Merge pull request #34 from wllm-rbnt/build-sys

Build system updates

.github/workflows/clang.yml

@@ -0,0 +1,24 @@
+name: Clang CI
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Install dependencies
+      run: |
+       sudo apt install clang autoconf libpcap-dev libssl-dev
+    - name: autogen
+      run: ./autogen.sh
+    - name: configure
+      run: ./configure CC=/usr/bin/clang
+    - name: make
+      run: make

.github/workflows/gcc.yml

@@ -1,4 +1,4 @@
-name: C/C++ CI
+name: GCC CI
 
 on:
   push:
@@ -19,6 +19,6 @@ jobs:
     - name: autogen
       run: ./autogen.sh
     - name: configure
-      run: ./configure
+      run: ./configure CC=/usr/bin/gcc
     - name: make
       run: make

.gitignore

@@ -19,6 +19,8 @@ common/lib/Makefile.in
 compile
 config.h
 config.h.in
+config.guess
+config.sub
 configure
 depcomp
 install-sh

Makefile.am

@@ -5,25 +5,28 @@ ssldump_SOURCES = \
 	base/pcap-snoop.c\
 	base/network.c\
 	base/proto_mod.c\
-	base/common.c\
 	ssl/ssl_analyze.c\
 	null/null_analyze.c\
+	common/lib/r_data.c\
+	common/lib/r_assoc.c\
 	common/lib/r_errors.c\
+	common/lib/debug.c\
 	base/tcppack.c\
 	base/tcpconn.c\
 	ssl/ssldecode.c\
 	ssl/sslprint.c\
 	ssl/ssl.enums.c\
 	ssl/sslxprint.c\
-	ssl/ciphersuites.c
+	ssl/ciphersuites.c\
+	ssl/ssl_rec.c
 
 ssldump_CPPFLAGS = \
 	-I$(top_srcdir)\
 	-I$(top_srcdir)/common/include\
+	-I$(top_srcdir)/common/lib\
 	-I$(top_srcdir)/null\
 	-I$(top_srcdir)/ssl\
 	-I$(top_srcdir)/base\
-	-D_BSD_SOURCE=1\
 	-D_DEFAULT_SOURCE=1\
-	-DLINUX
-
+	-DLINUX\
+	-DOPENSSL

