adulau/ssldump
1
0
Fork 0
mirror of https://github.com/adulau/ssldump.git synced 2024-11-22 09:27:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

sldump-0.9-cvs-20060619.patch

Browse source
This commit is contained in:
Alexandre Dulaunoy 2015-01-31 10:16:06 +01:00
parent 81519ca3cf
commit cc6554ebb6
4 changed files with 37 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
base/tcppack.c
View file

@ -95,11 +95,11 @@ int process_tcp_packet(handler,ctx,p)
proper order. This shouldn't be a problem, though, proper order. This shouldn't be a problem, though,
except for simultaneous connects*/ except for simultaneous connects*/
if((p->tcp->th_flags & (TH_SYN|TH_ACK))!=TH_SYN){ if((p->tcp->th_flags & (TH_SYN|TH_ACK))!=TH_SYN){
DBG((0,"TCP: rejecting packet from unknown connection\n")); DBG((0,"TCP: rejecting packet from unknown connection, seq: %u\n",ntohl(p->tcp->th_seq)));
return(0); return(0);
} }
DBG((0,"SYN1\n")); DBG((0,"SYN1 seq: %u",ntohl(p->tcp->th_seq)));
if(r=new_connection(handler,ctx,p,&conn)) if(r=new_connection(handler,ctx,p,&conn))
ABORT(r); ABORT(r);
conn->i2r.seq=ntohl(p->tcp->th_seq)+1; conn->i2r.seq=ntohl(p->tcp->th_seq)+1;
@ -117,14 +117,14 @@ int process_tcp_packet(handler,ctx,p)
conn->r2i.seq=ntohl(p->tcp->th_seq)+1; conn->r2i.seq=ntohl(p->tcp->th_seq)+1;
conn->r2i.ack=ntohl(p->tcp->th_ack)+1; conn->r2i.ack=ntohl(p->tcp->th_ack)+1;
conn->state=TCP_STATE_SYN2; conn->state=TCP_STATE_SYN2;
DBG((0,"SYN2\n")); DBG((0,"SYN2 seq: %u",ntohl(p->tcp->th_seq)));
break; break;
case TCP_STATE_SYN2: case TCP_STATE_SYN2:
{ {
char *sn=0,*dn=0; char *sn=0,*dn=0;
if(direction != DIR_I2R) if(direction != DIR_I2R)
break; break;
DBG((0,"ACK\n")); DBG((0,"ACK seq: %u",ntohl(p->tcp->th_seq)));
conn->i2r.ack=ntohl(p->tcp->th_ack)+1; conn->i2r.ack=ntohl(p->tcp->th_ack)+1;
lookuphostname(&conn->i_addr,&sn); lookuphostname(&conn->i_addr,&sn);
lookuphostname(&conn->r_addr,&dn); lookuphostname(&conn->r_addr,&dn);
@ -228,7 +228,8 @@ static int process_data_segment(conn,handler,p,stream,direction)
l=p->len - p->tcp->th_off * 4; l=p->len - p->tcp->th_off * 4;
if(stream->close){ if(stream->close){
DBG((0,"Rejecting packet received after FIN")); DBG((0,"Rejecting packet received after FIN: %u:%u(%u)",
ntohl(p->tcp->th_seq),ntohl(p->tcp->th_seq+l),l));
return(0); return(0);
} }
@ -341,20 +342,26 @@ static int process_data_segment(conn,handler,p,stream,direction)
if(conn->state == TCP_STATE_ESTABLISHED) if(conn->state == TCP_STATE_ESTABLISHED)
conn->state=TCP_STATE_FIN1; conn->state=TCP_STATE_FIN1;
else else
conn->state=TCP_STATE_CLOSED; conn->state=TCP_STATE_CLOSED;
} }
stream->oo_queue=seg->next; stream->oo_queue=seg->next;
seg->next=0; seg->next=0;
stream->seq=seg->s_seq + seg->len; stream->seq=seg->s_seq + seg->len;
if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction)) DBG((0,"Analyzing segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len));
if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction)) {
DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len));
ABORT(r); ABORT(r);
}
} }
if(stream->close){ if(stream->close){
if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction)) DBG((0,"Closing with segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len));
ABORT(r); if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction)) {
DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len));
ABORT(r);
}
} }
free_tcp_segment_queue(_seg.next); free_tcp_segment_queue(_seg.next);

