adulau/ssldump
1
0
Fork 0
mirror of https://github.com/adulau/ssldump.git synced 2024-12-21 23:45:57 +00:00
Code Issues Projects Releases Packages Wiki Activity

ssldump_0.9b3.orig.tar.gz Import

Browse source
This commit is contained in:
Alexandre Dulaunoy 2015-01-31 10:13:33 +01:00
commit ea12dfe6d2
100 changed files with 22293 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

60
COPYRIGHT Normal file
View file

@ -0,0 +1,60 @@
SSLDUMP LICENSE
Copyright (C) 1999-2001 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE ERIC RESCORLA AND RTFM ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
TCPDUMP LICENSE
The manual page for this software is partially excerpted from
the tcpdump manual page, which is subject to the following license:
Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997
The Regents of the University of California. All rights reserved.
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that: (1) source code distributions
retain the above copyright notice and this paragraph in its entirety, (2)
distributions including binary code include the above copyright notice and
this paragraph in its entirety in the documentation or other materials
provided with the distribution, and (3) all advertising materials mentioning
features or use of this software display the following acknowledgement:
``This product includes software developed by the University of California,
Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
the University nor the names of its contributors may be used to endorse
or promote products derived from this software without specific prior
written permission.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

20
CREDITS Normal file
View file

@ -0,0 +1,20 @@
ssldump was written by Eric Rescorla <ekr@rtfm.com>
The Windows port of ssldump was provided by Greg Stark.
The following people have provided bug fixes, bug reports, or suggestions.
Adam Cain
Pavel Curtis
Chris Jepeway
Alexander Fetke
Jeffrey Hafey
Lutz Jaenicke
Dave Jagoda
Norbert Klasen
Richard Levitte
Hugh Mandeville
Eric Murray
Henrik Nordstrom
If you think you should be on this list, send me mail at <ekr@rtfm.com>.

158
ChangeLog Normal file
View file

@ -0,0 +1,158 @@
Wed Aug 21 10:48:45 2002 EKR <ekr@rtfm.com>
* Installed Greg Stark's new Win32 patches.
* Added updated VLAN support (Jeffrey Hafey)
Fri Aug 16 16:56:23 2002 EKR <ekr@rtfm.com>
* Cleaned up 56-bit ciphersuites in ciphersuites.c
* Fixed memory errors in packet copying.
* Fixed bugs in processing of bogus SSLv2 messages.
* Fixed bugs in TCP packet reassembly code.
Tue Aug 13 13:03:41 2002 EKR <ekr@rtfm.com>
* Fixed EXPORT1024 DES cipher suites
Mon Aug 12 16:49:51 2002 EKR <ekr@rtfm.com>
* Added support for VLAN networks (Jeffrey Hafey)
* Fixed printing of data with embedded tabs (Pavel Curtis)
* Added support for non-promiscuous mode (-P flag)
(Bruce M Simpson)
* Fixed potential small overrun in RSA decryption.
Fri Sep 28 15:54:47 2001 EKR <ekr@rtfm.com>
* Fixed install so that we install in /usr/local/sbin
with mode 755. Bug report ssldump/22.
(Dave Jagoda)
* Fixed compilation warning about create_null_analyzer
Bug report ssldump/23.
Wed Sep 26 14:49:06 2001 EKR <ekr@rtfm.com>
* Fixed SYN & SYN/ACK detection to that it works with ECN.
(Henrik Nordstrom)
* Added /usr/include/pcap to the PCAP search path
(Henrik Nordstrom)
Sat Sep 15 13:41:10 2001 EKR <ekr@rtfm.com>
* Fix to ssldecode.c to remove error with empty
struct when compiling with VC++ and no OpenSSL
(Greg Stark)
* Change to vcwin32.mak to print out that you're not
using OpenSSL (Greg Stark)
* Automatic version changing courtesy of version-change.pl
Fri Sep 14 15:22:29 2001 EKR <ekr@rtfm.com>
* Fixed bug 4. Delete the MS after decrypting a PMS
to force new MS generation in the key generation phase.
This makes decryption of renegotiated connections work
correctly. This got broken when session resumption
was added.
2001-09-14 Eric Rescorla <ekr@rtfm.com>
* Imported Greg Stark's Win32 port
Sun Sep 2 15:53:06 2001 EKR <ekr@rtfm.com>
* Fixed the reassembler so it doesn't crash when
FIN/RST segments have data.
* closure/connection freeing now works, thus meaning less
memory leakage and less crashing.
* A bunch of trivial makefile/configure fixes.
Fri Jul 20 16:40:51 2001 EKR <ekr@rtfm.com>
* Removed loading of certificate file. This served
no real purpose. Fix for bug 5.
Fri Jul 20 11:02:09 2001 EKR <ekr@rtfm.com>
* Fixed initialization so that the key file is loaded
only once.
Removed default keyfile and password. You now must
specify them. You also get an error if you specify
a bad password or keyfile.
Fri Jul 20 10:17:36 2001 EKR <ekr@rtfm.com>
* Added support for session resumption.
Fri Jul 20 10:17:16 2001 EKR <ekr@rtfm.com>
* Fixed SEQ_LT problems on Linux and other compilation
problems.
Tue Mar 6 2001 EKR <ekr@rtfm.com>
* Removed statically allocated conn array. We can now
have an arbitrary number of
Thu Nov 9 12:14:15 2000 EKR <ekr@rtfm.com>
* Cleanups to the man page and cleaned up some cases
where printing didn't work quite right.
Mon Nov 6 10:22:25 2000 EKR <ekr@rtfm.com>
* Added the -X flag to force hex-only printing when
binary data is displayed as hex dumps.
Fri Nov 3 09:23:35 2000 EKR <ekr@rtfm.com>
* cleaned up the case where multiple handshake messages
are in the same SSL record.
Fri Nov 3 09:14:39 2000 EKR <ekr@rtfm.com>
* Modified printing so that when we're printing hex dumps
of application data traffic we also print the printable
sections of the data itself in a column on the side.
Thu Nov 2 14:14:21 2000 EKR <ekr@rtfm.com>
* Modified cipher suite printing so that the names have
SSL_ if we're doing SSLv3 and TLS_ if we're doing TLS.
Suggestion by Eric Murray.
Thu Nov 2 13:07:09 2000 EKR <ekr@rtfm.com>
* Fixed an ABW in ssldecode.c that caused crashes
on Solaris. Also, fixed a bunch of memory leaks
using Purify.
Thu Nov 2 08:45:42 2000 EKR <ekr@rtfm.com>
* Various Portability fixes
CC=gcc -> CC=@CC@ in Makefile
Removed FLAGS in Makefile (it was a noop)
in base/tcpconn.c, changed {} to {0} to appease HPUX's compiler
made create_null_analyzer.c static as it should be.
Removed the final (bogus) entry in null_vtbl.
made sslx__print_serial() static to match its prototype
Rearranged library order for better linkage
Thanks to Lutze Jainecke for these fixes.
Thu Nov 2 08:41:10 2000 EKR <ekr@rtfm.com>
* Added -r as a synonym for -f. -f will eventually
be removed and reused for some other option.
This was done for option compatibility with tcpdump
and on the theory that someday I might add a -w.
* Renamed -h to -H and added it to the documentation.
-h now triggers usage info.
Thu Nov 2 08:38:06 2000 EKR <ekr@rtfm.com>
* Removed blank lines in the man page. This confuses some
man page formatters. (Thanks to Hugh Mandeville for pointing
this one out)
Thu Nov 2 08:37:59 2000 EKR <ekr@rtfm.com>
* Wired up -N (it was unwired)
Thu Nov 2 08:37:47 2000 EKR <ekr@rtfm.com>
* Added -D_BSD_SOURCE=1 when you're compiling on Linux.
(Allowing it to compile)

9
FILES Normal file
View file

@ -0,0 +1,9 @@
record-fmt.txt
record_analyze.c
record_analyze.h
targets.mk
CVS:
Entries
Repository
Root

46
INSTALL Normal file
View file

@ -0,0 +1,46 @@
$Id: INSTALL,v 1.5 2001/09/14 22:29:13 ekr Exp $
If you don't have libpcap, you'll need to get it and install it. You
can obtain it from:
http://www.tcpdump.org/
If you want to be able to decrypt SSL traffic or view certificates,
get OpenSSL if you don't have it:
http://www.openssl.org/
Once you've built and installed libpcap and OpenSSL, you're ready to
build ssldump.
ssldump uses a GNU autoconf-based configuration to automatically
configure the build.
In the simplest form you can simply do:
./configure
If the configure script can't find libpcap, it will abort. If you've
installed it in unobvious place, you may need to give configure a hint
using the '--with-pcap' or '--with-pcap-{lib,inc}' switches.
If the configure script can't find OpenSSL, it will continue without
it. If your OpenSSL is in a nonstandard location, you may need to give
configure a hint with the '--with-openssl' or
'--with-openssl-{lib,include}' switches.
Once you've done the configure, you can simply run 'make'. Note that
on some platforms (HP/UX) you will have to use GNU make (gmake).
If the make succeeds, run a 'make install' (you will probably need to
be root to do this.)
TESTED PLATFORMS
FreeBSD 2.2.8, 3.4
HP/UX 10.20
Linux (Red Hat, Debian)
Solaris 2.x
If you get ssldump to work on a platform not listed above, please send mail
to ssldump@rtfm.com with the platform and any fixes you had to make.
INSTALLING ON WINDOWS
Read the file INSTALL.W32 in this directory for instructions on
installing on Windows.

114
INSTALL.W32 Normal file
View file

@ -0,0 +1,114 @@
Notes
First, make sure you've read the README file.
Build Environment
-----------------
The build environment is assumed to be Microsoft Visual C++ 6.0 SP4
(VC6), although earlier or later versions may work. In particular, the
make-like utility used to build this port of ssldump is NMAKE version
6.00.x from Microsoft.
The basis for this port is ssldump version 0.9b3. The win32 directory
contains the win32-specific stuff, including the NMAKE makefile
vcwin32.mak.
You need to have your environment variables and PATH correctly setup
to properly use the command-line VC6 tools. In the VC6\bin directory
is a batch file, VCVARS32.bat, which should set things up
correctly. You should run this batch file prior to attempting a build.
What you need (besides the ssldump source)
------------------------------------------
You must have downloaded and installed the following from the
WinPcap/Windump project:
1. The Winpcap developer's pack, version 2.3, from
http://winpcap.polito.it/install/bin/WPdpack_2_3.zip contains the
pcap.h and net/bpf.h files, and the pcap import library. Place these
in the win32 directory.
2. The Winpcap source code distribution, version 2.3, from
http://winpcap.polito.it/install/bin/WPcapSrc_2_3.zip. It contains
some .h files commonly found on UNIX systems that ssldump
expects. Place these in the win32 directory.
3. The Winpcap auto-installer, version 2.3, from
http://winpcap.polito.it/install/bin/WinPcap_2_3_nogui.exe. This is
only needed to run ssldump, not needed to build it. It is needed on
*any* windows system on which ssldump is run. It installs a device
driver and the pcap library DLL.
4. Possibly the Windump utility from
http://windump.polito.it/install/bin/WinDump.exe. This is essentially
a Windows port of tcpdump, with an extra -D option. This option
enumerates the interface names so that you at least have a clue to
what to supply the -i option (see below).
The win32 directory should look like the following after these files
are downloaded and extracted:
winpcap <directory>
WPdpack <directory>
Ssldump.html
vcwin32.mak
OpenSSL Support
---------------
By default, the OpenSSL libraries are not linked into ssldump. If you
want to link in the OpenSSL libraries, you'll need to customize the
makefile. First, look for the macro OPENSSL and change its value to
"yes". Next, look for the macro OPENSSL_DIR and make sure it points to
the openssl distribution on your machine. You must build a version(s)
of SSL that links to the static C run-time library; these are
distinguished by the use of the compiler flag /MT for release
versions, and /MTd for debug versions. Then you must set the
OPENSSL_RELEASE and OPENSSL_DEBUG macros to point to the directories
that contain the libraries for these versions. If you only intend to
build one of either the debug or release versions, you only need to
define the corresponding OPENSSL_ macro.
Building ssldump
----------------
To build, run (from the ssldump root directory):
nmake /f win32\vcwin32.mak all
this creates a directory, out32, which contains the object files and
the ssldump.exe executable. The build produces a simple command-line
ssldump.exe which must be run from a console window (i.e. a DOS
box). It builds the release version by default. Set the macro
CFG="debug" to build a debug version, e.g. nmake /f vcwin32.mak all
CFG="debug".
win32\ssldump.html contains an HTML version of the ssldump.1
manpage. You should read this to learn the options.
What are the names of the Interfaces?
-------------------------------------
One tricky aspect is choosing the correct interface name for the -i
option of ssldump. AFAIK, there is no standard windows utility that
will give you the correct names for the interfaces. For example, on my
system they are named PPPMAC (for the PPP adapter) and CBEN5 (for my
Ethernet Adapter). I did find these names in the registry under
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Class\Net\nnnn\NDIS\LogDriverName,
but this may be different on other Windows OSes. The Windump utility
from the WinPcap folks has an option, -D, to enumerate these interface
names. Use the Windump utility or hunt through the registry to find
the names of your interfaces. If you don't specify the interface
explicitly with the -i option, ssldump will select the 'first'
interface and this may be exactly what you want.

111
Makefile.in Normal file
View file

@ -0,0 +1,111 @@
# Copyright (C) 1999-2000 RTFM, Inc.
# All Rights Reserved
# This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
# <ekr\@rtfm.com> and licensed by RTFM, Inc.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
# must display the following acknowledgement:
#
# This product includes software developed by Eric Rescorla for
# RTFM, Inc.
# 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
# used to endorse or promote products derived from this
# software without specific prior written permission.
# THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
PLATFORM=freebsd31
CC=@CC@
all: ssldump
OBJSUFFIX=o
LIBSUFFIX=a
INSTALL=@INSTALL@
prefix=@prefix@
exec_prefix=@exec_prefix@
BINDIR=@sbindir@
MANDIR=@mandir@
RM=rm -f
ROOT=./
ANALYZE_SRCDIR=$(ROOT)base/
COMMONDIR=common/
COMMON_LIB_SRCDIR=$(COMMONDIR)lib/
ANALYZE_NULL_SRCDIR=$(ROOT)null/
ANALYZE_SSL_SRCDIR=$(ROOT)ssl/
ANALYZE_RECORD_SRCDIR=$(ROOT)@RECORD_MOD@/
include rules.mk
include $(COMMON_LIB_SRCDIR)/targets.mk
include $(ANALYZE_SRCDIR)targets.mk
include $(ANALYZE_NULL_SRCDIR)targets.mk
include $(ANALYZE_SSL_SRCDIR)targets.mk
include $(ANALYZE_RECORD_SRCDIR)targets.mk
INCLUDES += -I$(COMMONDIR)include/ -I$(ANALYZE_NULL_SRCDIR) -I$(ANALYZE_SSL_SRCDIR)
DEFINES += @DEFINES@
INCLUDES += @INCLUDES@
LIBS += @LDFLAGS@ @LIBS@
CFLAGS += @CFLAGS@ @DEFS@
ssldump: $(OBJECTS)
$(CC) $(OBJECTS) -o $@ $(LIBS)
clean:
rm -f $(OBJECTS) ssldump
install:
[ -d $(BINDIR) ] || mkdir -p $(BINDIR)
$(INSTALL) -m 755 ssldump $(BINDIR)/ssldump
[ -d $(MANDIR) ] || mkdir -p $(MANDIR)/man1
$(INSTALL) -m 444 ssldump.1 $(MANDIR)/man1/ssldump.1
dist:
perl "./version-check.pl"
- name=ssldump-`cat VERSION`; \
rm -rf /dist/ship/$$name; \
mkdir /dist/ship/$$name; \
cp -pR * /dist/ship/$$name; \
cd /dist/ship/$$name; \
make -f Makefile.in clean; \
rm Makefile; \
find . -name '*~' -exec rm {} \; -print;\
find . -name '*.o' -exec rm {} \; -print;\
find . -name '#*#' -exec rm {} \; -print;\
find . -name 'CVS' -exec rm -rf {} \; -print;\
find . -name '*bak' -exec rm -rf {} \; -print;\
find . -name '*.core' -exec rm -rf {} \; -print;\
find . -name '*.tr' -exec rm -rf {} \; -print;\
find . -name '*.pl' -exec rm -rf {} \; -print;\
find . -name '*.pem' -exec rm -rf {} \; -print;\
find . -name '*orig' -exec rm -rf {} \; -print;\
find . -name '*.rej' -exec rm -rf {} \; -print;\
rm -f TODO TAGS; \
rm -f config.status config.log config.cache config.h; \
rm -f ssl/a.out all; \
cd /dist/ship; tar cf - $$name | gzip > $$name.tar.gz

85
README Normal file
View file

@ -0,0 +1,85 @@
$Id: README,v 1.9 2002/08/17 01:33:15 ekr Exp $
SSLDUMP 0.9b3
ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP
connections on the chosen network interface and attempts to interpret
them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it
decodes the records and displays them in a textual form to stdout. If
provided with the appropriate keying material, it will also decrypt
the connections and display the application data traffic.
ssldump depends on the libpcap packet capture library. Some systems
(e.g. FreeBSD) now have libpcap as part of their standard install. On
other systems, you will need to install it. You can obtain the
distribution from:
http://www.tcpdump.org/
If linked with OpenSSL, ssldump can display certificates in decoded
form and decrypt traffic (provided that it has the appropriate keying
material). Again, OpenSSL may be installed on your system. Otherwise
you can obtain it from:
http://www.openssl.org/
See the file INSTALL for instructions on building and installing
ssldump.
STABILITY
This is a beta release of ssldump. The UNIX portions have received
extensive testing and are believed to be quite solid. The Windows
port is substantially less stable.
CHANGES SINCE 0.9b2
Security fix: some potential over and underflows
Added support for VLANs.
Added -P flag to disable promiscuous mode.
Fixed bugs in the TCP reassembly code.
A lot of bug fixes.
See the ChangeLog for a more complete list of changes.
MAILING LIST
For support questions and general discussion on ssldump, please
subscribe to the ssldump-users mailing list. Subscription is by
majordomo. To subscribe, send a message with no subject and a body
consisting of the single line:
subscribe ssldump-users
to majordomo@rtfm.com. Note, you cannot send messages to the list
unless you are subscribed.
BUG REPORTS
Please send bug reports either to the ssldump-users mailing list
or to ssldump@rtfm.com.
INTEROPERABILITY NOTE
Previous versions of ssldump automatically looked for the keyfile
in 'server.pem' and used the password 'password'. This version
removes those defaults. For decryption to work you MUST specify
the keyfile (and password if the keyfile is encrypted.)
NEW VERSIONS
Newer versions of ssldump can be found at:
http://www.rtfm.com/ssldump/
SSL REFERENCES
The SSLv3 specification can be found at:
http://home.netscape.com/eng/ssl3/draft302.txt
The TLS specification is in RFC 2246 and can be found at:
http://www.ietf.org/rfc/rfc2246.txt
SHAMELESS PLUG
Extremely detailed coverage of SSL/TLS can be found in
_SSL_and_TLS:_Designing_and_Building_Secure_Systems_
Eric Rescorla
Addison-Wesley, 2001
ISBN 0-201-61598-3
_SSL_and_TLS_ makes extensive use of ssldump to demonstrate real-life
SSL behavior. If you like ssldump and want to learn about SSL, you
might consider buying my book.

1
VERSION Normal file
View file

@ -0,0 +1 @@
0.9b3

66
base/common.c Normal file
View file

@ -0,0 +1,66 @@
/**
common.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: common.c,v 1.2 2000/10/17 16:09:57 ekr Exp $
ekr@rtfm.com Tue Dec 29 09:59:39 1998
*/
static char *RCSSTRING="$Id: common.c,v 1.2 2000/10/17 16:09:57 ekr Exp $";
#include <r_common.h>
int xdump(label,data,len)
char *label;
UCHAR *data;
int len;
{
int i;
printf("%s[%d]",label,len);
for(i=0;i<len;i++){
if((len>8) && !(i%20)) printf("\n");
printf("%.2x ",data[i]&255);
}
printf("\n");
return(0);
}

60
base/data Normal file
View file

@ -0,0 +1,60 @@
network.c:126: off=ntohs(p.ip->ip_off);
network.c:134: hlen=p.ip->ip_hl * 4;
network.c:136: p.len =ntohs(p.ip->ip_len)-hlen;
network.c:139: switch(p.ip->ip_p){
network.c:159: memcpy(&p->ts,&in->ts,sizeof(struct timeval));
network.c:160: if(!(p->base=(UCHAR *)malloc(in->_len)))
network.c:162: memcpy(p->base,in->base,p->_len=in->_len);
network.c:164: p->data=p->base + (in->data -> in->base);
network.c:165: p->len=in->len;
network.c:167: p->ip=(struct ip *)(p->base + ((UCHAR *)in->ip - in->base));
network.c:168: p->tcp=(struct tcphdr *)(p->base + ((UCHAR *)in->tcp - in->base));
network.c:186: FREE(p->base);
pcap-snoop.c:2: pcap-snoop.c
pcap-snoop.c:40: $Id: pcap-snoop.c,v 1.12 2002/01/21 17:36:51 ekr Exp $
pcap-snoop.c:47:static char *RCSSTRING="$Id: pcap-snoop.c,v 1.12 2002/01/21 17:36:51 ekr Exp $";
tcppack.c:84: p->tcp=(struct tcphdr *)p->data;
tcppack.c:88: if(r=tcp_find_conn(&conn,&direction,&p->ip->ip_src,
tcppack.c:89: ntohs(p->tcp->th_sport),&p->ip->ip_dst,ntohs(p->tcp->th_dport))){
tcppack.c:96: if((p->tcp->th_flags & (TH_SYN|TH_ACK))!=TH_SYN){
tcppack.c:104: conn->i2r.seq=ntohl(p->tcp->th_seq)+1;
tcppack.c:114: if((p->tcp->th_flags & (TH_SYN|TH_ACK))!=(TH_SYN|TH_ACK))
tcppack.c:116: conn->r2i.seq=ntohl(p->tcp->th_seq)+1;
tcppack.c:117: conn->r2i.ack=ntohl(p->tcp->th_ack)+1;
tcppack.c:127: conn->i2r.ack=ntohl(p->tcp->th_ack)+1;
tcppack.c:148: if(p->tcp->th_flags & TH_SYN)
tcppack.c:150: length=p->len - (p->tcp->th_off * 4);
tcppack.c:178: if(r=tcp_create_conn(&conn,&p->ip->ip_src,ntohs(p->tcp->th_sport),
tcppack.c:179: &p->ip->ip_dst,ntohs(p->tcp->th_dport)))
tcppack.c:183: memcpy(&conn->start_time,&p->ts,sizeof(struct timeval));
tcppack.c:184: if(r=create_proto_handler(handler,ctx,&conn->analyzer,conn,&p->ts))
tcppack.c:197: off=(s)->p->tcp->th_off*4; \
tcppack.c:198: if(l>((s)->p->len-off)) ERETURN(R_BAD_DATA);\
tcppack.c:199: (s)->data=(s)->p->data + off + (l) ; \
tcppack.c:200: (s)->len=(s)->p->len - off + (l); \
tcppack.c:227: l=p->len - p->tcp->th_off * 4;
tcppack.c:238: seq=ntohl(p->tcp->th_seq);
tcppack.c:241: if(p->tcp->th_flags & TH_ACK){
tcppack.c:245: acknum=ntohl(p->tcp->th_ack);
tcppack.c:250: if(r=timestamp_diff(&p->ts,&conn->start_time,&dt))
tcppack.c:268: if(!(p->tcp->th_flags & (TH_RST)) && SEQ_LT(seq,stream->seq))
tcppack.c:310: if(_seg.p->tcp->th_flags & (TH_RST)){
tcppack.c:311: stream->close=_seg.p->tcp->th_flags & (TH_RST);
tcppack.c:319: if(_seg.p->tcp->th_flags & (TH_FIN)){
tcppack.c:320: stream->close=_seg.p->tcp->th_flags & (TH_FIN);
tcppack.c:325: if(seg->p->tcp->th_flags & (TH_FIN)){
tcppack.c:326: stream->close=_seg.p->tcp->th_flags & (TH_FIN);
tcppack.c:338: if(seg->p->tcp->th_flags & (TH_FIN) ){
tcppack.c:374: lookuphostname(&p->ip->ip_src,&src);
tcppack.c:375: lookuphostname(&p->ip->ip_dst,&dst);
tcppack.c:379: ntohs(p->tcp->th_sport),
tcppack.c:381: ntohs(p->tcp->th_dport));
tcppack.c:384: ntohl(p->tcp->th_seq),
tcppack.c:385: p->len - p->tcp->th_off *4);
tcppack.c:387: if(p->tcp->th_flags & TH_ACK)
tcppack.c:388: printf("ACK %ld ",ntohl(p->tcp->th_ack));
tcppack.c:390: if(p->tcp->th_flags & TH_FIN)
tcppack.c:392: if(p->tcp->th_flags & TH_SYN)
tcppack.c:394: if(p->tcp->th_flags & TH_RST)
tcppack.c:396: if(p->tcp->th_flags & TH_PUSH)
tcppack.c:398: if(p->tcp->th_flags & TH_URG)

68
base/debug.c Normal file
View file

@ -0,0 +1,68 @@
/**
debug.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: debug.c,v 1.2 2000/10/17 16:09:57 ekr Exp $
ekr@rtfm.com Wed Jan 6 17:08:58 1999
*/
static char *RCSSTRING="$Id: debug.c,v 1.2 2000/10/17 16:09:57 ekr Exp $";
#ifdef DEBUG
#include <stdarg.h>
#include <stdio.h>
int debug(int class,char *format,...)
{
va_list ap;
va_start(ap,format);
vfprintf(stderr,format,ap);
fprintf(stderr,"\n");
return(0);
}
#endif

58
base/debug.h Normal file
View file

@ -0,0 +1,58 @@
/**
debug.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: debug.h,v 1.2 2000/10/17 16:09:57 ekr Exp $
ekr@rtfm.com Wed Jan 6 17:13:00 1999
*/
#ifndef _debug_h
#define _debug_h
#ifdef DEBUG
#define DBG(a) debug a
int debug(int class,char *format,...);
#else
#define DBG(a)
#endif
#endif

241
base/network.c Normal file
View file

@ -0,0 +1,241 @@
/**
network.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: network.c,v 1.10 2002/09/09 21:02:58 ekr Exp $
ekr@rtfm.com Tue Dec 29 09:52:54 1998
*/
static char *RCSSTRING="$Id: network.c,v 1.10 2002/09/09 21:02:58 ekr Exp $";
#include <sys/types.h>
#include <r_common.h>
#include "network.h"
#ifndef _WIN32
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#endif
#include "tcppack.h"
#ifdef STDC_HEADERS
#include <string.h>
#endif
UINT4 NET_print_flags;
struct network_handler_ {
proto_mod *mod;
proto_ctx *ctx;
};
int network_handler_create(mod,handlerp)
proto_mod *mod;
n_handler **handlerp;
{
int r,_status;
n_handler *handler=0;
if(!(handler=(n_handler *)malloc(sizeof(n_handler))))
ABORT(R_NO_MEMORY);
if(mod->vtbl->create_ctx){
if(r=mod->vtbl->create_ctx(mod->handle,&handler->ctx))
ABORT(r);
}
handler->mod=mod;
*handlerp=handler;
_status=0;
abort:
if(_status){
network_handler_destroy(&handler);
}
return(_status);
}
int network_handler_destroy(handlerp)
n_handler **handlerp;
{
if(!handlerp || !*handlerp)
return(0);
free(*handlerp);
*handlerp=0;
return(0);
}
int network_process_packet(handler,timestamp,data,length)
n_handler *handler;
struct timeval *timestamp;
UCHAR *data;
int length;
{
int r;
int hlen;
packet p;
u_short off;
/*We can pretty much ignore all the options*/
memcpy(&p.ts,timestamp,sizeof(struct timeval));
p.base=data;
p._len=length;
p.data=data;
p.len=length;
p.ip=(struct ip *)data;
/*Handle, or rather mishandle, fragmentation*/
off=ntohs(p.ip->ip_off);
if((off & 0x1fff) || /*Later fragment*/
(off & 0x2000)){ /*More fragments*/
/* fprintf(stderr,"Fragmented packet! rejecting\n"); */
return(0);
}
hlen=p.ip->ip_hl * 4;
p.data += hlen;
p.len =ntohs(p.ip->ip_len)-hlen;
switch(p.ip->ip_p){
case IPPROTO_TCP:
if(r=process_tcp_packet(handler->mod,handler->ctx,&p))
ERETURN(r);
break;
}
return(0);
}
int packet_copy(in,out)
packet *in;
packet **out;
{
int _status;
packet *p=0;
if(!(p=(packet *)calloc(sizeof(packet),1)))
ABORT(R_NO_MEMORY);
memcpy(&p->ts,&in->ts,sizeof(struct timeval));
if(!(p->base=(UCHAR *)malloc(in->_len)))
ABORT(R_NO_MEMORY);
memcpy(p->base,in->base,p->_len=in->_len);
p->data=p->base + (in->data - in->base);
p->len=in->len;
p->ip=(struct ip *)(p->base + ((UCHAR *)in->ip - in->base));
p->tcp=(struct tcphdr *)(p->base + ((UCHAR *)in->tcp - in->base));
*out=p;
_status=0;
abort:
if(_status){
packet_destroy(p);
}
return(_status);
}
int packet_destroy(p)
packet *p;
{
if(!p)
return(0);
FREE(p->base);
return(0);
}
int timestamp_diff(t1,t0,diff)
struct timeval *t1;
struct timeval *t0;
struct timeval *diff;
{
long d;
if(t0->tv_sec > t1->tv_sec)
ERETURN(R_BAD_ARGS);
/*Easy case*/
if(t0->tv_usec <= t1->tv_usec){
diff->tv_sec=t1->tv_sec - t0->tv_sec;
diff->tv_usec=t1->tv_usec - t0->tv_usec;
return(0);
}
/*Hard case*/
d=t0->tv_usec - t1->tv_usec;
if(t1->tv_sec < (t0->tv_sec + 1))
ERETURN(R_BAD_ARGS);
diff->tv_sec=t1->tv_sec - (t0->tv_sec + 1);
diff->tv_usec=1000000 - d;
return(0);
}
int lookuphostname(addr,namep)
struct in_addr *addr;
char **namep;
{
struct hostent *ne=0;
if(!(NET_print_flags & NET_PRINT_NO_RESOLVE)){
ne=gethostbyaddr((char *)addr,4,AF_INET);
}
if(!ne){
*namep=strdup((char *)inet_ntoa(*addr));
}
else{
*namep=strdup(ne->h_name);
}
return(0);
}

106
base/network.h Normal file
View file

@ -0,0 +1,106 @@
/**
network.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: network.h,v 1.3 2001/09/14 22:29:14 ekr Exp $
ekr@rtfm.com Tue Dec 29 09:53:50 1998
*/
#ifndef _network_h
#define _network_h
#include <stdlib.h>
#include <string.h>
#include <r_common.h>
#include <sys/types.h>
#ifndef _WIN32
#include <sys/socket.h>
#include <netinet/in.h>
#else
#include <winsock2.h>
#endif
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <r_time.h>
#include <r_data.h>
typedef struct network_handler_ n_handler;
typedef struct proto_mod_ proto_mod;
typedef struct proto_handler_ proto_handler;
typedef struct packet_ packet;
int network_handler_create PROTO_LIST((proto_mod *mod,
n_handler **handlerp));
int network_handler_destroy PROTO_LIST((n_handler **handlerp));
int network_process_packet PROTO_LIST((n_handler *handler,
struct timeval *timestamp,UCHAR *data,int length));
int packet_copy PROTO_LIST((packet *in,packet **out));
int packet_destroy PROTO_LIST((packet *p));
int timestamp_diff PROTO_LIST(( struct timeval *t1,struct timeval *t0,
struct timeval *diff));
int lookuphostname PROTO_LIST((struct in_addr *addr,char **name));
struct packet_ {
struct timeval ts;
UCHAR *base; /*The base of the packet*/
int _len;
UCHAR *data; /*The data ptr appropriate to this layer*/
int len; /*The length of the data segment*/
/*These just save us the effort of doing casts to the data
segments*/
struct ip *ip; /*The IP header*/
struct tcphdr *tcp; /*The TCP header*/
};
#include "tcpconn.h"
#include "proto_mod.h"
extern UINT4 NET_print_flags;
#define NET_PRINT_TCP_HDR 1
#define NET_PRINT_TYPESET 2
#define NET_PRINT_ACKS 4
#define NET_PRINT_NO_RESOLVE 8
#endif

365
base/pcap-snoop.c Normal file
View file

@ -0,0 +1,365 @@
/**
pcap-snoop.c
Copyright (C) 1999-2001 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: pcap-snoop.c,v 1.14 2002/09/09 21:02:58 ekr Exp $
ekr@rtfm.com Tue Dec 29 10:17:41 1998
*/
static char *RCSSTRING="$Id: pcap-snoop.c,v 1.14 2002/09/09 21:02:58 ekr Exp $";
#include <pcap.h>
#include <unistd.h>
#include <net/bpf.h>
#ifndef _WIN32
#include <sys/param.h>
#endif
#include <sys/types.h>
#ifndef _WIN32
#include <sys/socket.h>
#include <netinet/in.h>
#else
#include <winsock2.h>
#include <bittypes.h>
#endif
#include <signal.h>
#include <net/if.h>
#include <netinet/if_ether.h>
#include "network.h"
#include <r_common.h>
#include <r_time.h>
#include "null_analyze.h"
#include "ssl_analyze.h"
#ifdef ENABLE_RECORD
#include "record_analyze.h"
#endif
#ifndef ETHERTYPE_8021Q
# define ETHERTYPE_8021Q 0x8100
#endif
char *collapse_args PROTO_LIST((int argc,char **argv));
static int pcap_if_type=DLT_NULL;
int err_exit PROTO_LIST((char *str,int num));
int usage PROTO_LIST((void));
int print_version PROTO_LIST((void));
RETSIGTYPE sig_handler PROTO_LIST((void));
void pcap_cb PROTO_LIST((u_char *ptr,struct pcap_pkthdr *hdr,u_char *data));
int main PROTO_LIST((int argc,char **argv));
int err_exit(str,num)
char *str;
int num;
{
fprintf(stderr,"ERROR: %s\n",str);
exit(num);
}
int usage()
{
fprintf(stderr,"Usage: ssldump [-r dumpfile] [-i interface] \n");
fprintf(stderr," [-k keyfile] [-p password] [-vtaTnsAxVNde]\n");
fprintf(stderr," [filter]\n");
exit(0);
}
int print_version()
{
printf("ssldump 0.9b3\n");
printf("Copyright (C) 1998-2001 RTFM, Inc.\n");
printf("All rights reserved.\n");
#ifdef OPENSSL
printf("Compiled with OpenSSL: decryption enabled\n");
#endif
exit(0);
}
RETSIGTYPE sig_handler()
{
fflush(stdout);
exit(0);
}
void pcap_cb(ptr,hdr,data)
u_char *ptr;
struct pcap_pkthdr *hdr;
u_char *data;
{
n_handler *n;
int len;
struct ether_header *e_hdr=(struct ether_header *)data;
int type;
n=(n_handler *)ptr;
if(hdr->caplen!=hdr->len) err_exit("Length mismatch",-1);
len=hdr->len;
switch(pcap_if_type){
case DLT_NULL:
data+=4;
len-=4;
break;
case DLT_EN10MB:
type=ntohs(e_hdr->ether_type);
data+=sizeof(struct ether_header);
len-=sizeof(struct ether_header);
/* if vlans, push past VLAN header (4 bytes) */
if(type==ETHERTYPE_8021Q) {
type=ntohs(*(u_int16_t *)(data + 2));
data+=4;
len+=4;
}
if(type!=ETHERTYPE_IP)
return;
break;
}
network_process_packet(n,&hdr->ts,data,len);
}
typedef struct module_def_ {
char *name;
proto_mod *mod;
} module_def;
static module_def modules[]={
{"SSL",&ssl_mod},
{"NULL",&null_mod},
#ifdef ENABLE_RECORD
{"RECORD",&record_mod},
#endif
{0,0}
};
int parse_ssl_flag PROTO_LIST((int c));
int main(argc,argv)
int argc;
char **argv;
{
pcap_t *p;
int r;
n_handler *n;
#ifdef _WIN32
__declspec(dllimport) char *optarg;
__declspec(dllimport) int optind;
#else
extern char *optarg;
extern int optind;
#endif
char *interface_name=0;
char *file=0;
char *filter=0;
proto_mod *mod=&ssl_mod;
bpf_u_int32 localnet,netmask;
int c;
module_def *m=0;
int no_promiscuous=0;
char errbuf[PCAP_ERRBUF_SIZE];
signal(SIGINT,sig_handler);
while((c=getopt(argc,argv,"vr:f:S:Ttai:k:p:nsAxXhHVNdqem:P"))!=EOF){
switch(c){
case 'v':
print_version();
break;
case 'f':
fprintf(stderr,"-f option replaced by -r. Use that in the future\n");
case 'r':
file=strdup(optarg);
break;
case 'S':
ssl_mod.vtbl->parse_flags(optarg);
break;
case 'y':
NET_print_flags|=NET_PRINT_TYPESET;
/*Kludge*/
SSL_print_flags |= SSL_PRINT_NROFF;
break;
case 'a':
NET_print_flags |= NET_PRINT_ACKS;
break;
case 'T':
NET_print_flags |= NET_PRINT_TCP_HDR;
break;
case 'i':
interface_name=strdup(optarg);
break;
case 'k':
SSL_keyfile=strdup(optarg);
break;
case 'p':
SSL_password=strdup(optarg);
break;
case 'P':
++no_promiscuous;
break;
case 'n':
NET_print_flags |= NET_PRINT_NO_RESOLVE;
break;
case 'm':
for(m=modules;m->name!=0;m++){
if(!strcmp(m->name,optarg)){
mod=m->mod;
break;
}
}
if(!m->name){
fprintf(stderr,"Request analysis module %s not found\n",
optarg);
exit(1);
}
break;
case 'h':
usage();
printf("Do 'man ssldump' for documentation\n");
exit(1);
case '?':
usage();
exit(1);
/* must be an SSL flag. This is kind of a gross
special case */
default:
parse_ssl_flag(c);
break;
}
}
argv+=optind;
argc-=optind;
if(!file){
if(!interface_name){
interface_name=pcap_lookupdev(errbuf);
if(!interface_name){
fprintf(stderr,"PCAP: %s\n",errbuf);
err_exit("Aborting",-1);
}
}
if(!(p=pcap_open_live(interface_name,5000,!no_promiscuous,1000,errbuf))){
fprintf(stderr,"PCAP: %s\n",errbuf);
err_exit("Aborting",-1);
}
if (pcap_lookupnet(interface_name, &localnet, &netmask, errbuf) < 0)
verr_exit("PCAP: %s\n",errbuf);
}
else{
if(!(p=pcap_open_offline(file,errbuf))){
fprintf(stderr,"PCAP: %s\n",errbuf);
err_exit("Aborting",-1);
}
netmask=0;
localnet=0;
}
if(argc!=0)
filter=collapse_args(argc,argv);
if(filter){
struct bpf_program fp;
if(pcap_compile(p,&fp,filter,0,netmask)<0)
verr_exit("PCAP: %s\n",pcap_geterr(p));
if(pcap_setfilter(p,&fp)<0)
verr_exit("PCAP: %s\n",pcap_geterr(p));
}
pcap_if_type=pcap_datalink(p);
if(NET_print_flags & NET_PRINT_TYPESET)
printf("\n.nf\n.ps -2\n");
if(r=network_handler_create(mod,&n))
err_exit("Couldn't create network handler",r);
pcap_loop(p,-1,pcap_cb,(u_char *)n);
if(NET_print_flags & NET_PRINT_TYPESET)
printf("\n.ps\n.fi\n");
exit(0);
}
char *collapse_args(argc,argv)
int argc;
char **argv;
{
int i,len=0;
char *ret;
if(!argc)
return(0);
for(i=0;i<argc;i++){
len+=strlen(argv[i])+1;
}
if(!(ret=(char *)malloc(len)))
err_exit("Out of memory",1);
len=0;
for(i=0;i<argc;i++){
strcpy(ret+len,argv[i]);
len+=strlen(argv[i]);
if(i!=(argc-1))
ret[len++]=' ';
}
return(ret);
}

88
base/print_utils.c Normal file
View file

@ -0,0 +1,88 @@
/**
print_utils.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: print_utils.c,v 1.2 2000/10/17 16:09:58 ekr Exp $
ekr@rtfm.com Mon Feb 15 17:23:36 1999
*/
static char *RCSSTRING="$Id: print_utils.c,v 1.2 2000/10/17 16:09:58 ekr Exp $";
int explain(char *format,...)
{
va_list ap;
va_start(ap,format);
INDENT;
vprintf(format,ap);
va_end(ap);
return(0);
}
int exdump(name,data)
char *name;
Data *data;
{
int i,j;
char prefix[100];
INDENT;
if(name){
sprintf(prefix,"%s[%d]=\n",name,data->len);
printf("%s",prefix);
INDENT_INCR;
}
for(i=0;i<data->len;i++){
if(!i && (data->len>8)) INDENT;
if((data->len>8) && i && !(i%12)){
printf("\n"); INDENT;
}
printf("%.2x ",data->data[i]&255);
}
if(name) INDENT_POP;
if(data->len>8 && i%12)
printf("\n");
return(0);
}

56
base/print_utils.h Normal file
View file

@ -0,0 +1,56 @@
/**
print_utils.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: print_utils.h,v 1.2 2000/10/17 16:09:58 ekr Exp $
ekr@rtfm.com Mon Feb 15 17:23:56 1999
*/
#ifndef _print_utils_h
#define _print_utils_h
int explain PROTO_LIST((char *format,...));
int exdump PROTO_LIST((char *name,
Data *data));
#endif

88
base/proto_mod.c Normal file
View file

@ -0,0 +1,88 @@
/**
proto_mod.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: proto_mod.c,v 1.3 2001/07/20 23:33:14 ekr Exp $
ekr@rtfm.com Thu Jan 7 22:35:23 1999
*/
static char *RCSSTRING="$Id: proto_mod.c,v 1.3 2001/07/20 23:33:14 ekr Exp $";
#include "network.h"
int create_proto_handler(mod,ctx,handlerp,conn,first_packet)
proto_mod *mod;
proto_ctx *ctx;
proto_handler **handlerp;
tcp_conn *conn;
struct timeval *first_packet;
{
int r,_status;
proto_handler *handler=0;
if(!(handler=(proto_handler *)calloc(sizeof(proto_handler),1)))
ABORT(R_NO_MEMORY);
handler->vtbl=mod->vtbl;
if(r=mod->vtbl->create(mod->handle,ctx,conn,&handler->obj,
&conn->i_addr,conn->i_port,&conn->r_addr,conn->r_port,first_packet))
ABORT(r);
*handlerp=handler;
_status=0;
abort:
if(_status){
destroy_proto_handler(&handler);
}
return(_status);
}
int destroy_proto_handler(handlerp)
proto_handler **handlerp;
{
if(!handlerp || !*handlerp)
return(0);
(*handlerp)->vtbl->destroy(&(*handlerp)->obj);
free(*handlerp);
*handlerp=0;
return(0);
}

86
base/proto_mod.h Normal file
View file

@ -0,0 +1,86 @@
/**
proto_mod.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: proto_mod.h,v 1.4 2001/11/26 22:28:16 ekr Exp $
ekr@rtfm.com Thu Dec 24 21:10:05 1998
*/
#ifndef _proto_mod_h
#define _proto_mod_h
typedef struct proto_obj_ proto_obj;
typedef struct proto_ctx_ proto_ctx;
#define DIR_I2R 1
#define DIR_R2I 2
struct proto_mod_vtbl_ {
int (*parse_flags) PROTO_LIST((char *str));
int (*parse_flag) PROTO_LIST((int flag));
int (*create_ctx) PROTO_LIST((void *handle,proto_ctx **ctxp));
int (*create) PROTO_LIST((void *handle,proto_ctx *ctx,
tcp_conn *conn,
proto_obj **objp,
struct in_addr *i_addr,u_short i_port,
struct in_addr *r_addr,u_short r_port,struct timeval *time_base));
int (*destroy) PROTO_LIST((proto_obj **objp));
int (*data) PROTO_LIST((proto_obj *obj,segment *data,int direction));
int (*close) PROTO_LIST((proto_obj *obj,packet *p,int direction));
};
struct proto_mod_ {
void *handle;
struct proto_mod_vtbl_ *vtbl;
};
struct proto_handler_ {
proto_obj *obj;
struct proto_mod_vtbl_ *vtbl;
};
int create_proto_handler PROTO_LIST((proto_mod *mod,proto_ctx *ctx,
proto_handler **handlerp,
tcp_conn *conn,struct timeval *first_packet));
int destroy_proto_handler PROTO_LIST((proto_handler **handlerp));
#endif

