing list
-or to ssldump@rtfm.com.
-
-INTEROPERABILITY NOTE
-Previous versions of ssldump automatically looked for the keyfile
-in 'server.pem' and used the password 'password'. This version
-removes those defaults. For decryption to work you MUST specify
-the keyfile (and password if the keyfile is encrypted.)
-
-NEW VERSIONS
-Newer versions of ssldump can be found at:
-	http://www.rtfm.com/ssldump/
-
-
-SSL REFERENCES
-The SSLv3 specification can be found at:
-	http://home.netscape.com/eng/ssl3/draft302.txt
-
-The TLS specification is in RFC 2246 and can be found at:
-	http://www.ietf.org/rfc/rfc2246.txt
-
-SHAMELESS PLUG
-Extremely detailed coverage of SSL/TLS can be found in 
-
-	_SSL_and_TLS:_Designing_and_Building_Secure_Systems_
-	Eric Rescorla
-	Addison-Wesley, 2001
-	ISBN 0-201-61598-3
-
-_SSL_and_TLS_ makes extensive use of ssldump to demonstrate real-life
-SSL behavior. If you like ssldump and want to learn about SSL, you
-might consider buying my book.
-
--- a/1
+++ b/1
@ -0,0 +1 @@
+README.md
--- a/README.md
+++ b/README.md
@ -1,8 +1,12 @@
 # ssldump - (de-facto repository gathering patches around the cyberspace)

-![C/C++ CI](https://github.com/adulau/ssldump/workflows/C/C++%20CI/badge.svg)
+![Clang CI](https://github.com/adulau/ssldump/workflows/Clang%20CI/badge.svg)
+![GCC CI](https://github.com/adulau/ssldump/workflows/GCC%20CI/badge.svg)
+
+# Release and tagging

 - Current version of ssldump is v1.2 (released: 2020-09-22) - [ChangeLog](https://raw.githubusercontent.com/adulau/ssldump/master/ChangeLog)
+- Previous version of ssldump is v1.1 (released: 2019-12-28) - [ChangeLog](https://raw.githubusercontent.com/adulau/ssldump/master/ChangeLog)

 # What about the original ssldump?

@ -28,10 +32,6 @@ other too (but this is just a collateral damage).
 I used it for a relatively small project called Passive SSL. For more information, [Passive SSL Passive Detection and Reconnaissance Techniques, to Find, Track, and Attribute Vulnerable ”Devices”](https://www.first.org/resources/papers/conf2015/first_2015_-_leverett_-_dulaunoy_-_passive_detection_20150604.pdf).
 Additional back-end code available is in the [crl-monitor ](https://github.com/adulau/crl-monitor/tree/master/bin/x509) repository.

-# Release and tagging
-
- Current version of ssldump is v1.1 (released: 2019-12-28) - [ChangeLog](https://raw.githubusercontent.com/adulau/ssldump/master/ChangeLog)
-
 # Build instructions

 On Debian & Ubuntu:
--- a/README.old
+++ b/README.old
@ -0,0 +1,88 @@
+
+# Old original README file from SSLDUMP 0.9b3 and probably outdated
+
+$Id: README,v 1.9 2002/08/17 01:33:15 ekr Exp $
+
+SSLDUMP 0.9b3
+
+ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP
+connections on the chosen network interface and attempts to interpret
+them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it
+decodes the records and displays them in a textual form to stdout. If
+provided with the appropriate keying material, it will also decrypt
+the connections and display the application data traffic.
+
+ssldump depends on the libpcap packet capture library. Some systems
+(e.g. FreeBSD) now have libpcap as part of their standard install. On
+other systems, you will need to install it.  You can obtain the
+distribution from:
+	http://www.tcpdump.org/
+
+If linked with OpenSSL, ssldump can display certificates in decoded
+form and decrypt traffic (provided that it has the appropriate keying
+material). Again, OpenSSL may be installed on your system. Otherwise
+you can obtain it from:
+	http://www.openssl.org/
+
+See the file INSTALL for instructions on building and installing
+ssldump.
+
+STABILITY
+This is a beta release of ssldump. The UNIX portions have received
+extensive testing and are believed to be quite solid. The Windows
+port is substantially less stable. 
+
+CHANGES SINCE 0.9b2
+	Security fix: some potential over and underflows
+	Added support for VLANs.
+	Added -P flag to disable promiscuous mode.
+	Fixed bugs in the TCP reassembly code.
+	A lot of bug fixes.
+
+See the ChangeLog for a more complete list of changes.
+
+MAILING LIST
+For support questions and general discussion on ssldump, please
+subscribe to the ssldump-users mailing list. Subscription is by
+majordomo. To subscribe, send a message with no subject and a body
+consisting of the single line:
+
+subscribe ssldump-users
+
+to majordomo@rtfm.com. Note, you cannot send messages to the list
+unless you are subscribed.
+
+BUG REPORTS
+Please send bug reports either to the ssldump-users mailing list
+or to ssldump@rtfm.com.
+
+INTEROPERABILITY NOTE
+Previous versions of ssldump automatically looked for the keyfile
+in 'server.pem' and used the password 'password'. This version
+removes those defaults. For decryption to work you MUST specify
+the keyfile (and password if the keyfile is encrypted.)
+
+NEW VERSIONS
+Newer versions of ssldump can be found at:
+	http://www.rtfm.com/ssldump/
+
+
+SSL REFERENCES
+The SSLv3 specification can be found at:
+	http://home.netscape.com/eng/ssl3/draft302.txt
+
+The TLS specification is in RFC 2246 and can be found at:
+	http://www.ietf.org/rfc/rfc2246.txt
+
+SHAMELESS PLUG
+Extremely detailed coverage of SSL/TLS can be found in 
+
+	_SSL_and_TLS:_Designing_and_Building_Secure_Systems_
+	Eric Rescorla
+	Addison-Wesley, 2001
+	ISBN 0-201-61598-3
+
+_SSL_and_TLS_ makes extensive use of ssldump to demonstrate real-life
+SSL behavior. If you like ssldump and want to learn about SSL, you
+might consider buying my book.
+
--- a/base/network.c
+++ b/base/network.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: network.c,v 1.10 2002/09/09 21:02:58 ekr Exp $";

