mirror of
https://github.com/adulau/ssldump.git
synced 2024-11-24 18:37:05 +00:00
sldump-0.9-cvs-20060619.patch
This commit is contained in:
parent
81519ca3cf
commit
cc6554ebb6
4 changed files with 37 additions and 23 deletions
|
@ -95,11 +95,11 @@ int process_tcp_packet(handler,ctx,p)
|
|||
proper order. This shouldn't be a problem, though,
|
||||
except for simultaneous connects*/
|
||||
if((p->tcp->th_flags & (TH_SYN|TH_ACK))!=TH_SYN){
|
||||
DBG((0,"TCP: rejecting packet from unknown connection\n"));
|
||||
DBG((0,"TCP: rejecting packet from unknown connection, seq: %u\n",ntohl(p->tcp->th_seq)));
|
||||
return(0);
|
||||
}
|
||||
|
||||
DBG((0,"SYN1\n"));
|
||||
DBG((0,"SYN1 seq: %u",ntohl(p->tcp->th_seq)));
|
||||
if(r=new_connection(handler,ctx,p,&conn))
|
||||
ABORT(r);
|
||||
conn->i2r.seq=ntohl(p->tcp->th_seq)+1;
|
||||
|
@ -117,14 +117,14 @@ int process_tcp_packet(handler,ctx,p)
|
|||
conn->r2i.seq=ntohl(p->tcp->th_seq)+1;
|
||||
conn->r2i.ack=ntohl(p->tcp->th_ack)+1;
|
||||
conn->state=TCP_STATE_SYN2;
|
||||
DBG((0,"SYN2\n"));
|
||||
DBG((0,"SYN2 seq: %u",ntohl(p->tcp->th_seq)));
|
||||
break;
|
||||
case TCP_STATE_SYN2:
|
||||
{
|
||||
char *sn=0,*dn=0;
|
||||
if(direction != DIR_I2R)
|
||||
break;
|
||||
DBG((0,"ACK\n"));
|
||||
DBG((0,"ACK seq: %u",ntohl(p->tcp->th_seq)));
|
||||
conn->i2r.ack=ntohl(p->tcp->th_ack)+1;
|
||||
lookuphostname(&conn->i_addr,&sn);
|
||||
lookuphostname(&conn->r_addr,&dn);
|
||||
|
@ -228,7 +228,8 @@ static int process_data_segment(conn,handler,p,stream,direction)
|
|||
l=p->len - p->tcp->th_off * 4;
|
||||
|
||||
if(stream->close){
|
||||
DBG((0,"Rejecting packet received after FIN"));
|
||||
DBG((0,"Rejecting packet received after FIN: %u:%u(%u)",
|
||||
ntohl(p->tcp->th_seq),ntohl(p->tcp->th_seq+l),l));
|
||||
return(0);
|
||||
}
|
||||
|
||||
|
@ -341,20 +342,26 @@ static int process_data_segment(conn,handler,p,stream,direction)
|
|||
if(conn->state == TCP_STATE_ESTABLISHED)
|
||||
conn->state=TCP_STATE_FIN1;
|
||||
else
|
||||
conn->state=TCP_STATE_CLOSED;
|
||||
conn->state=TCP_STATE_CLOSED;
|
||||
}
|
||||
|
||||
stream->oo_queue=seg->next;
|
||||
seg->next=0;
|
||||
stream->seq=seg->s_seq + seg->len;
|
||||
|
||||
if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction))
|
||||
DBG((0,"Analyzing segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len));
|
||||
if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction)) {
|
||||
DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len));
|
||||
ABORT(r);
|
||||
}
|
||||
}
|
||||
|
||||
if(stream->close){
|
||||
if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction))
|
||||
ABORT(r);
|
||||
DBG((0,"Closing with segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len));
|
||||
if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction)) {
|
||||
DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len));
|
||||
ABORT(r);
|
||||
}
|
||||
}
|
||||
|
||||
free_tcp_segment_queue(_seg.next);
|
||||
|
|
|
@ -306,7 +306,7 @@ int r_assoc_copy(newp,old)
|
|||
ABORT(R_NO_MEMORY);
|
||||
for(i=0;i<new->size;i++){
|
||||
if(r=copy_assoc_chain(new->chains+i,old->chains[i]))
|
||||
ABORT(r);
|
||||
ABORT(R_NO_MEMORY);
|
||||
}
|
||||
*newp=new;
|
||||
|
||||
|
|
|