275
base/targets.mk Normal file
View file

@ -0,0 +1,275 @@
#
# targets.mk
#
# $Source: /usr/local/CVS/ssldump/base/targets.mk,v $
# $Revision: 1.3 $
# $Date: 2002/08/17 01:33:16 $
# $Name: $
# $Disclaimer$
#
# Copyright (C) 2001, Terisa Systems, Inc.
# All Rights Reserved.
#
# ekr@terisa.com
#
#
# CONFIGURE USER-DEFINED MAKE ENVIRONMENT
#
# These fields are specified by the user. The remainder of
# this file is generated from this user-specified information.
#
# ANALYZE_DEFINES:
# cpp defines, with the -D flag preceeding each
#
# ANALYZE_INCLUDES:
# cpp include directories, with the -I flag preceeding each
#
# ANALYZE_INTERNAL:
# headers files which are local to a specific module directory,
# and should not be used by other parts of the toolkit or by
# the user
#
# ANALYZE_LIBNAME:
# the library associated with this module directory, used in
# most cases for debugging purposes
#
# ANALYZE_LIBPATHS:
# link-time directories to search for libraries, with the -L flag
# preceeding each
#
# ANALYZE_LIBRARIES:
# link-time libraries, with the -l flag preceeding each
#
# ANALYZE_LOCALFLAGS:
# compile-time flags specific to compiling only the files in
# this module directory--this variable should only be set in
# extremely exceptional cases
#
# ANALYZE_MAKEFILES:
# the makefiles
#
# ANALYZE_PREFIX:
# defines the module name, which also serves as the
# prefix for all the variable names defined in this file
#
# ANALYZE_PRIVATE:
# the private, for-toolkit-use-only API header files
#
# ANALYZE_PROGRAMS:
# programs to build
#
# ANALYZE_PUBLIC:
# the header files that define the public API for the toolkit
# and any other 'public' files that should be copied to
# the build directory
#
# ANALYZE_SOURCES:
# the source files to compile to object
#
ANALYZE_DEFINES =
ANALYZE_INCLUDES = -I$(ANALYZE_SRCDIR)
ANALYZE_INTERNAL =
ANALYZE_LIBNAME =
ANALYZE_LIBPATHS =
ANALYZE_LIBRARIES =
ANALYZE_LOCALFLAGS =
ANALYZE_MAKEFILES = targets.mk
ANALYZE_PREFIX = ANALYZE
ANALYZE_PRIVATE = network.h proto_mod.h tcpconn.h tcppack.h
ANALYZE_PROGRAMS =
ANALYZE_PUBLIC =
ANALYZE_SOURCES = network.c pcap-snoop.c proto_mod.c tcpconn.c \
tcppack.c
#
# CONFIGURE AUTOMATICALLY-GENERATED MAKE ENVIRONMENT
#
# ANALYZE_OBJECTS:
# object files to build
#
# ANALYZE_UNUSED:
# obsolete files in the module directory that are not
# used during the build process
#
# ANALYZE_USED:
# all files in the module directory that are used
# during the build process
#
ANALYZE_OBJECTS = network.$(OBJSUFFIX) pcap-snoop.$(OBJSUFFIX) \
proto_mod.$(OBJSUFFIX) tcpconn.$(OBJSUFFIX) \
tcppack.$(OBJSUFFIX)
ANALYZE_UNUSED = common.c debug.c debug.h print_utils.c \
print_utils.h
ANALYZE_USED = $(ANALYZE_INTERNAL:%=$(ANALYZE_SRCDIR)%) \
$(ANALYZE_MAKEFILES:%=$(ANALYZE_SRCDIR)%) \
$(ANALYZE_PRIVATE:%=$(ANALYZE_SRCDIR)%) \
$(ANALYZE_PUBLIC:%=$(ANALYZE_SRCDIR)%) \
$(ANALYZE_SOURCES:%=$(ANALYZE_SRCDIR)%)
#
# NOTES
#
# The following variables may be used during the build process,
# but are not defined in this file. If they are to be set
# to something other than the default blank, then they must
# be set by the calling make system.
#
# ANALYZE_SRCDIR:
# if the build target directory is different from the
# module directory (the source directory), then this
# variable contains the relative or full path of
# the module directory
#
# LIBARS:
# the library archive files (with fully-specified paths) that
# executables built from this module directory depend upon
#
# LIBPATHS:
# the paths to search for library archives (specified with
# the -L)
#
# LIBRARIES:
# the libraries to use while building executables from
# this module directory (specified with the -l)
#
#
# GLOBAL ENVIRONMENT
#
DEFINES += $(ANALYZE_DEFINES)
INCLUDES += $(ANALYZE_INCLUDES)
LIBPATHS += $(ANALYZE_LIBPATHS)
LIBRARIES += $(ANALYZE_LIBRARIES)
OBJECTS += $(ANALYZE_OBJECTS)
PUBLIC += $(ANALYZE_PUBLIC)
#
# GENERIC DEPENDENCIES
#
# default:
# default dependency, must be the first dependency in this makefile
#
# all:
# build everything in this module directory
#
# build:
# make only the toolkit build files of this module directory
#
# ci:
# perform an RCS check-in of this module directory
#
# clean:
# remove the compiled files
#
# clean_public:
# remove the public header files that have been copied
# to a public build directory
#
# objects:
# build the object files (this dependency is used for
# building the toolkit library)
#
# private:
# build only the private API header files
#
# public:
# build only the public API header files
#
default: $(ANALYZE_LIBNAME)
default: $(ANALYZE_PROGRAMS)
all: $(ANALYZE_PUBLIC)
all: $(ANALYZE_OBJECTS)
all: $(ANALYZE_LIBNAME)
all: $(ANALYZE_PROGRAMS)
build: $(ANALYZE_PUBLIC)
build: $(ANALYZE_OBJECTS)
ci: analyze_ci
clean: analyze_clean
clean_public: analyze_clean_public
objects: $(ANALYZE_OBJECTS)
private: $(ANALYZE_PRIVATE)
public: $(ANALYZE_PUBLIC)
#
# LOCAL UTILITY DEPENDENCIES
#
# utility dependencies are necessary because of some
# make-isms having to do with dependencies
#
analyze_ci:
$(CI) $(CIFLAGS) $(ANALYZE_USED)
analyze_clean:
$(RM) $(RMFLAGS) $(ANALYZE_OBJECTS) $(ANALYZE_LIBNAME) $(ANALYZE_PROGRAMS)
analyze_clean_public:
$(RM) $(RMFLAGS) $(ANALYZE_PUBLIC)
analyze_objects: $(ANALYZE_OBJECTS)
analyze_programs: $(ANALYZE_PROGRAMS)
analyze_public: $(ANALYZE_PUBLIC)
#
# BUILD DEPENDENCIES
#
# build dependencies invoke the rule used to build each
# class of file
#
$(ANALYZE_LIBNAME):
$(AR) $(ARFLAGS) $@ $?
$(RANLIB) $@
$(ANALYZE_OBJECTS):
$(COMPILE.c) $(ANALYZE_SRCDIR)$(@:%.$(OBJSUFFIX)=%.c) $(DEFINES) $(INCLUDES) $(ANALYZE_LOCALFLAGS)
$(ANALYZE_PUBLIC):
$(CP) $(CPFLAGS) $(ANALYZE_SRCDIR)$@ $@
$(ANALYZE_PROGRAMS):
$(LINK.c) -o $@ $@.$(OBJSUFFIX) $(LDLIBS) $(LIBS) $(LIBRARIES) $(LIBPATHS)
#LIBS above is obsolete (use LIBARARIES instead)
#
# FILE DEPENDENCIES
#
# file dependencies state, for each file that is built,
# which file(s) it depends upon
#
network.$(OBJSUFFIX): $(ANALYZE_SRCDIR)network.h
network.$(OBJSUFFIX): $(ANALYZE_SRCDIR)network.c
pcap-snoop.$(OBJSUFFIX): $(ANALYZE_SRCDIR)pcap-snoop.c
proto_mod.$(OBJSUFFIX): $(ANALYZE_SRCDIR)proto_mod.h
proto_mod.$(OBJSUFFIX): $(ANALYZE_SRCDIR)proto_mod.c
tcpconn.$(OBJSUFFIX): $(ANALYZE_SRCDIR)tcpconn.h
tcpconn.$(OBJSUFFIX): $(ANALYZE_SRCDIR)tcpconn.c
tcppack.$(OBJSUFFIX): $(ANALYZE_SRCDIR)tcppack.h
tcppack.$(OBJSUFFIX): $(ANALYZE_SRCDIR)tcppack.c
$(ANALYZE_LIBNAME): $(ANALYZE_OBJECTS)

203
base/tcpconn.c Normal file
View file

@ -0,0 +1,203 @@
/**
tcpconn.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: tcpconn.c,v 1.7 2002/08/17 01:33:16 ekr Exp $
ekr@rtfm.com Tue Dec 29 15:13:03 1998
*/
static char *RCSSTRING="$Id: tcpconn.c,v 1.7 2002/08/17 01:33:16 ekr Exp $";
#include "network.h"
#include "tcpconn.h"
typedef struct conn_struct_ {
tcp_conn conn;
struct conn_struct_ *next;
struct conn_struct_ *prev;
} conn_struct;
int conn_number=1;
static conn_struct *first_conn=0;
static int zero_conn PROTO_LIST((tcp_conn *conn));
static int zero_conn(conn)
tcp_conn *conn;
{
memset(conn,0,sizeof(tcp_conn));
return(0);
}
int tcp_find_conn(connp,directionp,saddr,sport,daddr,dport)
tcp_conn **connp;
int *directionp;
struct in_addr *saddr;
u_short sport;
struct in_addr *daddr;
u_short dport;
{
conn_struct *conn;
for(conn=first_conn;conn;conn=conn->next){
if(sport == conn->conn.i_port && dport==conn->conn.r_port){
if(!memcmp(saddr,&conn->conn.i_addr,sizeof(struct in_addr))
&& !memcmp(daddr,&conn->conn.r_addr,sizeof(struct in_addr)))
{
*directionp=DIR_I2R;
*connp=&(conn->conn);
return(0);
}
}
if(dport == conn->conn.i_port && sport==conn->conn.r_port){
if(!memcmp(saddr,&conn->conn.r_addr,sizeof(struct in_addr))
&& !memcmp(daddr,&conn->conn.i_addr,sizeof(struct in_addr)))
{
*directionp=DIR_R2I;
*connp=&(conn->conn);
return(0);
}
}
}
return(R_NOT_FOUND);
}
int tcp_create_conn(connp,i_addr,i_port,r_addr,r_port)
tcp_conn **connp;
struct in_addr *i_addr;
u_short i_port;
struct in_addr *r_addr;
u_short r_port;
{
conn_struct *conn=0;
if(!(conn=(conn_struct *)malloc(sizeof(conn_struct))))
return(R_NO_MEMORY);
conn->prev=0;
zero_conn(&conn->conn);
conn->conn.backptr=conn;
conn->conn.conn_number=conn_number++;
memcpy(&conn->conn.i_addr,i_addr,sizeof(struct in_addr));
conn->conn.i_port=i_port;
memcpy(&conn->conn.r_addr,r_addr,sizeof(struct in_addr));
conn->conn.r_port=r_port;
*connp=&(conn->conn);
/* Insert at the head of the list */
conn->next=first_conn;
if(first_conn)
first_conn->prev=conn;
first_conn=conn;
return(0);
}
int tcp_destroy_conn(conn)
tcp_conn *conn;
{
conn_struct *c=conn->backptr;
/* Detach from the list */
if(c->next){
c->next->prev=c->prev;
}
if(c->prev){
c->prev->next=c->next;
}
else {
first_conn=c->next;
}
destroy_proto_handler(&conn->analyzer);
free_tcp_segment_queue(conn->i2r.oo_queue);
free_tcp_segment_queue(conn->r2i.oo_queue);
zero_conn(conn);
return(0);
}
int free_tcp_segment_queue(seg)
segment *seg;
{
segment *tmp;
while(seg){
tmp=seg->next;
packet_destroy(seg->p);
free(seg);
seg=tmp;
}
return(0);
}
int copy_tcp_segment_queue(out,in)
segment **out;
segment *in;
{
int r,_status;
segment *base=0;
for(;in;in=in->next){
if(!(*out=(segment *)calloc(sizeof(segment),1)))
ABORT(R_NO_MEMORY);
if(!base) base=*out;
if(r=packet_copy(in->p,&(*out)->p))
ABORT(r);
out=&(*out)->next; /* Move the pointer we're assigning to */
}
_status=0;
abort:
if(_status){
free_tcp_segment_queue(base);
}
return(_status);
}

104
base/tcpconn.h Normal file
View file

@ -0,0 +1,104 @@
/**
tcpconn.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: tcpconn.h,v 1.4 2001/07/20 23:33:15 ekr Exp $
ekr@rtfm.com Tue Dec 29 13:00:52 1998
*/
#ifndef _tcpconn_h
#define _tcpconn_h
typedef struct segment_ {
u_char *data;
u_int len;
tcp_seq s_seq;
packet *p;
struct segment_ *next;
} segment;
typedef struct stream_data_ {
tcp_seq seq;
tcp_seq ack;
short close;
segment *oo_queue;
} stream_data;
typedef struct tcp_conn_ {
int conn_number;
int state;
#define TCP_STATE_SYN1 1
#define TCP_STATE_SYN2 2
#define TCP_STATE_ACK 3
#define TCP_STATE_ESTABLISHED 4
#define TCP_STATE_FIN1 5
#define TCP_STATE_CLOSED 6
/*The address which sent the first SYN*/
struct in_addr i_addr;
u_short i_port;
/*The address which sent the second SYN*/
struct in_addr r_addr;
u_short r_port;
stream_data i2r; /*The stream from initiator to responder*/
stream_data r2i; /*The stream from responder to initiator*/
struct timeval start_time;
proto_handler *analyzer; /*The analyzer to call with new data*/
struct conn_struct_ *backptr;
} tcp_conn;
int tcp_find_conn PROTO_LIST((tcp_conn **connp,
int *directionp,
struct in_addr *src_addr, u_short src_port,
struct in_addr *dst_addr, u_short dst_port));
int tcp_create_conn PROTO_LIST((tcp_conn **connp,
struct in_addr *initiator_addr, u_short initiator_port,
struct in_addr *responder_addr, u_short responder_port));
int tcp_destroy_conn PROTO_LIST((tcp_conn *conn));
int free_tcp_segment_queue PROTO_LIST((segment *seg));
int copy_tcp_segment_queue PROTO_LIST((segment **out,segment *in));
#endif

446
base/tcppack.c Normal file
View file

@ -0,0 +1,446 @@
/**
tcppack.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: tcppack.c,v 1.11 2002/09/09 21:02:58 ekr Exp $
ekr@rtfm.com Tue Dec 29 12:43:39 1998
*/
static char *RCSSTRING="$Id: tcppack.c,v 1.11 2002/09/09 21:02:58 ekr Exp $";
#include "network.h"
#ifndef _WIN32
# include <sys/socket.h>
# include <arpa/inet.h>
# ifndef LINUX
# include <netinet/tcp_seq.h>
# else
# define SEQ_LT(x,y) ((int)((x)-(y))<0)
# endif
#else
# include <winsock2.h>
# define SEQ_LT(x,y) ((int)((x)-(y))<0)
#endif
#include <ctype.h>
#include "debug.h"
#include "tcpconn.h"
#include "tcppack.h"
static int process_data_segment PROTO_LIST((tcp_conn *conn,
proto_mod *handler,packet *p,stream_data *stream,int direction));
static int new_connection PROTO_LIST((proto_mod *handler,proto_ctx *ctx,
packet *p,tcp_conn **connp));
static int print_tcp_packet PROTO_LIST((packet *p));
int STRIM PROTO_LIST((UINT4 _seq,segment *s));
int process_tcp_packet(handler,ctx,p)
proto_mod *handler;
proto_ctx *ctx;
packet *p;
{
int r,_status;
int direction;
stream_data *stream;
tcp_conn *conn;
p->tcp=(struct tcphdr *)p->data;
print_tcp_packet(p);
if(r=tcp_find_conn(&conn,&direction,&p->ip->ip_src,
ntohs(p->tcp->th_sport),&p->ip->ip_dst,ntohs(p->tcp->th_dport))){
if(r!=R_NOT_FOUND)
ABORT(r);
/*Note that we MUST receive the 3-way handshake in the
proper order. This shouldn't be a problem, though,
except for simultaneous connects*/
if((p->tcp->th_flags & (TH_SYN|TH_ACK))!=TH_SYN){
DBG((0,"TCP: rejecting packet from unknown connection\n"));
return(0);
}
DBG((0,"SYN1\n"));
if(r=new_connection(handler,ctx,p,&conn))
ABORT(r);
conn->i2r.seq=ntohl(p->tcp->th_seq)+1;
return(0);
}
stream=direction==DIR_R2I?&conn->r2i:&conn->i2r;
switch(conn->state){
case TCP_STATE_SYN1:
if(direction != DIR_R2I)
break;
if((p->tcp->th_flags & (TH_SYN|TH_ACK))!=(TH_SYN|TH_ACK))
break;
conn->r2i.seq=ntohl(p->tcp->th_seq)+1;
conn->r2i.ack=ntohl(p->tcp->th_ack)+1;
conn->state=TCP_STATE_SYN2;
DBG((0,"SYN2\n"));
break;
case TCP_STATE_SYN2:
{
char *sn=0,*dn=0;
if(direction != DIR_I2R)
break;
DBG((0,"ACK\n"));
conn->i2r.ack=ntohl(p->tcp->th_ack)+1;
lookuphostname(&conn->i_addr,&sn);
lookuphostname(&conn->r_addr,&dn);
if(NET_print_flags & NET_PRINT_TYPESET)
printf("\\fC");
printf("New TCP connection #%d: %s(%d) <-> %s(%d)\n",
conn->conn_number,
sn,conn->i_port,
dn,conn->r_port);
if(NET_print_flags & NET_PRINT_TYPESET)
printf("\\fR");
conn->state=TCP_STATE_ESTABLISHED;
free(sn);
free(dn);
}
case TCP_STATE_ESTABLISHED:
case TCP_STATE_FIN1:
{
UINT4 length;
if(p->tcp->th_flags & TH_SYN)
break;
length=p->len - (p->tcp->th_off * 4);
if(r=process_data_segment(conn,handler,p,stream,direction))
ABORT(r);
}
break;
default:
break;
}
if(conn->state==TCP_STATE_CLOSED)
tcp_destroy_conn(conn);
_status=0;
abort:
return(_status);
}
static int new_connection(handler,ctx,p,connp)
proto_mod *handler;
proto_ctx *ctx;
packet *p;
tcp_conn **connp;
{
int r,_status;
tcp_conn *conn=0;
if(r=tcp_create_conn(&conn,&p->ip->ip_src,ntohs(p->tcp->th_sport),
&p->ip->ip_dst,ntohs(p->tcp->th_dport)))
ABORT(r);
conn->state=TCP_STATE_SYN1;
memcpy(&conn->start_time,&p->ts,sizeof(struct timeval));
if(r=create_proto_handler(handler,ctx,&conn->analyzer,conn,&p->ts))
ABORT(r);
*connp=conn;
_status=0;
abort:
return(_status);
}
/*#define STRIM(_seq,s) { \
int l;\
int off;\
l=(s)->s_seq - _seq; \
off=(s)->p->tcp->th_off*4; \
if(l>((s)->p->len-off)) ERETURN(R_BAD_DATA);\
(s)->data=(s)->p->data + off + (l) ; \
(s)->len=(s)->p->len - off + (l); \
(s)->s_seq += (l); \
if((s)->next) { \
if((s)->s_seq >= (s)->next->s_seq) {\
l=(s)->next->s_seq - (s)->s_seq; \
if((s)->len){\
(s)->len-=(l+1); \
(s)->s_seq-=(l+1);\
}\
}\
}\
}
*/
static int process_data_segment(conn,handler,p,stream,direction)
tcp_conn *conn;
proto_mod *handler;
packet *p;
stream_data *stream;
int direction;
{
int r,_status;
tcp_seq seq,right_edge;
segment _seg;
segment *seg,*nseg=0;
long l;
l=p->len - p->tcp->th_off * 4;
if(stream->close){
DBG((0,"Rejecting packet received after FIN"));
return(0);
}
/*The idea here is to pass all available segments
to the analyzer at once. Since we want to preserve
the segment packet data, we pass the data as a linked list of
segments*/
seq=ntohl(p->tcp->th_seq);
/*Add ACK processing logic here <TODO>*/
if(p->tcp->th_flags & TH_ACK){
long acknum,acked;
acknum=ntohl(p->tcp->th_ack);
acked=acknum-stream->ack;
if(acked && !l){
/*
if(r=timestamp_diff(&p->ts,&conn->start_time,&dt))
ERETURN(r);
printf("%d%c%4.4d ",dt.tv_sec,'.',dt.tv_usec/100);
if(direction == DIR_R2I)
printf("S>C ");
else
printf("C>S ");
printf("ACK (%d)\n",acked); */
}
stream->ack=acknum;
}
DBG((0,"Stream Seq %u ",stream->seq));
/* Check to see if this packet has been processed already */
right_edge=seq + (p->len - (p->tcp->th_off)*4);
if(!(p->tcp->th_flags & (TH_RST)) && SEQ_LT(right_edge,stream->seq))
return(0);
if(SEQ_LT(stream->seq,seq)){
/* Out of order segment */
tcp_seq left_edge;
for(seg=0;seg;seg=seg?seg->next:stream->oo_queue){
if(seg->next->s_seq > seq)
break;
}
if(!(nseg=(segment *)calloc(sizeof(segment),1)))
ABORT(R_NO_MEMORY);
if(r=packet_copy(p,&nseg->p))
ABORT(r);
nseg->s_seq=seq;
/*Insert this segment into the reassembly queue*/
if(seg){
nseg->next=seg->next;
seg->next=nseg;
}
else{
nseg->next=stream->oo_queue;
stream->oo_queue=nseg;
}
left_edge=seg?seg->s_seq:stream->seq;
STRIM(left_edge,nseg);
}
else{
/*First segment -- just thread the unallocated data on the
list so we can pass to the analyzer*/
_seg.next=0;
_seg.p=p;
_seg.s_seq=seq;
/*Now split the queue. Assemble as many packets as possible
and pass them to the analyzer. But process anything with a
RST in it immediately and ignore any data that might be in it
*/
if(_seg.p->tcp->th_flags & (TH_RST)){
stream->close=_seg.p->tcp->th_flags & (TH_RST);
seg=&_seg;
conn->state=TCP_STATE_CLOSED;
}
else{
STRIM(stream->seq,&_seg);
if(_seg.p->tcp->th_flags & (TH_FIN)){
stream->close=_seg.p->tcp->th_flags & (TH_FIN);
seg=&_seg;
}
else {
for(seg=&_seg;seg->next;seg=seg->next){
if(seg->p->tcp->th_flags & (TH_FIN)){
stream->close=_seg.p->tcp->th_flags & (TH_FIN);
break;
}
if(seg->len + seg->s_seq != seg->next->s_seq)
break;
}
}
/*Note that this logic is broken because it doesn't
do the CLOSE_WAIT/FIN_WAIT stuff, but it's probably
close enough, since this is a higher level protocol analyzer,
not a TCP analyzer*/
if(seg->p->tcp->th_flags & (TH_FIN) ){
if(conn->state == TCP_STATE_ESTABLISHED)
conn->state=TCP_STATE_FIN1;
else
conn->state=TCP_STATE_CLOSED;
}
stream->oo_queue=seg->next;
seg->next=0;
stream->seq=seg->s_seq + seg->len;
if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction))
ABORT(r);
}
if(stream->close){
if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction))
ABORT(r);
}
free_tcp_segment_queue(_seg.next);
}
_status=0;
abort:
return(_status);
}
static int print_tcp_packet(p)
packet *p;
{
char *src=0,*dst=0;
if(!(NET_print_flags & NET_PRINT_TCP_HDR))
return(0);
lookuphostname(&p->ip->ip_src,&src);
lookuphostname(&p->ip->ip_dst,&dst);
printf("TCP: %s(%d) -> %s(%d) ",
src,
ntohs(p->tcp->th_sport),
dst,
ntohs(p->tcp->th_dport));
printf("Seq %u.(%d) ",
ntohl(p->tcp->th_seq),
p->len - p->tcp->th_off *4);
if(p->tcp->th_flags & TH_ACK)
printf("ACK %u ",ntohl(p->tcp->th_ack));
if(p->tcp->th_flags & TH_FIN)
printf("FIN ");
if(p->tcp->th_flags & TH_SYN)
printf("SYN ");
if(p->tcp->th_flags & TH_RST)
printf("RST ");
if(p->tcp->th_flags & TH_PUSH)
printf("PUSH ");
if(p->tcp->th_flags & TH_URG)
printf("URG ");
printf("\n");
free(src);
free(dst);
return(0);
}
int STRIM(_seq,s)
UINT4 _seq;
segment *s;
{
int l;
int off;
/* Test: this shouldn't damage things at all
s->p->data-=4;
s->p->len+=4;
s->s_seq-=4;
*/
l=_seq - (s)->s_seq; /* number of bytes to trim
from the left of s */
off=(s)->p->tcp->th_off*4;
if(l>((s)->p->len-off)) ERETURN(R_BAD_DATA);
/* Now remove the leading l bytes */
(s)->data=(s)->p->data + off + (l) ;
(s)->len=(s)->p->len - (off + l);
(s)->s_seq += (l);
/* Now trim to the right if necessary */
if((s)->next) {
if((s)->s_seq >= (s)->next->s_seq) {
l=(s)->s_seq - (s)->next->s_seq;
if((s)->len){
(s)->len-=(l+1);
}
}
}
return(0);
}

54
base/tcppack.h Normal file
View file

@ -0,0 +1,54 @@
/**
tcppack.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: tcppack.h,v 1.3 2001/07/20 23:33:15 ekr Exp $
ekr@rtfm.com Wed Jan 6 15:08:30 1999
*/
#ifndef _tcppack_h
#define _tcppack_h
int process_tcp_packet PROTO_LIST((proto_mod *mod,proto_ctx *ctx,
packet *p));
#endif

5
common/Makefile.in Normal file
View file

@ -0,0 +1,5 @@
OBJECTS=r_assoc.o r_data.o r_errors.o r_list.c r_time.o
INCLUDES += ../includes
OBJECTS:
$(CC) $(CFLAGS) $(@:%.c

20
common/configure.scan Normal file
View file

@ -0,0 +1,20 @@
dnl Process this file with autoconf to produce a configure script.
AC_INIT(include/r_assoc.h)
dnl Checks for programs.
AC_PROG_CC
dnl Checks for libraries.
dnl Checks for header files.
AC_HEADER_STDC
AC_CHECK_HEADERS(sys/time.h)
dnl Checks for typedefs, structures, and compiler characteristics.
AC_HEADER_TIME
dnl Checks for library functions.
AC_FUNC_MEMCMP
AC_FUNC_VPRINTF
AC_OUTPUT(make/freebsd31/Makefile make/freebsd22/Makefile make/sunos413/Makefile)

106
common/include/.#r_macros.h.1.2 Normal file
View file

@ -0,0 +1,106 @@
/**
r_macros.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_macros.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
ekr@rtfm.com Tue Dec 22 10:37:32 1998
*/
#ifndef _r_macros_h
#define _r_macros_h
#if (R_USE_PROTOTYPES==1)
#define PROTO_LIST(a) a
#else
#define PROTO_LIST(a) ()
#endif
#ifndef __GNUC__
#define __FUNCTION__ "unknown"
#endif
#ifdef R_TRACE_ERRORS
#define REPORT_ERROR_(caller,a) fprintf(stderr,"%s: error %d at %s:%d (function %s)\n", \
caller,a,__FILE__,__LINE__,__FUNCTION__)
#else
#define REPORT_ERROR_(caller,a)
#endif
#ifndef ERETURN
#define ERETURN(a) do {int _r=a; if(!_r) _r=-1; REPORT_ERROR_("ERETURN",_r); return(_r);} while(0)
#endif
#ifndef ABORT
#define ABORT(a) do { int _r=a; if(!_r) _r=-1; REPORT_ERROR_("ABORT",_r); _status=_r; goto abort;} while(0)
#endif
#ifndef FREE
#define FREE(a) if(a) free(a)
#endif
#ifndef MIN
#define MIN(a,b) ((a)>(b))?(b):(a)
#endif
#ifndef MAX
#define MAX(a,b) ((b)>(a))?(b):(a)
#endif
#ifdef DEBUG
#define DBG(a) debug a
int debug(int class,char *format,...);
#else
#define DBG(a)
#endif
#ifndef RMALLOC
#define RMALLOC(a) malloc(A)
#endif
#ifndef RCALLOC
#define RCALLOC(a) calloc(1,a)
#endif
#ifndef RFREE
#define RFREE(a) if(a) free(a)
#endif
#endif

83
common/include/r_assoc.h Normal file
View file

@ -0,0 +1,83 @@
/**
r_assoc.h
Associative array code. This code has the advantage that different
elements can have different create and destroy operators. Unfortunately,
this can waste space.
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_assoc.h,v 1.3 2001/12/24 06:06:26 ekr Exp $
ekr@rtfm.com Sun Jan 17 17:57:18 1999
*/
#ifndef _r_assoc_h
#define _r_assoc_h
typedef struct r_assoc_ r_assoc;
int r_assoc_create PROTO_LIST((r_assoc **assocp));
int r_assoc_insert PROTO_LIST((r_assoc *assoc,char *key,int len,
void *value,int (*copy)(void **new,void *old),
int (*destroy)(void *ptr),int how));
#define R_ASSOC_REPLACE 0x1
#define R_ASSOC_NEW 0x2
int r_assoc_fetch PROTO_LIST((r_assoc *assoc,char *key, int len,
void **value));
int r_assoc_copy PROTO_LIST((r_assoc **new,r_assoc *old));
int r_assoc_destroy PROTO_LIST((r_assoc **assocp));
/*We need iterators, but I haven't written them yet*/
typedef struct r_assoc_iterator_ {
r_assoc *assoc;
int prev_chain;
struct r_assoc_el_ *prev;
int next_chain;
struct r_assoc_el_ *next;
} r_assoc_iterator;
int r_assoc_init_iter PROTO_LIST((r_assoc *assoc,r_assoc_iterator *));
int r_assoc_iter PROTO_LIST((r_assoc_iterator *iter,void **key,int *keyl,
void **val));
int r_assoc_iter_delete PROTO_LIST((r_assoc_iterator *));
#endif

26
common/include/r_bitfield.h Normal file
View file

@ -0,0 +1,26 @@
/**
r_bitfield.h
Copyright (C) 2001 RTFM, Inc.
All Rights Reserved.
ekr@rtfm.com Wed Oct 3 10:43:50 2001
*/
#ifndef _r_bitfield_h
#define _r_bitfield_h
typedef struct r_bitfield_ {
UINT4 *data;
UINT4 len;
UINT4 base;
} r_bitfield;
int r_bitfield_set PROTO_LIST((r_bitfield *,int bit));
int r_bitfield_isset PROTO_LIST((r_bitfield *,int bit));
int r_bitfield_create PROTO_LIST((r_bitfield **setp,UINT4 size));
int r_bitfield_destroy PROTO_LIST((r_bitfield **setp));
#endif

66
common/include/r_common.h Normal file
View file

@ -0,0 +1,66 @@
/**
r_common.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_common.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
ekr@rtfm.com Tue Dec 22 10:40:07 1998
*/
#ifndef _r_common_h
#define _r_common_h
#include "r_defaults.h"
#include "r_includes.h"
#include "r_types.h"
#include "r_macros.h"
#include "r_errors.h"
#include "r_data.h"
/*AAH*/
int xdump PROTO_LIST((char *label,UCHAR *data,int len));
/* defines for possibly replaced functions */
#ifndef HAVE_STRDUP
char *strdup PROTO_LIST((char *in));
#endif
#endif

68
common/include/r_data.h Normal file
View file

@ -0,0 +1,68 @@
/**
r_data.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_data.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
ekr@rtfm.com Wed Feb 10 14:18:19 1999
*/
#ifndef _r_data_h
#define _r_data_h
typedef struct Data_ {
UCHAR *data;
int len;
} Data;
int r_data_create PROTO_LIST((Data **dp,UCHAR *d,int l));
int r_data_alloc PROTO_LIST((Data **dp, int l));
int r_data_make PROTO_LIST((Data *dp, UCHAR *d,int l));
int r_data_destroy PROTO_LIST((Data **dp));
int r_data_copy PROTO_LIST((Data *dst,Data *src));
int r_data_zfree PROTO_LIST((Data *d));
int r_data_compare PROTO_LIST((Data *d1,Data *d2));
#define INIT_DATA(a,b,c) (a).data=b; (a).len=c
#define ATTACH_DATA(a,b) (a).data=b; (a).len=sizeof(b)
#define ZERO_DATA(a) (a).data=0; (a).len=0
#endif

59
common/include/r_defaults.h Normal file
View file

@ -0,0 +1,59 @@
/**
r_defaults.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_defaults.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
ekr@rtfm.com Tue Dec 22 10:39:14 1998
*/
#ifndef _r_defaults_h
#define _r_defaults_h
#ifndef R_USE_PROTOTYPES
#define R_USE_PROTOTYPES 1
#endif
/*The needs defines don't belong here*/
#define R_NEEDS_STDLIB_H
#endif

62
common/include/r_errors.h Normal file
View file

@ -0,0 +1,62 @@
/**
r_errors.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_errors.h,v 1.3 2002/01/21 17:36:51 ekr Exp $
ekr@rtfm.com Tue Dec 22 10:59:49 1998
*/
#ifndef _r_errors_h
#define _r_errors_h
#define R_NO_MEMORY 1 /*out of memory*/
#define R_NOT_FOUND 2 /*Item not found*/
#define R_INTERNAL 3 /*Unspecified internal error*/
#define R_ALREADY 4 /*Action already done*/
#define R_EOD 5 /*end of data*/
#define R_BAD_ARGS 6 /*Bad arguments*/
#define R_BAD_DATA 7 /*Bad data*/
#define R_WOULDBLOCK 8 /*Operation would block */
int verr_exit PROTO_LIST((char *fmt,...));
#endif

61
common/include/r_includes.h Normal file
View file

@ -0,0 +1,61 @@
/**
r_includes.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_includes.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
ekr@rtfm.com Tue Dec 22 11:38:50 1998
*/
#ifndef _r_includes_h
#define _r_includes_h
#ifdef R_NEEDS_STDLIB_H
#include <stdlib.h>
#endif
#ifdef R_NEEDS_MEMORY_H
#include <memory.h>
#endif
#include <stdio.h>
#endif

69
common/include/r_list.h Normal file
View file

@ -0,0 +1,69 @@
/**
r_list.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_list.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
ekr@rtfm.com Tue Jan 19 08:36:48 1999
*/
#ifndef _r_list_h
#define _r_list_h
typedef struct r_list_ r_list;
typedef struct r_list_iterator_ {
r_list *list;
struct r_list_el_ *ptr;
} r_list_iterator;
int r_list_create PROTO_LIST((r_list **listp));
int r_list_destroy PROTO_LIST((r_list **listp));
int r_list_copy PROTO_LIST((r_list **out,r_list *in));
int r_list_insert PROTO_LIST((r_list *list,void *value,
int (*copy)(void **new,void *old),
int (*destroy)(void **ptr)));
int r_list_append PROTO_LIST((r_list *list,void *value,
int (*copy)(void **new,void *old),
int (*destroy)(void **ptr)));
int r_list_init_iter PROTO_LIST((r_list *list,r_list_iterator *iter));
int r_list_iter PROTO_LIST((r_list_iterator *iter,void **val));
#endif

112
common/include/r_macros.h Normal file
View file

@ -0,0 +1,112 @@
/**
r_macros.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_macros.h,v 1.4 2001/11/20 17:45:18 ekr Exp $
ekr@rtfm.com Tue Dec 22 10:37:32 1998
*/
#ifndef _r_macros_h
#define _r_macros_h
#if (R_USE_PROTOTYPES==1)
#define PROTO_LIST(a) a
#else
#define PROTO_LIST(a) ()
#endif
#ifndef __GNUC__
#define __FUNCTION__ "unknown"
#endif
#ifdef R_TRACE_ERRORS
#define REPORT_ERROR_(caller,a) fprintf(stderr,"%s: error %d at %s:%d (function %s)\n", \
caller,a,__FILE__,__LINE__,__FUNCTION__)
#else
#define REPORT_ERROR_(caller,a)
#endif
#ifndef ERETURN
#define ERETURN(a) do {int _r=a; if(!_r) _r=-1; REPORT_ERROR_("ERETURN",_r); return(_r);} while(0)
#endif
#ifndef ABORT
#define ABORT(a) do { int _r=a; if(!_r) _r=-1; REPORT_ERROR_("ABORT",_r); _status=_r; goto abort;} while(0)
#endif
#ifndef FREE
#define FREE(a) if(a) free(a)
#endif
#ifndef MIN
#define MIN(a,b) ((a)>(b))?(b):(a)
#endif
#ifndef MAX
#define MAX(a,b) ((b)>(a))?(b):(a)
#endif
#ifdef DEBUG
#define DBG(a) debug a
int debug(int class,char *format,...);
#else
#define DBG(a)
#endif
#ifndef RMALLOC
#define RMALLOC(a) malloc(a)
#endif
#ifndef RCALLOC
#define RCALLOC(a) calloc(1,a)
#endif
#ifndef RFREE
#define RFREE(a) if(a) free(a)
#endif
#ifndef RREALLOC
#define RREALLOC(a,b) realloc(a,b)
#endif
#define UNIMPLEMENTED do { fprintf(stderr,"Function %s unimplemented\n",__FUNCTION__); abort(); } while(0)
#endif

69
common/include/r_thread.h Normal file
View file

@ -0,0 +1,69 @@
/**
r_thread.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_thread.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
ekr@rtfm.com Tue Feb 23 14:58:36 1999
*/
#ifndef _r_thread_h
#define _r_thread_h
typedef void *r_thread;
typedef void *r_rwlock;
int r_thread_fork PROTO_LIST((void (*func)(void *),void *arg,
r_thread *tid));
int r_thread_destroy PROTO_LIST((r_thread tid));
int r_thread_yield PROTO_LIST((void));
int r_thread_exit PROTO_LIST((void));
int r_thread_wait_last PROTO_LIST((void));
int r_rwlock_create PROTO_LIST((r_rwlock **lockp));
int r_rwlock_destroy PROTO_LIST((r_rwlock **lock));
int r_rwlock_lock PROTO_LIST((r_rwlock *lock,int action));
#define R_RWLOCK_UNLOCK 0
#define R_RWLOCK_RLOCK 1
#define R_RWLOCK_WLOCK 2
#endif

75
common/include/r_time.h Normal file
View file

@ -0,0 +1,75 @@
/**
r_time.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_time.h,v 1.4 2001/12/24 06:06:26 ekr Exp $
ekr@rtfm.com Thu Mar 4 08:45:41 1999
*/
#ifndef _r_time_h
#define _r_time_h
#ifdef _WIN32
# include <winsock2.h>
#else
/* Cribbed from the autoconf doc */
# if TIME_WITH_SYS_TIME
# include <sys/time.h>
# include <time.h>
# else
# if HAVE_SYS_TIME_H
# include <sys/time.h>
# else
# include <time.h>
# endif
# endif
#endif
int r_timeval_diff PROTO_LIST((struct timeval *t1,struct timeval *t0,
struct timeval *diff));
int r_timeval_add PROTO_LIST((struct timeval *t1,struct timeval *t2,
struct timeval *sum));
UINT8 r_timeval2int PROTO_LIST((struct timeval *tv));
UINT8 r_gettimeint PROTO_LIST((void));
#endif

91
common/include/r_types.h Normal file
View file

@ -0,0 +1,91 @@
/**
r_types.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_types.h,v 1.3 2002/09/09 21:02:58 ekr Exp $
ekr@rtfm.com Tue Dec 22 10:36:02 1998
*/
#ifndef _r_types_h
#define _r_types_h
#ifndef R_DEFINED_UINT4
#ifndef SIZEOF_UNSIGNED_INT
typedef unsigned int UINT4;
#else
# if (SIZEOF_UNSIGNED_INT==4)
typedef unsigned int UINT4;
# elif (SIZEOF_UNSIGNED_SHORT==4)
typedef unsigned short UINT4;
# elif (SIZEOF_UNSIGNED_LONG==4)
typedef unsigned long UINT4;
# else
# error no type for UINT4
# endif
#endif
#endif
#ifndef R_DEFINED_UINT8
#ifndef SIZEOF_UNSIGNED_LONG
typedef unsigned long UINT8;
#else
# if (SIZEOF_UNSIGNED_INT==8)
typedef unsigned int UINT8;
# elif (SIZEOF_UNSIGNED_SHORT==8)
typedef unsigned short UINT8;
# elif (SIZEOF_UNSIGNED_LONG==8)
typedef unsigned long UINT8;
# elif (SIZEOF_UNSIGNED_LONG_LONG==8)
typedef unsigned long long UINT8;
# elif defined (_WIN32) && defined (_MSC_VER)
typedef unsigned __int64 UINT8;
# else
# error no type for UINT8
# endif
#endif
#endif
#ifndef R_DEFINED_UCHAR
typedef unsigned char UCHAR;
#endif
#endif

53
common/lib/assoc.h Normal file
View file

@ -0,0 +1,53 @@
/**
assoc.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: assoc.h,v 1.2 2000/10/17 16:10:00 ekr Exp $
ekr@rtfm.com Sun Jan 17 17:56:35 1999
*/
#ifndef _assoc_h
#define _assoc_h
typedef struct assoc_ assoc;
#endif

91
common/lib/debug.c Normal file
View file

@ -0,0 +1,91 @@
/**
debug.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: debug.c,v 1.3 2001/12/24 06:06:26 ekr Exp $
ekr@rtfm.com Wed Jan 6 17:08:58 1999
*/
static char *RCSSTRING="$Id: debug.c,v 1.3 2001/12/24 06:06:26 ekr Exp $";
#include <stdarg.h>
#include <stdio.h>
#include "r_common.h"
#include "debug.h"
int debug(int class,char *format,...)
{
va_list ap;
va_start(ap,format);
vfprintf(stderr,format,ap);
fprintf(stderr,"\n");
return(0);
}
int xdump(name,data,len)
char *name;
UCHAR *data;
int len;
{
int i;
if(name){
printf("%s[%d]=\n",name,len);
}
for(i=0;i<len;i++){
if((len>8) && i && !(i%12)){
printf("\n");
}
printf("%.2x ",data[i]&255);
}
if(i%12)
printf("\n");
return(0);
}

61
common/lib/debug.h Normal file
View file

@ -0,0 +1,61 @@
/**
debug.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: debug.h,v 1.3 2001/12/24 06:06:26 ekr Exp $
ekr@rtfm.com Wed Jan 6 17:13:00 1999
*/
#ifndef _debug_h
#define _debug_h
#ifdef DEBUG
#define DBG(a) debug a
#else
#define DBG(a)
#endif
int debug(int class,char *format,...);
int xdump PROTO_LIST((char *name,UCHAR *data,
int len));
#endif

