adulau/ssldump
1
0
Fork 0
mirror of https://github.com/adulau/ssldump.git synced 2024-11-21 17:07:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

sldump-0.9-cvs-20060619.patch

Browse source
This commit is contained in:
Alexandre Dulaunoy 2015-01-31 10:16:06 +01:00
parent 81519ca3cf
commit cc6554ebb6
4 changed files with 37 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
base/tcppack.c
View file

@ -95,11 +95,11 @@ int process_tcp_packet(handler,ctx,p)
proper order. This shouldn't be a problem, though,
except for simultaneous connects*/
if((p->tcp->th_flags & (TH_SYN|TH_ACK))!=TH_SYN){
DBG((0,"TCP: rejecting packet from unknown connection\n"));
DBG((0,"TCP: rejecting packet from unknown connection, seq: %u\n",ntohl(p->tcp->th_seq)));
return(0);
}
DBG((0,"SYN1\n"));
DBG((0,"SYN1 seq: %u",ntohl(p->tcp->th_seq)));
if(r=new_connection(handler,ctx,p,&conn))
ABORT(r);
conn->i2r.seq=ntohl(p->tcp->th_seq)+1;
@ -117,14 +117,14 @@ int process_tcp_packet(handler,ctx,p)
conn->r2i.seq=ntohl(p->tcp->th_seq)+1;
conn->r2i.ack=ntohl(p->tcp->th_ack)+1;
conn->state=TCP_STATE_SYN2;
DBG((0,"SYN2\n"));
DBG((0,"SYN2 seq: %u",ntohl(p->tcp->th_seq)));
break;
case TCP_STATE_SYN2:
{
char *sn=0,*dn=0;
if(direction != DIR_I2R)
break;
DBG((0,"ACK\n"));
DBG((0,"ACK seq: %u",ntohl(p->tcp->th_seq)));
conn->i2r.ack=ntohl(p->tcp->th_ack)+1;
lookuphostname(&conn->i_addr,&sn);
lookuphostname(&conn->r_addr,&dn);
@ -228,7 +228,8 @@ static int process_data_segment(conn,handler,p,stream,direction)
l=p->len - p->tcp->th_off * 4;
if(stream->close){
DBG((0,"Rejecting packet received after FIN"));
DBG((0,"Rejecting packet received after FIN: %u:%u(%u)",
ntohl(p->tcp->th_seq),ntohl(p->tcp->th_seq+l),l));
return(0);
}
@ -341,20 +342,26 @@ static int process_data_segment(conn,handler,p,stream,direction)
if(conn->state == TCP_STATE_ESTABLISHED)
conn->state=TCP_STATE_FIN1;
else
conn->state=TCP_STATE_CLOSED;
conn->state=TCP_STATE_CLOSED;
}
stream->oo_queue=seg->next;
seg->next=0;
stream->seq=seg->s_seq + seg->len;
if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction))
DBG((0,"Analyzing segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len));
if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction)) {
DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len));
ABORT(r);
}
}
if(stream->close){
if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction))
ABORT(r);
DBG((0,"Closing with segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len));
if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction)) {
DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len));
ABORT(r);
}
}
free_tcp_segment_queue(_seg.next);

2
common/lib/r_assoc.c
View file

@ -306,7 +306,7 @@ int r_assoc_copy(newp,old)
ABORT(R_NO_MEMORY);
for(i=0;i<new->size;i++){
if(r=copy_assoc_chain(new->chains+i,old->chains[i]))
ABORT(r);
ABORT(R_NO_MEMORY);
}
*newp=new;

8
ssl/ssl_analyze.c
View file

@ -359,12 +359,16 @@ static int read_ssl_record(obj,q,seg,offset,lastp,offsetp)
case 23:
break;
default:
printf("Unknown SSL content type %d\n",q->data[0] & 255);
ABORT(R_INTERNAL);
DBG((0,"Unknown SSL content type %d for segment %u:%u(%u)",
q->data[0] & 255,seg->s_seq,seg->s_seq+seg->len,seg->len));
}
rec_len=COMBINE(q->data[3],q->data[4]);
/* SSL v3.0 spec says a record may not exceed 2**14 + 2048 == 18432 */
if(rec_len > 18432)
ABORT(R_INTERNAL);
/*Expand the buffer*/
if(q->_allocated<(rec_len+SSL_HEADER_SIZE)){
if(!(q->data=realloc(q->data,rec_len+5)))

25
ssl/sslprint.c
View file

@ -248,12 +248,12 @@ int ssl_expand_record(ssl,q,direction,data,len)
SSL_DECODE_UINT16(ssl,0,0,&d,&length);
if(d.len!=length){
explain(ssl,"Short record\n");
explain(ssl," Short record: %u bytes available (expecting: %u)\n",length,d.len);
return(0);
}
P_(P_RH){
explain(ssl,"V%d.%d(%d)",vermaj,vermin,length);
explain(ssl," V%d.%d(%d)",vermaj,vermin,length);
}
@ -262,19 +262,22 @@ int ssl_expand_record(ssl,q,direction,data,len)
r=ssl_decode_record(ssl,ssl->decoder,direction,ct,version,&d);
if(r==SSL_BAD_MAC){
explain(ssl," bad MAC\n");
explain(ssl," bad MAC\n");
return(0);
}
if(r){
if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct))
if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct)) {
printf(" unknown record type: %d\n", ct);
ERETURN(r);
}
printf("\n");
}
else{
if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q,
&d))
if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q, &d)) {
printf(" unknown record type: %d\n", ct);
ERETURN(r);
}
}
return(0);
@ -369,7 +372,7 @@ int ssl_lookup_enum(ssl,dtable,val,ptr)
dtable++;
}
return(-1);
return(R_NOT_FOUND);
}
int ssl_decode_enum(ssl,name,size,dtable,p,data,x)
@ -416,8 +419,7 @@ int ssl_print_enum(ssl,name,dtable,value)
dtable++;
}
explain(ssl,"%s","unknown value");
return(0);
return(R_NOT_FOUND);
}
int explain(ssl_obj *ssl,char *format,...)
@ -535,7 +537,7 @@ int print_data(ssl,d)
printf("\n");
for(i=0;i<d->len;i++){
if(!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i])){
if(d->data[i] == 0 || (!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i]))){
bit8=1;
break;
}
@ -557,7 +559,8 @@ int print_data(ssl,d)
else{
int nl=1;
INDENT;
printf("---------------------------------------------------------------\n"); if(SSL_print_flags & SSL_PRINT_NROFF){
printf("---------------------------------------------------------------\n");
if(SSL_print_flags & SSL_PRINT_NROFF){
if(ssl->process_ciphertext & ssl->direction)
printf("\\f[CI]");
else