@ -359,12 +359,16 @@ static int read_ssl_record(obj,q,seg,offset,lastp,offsetp)
|
|||
case 23:
|
||||
break;
|
||||
default:
|
||||
printf("Unknown SSL content type %d\n",q->data[0] & 255);
|
||||
ABORT(R_INTERNAL);
|
||||
DBG((0,"Unknown SSL content type %d for segment %u:%u(%u)",
|
||||
q->data[0] & 255,seg->s_seq,seg->s_seq+seg->len,seg->len));
|
||||
}
|
||||
|
||||
rec_len=COMBINE(q->data[3],q->data[4]);
|
||||
|
||||
/* SSL v3.0 spec says a record may not exceed 2**14 + 2048 == 18432 */
|
||||
if(rec_len > 18432)
|
||||
ABORT(R_INTERNAL);
|
||||
|
||||
/*Expand the buffer*/
|
||||
if(q->_allocated<(rec_len+SSL_HEADER_SIZE)){
|
||||
if(!(q->data=realloc(q->data,rec_len+5)))
|
||||
|
|
|
@ -248,12 +248,12 @@ int ssl_expand_record(ssl,q,direction,data,len)
|
|||
SSL_DECODE_UINT16(ssl,0,0,&d,&length);
|
||||
|
||||
if(d.len!=length){
|
||||
explain(ssl,"Short record\n");
|
||||
explain(ssl," Short record: %u bytes available (expecting: %u)\n",length,d.len);
|
||||
return(0);
|
||||
}
|
||||
|
||||
P_(P_RH){
|
||||
explain(ssl,"V%d.%d(%d)",vermaj,vermin,length);
|
||||
explain(ssl," V%d.%d(%d)",vermaj,vermin,length);
|
||||
}
|
||||
|
||||
|
||||
|
@ -262,19 +262,22 @@ int ssl_expand_record(ssl,q,direction,data,len)
|
|||
r=ssl_decode_record(ssl,ssl->decoder,direction,ct,version,&d);
|
||||
|
||||
if(r==SSL_BAD_MAC){
|
||||
explain(ssl," bad MAC\n");
|
||||
explain(ssl," bad MAC\n");
|
||||
return(0);
|
||||
}
|
||||
|
||||
if(r){
|
||||
if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct))
|
||||
if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct)) {
|
||||
printf(" unknown record type: %d\n", ct);
|
||||
ERETURN(r);
|
||||
}
|
||||
printf("\n");
|
||||
}
|
||||
else{
|
||||
if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q,
|
||||
&d))
|
||||
if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q, &d)) {
|
||||
printf(" unknown record type: %d\n", ct);
|
||||
ERETURN(r);
|
||||
}
|
||||
}
|
||||
|
||||
return(0);
|
||||
|
@ -369,7 +372,7 @@ int ssl_lookup_enum(ssl,dtable,val,ptr)
|
|||
dtable++;
|
||||
}
|
||||
|
||||
return(-1);
|
||||
return(R_NOT_FOUND);
|
||||
}
|
||||
|
||||
int ssl_decode_enum(ssl,name,size,dtable,p,data,x)
|
||||
|
@ -416,8 +419,7 @@ int ssl_print_enum(ssl,name,dtable,value)
|
|||
dtable++;
|
||||
}
|
||||
|
||||
explain(ssl,"%s","unknown value");
|
||||
return(0);
|
||||
return(R_NOT_FOUND);
|
||||
}
|
||||
|
||||
int explain(ssl_obj *ssl,char *format,...)
|
||||
|
@ -535,7 +537,7 @@ int print_data(ssl,d)
|
|||
|
||||
printf("\n");
|
||||
for(i=0;i<d->len;i++){
|
||||
if(!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i])){
|
||||
if(d->data[i] == 0 || (!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i]))){
|
||||
bit8=1;
|
||||
break;
|
||||
}
|
||||
|
@ -557,7 +559,8 @@ int print_data(ssl,d)
|
|||
else{
|
||||
int nl=1;
|
||||
INDENT;
|
||||
printf("---------------------------------------------------------------\n"); if(SSL_print_flags & SSL_PRINT_NROFF){
|
||||
printf("---------------------------------------------------------------\n");
|
||||
if(SSL_print_flags & SSL_PRINT_NROFF){
|
||||
if(ssl->process_ciphertext & ssl->direction)
|
||||
printf("\\f[CI]");
|
||||
else
|
||||
|
|
Loading…
Reference in a new issue