279
common/lib/local.mk Normal file
View file

@ -0,0 +1,279 @@
#
# local.mk
#
# $Source: /usr/local/CVS/ssldump/common/lib/local.mk,v $
# $Revision: 1.2 $
# $Date: 2001/10/04 17:19:47 $
# $Name: $
# $Disclaimer$
#
# Copyright (C) 2001, Terisa Systems, Inc.
# All Rights Reserved.
#
# ekr@terisa.com
#
#
# CONFIGURE USER-DEFINED MAKE ENVIRONMENT
#
# These fields are specified by the user. The remainder of
# this file is generated from this user-specified information.
#
# COMMON_LIB_DEFINES:
# cpp defines, with the -D flag preceeding each
#
# COMMON_LIB_INCLUDES:
# cpp include directories, with the -I flag preceeding each
#
# COMMON_LIB_INTERNAL:
# headers files which are local to a specific module directory,
# and should not be used by other parts of the toolkit or by
# the user
#
# COMMON_LIB_LIBNAME:
# the library associated with this module directory, used in
# most cases for debugging purposes
#
# COMMON_LIB_LIBPATHS:
# link-time directories to search for libraries, with the -L flag
# preceeding each
#
# COMMON_LIB_LIBRARIES:
# link-time libraries, with the -l flag preceeding each
#
# COMMON_LIB_LOCALFLAGS:
# compile-time flags specific to compiling only the files in
# this module directory--this variable should only be set in
# extremely exceptional cases
#
# COMMON_LIB_MAKEFILES:
# the makefiles
#
# COMMON_LIB_PREFIX:
# defines the module name, which also serves as the
# prefix for all the variable names defined in this file
#
# COMMON_LIB_PRIVATE:
# the private, for-toolkit-use-only API header files
#
# COMMON_LIB_PROGRAMS:
# programs to build
#
# COMMON_LIB_PUBLIC:
# the header files that define the public API for the toolkit
# and any other 'public' files that should be copied to
# the build directory
#
# COMMON_LIB_SOURCES:
# the source files to compile to object
#
COMMON_LIB_DEFINES =
COMMON_LIB_INCLUDES =
COMMON_LIB_INTERNAL =
COMMON_LIB_LIBNAME =
COMMON_LIB_LIBPATHS =
COMMON_LIB_LIBRARIES =
COMMON_LIB_LOCALFLAGS =
COMMON_LIB_MAKEFILES = targets.mk
COMMON_LIB_PREFIX = COMMON_LIB
COMMON_LIB_PRIVATE =
COMMON_LIB_PROGRAMS =
COMMON_LIB_PUBLIC =
COMMON_LIB_SOURCES = debug.c r_assoc.c r_bitfield.c r_data.c \
r_errors.c r_list.c r_replace.c r_time.c
#
# CONFIGURE AUTOMATICALLY-GENERATED MAKE ENVIRONMENT
#
# COMMON_LIB_OBJECTS:
# object files to build
#
# COMMON_LIB_UNUSED:
# obsolete files in the module directory that are not
# used during the build process
#
# COMMON_LIB_USED:
# all files in the module directory that are used
# during the build process
#
COMMON_LIB_OBJECTS = debug.$(OBJSUFFIX) r_assoc.$(OBJSUFFIX) \
r_bitfield.$(OBJSUFFIX) r_data.$(OBJSUFFIX) \
r_errors.$(OBJSUFFIX) r_list.$(OBJSUFFIX) \
r_replace.$(OBJSUFFIX) r_time.$(OBJSUFFIX)
COMMON_LIB_UNUSED = assoc.h debug.h local.mk r_assoc_test.c r_data.h
COMMON_LIB_USED = $(COMMON_LIB_INTERNAL:%=$(COMMON_LIB_SRCDIR)%) \
$(COMMON_LIB_MAKEFILES:%=$(COMMON_LIB_SRCDIR)%) \
$(COMMON_LIB_PRIVATE:%=$(COMMON_LIB_SRCDIR)%) \
$(COMMON_LIB_PUBLIC:%=$(COMMON_LIB_SRCDIR)%) \
$(COMMON_LIB_SOURCES:%=$(COMMON_LIB_SRCDIR)%)
#
# NOTES
#
# The following variables may be used during the build process,
# but are not defined in this file. If they are to be set
# to something other than the default blank, then they must
# be set by the calling make system.
#
# COMMON_LIB_SRCDIR:
# if the build target directory is different from the
# module directory (the source directory), then this
# variable contains the relative or full path of
# the module directory
#
# LIBARS:
# the library archive files (with fully-specified paths) that
# executables built from this module directory depend upon
#
# LIBPATHS:
# the paths to search for library archives (specified with
# the -L)
#
# LIBRARIES:
# the libraries to use while building executables from
# this module directory (specified with the -l)
#
#
# GLOBAL ENVIRONMENT
#
DEFINES += $(COMMON_LIB_DEFINES)
INCLUDES += $(COMMON_LIB_INCLUDES)
LIBPATHS += $(COMMON_LIB_LIBPATHS)
LIBRARIES += $(COMMON_LIB_LIBRARIES)
OBJECTS += $(COMMON_LIB_OBJECTS)
PUBLIC += $(COMMON_LIB_PUBLIC)
#
# GENERIC DEPENDENCIES
#
# default:
# default dependency, must be the first dependency in this makefile
#
# all:
# build everything in this module directory
#
# build:
# make only the toolkit build files of this module directory
#
# ci:
# perform an RCS check-in of this module directory
#
# clean:
# remove the compiled files
#
# clean_public:
# remove the public header files that have been copied
# to a public build directory
#
# objects:
# build the object files (this dependency is used for
# building the toolkit library)
#
# private:
# build only the private API header files
#
# public:
# build only the public API header files
#
default: $(COMMON_LIB_LIBNAME)
default: $(COMMON_LIB_PROGRAMS)
all: $(COMMON_LIB_PUBLIC)
all: $(COMMON_LIB_OBJECTS)
all: $(COMMON_LIB_LIBNAME)
all: $(COMMON_LIB_PROGRAMS)
build: $(COMMON_LIB_PUBLIC)
build: $(COMMON_LIB_OBJECTS)
ci: common_lib_ci
clean: common_lib_clean
clean_public: common_lib_clean_public
objects: $(COMMON_LIB_OBJECTS)
private: $(COMMON_LIB_PRIVATE)
public: $(COMMON_LIB_PUBLIC)
#
# LOCAL UTILITY DEPENDENCIES
#
# utility dependencies are necessary because of some
# make-isms having to do with dependencies
#
common_lib_ci:
$(CI) $(CIFLAGS) $(COMMON_LIB_USED)
common_lib_clean:
$(RM) $(RMFLAGS) $(COMMON_LIB_OBJECTS) $(COMMON_LIB_LIBNAME) $(COMMON_LIB_PROGRAMS)
common_lib_clean_public:
$(RM) $(RMFLAGS) $(COMMON_LIB_PUBLIC)
common_lib_objects: $(COMMON_LIB_OBJECTS)
common_lib_programs: $(COMMON_LIB_PROGRAMS)
common_lib_public: $(COMMON_LIB_PUBLIC)
#
# BUILD DEPENDENCIES
#
# build dependencies invoke the rule used to build each
# class of file
#
$(COMMON_LIB_LIBNAME):
$(AR) $(ARFLAGS) $@ $?
$(RANLIB) $@
$(COMMON_LIB_OBJECTS):
$(COMPILE.c) $(COMMON_LIB_SRCDIR)$(@:%.$(OBJSUFFIX)=%.c) $(DEFINES) $(INCLUDES) $(COMMON_LIB_LOCALFLAGS)
$(COMMON_LIB_PUBLIC):
$(CP) $(CPFLAGS) $(COMMON_LIB_SRCDIR)$@ $@
$(COMMON_LIB_PROGRAMS):
$(LINK.c) $@.$(OBJSUFFIX) $(LDLIBS) $(LIBS) $(LIBRARIES) $(LIBPATHS)
#LIBS above is obsolete (use LIBARARIES instead)
#
# FILE DEPENDENCIES
#
# file dependencies state, for each file that is built,
# which file(s) it depends upon
#
debug.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)debug.h
debug.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)debug.c
r_assoc.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_assoc.c
r_bitfield.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_bitfield.c
r_data.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_data.h
r_data.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_data.c
r_errors.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_errors.c
r_list.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_list.c
r_replace.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_replace.c
r_time.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_time.c
$(COMMON_LIB_LIBNAME): $(COMMON_LIB_OBJECTS)

425
common/lib/r_assoc.c Normal file
View file

@ -0,0 +1,425 @@
/**
r_assoc.c
This is an associative array implementation, using an open-chained
hash bucket technique.
Note that this implementation permits each data entry to have
separate copy constructors and destructors. This currently wastes
space, but could be implemented while saving space by using
the high order bit of the length value or somesuch.
The major problem with this code is it's not resizable, though it
could be made so.
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_assoc.c,v 1.4 2001/12/24 06:06:26 ekr Exp $
ekr@rtfm.com Sun Jan 17 17:57:15 1999
*/
static char *RCSSTRING="$Id: r_assoc.c,v 1.4 2001/12/24 06:06:26 ekr Exp $";
#include <r_common.h>
#include "r_assoc.h"
typedef struct r_assoc_el_ {
char *key;
int key_len;
void *data;
struct r_assoc_el_ *prev;
struct r_assoc_el_ *next;
int (*copy) PROTO_LIST((void **new,void *old));
int (*destroy) PROTO_LIST((void *ptr));
} r_assoc_el;
struct r_assoc_ {
int size;
int bits;
r_assoc_el **chains;
};
#define DEFAULT_TABLE_BITS 5
static int destroy_assoc_chain PROTO_LIST((r_assoc_el *chain));
static int r_assoc_fetch_bucket PROTO_LIST((r_assoc *assoc,
char *key,int len,r_assoc_el **bucketp));
UINT4 hash_compute PROTO_LIST((char *key,int len,int size));
static int copy_assoc_chain PROTO_LIST((r_assoc_el **newp,
r_assoc_el *old));
int r_assoc_create(assocp)
r_assoc **assocp;
{
r_assoc *assoc=0;
int _status;
if(!(assoc=(r_assoc *)calloc(sizeof(r_assoc),1)))
ABORT(R_NO_MEMORY);
assoc->size=(1<<DEFAULT_TABLE_BITS);
assoc->bits=DEFAULT_TABLE_BITS;
if(!(assoc->chains=(r_assoc_el **)calloc(sizeof(r_assoc_el *),
assoc->size)))
ABORT(R_NO_MEMORY);
*assocp=assoc;
_status=0;
abort:
if(_status){
r_assoc_destroy(&assoc);
}
return(_status);
}
int r_assoc_destroy(assocp)
r_assoc **assocp;
{
r_assoc *assoc;
int i;
if(!assocp || !*assocp)
return(0);
assoc=*assocp;
for(i=0;i<assoc->size;i++)
destroy_assoc_chain(assoc->chains[i]);
return(0);
}
static int destroy_assoc_chain(chain)
r_assoc_el *chain;
{
r_assoc_el *nxt;
while(chain){
nxt=chain->next;
if(chain->destroy)
chain->destroy(chain->data);
free(chain->key);
free(chain);
chain=nxt;
}
return(0);
}
static int copy_assoc_chain(newp,old)
r_assoc_el **newp;
r_assoc_el *old;
{
r_assoc_el *new=0,*ptr,*tmp;
int r,_status;
if(!old) {
*newp=0;
return(0);
}
for(;old;old=old->next){
if(!(tmp=(r_assoc_el *)calloc(sizeof(r_assoc_el),1)))
ABORT(R_NO_MEMORY);
if(!new){
new=tmp;
ptr=new;
}
else{
ptr->next=tmp;
tmp->prev=ptr;
ptr=tmp;
}
ptr->destroy=old->destroy;
ptr->copy=old->copy;
if(old->copy){
if(r=old->copy(&ptr->data,old->data))
ABORT(r);
}
else
ptr->data=old->data;
if(!(ptr->key=(char *)malloc(old->key_len)))
ABORT(R_NO_MEMORY);
memcpy(ptr->key,old->key,ptr->key_len=old->key_len);
}
*newp=new;
_status=0;
abort:
if(_status){
destroy_assoc_chain(new);
}
return(_status);
}
static int r_assoc_fetch_bucket(assoc,key,len,bucketp)
r_assoc *assoc;
char *key;
int len;
r_assoc_el **bucketp;
{
UINT4 hash_value;
r_assoc_el *bucket;
hash_value=hash_compute(key,len,assoc->bits);
for(bucket=assoc->chains[hash_value];bucket;bucket=bucket->next){
if(bucket->key_len == len && !memcmp(bucket->key,key,len)){
*bucketp=bucket;
return(0);
}
}
return(R_NOT_FOUND);
}
int r_assoc_fetch(assoc,key,len,datap)
r_assoc *assoc;
char *key;
int len;
void **datap;
{
r_assoc_el *bucket;
int r;
if(r=r_assoc_fetch_bucket(assoc,key,len,&bucket)){
if(r!=R_NOT_FOUND)
ERETURN(r);
return(r);
}
*datap=bucket->data;
return(0);
}
int r_assoc_insert(assoc,key,len,data,copy,destroy,how)
r_assoc *assoc;
char *key;
int len;
void *data;
int (*copy) PROTO_LIST((void **new,void *old));
int (*destroy) PROTO_LIST((void *ptr));
int how;
{
r_assoc_el *bucket,*new_bucket=0;
int r,_status;
if(r=r_assoc_fetch_bucket(assoc,key,len,&bucket)){
/*Note that we compute the hash value twice*/
UINT4 hash_value;
if(r!=R_NOT_FOUND)
ABORT(r);
hash_value=hash_compute(key,len,assoc->bits);
if(!(new_bucket=(r_assoc_el *)calloc(sizeof(r_assoc_el),1)))
ABORT(R_NO_MEMORY);
if(!(new_bucket->key=(char *)malloc(len)))
ABORT(R_NO_MEMORY);
memcpy(new_bucket->key,key,len);
new_bucket->key_len=len;
/*Insert at the list head. Is FIFO a good algorithm?*/
if(assoc->chains[hash_value])
assoc->chains[hash_value]->prev=new_bucket;
new_bucket->next=assoc->chains[hash_value];
assoc->chains[hash_value]=new_bucket;
bucket=new_bucket;
}
else{
if(!(how&R_ASSOC_REPLACE))
ABORT(R_ALREADY);
if(bucket->destroy)
bucket->destroy(bucket->data);
}
bucket->data=data;
bucket->copy=copy;
bucket->destroy=destroy;
_status=0;
abort:
if(_status && new_bucket){
free(new_bucket->key);
free(new_bucket);
}
return(_status);
}
int r_assoc_copy(newp,old)
r_assoc **newp;
r_assoc *old;
{
int r,_status,i;
r_assoc *new;
if(!(new=(r_assoc *)calloc(sizeof(r_assoc),1)))
ABORT(r);
new->size=old->size;
new->bits=old->bits;
if(!(new->chains=(r_assoc_el **)calloc(sizeof(r_assoc_el),old->size)))
ABORT(R_NO_MEMORY);
for(i=0;i<new->size;i++){
if(r=copy_assoc_chain(new->chains+i,old->chains[i]))
ABORT(r);
}
*newp=new;
_status=0;
abort:
if(_status){
r_assoc_destroy(&new);
}
return(_status);
}
int r_assoc_init_iter(assoc,iter)
r_assoc *assoc;
r_assoc_iterator *iter;
{
int i;
iter->assoc=assoc;
iter->prev_chain=-1;
iter->prev=0;
iter->next_chain=assoc->size;
iter->next=0;
for(i=0;i<assoc->size;i++){
if(assoc->chains[i]!=0){
iter->next_chain=i;
iter->next=assoc->chains[i];
break;
}
}
return(0);
}
int r_assoc_iter(iter,key,keyl,val)
r_assoc_iterator *iter;
void **key;
int *keyl;
void **val;
{
int i;
r_assoc_el *ret;
if(!iter->next)
return(R_EOD);
ret=iter->next;
*key=ret->key;
*keyl=ret->key_len;
*val=ret->data;
/* Now increment */
iter->prev_chain=iter->next_chain;
iter->prev=iter->next;
/* More on this chain */
if(iter->next->next){
iter->next=iter->next->next;
}
else{
iter->next=0;
/* FInd the next occupied chain*/
for(i=iter->next_chain;i<iter->assoc->size;i++){
if(iter->assoc->chains[i]){
iter->next_chain=i;
iter->next=iter->assoc->chains[i];
break;
}
}
}
return(0);
}
/* Delete the last returned value*/
int r_assoc_iter_delete(iter)
r_assoc_iterator *iter;
{
/* First unhook it from the list*/
if(!iter->prev->prev){
/* First element*/
iter->assoc->chains[iter->prev_chain]=iter->prev->next;
}
else{
iter->prev->prev->next=iter->prev->next;
}
if(iter->prev->next){
iter->prev->next->prev=iter->prev->prev;
}
iter->prev->destroy(iter->prev->data);
free(iter->prev->data);
free(iter->prev);
return(0);
}
/*This is a hack from AMS. Supposedly, it's pretty good for strings, even
though it doesn't take into account all the data*/
UINT4 hash_compute(key,len,bits)
char *key;
int len;
int bits;
{
UINT4 h=0;
h=key[0] +(key[len-1] * len);
h &= (1<<bits) - 1;
return(h);
}

137
common/lib/r_assoc_test.c Normal file
View file

@ -0,0 +1,137 @@
/**
r_assoc_test.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_assoc_test.c,v 1.2 2000/10/17 16:10:00 ekr Exp $
ekr@rtfm.com Sun Jan 17 21:09:22 1999
*/
static char *RCSSTRING="$Id: r_assoc_test.c,v 1.2 2000/10/17 16:10:00 ekr Exp $";
#include <r_common.h>
#include <r_assoc.h>
int main()
{
char test_vector[1024],*v;
int rnd,ct,r;
r_assoc *assoc,*new_assoc;
if(r=r_assoc_create(&assoc)){
fprintf(stderr,"Couldn't create\n");
exit(1);
}
srand(getpid());
v=test_vector;
for(ct=0;ct<256;ct++){
v[0]=ct & 255;
v[1]=(ct>>8) & 255;
v[2]=(ct>>16) & 255;
v[3]=(ct>>24) & 255;
if(r=r_assoc_insert(assoc,v,4,v,0,0,R_ASSOC_REPLACE)){
fprintf(stderr,"Couldn't insert %d\n",ct);
exit(1);
}
v+=4;
}
fetch_test(assoc);
if(r=r_assoc_copy(&new_assoc,assoc)){
fprintf(stderr,"Couldn't copy\n");
exit(1);
}
r_assoc_destroy(&assoc);
fetch_test(new_assoc);
r_assoc_destroy(&new_assoc);
printf("Tests pass\n");
exit(0);
}
int fetch_test(assoc)
r_assoc *assoc;
{
int ct;
char vec[4],*v;
int r,_status,rnd;
for(ct=0;ct<65537;ct++){
rnd=rand();
rnd &= 0x3ff;
vec[0]=rnd & 255;
vec[1]=(rnd>>8) & 255;
vec[2]=(rnd>>16) & 255;
vec[3]=(rnd>>24) & 255;
if(r=r_assoc_fetch(assoc,vec,4,(void **)&v)){
if(rnd<256){
fprintf(stderr,"Couldn't fetch\n");
exit(1);
}
else
continue;
}
else{
if(rnd>255){
fprintf(stderr,"Spurious fetch\n");
exit(1);
}
}
if(memcmp(vec,v,4)){
fprintf(stderr,"Fetch error\n");
exit(1);
}
}
return(0);
}

113
common/lib/r_bitfield.c Normal file
View file

@ -0,0 +1,113 @@
/**
r_bitfield.c
Copyright (C) 2001 RTFM, Inc.
All Rights Reserved.
ekr@rtfm.com Wed Oct 3 11:15:23 2001
*/
static char *RCSSTRING="$Id: r_bitfield.c,v 1.3 2001/12/24 06:06:26 ekr Exp $";
#include <r_common.h>
#include "r_bitfield.h"
int r_bitfield_create(setp,size)
r_bitfield **setp;
UINT4 size;
{
r_bitfield *set=0;
int _status;
int num_words=size/32+!!(size%32);
if(!(set=(r_bitfield *)RMALLOC(sizeof(r_bitfield))))
ABORT(R_NO_MEMORY);
if(!(set->data=(UINT4 *)RMALLOC(num_words*4)))
ABORT(R_NO_MEMORY);
memset(set->data,0,4*num_words);
set->base=0;
set->len=num_words;
*setp=set;
_status=0;
abort:
if(_status){
r_bitfield_destroy(&set);
}
return(_status);
}
int r_bitfield_destroy(setp)
r_bitfield **setp;
{
r_bitfield *set;
if(!setp || !*setp)
return(0);
set=*setp;
RFREE(set->data);
RFREE(set);
*setp=0;
return(0);
}
int r_bitfield_set(set,bit)
r_bitfield *set;
int bit;
{
int word=(bit-set->base)/32;
int bbit=(bit-set->base)%32;
int _status;
/* Resize? */
if(word>set->len){
UINT4 newlen=set->len;
UINT4 *tmp;
while(newlen<word)
newlen*=2;
if(!(tmp=(UINT4 *)RMALLOC(newlen)))
ABORT(R_NO_MEMORY);
memcpy(tmp,set->data,set->len*4);
memset(tmp+set->len*4,0,(newlen-set->len)*4);
RFREE(set->data);
set->data=tmp;
}
set->data[word]|=1<<bbit;
_status=0;
abort:
return(_status);
}
int r_bitfield_isset(set,bit)
r_bitfield *set;
int bit;
{
int word=(bit-set->base)/32;
int bbit=(bit-set->base)%32;
int _status;
if(bit<set->base)
return(0);
/* Resize? */
if(word>set->len)
return(0);
return(set->data[word]&(1<<bbit));
_status=0;
return(_status);
}

162
common/lib/r_data.c Normal file
View file

@ -0,0 +1,162 @@
/**
r_data.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_data.c,v 1.3 2001/07/20 23:33:15 ekr Exp $
ekr@rtfm.com Tue Aug 17 15:39:50 1999
*/
static char *RCSSTRING="$Id: r_data.c,v 1.3 2001/07/20 23:33:15 ekr Exp $";
#include <r_common.h>
#include <r_data.h>
int r_data_create(dp,d,l)
Data **dp;
UCHAR *d;
int l;
{
Data *d_=0;
int _status;
if(!(d_=(Data *)calloc(sizeof(Data),1)))
ABORT(R_NO_MEMORY);
if(!(d_->data=(UCHAR *)malloc(l)))
ABORT(R_NO_MEMORY);
memcpy(d_->data,d,l);
d_->len=l;
*dp=d_;
_status=0;
abort:
if(_status)
r_data_destroy(&d_);
return(_status);
}
int r_data_alloc(dp,l)
Data **dp;
int l;
{
Data *d_=0;
int _status;
if(!(d_=(Data *)calloc(sizeof(Data),1)))
ABORT(R_NO_MEMORY);
if(!(d_->data=(UCHAR *)calloc(l,1)))
ABORT(R_NO_MEMORY);
d_->len=l;
*dp=d_;
_status=0;
abort:
if(_status)
r_data_destroy(&d_);
return(_status);
}
int r_data_make(dp,d,l)
Data *dp;
UCHAR *d;
int l;
{
if(!(dp->data=(UCHAR *)malloc(l)))
ERETURN(R_NO_MEMORY);
memcpy(dp->data,d,l);
dp->len=l;
return(0);
}
int r_data_destroy(dp)
Data **dp;
{
if(!dp || !*dp)
return(0);
if((*dp)->data)
free((*dp)->data);
free(*dp);
*dp=0;
return(0);
}
int r_data_copy(dst,src)
Data *dst;
Data *src;
{
if(!(dst->data=(UCHAR *)malloc(src->len)))
ERETURN(R_NO_MEMORY);
memcpy(dst->data,src->data,dst->len=src->len);
return(0);
}
int r_data_zfree(d)
Data *d;
{
if(!d)
return(0);
if(!d->data)
return(0);
memset(d->data,0,d->len);
free(d->data);
return(0);
}
int r_data_compare(d1,d2)
Data *d1;
Data *d2;
{
if(d1->len<d2->len)
return(-1);
if(d2->len<d1->len)
return(-1);
return(memcmp(d1->data,d2->data,d1->len));
}

52
common/lib/r_data.h Normal file
View file

@ -0,0 +1,52 @@
/**
r_data.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_data.h,v 1.2 2000/10/17 16:10:00 ekr Exp $
ekr@rtfm.com Fri Feb 4 08:58:48 2000
*/
#ifndef _r_data_h
#define _r_data_h
#endif

61
common/lib/r_errors.c Normal file
View file

@ -0,0 +1,61 @@
/**
r_errors.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_errors.c,v 1.3 2001/12/24 06:06:27 ekr Exp $
ekr@rtfm.com Tue Feb 16 16:37:05 1999
*/
static char *RCSSTRING="$Id: r_errors.c,v 1.3 2001/12/24 06:06:27 ekr Exp $";
#include <stdio.h>
#include <stdarg.h>
#include "r_common.h"
#include "r_errors.h"
int verr_exit(char *fmt,...)
{
va_list ap;
va_start(ap,fmt);
vfprintf(stderr,fmt,ap);
exit(1);
}

234
common/lib/r_list.c Normal file
View file

@ -0,0 +1,234 @@
/**
r_list.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_list.c,v 1.4 2001/12/24 06:06:27 ekr Exp $
ekr@rtfm.com Tue Jan 19 08:36:39 1999
*/
static char *RCSSTRING="$Id: r_list.c,v 1.4 2001/12/24 06:06:27 ekr Exp $";
#include <r_common.h>
#include "r_list.h"
typedef struct r_list_el_ {
void *data;
struct r_list_el_ *next;
struct r_list_el_ *prev;
int (*copy) PROTO_LIST((void **new,void *old));
int (*destroy) PROTO_LIST((void **ptr));
} r_list_el;
struct r_list_ {
struct r_list_el_ *first;
struct r_list_el_ *last;
};
int r_list_create(listp)
r_list **listp;
{
r_list *list=0;
int _status;
if(!(list=(r_list *)calloc(sizeof(r_list),1)))
ABORT(R_NO_MEMORY);
list->first=0;
list->last=0;
*listp=list;
_status=0;
abort:
return(_status);
}
int r_list_destroy(listp)
r_list **listp;
{
r_list *list;
r_list_el *el;
if(!listp || !*listp)
return(0);
list=*listp;
el=list->first;
while(el){
r_list_el *el_t;
if(el->destroy && el->data)
el->destroy(&el->data);
el_t=el;
el=el->next;
free(el_t);
}
free(list);
*listp=0;
return(0);
}
int r_list_copy(outp,in)
r_list**outp;
r_list *in;
{
r_list *out=0;
r_list_el *el,*el2,*last=0;
int r, _status;
if(r=r_list_create(&out))
ABORT(r);
for(el=in->first;in;el=el->next){
if(!(el2=(r_list_el *)calloc(sizeof(r_list_el),1)))
ABORT(R_NO_MEMORY);
if(el->copy && el->data){
if(r=el->copy(&el2->data,el->data))
ABORT(r);
}
el2->copy=el->copy;
el2->destroy=el->destroy;
if(!(out->first))
out->first=el2;
el2->prev=last;
last->next=el2;
last=el2;
}
out->last=last;
*outp=out;
_status=0;
abort:
if(_status)
r_list_destroy(&out);
return(_status);
}
int r_list_insert(list,value,copy,destroy)
r_list *list;
void *value;
int (*copy) PROTO_LIST((void **out, void *in));
int (*destroy) PROTO_LIST((void **val));
{
r_list_el *el=0;
int _status;
if(!(el=(r_list_el *)calloc(sizeof(r_list_el),1)))
ABORT(R_NO_MEMORY);
el->data=value;
el->copy=copy;
el->destroy=destroy;
el->prev=0;
el->next=list->first;
if(list->first){
list->first->prev=el;
}
list->first=el;
_status=0;
abort:
return(_status);
}
int r_list_append(list,value,copy,destroy)
r_list *list;
void *value;
int (*copy) PROTO_LIST((void **out, void *in));
int (*destroy) PROTO_LIST((void **val));
{
r_list_el *el=0;
int _status;
if(!(el=(r_list_el *)calloc(sizeof(r_list_el),1)))
ABORT(R_NO_MEMORY);
el->data=value;
el->copy=copy;
el->destroy=destroy;
el->prev=list->last;
el->next=0;
if(list->last) list->last->next=el;
else list->first=el;
list->last=el;
_status=0;
abort:
return(_status);
}
int r_list_init_iter(list,iter)
r_list *list;
r_list_iterator *iter;
{
iter->list=list;
iter->ptr=list->first;
return(0);
}
int r_list_iter(iter,val)
r_list_iterator *iter;
void **val;
{
if(!iter->ptr)
return(R_EOD);
*val=iter->ptr->data;
iter->ptr=iter->ptr->next;
return(0);
}

67
common/lib/r_replace.c Normal file
View file

@ -0,0 +1,67 @@
/**
r_replace.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_replace.c,v 1.2 2000/10/17 16:10:00 ekr Exp $
ekr@rtfm.com Sun Oct 1 11:18:49 2000
*/
static char *RCSSTRING="$Id: r_replace.c,v 1.2 2000/10/17 16:10:00 ekr Exp $";
#include "r_common.h"
#ifndef HAVE_STRDUP
char *strdup(str)
char *str;
{
int len=strlen(str);
char *n;
if(!(n=(char *)malloc(len+1)))
return(0);
memcpy(n,str,len+1);
return(n);
}
#endif

158
common/lib/r_time.c Normal file
View file

@ -0,0 +1,158 @@
/**
r_time.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: r_time.c,v 1.6 2002/09/09 21:02:58 ekr Exp $
ekr@rtfm.com Thu Mar 4 08:43:46 1999
*/
static char *RCSSTRING="$Id: r_time.c,v 1.6 2002/09/09 21:02:58 ekr Exp $";
#include <r_common.h>
#include <r_time.h>
#ifdef _WIN32
#include <windows.h>
int gettimeofday(struct timeval *tv, struct timezone *tzp)
{
/* JAN1_1970_OFFSET is the number of 100-nanoseconds ticks
between midnight jan 1, 1970 and jan 1, 1601.
*/
const ULARGE_INTEGER JAN1_1970_OFFSET = {0xd53e8000, 0x019db1de};
ULARGE_INTEGER currentTimeSinceJan_1_1970;
FILETIME currentTime;
GetSystemTimeAsFileTime( &currentTime );
currentTimeSinceJan_1_1970.LowPart = currentTime.dwLowDateTime;
currentTimeSinceJan_1_1970.HighPart = currentTime.dwHighDateTime;
currentTimeSinceJan_1_1970.QuadPart -= JAN1_1970_OFFSET.QuadPart;
/* At this point, currentTimeSinceJan_1_1970 contains the
number of 100-nanosecond 'ticks' since midnight, Jan. 1,
1970. This is equivalent to 10 * the number of microseconds
elapsed since this time. The BSD man pages for gettimeofday()
suggest that we should return the whole number of seconds in
the tv_sec field, and the fractional number of seconds in units
of microseconds in the tv_usec field.
sec = time / 10000000, usec = (time % 10000000) / 10;
*/
tv->tv_sec = currentTimeSinceJan_1_1970.QuadPart / 10000000;
tv->tv_usec = (currentTimeSinceJan_1_1970.QuadPart % 10000000) / 10;
return 0;
}
#endif
/*Note that t1 must be > t0 */
int r_timeval_diff(t1,t0,diff)
struct timeval *t1;
struct timeval *t0;
struct timeval *diff;
{
long d;
if(t0->tv_sec > t1->tv_sec)
ERETURN(R_BAD_ARGS);
/*Easy case*/
if(t0->tv_usec <= t1->tv_usec){
diff->tv_sec=t1->tv_sec - t0->tv_sec;
diff->tv_usec=t1->tv_usec - t0->tv_usec;
return(0);
}
/*Hard case*/
d=t0->tv_usec - t1->tv_usec;
if(t1->tv_sec < (t0->tv_sec + 1))
ERETURN(R_BAD_ARGS);
diff->tv_sec=t1->tv_sec - (t0->tv_sec + 1);
diff->tv_usec=1000000 - d;
return(0);
}
int r_timeval_add(t1,t2,sum)
struct timeval *t1;
struct timeval *t2;
struct timeval *sum;
{
long tv_sec,tv_usec,d;
tv_sec=t1->tv_sec + t2->tv_sec;
d=t1->tv_usec + t2->tv_usec;
if(d>1000000){
tv_sec++;
tv_usec=d-1000000;
}
else{
tv_usec=d;
}
sum->tv_sec=tv_sec;
sum->tv_usec=tv_usec;
return(0);
}
UINT8 r_timeval2int(tv)
struct timeval *tv;
{
UINT8 r=0;
r=(tv->tv_sec);
r*=1000000;
r+=tv->tv_usec;
return r;
}
UINT8 r_gettimeint()
{
struct timeval tv;
gettimeofday(&tv,0);
return r_timeval2int(&tv);
}

280
common/lib/rb_local.mk Normal file
View file

@ -0,0 +1,280 @@
#
# rb_local.mk
#
# $Source$
# $Revision$
# $Date$
# $Name$
# $Disclaimer$
#
# Copyright (C) 2001, Terisa Systems, Inc.
# All Rights Reserved.
#
# ekr@terisa.com
#
#
# CONFIGURE USER-DEFINED MAKE ENVIRONMENT
#
# These fields are specified by the user. The remainder of
# this file is generated from this user-specified information.
#
# COMMON_LIB_DEFINES:
# cpp defines, with the -D flag preceeding each
#
# COMMON_LIB_INCLUDES:
# cpp include directories, with the -I flag preceeding each
#
# COMMON_LIB_INTERNAL:
# headers files which are local to a specific module directory,
# and should not be used by other parts of the toolkit or by
# the user
#
# COMMON_LIB_LIBNAME:
# the library associated with this module directory, used in
# most cases for debugging purposes
#
# COMMON_LIB_LIBPATHS:
# link-time directories to search for libraries, with the -L flag
# preceeding each
#
# COMMON_LIB_LIBRARIES:
# link-time libraries, with the -l flag preceeding each
#
# COMMON_LIB_LOCALFLAGS:
# compile-time flags specific to compiling only the files in
# this module directory--this variable should only be set in
# extremely exceptional cases
#
# COMMON_LIB_MAKEFILES:
# the makefiles
#
# COMMON_LIB_PREFIX:
# defines the module name, which also serves as the
# prefix for all the variable names defined in this file
#
# COMMON_LIB_PRIVATE:
# the private, for-toolkit-use-only API header files
#
# COMMON_LIB_PROGRAMS:
# programs to build
#
# COMMON_LIB_PUBLIC:
# the header files that define the public API for the toolkit
# and any other 'public' files that should be copied to
# the build directory
#
# COMMON_LIB_SOURCES:
# the source files to compile to object
#
COMMON_LIB_DEFINES =
COMMON_LIB_INCLUDES =
COMMON_LIB_INTERNAL =
COMMON_LIB_LIBNAME = libcommon.$(LIBSUFFIX)
COMMON_LIB_LIBPATHS =
COMMON_LIB_LIBRARIES =
COMMON_LIB_LOCALFLAGS =
COMMON_LIB_MAKEFILES = targets.mk
COMMON_LIB_PREFIX = COMMON_LIB
COMMON_LIB_PRIVATE =
COMMON_LIB_PROGRAMS =
COMMON_LIB_PUBLIC =
COMMON_LIB_SOURCES = debug.c r_assoc.c r_bitfield.c r_data.c \
r_errors.c r_list.c r_replace.c r_time.c
#
# CONFIGURE AUTOMATICALLY-GENERATED MAKE ENVIRONMENT
#
# COMMON_LIB_OBJECTS:
# object files to build
#
# COMMON_LIB_UNUSED:
# obsolete files in the module directory that are not
# used during the build process
#
# COMMON_LIB_USED:
# all files in the module directory that are used
# during the build process
#
COMMON_LIB_OBJECTS = debug.$(OBJSUFFIX) r_assoc.$(OBJSUFFIX) \
r_bitfield.$(OBJSUFFIX) r_data.$(OBJSUFFIX) \
r_errors.$(OBJSUFFIX) r_list.$(OBJSUFFIX) \
r_replace.$(OBJSUFFIX) r_time.$(OBJSUFFIX)
COMMON_LIB_UNUSED = assoc.h debug.h local.mk r_assoc_test.c r_data.h \
rb_local.mk
COMMON_LIB_USED = $(COMMON_LIB_INTERNAL:%=$(COMMON_LIB_SRCDIR)%) \
$(COMMON_LIB_MAKEFILES:%=$(COMMON_LIB_SRCDIR)%) \
$(COMMON_LIB_PRIVATE:%=$(COMMON_LIB_SRCDIR)%) \
$(COMMON_LIB_PUBLIC:%=$(COMMON_LIB_SRCDIR)%) \
$(COMMON_LIB_SOURCES:%=$(COMMON_LIB_SRCDIR)%)
#
# NOTES
#
# The following variables may be used during the build process,
# but are not defined in this file. If they are to be set
# to something other than the default blank, then they must
# be set by the calling make system.
#
# COMMON_LIB_SRCDIR:
# if the build target directory is different from the
# module directory (the source directory), then this
# variable contains the relative or full path of
# the module directory
#
# LIBARS:
# the library archive files (with fully-specified paths) that
# executables built from this module directory depend upon
#
# LIBPATHS:
# the paths to search for library archives (specified with
# the -L)
#
# LIBRARIES:
# the libraries to use while building executables from
# this module directory (specified with the -l)
#
#
# GLOBAL ENVIRONMENT
#
DEFINES += $(COMMON_LIB_DEFINES)
INCLUDES += $(COMMON_LIB_INCLUDES)
LIBPATHS += $(COMMON_LIB_LIBPATHS)
LIBRARIES += $(COMMON_LIB_LIBRARIES)
OBJECTS += $(COMMON_LIB_OBJECTS)
PUBLIC += $(COMMON_LIB_PUBLIC)
#
# GENERIC DEPENDENCIES
#
# default:
# default dependency, must be the first dependency in this makefile
#
# all:
# build everything in this module directory
#
# build:
# make only the toolkit build files of this module directory
#
# ci:
# perform an RCS check-in of this module directory
#
# clean:
# remove the compiled files
#
# clean_public:
# remove the public header files that have been copied
# to a public build directory
#
# objects:
# build the object files (this dependency is used for
# building the toolkit library)
#
# private:
# build only the private API header files
#
# public:
# build only the public API header files
#
default: $(COMMON_LIB_LIBNAME)
default: $(COMMON_LIB_PROGRAMS)
all: $(COMMON_LIB_PUBLIC)
all: $(COMMON_LIB_OBJECTS)
all: $(COMMON_LIB_LIBNAME)
all: $(COMMON_LIB_PROGRAMS)
build: $(COMMON_LIB_PUBLIC)
build: $(COMMON_LIB_OBJECTS)
ci: common_lib_ci
clean: common_lib_clean
clean_public: common_lib_clean_public
objects: $(COMMON_LIB_OBJECTS)
private: $(COMMON_LIB_PRIVATE)
public: $(COMMON_LIB_PUBLIC)
#
# LOCAL UTILITY DEPENDENCIES
#
# utility dependencies are necessary because of some
# make-isms having to do with dependencies
#
common_lib_ci:
$(CI) $(CIFLAGS) $(COMMON_LIB_USED)
common_lib_clean:
$(RM) $(RMFLAGS) $(COMMON_LIB_OBJECTS) $(COMMON_LIB_LIBNAME) $(COMMON_LIB_PROGRAMS)
common_lib_clean_public:
$(RM) $(RMFLAGS) $(COMMON_LIB_PUBLIC)
common_lib_objects: $(COMMON_LIB_OBJECTS)
common_lib_programs: $(COMMON_LIB_PROGRAMS)
common_lib_public: $(COMMON_LIB_PUBLIC)
#
# BUILD DEPENDENCIES
#
# build dependencies invoke the rule used to build each
# class of file
#
$(COMMON_LIB_LIBNAME):
$(AR) $(ARFLAGS) $@ $?
$(RANLIB) $@
$(COMMON_LIB_OBJECTS):
$(COMPILE.c) $(COMMON_LIB_SRCDIR)$(@:%.$(OBJSUFFIX)=%.c) $(DEFINES) $(INCLUDES) $(COMMON_LIB_LOCALFLAGS)
$(COMMON_LIB_PUBLIC):
$(CP) $(CPFLAGS) $(COMMON_LIB_SRCDIR)$@ $@
$(COMMON_LIB_PROGRAMS):
$(LINK.c) $@.$(OBJSUFFIX) $(LDLIBS) $(LIBS) $(LIBRARIES) $(LIBPATHS)
#LIBS above is obsolete (use LIBARARIES instead)
#
# FILE DEPENDENCIES
#
# file dependencies state, for each file that is built,
# which file(s) it depends upon
#
debug.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)debug.h
debug.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)debug.c
r_assoc.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_assoc.c
r_bitfield.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_bitfield.c
r_data.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_data.h
r_data.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_data.c
r_errors.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_errors.c
r_list.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_list.c
r_replace.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_replace.c
r_time.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_time.c
$(COMMON_LIB_LIBNAME): $(COMMON_LIB_OBJECTS)

2
common/lib/targets.mk Normal file
View file

@ -0,0 +1,2 @@
include $(COMMON_LIB_SRCDIR)local.mk

0
common/lib/threads/null/targets.mk Normal file
View file

151
common/lib/threads/pthreads/pthread.c Normal file
View file

@ -0,0 +1,151 @@
/**
pthread.c
Copyright (C) 1999, RTFM, Inc.
All Rights Reserved.
ekr@rtfm.com Tue Feb 23 15:08:03 1999
*/
static char *RCSSTRING="$Id: pthread.c,v 1.1.1.1 2000/10/09 00:45:39 ekr Exp $";
#include <r_common.h>
#include <r_thread.h>
#include <pthread.h>
static int thread_count=0;
typedef struct {
void (*func) PROTO_LIST((void *));
void *arg;
} helper;
static void *r_thread_real_create PROTO_LIST((void *arg));
static void *r_thread_real_create(arg)
void *arg;
{
helper *h;
h=(helper *)arg;
thread_count++;
h->func(h->arg);
thread_count--;
free(h);
return(0);
}
int r_thread_fork(func,arg,id)
void (*func) PROTO_LIST((void *));
void *arg;
r_thread *id;
{
pthread_t thread;
helper *h;
int r,_status;
h=(helper *)malloc(sizeof(helper));
h->func=func;
h->arg=arg;
if(r=pthread_create(&thread,0,r_thread_real_create,(void *)h))
ABORT(R_INTERNAL);
_status=0;
abort:
return(_status);
}
int r_thread_yield()
{
pthread_yield();
}
int r_thread_exit()
{
thread_count--;
pthread_exit(0);
return(0);
}
int r_thread_wait_last()
{
do {
pthread_yield();
usleep(10000);
DBG((0,"%d threads left",thread_count));
} while (thread_count);
return(0);
}
int r_rwlock_create(lockp)
r_rwlock **lockp;
{
pthread_rwlock_t *lock;
int r;
if(!(lock=(pthread_rwlock_t *)malloc(sizeof(pthread_rwlock_t))))
ERETURN(R_NO_MEMORY);
if(r=pthread_rwlock_init(lock,0))
ERETURN(R_INTERNAL);
*lockp=(void *)lock;
return(0);
}
int r_rwlock_destroy(lock)
r_rwlock **lock;
{
pthread_rwlock_t *plock;
if(!lock || !*lock)
return(0);
plock=(pthread_rwlock_t *)(*lock);
pthread_rwlock_destroy(plock);
return(0);
}
int r_rwlock_lock(lock,action)
r_rwlock *lock;
int action;
{
pthread_rwlock_t *plock;
int r,_status;
plock=(pthread_rwlock_t *)lock;
switch(action){
case R_RWLOCK_UNLOCK:
if(r=pthread_rwlock_unlock(plock))
ABORT(R_INTERNAL);
break;
case R_RWLOCK_RLOCK:
if(r=pthread_rwlock_rdlock(plock))
ABORT(R_INTERNAL);
break;
case R_RWLOCK_WLOCK:
if(r=pthread_rwlock_wrlock(plock))
ABORT(R_INTERNAL);
break;
default:
ABORT(R_BAD_ARGS);
}
_status=0;
abort:
return(_status);
}

259
common/lib/threads/pthreads/targets.mk Normal file
View file

@ -0,0 +1,259 @@
#
# targets.mk
#
# $Source: /usr/local/CVS/ssldump/common/lib/threads/pthreads/targets.mk,v $
# $Revision: 1.1.1.1 $
# $Date: 2000/10/09 00:45:39 $
# $Name: $
# $Disclaimer$
#
# Copyright (C) 1999, Terisa Systems, Inc.
# All Rights Reserved.
#
# ekr@terisa.com
#
#
# CONFIGURE USER-DEFINED MAKE ENVIRONMENT
#
# These fields are specified by the user. The remainder of
# this file is generated from this user-specified information.
#
# THREADS_PTHREADS_DEFINES:
# cpp defines, with the -D flag preceeding each
#
# THREADS_PTHREADS_INCLUDES:
# cpp include directories, with the -I flag preceeding each
#
# THREADS_PTHREADS_INTERNAL:
# headers files which are local to a specific module directory,
# and should not be used by other parts of the toolkit or by
# the user
#
# THREADS_PTHREADS_LIBNAME:
# the library associated with this module directory, used in
# most cases for debugging purposes
#
# THREADS_PTHREADS_LIBPATHS:
# link-time directories to search for libraries, with the -L flag
# preceeding each
#
# THREADS_PTHREADS_LIBRARIES:
# link-time libraries, with the -l flag preceeding each
#
# THREADS_PTHREADS_LOCALFLAGS:
# compile-time flags specific to compiling only the files in
# this module directory--this variable should only be set in
# extremely exceptional cases
#
# THREADS_PTHREADS_MAKEFILES:
# the makefiles
#
# THREADS_PTHREADS_PREFIX:
# defines the module name, which also serves as the
# prefix for all the variable names defined in this file
#
# THREADS_PTHREADS_PRIVATE:
# the private, for-toolkit-use-only API header files
#
# THREADS_PTHREADS_PROGRAMS:
# programs to build
#
# THREADS_PTHREADS_PUBLIC:
# the header files that define the public API for the toolkit
# and any other 'public' files that should be copied to
# the build directory
#
# THREADS_PTHREADS_SOURCES:
# the source files to compile to object
#
THREADS_PTHREADS_DEFINES =
THREADS_PTHREADS_INCLUDES =
THREADS_PTHREADS_INTERNAL =
THREADS_PTHREADS_LIBNAME =
THREADS_PTHREADS_LIBPATHS =
THREADS_PTHREADS_LIBRARIES =
THREADS_PTHREADS_LOCALFLAGS =
THREADS_PTHREADS_MAKEFILES =
THREADS_PTHREADS_PREFIX = THREADS_PTHREADS
THREADS_PTHREADS_PRIVATE =
THREADS_PTHREADS_PROGRAMS =
THREADS_PTHREADS_PUBLIC =
THREADS_PTHREADS_SOURCES = pthread.c
#
# CONFIGURE AUTOMATICALLY-GENERATED MAKE ENVIRONMENT
#
# THREADS_PTHREADS_OBJECTS:
# object files to build
#
# THREADS_PTHREADS_UNUSED:
# obsolete files in the module directory that are not
# used during the build process
#
# THREADS_PTHREADS_USED:
# all files in the module directory that are used
# during the build process
#
THREADS_PTHREADS_OBJECTS = pthread.$(OBJSUFFIX)
THREADS_PTHREADS_UNUSED = targets.mk
THREADS_PTHREADS_USED = $(THREADS_PTHREADS_INTERNAL:%=$(THREADS_PTHREADS_SRCDIR)%) \
$(THREADS_PTHREADS_MAKEFILES:%=$(THREADS_PTHREADS_SRCDIR)%) \
$(THREADS_PTHREADS_PRIVATE:%=$(THREADS_PTHREADS_SRCDIR)%) \
$(THREADS_PTHREADS_PUBLIC:%=$(THREADS_PTHREADS_SRCDIR)%) \
$(THREADS_PTHREADS_SOURCES:%=$(THREADS_PTHREADS_SRCDIR)%)
#
# NOTES
#
# The following variables may be used during the build process,
# but are not defined in this file. If they are to be set
# to something other than the default blank, then they must
# be set by the calling make system.
#
# THREADS_PTHREADS_SRCDIR:
# if the build target directory is different from the
# module directory (the source directory), then this
# variable contains the relative or full path of
# the module directory
#
# LIBARS:
# the library archive files (with fully-specified paths) that
# executables built from this module directory depend upon
#
# LIBPATHS:
# the paths to search for library archives (specified with
# the -L)
#
# LIBRARIES:
# the libraries to use while building executables from
# this module directory (specified with the -l)
#
#
# GLOBAL ENVIRONMENT
#
DEFINES += $(THREADS_PTHREADS_DEFINES)
INCLUDES += $(THREADS_PTHREADS_INCLUDES)
LIBPATHS += $(THREADS_PTHREADS_LIBPATHS)
LIBRARIES += $(THREADS_PTHREADS_LIBRARIES)
OBJECTS += $(THREADS_PTHREADS_OBJECTS)
PUBLIC += $(THREADS_PTHREADS_PUBLIC)
#
# GENERIC DEPENDENCIES
#
# default:
# default dependency, must be the first dependency in this makefile
#
# all:
# build everything in this module directory
#
# build:
# make only the toolkit build files of this module directory
#
# ci:
# perform an RCS check-in of this module directory
#
# clean:
# remove the compiled files
#
# clean_public:
# remove the public header files that have been copied
# to a public build directory
#
# objects:
# build the object files (this dependency is used for
# building the toolkit library)
#
# private:
# build only the private API header files
#
# public:
# build only the public API header files
#
default: $(THREADS_PTHREADS_LIBNAME)
default: $(THREADS_PTHREADS_PROGRAMS)
all: $(THREADS_PTHREADS_PUBLIC)
all: $(THREADS_PTHREADS_OBJECTS)
all: $(THREADS_PTHREADS_LIBNAME)
all: $(THREADS_PTHREADS_PROGRAMS)
build: $(THREADS_PTHREADS_PUBLIC)
build: $(THREADS_PTHREADS_OBJECTS)
ci: threads_pthreads_ci
clean: threads_pthreads_clean
clean_public: threads_pthreads_clean_public
objects: $(THREADS_PTHREADS_OBJECTS)
private: $(THREADS_PTHREADS_PRIVATE)
public: $(THREADS_PTHREADS_PUBLIC)
#
# LOCAL UTILITY DEPENDENCIES
#
# utility dependencies are necessary because of some
# make-isms having to do with dependencies
#
threads_pthreads_ci:
$(CI) $(CIFLAGS) $(THREADS_PTHREADS_USED)
threads_pthreads_clean:
$(RM) $(RMFLAGS) $(THREADS_PTHREADS_OBJECTS) $(THREADS_PTHREADS_LIBNAME) $(THREADS_PTHREADS_PROGRAMS)
threads_pthreads_clean_public:
$(RM) $(RMFLAGS) $(THREADS_PTHREADS_PUBLIC)
threads_pthreads_objects: $(THREADS_PTHREADS_OBJECTS)
threads_pthreads_programs: $(THREADS_PTHREADS_PROGRAMS)
threads_pthreads_public: $(THREADS_PTHREADS_PUBLIC)
#
# BUILD DEPENDENCIES
#
# build dependencies invoke the rule used to build each
# class of file
#
$(THREADS_PTHREADS_LIBNAME):
$(AR) $(ARFLAGS) $@ $?
$(RANLIB) $@
$(THREADS_PTHREADS_OBJECTS):
$(COMPILE.c) $(THREADS_PTHREADS_SRCDIR)$(@:%.$(OBJSUFFIX)=%.c) $(DEFINES) $(INCLUDES) $(THREADS_PTHREADS_LOCALFLAGS)
$(THREADS_PTHREADS_PUBLIC):
$(CP) $(CPFLAGS) $(THREADS_PTHREADS_SRCDIR)$@ $@
$(THREADS_PTHREADS_PROGRAMS):
$(LINK.c) $@.$(OBJSUFFIX) $(LDLIBS) $(LIBS) $(LIBRARIES) $(LIBPATHS)
#LIBS above is obsolete (use LIBARARIES instead)
#
# FILE DEPENDENCIES
#
# file dependencies state, for each file that is built,
# which file(s) it depends upon
#
pthread.$(OBJSUFFIX): $(THREADS_PTHREADS_SRCDIR)pthread.c
$(THREADS_PTHREADS_LIBNAME): $(THREADS_PTHREADS_OBJECTS)