 #include <sys/types.h>
 #include <r_common.h>
--- a/base/pcap-snoop.c
+++ b/base/pcap-snoop.c
@ -47,7 +47,6 @@
 */


-static char *RCSSTRING="$Id: pcap-snoop.c,v 1.14 2002/09/09 21:02:58 ekr Exp $";


 #include <pcap.h>
--- a/base/print_utils.c
+++ b/base/print_utils.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: print_utils.c,v 1.2 2000/10/17 16:09:58 ekr Exp $";
 int explain(char *format,...)
  {
    va_list ap;
--- a/base/proto_mod.c
+++ b/base/proto_mod.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: proto_mod.c,v 1.3 2001/07/20 23:33:14 ekr Exp $";

 #include "network.h"

--- a/base/tcpconn.c
+++ b/base/tcpconn.c
@ -43,7 +43,6 @@
   ekr@rtfm.com  Tue Dec 29 15:13:03 1998
 */

-static char *RCSSTRING="$Id: tcpconn.c,v 1.7 2002/08/17 01:33:16 ekr Exp $";

 #include "network.h"
 #include "tcpconn.h"
--- a/base/tcppack.c
+++ b/base/tcppack.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: tcppack.c,v 1.11 2002/09/09 21:02:58 ekr Exp $";

 #include "network.h"
 #ifndef _WIN32
--- a/common/lib/debug.c
+++ b/common/lib/debug.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: debug.c,v 1.3 2001/12/24 06:06:26 ekr Exp $";


 #include <stdarg.h>
--- a/common/lib/r_assoc.c
+++ b/common/lib/r_assoc.c
@ -54,7 +54,6 @@
   ekr@rtfm.com  Sun Jan 17 17:57:15 1999
 */

-static char *RCSSTRING="$Id: r_assoc.c,v 1.4 2001/12/24 06:06:26 ekr Exp $";

 #include <r_common.h>
 #include "r_assoc.h"
--- a/common/lib/r_assoc_test.c
+++ b/common/lib/r_assoc_test.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: r_assoc_test.c,v 1.2 2000/10/17 16:10:00 ekr Exp $";

 #include <r_common.h>
 #include <r_assoc.h>
--- a/common/lib/r_bitfield.c
+++ b/common/lib/r_bitfield.c
@ -8,7 +8,6 @@
 */


-static char *RCSSTRING="$Id: r_bitfield.c,v 1.3 2001/12/24 06:06:26 ekr Exp $";

 #include <r_common.h>
 #include "r_bitfield.h"
--- a/common/lib/r_data.c
+++ b/common/lib/r_data.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: r_data.c,v 1.3 2001/07/20 23:33:15 ekr Exp $";

 #include <r_common.h>
 #include <r_data.h>
--- a/common/lib/r_errors.c
+++ b/common/lib/r_errors.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: r_errors.c,v 1.3 2001/12/24 06:06:27 ekr Exp $";