README.md

@@ -50,6 +50,25 @@ make
 (optional) make install
 ```
 
+Optional configuration features (aka ./configure options):
+```
+  --disable-optimization  disable compiler optimizations (change from -O2 to -O0)
+  --enable-debug	  enable debug info (add "-g -DDEBUG" to CFLAGS)
+  --enable-asan		  enable AddressSanitizer and other checks
+	add "-fsanitize=address,undefined,leak -Wformat -Werror=format-security
+		-Werror=array-bounds" to CFLAGS
+	use libasan with GCC and embedded ASAN with Clang
+```
+
+Configuration examples:
+```
+- Use GCC with libasan, debug info and custom CFLAGS:
+	./configure CC=/usr/bin/gcc --enable-asan --enable-debug CFLAGS="-Wall"
+
+- Use Clang with ASAN and no optimizations (-O0)
+	./configure CC=/usr/bin/clang --enable-asan --disable-optimization
+```
+
 ## Contributing
 
 The contributing policy is simple. If you have a patch to propose, make a pull-request

base/common.c

@@ -1,66 +0,0 @@
-/**
-   common.c
-
-
-   Copyright (C) 1999-2000 RTFM, Inc.
-   All Rights Reserved
-
-   This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
-   <ekr@rtfm.com> and licensed by RTFM, Inc.
-
-   Redistribution and use in source and binary forms, with or without
-   modification, are permitted provided that the following conditions
-   are met:
-   1. Redistributions of source code must retain the above copyright
-      notice, this list of conditions and the following disclaimer.
-   2. Redistributions in binary form must reproduce the above copyright
-      notice, this list of conditions and the following disclaimer in the
-      documentation and/or other materials provided with the distribution.
-   3. All advertising materials mentioning features or use of this software
-      must display the following acknowledgement:
-   
-      This product includes software developed by Eric Rescorla for
-      RTFM, Inc.
-
-   4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
-      used to endorse or promote products derived from this
-      software without specific prior written permission.
-
-   THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
-   ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-   IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-   ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-   FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-   DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
-
-   $Id: common.c,v 1.2 2000/10/17 16:09:57 ekr Exp $
-
-
-   ekr@rtfm.com  Tue Dec 29 09:59:39 1998
- */
-
-
-static char *RCSSTRING="$Id: common.c,v 1.2 2000/10/17 16:09:57 ekr Exp $";
-
-#include <r_common.h>
-
-int xdump(label,data,len)
-  char *label;
-  UCHAR *data;
-  int len;
-  {
-    int i;
-
-    printf("%s[%d]",label,len);
-    for(i=0;i<len;i++){
-      if((len>8) && !(i%20)) printf("\n");
-      printf("%.2x ",data[i]&255);
-    }
-
-    printf("\n");
-    return(0);
-  }

base/debug.c

@@ -1,68 +0,0 @@
-/**
-   debug.c
-
-
-   Copyright (C) 1999-2000 RTFM, Inc.
-   All Rights Reserved
-
-   This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
-   <ekr@rtfm.com> and licensed by RTFM, Inc.
-
-   Redistribution and use in source and binary forms, with or without
-   modification, are permitted provided that the following conditions
-   are met:
-   1. Redistributions of source code must retain the above copyright
-      notice, this list of conditions and the following disclaimer.
-   2. Redistributions in binary form must reproduce the above copyright
-      notice, this list of conditions and the following disclaimer in the
-      documentation and/or other materials provided with the distribution.
-   3. All advertising materials mentioning features or use of this software
-      must display the following acknowledgement:
-   
-      This product includes software developed by Eric Rescorla for
-      RTFM, Inc.
-
-   4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
-      used to endorse or promote products derived from this
-      software without specific prior written permission.
-
-   THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
-   ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-   IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-   ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-   FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-   DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
-
-   $Id: debug.c,v 1.2 2000/10/17 16:09:57 ekr Exp $
-
-
-   ekr@rtfm.com  Wed Jan  6 17:08:58 1999
- */
-
-
-static char *RCSSTRING="$Id: debug.c,v 1.2 2000/10/17 16:09:57 ekr Exp $";
-
-#ifdef DEBUG
-
-#include <stdarg.h>
-#include <stdio.h>
-
-int debug(int class,char *format,...)
-  {
-    va_list ap;
-
-    va_start(ap,format);
-    vfprintf(stderr,format,ap);
-    fprintf(stderr,"\n");
-    return(0);
-  }
-
-#endif
-
-  
-  
-  

base/debug.h

@@ -1,58 +0,0 @@
-/**
-   debug.h
-
-
-   Copyright (C) 1999-2000 RTFM, Inc.
-   All Rights Reserved
-
-   This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
-   <ekr@rtfm.com> and licensed by RTFM, Inc.
-
-   Redistribution and use in source and binary forms, with or without