4
common/lib/threads/targets.mk Normal file
View file

@ -0,0 +1,4 @@
THREADS_SRCDIR=$(COMMON_LIB_SRCDIR)threads/
THREADS_PTHREADS_SRCDIR=$(THREADS_SRCDIR)pthreads/
include $(THREADS_SRCDIR)$(THREADS_TYPE)/targets.mk

693
config.guess vendored Executable file
View file

@ -0,0 +1,693 @@
#! /bin/sh
# Attempt to guess a canonical system name.
# Copyright (C) 1992, 93, 94, 95, 1996 Free Software Foundation, Inc.
#
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# Written by Per Bothner <bothner@cygnus.com>.
# The master version of this file is at the FSF in /home/gd/gnu/lib.
#
# This script attempts to guess a canonical system name similar to
# config.sub. If it succeeds, it prints the system name on stdout, and
# exits with 0. Otherwise, it exits with 1.
#
# The plan is that this can be called by configure scripts if you
# don't specify an explicit system type (host/target name).
#
# Only a few systems have been added to this list; please add others
# (but try to keep the structure clean).
#
# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
# (ghazi@noc.rutgers.edu 8/24/94.)
if (test -f /.attbin/uname) >/dev/null 2>&1 ; then
PATH=$PATH:/.attbin ; export PATH
fi
UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown
UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
trap 'rm -f dummy.c dummy.o dummy; exit 1' 1 2 15
# Note: order is significant - the case branches are not exclusive.
case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
alpha:OSF1:*:*)
# A Vn.n version is a released version.
# A Tn.n version is a released field test version.
# A Xn.n version is an unreleased experimental baselevel.
# 1.2 uses "1.2" for uname -r.
echo alpha-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//'`
exit 0 ;;
21064:Windows_NT:50:3)
echo alpha-dec-winnt3.5
exit 0 ;;
Amiga*:UNIX_System_V:4.0:*)
echo m68k-cbm-sysv4
exit 0;;
amiga:NetBSD:*:*)
echo m68k-cbm-netbsd${UNAME_RELEASE}
exit 0 ;;
amiga:OpenBSD:*:*)
echo m68k-cbm-openbsd${UNAME_RELEASE}
exit 0 ;;
arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
echo arm-acorn-riscix${UNAME_RELEASE}
exit 0;;
Pyramid*:OSx*:*:*|MIS*:OSx*:*:*)
# akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE.
if test "`(/bin/universe) 2>/dev/null`" = att ; then
echo pyramid-pyramid-sysv3
else
echo pyramid-pyramid-bsd
fi
exit 0 ;;
NILE:*:*:dcosx)
echo pyramid-pyramid-svr4
exit 0 ;;
sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit 0 ;;
i86pc:SunOS:5.*:*)
echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit 0 ;;
sun4*:SunOS:6*:*)
# According to config.sub, this is the proper way to canonicalize
# SunOS6. Hard to guess exactly what SunOS6 will be like, but
# it's likely to be more like Solaris than SunOS4.
echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit 0 ;;
sun4*:SunOS:*:*)
case "`/usr/bin/arch -k`" in
Series*|S4*)
UNAME_RELEASE=`uname -v`
;;
esac
# Japanese Language versions have a version number like `4.1.3-JL'.
echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'`
exit 0 ;;
sun3*:SunOS:*:*)
echo m68k-sun-sunos${UNAME_RELEASE}
exit 0 ;;
aushp:SunOS:*:*)
echo sparc-auspex-sunos${UNAME_RELEASE}
exit 0 ;;
atari*:NetBSD:*:*)
echo m68k-atari-netbsd${UNAME_RELEASE}
exit 0 ;;
atari*:OpenBSD:*:*)
echo m68k-atari-openbsd${UNAME_RELEASE}
exit 0 ;;
sun3*:NetBSD:*:*)
echo m68k-sun-netbsd${UNAME_RELEASE}
exit 0 ;;
sun3*:OpenBSD:*:*)
echo m68k-sun-openbsd${UNAME_RELEASE}
exit 0 ;;
mac68k:NetBSD:*:*)
echo m68k-apple-netbsd${UNAME_RELEASE}
exit 0 ;;
mac68k:OpenBSD:*:*)
echo m68k-apple-openbsd${UNAME_RELEASE}
exit 0 ;;
powerpc:machten:*:*)
echo powerpc-apple-machten${UNAME_RELEASE}
exit 0 ;;
RISC*:Mach:*:*)
echo mips-dec-mach_bsd4.3
exit 0 ;;
RISC*:ULTRIX:*:*)
echo mips-dec-ultrix${UNAME_RELEASE}
exit 0 ;;
VAX*:ULTRIX*:*:*)
echo vax-dec-ultrix${UNAME_RELEASE}
exit 0 ;;
mips:*:*:UMIPS | mips:*:*:RISCos)
sed 's/^ //' << EOF >dummy.c
int main (argc, argv) int argc; char **argv; {
#if defined (host_mips) && defined (MIPSEB)
#if defined (SYSTYPE_SYSV)
printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0);
#endif
#if defined (SYSTYPE_SVR4)
printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0);
#endif
#if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD)
printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0);
#endif
#endif
exit (-1);
}
EOF
${CC-cc} dummy.c -o dummy \
&& ./dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \
&& rm dummy.c dummy && exit 0
rm -f dummy.c dummy
echo mips-mips-riscos${UNAME_RELEASE}
exit 0 ;;
Night_Hawk:Power_UNIX:*:*)
echo powerpc-harris-powerunix
exit 0 ;;
m88k:CX/UX:7*:*)
echo m88k-harris-cxux7
exit 0 ;;
m88k:*:4*:R4*)
echo m88k-motorola-sysv4
exit 0 ;;
m88k:*:3*:R3*)
echo m88k-motorola-sysv3
exit 0 ;;
AViiON:dgux:*:*)
# DG/UX returns AViiON for all architectures
UNAME_PROCESSOR=`/usr/bin/uname -p`
if [ $UNAME_PROCESSOR = mc88100 -o $UNAME_PROCESSOR = mc88110 ] ; then
if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx \
-o ${TARGET_BINARY_INTERFACE}x = x ] ; then
echo m88k-dg-dgux${UNAME_RELEASE}
else
echo m88k-dg-dguxbcs${UNAME_RELEASE}
fi
else echo i586-dg-dgux${UNAME_RELEASE}
fi
exit 0 ;;
M88*:DolphinOS:*:*) # DolphinOS (SVR3)
echo m88k-dolphin-sysv3
exit 0 ;;
M88*:*:R3*:*)
# Delta 88k system running SVR3
echo m88k-motorola-sysv3
exit 0 ;;
XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3)
echo m88k-tektronix-sysv3
exit 0 ;;
Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD)
echo m68k-tektronix-bsd
exit 0 ;;
*:IRIX*:*:*)
echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'`
exit 0 ;;
????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id
exit 0 ;; # Note that: echo "'`uname -s`'" gives 'AIX '
i?86:AIX:*:*)
echo i386-ibm-aix
exit 0 ;;
*:AIX:2:3)
if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
sed 's/^ //' << EOF >dummy.c
#include <sys/systemcfg.h>
main()
{
if (!__power_pc())
exit(1);
puts("powerpc-ibm-aix3.2.5");
exit(0);
}
EOF
${CC-cc} dummy.c -o dummy && ./dummy && rm dummy.c dummy && exit 0
rm -f dummy.c dummy
echo rs6000-ibm-aix3.2.5
elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
echo rs6000-ibm-aix3.2.4
else
echo rs6000-ibm-aix3.2
fi
exit 0 ;;
*:AIX:*:4)
if /usr/sbin/lsattr -EHl proc0 | grep POWER >/dev/null 2>&1; then
IBM_ARCH=rs6000
else
IBM_ARCH=powerpc
fi
if [ -x /usr/bin/oslevel ] ; then
IBM_REV=`/usr/bin/oslevel`
else
IBM_REV=4.${UNAME_RELEASE}
fi
echo ${IBM_ARCH}-ibm-aix${IBM_REV}
exit 0 ;;
*:AIX:*:*)
echo rs6000-ibm-aix
exit 0 ;;
ibmrt:4.4BSD:*|romp-ibm:BSD:*)
echo romp-ibm-bsd4.4
exit 0 ;;
ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC NetBSD and
echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to
exit 0 ;; # report: romp-ibm BSD 4.3
*:BOSX:*:*)
echo rs6000-bull-bosx
exit 0 ;;
DPX/2?00:B.O.S.:*:*)
echo m68k-bull-sysv3
exit 0 ;;
9000/[34]??:4.3bsd:1.*:*)
echo m68k-hp-bsd
exit 0 ;;
hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*)
echo m68k-hp-bsd4.4
exit 0 ;;
9000/[3478]??:HP-UX:*:*)
case "${UNAME_MACHINE}" in
9000/31? ) HP_ARCH=m68000 ;;
9000/[34]?? ) HP_ARCH=m68k ;;
9000/7?? | 9000/8?[1679] ) HP_ARCH=hppa1.1 ;;
9000/8?? ) HP_ARCH=hppa1.0 ;;
esac
HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
echo ${HP_ARCH}-hp-hpux${HPUX_REV}
exit 0 ;;
3050*:HI-UX:*:*)
sed 's/^ //' << EOF >dummy.c
#include <unistd.h>
int
main ()
{
long cpu = sysconf (_SC_CPU_VERSION);
/* The order matters, because CPU_IS_HP_MC68K erroneously returns
true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct
results, however. */
if (CPU_IS_PA_RISC (cpu))
{
switch (cpu)
{
case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break;
case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break;
case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break;
default: puts ("hppa-hitachi-hiuxwe2"); break;
}
}
else if (CPU_IS_HP_MC68K (cpu))
puts ("m68k-hitachi-hiuxwe2");
else puts ("unknown-hitachi-hiuxwe2");
exit (0);
}
EOF
${CC-cc} dummy.c -o dummy && ./dummy && rm dummy.c dummy && exit 0
rm -f dummy.c dummy
echo unknown-hitachi-hiuxwe2
exit 0 ;;
9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* )
echo hppa1.1-hp-bsd
exit 0 ;;
9000/8??:4.3bsd:*:*)
echo hppa1.0-hp-bsd
exit 0 ;;
hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* )
echo hppa1.1-hp-osf
exit 0 ;;
hp8??:OSF1:*:*)
echo hppa1.0-hp-osf
exit 0 ;;
i?86:OSF1:*:*)
if [ -x /usr/sbin/sysversion ] ; then
echo ${UNAME_MACHINE}-unknown-osf1mk
else
echo ${UNAME_MACHINE}-unknown-osf1
fi
exit 0 ;;
parisc*:Lites*:*:*)
echo hppa1.1-hp-lites
exit 0 ;;
C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
echo c1-convex-bsd
exit 0 ;;
C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
if getsysinfo -f scalar_acc
then echo c32-convex-bsd
else echo c2-convex-bsd
fi
exit 0 ;;
C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
echo c34-convex-bsd
exit 0 ;;
C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
echo c38-convex-bsd
exit 0 ;;
C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
echo c4-convex-bsd
exit 0 ;;
CRAY*X-MP:*:*:*)
echo xmp-cray-unicos
exit 0 ;;
CRAY*Y-MP:*:*:*)
echo ymp-cray-unicos${UNAME_RELEASE}
exit 0 ;;
CRAY*[A-Z]90:*:*:*)
echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \
| sed -e 's/CRAY.*\([A-Z]90\)/\1/' \
-e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/
exit 0 ;;
CRAY*TS:*:*:*)
echo t90-cray-unicos${UNAME_RELEASE}
exit 0 ;;
CRAY-2:*:*:*)
echo cray2-cray-unicos
exit 0 ;;
F300:UNIX_System_V:*:*)
FUJITSU_SYS=`uname -p | tr [A-Z] [a-z] | sed -e 's/\///'`
FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
echo "f300-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
exit 0 ;;
F301:UNIX_System_V:*:*)
echo f301-fujitsu-uxpv`echo $UNAME_RELEASE | sed 's/ .*//'`
exit 0 ;;
hp3[0-9][05]:NetBSD:*:*)
echo m68k-hp-netbsd${UNAME_RELEASE}
exit 0 ;;
hp3[0-9][05]:OpenBSD:*:*)
echo m68k-hp-openbsd${UNAME_RELEASE}
exit 0 ;;
i?86:BSD/386:*:* | *:BSD/OS:*:*)
echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
exit 0 ;;
*:FreeBSD:*:*)
echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
exit 0 ;;
*:NetBSD:*:*)
echo ${UNAME_MACHINE}-unknown-netbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
exit 0 ;;
*:OpenBSD:*:*)
echo ${UNAME_MACHINE}-unknown-openbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
exit 0 ;;
i*:CYGWIN*:*)
echo i386-pc-cygwin32
exit 0 ;;
p*:CYGWIN*:*)
echo powerpcle-unknown-cygwin32
exit 0 ;;
prep*:SunOS:5.*:*)
echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit 0 ;;
*:GNU:*:*)
echo `echo ${UNAME_MACHINE}|sed -e 's,/.*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'`
exit 0 ;;
*:Linux:*:*)
# The BFD linker knows what the default object file format is, so
# first see if it will tell us.
ld_help_string=`ld --help 2>&1`
if echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: elf_i.86"; then
echo "${UNAME_MACHINE}-pc-linux-gnu" ; exit 0
elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: i.86linux"; then
echo "${UNAME_MACHINE}-pc-linux-gnuaout" ; exit 0
elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: i.86coff"; then
echo "${UNAME_MACHINE}-pc-linux-gnucoff" ; exit 0
elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: m68kelf"; then
echo "${UNAME_MACHINE}-unknown-linux-gnu" ; exit 0
elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: m68klinux"; then
echo "${UNAME_MACHINE}-unknown-linux-gnuaout" ; exit 0
elif echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations: elf32ppc"; then
echo "powerpc-unknown-linux-gnu" ; exit 0
elif test "${UNAME_MACHINE}" = "alpha" ; then
echo alpha-unknown-linux-gnu ; exit 0
elif test "${UNAME_MACHINE}" = "sparc" ; then
echo sparc-unknown-linux-gnu ; exit 0
else
# Either a pre-BFD a.out linker (linux-gnuoldld) or one that does not give us
# useful --help. Gcc wants to distinguish between linux-gnuoldld and linux-gnuaout.
test ! -d /usr/lib/ldscripts/. \
&& echo "${UNAME_MACHINE}-pc-linux-gnuoldld" && exit 0
# Determine whether the default compiler is a.out or elf
cat >dummy.c <<EOF
main(argc, argv)
int argc;
char *argv[];
{
#ifdef __ELF__
printf ("%s-pc-linux-gnu\n", argv[1]);
#else
printf ("%s-pc-linux-gnuaout\n", argv[1]);
#endif
return 0;
}
EOF
${CC-cc} dummy.c -o dummy 2>/dev/null && ./dummy "${UNAME_MACHINE}" && rm dummy.c dummy && exit 0
rm -f dummy.c dummy
fi ;;
# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. earlier versions
# are messed up and put the nodename in both sysname and nodename.
i?86:DYNIX/ptx:4*:*)
echo i386-sequent-sysv4
exit 0 ;;
i?86:*:4.*:* | i?86:SYSTEM_V:4.*:*)
if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
echo ${UNAME_MACHINE}-univel-sysv${UNAME_RELEASE}
else
echo ${UNAME_MACHINE}-pc-sysv${UNAME_RELEASE}
fi
exit 0 ;;
i?86:*:3.2:*)
if test -f /usr/options/cb.name; then
UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name`
echo ${UNAME_MACHINE}-pc-isc$UNAME_REL
elif /bin/uname -X 2>/dev/null >/dev/null ; then
UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')`
(/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486
(/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) \
&& UNAME_MACHINE=i586
echo ${UNAME_MACHINE}-pc-sco$UNAME_REL
else
echo ${UNAME_MACHINE}-pc-sysv32
fi
exit 0 ;;
Intel:Mach:3*:*)
echo i386-pc-mach3
exit 0 ;;
paragon:*:*:*)
echo i860-intel-osf1
exit 0 ;;
i860:*:4.*:*) # i860-SVR4
if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then
echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4
else # Add other i860-SVR4 vendors below as they are discovered.
echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4
fi
exit 0 ;;
mini*:CTIX:SYS*5:*)
# "miniframe"
echo m68010-convergent-sysv
exit 0 ;;
M68*:*:R3V[567]*:*)
test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;;
3[34]??:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 4850:*:4.0:3.0)
OS_REL=''
test -r /etc/.relid \
&& OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
&& echo i486-ncr-sysv4.3${OS_REL} && exit 0
/bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
&& echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;;
3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
&& echo i486-ncr-sysv4 && exit 0 ;;
m68*:LynxOS:2.*:*)
echo m68k-unknown-lynxos${UNAME_RELEASE}
exit 0 ;;
mc68030:UNIX_System_V:4.*:*)
echo m68k-atari-sysv4
exit 0 ;;
i?86:LynxOS:2.*:*)
echo i386-unknown-lynxos${UNAME_RELEASE}
exit 0 ;;
TSUNAMI:LynxOS:2.*:*)
echo sparc-unknown-lynxos${UNAME_RELEASE}
exit 0 ;;
rs6000:LynxOS:2.*:* | PowerPC:LynxOS:2.*:*)
echo rs6000-unknown-lynxos${UNAME_RELEASE}
exit 0 ;;
SM[BE]S:UNIX_SV:*:*)
echo mips-dde-sysv${UNAME_RELEASE}
exit 0 ;;
RM*:SINIX-*:*:*)
echo mips-sni-sysv4
exit 0 ;;
*:SINIX-*:*:*)
if uname -p 2>/dev/null >/dev/null ; then
UNAME_MACHINE=`(uname -p) 2>/dev/null`
echo ${UNAME_MACHINE}-sni-sysv4
else
echo ns32k-sni-sysv
fi
exit 0 ;;
*:UNIX_System_V:4*:FTX*)
# From Gerald Hewes <hewes@openmarket.com>.
# How about differentiating between stratus architectures? -djm
echo hppa1.1-stratus-sysv4
exit 0 ;;
*:*:*:FTX*)
# From seanf@swdc.stratus.com.
echo i860-stratus-sysv4
exit 0 ;;
mc68*:A/UX:*:*)
echo m68k-apple-aux${UNAME_RELEASE}
exit 0 ;;
R3000:*System_V*:*:* | R4000:UNIX_SYSV:*:*)
if [ -d /usr/nec ]; then
echo mips-nec-sysv${UNAME_RELEASE}
else
echo mips-unknown-sysv${UNAME_RELEASE}
fi
exit 0 ;;
PENTIUM:CPunix:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
# says <Richard.M.Bartel@ccMail.Census.GOV>
echo i586-unisys-sysv4
exit 0 ;;
esac
#echo '(No uname command or uname output not recognized.)' 1>&2
#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2
cat >dummy.c <<EOF
#ifdef _SEQUENT_
# include <sys/types.h>
# include <sys/utsname.h>
#endif
main ()
{
#if defined (sony)
#if defined (MIPSEB)
/* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed,
I don't know.... */
printf ("mips-sony-bsd\n"); exit (0);
#else
#include <sys/param.h>
printf ("m68k-sony-newsos%s\n",
#ifdef NEWSOS4
"4"
#else
""
#endif
); exit (0);
#endif
#endif
#if defined (__arm) && defined (__acorn) && defined (__unix)
printf ("arm-acorn-riscix"); exit (0);
#endif
#if defined (hp300) && !defined (hpux)
printf ("m68k-hp-bsd\n"); exit (0);
#endif
#if defined (NeXT)
#if !defined (__ARCHITECTURE__)
#define __ARCHITECTURE__ "m68k"
#endif
int version;
version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`;
printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version);
exit (0);
#endif
#if defined (MULTIMAX) || defined (n16)
#if defined (UMAXV)
printf ("ns32k-encore-sysv\n"); exit (0);
#else
#if defined (CMU)
printf ("ns32k-encore-mach\n"); exit (0);
#else
printf ("ns32k-encore-bsd\n"); exit (0);
#endif
#endif
#endif
#if defined (__386BSD__)
printf ("i386-pc-bsd\n"); exit (0);
#endif
#if defined (sequent)
#if defined (i386)
printf ("i386-sequent-dynix\n"); exit (0);
#endif
#if defined (ns32000)
printf ("ns32k-sequent-dynix\n"); exit (0);
#endif
#endif
#if defined (_SEQUENT_)
struct utsname un;
uname(&un);
if (strncmp(un.version, "V2", 2) == 0) {
printf ("i386-sequent-ptx2\n"); exit (0);
}
if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */
printf ("i386-sequent-ptx1\n"); exit (0);
}
printf ("i386-sequent-ptx\n"); exit (0);
#endif
#if defined (vax)
#if !defined (ultrix)
printf ("vax-dec-bsd\n"); exit (0);
#else
printf ("vax-dec-ultrix\n"); exit (0);
#endif
#endif
#if defined (alliant) && defined (i860)
printf ("i860-alliant-bsd\n"); exit (0);
#endif
exit (1);
}
EOF
${CC-cc} dummy.c -o dummy 2>/dev/null && ./dummy && rm dummy.c dummy && exit 0
rm -f dummy.c dummy
# Apollos put the system type in the environment.
test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; }
# Convex versions that predate uname can use getsysinfo(1)
if [ -x /usr/convex/getsysinfo ]
then
case `getsysinfo -f cpu_type` in
c1*)
echo c1-convex-bsd
exit 0 ;;
c2*)
if getsysinfo -f scalar_acc
then echo c32-convex-bsd
else echo c2-convex-bsd
fi
exit 0 ;;
c34*)
echo c34-convex-bsd
exit 0 ;;
c38*)
echo c38-convex-bsd
exit 0 ;;
c4*)
echo c4-convex-bsd
exit 0 ;;
esac
fi
#echo '(Unable to guess system type)' 1>&2
exit 1

927
config.sub vendored Executable file
View file

@ -0,0 +1,927 @@
#! /bin/sh
# Configuration validation subroutine script, version 1.1.
# Copyright (C) 1991, 92, 93, 94, 95, 1996 Free Software Foundation, Inc.
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
# can handle that machine. It does not imply ALL GNU software can.
#
# This file is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# Configuration subroutine to validate and canonicalize a configuration type.
# Supply the specified configuration type as an argument.
# If it is invalid, we print an error message on stderr and exit with code 1.
# Otherwise, we print the canonical config type on stdout and succeed.
# This file is supposed to be the same for all GNU packages
# and recognize all the CPU types, system types and aliases
# that are meaningful with *any* GNU software.
# Each package is responsible for reporting which valid configurations
# it does not support. The user should be able to distinguish
# a failure to support a valid configuration from a meaningless
# configuration.
# The goal of this file is to map all the various variations of a given
# machine specification into a single specification in the form:
# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
# or in some cases, the newer four-part form:
# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
# It is wrong to echo any other type of specification.
if [ x$1 = x ]
then
echo Configuration name missing. 1>&2
echo "Usage: $0 CPU-MFR-OPSYS" 1>&2
echo "or $0 ALIAS" 1>&2
echo where ALIAS is a recognized configuration type. 1>&2
exit 1
fi
# First pass through any local machine types.
case $1 in
*local*)
echo $1
exit 0
;;
*)
;;
esac
# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any).
# Here we must recognize all the valid KERNEL-OS combinations.
maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
case $maybe_os in
linux-gnu*)
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
;;
*)
basic_machine=`echo $1 | sed 's/-[^-]*$//'`
if [ $basic_machine != $1 ]
then os=`echo $1 | sed 's/.*-/-/'`
else os=; fi
;;
esac
### Let's recognize common machines as not being operating systems so
### that things like config.sub decstation-3100 work. We also
### recognize some manufacturers as not being operating systems, so we
### can provide default operating systems below.
case $os in
-sun*os*)
# Prevent following clause from handling this invalid input.
;;
-dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \
-att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \
-unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \
-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
-apple)
os=
basic_machine=$1
;;
-hiux*)
os=-hiuxwe2
;;
-sco5)
os=sco3.2v5
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-sco4)
os=-sco3.2v4
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-sco3.2.[4-9]*)
os=`echo $os | sed -e 's/sco3.2./sco3.2v/'`
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-sco3.2v[4-9]*)
# Don't forget version if it is 3.2v4 or newer.
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-sco*)
os=-sco3.2v2
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-isc)
os=-isc2.2
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-clix*)
basic_machine=clipper-intergraph
;;
-isc*)
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
;;
-lynx*)
os=-lynxos
;;
-ptx*)
basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
;;
-windowsnt*)
os=`echo $os | sed -e 's/windowsnt/winnt/'`
;;
-psos*)
os=-psos
;;
esac
# Decode aliases for certain CPU-COMPANY combinations.
case $basic_machine in
# Recognize the basic CPU types without company name.
# Some are omitted here because they have special meanings below.
tahoe | i860 | m68k | m68000 | m88k | ns32k | arm \
| arme[lb] | pyramid \
| tron | a29k | 580 | i960 | h8300 | hppa | hppa1.0 | hppa1.1 \
| alpha | we32k | ns16k | clipper | i370 | sh \
| powerpc | powerpcle | 1750a | dsp16xx | mips64 | mipsel \
| pdp11 | mips64el | mips64orion | mips64orionel \
| sparc | sparclet | sparclite | sparc64)
basic_machine=$basic_machine-unknown
;;
# We use `pc' rather than `unknown'
# because (1) that's what they normally are, and
# (2) the word "unknown" tends to confuse beginning users.
i[3456]86)
basic_machine=$basic_machine-pc
;;
# Object if more than one company name word.
*-*-*)
echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
exit 1
;;
# Recognize the basic CPU types with company name.
vax-* | tahoe-* | i[3456]86-* | i860-* | m68k-* | m68000-* | m88k-* \
| sparc-* | ns32k-* | fx80-* | arm-* | c[123]* \
| mips-* | pyramid-* | tron-* | a29k-* | romp-* | rs6000-* | power-* \
| none-* | 580-* | cray2-* | h8300-* | i960-* | xmp-* | ymp-* \
| hppa-* | hppa1.0-* | hppa1.1-* | alpha-* | we32k-* | cydra-* | ns16k-* \
| pn-* | np1-* | xps100-* | clipper-* | orion-* | sparclite-* \
| pdp11-* | sh-* | powerpc-* | powerpcle-* | sparc64-* | mips64-* | mipsel-* \
| mips64el-* | mips64orion-* | mips64orionel-* | f301-*)
;;
# Recognize the various machine names and aliases which stand
# for a CPU type and a company and sometimes even an OS.
3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
basic_machine=m68000-att
;;
3b*)
basic_machine=we32k-att
;;
alliant | fx80)
basic_machine=fx80-alliant
;;
altos | altos3068)
basic_machine=m68k-altos
;;
am29k)
basic_machine=a29k-none
os=-bsd
;;
amdahl)
basic_machine=580-amdahl
os=-sysv
;;
amiga | amiga-*)
basic_machine=m68k-cbm
;;
amigados)
basic_machine=m68k-cbm
os=-amigados
;;
amigaunix | amix)
basic_machine=m68k-cbm
os=-sysv4
;;
apollo68)
basic_machine=m68k-apollo
os=-sysv
;;
aux)
basic_machine=m68k-apple
os=-aux
;;
balance)
basic_machine=ns32k-sequent
os=-dynix
;;
convex-c1)
basic_machine=c1-convex
os=-bsd
;;
convex-c2)
basic_machine=c2-convex
os=-bsd
;;
convex-c32)
basic_machine=c32-convex
os=-bsd
;;
convex-c34)
basic_machine=c34-convex
os=-bsd
;;
convex-c38)
basic_machine=c38-convex
os=-bsd
;;
cray | ymp)
basic_machine=ymp-cray
os=-unicos
;;
cray2)
basic_machine=cray2-cray
os=-unicos
;;
[ctj]90-cray)
basic_machine=c90-cray
os=-unicos
;;
crds | unos)
basic_machine=m68k-crds
;;
da30 | da30-*)
basic_machine=m68k-da30
;;
decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
basic_machine=mips-dec
;;
delta | 3300 | motorola-3300 | motorola-delta \
| 3300-motorola | delta-motorola)
basic_machine=m68k-motorola
;;
delta88)
basic_machine=m88k-motorola
os=-sysv3
;;
dpx20 | dpx20-*)
basic_machine=rs6000-bull
os=-bosx
;;
dpx2* | dpx2*-bull)
basic_machine=m68k-bull
os=-sysv3
;;
ebmon29k)
basic_machine=a29k-amd
os=-ebmon
;;
elxsi)
basic_machine=elxsi-elxsi
os=-bsd
;;
encore | umax | mmax)
basic_machine=ns32k-encore
;;
fx2800)
basic_machine=i860-alliant
;;
genix)
basic_machine=ns32k-ns
;;
gmicro)
basic_machine=tron-gmicro
os=-sysv
;;
h3050r* | hiux*)
basic_machine=hppa1.1-hitachi
os=-hiuxwe2
;;
h8300hms)
basic_machine=h8300-hitachi
os=-hms
;;
harris)
basic_machine=m88k-harris
os=-sysv3
;;
hp300-*)
basic_machine=m68k-hp
;;
hp300bsd)
basic_machine=m68k-hp
os=-bsd
;;
hp300hpux)
basic_machine=m68k-hp
os=-hpux
;;
hp9k2[0-9][0-9] | hp9k31[0-9])
basic_machine=m68000-hp
;;
hp9k3[2-9][0-9])
basic_machine=m68k-hp
;;
hp9k7[0-9][0-9] | hp7[0-9][0-9] | hp9k8[0-9]7 | hp8[0-9]7)
basic_machine=hppa1.1-hp
;;
hp9k8[0-9][0-9] | hp8[0-9][0-9])
basic_machine=hppa1.0-hp
;;
hppa-next)
os=-nextstep3
;;
i370-ibm* | ibm*)
basic_machine=i370-ibm
os=-mvs
;;
# I'm not sure what "Sysv32" means. Should this be sysv3.2?
i[3456]86v32)
basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
os=-sysv32
;;
i[3456]86v4*)
basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
os=-sysv4
;;
i[3456]86v)
basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
os=-sysv
;;
i[3456]86sol2)
basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
os=-solaris2
;;
iris | iris4d)
basic_machine=mips-sgi
case $os in
-irix*)
;;
*)
os=-irix4
;;
esac
;;
isi68 | isi)
basic_machine=m68k-isi
os=-sysv
;;
m88k-omron*)
basic_machine=m88k-omron
;;
magnum | m3230)
basic_machine=mips-mips
os=-sysv
;;
merlin)
basic_machine=ns32k-utek
os=-sysv
;;
miniframe)
basic_machine=m68000-convergent
;;
mips3*-*)
basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
;;
mips3*)
basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
;;
ncr3000)
basic_machine=i486-ncr
os=-sysv4
;;
news | news700 | news800 | news900)
basic_machine=m68k-sony
os=-newsos
;;
news1000)
basic_machine=m68030-sony
os=-newsos
;;
news-3600 | risc-news)
basic_machine=mips-sony
os=-newsos
;;
next | m*-next )
basic_machine=m68k-next
case $os in
-nextstep* )
;;
-ns2*)
os=-nextstep2
;;
*)
os=-nextstep3
;;
esac
;;
nh3000)
basic_machine=m68k-harris
os=-cxux
;;
nh[45]000)
basic_machine=m88k-harris
os=-cxux
;;
nindy960)
basic_machine=i960-intel
os=-nindy
;;
np1)
basic_machine=np1-gould
;;
pa-hitachi)
basic_machine=hppa1.1-hitachi
os=-hiuxwe2
;;
paragon)
basic_machine=i860-intel
os=-osf
;;
pbd)
basic_machine=sparc-tti
;;
pbb)
basic_machine=m68k-tti
;;
pc532 | pc532-*)
basic_machine=ns32k-pc532
;;
pentium | p5)
basic_machine=i586-intel
;;
pentiumpro | p6)
basic_machine=i686-intel
;;
pentium-* | p5-*)
basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
pentiumpro-* | p6-*)
basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
k5)
# We don't have specific support for AMD's K5 yet, so just call it a Pentium
basic_machine=i586-amd
;;
nexen)
# We don't have specific support for Nexgen yet, so just call it a Pentium
basic_machine=i586-nexgen
;;
pn)
basic_machine=pn-gould
;;
power) basic_machine=rs6000-ibm
;;
ppc) basic_machine=powerpc-unknown
;;
ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
ppcle | powerpclittle | ppc-le | powerpc-little)
basic_machine=powerpcle-unknown
;;
ppcle-* | powerpclittle-*)
basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
ps2)
basic_machine=i386-ibm
;;
rm[46]00)
basic_machine=mips-siemens
;;
rtpc | rtpc-*)
basic_machine=romp-ibm
;;
sequent)
basic_machine=i386-sequent
;;
sh)
basic_machine=sh-hitachi
os=-hms
;;
sps7)
basic_machine=m68k-bull
os=-sysv2
;;
spur)
basic_machine=spur-unknown
;;
sun2)
basic_machine=m68000-sun
;;
sun2os3)
basic_machine=m68000-sun
os=-sunos3
;;
sun2os4)
basic_machine=m68000-sun
os=-sunos4
;;
sun3os3)
basic_machine=m68k-sun
os=-sunos3
;;
sun3os4)
basic_machine=m68k-sun
os=-sunos4
;;
sun4os3)
basic_machine=sparc-sun
os=-sunos3
;;
sun4os4)
basic_machine=sparc-sun
os=-sunos4
;;
sun4sol2)
basic_machine=sparc-sun
os=-solaris2
;;
sun3 | sun3-*)
basic_machine=m68k-sun
;;
sun4)
basic_machine=sparc-sun
;;
sun386 | sun386i | roadrunner)
basic_machine=i386-sun
;;
symmetry)
basic_machine=i386-sequent
os=-dynix
;;
tower | tower-32)
basic_machine=m68k-ncr
;;
udi29k)
basic_machine=a29k-amd
os=-udi
;;
ultra3)
basic_machine=a29k-nyu
os=-sym1
;;
vaxv)
basic_machine=vax-dec
os=-sysv
;;
vms)
basic_machine=vax-dec
os=-vms
;;
vpp*|vx|vx-*)
basic_machine=f301-fujitsu
;;
vxworks960)
basic_machine=i960-wrs
os=-vxworks
;;
vxworks68)
basic_machine=m68k-wrs
os=-vxworks
;;
vxworks29k)
basic_machine=a29k-wrs
os=-vxworks
;;
xmp)
basic_machine=xmp-cray
os=-unicos
;;
xps | xps100)
basic_machine=xps100-honeywell
;;
none)
basic_machine=none-none
os=-none
;;
# Here we handle the default manufacturer of certain CPU types. It is in
# some cases the only manufacturer, in others, it is the most popular.
mips)
basic_machine=mips-mips
;;
romp)
basic_machine=romp-ibm
;;
rs6000)
basic_machine=rs6000-ibm
;;
vax)
basic_machine=vax-dec
;;
pdp11)
basic_machine=pdp11-dec
;;
we32k)
basic_machine=we32k-att
;;
sparc)
basic_machine=sparc-sun
;;
cydra)
basic_machine=cydra-cydrome
;;
orion)
basic_machine=orion-highlevel
;;
orion105)
basic_machine=clipper-highlevel
;;
*)
echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
exit 1
;;
esac
# Here we canonicalize certain aliases for manufacturers.
case $basic_machine in
*-digital*)
basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'`
;;
*-commodore*)
basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'`
;;
*)
;;
esac
# Decode manufacturer-specific aliases for certain operating systems.
if [ x"$os" != x"" ]
then
case $os in
# First match some system type aliases
# that might get confused with valid system types.
# -solaris* is a basic system type, with this one exception.
-solaris1 | -solaris1.*)
os=`echo $os | sed -e 's|solaris1|sunos4|'`
;;
-solaris)
os=-solaris2
;;
-unixware* | svr4*)
os=-sysv4
;;
-gnu/linux*)
os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'`
;;
# First accept the basic system types.
# The portable systems comes first.
# Each alternative MUST END IN A *, to match a version number.
# -sysv* is not here because it comes later, after sysvr4.
-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
| -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
| -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
| -amigados* | -msdos* | -newsos* | -unicos* | -aof* | -aos* \
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
| -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
| -hiux* | -386bsd* | -netbsd* | -openbsd* | -freebsd* | -riscix* \
| -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* \
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
| -cygwin32* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
| -linux-gnu* | -uxpv*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-linux*)
os=`echo $os | sed -e 's|linux|linux-gnu|'`
;;
-sunos5*)
os=`echo $os | sed -e 's|sunos5|solaris2|'`
;;
-sunos6*)
os=`echo $os | sed -e 's|sunos6|solaris3|'`
;;
-osfrose*)
os=-osfrose
;;
-osf*)
os=-osf
;;
-utek*)
os=-bsd
;;
-dynix*)
os=-bsd
;;
-acis*)
os=-aos
;;
-ctix* | -uts*)
os=-sysv
;;
-ns2 )
os=-nextstep2
;;
# Preserve the version number of sinix5.
-sinix5.*)
os=`echo $os | sed -e 's|sinix|sysv|'`
;;
-sinix*)
os=-sysv4
;;
-triton*)
os=-sysv3
;;
-oss*)
os=-sysv3
;;
-svr4)
os=-sysv4
;;
-svr3)
os=-sysv3
;;
-sysvr4)
os=-sysv4
;;
# This must come after -sysvr4.
-sysv*)
;;
-xenix)
os=-xenix
;;
-none)
;;
*)
# Get rid of the `-' at the beginning of $os.
os=`echo $os | sed 's/[^-]*-//'`
echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2
exit 1
;;
esac
else
# Here we handle the default operating systems that come with various machines.
# The value should be what the vendor currently ships out the door with their
# machine or put another way, the most popular os provided with the machine.
# Note that if you're going to try to match "-MANUFACTURER" here (say,
# "-sun"), then you have to tell the case statement up towards the top
# that MANUFACTURER isn't an operating system. Otherwise, code above
# will signal an error saying that MANUFACTURER isn't an operating
# system, and we'll never get to this point.
case $basic_machine in
*-acorn)
os=-riscix1.2
;;
arm*-semi)
os=-aout
;;
pdp11-*)
os=-none
;;
*-dec | vax-*)
os=-ultrix4.2
;;
m68*-apollo)
os=-domain
;;
i386-sun)
os=-sunos4.0.2
;;
m68000-sun)
os=-sunos3
# This also exists in the configure program, but was not the
# default.
# os=-sunos4
;;
*-tti) # must be before sparc entry or we get the wrong os.
os=-sysv3
;;
sparc-* | *-sun)
os=-sunos4.1.1
;;
*-ibm)
os=-aix
;;
*-hp)
os=-hpux
;;
*-hitachi)
os=-hiux
;;
i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent)
os=-sysv
;;
*-cbm)
os=-amigados
;;
*-dg)
os=-dgux
;;
*-dolphin)
os=-sysv3
;;
m68k-ccur)
os=-rtu
;;
m88k-omron*)
os=-luna
;;
*-next )
os=-nextstep
;;
*-sequent)
os=-ptx
;;
*-crds)
os=-unos
;;
*-ns)
os=-genix
;;
i370-*)
os=-mvs
;;
*-next)
os=-nextstep3
;;
*-gould)
os=-sysv
;;
*-highlevel)
os=-bsd
;;
*-encore)
os=-bsd
;;
*-sgi)
os=-irix
;;
*-siemens)
os=-sysv4
;;
*-masscomp)
os=-rtu
;;
f301-fujitsu)
os=-uxpv
;;
*)
os=-none
;;
esac
fi
# Here we handle the case where we know the os, and the CPU type, but not the
# manufacturer. We pick the logical manufacturer.
vendor=unknown
case $basic_machine in
*-unknown)
case $os in
-riscix*)
vendor=acorn
;;
-sunos*)
vendor=sun
;;
-aix*)
vendor=ibm
;;
-hpux*)
vendor=hp
;;
-hiux*)
vendor=hitachi
;;
-unos*)
vendor=crds
;;
-dgux*)
vendor=dg
;;
-luna*)
vendor=omron
;;
-genix*)
vendor=ns
;;
-mvs*)
vendor=ibm
;;
-ptx*)
vendor=sequent
;;
-vxsim* | -vxworks*)
vendor=wrs
;;
-aux*)
vendor=apple
;;
esac
basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
;;
esac
echo $basic_machine$os