2
common/lib/r_assoc.c
View file

@ -306,7 +306,7 @@ int r_assoc_copy(newp,old)
ABORT(R_NO_MEMORY); ABORT(R_NO_MEMORY);
for(i=0;i<new->size;i++){ for(i=0;i<new->size;i++){
if(r=copy_assoc_chain(new->chains+i,old->chains[i])) if(r=copy_assoc_chain(new->chains+i,old->chains[i]))
ABORT(r); ABORT(R_NO_MEMORY);
} }
*newp=new; *newp=new;

8
ssl/ssl_analyze.c
View file

@ -359,12 +359,16 @@ static int read_ssl_record(obj,q,seg,offset,lastp,offsetp)
case 23: case 23:
break; break;
default: default:
printf("Unknown SSL content type %d\n",q->data[0] & 255); DBG((0,"Unknown SSL content type %d for segment %u:%u(%u)",
ABORT(R_INTERNAL); q->data[0] & 255,seg->s_seq,seg->s_seq+seg->len,seg->len));
} }
rec_len=COMBINE(q->data[3],q->data[4]); rec_len=COMBINE(q->data[3],q->data[4]);
/* SSL v3.0 spec says a record may not exceed 2**14 + 2048 == 18432 */
if(rec_len > 18432)
ABORT(R_INTERNAL);
/*Expand the buffer*/ /*Expand the buffer*/
if(q->_allocated<(rec_len+SSL_HEADER_SIZE)){ if(q->_allocated<(rec_len+SSL_HEADER_SIZE)){
if(!(q->data=realloc(q->data,rec_len+5))) if(!(q->data=realloc(q->data,rec_len+5)))

25
ssl/sslprint.c
View file

@ -248,12 +248,12 @@ int ssl_expand_record(ssl,q,direction,data,len)
SSL_DECODE_UINT16(ssl,0,0,&d,&length); SSL_DECODE_UINT16(ssl,0,0,&d,&length);
if(d.len!=length){ if(d.len!=length){
explain(ssl,"Short record\n"); explain(ssl," Short record: %u bytes available (expecting: %u)\n",length,d.len);
return(0); return(0);
} }
P_(P_RH){ P_(P_RH){
explain(ssl,"V%d.%d(%d)",vermaj,vermin,length); explain(ssl," V%d.%d(%d)",vermaj,vermin,length);
} }
@ -262,19 +262,22 @@ int ssl_expand_record(ssl,q,direction,data,len)
r=ssl_decode_record(ssl,ssl->decoder,direction,ct,version,&d); r=ssl_decode_record(ssl,ssl->decoder,direction,ct,version,&d);
if(r==SSL_BAD_MAC){ if(r==SSL_BAD_MAC){
explain(ssl," bad MAC\n"); explain(ssl," bad MAC\n");
return(0); return(0);
} }
if(r){ if(r){
if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct)) if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct)) {
printf(" unknown record type: %d\n", ct);
ERETURN(r); ERETURN(r);
}
printf("\n"); printf("\n");
} }
else{ else{
if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q, if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q, &d)) {
&d)) printf(" unknown record type: %d\n", ct);
ERETURN(r); ERETURN(r);
}
} }
return(0); return(0);
@ -369,7 +372,7 @@ int ssl_lookup_enum(ssl,dtable,val,ptr)
dtable++; dtable++;
} }
return(-1); return(R_NOT_FOUND);
} }
int ssl_decode_enum(ssl,name,size,dtable,p,data,x) int ssl_decode_enum(ssl,name,size,dtable,p,data,x)
@ -416,8 +419,7 @@ int ssl_print_enum(ssl,name,dtable,value)
dtable++; dtable++;
} }
explain(ssl,"%s","unknown value"); return(R_NOT_FOUND);
return(0);
} }
int explain(ssl_obj *ssl,char *format,...) int explain(ssl_obj *ssl,char *format,...)
@ -535,7 +537,7 @@ int print_data(ssl,d)
printf("\n"); printf("\n");
for(i=0;i<d->len;i++){ for(i=0;i<d->len;i++){
if(!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i])){ if(d->data[i] == 0 || (!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i]))){
bit8=1; bit8=1;
break; break;
} }
@ -557,7 +559,8 @@ int print_data(ssl,d)
else{ else{
int nl=1; int nl=1;
INDENT; INDENT;
printf("---------------------------------------------------------------\n"); if(SSL_print_flags & SSL_PRINT_NROFF){ printf("---------------------------------------------------------------\n");
if(SSL_print_flags & SSL_PRINT_NROFF){
if(ssl->process_ciphertext & ssl->direction) if(ssl->process_ciphertext & ssl->direction)
printf("\\f[CI]"); printf("\\f[CI]");
else else