 #include <stdio.h>
 #include <stdarg.h>
--- a/common/lib/r_list.c
+++ b/common/lib/r_list.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: r_list.c,v 1.4 2001/12/24 06:06:27 ekr Exp $";

 #include <r_common.h>
 #include "r_list.h"
--- a/common/lib/r_replace.c
+++ b/common/lib/r_replace.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: r_replace.c,v 1.2 2000/10/17 16:10:00 ekr Exp $";

 #include  "r_common.h"

--- a/common/lib/r_time.c
+++ b/common/lib/r_time.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: r_time.c,v 1.6 2002/09/09 21:02:58 ekr Exp $";

 #include <r_common.h>
 #include <r_time.h>
--- a/common/lib/threads/pthreads/pthread.c
+++ b/common/lib/threads/pthreads/pthread.c
@ -8,7 +8,6 @@
 */


-static char *RCSSTRING="$Id: pthread.c,v 1.1.1.1 2000/10/09 00:45:39 ekr Exp $";

 #include <r_common.h>
 #include <r_thread.h>
--- a/null/null_analyze.c
+++ b/null/null_analyze.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: null_analyze.c,v 1.6 2001/11/26 22:28:16 ekr Exp $";

 #include <ctype.h>
 #include "network.h"
--- a/ssl/ciphersuites.c
+++ b/ssl/ciphersuites.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: ciphersuites.c,v 1.3 2002/08/17 01:33:17 ekr Exp $";

 #include <r_common.h>

--- a/ssl/main.c
+++ b/ssl/main.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: main.c,v 1.2 2000/10/17 16:10:01 ekr Exp $";

 #include <stdarg.h>
 #include <r_common.h>
--- a/ssl/ssl_analyze.c
+++ b/ssl/ssl_analyze.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: ssl_analyze.c,v 1.8 2002/01/21 18:46:13 ekr Exp $";

 #include "network.h"
 #include "debug.h"
@ -467,7 +466,7 @@ static int data_ssl_analyzer(_obj,seg,direction)
  {
    int _status,r;
    r_queue *q;
-    segment *last,*q_next,*assembled;
+    segment *last,*q_next=NULL,*assembled;
    ssl_obj *ssl=(ssl_obj *)_obj;
    int offset=0;
    
--- a/ssl/ssl_rec.c
+++ b/ssl/ssl_rec.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: ssl_rec.c,v 1.3 2000/11/03 06:38:06 ekr Exp $";

 #include "network.h"
 #include "ssl_h.h"
--- a/ssl/ssldecode.c
+++ b/ssl/ssldecode.c
@ -57,7 +57,6 @@
 #include "ssldecode.h"
 #include "ssl_rec.h"
 #include "r_assoc.h"
-static char *RCSSTRING="$Id: ssldecode.c,v 1.9 2002/08/17 01:33:17 ekr Exp $";

 #define PRF(ssl,secret,usage,rnd1,rnd2,out) (ssl->version==SSLV3_VERSION)? \
        ssl3_prf(ssl,secret,usage,rnd1,rnd2,out): \
@ -490,7 +489,7 @@ static int ssl_create_session_lookup_key(ssl,id,idlen,keyp,keyl)
    *keyl=idlen;
    key+=idlen;
    
-    sprintf(key,"%s:%d",ssl->server_name,ssl->server_port);
+    snprintf((char *)key,l,"%s:%d",ssl->server_name,ssl->server_port);
    *keyl+=strlen(key);

    _status=0;
@ -907,7 +906,7 @@ static int ssl_generate_keying_material(ssl,d)
    UCHAR _key_c[16],_key_s[16];
    int needed;
    int r,_status;
-    UCHAR *ptr,*c_wk,*s_wk,*c_mk,*s_mk,*c_iv,*s_iv;
+    UCHAR *ptr,*c_wk,*s_wk,*c_mk=NULL,*s_mk=NULL,*c_iv=NULL,*s_iv=NULL;

    if(!d->MS){
      if(r=r_data_alloc(&d->MS,48))
--- a/ssl/sslprint.c
+++ b/ssl/sslprint.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: sslprint.c,v 1.8 2002/08/17 01:33:17 ekr Exp $";

 #include <ctype.h>
 #include <stdarg.h>
@ -418,7 +417,7 @@ int ssl_print_enum(ssl,name,dtable,value)
      }
      dtable++;
    }
-
+    printf("\n");
    return(R_NOT_FOUND);
  }

--- a/ssl/sslxprint.c
+++ b/ssl/sslxprint.c
@ -44,7 +44,6 @@
 */


-static char *RCSSTRING="$Id: sslxprint.c,v 1.3 2000/11/03 06:38:06 ekr Exp $";

 #include "network.h"
 #include "ssl_h.h"