2360
configure vendored Executable file
View file

File diff suppressed because it is too large Load diff

250
configure.in Normal file
View file

@ -0,0 +1,250 @@
dnl Copyright (C) 1999-2000 RTFM, Inc.
dnl All Rights Reserved
dnl This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
dnl <ekr\@rtfm.com> and licensed by RTFM, Inc.
dnl Redistribution and use in source and binary forms, with or without
dnl modification, are permitted provided that the following conditions
dnl are met:
dnl 1. Redistributions of source code must retain the above copyright
dnl notice, this list of conditions and the following disclaimer.
dnl 2. Redistributions in binary form must reproduce the above copyright
dnl notice, this list of conditions and the following disclaimer in the
dnl documentation and/or other materials provided with the distribution.
dnl 3. All advertising materials mentioning features or use of this software
dnl must display the following acknowledgement:
dnl
dnl This product includes software developed by Eric Rescorla for
dnl RTFM, Inc.
dnl
dnl 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
dnl used to endorse or promote products derived from this
dnl software without specific prior written permission.
dnl
dnl THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
dnl ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
dnl IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
dnl ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
dnl FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
dnl DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
dnl OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
dnl HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
dnl LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
dnl OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
dnl Process this file with autoconf to produce a configure script.
AC_INIT(base/pcap-snoop.c)
AC_CANONICAL_SYSTEM
dnl Checks for programs.
AC_PROG_CC
AC_PROG_MAKE_SET
AC_PROG_RANLIB
AC_PROG_INSTALL
AC_MSG_RESULT(configuring for $target_os)
dnl Replace `main' with a function in -lm:
AC_CHECK_LIB(m, pow)
dnl System-specific stuff
case "$target_os" in
linux*)
DEFINES="$DEFINES -D_BSD_SOURCE=1 -DLINUX"
;;
solaris*)
LIBS="$LIBS -lsocket -lnsl"
;;
esac
RECORD_MOD="dummy"
dnl Look for PCAP
dnl We absolutely need pcap
ac_pcap_inc_dir="/usr/include /usr/include/pcap /usr/local/include"
ac_pcap_lib_dir="/usr/lib /usr/local/lib"
AC_ARG_WITH(pcap,[--with-pcap root location for pcap library],
if test "$withval" = "no"; then
AC_MSG_ERROR(PCAP required for ssldump)
else
ac_pcap_inc_dir=$withval/include
ac_pcap_lib_dir=$withval/lib
fi
)
AC_ARG_WITH(pcap-inc,[--with-pcap-inc PCAP include files],
ac_pcap_inc_dir=$withval
)
AC_ARG_WITH(pcap-lib,[--with-pcap-lib PCAP library files],
ac_pcap_lib_dir=$withval
)
dnl Now look for it
AC_MSG_CHECKING(for PCAP include files)
ac_found_pcap_inc_dir="no"
for dir in $ac_pcap_inc_dir; do
if test -f $dir/pcap.h; then
if test "$dir" != "/usr/include"; then
INCLUDES="-I$dir $INCLUDES"
fi
ac_found_pcap_inc_dir=$dir
echo "found in $dir"
break;
fi
done
if test "$ac_found_pcap_inc_dir" = "no"; then
echo
AC_MSG_ERROR(Couldn't find PCAP includes: needed for ssldump)
fi
AC_MSG_CHECKING(for PCAP library)
ac_found_pcap_lib_dir="no"
for dir in $ac_pcap_lib_dir; do
if test -f $dir/libpcap.a; then
dnl Ok, we think we've found them, but check that they
dnl actually ontain the right functions
save_LIBS=$LIBS
save_LDFLAGS=$LDFLAGS
LIBS="-lpcap $LIBS"
if test "$dir" != "/usr/lib"; then
LDFLAGS="-L$dir $LDFLAGS"
fi
AC_TRY_LINK_FUNC(pcap_open_live,ac_linked_libpcap="true",
ac_linked_libpcap="false");
if test "$ac_linked_libpcap" != "false"; then
ac_found_pcap_lib_dir=$dir
break
fi
LIBS=$save_LIBS
LDFLAGS=$save_LDFLAGS
fi
done
if test "$ac_found_pcap_lib_dir" = "no"; then
echo
AC_MSG_ERROR(Couldn't find PCAP library: needed for ssldump)
else
echo "found in $ac_found_pcap_lib_dir"
fi
dnl See if we can find OpenSSL
dnl We can compile without OpenSSL if we have to
ac_use_openssl="true"
ac_openssl_lib_dir="/usr/lib /usr/local /usr/local/ssl /usr/local/ssl/lib /usr/pkg"
ac_openssl_inc_dir="/usr/include /usr/local /usr/local/ssl /usr/pkg /usr/local/ssl/include"
AC_ARG_WITH(openssl,[--with-openssl root location for OpenSSL],
if test "$withval" = "no"; then
ac_use_openssl="false"
else
ac_openssl_lib_dir="$withval/lib $withval"
ac_openssl_inc_dir=$withval/include
fi
)
AC_ARG_WITH(openssl-inc,[--with-openssl-inc OpenSSL include files],
ac_openssl_inc_dir=$withval
)
AC_ARG_WITH(openssl-lib,[--with-openssl-lib OpenSSL library files],
ac_openssl_lib_dir=$withval
)
dnl Now look for OpenSSL
if test "$ac_use_openssl" != "false"; then
ac_found_openssl_inc_dir="no"
AC_MSG_CHECKING(for OpenSSL include files)
for dir in $ac_openssl_inc_dir; do
if test -f $dir/openssl/ssl.h; then
ac_found_openssl_inc_dir=$dir
break
fi
done
if test "$ac_found_openssl_inc_dir" != "no"; then
echo "found in $ac_found_openssl_inc_dir"
else
echo "not found."
ac_use_openssl="false"
fi
fi
if test "$ac_use_openssl" != "false"; then
ac_found_openssl_lib_dir="no"
AC_MSG_CHECKING(for OpenSSL libraries)
for dir in $ac_openssl_lib_dir; do
found_ssl="false"
if test -f $dir/libssl.a -a -f $dir/libcrypto.a; then
found_ssl="true"
fi
if test -f $dir/libssl.so -a -f $dir/libcrypto.so; then
found_ssl="true"
fi
if $found_ssl != "false"; then
dnl Ok, we think we've found them, but check that they
dnl actually ontain the right functions
save_LIBS=$LIBS
save_LDFLAGS=$LDFLAGS
LIBS="-lssl -lcrypto $LIBS"
LDFLAGS="-L$dir $LDFLAGS"
AC_TRY_LINK_FUNC(SSL_load_error_strings,ac_linked_libssl="true",
ac_linked_libssl="false");
AC_TRY_LINK_FUNC(RC4_set_key,ac_linked_libcrypto="true",
ac_linked_libcrypto="false");
if test "$ac_linked_libssl" != "false" -a \
"$ac_linked_libcrypto" != "false"; then
ac_found_openssl_lib_dir=$dir
break
fi
LIBS=$save_LIBS
LDFLAGS=$save_LDFLAGS
fi
done
if test "$ac_found_openssl_lib_dir" != "no"; then
echo "found in $ac_found_openssl_lib_dir"
INCLUDES="-I$ac_found_openssl_inc_dir $INCLUDES"
DEFINES="-DOPENSSL $DEFINES"
else
echo "not found."
ac_use_openssl="false"
fi
fi
if test "$ac_use_openssl" = "false"; then
AC_MSG_WARN(compiling without OpenSSL)
fi
AC_ARG_WITH(record,[--with-record Compile with record module (EKR Use Only)],
DEFINES="-DENABLE_RECORD $DEFINES"
RECORD_MOD="record"
)
dnl Replace `main' with a function in -lpcap:
AC_CHECK_LIB(pcap, pcap_open)
dnl Checks for header files.
AC_CHECK_HEADERS(sys/time.h)
AC_HEADER_STDC
dnl Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_HEADER_TIME
dnl Find a 4-byte integer size
AC_CHECK_SIZEOF(unsigned short)
AC_CHECK_SIZEOF(unsigned int)
AC_CHECK_SIZEOF(unsigned long)
AC_CHECK_SIZEOF(unsigned long long)
dnl Checks for library functions.
AC_FUNC_MEMCMP
AC_TYPE_SIGNAL
AC_FUNC_VPRINTF
AC_CHECK_FUNCS(strdup)
AC_SUBST(RECORD_MOD)
AC_SUBST(INCLUDES)
AC_SUBST(DEFINES)
AC_OUTPUT(Makefile)

0
dummy/targets.mk Normal file
View file

251
install-sh Executable file
View file

@ -0,0 +1,251 @@
#!/bin/sh
#
# install - install a program, script, or datafile
# This comes from X11R5 (mit/util/scripts/install.sh).
#
# Copyright 1991 by the Massachusetts Institute of Technology
#
# Permission to use, copy, modify, distribute, and sell this software and its
# documentation for any purpose is hereby granted without fee, provided that
# the above copyright notice appear in all copies and that both that
# copyright notice and this permission notice appear in supporting
# documentation, and that the name of M.I.T. not be used in advertising or
# publicity pertaining to distribution of the software without specific,
# written prior permission. M.I.T. makes no representations about the
# suitability of this software for any purpose. It is provided "as is"
# without express or implied warranty.
#
# Calling this script install-sh is preferred over install.sh, to prevent
# `make' implicit rules from creating a file called install from it
# when there is no Makefile.
#
# This script is compatible with the BSD install script, but was written
# from scratch. It can only install one file at a time, a restriction
# shared with many OS's install programs.
# set DOITPROG to echo to test this script
# Don't use :- since 4.3BSD and earlier shells don't like it.
doit="${DOITPROG-}"
# put in absolute paths if you don't have them in your path; or use env. vars.
mvprog="${MVPROG-mv}"
cpprog="${CPPROG-cp}"
chmodprog="${CHMODPROG-chmod}"
chownprog="${CHOWNPROG-chown}"
chgrpprog="${CHGRPPROG-chgrp}"
stripprog="${STRIPPROG-strip}"
rmprog="${RMPROG-rm}"
mkdirprog="${MKDIRPROG-mkdir}"
transformbasename=""
transform_arg=""
instcmd="$mvprog"
chmodcmd="$chmodprog 0755"
chowncmd=""
chgrpcmd=""
stripcmd=""
rmcmd="$rmprog -f"
mvcmd="$mvprog"
src=""
dst=""
dir_arg=""
while [ x"$1" != x ]; do
case $1 in
-c) instcmd="$cpprog"
shift
continue;;
-d) dir_arg=true
shift
continue;;
-m) chmodcmd="$chmodprog $2"
shift
shift
continue;;
-o) chowncmd="$chownprog $2"
shift
shift
continue;;
-g) chgrpcmd="$chgrpprog $2"
shift
shift
continue;;
-s) stripcmd="$stripprog"
shift
continue;;
-t=*) transformarg=`echo $1 | sed 's/-t=//'`
shift
continue;;
-b=*) transformbasename=`echo $1 | sed 's/-b=//'`
shift
continue;;
*) if [ x"$src" = x ]
then
src=$1
else
# this colon is to work around a 386BSD /bin/sh bug
:
dst=$1
fi
shift
continue;;
esac
done
if [ x"$src" = x ]
then
echo "install: no input file specified"
exit 1
else
true
fi
if [ x"$dir_arg" != x ]; then
dst=$src
src=""
if [ -d $dst ]; then
instcmd=:
chmodcmd=""
else
instcmd=mkdir
fi
else
# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
# might cause directories to be created, which would be especially bad
# if $src (and thus $dsttmp) contains '*'.
if [ -f $src -o -d $src ]
then
true
else
echo "install: $src does not exist"
exit 1
fi
if [ x"$dst" = x ]
then
echo "install: no destination specified"
exit 1
else
true
fi
# If destination is a directory, append the input filename; if your system
# does not like double slashes in filenames, you may need to add some logic
if [ -d $dst ]
then
dst="$dst"/`basename $src`
else
true
fi
fi
## this sed command emulates the dirname command
dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
# Make sure that the destination directory exists.
# this part is taken from Noah Friedman's mkinstalldirs script
# Skip lots of stat calls in the usual case.
if [ ! -d "$dstdir" ]; then
defaultIFS='
'
IFS="${IFS-${defaultIFS}}"
oIFS="${IFS}"
# Some sh's can't handle IFS=/ for some reason.
IFS='%'
set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
IFS="${oIFS}"
pathcomp=''
while [ $# -ne 0 ] ; do
pathcomp="${pathcomp}${1}"
shift
if [ ! -d "${pathcomp}" ] ;
then
$mkdirprog "${pathcomp}"
else
true
fi
pathcomp="${pathcomp}/"
done
fi
if [ x"$dir_arg" != x ]
then
$doit $instcmd $dst &&
if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
else
# If we're going to rename the final executable, determine the name now.
if [ x"$transformarg" = x ]
then
dstfile=`basename $dst`
else
dstfile=`basename $dst $transformbasename |
sed $transformarg`$transformbasename
fi
# don't allow the sed command to completely eliminate the filename
if [ x"$dstfile" = x ]
then
dstfile=`basename $dst`
else
true
fi
# Make a temp file name in the proper directory.
dsttmp=$dstdir/#inst.$$#
# Move or copy the file name to the temp name
$doit $instcmd $src $dsttmp &&
trap "rm -f ${dsttmp}" 0 &&
# and set any options; do chmod last to preserve setuid bits
# If any of these fail, we abort the whole thing. If we want to
# ignore errors from any of these, just make sure not to ignore
# errors from the above "$doit $instcmd $src $dsttmp" command.
if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
# Now rename the file to the real destination.
$doit $rmcmd -f $dstdir/$dstfile &&
$doit $mvcmd $dsttmp $dstdir/$dstfile
fi &&
exit 0

0
null/Makefile Normal file
View file

164
null/null_analyze.c Normal file
View file

@ -0,0 +1,164 @@
/**
null_analyze.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: null_analyze.c,v 1.6 2001/11/26 22:28:16 ekr Exp $
ekr@rtfm.com Thu Jan 7 22:58:27 1999
*/
static char *RCSSTRING="$Id: null_analyze.c,v 1.6 2001/11/26 22:28:16 ekr Exp $";
#include <ctype.h>
#include "network.h"
#include "proto_mod.h"
#include "debug.h"
typedef struct null_analyzer_ {
int num;
} null_analyzer;
static int create_null_analyzer PROTO_LIST((void *handle,
proto_ctx *ctx,tcp_conn *conn,proto_obj **objp,
struct in_addr *i_addr,u_short i_port,
struct in_addr *r_addr,u_short r_port, struct timeval *base_time));
static int create_null_analyzer(handle,ctx,conn,objp,i_addr,i_port,r_addr,r_port,
base_time)
void *handle;
proto_ctx *ctx;
tcp_conn *conn;
proto_obj **objp;
struct in_addr *i_addr;
u_short i_port;
struct in_addr *r_addr;
u_short r_port;
struct timeval *base_time;
{
null_analyzer *obj=0;
static int ctr;
if(!(obj=(null_analyzer *)calloc(sizeof(null_analyzer),1)))
ERETURN(R_NO_MEMORY);
obj->num=ctr++;
DBG((0,"Creating analyzer for connection %d\n",obj->num));
*objp=(proto_obj *)obj;
return(0);
}
int destroy_null_analyzer(objp)
proto_obj **objp;
{
null_analyzer *obj;
if(!objp || !*objp)
return(0);
obj=(null_analyzer *)*objp;
DBG((0,"Destroying analyzer for connection %d\n",obj->num));
free(*objp);
*objp=0;
return(0);
}
int data_null_analyzer(_obj,seg,direction)
proto_obj *_obj;
segment *seg;
int direction;
{
#ifdef DEBUG
null_analyzer *obj=(null_analyzer *)_obj;
#endif
DBG((0,"Processing data for connection %d dir %d\n",obj->num,
direction));
for(;seg;seg=seg->next){
int i;
for(i=0;i<MIN(seg->len,20);i++){
if(!isascii(seg->data[i]))
break;
}
if(i<20)
xdump("NSEGMENT",seg->data,seg->len);
else{
printf("NSEGMENT: ");
fwrite(seg->data,1,seg->len,stdout);
}
printf("====\n");
}
return(0);
}
int fin_null_analyzer(_obj,p,direction)
proto_obj *_obj;
packet *p;
int direction;
{
#ifdef DEBUG
null_analyzer *obj=(null_analyzer *)_obj;
#endif
DBG((0,"Received FIN on connection %d\n",obj->num));
return(0);
}
static struct proto_mod_vtbl_ null_vtbl ={
0,
0,
0,
create_null_analyzer,
destroy_null_analyzer,
data_null_analyzer,
fin_null_analyzer,
};
struct proto_mod_ null_mod = {
0,
&null_vtbl
};

53
null/null_analyze.h Normal file
View file

@ -0,0 +1,53 @@
/**
null_analyze.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: null_analyze.h,v 1.2 2000/10/17 16:10:01 ekr Exp $
ekr@rtfm.com Fri Jan 8 11:23:10 1999
*/
#ifndef _null_analyze_h
#define _null_analyze_h
extern proto_mod null_mod;
#endif

260
null/targets.mk Normal file
View file

@ -0,0 +1,260 @@
#
# targets.mk
#
# $Source: /usr/local/CVS/ssldump/null/targets.mk,v $
# $Revision: 1.1.1.1 $
# $Date: 2000/10/09 00:45:39 $
# $Name: $
# $Disclaimer$
#
# Copyright (C) 1999, Terisa Systems, Inc.
# All Rights Reserved.
#
# ekr@terisa.com
#
#
# CONFIGURE USER-DEFINED MAKE ENVIRONMENT
#
# These fields are specified by the user. The remainder of
# this file is generated from this user-specified information.
#
# ANALYZE_NULL_DEFINES:
# cpp defines, with the -D flag preceeding each
#
# ANALYZE_NULL_INCLUDES:
# cpp include directories, with the -I flag preceeding each
#
# ANALYZE_NULL_INTERNAL:
# headers files which are local to a specific module directory,
# and should not be used by other parts of the toolkit or by
# the user
#
# ANALYZE_NULL_LIBNAME:
# the library associated with this module directory, used in
# most cases for debugging purposes
#
# ANALYZE_NULL_LIBPATHS:
# link-time directories to search for libraries, with the -L flag
# preceeding each
#
# ANALYZE_NULL_LIBRARIES:
# link-time libraries, with the -l flag preceeding each
#
# ANALYZE_NULL_LOCALFLAGS:
# compile-time flags specific to compiling only the files in
# this module directory--this variable should only be set in
# extremely exceptional cases
#
# ANALYZE_NULL_MAKEFILES:
# the makefiles
#
# ANALYZE_NULL_PREFIX:
# defines the module name, which also serves as the
# prefix for all the variable names defined in this file
#
# ANALYZE_NULL_PRIVATE:
# the private, for-toolkit-use-only API header files
#
# ANALYZE_NULL_PROGRAMS:
# programs to build
#
# ANALYZE_NULL_PUBLIC:
# the header files that define the public API for the toolkit
# and any other 'public' files that should be copied to
# the build directory
#
# ANALYZE_NULL_SOURCES:
# the source files to compile to object
#
ANALYZE_NULL_DEFINES =
ANALYZE_NULL_INCLUDES = -I$(ANALYZE_NULL_SRCDIR)
ANALYZE_NULL_INTERNAL =
ANALYZE_NULL_LIBNAME =
ANALYZE_NULL_LIBPATHS =
ANALYZE_NULL_LIBRARIES =
ANALYZE_NULL_LOCALFLAGS =
ANALYZE_NULL_MAKEFILES = targets.mk
ANALYZE_NULL_PREFIX = ANALYZE_NULL
ANALYZE_NULL_PRIVATE = null_analyze.h
ANALYZE_NULL_PROGRAMS =
ANALYZE_NULL_PUBLIC =
ANALYZE_NULL_SOURCES = null_analyze.c
#
# CONFIGURE AUTOMATICALLY-GENERATED MAKE ENVIRONMENT
#
# ANALYZE_NULL_OBJECTS:
# object files to build
#
# ANALYZE_NULL_UNUSED:
# obsolete files in the module directory that are not
# used during the build process
#
# ANALYZE_NULL_USED:
# all files in the module directory that are used
# during the build process
#
ANALYZE_NULL_OBJECTS = null_analyze.$(OBJSUFFIX)
ANALYZE_NULL_UNUSED =
ANALYZE_NULL_USED = $(ANALYZE_NULL_INTERNAL:%=$(ANALYZE_NULL_SRCDIR)%) \
$(ANALYZE_NULL_MAKEFILES:%=$(ANALYZE_NULL_SRCDIR)%) \
$(ANALYZE_NULL_PRIVATE:%=$(ANALYZE_NULL_SRCDIR)%) \
$(ANALYZE_NULL_PUBLIC:%=$(ANALYZE_NULL_SRCDIR)%) \
$(ANALYZE_NULL_SOURCES:%=$(ANALYZE_NULL_SRCDIR)%)
#
# NOTES
#
# The following variables may be used during the build process,
# but are not defined in this file. If they are to be set
# to something other than the default blank, then they must
# be set by the calling make system.
#
# ANALYZE_NULL_SRCDIR:
# if the build target directory is different from the
# module directory (the source directory), then this
# variable contains the relative or full path of
# the module directory
#
# LIBARS:
# the library archive files (with fully-specified paths) that
# executables built from this module directory depend upon
#
# LIBPATHS:
# the paths to search for library archives (specified with
# the -L)
#
# LIBRARIES:
# the libraries to use while building executables from
# this module directory (specified with the -l)
#
#
# GLOBAL ENVIRONMENT
#
DEFINES += $(ANALYZE_NULL_DEFINES)
INCLUDES += $(ANALYZE_NULL_INCLUDES)
LIBPATHS += $(ANALYZE_NULL_LIBPATHS)
LIBRARIES += $(ANALYZE_NULL_LIBRARIES)
OBJECTS += $(ANALYZE_NULL_OBJECTS)
PUBLIC += $(ANALYZE_NULL_PUBLIC)
#
# GENERIC DEPENDENCIES
#
# default:
# default dependency, must be the first dependency in this makefile
#
# all:
# build everything in this module directory
#
# build:
# make only the toolkit build files of this module directory
#
# ci:
# perform an RCS check-in of this module directory
#
# clean:
# remove the compiled files
#
# clean_public:
# remove the public header files that have been copied
# to a public build directory
#
# objects:
# build the object files (this dependency is used for
# building the toolkit library)
#
# private:
# build only the private API header files
#
# public:
# build only the public API header files
#
default: $(ANALYZE_NULL_LIBNAME)
default: $(ANALYZE_NULL_PROGRAMS)
all: $(ANALYZE_NULL_PUBLIC)
all: $(ANALYZE_NULL_OBJECTS)
all: $(ANALYZE_NULL_LIBNAME)
all: $(ANALYZE_NULL_PROGRAMS)
build: $(ANALYZE_NULL_PUBLIC)
build: $(ANALYZE_NULL_OBJECTS)
ci: analyze_null_ci
clean: analyze_null_clean
clean_public: analyze_null_clean_public
objects: $(ANALYZE_NULL_OBJECTS)
private: $(ANALYZE_NULL_PRIVATE)
public: $(ANALYZE_NULL_PUBLIC)
#
# LOCAL UTILITY DEPENDENCIES
#
# utility dependencies are necessary because of some
# make-isms having to do with dependencies
#
analyze_null_ci:
$(CI) $(CIFLAGS) $(ANALYZE_NULL_USED)
analyze_null_clean:
$(RM) $(RMFLAGS) $(ANALYZE_NULL_OBJECTS) $(ANALYZE_NULL_LIBNAME) $(ANALYZE_NULL_PROGRAMS)
analyze_null_clean_public:
$(RM) $(RMFLAGS) $(ANALYZE_NULL_PUBLIC)
analyze_null_objects: $(ANALYZE_NULL_OBJECTS)
analyze_null_programs: $(ANALYZE_NULL_PROGRAMS)
analyze_null_public: $(ANALYZE_NULL_PUBLIC)
#
# BUILD DEPENDENCIES
#
# build dependencies invoke the rule used to build each
# class of file
#
$(ANALYZE_NULL_LIBNAME):
$(AR) $(ARFLAGS) $@ $?
$(RANLIB) $@
$(ANALYZE_NULL_OBJECTS):
$(COMPILE.c) $(ANALYZE_NULL_SRCDIR)$(@:%.o=%.c) $(DEFINES) $(INCLUDES) $(ANALYZE_NULL_LOCALFLAGS)
$(ANALYZE_NULL_PUBLIC):
$(CP) $(CPFLAGS) $(ANALYZE_NULL_SRCDIR)$@ $@
$(ANALYZE_NULL_PROGRAMS):
$(LINK.c) $@.$(OBJSUFFIX) $(LDLIBS) $(LIBS) $(LIBRARIES) $(LIBPATHS)
#LIBS above is obsolete (use LIBARARIES instead)
#
# FILE DEPENDENCIES
#
# file dependencies state, for each file that is built,
# which file(s) it depends upon
#
null_analyze.$(OBJSUFFIX): $(ANALYZE_NULL_SRCDIR)null_analyze.h
null_analyze.$(OBJSUFFIX): $(ANALYZE_NULL_SRCDIR)null_analyze.c
$(ANALYZE_NULL_LIBNAME): $(ANALYZE_NULL_OBJECTS)

10
rules.mk Normal file
View file

@ -0,0 +1,10 @@
OBJSUFFIX=o
LIBSUFFIX=a
RANLIB=ranlib
COMPILE.c = $(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@
LINK.c = $(CC) $(CFLAGS) $(LDFLAGS) -o $@
.c.$(OBJSUFFIX):
$(COMPILE.c) $(OUTPUT_OPTION) $<

20
ssl/Makefile Normal file
View file

@ -0,0 +1,20 @@
CC=gcc -g -I../../common/include -DYYDEBUG=1
YACC=bison -d -y -v
LEX=flex
OBJS=lex.yy.o y.tab.o main.o
default: all
lex.yy.c: ssl.l
$(LEX) ssl.l
y.tab.c: ssl.y
$(YACC) ssl.y
grammar: y.tab.c lex.yy.c
$(LEX) ssl.l
$(YACC) ssl.y
all: grammar $(OBJS)
$(CC) $(OBJS) -L../../common/make/freebsd31 -ly -lm

107
ssl/ciphersuites.c Normal file
View file

@ -0,0 +1,107 @@
/**
ciphersuites.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: ciphersuites.c,v 1.3 2002/08/17 01:33:17 ekr Exp $
ekr@rtfm.com Tue Mar 30 17:19:56 1999
*/
static char *RCSSTRING="$Id: ciphersuites.c,v 1.3 2002/08/17 01:33:17 ekr Exp $";
#include <r_common.h>
#include "sslciphers.h"
static SSL_CipherSuite CipherSuites[]={
{1,KEX_RSA,SIG_RSA,ENC_NULL,0,0,0,DIG_MD5,16,0},
{2,KEX_RSA,SIG_RSA,ENC_NULL,0,0,0,DIG_SHA,20,0},
{3,KEX_RSA,SIG_RSA,ENC_RC4,1,128,40,DIG_MD5,16,1},
{4,KEX_RSA,SIG_RSA,ENC_RC4,1,128,128,DIG_MD5,16,0},
{5,KEX_RSA,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA,20,0},
{6,KEX_RSA,SIG_RSA,ENC_RC2,8,128,40,DIG_SHA,20,1},
{7,KEX_RSA,SIG_RSA,ENC_IDEA,8,128,128,DIG_SHA,20,0},
{8,KEX_RSA,SIG_RSA,ENC_DES,8,64,40,DIG_SHA,20,1},
{9,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,0},
{10,KEX_RSA,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0},
{11,KEX_DH,SIG_DSS,ENC_DES,8,64,40,DIG_SHA,20,1},
{12,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,0},
{13,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0},
{14,KEX_DH,SIG_RSA,ENC_DES,8,64,40,DIG_SHA,20,1},
{15,KEX_DH,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,0},
{16,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0},
{17,KEX_DH,SIG_DSS,ENC_DES,8,64,40,DIG_SHA,20,1},
{18,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,0},
{19,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0},
{20,KEX_DH,SIG_RSA,ENC_DES,8,64,40,DIG_SHA,20,1},
{21,KEX_DH,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,0},
{22,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0},
{23,KEX_DH,SIG_NONE,ENC_RC4,1,128,40,DIG_MD5,16,1},
{24,KEX_DH,SIG_NONE,ENC_RC4,1,128,128,DIG_MD5,16,0},
{25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1},
{26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0},
{27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0},
{96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1},
{97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1},
{98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1},
{99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,16,1},
{100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1},
{101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1},
{102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
{-1}
};
int ssl_find_cipher(num,cs)
int num;
SSL_CipherSuite **cs;
{
SSL_CipherSuite *c;
for(c=CipherSuites;c->number!=-1;c++){
if(c->number==num){
*cs=c;
return(0);
}
}
ERETURN(R_NOT_FOUND);
}

52
ssl/ciphersuites.h Normal file
View file

@ -0,0 +1,52 @@
/**
ciphersuites.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: ciphersuites.h,v 1.2 2000/10/17 16:10:01 ekr Exp $
ekr@rtfm.com Sat Sep 23 18:01:27 2000
*/
#ifndef _ciphersuites_h
#define _ciphersuites_h
int ssl_find_cipher PROTO_LIST((int num,SSL_CipherSuite **cs));
#endif

1777
ssl/lex.yy.c Normal file
View file

File diff suppressed because it is too large Load diff

99
ssl/main.c Normal file
View file

@ -0,0 +1,99 @@
/**
main.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: main.c,v 1.2 2000/10/17 16:10:01 ekr Exp $
ekr@rtfm.com Mon Jan 18 16:28:43 1999
*/
static char *RCSSTRING="$Id: main.c,v 1.2 2000/10/17 16:10:01 ekr Exp $";
#include <stdarg.h>
#include <r_common.h>
extern int yydebug;
FILE *doth,*dotc;
int verr_exit(char *fmt,...)
{
va_list ap;
va_start(ap,fmt);
vfprintf(stderr,fmt,ap);
exit(1);
}
int main(argc,argv)
int argc;
char **argv;
{
char name[100];
FILE *in;
if(!(in=freopen(argv[1],"r",stdin)))
verr_exit("Couldn't open input file %s\n",argv[1]);
sprintf(name,"%s.c",argv[1]);
dotc=fopen(name,"w");
sprintf(name,"%s.h",argv[1]);
doth=fopen(name,"w");
fprintf(dotc,"#include \"network.h\"\n#include \"ssl_h.h\"\n#include \"sslprint.h\"\n#include \"sslxprint.h\"\n#ifdef OPENSSL\n#include <openssl/ssl.h>\n#endif\n");
fprintf(dotc,"#include \"%s\"\n",name);
yyparse();
}
extern int yylineno;
int yywrap()
{
;}
int yyerror(s)
char *s;
{
printf("Parse error %s at line %d\n",s,yylineno);
exit(1);
}

419
ssl/ssl.enums Normal file
View file

@ -0,0 +1,419 @@
select {
ChangeCipherSpec(20)
{@
ssl_process_change_cipher_spec(ssl,ssl->decoder,dir);
if(dir==DIR_I2R){
ssl->i_state=SSL_ST_SENT_CHANGE_CIPHER_SPEC;
}
else{
ssl->r_state=SSL_ST_SENT_CHANGE_CIPHER_SPEC;
}
printf("\n");
return(0);
@}
, Alert(21)
{@
int r;
if(ssl->record_encryption==REC_CIPHERTEXT){
printf("\n");
return(0);
}
if(data->len!=2){
fprintf(stderr,"Wrong length for alert message: %d\n",
data->len);
ERETURN(R_EOD);
}
P_(P_HL){
printf("\n");
SSL_DECODE_ENUM(ssl,"level",1,AlertLevel_decoder,P_HL,data,0);
printf("\n");
SSL_DECODE_ENUM(ssl,"value",1,AlertDescription_decoder,P_HL,data,0);
printf("\n");
}
else {
SSL_DECODE_ENUM(ssl,0,1,AlertLevel_decoder,SSL_PRINT_ALL,data,0);
SSL_DECODE_ENUM(ssl,0,1,AlertDescription_decoder,SSL_PRINT_ALL,data,0);
printf("\n");
}
return(0);
@},
Handshake(22)
{@
extern decoder HandshakeType_decoder[];
int r;
UINT4 t,l;
int rs=0;
Data d;
if(ssl->record_encryption==REC_CIPHERTEXT){
printf("\n");
return(0);
}
while(data->len>0){
SSL_DECODE_UINT8(ssl,0,0,data,&t);
SSL_DECODE_UINT24(ssl,0,0,data,&l);
if(data->len<l){
fprintf(stderr,"Error: short handshake length: expected %d got %d\n",
l,data->len);
ERETURN(R_EOD);
}
d.data=data->data;
d.len=l;
data->len-=l;
data->data+=l;
P_(P_HL){
if(!rs){
printf("\n");
rs=1;
}
}
ssl_decode_switch(ssl,HandshakeType_decoder,t,dir,seg,&d);
}
return(0);
@},
application_data(23)
{@
int r;
Data d;
SSL_DECODE_OPAQUE_ARRAY(ssl,"data",data->len,0,data,&d);
P_(P_AD){
print_data(ssl,&d);
}
else {
printf("\n");
}
return(0);
@}
, (255)
} ContentType;
select {
HelloRequest(0)
{@
printf("\n");
@},
ClientHello(1)
{@
UINT4 vj,vn,cs,cslen,complen,comp;
Data session_id,random;
int r;
extern decoder cipher_suite_decoder[];
extern decoder compression_method_decoder[];
printf("\n");
SSL_DECODE_UINT8(ssl,0,0,data,&vj);
SSL_DECODE_UINT8(ssl,0,0,data,&vn);
P_(P_HL) {explain(ssl,"Version %d.%d ",vj,vn);
printf("\n");
}
SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&random);
ssl_set_client_random(ssl->decoder,random.data,random.len);
SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,0,data,&session_id);
ssl_set_client_session_id(ssl->decoder,session_id.data,session_id.len);
P_(P_HL){
if(session_id.len)
exdump(ssl,"resume ",&session_id);
}
P_(P_HL){
SSL_DECODE_UINT16(ssl,"cipher Suites len",0,data,&cslen);
explain(ssl,"cipher suites\n");
for(;cslen;cslen-=2){
ssl_decode_enum(ssl,0,2,cipher_suite_decoder,
0,data,&cs);
ssl_print_cipher_suite(ssl,(vj<<8)|vn,P_HL,cs);
printf("\n");
}
}
SSL_DECODE_UINT8(ssl,"compressionMethod len",0,data,&complen);
if(complen){
explain(ssl,"compression methods\n");
for(;complen;complen--){
SSL_DECODE_ENUM(ssl,0,1,compression_method_decoder,P_HL,data,&comp);
printf("\n");
}
}
return(0);
@},
ServerHello(2)
{@
int r;
Data rnd,session_id;
UINT4 vj,vn;
printf("\n");
SSL_DECODE_UINT8(ssl,0,0,data,&vj);
SSL_DECODE_UINT8(ssl,0,0,data,&vn);
ssl->version=vj*256+vn;
P_(P_HL) {explain(ssl,"Version %d.%d ",vj,vn);
printf("\n");
}
SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&rnd);
ssl_set_server_random(ssl->decoder,rnd.data,rnd.len);
SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,P_HL,data,&session_id);
SSL_DECODE_ENUM(ssl,"cipherSuite",2,cipher_suite_decoder,
0,data,&ssl->cipher_suite);
P_(P_HL){
explain(ssl,"cipherSuite ");
ssl_print_cipher_suite(ssl,ssl->version,P_HL,ssl->cipher_suite);
}
ssl_find_cipher(ssl->cipher_suite,&ssl->cs);
ssl_process_server_session_id(ssl,ssl->decoder,session_id.data,
session_id.len);
P_(P_HL) printf("\n");
SSL_DECODE_ENUM(ssl,"compressionMethod",1,compression_method_decoder,P_HL,data,0);
P_(P_HL) printf("\n");
return(0);
@},
Certificate(11)
{@
UINT4 len;
Data cert;
int r;
printf("\n");
SSL_DECODE_UINT24(ssl,"certificates len",0,data,&len);
while(len){
SSL_DECODE_OPAQUE_ARRAY(ssl,"certificate",-((1<<23)-1),
0,data,&cert);
sslx_print_certificate(ssl,&cert,P_ND);
len-=(cert.len + 3);
}
return(0);
@},
ServerKeyExchange (12)
{@
int r;
printf("\n");
if(ssl->cs){
P_(P_ND){
explain(ssl,"params\n");
}
INDENT_INCR;
switch(ssl->cs->kex){
case KEX_DH:
SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_p",-((1<<15)-1),P_ND,data,0);
SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_g",-((1<<15)-1),P_ND,data,0);
SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_Ys",-((1<<15)-1),P_ND,data,0);
break;
case KEX_RSA:
SSL_DECODE_OPAQUE_ARRAY(ssl,"RSA_modulus",-((1<<15)-1),P_ND,data,0);
SSL_DECODE_OPAQUE_ARRAY(ssl,"RSA_exponent",-((1<<15)-1),P_ND,data,0);
break;
}
INDENT_POP;
SSL_DECODE_OPAQUE_ARRAY(ssl,"signature",-((1<<15)-1),P_ND,data,0);
}
return(0);
@}
,
CertificateRequest(13)
{@
UINT4 len;
Data ca;
int r;
printf("\n");
SSL_DECODE_UINT8(ssl,"certificate_types len",0,data,&len);
for(;len;len--){
SSL_DECODE_ENUM(ssl,"certificate_types",1,
client_certificate_type_decoder, P_HL,data,0);
P_(P_HL){
printf("\n");
}
};
SSL_DECODE_UINT16(ssl,"certificate_authorities len",0,data,&len);
while(len){
SSL_DECODE_OPAQUE_ARRAY(ssl,"certificate_authorities",
-((1<<15)-1),0,data,&ca);
explain(ssl,"certificate_authority\n");
INDENT_INCR;
sslx_print_dn(ssl,&ca,P_HL);
INDENT_POP;
len-=(ca.len + 2);
}
return(0);
@}
, ServerHelloDone(14)
{@
printf("\n");
@},
CertificateVerify(15)
{@
int r;
printf("\n");
SSL_DECODE_OPAQUE_ARRAY(ssl,"Signature",-(1<<15-1),P_HL,data,0);
return(0);
@}
,
ClientKeyExchange(16)
{@
int r;
Data pms;
printf("\n");
if(ssl->cs){
switch(ssl->cs->kex){
case KEX_RSA:
if(ssl->version > 768) {
SSL_DECODE_OPAQUE_ARRAY(ssl,"EncryptedPreMasterSecret",-(1<<15-1),
P_ND,data,&pms);
}
else {
SSL_DECODE_OPAQUE_ARRAY(ssl,"EncryptedPreMasterSecret",data->len,P_ND,data,&pms);
}
ssl_process_client_key_exchange(ssl,
ssl->decoder,pms.data,pms.len);
break;
case KEX_DH:
SSL_DECODE_OPAQUE_ARRAY(ssl,"DiffieHellmanClientPublicValue",
-(1<<15-1),P_HL,data,0);
}
}
return(0);
@}
,
Finished(20)
{@
int r;
printf("\n");
switch(ssl->version){
case 0x300:
SSL_DECODE_OPAQUE_ARRAY(ssl,"md5_hash",16,P_ND,data,0);
SSL_DECODE_OPAQUE_ARRAY(ssl,"sha_hash",20,P_ND,data,0);
break;
case 0x301:
SSL_DECODE_OPAQUE_ARRAY(ssl,"verify_data",12,P_ND,data,0);
P_(P_ND)
printf("\n");
break;
}
return (0);
@}
, (255)
} HandshakeType;
constant {
CipherSuite TLS_RSA_WITH_NULL_MD5 = { 0x00,0x01 };
CipherSuite TLS_RSA_WITH_NULL_SHA = { 0x00,0x02 };
CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x03 };
CipherSuite TLS_RSA_WITH_RC4_128_MD5 = { 0x00,0x04 };
CipherSuite TLS_RSA_WITH_RC4_128_SHA = { 0x00,0x05 };
CipherSuite TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = { 0x00,0x06 };
CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA = { 0x00,0x07 };
CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x08 };
CipherSuite TLS_RSA_WITH_DES_CBC_SHA = { 0x00,0x09 };
CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A };
CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0B };
CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA = { 0x00,0x0C };
CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0D };
CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0E };
CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA = { 0x00,0x0F };
CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x10 };
CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x11 };
CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA = { 0x00,0x12 };
CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x13 };
CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x14 };
CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA = { 0x00,0x15 };
CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x16 };
CipherSuite TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x17 };
CipherSuite TLS_DH_anon_WITH_RC4_128_MD5 = { 0x00,0x18 };
CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 };
CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A };
CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B };
CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 };
CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 };
CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 };
CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x63 };
CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x64 };
CipherSuite TLS_DHE_DSS_WITH_RC2_56_CBC_SHA = { 0x00,0x65 };
CipherSuite TLS_DHE_DSS_WITH_RC4_128_SHA = { 0x00,0x66 };
CipherSuite TLS_DHE_DSS_WITH_NULL_SHA = { 0x00,0x67 };
CipherSuite SSL2_CK_RC4 = { 0x01,0x00,0x80};
CipherSuite SSL2_CK_RC4_EXPORT40 = { 0x02,0x00,0x80};
CipherSuite SSL2_CK_RC2 = { 0x03,0x00,0x80};
CipherSuite SSL2_CK_RC2_EXPORT40 = { 0x04,0x00,0x80};
CipherSuite SSL2_CK_IDEA = { 0x05,0x00,0x80};
CipherSuite SSL2_CK_DES = { 0x06,0x00,0x40};
CipherSuite SSL2_CK_RC464 = { 0x08,0x00,0x80};
CipherSuite SSL2_CK_3DES = { 0x07,0x00,0xc0};
CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = {0x00,0x4a};
CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA = {0x00,0x48};
CipherSuite SSL_RSA_WITH_RC2_CBC_MD5 = {0xff,0x80};
CipherSuite TLS_ECDH_ECDSA_WITH_DES_CBC_SHA = {0x00,0x49};
CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA={0xff,0x85};
CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA={0xff,0x84};
} cipher_suite;
select { warning(1), fatal(2), (255) } AlertLevel;
select {
close_notify(0),
unexpected_message(10),
bad_record_mac(20),
decryption_failed(21),
record_overflow(22),
decompression_failure(30),
handshake_failure(40),
bad_certificate(42),
unsupported_certificate(43),
certificate_revoked(44),
certificate_expired(45),
certificate_unknown(46),
illegal_parameter(47),
unknown_ca(48),
access_denied(49),
decode_error(50),
decrypt_error(51),
export_restriction(60),
protocol_version(70),
insufficient_security(71),
internal_error(80),
user_canceled(90),
no_renegotiation(100),
(255)
} AlertDescription;
constant {
CompressionMethod NULL={0};
} compression_method;
select {
rsa_sign(1), dss_sign(2), rsa_fixed_dh(3), dss_fixed_dh(4),
(255)
} client_certificate_type;

1100
ssl/ssl.enums.c Normal file
View file

File diff suppressed because it is too large Load diff

7
ssl/ssl.enums.h Normal file
View file

@ -0,0 +1,7 @@
extern decoder ContentType_decoder[];
extern decoder HandshakeType_decoder[];
extern decoder cipher_suite_decoder[];
extern decoder AlertLevel_decoder[];
extern decoder AlertDescription_decoder[];
extern decoder compression_method_decoder[];
extern decoder client_certificate_type_decoder[];

67
ssl/ssl.l Normal file
View file

@ -0,0 +1,67 @@
%option yylineno
%{
#include "y.tab.h"
#if 0
#define RETURN(x) printf("TOK:%s\n",#x); return(x)
#else
#define RETURN return
#endif
long strtol();
%}
IDCHAR [a-zA-Z0-9_\-\.]
NUMCHAR [0-9]
S [ \t\n\r\f]+
NAME [a-zA-Z]{IDCHAR}+
NUM {NUMCHAR}+
HEXNUM "0x"[0-9A-Za-z]+
COMMENT "/*"("*"?[^/]+)*("*/")
CODE "{@"[^@]+"@}"
%%
".." {RETURN(DOT_DOT_);}
"enum" {RETURN(ENUM_);}
"struct" {RETURN(STRUCT_);}
"opaque" {mkname();RETURN(OPAQUE_);}
"select" {RETURN(SELECT_);}
"constant" {RETURN(CONSTANT_);}
"digitally-signed" {/* Do nothing*/}
"public-key-encrypted" {/* Do nothing*/}
"case" {RETURN(CASE_);}
{COMMENT} { /*Do nothing*/}
{CODE} { strcpy(yylval.str,yytext); RETURN(CODE_);}
{S} {/*do nothing*/}
{NAME} {mkname();RETURN(NAME_);}
{NUM} {yylval.val=atoi(yytext); RETURN(NUM_);}
{HEXNUM} {yylval.val=strtol(yytext,0,16); RETURN(NUM_);}
"{" { RETURN('{'); }
"}" { RETURN('}'); }
"(" { RETURN('('); }
")" { RETURN(')'); }
"[" { RETURN('['); }
"]" { RETURN(']'); }
"<" { RETURN('<'); }
">" { RETURN('>'); }
";" { RETURN(';'); }
":" { RETURN(':'); }
"," { RETURN(','); }
"." { RETURN('.'); }
"^" { RETURN('^'); }
"-" { RETURN('-'); }
"=" { RETURN('='); }
. { fprintf(stderr,"Invalid input token: %s at %d!!!\n",yytext,yylineno);
exit(1);
}
%%
int mkname()
{
#if 0
printf("%s\n",yytext);
#endif
strcpy(yylval.str,yytext);
}

241
ssl/ssl.y Normal file
View file

@ -0,0 +1,241 @@
/**
ssl.y
Copyright (C) 1998, RTFM, Inc.
All Rights Reserved.
ekr@rtfm.com Fri Dec 25 20:33:47 1998
*/
%{
typedef struct select_st_ {
char *name;
char *code;
int val;
struct select_st_ *next;
} select_st;
select_st *select_base;
select_st *select_ptr;
select_st *constant_base;
select_st *constant_ptr;
#include <stdio.h>
extern FILE *dotc;
extern FILE *doth;
%}
%union {
int val;
unsigned char str[8192];
}
/*These tokens have attributes*/
%token <str> NAME_
%token <val> NUM_
/*Tokens*/
%token <val> DOT_DOT_
%token <val> STRUCT_
%token <val> SELECT_
%token <str> OPAQUE_
%token <val> SELECT_
%token <val> ENUM_
%token <val> DIGITALLY_SIGNED_
%token <val> COMMENT_START_
%token <str> CODE_
%token <val> COMMENT_END_
%token <val> CASE_
%token <val> CONSTANT_
/*Types for nonterminals*/
%type <val> module
%type <val> typelist
%type <val> definition
%type <val> selecttype
%type <val> constant_type
%type <val> selecterateds
%type <val> selectmax
%type <val> constval
/*%type <val> selecterated*/
%%
module: typelist
typelist: {$$=1};
| definition typelist
{
$$=1;
}
;
definition: selecttype
| constant_type
;
selecttype: SELECT_ '{' selecterateds ',' selectmax '}' NAME_ ';'
{
select_st *en;
char filename[100];
for(en=select_base;en;en=en->next){
fprintf(dotc,"static int decode_%s_%s(ssl,dir,seg,data)\n",
$7,en->name);
fprintf(dotc," ssl_obj *ssl;\n");
fprintf(dotc," int dir;\n");
fprintf(dotc," segment *seg;\n");
fprintf(dotc," Data *data;\n");
fprintf(dotc," {\n");
if(en->code){
en->code+=2;
en->code[strlen(en->code)-2]=0;
fprintf(dotc,"\n%s\n",en->code);
}
else{
/* fprintf(dotc," fprintf(dotc,\"Decoding %s...%cn\");\n",en->name,'\\');*/
fprintf(dotc," return(0);\n");
}
fprintf(dotc," }\n");
}
fprintf(dotc,"decoder %s_decoder[]={\n",$7);
fprintf(doth,"extern decoder %s_decoder[];\n",$7);
for(en=select_base;en;en=en->next){
fprintf(dotc," {\n");
fprintf(dotc," %d,\n",en->val);
fprintf(dotc," \"%s\",\n",en->name);
fprintf(dotc," decode_%s_%s\n",$7,en->name);
fprintf(dotc," },\n");
}
fprintf(dotc,"{-1}\n");
fprintf(dotc,"};\n\n");
select_base=0;
}
;
selecterateds: selecterateds ',' selecterated
| selecterated
{;
}
;
selectmax: '(' NUM_ ')'
{$$=1;};
selecterated: selecterated_no_code
| selecterated_code
;
selecterated_code: NAME_ '(' NUM_ ')' CODE_
{
select_st *en;
en=malloc(sizeof(select_st));
en->next=0;
en->val=$3;
en->name=strdup($1);
en->code=strdup($5);
if(!select_base){
select_base=en;
select_ptr=en;
}
else{
select_ptr->next=en;
select_ptr=en;
}
};
selecterated_no_code: NAME_ '(' NUM_ ')'
{
select_st *en;
en=malloc(sizeof(select_st));
en->next=0;
en->val=$3;
en->name=strdup($1);
en->code=0;
if(!select_base){
select_base=en;
select_ptr=en;
}
else{
select_ptr->next=en;
select_ptr=en;
}
};
constant_type: CONSTANT_ '{' constants '}' NAME_ ';'
{
select_st *en;
fprintf(dotc,"decoder %s_decoder[]={\n",$5);
fprintf(doth,"extern decoder %s_decoder[];\n",$5);
for(en=constant_base;en;en=en->next){
fprintf(dotc," {\n");
fprintf(dotc," %d,\n",en->val);
fprintf(dotc," \"%s\",\n",en->name);
fprintf(dotc," 0");
fprintf(dotc," },\n");
}
fprintf(dotc,"{-1}\n");
fprintf(dotc,"};\n\n");
constant_ptr=0;
constant_base=0;
}
constants: constants constant
| constant
{;
}
;
constant: NAME_ NAME_ '=' '{' constval '}' ';'
{
select_st *en;
en=malloc(sizeof(select_st));
en->next=0;
en->val=$5;
en->name=strdup($2);
if(!constant_base){
constant_base=en;
constant_ptr=en;
}
else{
constant_ptr->next=en;
constant_ptr=en;
}
};
constval: NUM_ ',' NUM_ ',' NUM_
{
$$=($1 << 16) | ($3 << 8) | $5;
}
| NUM_ ',' NUM_
{
$$=($1 << 8) | $3;
}
| NUM_
{
$$=$1;
}
;