-   modification, are permitted provided that the following conditions
-   are met:
-   1. Redistributions of source code must retain the above copyright
-      notice, this list of conditions and the following disclaimer.
-   2. Redistributions in binary form must reproduce the above copyright
-      notice, this list of conditions and the following disclaimer in the
-      documentation and/or other materials provided with the distribution.
-   3. All advertising materials mentioning features or use of this software
-      must display the following acknowledgement:
-   
-      This product includes software developed by Eric Rescorla for
-      RTFM, Inc.
-
-   4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
-      used to endorse or promote products derived from this
-      software without specific prior written permission.
-
-   THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
-   ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-   IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-   ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-   FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-   DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-   OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-   LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-   OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
-
-   $Id: debug.h,v 1.2 2000/10/17 16:09:57 ekr Exp $
-
-
-   ekr@rtfm.com  Wed Jan  6 17:13:00 1999
- */
-
-
-#ifndef _debug_h
-#define _debug_h
-
-#ifdef DEBUG
-#define DBG(a) debug a
-int debug(int class,char *format,...);
-#else
-#define DBG(a)
-#endif
-
-#endif
-

configure.ac

@@ -7,20 +7,29 @@ AM_INIT_AUTOMAKE([subdir-objects])
 AC_CONFIG_SRCDIR([base/pcap-snoop.c])
 AC_CONFIG_HEADERS([config.h])
 
+AC_CANONICAL_HOST
+
 # Checks for programs.
-AC_PROG_CC
+: ${CFLAGS=""}
+AC_PROG_CC([gcc clang])
 AM_PROG_CC_C_O
 AC_PROG_MAKE_SET
 AC_PROG_INSTALL
 
-
 # Checks for header files.
-AC_FUNC_ALLOCA
-AC_FUNC_MALLOC
 AC_CHECK_HEADERS([arpa/inet.h memory.h netdb.h netinet/in.h stdlib.h string.h sys/param.h sys/socket.h sys/time.h unistd.h],,[AC_MSG_ERROR([Missing header.])])
 AC_HEADER_STDC
 AC_HEADER_TIME
 
+# Checks for typedefs, structures, and compiler characteristics.
+AC_CHECK_SIZEOF([unsigned short])
+AC_CHECK_SIZEOF([unsigned int])
+AC_CHECK_SIZEOF([unsigned long])
+AC_CHECK_SIZEOF([unsigned long long])
+
+# Checks for library functions.
+AC_CHECK_FUNCS([malloc realloc gethostbyaddr gettimeofday inet_ntoa isascii memmove memset strchr strdup strstr strtol])
+
 have_pcap=no
 AC_SEARCH_LIBS([pcap_create], [pcap], [have_pcap=yes])
 
@@ -42,10 +51,9 @@ files with
 	])
 fi
 
-AC_CHECK_LIB([pcap],[pcap_create])
-
 have_ssl=no
 AC_SEARCH_LIBS([OPENSSL_init_ssl], [ssl], [have_ssl=yes])
+AC_SEARCH_LIBS(CRYPTO_new_ex_data, [crypto], [have_crypto=yes])
 
 if test "x${have_ssl}" = xyes; then
 	AC_CHECK_HEADERS([openssl/ssl.h], [], [have_ssl=no])
@@ -65,18 +73,45 @@ files with
 	])
 fi
 
-AC_CHECK_LIB([ssl], [OPENSSL_init_ssl])
+AC_ARG_ENABLE([optimization],
+	[  --disable-optimization  disable compiler optimizations],
+	[optimization=${enableval}], [optimization=yes])
 
-# Checks for typedefs, structures, and compiler characteristics.
-AC_CHECK_SIZEOF([unsigned short])
-AC_CHECK_SIZEOF([unsigned int])
-AC_CHECK_SIZEOF([unsigned long])
-AC_CHECK_SIZEOF([unsigned long long])
+if test "x${optimization}" = xno; then
+	CFLAGS="$CFLAGS -O0"
+else
+	CFLAGS="$CFLAGS -O2"
+fi
 
-# Checks for library functions.
-AC_FUNC_MALLOC
-AC_FUNC_REALLOC
-AC_CHECK_FUNCS([gethostbyaddr gettimeofday inet_ntoa isascii memmove memset strchr strdup strstr strtol])
+AC_ARG_ENABLE([debug],
+	[  --enable-debug	  enable debug info],
+	[debug=${enableval}], [debug=no])
+
+if test "x${debug}" = xyes; then
+	CFLAGS="$CFLAGS -g -DDEBUG"
+fi
+
+AC_ARG_ENABLE([asan],
+	[  --enable-asan		  enable AddressSanitizer and other checks],
+	[asan=${enableval}], [asan=no])
+
+if test "x${asan}" = xyes; then
+	AS_CASE([$CC],
+	[*gcc*], [AC_CHECK_LIB(asan, _init)],
+	[*clang*], [have_clang=yes],
+        [have_clang=no])
+
+	if (test "x${ac_cv_lib_asan__init}" = xyes || test "x$have_clang" = xyes); then
+		CFLAGS="$CFLAGS \
+-fsanitize=address,undefined,leak \
+-Wformat \
+-Werror=format-security \
+-Werror=array-bounds"
+	else
+		AC_MSG_WARN("AddressSanitizer not supported")
+		asan=no
+	fi
+fi
 
 AC_CONFIG_FILES([Makefile
                  common/Makefile
@@ -84,4 +119,21 @@ AC_CONFIG_FILES([Makefile
                  null/Makefile
                  ssl/Makefile
                  base/Makefile])
+
 AC_OUTPUT
+
+echo
+echo "################################################"
+echo "SSLDump build setup"
+echo "	Host system:		$host_os"
+echo "	Host architecture:	$host_cpu"
+echo "	Compiler:		$CC"
+echo "	Installation prefix:    $prefix"
+echo "	CFLAGS:    		$CFLAGS"
+echo "	LDFLAGS:    		$LDFLAGS"
+echo "	LIBS:    		$LIBS"
+echo "	Optimizations enabled:  $optimization"
+echo "	Debug info enabled:	$debug"
+echo "	ASAN enabled:		$asan"
+echo "################################################"
+