624
ssl/ssl_analyze.c Normal file
View file

@ -0,0 +1,624 @@
/**
ssl_analyze.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: ssl_analyze.c,v 1.8 2002/01/21 18:46:13 ekr Exp $
ekr@rtfm.com Fri Jan 8 14:07:05 1999
*/
static char *RCSSTRING="$Id: ssl_analyze.c,v 1.8 2002/01/21 18:46:13 ekr Exp $";
#include "network.h"
#include "debug.h"
#include "sslprint.h"
#include "ssl_h.h"
#include "ssl_analyze.h"
/*UINT4 SSL_print_flags=P_HL| P_ND;*/
UINT4 SSL_print_flags = 1 | P_HT | P_HL;
static int parse_ssl_flags PROTO_LIST((char *str));
static int create_ssl_ctx PROTO_LIST((void *handle,proto_ctx **ctxp));
static int create_ssl_analyzer PROTO_LIST((void *handle,
proto_ctx *ctx,tcp_conn *conn,proto_obj **objp,
struct in_addr *i_addr,u_short i_port,
struct in_addr *r_addr,u_short r_port, struct timeval *base_time));
static int destroy_ssl_analyzer PROTO_LIST((proto_obj **objp));
static int read_ssl_record PROTO_LIST((ssl_obj *obj,r_queue *q,segment *seg,
int offset,segment **lastp,int *offsetp));
static int read_data PROTO_LIST((r_queue *q,segment *seg,int offset,
segment **lastp,int *offsetp));
static int data_ssl_analyzer PROTO_LIST((proto_obj *_obj,segment *seg,
int direction));
int close_ssl_analyzer PROTO_LIST((proto_obj *_obj,packet *p,int direction));
static int create_r_queue PROTO_LIST((r_queue **qp));
static int free_r_queue PROTO_LIST((r_queue *q));
static int print_ssl_record PROTO_LIST((ssl_obj *obj,int direction,
segment *q,UCHAR *data,int len));
char *SSL_keyfile=0;
char *SSL_password=0;
#define NEGATE 0x800000
typedef struct {
int ch;
char *name;
UINT4 flag;
} flag_struct;
flag_struct flags[]={
{
't',
"ts",
SSL_PRINT_TIMESTAMP,
},
{
'e',
"tsa",
SSL_PRINT_TIMESTAMP|SSL_PRINT_TIMESTAMP_ABSOLUTE
},
{
'x',
"x",
SSL_PRINT_HEXDUMP
},
{
'X',
"X",
SSL_PRINT_HEX_ONLY
},
{
'r',
"rh",
SSL_PRINT_RECORD_HEADER
},
{
0,
"ht",
SSL_PRINT_HANDSHAKE_TYPE
},
{
0,
"H",
SSL_PRINT_HIGHLIGHTS
},
{
'A',
"all",
SSL_PRINT_ALL_FIELDS
},
{
0,
"d",
SSL_PRINT_DECODE
},
{
0,
"nroff",
SSL_PRINT_NROFF
},
{
'N',
"asn",
SSL_PRINT_DECODE_ASN1
},
{
0,
"crypto",
SSL_PRINT_CRYPTO
},
{
'd',
"appdata",
SSL_PRINT_APP_DATA
},
{ 'q',
"quiet",
P_HL | NEGATE
},
{0}
};
int parse_ssl_flag(flag)
int flag;
{
flag_struct *fl;
for(fl=flags;fl->name;fl++){
if(fl->ch==flag){
if(fl->flag & NEGATE){
SSL_print_flags &= ~(fl->flag);
}
else
SSL_print_flags |= fl->flag;
break;
}
}
return(0);
}
static int parse_ssl_flags(str)
char *str;
{
char *x,*y;
flag_struct *fl;
int bang;
y=str;
while(x=strtok(y,",")){
y=0;
if(*x=='!'){
bang=1;
x++;
}
else
bang=0;
for(fl=flags;fl->name;fl++){
if(!strcmp(x,fl->name)){
if(!bang) SSL_print_flags |= fl->flag;
else SSL_print_flags &= ~fl->flag;
break;
}
}
if(!fl->name){
fprintf(stderr,"SSL: Bad flag %s\n",x);
}
}
return(0);
}
static int create_ssl_ctx(handle,ctxp)
void *handle;
proto_ctx **ctxp;
{
ssl_decode_ctx *ctx=0;
int r,_status;
if(r=ssl_decode_ctx_create(&ctx,SSL_keyfile,SSL_password))
ABORT(r);
*ctxp=(proto_ctx *)ctx;
_status=0;
abort:
return(_status);
}
static int create_ssl_analyzer(handle,ctx,conn,objp,i_addr,i_port,r_addr,r_port,base_time)
void *handle;
proto_ctx *ctx;
tcp_conn *conn;
proto_obj **objp;
struct in_addr *i_addr;
u_short i_port;
struct in_addr *r_addr;
u_short r_port;
struct timeval *base_time;
{
int r,_status;
ssl_obj *obj=0;
if(!(obj=(ssl_obj *)calloc(sizeof(ssl_obj),1)))
ABORT(R_NO_MEMORY);
obj->ssl_ctx=(ssl_decode_ctx *)ctx;
obj->conn=conn;
if(r=create_r_queue(&obj->r2i_queue))
ABORT(r);
if(r=create_r_queue(&obj->i2r_queue))
ABORT(r);
lookuphostname(i_addr,&obj->client_name);
obj->client_port=i_port;
lookuphostname(r_addr,&obj->server_name);
obj->server_port=r_port;
obj->i_state=SSL_ST_SENT_NOTHING;
obj->r_state=SSL_ST_HANDSHAKE;
memcpy(&obj->time_start,base_time,sizeof(struct timeval));
memcpy(&obj->time_last,base_time,sizeof(struct timeval));
if(r=ssl_decoder_create(&obj->decoder,obj->ssl_ctx))
ABORT(r);
*objp=(proto_obj *)obj;
_status=0;
abort:
if(_status){
destroy_ssl_analyzer((proto_obj **)&obj);
}
return(_status);
}
static int destroy_ssl_analyzer(objp)
proto_obj **objp;
{
ssl_obj *obj;
if(!objp || !*objp)
return(0);
obj=(ssl_obj *)*objp;
DBG((0,"Destroying SSL analyzer"));
free_r_queue(obj->i2r_queue);
free_r_queue(obj->r2i_queue);
ssl_decoder_destroy(&obj->decoder);
free(obj->client_name);
free(obj->server_name);
free(*objp);
*objp=0;
return(0);
}
static int free_r_queue(q)
r_queue *q;
{
FREE(q->data);
if(q->q) free_tcp_segment_queue(q->q);
free(q);
return(0);
}
static int create_r_queue(qp)
r_queue **qp;
{
r_queue *q=0;
int _status;
if(!(q=(r_queue *)calloc(sizeof(r_queue),1)))
ABORT(R_NO_MEMORY);
if(!(q->data=(UCHAR *)malloc(SSL_HEADER_SIZE)))
ABORT(R_NO_MEMORY);
q->ptr=q->data;
q->_allocated=SSL_HEADER_SIZE;
q->len=0;
q->state=SSL_READ_NONE;
*qp=q;
_status=0;
abort:
if(_status){
free_r_queue(q);
}
return(_status);
}
static int read_ssl_record(obj,q,seg,offset,lastp,offsetp)
ssl_obj *obj;
r_queue *q;
segment *seg;
int offset;
segment **lastp;
int *offsetp;
{
segment *last=seg;
int rec_len,r,_status;
switch(q->state){
case SSL_READ_NONE:
q->read_left=SSL_HEADER_SIZE;
if(r=read_data(q,seg,offset,&last,&offset))
ABORT(r);
q->state=SSL_READ_HEADER;
switch(q->data[0]){
case 20:
case 21:
case 22:
case 23:
break;
default:
printf("Unknown SSL content type %d\n",q->data[0] & 255);
ABORT(R_INTERNAL);
}
rec_len=COMBINE(q->data[3],q->data[4]);
/*Expand the buffer*/
if(q->_allocated<(rec_len+SSL_HEADER_SIZE)){
if(!(q->data=realloc(q->data,rec_len+5)))
ABORT(R_NO_MEMORY);
q->_allocated=rec_len+SSL_HEADER_SIZE;
};
q->ptr=q->data+SSL_HEADER_SIZE;
q->read_left=rec_len;
case SSL_READ_HEADER:
if(r=read_data(q,last,offset,&last,&offset))
ABORT(r);
break;
default:
ABORT(R_INTERNAL);
}
q->state=SSL_READ_NONE;
/*Whew. If we get here, we've managed to read a whole record*/
*lastp=last;
*offsetp=offset;
_status=0;
abort:
return(_status);
}
static int read_data(q,seg,offset,lastp,offsetp)
r_queue *q;
segment *seg;
int offset;
segment **lastp;
int *offsetp;
{
int tocpy=0,r,_status;
#ifdef DEBUG
int bread=0;
#endif
DBG((0,"read_data %d bytes requested",q->read_left));
for(;seg;seg=seg->next,offset=0){
int left;
left=seg->len-offset;
tocpy=MIN(q->read_left,left);
memcpy(q->ptr,seg->data+offset,tocpy);
q->read_left-=tocpy;
q->ptr+=tocpy;
q->len+=tocpy;
#ifdef DEBUG
bread+=tocpy;
#endif
if(!q->read_left)
break;
};
if(q->read_left){
if(r=copy_tcp_segment_queue(&q->q,seg))
ABORT(r);
return(SSL_NO_DATA);
}
if(seg && tocpy==(seg->len - offset)){
*lastp=0;
*offsetp=0;
}
else{
*lastp=seg;
if(seg) *offsetp=tocpy+offset;
}
if(q->read_left<0) abort();
DBG((0,"read_data %d bytes read",bread));
_status=0;
abort:
return(_status);
}
static int data_ssl_analyzer(_obj,seg,direction)
proto_obj *_obj;
segment *seg;
int direction;
{
int _status,r;
r_queue *q;
segment *last,*q_next,*assembled;
ssl_obj *ssl=(ssl_obj *)_obj;
int offset=0;
q=direction==DIR_R2I?ssl->r2i_queue:ssl->i2r_queue;
/* Handle SSLv2 backwards compat client hello
This is sloppy because we'll assume that it's
all in one TCP segment -- an assumption we make
nowhere else in the code
*/
if(direction==DIR_I2R && ssl->i_state==SSL_ST_SENT_NOTHING){
r=process_v2_hello(ssl,seg);
if(r==SSL_NO_DATA)
return(0);
if(r==0)
return(0);
}
if(ssl->i_state==SSL_ST_SENT_NOTHING){
r=process_beginning_plaintext(ssl,seg,direction);
if(r==SSL_NO_DATA)
return(0);
if(r==0)
return(0);
}
while(!(r=read_ssl_record(ssl,q,seg,offset,&last,&offset))){
if(ssl->i_state==SSL_ST_SENT_NOTHING)
ssl->i_state=SSL_ST_HANDSHAKE;
if(last){
q_next=last->next;
last->next=0;
}
if(q->q_last){
q->q_last->next=seg;
assembled=q->q;
}
else
assembled=seg;
ssl->direction=direction;
if(r=print_ssl_record(ssl,direction,assembled,q->data,q->len))
ABORT(r);
/*Now reset things, so we can read another record*/
if(q){
if(q->q_last) q->q_last->next=0;
if(last)
last->next=q_next;
free_tcp_segment_queue(q->q);
q->q=0;q->q_last=0;q->offset=0;q->len=0;q->ptr=q->data;
q->state=SSL_READ_NONE;
}
seg=last;
}
if(r!=SSL_NO_DATA)
ABORT(r);
_status=0;
abort:
return(_status);
}
static int print_ssl_header(obj,direction,q,data,len)
ssl_obj *obj;
int direction;
segment *q;
UCHAR *data;
int len;
{
int ct=0;
int r;
segment *s;
struct timeval dt;
ssl_print_record_num(obj);
if(SSL_print_flags & SSL_PRINT_TIMESTAMP){
for(s=q;s;s=s->next) ct++;
for(s=q;s;s=s->next){
ssl_print_timestamp(obj,&s->p->ts);
if(s->next)
printf(", ");
}
}
ssl_print_direction_indicator(obj,direction);
return(0);
}
static int print_ssl_record(obj,direction,q,data,len)
ssl_obj *obj;
int direction;
segment *q;
UCHAR *data;
int len;
{
int r;
if(r=print_ssl_header(obj,direction,q,data,len))
ERETURN(r);
ssl_expand_record(obj,q,direction,data,len);
if(SSL_print_flags & SSL_PRINT_HEXDUMP){
Data d;
INIT_DATA(d,data,len);
exdump(obj,"Packet data",&d);
printf("\n\n");
}
return(0);
}
int close_ssl_analyzer(_obj,p,dir)
proto_obj *_obj;
packet *p;
int dir;
{
ssl_obj *ssl=(ssl_obj *)_obj;
char *what;
if(p->tcp->th_flags & TH_RST)
what="RST";
else
what="FIN";
explain(ssl,"%d ",ssl->conn->conn_number);
ssl_print_timestamp(ssl,&p->ts);
ssl_print_direction_indicator(ssl,dir);
explain(ssl," TCP %s",what);
printf("\n");
return(0);
}
static struct proto_mod_vtbl_ ssl_vtbl ={
parse_ssl_flags,
parse_ssl_flag,
create_ssl_ctx,
create_ssl_analyzer,
destroy_ssl_analyzer,
data_ssl_analyzer,
close_ssl_analyzer,
};
struct proto_mod_ ssl_mod = {
0,
&ssl_vtbl
};

87
ssl/ssl_analyze.h Normal file
View file

@ -0,0 +1,87 @@
/**
ssl_analyze.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: ssl_analyze.h,v 1.3 2000/11/09 18:52:24 ekr Exp $
ekr@rtfm.com Tue Jan 12 08:45:44 1999
*/
#ifndef _ssl_analyze_h
#define _ssl_analyze_h
extern proto_mod ssl_mod;
/*The type of data this is*/
#define P_RH (1<<3)
#define P_HT (1<<4)
#define P_HL (1<<5)
#define P_ND (1<<6)
#define P_DC (1<<7)
#define P_NR (1<<8)
#define P_ASN (1<<9)
#define P_CR (1<<10)
#define P_AD (1<<11)
#define P_TSA (1<<12)
#define P_QT (1<<13)
#define P_HO (1<<14)
#define SSL_PRINT_TIMESTAMP (1) /*Timestamp records*/
#define SSL_PRINT_HEXDUMP (1<<2) /*Print the whole record in hex*/
#define SSL_PRINT_RECORD_HEADER P_RH /*Print the record header*/
#define SSL_PRINT_HANDSHAKE_TYPE P_HT /*Print the handshake type*/
#define SSL_PRINT_HIGHLIGHTS (P_HT | P_HL)
#define SSL_PRINT_ALL_FIELDS (P_RH | P_HT | P_HL | P_ND)
#define SSL_PRINT_DECODE (P_DC) /*Print fields as decoded*/
#define SSL_PRINT_NROFF (P_NR)
#define SSL_PRINT_DECODE_ASN1 (P_ASN)
#define SSL_PRINT_CRYPTO (P_CR)
#define SSL_PRINT_APP_DATA (P_AD)
#define SSL_PRINT_TIMESTAMP_ABSOLUTE (P_TSA)
#define SSL_PRINT_QUIET (P_QT)
#define SSL_PRINT_HEX_ONLY (P_HO)
#define SSL_PRINT_ALL 0xfffffff
extern UINT4 SSL_print_flags;
extern char *SSL_keyfile;
extern char *SSL_password;
#endif

385
ssl/ssl_enum.c Normal file
View file

@ -0,0 +1,385 @@
#include "network.h"
#include "ssl.h"
#include "sslprint.h"
static int decode_ContentType_change_cipher_spec(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
return(0);
}
static int decode_ContentType_alert(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
return(0);
}
static int decode_ContentType_handshake(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
extern decoder HandshakeType_decoder[];
int r;
UINT4 t,l;
SSL_DECODE_UINT8(ssl,0,0,data,&t);
SSL_DECODE_UINT24(ssl,0,0,data,&l);
if(data->len!=l){
fprintf(stderr,"Error: short handshake length: expected %d got %d\n",
l,data->len);
ERETURN(R_EOD);
}
ssl_decode_switch(ssl,HandshakeType_decoder,t,dir,seg,data);
}
static int decode_ContentType_application_data(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
return(0);
}
decoder ContentType_decoder[]={
{
20,
"change_cipher_spec",
decode_ContentType_change_cipher_spec
},
{
21,
"alert",
decode_ContentType_alert
},
{
22,
"handshake",
decode_ContentType_handshake
},
{
23,
"application_data",
decode_ContentType_application_data
},
{0}
};
static int decode_HandshakeType_hello_request(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
return(0);
}
static int decode_HandshakeType_client_hello(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
UINT4 vj,vn,cs,cslen,complen,comp;
Data session_id,random;
int r;
extern decoder cipher_suite_decoder[];
extern decoder compression_method_decoder[];
SSL_DECODE_UINT8(ssl,0,0,data,&vj);
SSL_DECODE_UINT8(ssl,0,0,data,&vn);
P_(P_ND) {explain(ssl,"Client version %d.%d ",vj,vn);}
printf("\n");
SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&random);
SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,0,data,&session_id);
if(session_id.len)
exdump(ssl,"resume ",&session_id);
SSL_DECODE_UINT16(ssl,"cipher Suites len",0,data,&cslen);
explain(ssl,"cipher suites\n");
for(;cslen;cslen-=2){
SSL_DECODE_ENUM(ssl,0,2,cipher_suite_decoder,
P_HL,data,&cs);
printf("\n");
}
SSL_DECODE_UINT8(ssl,"compressionMethod len",0,data,&complen);
if(complen){
explain(ssl,"compression methods\n");
for(;complen;complen--){
SSL_DECODE_ENUM(ssl,0,1,compression_method_decoder,P_HL,data,&comp);
printf("\n");
}
}
return(0);
}
static int decode_HandshakeType_server_hello(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
int r;
UINT4 vj,vn;
SSL_DECODE_UINT8(ssl,0,0,data,&vj);
SSL_DECODE_UINT8(ssl,0,0,data,&vn);
P_(P_ND) {explain(ssl,"SSL version %d.%d ",vj,vn);}
SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,0);
SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",32,P_ND,data,0);
SSL_DECODE_ENUM(ssl,0,2,cipher_suite_decoder,
P_HL,data,0);
SSL_DECODE_ENUM(ssl,0,1,compression_method_decoder,P_HL,data,0);
return(0);
}
static int decode_HandshakeType_certificate(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
return(0);
}
static int decode_HandshakeType_server_key_exchange(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
return(0);
}
static int decode_HandshakeType_certificate_request(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
return(0);
}
static int decode_HandshakeType_server_hello_done(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
return(0);
}
static int decode_HandshakeType_certificate_verify(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
return(0);
}
static int decode_HandshakeType_client_key_exchange(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
return(0);
}
static int decode_HandshakeType_finished(ssl,dir,seg,data)
ssl_obj *ssl;
int dir;
segment *seg;
Data *data;
{
return(0);
}
decoder HandshakeType_decoder[]={
{
0,
"hello_request",
decode_HandshakeType_hello_request
},
{
1,
"client_hello",
decode_HandshakeType_client_hello
},
{
2,
"server_hello",
decode_HandshakeType_server_hello
},
{
11,
"certificate",
decode_HandshakeType_certificate
},
{
12,
"server_key_exchange",
decode_HandshakeType_server_key_exchange
},
{
13,
"certificate_request",
decode_HandshakeType_certificate_request
},
{
14,
"server_hello_done",
decode_HandshakeType_server_hello_done
},
{
15,
"certificate_verify",
decode_HandshakeType_certificate_verify
},
{
16,
"client_key_exchange",
decode_HandshakeType_client_key_exchange
},
{
20,
"finished",
decode_HandshakeType_finished
},
{0}
};
decoder cipher_suite_decoder[]={
{
1,
"TLS_RSA_WITH_NULL_MD5",
0 },
{
2,
"TLS_RSA_WITH_NULL_SHA",
0 },
{
3,
"TLS_RSA_EXPORT_WITH_RC4_40_MD5",
0 },
{
4,
"TLS_RSA_WITH_RC4_128_MD5",
0 },
{
5,
"TLS_RSA_WITH_RC4_128_SHA",
0 },
{
6,
"TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
0 },
{
7,
"TLS_RSA_WITH_IDEA_CBC_SHA",
0 },
{
8,
"TLS_RSA_EXPORT_WITH_DES40_CBC_SHA",
0 },
{
9,
"TLS_RSA_WITH_DES_CBC_SHA",
0 },
{
10,
"TLS_RSA_WITH_3DES_EDE_CBC_SHA",
0 },
{
11,
"TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
0 },
{
12,
"TLS_DH_DSS_WITH_DES_CBC_SHA",
0 },
{
13,
"TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA",
0 },
{
14,
"TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA",
0 },
{
15,
"TLS_DH_RSA_WITH_DES_CBC_SHA",
0 },
{
16,
"TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA",
0 },
{
17,
"TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
0 },
{
18,
"TLS_DHE_DSS_WITH_DES_CBC_SHA",
0 },
{
19,
"TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
0 },
{
20,
"TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
0 },
{
21,
"TLS_DHE_RSA_WITH_DES_CBC_SHA",
0 },
{
22,
"TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
0 },
{
23,
"TLS_DH_anon_EXPORT_WITH_RC4_40_MD5",
0 },
{
24,
"TLS_DH_anon_WITH_RC4_128_MD5",
0 },
{
25,
"TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
0 },
{
26,
"TLS_DH_anon_WITH_DES_CBC_SHA",
0 },
{
27,
"TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
0 },
{-1}
};
decoder compression_method_decoder[]={
{
7,
"NULL",
0 },
{-1}
};

134
ssl/ssl_h.h Normal file
View file

@ -0,0 +1,134 @@
/**
ssl.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: ssl_h.h,v 1.6 2002/08/17 01:33:17 ekr Exp $
ekr@rtfm.com Fri Jan 8 14:09:37 1999
*/
#ifndef _ssl_h
#define _ssl_h
#include "sslciphers.h"
typedef struct ssl_decode_ctx_ ssl_decode_ctx;
typedef struct ssl_decoder_ ssl_decoder;
typedef struct d_queue_ {
short state; /*What state we're in*/
#define SSL_READ_NONE 1
#define SSL_READ_HEADER 2
int read_left; /*How many more bytes to read in this state*/
int len; /*The length of the total record, including header*/
UCHAR *data; /*The data for this record*/
UCHAR *ptr; /*The data ptr*/
int _allocated; /*The number of data bytes allocated for this record*/
segment *q; /*The segments that match this record*/
segment *q_last; /*The last segment*/
int offset; /*How far into the first segment this record starts*/
} r_queue;
typedef struct ssl_obj_ {
tcp_conn *conn;
int r_state;
int i_state;
int version;
int cipher_suite;
char *client_name;
int client_port;
char *server_name;
int server_port;
struct SSL_CipherSuite_ *cs;
r_queue *i2r_queue;
r_queue *r2i_queue;
struct timeval time_start;
struct timeval time_last;
ssl_decode_ctx *ssl_ctx;
ssl_decoder *decoder;
int process_ciphertext;
/*Printing bookkeeping*/
#define REC_PLAINTEXT 1
#define REC_DECRYPTED_CIPHERTEXT 2
#define REC_CIPHERTEXT 3
int record_encryption;
int direction; /* The direction we're currently working in*/
int record_count;
int indent_depth;
int indent_name_len;
} ssl_obj;
typedef struct decoder_ {
int type;
char *name;
int (*print) PROTO_LIST((ssl_obj *,int direction,segment *seg,Data *data));
} decoder;
#define SSL_NO_DATA 1
#define SSL_BAD_CONTENT_TYPE 2
#define SSL_BAD_PMS 3
#define SSL_CANT_DO_CIPHER 4
#define SSL_NO_DECRYPT 5
#define SSL_BAD_MAC 6
#define SSL_BAD_DATA 7
/*SSL defines*/
#define COMBINE(a,b) ((a<<8) | b)
#define SSL_HEADER_SIZE 5
#define SSLV3_VERSION 0x300
#define TLSV1_VERSION 0x301
/*State defines*/
#define SSL_ST_SENT_NOTHING 0
#define SSL_ST_HANDSHAKE 1
#define SSL_ST_SENT_CHANGE_CIPHER_SPEC 2
#include "ssldecode.h"
#endif

312
ssl/ssl_rec.c Normal file
View file

@ -0,0 +1,312 @@
/**
ssl_rec.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: ssl_rec.c,v 1.3 2000/11/03 06:38:06 ekr Exp $
ekr@rtfm.com Wed Aug 18 15:46:57 1999
*/
static char *RCSSTRING="$Id: ssl_rec.c,v 1.3 2000/11/03 06:38:06 ekr Exp $";
#include "network.h"
#include "ssl_h.h"
#include "sslprint.h"
#include "ssl.enums.h"
#ifdef OPENSSL
#include <openssl/ssl.h>
#include <openssl/hmac.h>
#include <openssl/evp.h>
#endif
#include "ssldecode.h"
#include "ssl_rec.h"
struct ssl_rec_decoder_ {
SSL_CipherSuite *cs;
Data *mac_key;
#ifdef OPENSSL
EVP_CIPHER_CTX *evp;
#endif
UINT4 seq;
};
static char *digests[]={
"MD5",
"SHA1"
};
static char *ciphers[]={
"DES",
"DES3",
"RC4",
"RC2",
"IDEA"
};
static int tls_check_mac PROTO_LIST((ssl_rec_decoder *d,int ct,
int ver,UCHAR *data,UINT4 datalen,UCHAR *mac));
static int fmt_seq PROTO_LIST((UINT4 num,UCHAR *buf));
int ssl_create_rec_decoder(dp,cs,mk,sk,iv)
ssl_rec_decoder **dp;
SSL_CipherSuite *cs;
UCHAR *mk;
UCHAR *sk;
UCHAR *iv;
{
int r,_status;
ssl_rec_decoder *dec=0;
#ifdef OPENSSL
const EVP_CIPHER *ciph=0;
/* Find the SSLeay cipher */
if(cs->enc!=ENC_NULL){
ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]);
}
if(!(dec=(ssl_rec_decoder *)calloc(sizeof(ssl_rec_decoder),1)))
ABORT(R_NO_MEMORY);
dec->cs=cs;
if(r=r_data_create(&dec->mac_key,mk,cs->dig_len))
ABORT(r);
if(!(dec->evp=(EVP_CIPHER_CTX *)malloc(sizeof(EVP_CIPHER_CTX))))
ABORT(R_NO_MEMORY);
EVP_CIPHER_CTX_init(dec->evp);
EVP_CipherInit(dec->evp,ciph,sk,iv,0);
#endif
*dp=dec;
_status=0;
abort:
if(_status){
ssl_destroy_rec_decoder(&dec);
}
return(_status);
}
int ssl_destroy_rec_decoder(dp)
ssl_rec_decoder **dp;
{
ssl_rec_decoder *d;
if(!dp || !*dp)
return(0);
d=*dp;
r_data_destroy(&d->mac_key);
#ifdef OPENSSL
if(d->evp){
EVP_CIPHER_CTX_cleanup(d->evp);
free(d->evp);
}
free(*dp);
#endif
*dp=0;
return(0);
}
int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl)
ssl_obj *ssl;
ssl_rec_decoder *d;
int ct;
int version;
UCHAR *in;
int inl;
UCHAR *out;
int *outl;
{
#ifdef OPENSSL
int pad;
int r;
UCHAR *mac;
CRDUMP("Ciphertext",in,inl);
/* First decrypt*/
EVP_Cipher(d->evp,out,in,inl);
CRDUMP("Plaintext",out,inl);
*outl=inl;
/* Now strip off the padding*/
if(d->cs->block!=1){
pad=out[inl-1];
*outl-=(pad+1);
}
/* And the MAC */
*outl-=d->cs->dig_len;
mac=out+(*outl);
CRDUMP("Record data",out,*outl);
/* Now check the MAC */
if(ssl->version==0x300){
if(r=ssl3_check_mac(d,ct,version,out,*outl,mac))
ERETURN(r);
}
else{
if(r=tls_check_mac(d,ct,version,out,*outl,mac))
ERETURN(r);
}
#endif
return(0);
}
#define MSB(a) ((a>>8)&0xff)
#define LSB(a) (a&0xff)
#ifdef OPENSSL
/* This should go to 2^128, but we're never really going to see
more than 2^64, so we cheat*/
static int fmt_seq(num,buf)
UINT4 num;
UCHAR *buf;
{
UINT4 netnum;
memset(buf,0,8);
netnum=htonl(num);
memcpy(buf+4,&netnum,4);
return(0);
}
static int tls_check_mac(d,ct,ver,data,datalen,mac)
ssl_rec_decoder *d;
int ct;
int ver;
UCHAR *data;
UINT4 datalen;
UCHAR *mac;
{
HMAC_CTX hm;
const EVP_MD *md;
UINT4 l;
UCHAR buf[20];
md=EVP_get_digestbyname(digests[d->cs->dig-0x40]);
HMAC_Init(&hm,d->mac_key->data,d->mac_key->len,md);
fmt_seq(d->seq,buf);
d->seq++;
HMAC_Update(&hm,buf,8);
buf[0]=ct;
HMAC_Update(&hm,buf,1);
buf[0]=MSB(ver);
buf[1]=LSB(ver);
HMAC_Update(&hm,buf,2);
buf[0]=MSB(datalen);
buf[1]=LSB(datalen);
HMAC_Update(&hm,buf,2);
HMAC_Update(&hm,data,datalen);
HMAC_Final(&hm,buf,&l);
if(memcmp(mac,buf,l))
ERETURN(SSL_BAD_MAC);
HMAC_cleanup(&hm);
return(0);
}
int ssl3_check_mac(d,ct,ver,data,datalen,mac)
ssl_rec_decoder *d;
int ct;
int ver;
UCHAR *data;
UINT4 datalen;
UCHAR *mac;
{
EVP_MD_CTX mc;
const EVP_MD *md;
UINT4 l;
UCHAR buf[64],dgst[20];
int pad_ct;
pad_ct=(d->cs->dig==DIG_SHA)?40:48;
md=EVP_get_digestbyname(digests[d->cs->dig-0x40]);
EVP_DigestInit(&mc,md);
EVP_DigestUpdate(&mc,d->mac_key->data,d->mac_key->len);
memset(buf,0x36,pad_ct);
EVP_DigestUpdate(&mc,buf,pad_ct);
fmt_seq(d->seq,buf);
d->seq++;
EVP_DigestUpdate(&mc,buf,8);
buf[0]=ct;
EVP_DigestUpdate(&mc,buf,1);
buf[0]=MSB(datalen);
buf[1]=LSB(datalen);
EVP_DigestUpdate(&mc,buf,2);
EVP_DigestUpdate(&mc,data,datalen);
EVP_DigestFinal(&mc,dgst,&l);
EVP_DigestInit(&mc,md);
EVP_DigestUpdate(&mc,d->mac_key->data,d->mac_key->len);
memset(buf,0x5c,pad_ct);
EVP_DigestUpdate(&mc,buf,pad_ct);
EVP_DigestUpdate(&mc,dgst,l);
EVP_DigestFinal(&mc,dgst,&l);
if(memcmp(mac,dgst,l))
ERETURN(SSL_BAD_MAC);
return(0);
}
#endif

59
ssl/ssl_rec.h Normal file
View file

@ -0,0 +1,59 @@
/**
ssl_rec.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: ssl_rec.h,v 1.2 2000/10/17 16:10:02 ekr Exp $
ekr@rtfm.com Wed Aug 18 16:16:23 1999
*/
#ifndef _ssl_rec_h
#define _ssl_rec_h
typedef struct ssl_rec_decoder_ ssl_rec_decoder;
int ssl_destroy_rec_decoder PROTO_LIST((ssl_rec_decoder **dp));
int ssl_create_rec_decoder PROTO_LIST((ssl_rec_decoder **dp,
SSL_CipherSuite *cs,UCHAR *mk,UCHAR *sk,UCHAR *iv));
int ssl_decode_rec_data PROTO_LIST((ssl_obj *ssl,ssl_rec_decoder *d,
int ct,int version,UCHAR *in,int inl,UCHAR *out,int *outl));
#endif

83
ssl/sslciphers.h Normal file
View file

@ -0,0 +1,83 @@
/**
sslciphers.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: sslciphers.h,v 1.3 2002/08/17 01:33:17 ekr Exp $
ekr@rtfm.com Tue Mar 30 18:11:55 1999
*/
#ifndef _sslciphers_h
#define _sslciphers_h
typedef struct SSL_CipherSuite_ {
int number;
int kex;
int sig;
int enc;
int block;
int bits;
int eff_bits;
int dig;
int dig_len;
int export;
} SSL_CipherSuite;
#define KEX_RSA 0x10
#define KEX_DH 0x11
#define SIG_RSA 0x20
#define SIG_DSS 0x21
#define SIG_NONE 0x22
#define ENC_DES 0x30
#define ENC_3DES 0x31
#define ENC_RC4 0x32
#define ENC_RC2 0x33
#define ENC_IDEA 0x34
#define ENC_NULL 0x35
#define DIG_MD5 0x40
#define DIG_SHA 0x41
int ssl_find_cipher PROTO_LIST((int num,SSL_CipherSuite **cs));
#endif

908
ssl/ssldecode.c Normal file
View file

@ -0,0 +1,908 @@
/**
ssldecode.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: ssldecode.c,v 1.9 2002/08/17 01:33:17 ekr Exp $
ekr@rtfm.com Thu Apr 1 09:54:53 1999
*/
#include "network.h"
#include "ssl_h.h"
#include "sslprint.h"
#include "ssl.enums.h"
#ifdef OPENSSL
#include <openssl/ssl.h>
#include <openssl/hmac.h>
#include <openssl/evp.h>
#include <openssl/x509v3.h>
#endif
#include "ssldecode.h"
#include "ssl_rec.h"
#include "r_assoc.h"
static char *RCSSTRING="$Id: ssldecode.c,v 1.9 2002/08/17 01:33:17 ekr Exp $";
#define PRF(ssl,secret,usage,rnd1,rnd2,out) (ssl->version==SSLV3_VERSION)? \
ssl3_prf(ssl,secret,usage,rnd1,rnd2,out): \
tls_prf(ssl,secret,usage,rnd1,rnd2,out)
static char *ssl_password;
extern UINT4 SSL_print_flags;
struct ssl_decode_ctx_ {
#ifdef OPENSSL
SSL_CTX *ssl_ctx;
SSL *ssl;
r_assoc *session_cache;
#else
char dummy; /* Some compilers (Win32) don't like empty
structs */
#endif
};
struct ssl_decoder_ {
ssl_decode_ctx *ctx;
Data *session_id;
SSL_CipherSuite *cs;
Data *client_random;
Data *server_random;
int ephemeral_rsa;
Data *PMS;
Data *MS;
ssl_rec_decoder *c_to_s;
ssl_rec_decoder *s_to_c;
ssl_rec_decoder *c_to_s_n;
ssl_rec_decoder *s_to_c_n;
};
#ifdef OPENSSL
static int tls_P_hash PROTO_LIST((ssl_obj *ssl,Data *secret,Data *seed,
const EVP_MD *md,Data *out));
static int tls_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage,
Data *rnd1,Data *rnd2,Data *out));
static int ssl3_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage,
Data *rnd1,Data *rnd2,Data *out));
static int ssl3_generate_export_iv PROTO_LIST((ssl_obj *ssl,
Data *rnd1,Data *rnd2,Data *out));
static int ssl_generate_keying_material PROTO_LIST((ssl_obj *ssl,
ssl_decoder *d));
#endif
static int ssl_create_session_lookup_key PROTO_LIST((ssl_obj *ssl,
UCHAR *id,UINT4 idlen,UCHAR **keyp,UINT4 *keyl));
int ssl_save_session PROTO_LIST((ssl_obj *ssl,ssl_decoder *d));
int ssl_restore_session PROTO_LIST((ssl_obj *ssl,ssl_decoder *d));
/*The password code is not thread safe*/
static int password_cb(char *buf,int num,int rwflag,void *userdata)
{
if(num<strlen(ssl_password)+1)
return(0);
strcpy(buf,ssl_password);
return(strlen(ssl_password));
}
int ssl_decode_ctx_create(dp,keyfile,pass)
ssl_decode_ctx **dp;
char *keyfile;
char *pass;
{
#ifdef OPENSSL
ssl_decode_ctx *d=0;
int r,_status;
SSLeay_add_all_algorithms();
if(!(d=(ssl_decode_ctx *)malloc(sizeof(ssl_decode_ctx))))
ABORT(R_NO_MEMORY);
if(!(d->ssl_ctx=SSL_CTX_new(SSLv23_server_method())))
ABORT(R_NO_MEMORY);
if(keyfile){
if(pass){
ssl_password=pass;
SSL_CTX_set_default_passwd_cb(d->ssl_ctx,password_cb);
}
#if 0
if(SSL_CTX_use_certificate_file(d->ssl_ctx,keyfile,SSL_FILETYPE_PEM)!=1){
fprintf(stderr,"Problem loading certificate file\n");
ABORT(R_INTERNAL);
}
#endif
if(SSL_CTX_use_PrivateKey_file(d->ssl_ctx,keyfile,SSL_FILETYPE_PEM)!=1){
fprintf(stderr,"Problem loading private key\n");
ABORT(R_INTERNAL);
}
}
if(!(d->ssl=SSL_new(d->ssl_ctx)))
ABORT(R_NO_MEMORY);
if(r_assoc_create(&d->session_cache))
ABORT(R_NO_MEMORY);
X509V3_add_standard_extensions();
*dp=d;
_status=0;
abort:
return(_status);
#else
return(0);
#endif
}
int ssl_decoder_create(dp,ctx)
ssl_decoder **dp;
ssl_decode_ctx *ctx;
{
int _status;
ssl_decoder *d=0;
#ifdef OPENSSL
if(!(d=(ssl_decoder *)calloc(sizeof(ssl_decoder),1)))
ABORT(R_NO_MEMORY);
d->ctx=ctx;
*dp=d;
_status=0;
abort:
if(_status)
ssl_decoder_destroy(&d);
return(_status);
#else
return 0;
#endif
}
int ssl_decoder_destroy(dp)
ssl_decoder **dp;
{
#ifdef OPENSSL
ssl_decoder *d;
if(!dp || !*dp)
return(0);
d=*dp;
r_data_destroy(&d->client_random);
r_data_destroy(&d->server_random);
r_data_destroy(&d->session_id);
r_data_destroy(&d->PMS);
r_data_destroy(&d->MS);
ssl_destroy_rec_decoder(&d->c_to_s);
ssl_destroy_rec_decoder(&d->c_to_s_n);
ssl_destroy_rec_decoder(&d->s_to_c);
ssl_destroy_rec_decoder(&d->s_to_c_n);
free(d);
*dp=0;
#endif
return(0);
}
int ssl_set_client_random(d,msg,len)
ssl_decoder *d;
UCHAR *msg;
int len;
{
#ifdef OPENSSL
int r;
if(r=r_data_create(&d->client_random,msg,len))
ERETURN(r);
#endif
return(0);
}
int ssl_set_server_random(d,msg,len)
ssl_decoder *d;
UCHAR *msg;
int len;
{
#ifdef OPENSSL
int r;
if(r=r_data_create(&d->server_random,msg,len))
ERETURN(r);
#endif
return(0);
}
int ssl_set_client_session_id(d,msg,len)
ssl_decoder *d;
UCHAR *msg;
int len;
{
#ifdef OPENSSL
int r;
if(r=r_data_create(&d->session_id,msg,len))
ERETURN(r);
#endif
return(0);
}
int ssl_process_server_session_id(ssl,d,msg,len)
ssl_obj *ssl;
ssl_decoder *d;
UCHAR *msg;
int len;
{
#ifdef OPENSSL
int r,_status;
Data idd;
int restored=0;
INIT_DATA(idd,msg,len);
/* First check to see if the client tried to restore */
if(d->session_id){
/* Now check to see if we restored */
if(r_data_compare(&idd,d->session_id))
goto abort;
/* Now try to look up the session. We may not be able
to find it if, for instance, the original session
was initiated with something other than static RSA */
if(r=ssl_restore_session(ssl,d))
ABORT(r);
restored=1;
}
_status=0;
abort:
if(!restored){
/* Copy over the session ID */
r_data_zfree(d->session_id);
r_data_create(&d->session_id,msg,len);
}
return(_status);
#else
return(0);
#endif
}
int ssl_process_change_cipher_spec(ssl,d,direction)
ssl_obj *ssl;
ssl_decoder *d;
int direction;
{
#ifdef OPENSSL
if(direction==DIR_I2R){
d->c_to_s=d->c_to_s_n;
d->c_to_s_n=0;
if(d->c_to_s) ssl->process_ciphertext |= direction;
}
else{
d->s_to_c=d->s_to_c_n;
d->s_to_c_n=0;
if(d->s_to_c) ssl->process_ciphertext |= direction;
}
#endif
return(0);
}
int ssl_decode_record(ssl,dec,direction,ct,version,d)
ssl_obj *ssl;
ssl_decoder *dec;
int direction;
int ct;
int version;
Data *d;
{
ssl_rec_decoder *rd;
UCHAR *out;
int outl;
int r,_status;
UINT4 state;
if(dec)
rd=(direction==DIR_I2R)?dec->c_to_s:dec->s_to_c;
else
rd=0;
state=(direction==DIR_I2R)?ssl->i_state:ssl->r_state;
if(!rd){
if(state & SSL_ST_SENT_CHANGE_CIPHER_SPEC){
ssl->record_encryption=REC_CIPHERTEXT;
return(SSL_NO_DECRYPT);
}
else {
ssl->record_encryption=REC_PLAINTEXT;
return(0);
}
}
ssl->record_encryption=REC_CIPHERTEXT;
#ifdef OPENSSL
if(!(out=(UCHAR *)malloc(d->len)))
ABORT(R_NO_MEMORY);
if(r=ssl_decode_rec_data(ssl,rd,ct,version,d->data,d->len,out,&outl)){
ABORT(r);
}
memcpy(d->data,out,outl);
d->len=outl;
ssl->record_encryption=REC_DECRYPTED_CIPHERTEXT;
_status=0;
abort:
FREE(out);
return(_status);
#else
return(0);
#endif
}
static int ssl_create_session_lookup_key(ssl,id,idlen,keyp,keyl)
ssl_obj *ssl;
UCHAR *id;
UINT4 idlen;
UCHAR **keyp;
UINT4 *keyl;
{
UCHAR *key=0;
UINT4 l;
int r,_status;
l=idlen+strlen(ssl->server_name)+idlen+15; /* HOST + PORT + id */
if(!(key=(UCHAR *)malloc(l)))
ABORT(R_NO_MEMORY);
*keyp=key;
memcpy(key,id,idlen);
*keyl=idlen;
key+=idlen;
sprintf(key,"%s:%d",ssl->server_name,ssl->server_port);
*keyl+=strlen(key);
_status=0;
abort:
return(_status);
}
/* Look up the session id in the session cache and generate
the appropriate keying material */
int ssl_restore_session(ssl,d)
ssl_obj *ssl;
ssl_decoder *d;
{
UCHAR *lookup_key=0;
void *msv;
Data *msd;
int lookup_key_len;
int r,_status;
#ifdef OPENSSL
if(r=ssl_create_session_lookup_key(ssl,
d->session_id->data,d->session_id->len,&lookup_key,
&lookup_key_len))
ABORT(r);
if(r=r_assoc_fetch(d->ctx->session_cache,lookup_key,lookup_key_len,
&msv))
ABORT(r);
msd=(Data *)msv;
if(r=r_data_create(&d->MS,msd->data,msd->len))
ABORT(r);
CRDUMPD("Restored MS",d->MS);
switch(ssl->version){
case SSLV3_VERSION:
if(r=ssl_generate_keying_material(ssl,d))
ABORT(r);
break;
case TLSV1_VERSION:
if(r=ssl_generate_keying_material(ssl,d))
ABORT(r);
break;
default:
ABORT(SSL_CANT_DO_CIPHER);
}
_status=0;
abort:
FREE(lookup_key);
return(_status);
#else
return(0);
#endif
}
/* Look up the session id in the session cache and generate
the appropriate keying material */
int ssl_save_session(ssl,d)
ssl_obj *ssl;
ssl_decoder *d;
{
#ifdef OPENSSL
UCHAR *lookup_key=0;
void *msv;
Data *msd=0;
int lookup_key_len;
int r,_status;
if(r=ssl_create_session_lookup_key(ssl,d->session_id->data,
d->session_id->len,&lookup_key,
&lookup_key_len))
ABORT(r);
if(r=r_data_create(&msd,d->MS->data,d->MS->len))
ABORT(r);
if(r=r_assoc_insert(d->ctx->session_cache,lookup_key,lookup_key_len,
(void *)msd,0,(int (*)(void *))r_data_zfree,
R_ASSOC_NEW | R_ASSOC_REPLACE))
ABORT(r);
_status=0;
abort:
if(_status){
r_data_zfree(msd);
}
FREE(lookup_key);
return(_status);
#else
return(0);
#endif
}
/* This only works with RSA because the other cipher suites
offer PFS. Yuck. */
int ssl_process_client_key_exchange(ssl,d,msg,len)
ssl_obj *ssl;
ssl_decoder *d;
UCHAR *msg;
int len;
{
#ifdef OPENSSL
int r,_status;
int i;
EVP_PKEY *pk;
if(ssl->cs->kex!=KEX_RSA)
return(-1);
if(d->ephemeral_rsa)
return(-1);
pk=SSL_get_privatekey(d->ctx->ssl);
if(!pk)
return(-1);
if(pk->type!=EVP_PKEY_RSA)
return(-1);
if(r=r_data_alloc(&d->PMS,BN_num_bytes(pk->pkey.rsa->n)))
ABORT(r);
i=RSA_private_decrypt(len,msg,d->PMS->data,
pk->pkey.rsa,RSA_PKCS1_PADDING);
if(i!=48)
ABORT(SSL_BAD_PMS);
d->PMS->len=48;
CRDUMPD("PMS",d->PMS);
/* Remove the master secret if it was there
to force keying material regeneration in
case we're renegotiating */
r_data_destroy(&d->MS);
switch(ssl->version){
case SSLV3_VERSION:
if(r=ssl_generate_keying_material(ssl,d))
ABORT(r);
break;
case TLSV1_VERSION:
if(r=ssl_generate_keying_material(ssl,d))
ABORT(r);
break;
default:
ABORT(SSL_CANT_DO_CIPHER);
}
/* Now store the data in the session cache */
if(r=ssl_save_session(ssl,d))
ABORT(r);
_status=0;
abort:
return(_status);
#else
return 0;
#endif
}
#ifdef OPENSSL
static int tls_P_hash(ssl,secret,seed,md,out)
ssl_obj *ssl;
Data *secret;
Data *seed;
const EVP_MD *md;
Data *out;
{
UCHAR *ptr=out->data;
int left=out->len;
int tocpy;
UCHAR *A;
UCHAR _A[20],tmp[20];
unsigned int A_l,tmp_l;
HMAC_CTX hm;
CRDUMPD("P_hash secret",secret);
CRDUMPD("P_hash seed",seed);
A=seed->data;
A_l=seed->len;
while(left){
HMAC_Init(&hm,secret->data,secret->len,md);
HMAC_Update(&hm,A,A_l);
HMAC_Final(&hm,_A,&A_l);
A=_A;
HMAC_Init(&hm,secret->data,secret->len,md);
HMAC_Update(&hm,A,A_l);
HMAC_Update(&hm,seed->data,seed->len);
HMAC_Final(&hm,tmp,&tmp_l);
tocpy=MIN(left,tmp_l);
memcpy(ptr,tmp,tocpy);
ptr+=tocpy;
left-=tocpy;
}
HMAC_cleanup(&hm);
CRDUMPD("P_hash out",out);
return (0);
}
static int tls_prf(ssl,secret,usage,rnd1,rnd2,out)
ssl_obj *ssl;
Data *secret;
char *usage;
Data *rnd1;
Data *rnd2;
Data *out;
{
int r,_status;
Data *md5_out=0,*sha_out=0;
Data *seed;
UCHAR *ptr;
Data *S1=0,*S2=0;
int i,S_l;
if(r=r_data_alloc(&md5_out,MAX(out->len,16)))
ABORT(r);
if(r=r_data_alloc(&sha_out,MAX(out->len,20)))
ABORT(r);
if(r=r_data_alloc(&seed,strlen(usage)+rnd1->len+rnd2->len))
ABORT(r);
ptr=seed->data;
memcpy(ptr,usage,strlen(usage)); ptr+=strlen(usage);
memcpy(ptr,rnd1->data,rnd1->len); ptr+=rnd1->len;
memcpy(ptr,rnd2->data,rnd2->len); ptr+=rnd2->len;
S_l=secret->len/2 + secret->len%2;
if(r=r_data_alloc(&S1,S_l))
ABORT(r);
if(r=r_data_alloc(&S2,S_l))
ABORT(r);
memcpy(S1->data,secret->data,S_l);
memcpy(S2->data,secret->data + (secret->len - S_l),S_l);
if(r=tls_P_hash
(ssl,S1,seed,EVP_get_digestbyname("MD5"),md5_out))
ABORT(r);
if(r=tls_P_hash(ssl,S2,seed,EVP_get_digestbyname("SHA1"),sha_out))
ABORT(r);
for(i=0;i<out->len;i++)
out->data[i]=md5_out->data[i] ^ sha_out->data[i];
CRDUMPD("PRF out",out);
_status=0;
abort:
r_data_destroy(&md5_out);
r_data_destroy(&sha_out);
r_data_destroy(&seed);
r_data_destroy(&S1);
r_data_destroy(&S2);
return(_status);
}
static int ssl3_generate_export_iv(ssl,r1,r2,out)
ssl_obj *ssl;
Data *r1;
Data *r2;
Data *out;
{
MD5_CTX md5;
UCHAR tmp[16];
MD5_Init(&md5);
MD5_Update(&md5,r1->data,r1->len);
MD5_Update(&md5,r2->data,r2->len);
MD5_Final(tmp,&md5);
memcpy(out->data,tmp,out->len);
return(0);
}
static int ssl3_prf(ssl,secret,usage,r1,r2,out)
ssl_obj *ssl;
Data *secret;
char *usage;
Data *r1;
Data *r2;
Data *out;
{
MD5_CTX md5;
SHA_CTX sha;
Data *rnd1,*rnd2;
int off;
int i=0,j;
UCHAR buf[20];
rnd1=r1; rnd2=r2;
CRDUMPD("Secret",secret);
CRDUMPD("RND1",rnd1);
CRDUMPD("RND2",rnd2);
MD5_Init(&md5);
memset(&sha,0,sizeof(sha));
SHA1_Init(&sha);
for(off=0;off<out->len;off+=16){
char outbuf[16];
int tocpy;
i++;
/* A, BB, CCC, ... */
for(j=0;j<i;j++){
buf[j]=64+i;
}
SHA1_Update(&sha,buf,i);
CRDUMP("BUF",buf,i);
if(secret) SHA1_Update(&sha,secret->data,secret->len);
CRDUMPD("secret",secret);
if(!strcmp(usage,"client write key") || !strcmp(usage,"server write key")){
SHA1_Update(&sha,rnd2->data,rnd2->len);
CRDUMPD("rnd2",rnd2);
SHA1_Update(&sha,rnd1->data,rnd1->len);
CRDUMPD("rnd1",rnd1);
}
else{
SHA1_Update(&sha,rnd1->data,rnd1->len);
CRDUMPD("rnd1",rnd1);
SHA1_Update(&sha,rnd2->data,rnd2->len);
CRDUMPD("rnd2",rnd2);
}
SHA1_Final(buf,&sha);
CRDUMP("SHA out",buf,20);
SHA1_Init(&sha);
MD5_Update(&md5,secret->data,secret->len);
MD5_Update(&md5,buf,20);
MD5_Final(outbuf,&md5);
tocpy=MIN(out->len-off,16);
memcpy(out->data+off,outbuf,tocpy);
CRDUMP("MD5 out",outbuf,16);
MD5_Init(&md5);
}
return(0);
}
static int ssl_generate_keying_material(ssl,d)
ssl_obj *ssl;
ssl_decoder *d;
{
Data *key_block=0;
UCHAR _iv_c[8],_iv_s[8];
UCHAR _key_c[16],_key_s[16];
int needed;
int r,_status;
UCHAR *ptr,*c_wk,*s_wk,*c_mk,*s_mk,*c_iv,*s_iv;
if(!d->MS){
if(r=r_data_alloc(&d->MS,48))
ABORT(r);
if(r=PRF(ssl,d->PMS,"master secret",d->client_random,d->server_random,
d->MS))
ABORT(r);
CRDUMPD("MS",d->MS);
}
/* Compute the key block. First figure out how much data
we need*/
needed=ssl->cs->dig_len*2;
needed+=ssl->cs->bits / 4;
if(ssl->cs->block>1) needed+=ssl->cs->block*2;
if(r=r_data_alloc(&key_block,needed))
ABORT(r);
if(r=PRF(ssl,d->MS,"key expansion",d->server_random,d->client_random,
key_block))
ABORT(r);
ptr=key_block->data;
c_mk=ptr; ptr+=ssl->cs->dig_len;
s_mk=ptr; ptr+=ssl->cs->dig_len;
c_wk=ptr; ptr+=ssl->cs->eff_bits/8;
s_wk=ptr; ptr+=ssl->cs->eff_bits/8;
if(ssl->cs->block>1){
c_iv=ptr; ptr+=ssl->cs->block;
s_iv=ptr; ptr+=ssl->cs->block;
}
if(ssl->cs->export){
Data iv_c,iv_s;
Data c_iv_d,s_iv_d;
Data key_c,key_s;
Data k;
if(ssl->cs->block>1){
ATTACH_DATA(iv_c,_iv_c);
ATTACH_DATA(iv_s,_iv_s);
if(ssl->version==SSLV3_VERSION){
if(r=ssl3_generate_export_iv(ssl,d->client_random,
d->server_random,&iv_c))
ABORT(r);
if(r=ssl3_generate_export_iv(ssl,d->server_random,
d->client_random,&iv_s))
ABORT(r);
}
else{
UCHAR _iv_block[16];
Data iv_block;
Data key_null;
UCHAR _key_null;
INIT_DATA(key_null,&_key_null,0);
/* We only have room for 8 bit IVs, but that's
all we should need. This is a sanity check */
if(ssl->cs->block>8)
ABORT(R_INTERNAL);
ATTACH_DATA(iv_block,_iv_block);
if(r=PRF(ssl,&key_null,"IV block",d->client_random,
d->server_random,&iv_block))
ABORT(r);
memcpy(_iv_c,iv_block.data,8);
memcpy(_iv_s,iv_block.data+8,8);
}
c_iv=_iv_c;
s_iv=_iv_s;
}
if(ssl->version==SSLV3_VERSION){
MD5_CTX md5;
MD5_Init(&md5);
MD5_Update(&md5,c_wk,ssl->cs->eff_bits/8);
MD5_Update(&md5,d->client_random->data,d->client_random->len);
MD5_Update(&md5,d->server_random->data,d->server_random->len);
MD5_Final(_key_c,&md5);
c_wk=_key_c;
MD5_Init(&md5);
MD5_Update(&md5,s_wk,ssl->cs->eff_bits/8);
MD5_Update(&md5,d->server_random->data,d->server_random->len);
MD5_Update(&md5,d->client_random->data,d->client_random->len);
MD5_Final(_key_s,&md5);
s_wk=_key_s;
}
else{
ATTACH_DATA(key_c,_key_c);
ATTACH_DATA(key_s,_key_s);
INIT_DATA(k,c_wk,ssl->cs->eff_bits/8);
if(r=PRF(ssl,&k,"client write key",d->client_random,d->server_random,
&key_c))
ABORT(r);
c_wk=_key_c;
INIT_DATA(k,s_wk,ssl->cs->eff_bits/8);
if(r=PRF(ssl,&k,"server write key",d->client_random,d->server_random,
&key_s))
ABORT(r);
s_wk=_key_s;
}
}
CRDUMP("Client MAC key",c_mk,ssl->cs->dig_len);
CRDUMP("Server MAC key",s_mk,ssl->cs->dig_len);
CRDUMP("Client Write key",c_wk,ssl->cs->bits/8);
CRDUMP("Server Write key",s_wk,ssl->cs->bits/8);
if(ssl->cs->block>1){
CRDUMP("Client Write IV",c_iv,ssl->cs->block);
CRDUMP("Server Write IV",s_iv,ssl->cs->block);
}
if(r=ssl_create_rec_decoder(&d->c_to_s_n,
ssl->cs,c_mk,c_wk,c_iv))
ABORT(r);
if(r=ssl_create_rec_decoder(&d->s_to_c_n,
ssl->cs,s_mk,s_wk,s_iv))
ABORT(r);
_status=0;
abort:
if(key_block){
r_data_zfree(key_block);
free(key_block);
}
return(_status);
}
#endif

75
ssl/ssldecode.h Normal file
View file

@ -0,0 +1,75 @@
/**
ssldecode.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: ssldecode.h,v 1.3 2001/07/20 23:33:16 ekr Exp $
ekr@rtfm.com Thu Apr 1 15:02:02 1999
*/
#ifndef _ssldecode_h
#define _ssldecode_h
#define CRDUMP(a,b,c) P_(P_CR) {Data d; d.data=b; d.len=c; exdump(ssl,a,&d); printf("\n");}
#define CRDUMPD(a,b) P_(P_CR) {exdump(ssl,a,b);printf("\n");}
int ssl_decode_ctx_create PROTO_LIST((ssl_decode_ctx **ctx,
char *keyfile,char *password));
int ssl_decoder_destroy PROTO_LIST((ssl_decoder **dp));
int ssl_decoder_create PROTO_LIST((ssl_decoder **dp,ssl_decode_ctx *ctx));
int ssl_set_client_random PROTO_LIST((ssl_decoder *dp,
UCHAR *msg,int len));
int ssl_set_server_random PROTO_LIST((ssl_decoder *dp,
UCHAR *msg,int len));
int ssl_set_client_session_id PROTO_LIST((ssl_decoder *dp,
UCHAR *msg,int len));
int ssl_process_server_session_id PROTO_LIST((ssl_obj *obj,ssl_decoder *dp,
UCHAR *msg,int len));
int ssl_process_client_key_exchange PROTO_LIST((struct ssl_obj_ *,
ssl_decoder *d,UCHAR *msg,int len));
int ssl_process_change_cipher_spec PROTO_LIST((ssl_obj *ssl,
ssl_decoder *d,int direction));
int ssl_decode_record PROTO_LIST((ssl_obj *ssl,ssl_decoder *dec,int direction,
int ct,int version,Data *d));
#endif

686
ssl/sslprint.c Normal file
View file

@ -0,0 +1,686 @@
/**
sslprint.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: sslprint.c,v 1.8 2002/08/17 01:33:17 ekr Exp $
ekr@rtfm.com Tue Jan 12 18:06:39 1999
*/
static char *RCSSTRING="$Id: sslprint.c,v 1.8 2002/08/17 01:33:17 ekr Exp $";
#include <ctype.h>
#include <stdarg.h>
#include "network.h"
#include "ssl_h.h"
#include "sslprint.h"
#include "ssl.enums.h"
#include "ssldecode.h"
extern decoder ContentType_decoder[];
extern decoder HandshakeType_decoder[];
#define BYTES_NEEDED(x) (x<=255)?1:((x<=(1<<16))?2:(x<=(1<<24)?3:4))
int process_beginning_plaintext(ssl,seg,direction)
ssl_obj *ssl;
segment *seg;
int direction;
{
Data d;
int r;
struct timeval dt;
if(seg->len==0)
return(SSL_NO_DATA);
d.data=seg->data;
d.len=seg->len;
/* this looks like SSL data. Ignore it*/
if(d.data[0]==0x16)
return(SSL_BAD_CONTENT_TYPE);
P_(P_AD){
ssl_print_timestamp(ssl,&seg->p->ts);
ssl_print_direction_indicator(ssl,direction);
print_data(ssl,&d);
printf("\n");
}
return(0);
}
int process_v2_hello(ssl,seg)
ssl_obj *ssl;
segment *seg;
{
int r;
int rec_len;
int cs_len;
int sid_len;
int chall_len;
int ver;
Data d;
Data chall;
char random[32];
struct timeval dt;
if(seg->len==0)
return(SSL_NO_DATA);
d.data=seg->data;
d.len=seg->len;
/* First check the message length. */
if(d.len<4)
return(SSL_BAD_CONTENT_TYPE);
rec_len=((d.data[0] & 0x7f)<<8) | (d.data[1]);
d.data+=2; d.len-=2;
if(d.len!=rec_len) /* Whatever this is it isn't valid SSLv2*/
return(SSL_BAD_CONTENT_TYPE);
/* If msg_type==1 then we've got a v2 message (or trash)*/
if(*d.data++!=1)
return(SSL_BAD_CONTENT_TYPE);
d.len--;
SSL_DECODE_UINT16(ssl,"Version number",P_DC,&d,&ver);
/* We can't handle real v2 clients*/
if(ver<=2){
explain(ssl,"Version 2 Client.\n");
return(SSL_BAD_DATA);
}
ssl_print_record_num(ssl);
ssl_print_timestamp(ssl,&seg->p->ts);
ssl_print_direction_indicator(ssl,DIR_I2R);
explain(ssl," SSLv2 compatible client hello\n");
INDENT_INCR;
P_(P_HL) {
explain(ssl,"Version %d.%d ",(ver>>8)&0xff,
ver&0xff);
printf("\n");
}
SSL_DECODE_UINT16(ssl,"cipher_spec_length",P_DC,&d,&cs_len);
SSL_DECODE_UINT16(ssl,"session_id_length",P_DC,&d,&sid_len);
SSL_DECODE_UINT16(ssl,"challenge_length",P_DC,&d,&chall_len);
if(cs_len%3){
fprintf(stderr,"Bad cipher spec length %d\n",cs_len);
return(SSL_BAD_DATA);
}
P_(P_HL){
explain(ssl,"cipher suites\n");
}
for(;cs_len;cs_len-=3){
UINT4 val;
char *str;
SSL_DECODE_UINT24(ssl,0,0,&d,&val);
ssl_print_cipher_suite(ssl,ver,P_HL,val);
P_(P_HL){
explain(ssl,"\n");
}
}
if(sid_len!=0){
fprintf(stderr,"Session ID field should be zero length\n");
return(SSL_BAD_DATA);
}
if(chall_len<16 || chall_len>32){
fprintf(stderr,"Invalid challenge length %d\n",chall_len);
return(SSL_BAD_DATA);
}
SSL_DECODE_OPAQUE_ARRAY(ssl,0,chall_len,
0,&d,&chall);
P_(P_DC){
exdump(ssl,"Challenge",&chall);
}
memset(random,0,32);
memcpy(random+(32-chall_len),chall.data,chall_len);
ssl_set_client_random(ssl->decoder,random,32);
ssl->i_state=SSL_ST_HANDSHAKE;
P_(SSL_PRINT_HEXDUMP){
Data d;
INIT_DATA(d,seg->data,seg->len);
exdump(ssl,"Packet data",&d);
printf("\n\n");
}
INDENT_POP;
return(0);
}
int ssl_decode_switch(ssl,dtable,value,dir,seg,data)
ssl_obj *ssl;
decoder *dtable;
int value;
int dir;
segment *seg;
Data *data;
{
while(dtable && dtable->type!=-1){
if(dtable->type == value){
INDENT_INCR;
explain(ssl,"%s",dtable->name);
if(dtable->print) {
INDENT_INCR;
dtable->print(ssl,dir,seg,data);
INDENT_POP;
}
INDENT_POP;
return(0);
}
dtable++;
}
ERETURN(R_NOT_FOUND);
}
int ssl_expand_record(ssl,q,direction,data,len)
ssl_obj *ssl;
segment *q;
int direction;
UCHAR *data;
int len;
{
int r;
Data d;
UINT4 ct,vermaj,vermin,length;
int version;
d.data=data;
d.len=len;
/*This should be mapped to an enum*/
SSL_DECODE_UINT8(ssl,0,0,&d,&ct);
SSL_DECODE_UINT8(ssl,0,0,&d,&vermaj);
SSL_DECODE_UINT8(ssl,0,0,&d,&vermin);
SSL_DECODE_UINT16(ssl,0,0,&d,&length);
if(d.len!=length){
explain(ssl,"Short record\n");
return(0);
}
P_(P_RH){
explain(ssl,"V%d.%d(%d)",vermaj,vermin,length);
}
version=vermaj*256+vermin;
r=ssl_decode_record(ssl,ssl->decoder,direction,ct,version,&d);
if(r==SSL_BAD_MAC){
explain(ssl," bad MAC\n");
return(0);
}
if(r){
if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct))
ERETURN(r);
printf("\n");
}
else{
if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q,
&d))
ERETURN(r);
}
return(0);
}
int ssl_decode_uintX(ssl,name,size,p,data,x)
ssl_obj *ssl;
char *name;
int size;
UINT4 p;
Data *data;
UINT4 *x;
{
UINT4 v=0;
UINT4 _x;
if(!x) x=&_x;
if(size>data->len){
fprintf(stderr,"Short read: %d bytes available (expecting %d)\n",
data->len,size);
ERETURN(R_EOD);
}
while(size--){
v<<=8;
v|=*(data->data)++;
data->len--;
}
P_(p){
explain(ssl,"%s = %d\n",name,*x);
}
*x=v;
return(0);
}
int ssl_decode_opaque_array(ssl,name,size,p,data,x)
ssl_obj *ssl;
char *name;
int size;
UINT4 p;
Data *data;
Data *x;
{
UINT4 len;
char n[1000];
int r;
Data _x;
if(!x) x=&_x;
sprintf(n,"%s (length)",name?name:"<unknown>");
if(size<0){
size*=-1;
if(r=ssl_decode_uintX(ssl,n,BYTES_NEEDED(size),P_DC,data,&len))
ERETURN(r);
}
else{
len=size;
}
if(len>data->len){
fprintf(stderr,"Not enough data. Found %d bytes (expecting %d)\n",
data->len,size);
ERETURN(R_EOD);
}
x->data=data->data;
x->len=len;
data->data+=len;
data->len-=len;
P_(p){
exdump(ssl,name,x);
}
return(0);
}
int ssl_lookup_enum(ssl,dtable,val,ptr)
ssl_obj *ssl;
decoder *dtable;
UINT4 val;
char **ptr;
{
while(dtable && dtable->type!=-1){
if(dtable->type == val){
*ptr=dtable->name;
return(0);
}
dtable++;
}
return(-1);
}
int ssl_decode_enum(ssl,name,size,dtable,p,data,x)
ssl_obj *ssl;
char *name;
int size;
decoder *dtable;
UINT4 p;
Data *data;
UINT4 *x;
{
int r;
UINT4 _x;
if(!x) x=&_x;
if(r=ssl_decode_uintX(ssl,name,size,0,data,x))
ERETURN(r);
P_(p){
if(r=ssl_print_enum(ssl,name,dtable,*x))
ERETURN(r);
}
return(0);
}
int ssl_print_enum(ssl,name,dtable,value)
ssl_obj *ssl;
char *name;
decoder *dtable;
UINT4 value;
{
if(name) explain(ssl,"%s ",name);
INDENT;
while(dtable && dtable->type!=-1){
if(dtable->type == value){
INDENT_INCR;
explain(ssl,"%s",dtable->name);
INDENT_POP;
return(0);
}
dtable++;
}
explain(ssl,"%s","unknown value");
return(0);
}
int explain(ssl_obj *ssl,char *format,...)
{
va_list ap;
va_start(ap,format);
P_(P_NR){
if(ssl->record_encryption==REC_DECRYPTED_CIPHERTEXT)
printf("\\f(CI");
else
printf("\\fC");
}
INDENT;
vprintf(format,ap);
va_end(ap);
return(0);
}
int exdump(ssl,name,data)
ssl_obj *ssl;
char *name;
Data *data;
{
int i;
if(name){
explain(ssl,"%s[%d]=\n",name,data->len);
INDENT_INCR;
}
P_(P_NR){
printf("\\f(CB");
}
for(i=0;i<data->len;i++){
if(!i) INDENT;
if((data->len>8) && i && !(i%16)){
printf("\n"); INDENT;
}
printf("%.2x ",data->data[i]&255);
}
P_(P_NR){
printf("\\fR");
}
if(name) INDENT_POP;
printf("\n");
return(0);
}
int combodump(ssl,name,data)
ssl_obj *ssl;
char *name;
Data *data;
{
char *ptr=data->data;
int len=data->len;
if(name){
explain(ssl,"%s[%d]=\n",name,data->len);
INDENT_INCR;
}
while(len){
int i;
int bytes=MIN(len,16);
INDENT;
P_(P_NR){
if(ssl->record_encryption==REC_DECRYPTED_CIPHERTEXT)
printf("\\f[CBI]");
else
printf("\\f(CB");
}
for(i=0;i<bytes;i++)
printf("%.2x ",ptr[i]&255);
/* Fill */
for(i=0;i<(16-bytes);i++)
printf(" ");
printf(" ");
P_(P_NR){
if(ssl->record_encryption==REC_DECRYPTED_CIPHERTEXT)
printf("\\f[CI]");
else
printf("\\f(C");
}
for(i=0;i<bytes;i++){
if(isprint(ptr[i]))
printf("%c",ptr[i]);
else
printf(".");
}
printf("\n");
len-=bytes;
ptr+=bytes;
}
P_(P_NR){
printf("\\fR");
}
if(name) INDENT_POP;
return(0);
}
int print_data(ssl,d)
ssl_obj *ssl;
Data *d;
{
int i,bit8=0;
printf("\n");
for(i=0;i<d->len;i++){
if(!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i])){
bit8=1;
break;
}
}
if(bit8){
INDENT;
printf("---------------------------------------------------------------\n");
P_(P_HO){
exdump(ssl,0,d);
}
else{
combodump(ssl,0,d);
}
INDENT;
printf("---------------------------------------------------------------\n");
}
else{
int nl=1;
INDENT;
printf("---------------------------------------------------------------\n"); if(SSL_print_flags & SSL_PRINT_NROFF){
if(ssl->process_ciphertext & ssl->direction)
printf("\\f[CI]");
else
printf("\\f(C");
}
INDENT;
for(i=0;i<d->len;i++){
/* Escape leading . */
if(nl==1 && (SSL_print_flags & SSL_PRINT_NROFF) && (d->data[i]=='.'))
printf("\\&");
nl=0;
putchar(d->data[i]);
if(d->data[i]=='\n') {nl=1;INDENT;}
}
printf("---------------------------------------------------------------\n");
if(SSL_print_flags & SSL_PRINT_NROFF){
printf("\\f(R");
}
}
return(0);
}
int ssl_print_direction_indicator(ssl,dir)
ssl_obj *ssl;
int dir;
{
#if 0
if(dir==DIR_I2R){
explain(ssl,"%s(%d) > %s>%d",
ssl->client_name,ssl->client_port,ssl->server_name,ssl->server_port);
}
else{
explain(ssl,"%s(%d) > %s>%d",
ssl->client_name,ssl->client_port,ssl->server_name,ssl->server_port);
}
#else
if(dir==DIR_I2R){
explain(ssl,"C>S");
}
else{
explain(ssl,"S>C");
}
#endif
return(0);
}
int ssl_print_timestamp(ssl,ts)
ssl_obj *ssl;
struct timeval *ts;
{
struct timeval dt;
int r;
if(SSL_print_flags & SSL_PRINT_TIMESTAMP_ABSOLUTE) {
explain(ssl,"%d%c%4.4d ",ts->tv_sec,'.',ts->tv_usec/100);
}
else{
if(r=timestamp_diff(ts,&ssl->time_start,&dt))
ERETURN(r);
explain(ssl,"%d%c%4.4d ",dt.tv_sec,'.',dt.tv_usec/100);
}
if(r=timestamp_diff(ts,&ssl->time_last,&dt)){
ERETURN(r);
}
explain(ssl,"(%d%c%4.4d) ",dt.tv_sec,'.',dt.tv_usec/100);
memcpy(&ssl->time_last,ts,sizeof(struct timeval));
return(0);
}
int ssl_print_record_num(ssl)
ssl_obj *ssl;
{
ssl->record_count++;
if(SSL_print_flags & SSL_PRINT_NROFF){
printf("\\fI%d %d\\fR %s",
ssl->conn->conn_number,
ssl->record_count,ssl->record_count<10?" ":"");
}
else{
printf("%d %d %s",ssl->conn->conn_number,
ssl->record_count,ssl->record_count<10?" ":"");
}
return(0);
}
int ssl_print_cipher_suite(ssl,version,p,val)
ssl_obj *ssl;
int version;
int p;
UINT4 val;
{
char *str;
char *prefix=version<=0x300?"SSL_":"TLS_";
int r;
P_(p){
if(r=ssl_lookup_enum(ssl,cipher_suite_decoder,val,&str)){
explain(ssl,"Unknown value 0x%x",val);
return(0);
}
/* Now the tricky bit. If the cipher suite begins with TLS_
and the version is SSLv3 then we replace it with SSL_*/
if(!strncmp(str,"TLS_",4)){
explain(ssl,"%s%s",prefix,str+4);
}
else{
explain(ssl,"%s",str);
}
}
return(0);
}

99
ssl/sslprint.h Normal file
View file

@ -0,0 +1,99 @@
/**
sslprint.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: sslprint.h,v 1.3 2000/11/03 06:38:06 ekr Exp $
ekr@rtfm.com Wed Feb 10 15:34:14 1999
*/
#ifndef _sslprint_h
#define _sslprint_h
#include "ssl_analyze.h"
#include "ssl_h.h"
int ssl_expand_record PROTO_LIST((ssl_obj *ssl,
segment *q,int direction,UCHAR *data,int len));
int ssl_decode_switch PROTO_LIST((ssl_obj *ssl,
decoder *dtable,int value,int dir,segment *seg,Data *data));
int ssl_decode_uintX PROTO_LIST((ssl_obj *ssl,char *name,int size,
UINT4 print,Data *data,UINT4 *x));
int ssl_decode_opaque_array PROTO_LIST((ssl_obj *ssl,char *name,int size,
UINT4 print,Data *data,Data *x));
int ssl_decode_enum PROTO_LIST((ssl_obj *ssl,char *name,
int size,decoder *decode,UINT4 p,Data *data,
UINT4 *x));
int ssl_lookup_enum PROTO_LIST((ssl_obj *ssl,decoder *dtable,
UINT4 val,char **ptr));
int ssl_print_enum PROTO_LIST((ssl_obj *obj,char *name,
decoder *decode,UINT4 value));
int print_data PROTO_LIST((ssl_obj *ssl,Data *d));
int process_v2_hello PROTO_LIST((ssl_obj *ssl,segment *seg));
int process_beginning_plaintext PROTO_LIST((ssl_obj *ssl,
segment *seg,int direction));
int ssl_print_direction_indicator PROTO_LIST((ssl_obj *ssl,int dir));
int ssl_print_timestamp PROTO_LIST((ssl_obj *ssl,struct timeval *ts));
int ssl_print_record_num PROTO_LIST((ssl_obj *ssl));
int ssl_print_cipher_suite PROTO_LIST((ssl_obj *ssl,int version,int p,
UINT4 val));
int explain PROTO_LIST((ssl_obj *ssl,char *format,...));
int exdump PROTO_LIST((ssl_obj *ssl,char *name,Data *data));
#define SSL_DECODE_UINT8(a,n,b,c,d) if(r=ssl_decode_uintX(a,n,1,b,c,d)) ERETURN(r)
#define SSL_DECODE_UINT16(a,n,b,c,d) if(r=ssl_decode_uintX(a,n,2,b,c,d)) ERETURN(r)
#define SSL_DECODE_UINT24(a,n,b,c,d) if(r=ssl_decode_uintX(a,n,3,b,c,d)) ERETURN(r)
#define SSL_DECODE_UINT32(a,n,b,c,d) if(r=ssl_decode_uintX(a,n,4,b,c,d)) ERETURN(r)
#define SSL_DECODE_OPAQUE_ARRAY(a,n,b,c,d,e) if(r=ssl_decode_opaque_array(a,n,b,c,d,e)) ERETURN(r)
#define SSL_DECODE_ENUM(a,b,c,d,e,f,g) if(r=ssl_decode_enum(a,b,c,d,e,f,g)) ERETURN(r)
#define P_(p) if((p==SSL_PRINT_ALL) || (p & SSL_print_flags))
#define INDENT do {int i; for(i=0;i<(ssl->indent_depth + ssl->indent_name_len);i++) printf("%s",SSL_print_flags & SSL_PRINT_NROFF?" ":" ");} while(0)
#define INDENT_INCR ssl->indent_depth+=2
#define INDENT_POP ssl->indent_depth-=2
#define INDENT_NAME(x) ssl->indent_name_len += strlen(x)
#define INDENT_NAME_POP ssl->indent_name_len=0
#define LINE_LEFT (80-(ssl->indent_name_len + ssl->indent_depth)
#define LF printf("\n")
#endif

234
ssl/sslxprint.c Normal file
View file

@ -0,0 +1,234 @@
/**
sslxprint.c
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: sslxprint.c,v 1.3 2000/11/03 06:38:06 ekr Exp $
ekr@rtfm.com Thu Mar 25 21:17:16 1999
*/
static char *RCSSTRING="$Id: sslxprint.c,v 1.3 2000/11/03 06:38:06 ekr Exp $";
#include "network.h"
#include "ssl_h.h"
#include "sslprint.h"
#include "ssl.enums.h"
#ifdef OPENSSL
#include <openssl/asn1.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#endif
#define BUFSIZE 1024
static int sslx__print_dn PROTO_LIST((ssl_obj *ssl,char *x));
#ifdef OPENSSL
static int sslx__print_serial PROTO_LIST((ssl_obj *ssl,ASN1_INTEGER *a));
#endif
int sslx_print_certificate(ssl,data,pf)
ssl_obj *ssl;
Data *data;
int pf;
{
#ifdef OPENSSL
X509 *x=0;
ASN1_INTEGER *a;
#endif
UCHAR *d;
int _status;
#ifdef OPENSSL
P_(P_ASN){
char buf[BUFSIZE];
int ext;
d=data->data;
if(!(x=d2i_X509(0,&d,data->len))){
explain(ssl,"Bad certificate");
ABORT(R_BAD_DATA);
}
X509_NAME_oneline(X509_get_subject_name(x),buf,
BUFSIZE);
explain(ssl,"Subject\n");
INDENT_INCR;
sslx__print_dn(ssl,buf);
INDENT_POP;
X509_NAME_oneline(X509_get_issuer_name(x),buf,
BUFSIZE);
explain(ssl,"Issuer\n");
INDENT_INCR;
sslx__print_dn(ssl,buf);
INDENT_POP;
a=X509_get_serialNumber(x);
explain(ssl,"Serial ");
sslx__print_serial(ssl,a);
ext=X509_get_ext_count(x);
if(ext>0){
int i,j;
UCHAR buf[1024];
explain(ssl,"Extensions\n");
INDENT_INCR;
for(i=0;i<ext;i++){
X509_EXTENSION *ex;
ASN1_OBJECT *obj;
ex=X509_get_ext(x,i);
obj=X509_EXTENSION_get_object(ex);
i2t_ASN1_OBJECT(buf,sizeof(buf),obj);
explain(ssl,"Extension: %s\n",buf);
j=X509_EXTENSION_get_critical(ex);
if(j){
INDENT;
explain(ssl,"Critical\n");
}
if(SSL_print_flags & SSL_PRINT_NROFF){
if(ssl->process_ciphertext&ssl->direction)
printf("\\f(CI");
else
printf("\\fC");
INDENT_INCR;
INDENT;
if(!X509V3_EXT_print_fp(stdout,ex,0,0)){
printf("Hex value");
}
INDENT_POP;
explain(ssl,"\n");
}
}
INDENT_POP;
}
else{
#endif
P_(pf){
exdump(ssl,"certificate",data);
}
#ifdef OPENSSL
}
}
#endif
_status=0;
abort:
#ifdef OPENSSL
if(x) X509_free(x);
#endif
return(_status);
}
int sslx_print_dn(ssl,data,pf)
ssl_obj *ssl;
Data *data;
int pf;
{
UCHAR buf[BUFSIZE];
int _status;
UCHAR *d=data->data;
#ifdef OPENSSL
X509_NAME *n=0;
#endif
P_(pf){
#ifdef OPENSSL
P_(P_ASN){
if(!(n=d2i_X509_NAME(0,&d,data->len)))
ABORT(R_BAD_DATA);
X509_NAME_oneline(n,buf,BUFSIZE);
sslx__print_dn(ssl,buf);
}
else{
#endif
exdump(ssl,0,data);
#ifdef OPENSSL
}
#endif
}
_status=0;
abort:
#ifdef OPENSSL
if(n) X509_NAME_free(n);
#endif
return(_status);
}
static int sslx__print_dn(ssl,x)
ssl_obj *ssl;
char *x;
{
char *slash;
if(*x=='/') x++;
while (x){
if(slash=strchr(x,'/')){
*slash=0;
}
explain(ssl,"%s\n",x);
x=slash?slash+1:0;
};
return(0);
}
#ifdef OPENSSL
static int sslx__print_serial(ssl,a)
ssl_obj *ssl;
ASN1_INTEGER *a;
{
Data d;
if(a->length==0)
printf("0");
INIT_DATA(d,a->data,a->length);
exdump(ssl,0,&d);
return(0);
}
#endif

54
ssl/sslxprint.h Normal file
View file

@ -0,0 +1,54 @@
/**
sslxprint.h
Copyright (C) 1999-2000 RTFM, Inc.
All Rights Reserved
This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
<ekr@rtfm.com> and licensed by RTFM, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software
must display the following acknowledgement:
This product includes software developed by Eric Rescorla for
RTFM, Inc.
4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
used to endorse or promote products derived from this
software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
$Id: sslxprint.h,v 1.2 2000/10/17 16:10:02 ekr Exp $
ekr@rtfm.com Thu Mar 25 21:23:34 1999
*/
#ifndef _sslxprint_h
#define _sslxprint_h
int sslx_print_certificate PROTO_LIST((ssl_obj *ssl,Data *data,int pf));
int sslx_print_dn PROTO_LIST((ssl_obj *ssl,Data *data,int pf));
#endif

282
ssl/targets.mk Normal file
View file

@ -0,0 +1,282 @@
#
# targets.mk
#
# $Source: /usr/local/CVS/ssldump/ssl/targets.mk,v $
# $Revision: 1.2 $
# $Date: 2001/12/08 14:57:51 $
# $Name: $
# $Disclaimer$
#
# Copyright (C) 1999, Terisa Systems, Inc.
# All Rights Reserved.
#
# ekr@terisa.com
#
#
# CONFIGURE USER-DEFINED MAKE ENVIRONMENT
#
# These fields are specified by the user. The remainder of
# this file is generated from this user-specified information.
#
# ANALYZE_SSL_DEFINES:
# cpp defines, with the -D flag preceeding each
#
# ANALYZE_SSL_INCLUDES:
# cpp include directories, with the -I flag preceeding each
#
# ANALYZE_SSL_INTERNAL:
# headers files which are local to a specific module directory,
# and should not be used by other parts of the toolkit or by
# the user
#
# ANALYZE_SSL_LIBNAME:
# the library associated with this module directory, used in
# most cases for debugging purposes
#
# ANALYZE_SSL_LIBPATHS:
# link-time directories to search for libraries, with the -L flag
# preceeding each
#
# ANALYZE_SSL_LIBRARIES:
# link-time libraries, with the -l flag preceeding each
#
# ANALYZE_SSL_LOCALFLAGS:
# compile-time flags specific to compiling only the files in
# this module directory--this variable should only be set in
# extremely exceptional cases
#
# ANALYZE_SSL_MAKEFILES:
# the makefiles
#
# ANALYZE_SSL_PREFIX:
# defines the module name, which also serves as the
# prefix for all the variable names defined in this file
#
# ANALYZE_SSL_PRIVATE:
# the private, for-toolkit-use-only API header files
#
# ANALYZE_SSL_PROGRAMS:
# programs to build
#
# ANALYZE_SSL_PUBLIC:
# the header files that define the public API for the toolkit
# and any other 'public' files that should be copied to
# the build directory
#
# ANALYZE_SSL_SOURCES:
# the source files to compile to object
#
ANALYZE_SSL_DEFINES =
ANALYZE_SSL_INCLUDES = -I$(ANALYZE_SSL_SRCDIR)
ANALYZE_SSL_INTERNAL =
ANALYZE_SSL_LIBNAME =
ANALYZE_SSL_LIBPATHS =
ANALYZE_SSL_LIBRARIES =
ANALYZE_SSL_LOCALFLAGS =
ANALYZE_SSL_MAKEFILES =
ANALYZE_SSL_PREFIX = ANALYZE_SSL
ANALYZE_SSL_PRIVATE = ssl_analyze.h
ANALYZE_SSL_PROGRAMS =
ANALYZE_SSL_PUBLIC =
ANALYZE_SSL_SOURCES = ciphersuites.c ssl.enums.c ssl_analyze.c \
ssl_rec.c ssldecode.c sslprint.c sslxprint.c
#
# CONFIGURE AUTOMATICALLY-GENERATED MAKE ENVIRONMENT
#
# ANALYZE_SSL_OBJECTS:
# object files to build
#
# ANALYZE_SSL_UNUSED:
# obsolete files in the module directory that are not
# used during the build process
#
# ANALYZE_SSL_USED:
# all files in the module directory that are used
# during the build process
#
ANALYZE_SSL_OBJECTS = ciphersuites.$(OBJSUFFIX) ssl.enums.$(OBJSUFFIX) \
ssl_analyze.$(OBJSUFFIX) ssl_rec.$(OBJSUFFIX) \
ssldecode.$(OBJSUFFIX) sslprint.$(OBJSUFFIX) \
sslxprint.$(OBJSUFFIX)
ANALYZE_SSL_UNUSED = Makefile lex.yy.c main.c ssl.enums.h ssl_enum.c \
ssl_h.h sslciphers.h ssldecode.h sslprint.h \
sslxprint.h targets.mk y.tab.c y.tab.h
ANALYZE_SSL_USED = $(ANALYZE_SSL_INTERNAL:%=$(ANALYZE_SSL_SRCDIR)%) \
$(ANALYZE_SSL_MAKEFILES:%=$(ANALYZE_SSL_SRCDIR)%) \
$(ANALYZE_SSL_PRIVATE:%=$(ANALYZE_SSL_SRCDIR)%) \
$(ANALYZE_SSL_PUBLIC:%=$(ANALYZE_SSL_SRCDIR)%) \
$(ANALYZE_SSL_SOURCES:%=$(ANALYZE_SSL_SRCDIR)%)
#
# NOTES
#
# The following variables may be used during the build process,
# but are not defined in this file. If they are to be set
# to something other than the default blank, then they must
# be set by the calling make system.
#
# ANALYZE_SSL_SRCDIR:
# if the build target directory is different from the
# module directory (the source directory), then this
# variable contains the relative or full path of
# the module directory
#
# LIBARS:
# the library archive files (with fully-specified paths) that
# executables built from this module directory depend upon
#
# LIBPATHS:
# the paths to search for library archives (specified with
# the -L)
#
# LIBRARIES:
# the libraries to use while building executables from
# this module directory (specified with the -l)
#
#
# GLOBAL ENVIRONMENT
#
DEFINES += $(ANALYZE_SSL_DEFINES)
INCLUDES += $(ANALYZE_SSL_INCLUDES)
LIBPATHS += $(ANALYZE_SSL_LIBPATHS)
LIBRARIES += $(ANALYZE_SSL_LIBRARIES)
OBJECTS += $(ANALYZE_SSL_OBJECTS)
PUBLIC += $(ANALYZE_SSL_PUBLIC)
#
# GENERIC DEPENDENCIES
#
# default:
# default dependency, must be the first dependency in this makefile
#
# all:
# build everything in this module directory
#
# build:
# make only the toolkit build files of this module directory
#
# ci:
# perform an RCS check-in of this module directory
#
# clean:
# remove the compiled files
#
# clean_public:
# remove the public header files that have been copied
# to a public build directory
#
# objects:
# build the object files (this dependency is used for
# building the toolkit library)
#
# private:
# build only the private API header files
#
# public:
# build only the public API header files
#
default: $(ANALYZE_SSL_LIBNAME)
default: $(ANALYZE_SSL_PROGRAMS)
all: $(ANALYZE_SSL_PUBLIC)
all: $(ANALYZE_SSL_OBJECTS)
all: $(ANALYZE_SSL_LIBNAME)
all: $(ANALYZE_SSL_PROGRAMS)
build: $(ANALYZE_SSL_PUBLIC)
build: $(ANALYZE_SSL_OBJECTS)
ci: analyze_ssl_ci
clean: analyze_ssl_clean
clean_public: analyze_ssl_clean_public
objects: $(ANALYZE_SSL_OBJECTS)
private: $(ANALYZE_SSL_PRIVATE)
public: $(ANALYZE_SSL_PUBLIC)
#
# LOCAL UTILITY DEPENDENCIES
#
# utility dependencies are necessary because of some
# make-isms having to do with dependencies
#
analyze_ssl_ci:
$(CI) $(CIFLAGS) $(ANALYZE_SSL_USED)
analyze_ssl_clean:
$(RM) $(RMFLAGS) $(ANALYZE_SSL_OBJECTS) $(ANALYZE_SSL_LIBNAME) $(ANALYZE_SSL_PROGRAMS)
analyze_ssl_clean_public:
$(RM) $(RMFLAGS) $(ANALYZE_SSL_PUBLIC)
analyze_ssl_objects: $(ANALYZE_SSL_OBJECTS)
analyze_ssl_programs: $(ANALYZE_SSL_PROGRAMS)
analyze_ssl_public: $(ANALYZE_SSL_PUBLIC)
#
# BUILD DEPENDENCIES
#
# build dependencies invoke the rule used to build each
# class of file
#
$(ANALYZE_SSL_LIBNAME):
$(AR) $(ARFLAGS) $@ $?
$(RANLIB) $@
$(ANALYZE_SSL_OBJECTS):
$(COMPILE.c) $(ANALYZE_SSL_SRCDIR)$(@:%.o=%.c) $(DEFINES) $(INCLUDES) $(ANALYZE_SSL_LOCALFLAGS)
$(ANALYZE_SSL_PUBLIC):
$(CP) $(CPFLAGS) $(ANALYZE_SSL_SRCDIR)$@ $@
$(ANALYZE_SSL_PROGRAMS):
$(LINK.c) $@.$(OBJSUFFIX) $(LDLIBS) $(LIBS) $(LIBRARIES) $(LIBPATHS)
#LIBS above is obsolete (use LIBARARIES instead)
#
# FILE DEPENDENCIES
#
# file dependencies state, for each file that is built,
# which file(s) it depends upon
#
ciphersuites.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ciphersuites.c
ssl.enums.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssl.enums.h
ssl.enums.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssl.enums.c
ssl_analyze.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssl_analyze.h
ssl_analyze.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssl_analyze.c
ssl_rec.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssl_rec.c
ssldecode.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssldecode.h
ssldecode.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssldecode.c
sslprint.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)sslprint.h
sslprint.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)sslprint.c
sslxprint.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)sslxprint.h
sslxprint.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)sslxprint.c
$(ANALYZE_SSL_LIBNAME): $(ANALYZE_SSL_OBJECTS)

526
ssl/y.output Normal file
View file

@ -0,0 +1,526 @@
Terminals which are not used:
DOT_DOT_
STRUCT_
OPAQUE_
ENUM_
DIGITALLY_SIGNED_
COMMENT_START_
COMMENT_END_
CASE_
Grammar
rule 1 module -> typelist
rule 2 typelist -> /* empty */
rule 3 typelist -> definition typelist
rule 4 definition -> selecttype
rule 5 definition -> constant_type
rule 6 selecttype -> SELECT_ '{' selecterateds ',' selectmax '}' NAME_ ';'
rule 7 selecterateds -> selecterateds ',' selecterated
rule 8 selecterateds -> selecterated
rule 9 selectmax -> '(' NUM_ ')'
rule 10 selecterated -> selecterated_no_code
rule 11 selecterated -> selecterated_code
rule 12 selecterated_code -> NAME_ '(' NUM_ ')' CODE_
rule 13 selecterated_no_code -> NAME_ '(' NUM_ ')'
rule 14 constant_type -> CONSTANT_ '{' constants '}' NAME_ ';'
rule 15 constants -> constants constant
rule 16 constants -> constant
rule 17 constant -> NAME_ NAME_ '=' '{' constval '}' ';'
rule 18 constval -> NUM_ ',' NUM_ ',' NUM_
rule 19 constval -> NUM_ ',' NUM_
rule 20 constval -> NUM_
Terminals, with rules where they appear
$ (-1)
'(' (40) 9 12 13
')' (41) 9 12 13
',' (44) 6 7 18 19
';' (59) 6 14 17
'=' (61) 17
'{' (123) 6 14 17
'}' (125) 6 14 17
error (256)
NAME_ (257) 6 12 13 14 17
NUM_ (258) 9 12 13 18 19 20
DOT_DOT_ (259)
STRUCT_ (260)
SELECT_ (261) 6
OPAQUE_ (262)
ENUM_ (263)
DIGITALLY_SIGNED_ (264)
COMMENT_START_ (265)
CODE_ (266) 12
COMMENT_END_ (267)
CASE_ (268)
CONSTANT_ (269) 14
Nonterminals, with rules where they appear
module (23)
on left: 1
typelist (24)
on left: 2 3, on right: 1 3
definition (25)
on left: 4 5, on right: 3
selecttype (26)
on left: 6, on right: 4
selecterateds (27)
on left: 7 8, on right: 6 7
selectmax (28)
on left: 9, on right: 6
selecterated (29)
on left: 10 11, on right: 7 8
selecterated_code (30)
on left: 12, on right: 11
selecterated_no_code (31)
on left: 13, on right: 10
constant_type (32)
on left: 14, on right: 5
constants (33)
on left: 15 16, on right: 14 15
constant (34)
on left: 17, on right: 15 16
constval (35)
on left: 18 19 20, on right: 17
state 0
SELECT_ shift, and go to state 1
CONSTANT_ shift, and go to state 2
$default reduce using rule 2 (typelist)
module go to state 46
typelist go to state 3
definition go to state 4
selecttype go to state 5
constant_type go to state 6
state 1
selecttype -> SELECT_ . '{' selecterateds ',' selectmax '}' NAME_ ';' (rule 6)
'{' shift, and go to state 7
state 2
constant_type -> CONSTANT_ . '{' constants '}' NAME_ ';' (rule 14)
'{' shift, and go to state 8
state 3
module -> typelist . (rule 1)
$default reduce using rule 1 (module)
state 4
typelist -> definition . typelist (rule 3)
SELECT_ shift, and go to state 1
CONSTANT_ shift, and go to state 2
$default reduce using rule 2 (typelist)
typelist go to state 9
definition go to state 4
selecttype go to state 5
constant_type go to state 6
state 5
definition -> selecttype . (rule 4)
$default reduce using rule 4 (definition)
state 6
definition -> constant_type . (rule 5)
$default reduce using rule 5 (definition)
state 7
selecttype -> SELECT_ '{' . selecterateds ',' selectmax '}' NAME_ ';' (rule 6)
NAME_ shift, and go to state 10
selecterateds go to state 11
selecterated go to state 12
selecterated_code go to state 13
selecterated_no_code go to state 14
state 8
constant_type -> CONSTANT_ '{' . constants '}' NAME_ ';' (rule 14)
NAME_ shift, and go to state 15
constants go to state 16
constant go to state 17
state 9
typelist -> definition typelist . (rule 3)
$default reduce using rule 3 (typelist)
state 10
selecterated_code -> NAME_ . '(' NUM_ ')' CODE_ (rule 12)
selecterated_no_code -> NAME_ . '(' NUM_ ')' (rule 13)
'(' shift, and go to state 18
state 11
selecttype -> SELECT_ '{' selecterateds . ',' selectmax '}' NAME_ ';' (rule 6)
selecterateds -> selecterateds . ',' selecterated (rule 7)
',' shift, and go to state 19
state 12
selecterateds -> selecterated . (rule 8)
$default reduce using rule 8 (selecterateds)
state 13
selecterated -> selecterated_code . (rule 11)
$default reduce using rule 11 (selecterated)
state 14
selecterated -> selecterated_no_code . (rule 10)
$default reduce using rule 10 (selecterated)
state 15
constant -> NAME_ . NAME_ '=' '{' constval '}' ';' (rule 17)
NAME_ shift, and go to state 20
state 16
constant_type -> CONSTANT_ '{' constants . '}' NAME_ ';' (rule 14)
constants -> constants . constant (rule 15)
NAME_ shift, and go to state 15
'}' shift, and go to state 21
constant go to state 22
state 17
constants -> constant . (rule 16)
$default reduce using rule 16 (constants)
state 18
selecterated_code -> NAME_ '(' . NUM_ ')' CODE_ (rule 12)
selecterated_no_code -> NAME_ '(' . NUM_ ')' (rule 13)
NUM_ shift, and go to state 23
state 19
selecttype -> SELECT_ '{' selecterateds ',' . selectmax '}' NAME_ ';' (rule 6)
selecterateds -> selecterateds ',' . selecterated (rule 7)
NAME_ shift, and go to state 10
'(' shift, and go to state 24
selectmax go to state 25
selecterated go to state 26
selecterated_code go to state 13
selecterated_no_code go to state 14
state 20
constant -> NAME_ NAME_ . '=' '{' constval '}' ';' (rule 17)
'=' shift, and go to state 27
state 21
constant_type -> CONSTANT_ '{' constants '}' . NAME_ ';' (rule 14)
NAME_ shift, and go to state 28
state 22
constants -> constants constant . (rule 15)
$default reduce using rule 15 (constants)
state 23
selecterated_code -> NAME_ '(' NUM_ . ')' CODE_ (rule 12)
selecterated_no_code -> NAME_ '(' NUM_ . ')' (rule 13)
')' shift, and go to state 29
state 24
selectmax -> '(' . NUM_ ')' (rule 9)
NUM_ shift, and go to state 30
state 25
selecttype -> SELECT_ '{' selecterateds ',' selectmax . '}' NAME_ ';' (rule 6)
'}' shift, and go to state 31
state 26
selecterateds -> selecterateds ',' selecterated . (rule 7)
$default reduce using rule 7 (selecterateds)
state 27
constant -> NAME_ NAME_ '=' . '{' constval '}' ';' (rule 17)
'{' shift, and go to state 32
state 28
constant_type -> CONSTANT_ '{' constants '}' NAME_ . ';' (rule 14)
';' shift, and go to state 33
state 29
selecterated_code -> NAME_ '(' NUM_ ')' . CODE_ (rule 12)
selecterated_no_code -> NAME_ '(' NUM_ ')' . (rule 13)
CODE_ shift, and go to state 34
$default reduce using rule 13 (selecterated_no_code)
state 30
selectmax -> '(' NUM_ . ')' (rule 9)
')' shift, and go to state 35
state 31
selecttype -> SELECT_ '{' selecterateds ',' selectmax '}' . NAME_ ';' (rule 6)
NAME_ shift, and go to state 36
state 32
constant -> NAME_ NAME_ '=' '{' . constval '}' ';' (rule 17)
NUM_ shift, and go to state 37
constval go to state 38
state 33
constant_type -> CONSTANT_ '{' constants '}' NAME_ ';' . (rule 14)
$default reduce using rule 14 (constant_type)
state 34
selecterated_code -> NAME_ '(' NUM_ ')' CODE_ . (rule 12)
$default reduce using rule 12 (selecterated_code)
state 35
selectmax -> '(' NUM_ ')' . (rule 9)
$default reduce using rule 9 (selectmax)
state 36
selecttype -> SELECT_ '{' selecterateds ',' selectmax '}' NAME_ . ';' (rule 6)
';' shift, and go to state 39
state 37
constval -> NUM_ . ',' NUM_ ',' NUM_ (rule 18)
constval -> NUM_ . ',' NUM_ (rule 19)
constval -> NUM_ . (rule 20)
',' shift, and go to state 40
$default reduce using rule 20 (constval)
state 38
constant -> NAME_ NAME_ '=' '{' constval . '}' ';' (rule 17)
'}' shift, and go to state 41
state 39
selecttype -> SELECT_ '{' selecterateds ',' selectmax '}' NAME_ ';' . (rule 6)
$default reduce using rule 6 (selecttype)
state 40
constval -> NUM_ ',' . NUM_ ',' NUM_ (rule 18)
constval -> NUM_ ',' . NUM_ (rule 19)
NUM_ shift, and go to state 42
state 41
constant -> NAME_ NAME_ '=' '{' constval '}' . ';' (rule 17)
';' shift, and go to state 43
state 42
constval -> NUM_ ',' NUM_ . ',' NUM_ (rule 18)
constval -> NUM_ ',' NUM_ . (rule 19)
',' shift, and go to state 44
$default reduce using rule 19 (constval)
state 43
constant -> NAME_ NAME_ '=' '{' constval '}' ';' . (rule 17)
$default reduce using rule 17 (constant)
state 44
constval -> NUM_ ',' NUM_ ',' . NUM_ (rule 18)
NUM_ shift, and go to state 45
state 45
constval -> NUM_ ',' NUM_ ',' NUM_ . (rule 18)
$default reduce using rule 18 (constval)
state 46
$ go to state 47
state 47
$ go to state 48
state 48
$default accept

1124
ssl/y.tab.c Normal file
View file

File diff suppressed because it is too large Load diff

20
ssl/y.tab.h Normal file
View file

@ -0,0 +1,20 @@
typedef union {
int val;
unsigned char str[8192];
} YYSTYPE;
#define NAME_ 257
#define NUM_ 258
#define DOT_DOT_ 259
#define STRUCT_ 260
#define SELECT_ 261
#define OPAQUE_ 262
#define ENUM_ 263
#define DIGITALLY_SIGNED_ 264
#define COMMENT_START_ 265
#define CODE_ 266
#define COMMENT_END_ 267
#define CASE_ 268
#define CONSTANT_ 269
extern YYSTYPE yylval;

516
ssldump.1 Normal file
View file

@ -0,0 +1,516 @@
.\" This file contains sections of the tcpdump man page, to which the
.\" following copyright applies --EKR
.\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997
.\" The Regents of the University of California. All rights reserved.
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that: (1) source code distributions
.\" retain the above copyright notice and this paragraph in its entirety, (2)
.\" distributions including binary code include the above copyright notice and
.\" this paragraph in its entirety in the documentation or other materials
.\" provided with the distribution, and (3) all advertising materials mentioning
.\" features or use of this software display the following acknowledgement:
.\" ``This product includes software developed by the University of California,
.\" Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
.\" the University nor the names of its contributors may be used to endorse
.\" or promote products derived from this software without specific prior
.\" written permission.
.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
.\"
.\" Copyright (C) 1999-2000 RTFM, Inc.
.\" All Rights Reserved
.\"
.\" This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
.\" <ekr\@rtfm.com> and licensed by RTFM, Inc.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgement:
.\"
.\" This product includes software developed by Eric Rescorla for
.\" RTFM, Inc.
.\"
.\" 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
.\" used to endorse or promote products derived from this
.\" software without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
.TH SSLDUMP 1 "28 September 2001"
.SH NAME
ssldump \- dump SSL traffic on a network
.SH SYNOPSIS
.na
.B ssldump
[
.B \-vtaTnsAxXhHVNdq
] [
.B \-r
.I dumpfile
]
[
.B \-i
.I interface
]
.br
.ti +8
[
.B \-k
.I keyfile
]
[
.B \-p
.I password
]
[
.I expression
]
.br
.ad
.SH DESCRIPTION
.LP
\fIssldump\fP is an SSL/TLS network protocol analyzer. It identifies
TCP connections on the chosen network interface and attempts to
interpret them as SSL/TLS traffic. When it identifies SSL/TLS
traffic, it decodes the records and displays them in a textual
form to stdout. If provided with the appropriate keying material,
it will also decrypt the connections and display the application
data traffic.
.LP
ssldump has been tested on FreeBSD, Linux, Solaris, and HP/UX. Since
it's based on PCAP, it should work on most platforms. However, unlike
tcpdump, ssldump needs to be able to see both sides of the data
transmission so you may have trouble using it with network taps such
as SunOS nit that don't permit you to see transmitted data.
.B Under SunOS with nit or bpf:
To run
.I tcpdump
you must have read access to
.I /dev/nit
or
.IR /dev/bpf* .
.B Under Solaris with dlpi:
You must have read access to the network pseudo device, e.g.
.IR /dev/le .
.B Under HP-UX with dlpi:
You must be root or it must be installed setuid to root.
.B Under IRIX with snoop:
You must be root or it must be installed setuid to root.
.B Under Linux:
You must be root or it must be installed setuid to root.
.B Under Ultrix and Digital UNIX:
Once the super-user has enabled promiscuous-mode operation using
.IR pfconfig (8),
any user may run
.BR ssldump
.B Under BSD:
You must have read access to
.IR /dev/bpf* .
.SH OPTIONS
.B \-a
Print bare TCP ACKs (useful for observing Nagle behavior)
.TP
.B \-A
Print all record fields (by default ssldump chooses
the most interesting fields)
.TP
.B \-d
Display the application data traffic. This usually means
decrypting it, but when -d is used ssldump will also decode
application data traffic _before_ the SSL session initiates.
This allows you to see HTTPS CONNECT behavior as well as
SMTP STARTTLS. As a side effect, since ssldump can't tell
whether plaintext is traffic before the initiation of an
SSL connection or just a regular TCP connection, this allows
you to use ssldump to sniff any TCP connection.
ssldump will automatically detect ASCII data and display it
directly to the screen. non-ASCII data is displayed as hex
dumps. See also -X.
.TP
.B \-e
Print absolute timestamps instead of relative timestamps
.TP
.B \-r
Read data from \fIfile\fP instead of from the network.
The old -f option still works but is deprecated and will
probably be removed with the next version.
.B \-H
Print the full SSL packet header.
.TP
.B \-k
Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format)
Previous versions of ssldump automatically looked in ./server.pem.
Now you must specify your keyfile every time.
.TP
.B \-n
Don't try to resolve host names from IP addresses
.TP
.B \-N
Attempt to parse ASN.1 when it appears, such as in
certificates and DNs.
.TP
.B \-p
Use \fIpassword\fP as the SSL keyfile password.
.TP
.B \-P
Don't put the interface into promiscuous mode.
.TP
.B \-q
Don't decode any record fields beyond a single summary line. (quiet mode).
.TP
.B \-x
Print each record in hex, as well as decoding it.
.TP
.B \-X
When the -d option is used, binary data is automatically printed
in two columns with a hex dump on the left and the printable characters
on the right. -X suppresses the display of the printable characters,
thus making it easier to cut and paste the hext data into some other
program.
.B \-y
Decorate the output for processing with troff. Not very
useful for the average user.
.TP
.IP "\fI expression\fP"
.RS
Selects what packets ssldump will examine. Technically speaking,
ssldump supports the full expression syntax from PCAP and tcpdump.
In fact, the description here is cribbed from the tcpdump man
page. However, since ssldump needs to examine full TCP streams,
most of the tcpdump expressions will select traffic mixes
that ssldump will simply ignore. Only the expressions which
don't result in incomplete TCP streams are listed here.
.LP
The \fIexpression\fP consists of one or more
.I primitives.
Primitives usually consist of an
.I id
(name or number) preceded by one or more qualifiers. There are three
different kinds of qualifier:
.IP \fItype\fP
qualifiers say what kind of thing the id name or number refers to.
Possible types are
.BR host ,
.B net
and
.BR port .
E.g., `host foo', `net 128.3', `port 20'. If there is no type
qualifier,
.B host
is assumed.
.IP \fIdir\fP
qualifiers specify a particular transfer direction to and/or from
.I id.
Possible directions are
.BR src ,
.BR dst ,
.B "src or dst"
and
.B "src and"
.BR dst .
E.g., `src foo', `dst net 128.3', `src or dst port ftp-data'. If
there is no dir qualifier,
.B "src or dst"
is assumed.
For `null' link layers (i.e. point to point protocols such as slip) the
.B inbound
and
.B outbound
qualifiers can be used to specify a desired direction.
.LP
More complex filter expressions are built up by using the words
.BR and ,
.B or
and
.B not
to combine primitives. E.g., `host foo and not port ftp and not port ftp-data'.
To save typing, identical qualifier lists can be omitted. E.g.,
`tcp dst port ftp or ftp-data or domain' is exactly the same as
`tcp dst port ftp or tcp dst port ftp-data or tcp dst port domain'.
.LP
Allowable primitives are:
.IP "\fBdst host \fIhost\fR"
True if the IPv4/v6 destination field of the packet is \fIhost\fP,
which may be either an address or a name.
.IP "\fBsrc host \fIhost\fR"
True if the IPv4/v6 source field of the packet is \fIhost\fP.
.IP "\fBhost \fIhost\fP
True if either the IPv4/v6 source or destination of the packet is \fIhost\fP.
Any of the above host expressions can be prepended with the keywords,
\fBip\fP, \fBarp\fP, \fBrarp\fP, or \fBip6\fP as in:
.in +.5i
.nf
\fBip host \fIhost\fR
.fi
.in -.5i
which is equivalent to:
.in +.5i
.nf
\fBether proto \fI\\ip\fB and host \fIhost\fR
.fi
.in -.5i
If \fIhost\fR is a name with multiple IP addresses, each address will
be checked for a match.
.IP "\fBether dst \fIehost\fP
True if the ethernet destination address is \fIehost\fP. \fIEhost\fP
may be either a name from /etc/ethers or a number (see
.IR ethers (3N)
for numeric format).
.IP "\fBether src \fIehost\fP
True if the ethernet source address is \fIehost\fP.
.IP "\fBether host \fIehost\fP
True if either the ethernet source or destination address is \fIehost\fP.
.IP "\fBgateway\fP \fIhost\fP
True if the packet used \fIhost\fP as a gateway. I.e., the ethernet
source or destination address was \fIhost\fP but neither the IP source
nor the IP destination was \fIhost\fP. \fIHost\fP must be a name and
must be found in both /etc/hosts and /etc/ethers. (An equivalent
expression is
.in +.5i
.nf
\fBether host \fIehost \fBand not host \fIhost\fR
.fi
.in -.5i
which can be used with either names or numbers for \fIhost / ehost\fP.)
This syntax does not work in IPv6-enabled configuration at this moment.
.IP "\fBdst net \fInet\fR"
True if the IPv4/v6 destination address of the packet has a network
number of \fInet\fP. \fINet\fP may be either a name from /etc/networks
or a network number (see \fInetworks(4)\fP for details).
.IP "\fBsrc net \fInet\fR"
True if the IPv4/v6 source address of the packet has a network
number of \fInet\fP.
.IP "\fBnet \fInet\fR"
True if either the IPv4/v6 source or destination address of the packet has a network
number of \fInet\fP.
.IP "\fBnet \fInet\fR \fBmask \fImask\fR"
True if the IP address matches \fInet\fR with the specific netmask.
May be qualified with \fBsrc\fR or \fBdst\fR.
Note that this syntax is not valid for IPv6 \fInet\fR.
.IP "\fBnet \fInet\fR/\fIlen\fR"
True if the IPv4/v6 address matches \fInet\fR a netmask \fIlen\fR bits wide.
May be qualified with \fBsrc\fR or \fBdst\fR.
.IP "\fBdst port \fIport\fR"
True if the packet is ip/tcp, ip/udp, ip6/tcp or ip6/udp and has a
destination port value of \fIport\fP.
The \fIport\fP can be a number or a name used in /etc/services (see
.IR tcp (4P)
and
.IR udp (4P)).
If a name is used, both the port
number and protocol are checked. If a number or ambiguous name is used,
only the port number is checked (e.g., \fBdst port 513\fR will print both
tcp/login traffic and udp/who traffic, and \fBport domain\fR will print
both tcp/domain and udp/domain traffic).
.IP "\fBsrc port \fIport\fR"
True if the packet has a source port value of \fIport\fP.
.IP "\fBport \fIport\fR"
True if either the source or destination port of the packet is \fIport\fP.
Any of the above port expressions can be prepended with the keywords,
\fBtcp\fP or \fBudp\fP, as in:
.in +.5i
.nf
\fBtcp src port \fIport\fR
.fi
.in -.5i
which matches only tcp packets whose source port is \fIport\fP.
.LP
Primitives may be combined using:
.IP
A parenthesized group of primitives and operators
(parentheses are special to the Shell and must be escaped).
.IP
Negation (`\fB!\fP' or `\fBnot\fP').
.IP
Concatenation (`\fB&&\fP' or `\fBand\fP').
.IP
Alternation (`\fB||\fP' or `\fBor\fP').
.LP
Negation has highest precedence.
Alternation and concatenation have equal precedence and associate
left to right. Note that explicit \fBand\fR tokens, not juxtaposition,
are now required for concatenation.
.LP
If an identifier is given without a keyword, the most recent keyword
is assumed.
For example,
.in +.5i
.nf
\fBnot host vs and ace\fR
.fi
.in -.5i
is short for
.in +.5i
.nf
\fBnot host vs and host ace\fR
.fi
.in -.5i
which should not be confused with
.in +.5i
.nf
\fBnot ( host vs or ace )\fR
.fi
.in -.5i
.LP
Expression arguments can be passed to ssldump as either a single argument
or as multiple arguments, whichever is more convenient.
Generally, if the expression contains Shell metacharacters, it is
easier to pass it as a single, quoted argument.
Multiple arguments are concatenated with spaces before being parsed.
.SH EXAMPLES
.LP
To listen to traffic on interface \fIle0\fP port \fI443\fP
.RS
.nf
\fBssldump -i le0 port 443\fP
.fi
.RE
.LP
To listen to traffic to the server \fIromeo\fP on port \fI443\fP.
.RS
.nf
\fBssldump -i le0 port 443 and host romeo\fP
.fi
.RE
.LP
To decrypt traffic to to host \fIromeo\fR
\fIserver.pem\fR and the password \fIfoobar\fR
.RS
.nf
\fBssldump -Ad -k ~/server.pem -p foobar -i le0 host romeo
.fi
.RE
.SH OUTPUT FORMAT
.LP
All output is printed to standard out.
.LP
ssldump prints an indication of every new TCP connection using a line
like the following
.nf
.LP
\fBNew TCP connection #2: iromeo.rtfm.com(2302) <-> sr1.rtfm.com(4433)\fP
.LP
.fi
The host which send the first SYN is printed on the left and the host
which responded is printed on the right. Ordinarily, this means that
the SSL client will be printed on the left with the SSL server on the
right. In this case we have a connection from \fIiromeo.rtfm.com\fR (port \fI2303\fR)
to \fIsr1.rtfm.com\fR (port \fI4433\fR). To allow the user to disentangle
traffic from different connections, each connection is numbered. This is
connection \fI2\fR.
.LP
The printout of each SSL record begins with a record line. This
line contains the connection and record number, a timestamp, and the
record type, as in the following:
.LP
.nf
\fB2 3 0.2001 (0.0749) S>C Handshake Certificate\fR
.fi
.LP
This is record \fI3\fR on connection \fI2\fR. The first timestamp
is the time since the beginning of the connection. The second is
the time since the previous record. Both are in seconds.
.LP
The next field in the record line is the direction that the record
was going. \fIC>S\fR indicates records transmitted from client to
server and \fIS>C\fR indicates records transmitted from server to client.
ssldump assumes that the host to transmit the first SYN
is the SSL client (this is nearly always correct).
.LP
The next field is the record type, one of \fIHandshake\fR, \fIIAlert\fR,
\fIChangeCipherSpec\fR, or \fIapplication_data\fR. Finally, ssldump
may print record-specific data on the rest of the line. For \fIHandshake\fR
records, it prints the handshake message. Thus, this record is
a \fICertificate\fR message.
.LP
ssldump chooses certain record types for further decoding. These
are the ones that have proven to be most useful for debugging:
.LP
.nf
\fIClientHello\fR \- version, offered cipher suites, session id
if provided)
\fIServerHello\fR \- version, session_id, chosen cipher suite,
compression method
\fIAlert\fR \- type and level (if obtainable)
.fi
.LP
Fuller decoding of the various records can be obtained by using the
.B \-A
,
.B \-d
,
.B \-k
and
.B \-p
flags.
.LP
.SH DECRYPTION
.LP
ssldump can decrypt traffic between two hosts if the following two
conditions are met:
.RS
.nf
1. ssldump has the keys.
2. Static RSA was used.
.fi
.RE
In any other case, once encryption starts,
ssldump will only be able to determine the
record type. Consider the following section of a trace.
.LP
.nf
\fB1 5 0.4129 (0.1983) C>S Handshake ClientKeyExchange
1 6 0.4129 (0.0000) C>S ChangeCipherSpec
1 7 0.4129 (0.0000) C>S Handshake
1 8 0.5585 (0.1456) S>C ChangeCipherSpec
1 9 0.6135 (0.0550) S>C Handshake
1 10 2.3121 (1.6986) C>S application_data
1 11 2.5336 (0.2214) C>S application_data
1 12 2.5545 (0.0209) S>C application_data
1 13 2.5592 (0.0046) S>C application_data
1 14 2.5592 (0.0000) S>C Alert\fP
.fi
.LP
Note that the \fIClientKeyExchange\fR message type is printed
but the rest of the \fIHandshake\fR messages do not have
types. These are the \fIFinished\fR messages, but because they
are encrypted ssldump only knows that they are of type \fIHandshake\fR.
Similarly, had the \fIAlert\fR in record 14 happened during the handshake,
it's type and level would have been printed. However, since it
is encrypted we can only tell that it is an alert.
.LP
.SH BUGS
.LP
Please send bug reports to ssldump@rtfm.com.
.LP
The TCP reassembler is not perfect. No attempt is made to reassemble IP
fragments and the 3-way handshake and close handshake are imperfectly
implemented. In practice, this turns out not to be much of a problem.
.LP
Support is provided for only for Ethernet and loopback interfaces
because that's all that I have. If you have another kind of network
you will need to modify pcap_cb in base/pcap-snoop.c. If you have
direct experience with ssldump on other networks, please send me patches.
.LP
ssldump doesn't implement session caching and therefore can't decrypt
resumed sessions.

394
win32/Ssldump.html Normal file
View file

@ -0,0 +1,394 @@
<HTML>
<BODY>
<PRE>
<!-- Manpage converted by man2html 3.0.1 --> <!-- Tiny bit of hand editing by GHS -->
ssldump - dump SSL traffic on a network
</PRE>
<H2>SYNOPSIS</H2><PRE>
<B>ssldump</B> [ <B>-vtaTnsAxXhHVNdq</B> ] [ <B>-r</B> <I>dumpfile</I> ] [ <B>-i</B> <I>interface</I> ] [ <B>-k</B> <I>keyfile</I> ] [ <B>-p</B> <I>password</I> ] [ <I>expression</I> ]
</PRE>
<H2>DESCRIPTION</H2><PRE>
<I>ssldump</I> is an SSL/TLS network protocol analyzer. It iden-
tifies TCP connections on the chosen network interface and
attempts to interpret them as SSL/TLS traffic. When it
identifies SSL/TLS traffic, it decodes the records and
displays them in a textual form to stdout. If provided
with the appropriate keying material, it will also decrypt
the connections and display the application data traffic.
ssldump has been tested on FreeBSD, Linux, Solaris, and
HP/UX. Since it's based on PCAP, it should work on most
platforms. However, unlike tcpdump, ssldump needs to be
able to see both sides of the data transmission so you may
have trouble using it with network taps such as SunOS nit
that don't permit you to see transmitted data. <B>Under</B>
<B>SunOS</B> <B>with</B> <B>nit</B> <B>or</B> <B>bpf:</B> To run <I>tcpdump</I> you must have read
access to <I>/dev/nit</I> or <I>/dev/bpf*</I>. <B>Under</B> <B>Solaris</B> <B>with</B> <B>dlpi:</B>
You must have read access to the network pseudo device,
e.g. <I>/dev/le</I>. <B>Under</B> <B>HP-UX</B> <B>with</B> <B>dlpi:</B> You must be root or
it must be installed setuid to root. <B>Under</B> <B>IRIX</B> <B>with</B>
<B>snoop:</B> You must be root or it must be installed setuid to
root. <B>Under</B> <B>Linux:</B> You must be root or it must be
installed setuid to root. <B>Under</B> <B>Ultrix</B> <B>and</B> <B>Digital</B> <B>UNIX:</B>
Once the super-user has enabled promiscuous-mode operation
using <B>pfconfig(8)</B>, any user may run <B>ssldump</B> <B>Under</B> <B>BSD:</B> You
must have read access to <I>/dev/bpf*</I>.
</PRE>
<H2>OPTIONS</H2><PRE>
<B>-a</B> Print bare TCP ACKs (useful for observing Nagle behav-
ior)
<B>-A</B> Print all record fields (by default ssldump chooses
the most interesting fields)
<B>-d</B> Display the application data traffic. This usually
means decrypting it, but when -d is used ssldump
will also decode application data traffic _before_
the SSL session initiates. This allows you to see
HTTPS CONNECT behavior as well as SMTP STARTTLS. As
a side effect, since ssldump can't tell whether
plaintext is traffic before the initiation of an
SSL connection or just a regular TCP connection,
this allows you to use ssldump to sniff any TCP
connection. ssldump will automatically detect
ASCII data and display it directly to the screen.
<B>-e</B> Print absolute timestamps instead of relative
timestamps
<B>-r</B> Read data from <I>file</I> instead of from the network.
The old -f option still works but is deprecated and
will probably be removed with the next version. <B>-H</B>
Print the full SSL packet header.
<B>-k</B> Use <I>keyfile</I> as the location of the SSL keyfile
(OpenSSL format) ssldump automatically looks in
./server.pem.
<B>-n</B> Don't try to resolve host names from IP addresses
<B>-N</B> Attempt to parse ASN.1 when it appears, such as in
certificates and DNs.
<B>-p</B> Use <I>password</I> as the SSL keyfile password default is
"password".
<B>-q</B> Don't decode any record fields beyond a single sum-
mary line. (quiet mode).
<B>-x</B> Print each record in hex, as well as decoding it.
<B>-X</B> When the -d option is used, binary data is automat-
ically printed in two columns with a hex dump on
the left and the printable characters on the right.
-X suppresses the display of the printable charac-
ters, thus making it easier to cut and paste the
hext data into some other program. <B>-y</B> Decorate the
output for processing with troff. Not very useful
for the average user.
<I>expression</I>
Selects what packets ssldump will examine. Techni-
cally speaking, ssldump supports the full expres-
sion syntax from PCAP and tcpdump. In fact, the
description here is cribbed from the tcpdump man
page. However, since ssldump needs to examine full
TCP streams, most of the tcpdump expressions will
select traffic mixes that ssldump will simply
ignore. Only the expressions which don't result in
incomplete TCP streams are listed here.
The <I>expression</I> consists of one or more <I>primitives.</I>
Primitives usually consist of an <I>id</I> (name or num-
ber) preceded by one or more qualifiers. There are
three different kinds of qualifier:
are <B>host</B>, <B>net</B> and <B>port</B>. E.g., `host foo',
`net 128.3', `port 20'. If there is no type
qualifier, <B>host</B> is assumed.
<I>dir</I> qualifiers specify a particular transfer
direction to and/or from <I>id.</I> Possible
directions are <B>src</B>, <B>dst</B>, <B>src</B> <B>or</B> <B>dst</B> and <B>src</B>
<B>and</B> <B>dst</B>. E.g., `src foo', `dst net 128.3',
`src or dst port ftp-data'. If there is no
dir qualifier, <B>src</B> <B>or</B> <B>dst</B> is assumed. For
`null' link layers (i.e. point to point pro-
tocols such as slip) the <B>inbound</B> and <B>out-</B>
<B>bound</B> qualifiers can be used to specify a
desired direction.
More complex filter expressions are built up by
using the words <B>and</B>, <B>or</B> and <B>not</B> to combine primi-
tives. E.g., `host foo and not port ftp and not
port ftp-data'. To save typing, identical quali-
fier lists can be omitted. E.g., `tcp dst port ftp
or ftp-data or domain' is exactly the same as `tcp
dst port ftp or tcp dst port ftp-data or tcp dst
port domain'.
Allowable primitives are:
<B>dst</B> <B>host</B> <I>host</I>
True if the IPv4/v6 destination field of the
packet is <I>host</I>, which may be either an
address or a name.
<B>src</B> <B>host</B> <I>host</I>
True if the IPv4/v6 source field of the
packet is <I>host</I>.
<B>host</B> <I>host</I>
True if either the IPv4/v6 source or desti-
nation of the packet is <I>host</I>. Any of the
above host expressions can be prepended with
the keywords, <B>ip</B>, <B>arp</B>, <B>rarp</B>, or <B>ip6</B> as in:
<B>ip</B> <B>host</B> <I>host</I>
which is equivalent to:
<B>ether</B> <B>proto</B> <I>\ip</I> <B>and</B> <B>host</B> <I>host</I>
If <I>host</I> is a name with multiple IP
addresses, each address will be checked for
a match.
<B>ether</B> <B>dst</B> <I>ehost</I>
True if the ethernet destination address is
<I>ehost</I>. <I>Ehost</I> may be either a name from
/etc/ethers or a number (see <B>ethers(3N)</B> for
numeric format).
True if the ethernet source address is
<I>ehost</I>.
<B>ether</B> <B>host</B> <I>ehost</I>
True if either the ethernet source or desti-
nation address is <I>ehost</I>.
<B>gateway</B> <I>host</I>
True if the packet used <I>host</I> as a gateway.
I.e., the ethernet source or destination
address was <I>host</I> but neither the IP source
nor the IP destination was <I>host</I>. <I>Host</I> must
be a name and must be found in both
/etc/hosts and /etc/ethers. (An equivalent
expression is
<B>ether</B> <B>host</B> <I>ehost</I> <B>and</B> <B>not</B> <B>host</B> <I>host</I>
which can be used with either names or num-
bers for <I>host</I> <I>/</I> <I>ehost</I>.) This syntax does
not work in IPv6-enabled configuration at
this moment.
<B>dst</B> <B>net</B> <I>net</I>
True if the IPv4/v6 destination address of
the packet has a network number of <I>net</I>. <I>Net</I>
may be either a name from /etc/networks or a
network number (see <I>networks(4)</I> for
details).
<B>src</B> <B>net</B> <I>net</I>
True if the IPv4/v6 source address of the
packet has a network number of <I>net</I>.
<B>net</B> <I>net</I>
True if either the IPv4/v6 source or desti-
nation address of the packet has a network
number of <I>net</I>.
<B>net</B> <I>net</I> <B>mask</B> <I>mask</I>
True if the IP address matches <I>net</I> with the
specific netmask. May be qualified with <B>src</B>
or <B>dst</B>. Note that this syntax is not valid
for IPv6 <I>net</I>.
<B>net</B> <I>net</I>/<I>len</I>
True if the IPv4/v6 address matches <I>net</I> a
netmask <I>len</I> bits wide. May be qualified
with <B>src</B> or <B>dst</B>.
<B>dst</B> <B>port</B> <I>port</I>
True if the packet is ip/tcp, ip/udp,
ip6/tcp or ip6/udp and has a destination
port value of <I>port</I>. The <I>port</I> can be a num-
both the port number and protocol are
checked. If a number or ambiguous name is
used, only the port number is checked (e.g.,
<B>dst</B> <B>port</B> <B>513</B> will print both tcp/login traf-
fic and udp/who traffic, and <B>port</B> <B>domain</B>
will print both tcp/domain and udp/domain
traffic).
<B>src</B> <B>port</B> <I>port</I>
True if the packet has a source port value
of <I>port</I>.
<B>port</B> <I>port</I>
True if either the source or destination
port of the packet is <I>port</I>. Any of the
above port expressions can be prepended with
the keywords, <B>tcp</B> or <B>udp</B>, as in:
<B>tcp</B> <B>src</B> <B>port</B> <I>port</I>
which matches only tcp packets whose source
port is <I>port</I>.
Primitives may be combined using:
A parenthesized group of primitives and
operators (parentheses are special to the
Shell and must be escaped).
Negation (`<B>!</B>' or `<B>not</B>').
Concatenation (`<B>&amp;&amp;</B>' or `<B>and</B>').
Alternation (`<B>||</B>' or `<B>or</B>').
Negation has highest precedence. Alternation and
concatenation have equal precedence and associate
left to right. Note that explicit <B>and</B> tokens, not
juxtaposition, are now required for concatenation.
If an identifier is given without a keyword, the
most recent keyword is assumed. For example,
<B>not</B> <B>host</B> <B>vs</B> <B>and</B> <B>ace</B>
is short for
<B>not</B> <B>host</B> <B>vs</B> <B>and</B> <B>host</B> <B>ace</B>
which should not be confused with
<B>not</B> <B>(</B> <B>host</B> <B>vs</B> <B>or</B> <B>ace</B> <B>)</B>
Expression arguments can be passed to ssldump as
either a single argument or as multiple arguments,
whichever is more convenient. Generally, if the
expression contains Shell metacharacters, it is
easier to pass it as a single, quoted argument.
Multiple arguments are concatenated with spaces
To listen to traffic on interface <I>le0</I> port <I>443</I>
<B>ssldump</B> <B>-i</B> <B>le0</B> <B>port</B> <B>443</B>
To listen to traffic to the server <I>romeo</I> on port <I>443</I>.
<B>ssldump</B> <B>-i</B> <B>le0</B> <B>port</B> <B>443</B> <B>and</B> <B>host</B> <B>romeo</B>
To decrypt traffic to to host <I>romeo</I> <I>server.pem</I> and the
password <I>foobar</I>
<B>ssldump</B> <B>-Ad</B> <B>-k</B> <B>~/server.pem</B> <B>-p</B> <B>foobar</B> <B>-i</B> <B>le0</B> <B>host</B> <B>romeo</B>
</PRE>
<H2>OUTPUT FORMAT</H2><PRE>
All output is printed to standard out.
ssldump prints an indication of every new TCP connection
using a line like the following
<B>New</B> <B>TCP</B> <B>connection</B> <B>#2:</B> <B>iromeo.rtfm.com(2302)</B> <B>&lt;-&gt;</B> <B>sr1.rtfm.com(4433)</B>
The host which send the first SYN is printed on the left
and the host which responded is printed on the right.
Ordinarily, this means that the SSL client will be printed
on the left with the SSL server on the right. In this case
we have a connection from <I>iromeo.rtfm.com</I> (port <I>2303</I>) to
<I>sr1.rtfm.com</I> (port <I>4433</I>). To allow the user to disentangle
traffic from different connections, each connection is
numbered. This is connection <I>2</I>.
The printout of each SSL record begins with a record line.
This line contains the connection and record number, a
timestamp, and the record type, as in the following:
<B>2</B> <B>3</B> <B>0.2001</B> <B>(0.0749)</B> <B>S&gt;C</B> <B>Handshake</B> <B>Certificate</B>
This is record <I>3</I> on connection <I>2</I>. The first timestamp is
the time since the beginning of the connection. The second
is the time since the previous record. Both are in sec-
onds.
The next field in the record line is the direction that
the record was going. <I>C&gt;S</I> indicates records transmitted
from client to server and <I>S&gt;C</I> indicates records transmit-
ted from server to client. ssldump assumes that the host
to transmit the first SYN is the SSL client (this is
nearly always correct).
The next field is the record type, one of <I>Handshake</I>,
<I>IAlert</I>, <I>ChangeCipherSpec</I>, or <I>application</I><B>_</B><I>data</I>. Finally,
ssldump may print record-specific data on the rest of the
line. For <I>Handshake</I> records, it prints the handshake mes-
sage. Thus, this record is a <I>Certificate</I> message.
ssldump chooses certain record types for further decoding.
<I>ClientHello</I> - version, offered cipher suites, session id
if provided)
<I>ServerHello</I> - version, session_id, chosen cipher suite,
compression method
<I>Alert</I> - type and level (if obtainable)
Fuller decoding of the various records can be obtained by
using the <B>-A</B> , <B>-d</B> , <B>-k</B> and <B>-p</B> flags.
</PRE>
<H2>DECRYPTION</H2><PRE>
ssldump can decrypt traffic between two hosts if the fol-
lowing two conditions are met:
1. ssldump has the keys.
2. Static RSA was used.
In any other case, once encryption starts, ssldump will
only be able to determine the record type. Consider the
following section of a trace.
<B>1</B> <B>5</B> <B>0.4129</B> <B>(0.1983)</B> <B>C&gt;S</B> <B>Handshake</B> <B>ClientKeyExchange</B>
<B>1</B> <B>6</B> <B>0.4129</B> <B>(0.0000)</B> <B>C&gt;S</B> <B>ChangeCipherSpec</B>
<B>1</B> <B>7</B> <B>0.4129</B> <B>(0.0000)</B> <B>C&gt;S</B> <B>Handshake</B>
<B>1</B> <B>8</B> <B>0.5585</B> <B>(0.1456)</B> <B>S&gt;C</B> <B>ChangeCipherSpec</B>
<B>1</B> <B>9</B> <B>0.6135</B> <B>(0.0550)</B> <B>S&gt;C</B> <B>Handshake</B>
<B>1</B> <B>10</B> <B>2.3121</B> <B>(1.6986)</B> <B>C&gt;S</B> <B>application_data</B>
<B>1</B> <B>11</B> <B>2.5336</B> <B>(0.2214)</B> <B>C&gt;S</B> <B>application_data</B>
<B>1</B> <B>12</B> <B>2.5545</B> <B>(0.0209)</B> <B>S&gt;C</B> <B>application_data</B>
<B>1</B> <B>13</B> <B>2.5592</B> <B>(0.0046)</B> <B>S&gt;C</B> <B>application_data</B>
<B>1</B> <B>14</B> <B>2.5592</B> <B>(0.0000)</B> <B>S&gt;C</B> <B>Alert</B>
Note that the <I>ClientKeyExchange</I> message type is printed
but the rest of the <I>Handshake</I> messages do not have types.
These are the <I>Finished</I> messages, but because they are
encrypted ssldump only knows that they are of type <I>Hand-</I>
<I>shake</I>. Similarly, had the <I>Alert</I> in record 14 happened
during the handshake, it's type and level would have been
printed. However, since it is encrypted we can only tell
that it is an alert.
</PRE>
<H2>BUGS</H2><PRE>
Please send bug reports to ssldump@rtfm.com.
The TCP reassembler is not perfect. No attempt is made to
reassemble IP fragments and the 3-way handshake and close
handshake are imperfectly implemented. In practice, this
turns out not to be much of a problem.
Support is provided for only for Ethernet and loopback
interfaces because that's all that I have. If you have
another kind of network you will need to modify pcap_cb in
base/pcap-snoop.c. If you have direct experience with ssldump
on other networks, please send me patches.
ssldump doesn't implement session caching and therefore
can't decrypt resumed sessions.
</PRE>
<HR>
<ADDRESS>
Man(1) output converted with
<a href="http://www.oac.uci.edu/indiv/ehood/man2html.html">man2html</a>
</ADDRESS>
</BODY>
</HTML>

305
win32/vcwin32.mak Normal file
View file

@ -0,0 +1,305 @@
# Copyright (C) 1999-2000 RTFM, Inc.
# All Rights Reserved
# This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla
# <ekr\@rtfm.com> and licensed by RTFM, Inc.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
# must display the following acknowledgement:
#
# This product includes software developed by Eric Rescorla for
# RTFM, Inc.
# 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be
# used to endorse or promote products derived from this
# software without specific prior written permission.
# THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE.
!IF "$(CFG)" == ""
CFG=release
!MESSAGE No configuration specified. Defaulting to release.
!ENDIF
!IF "$(CFG)" != "release" && "$(CFG)" != "debug"
!MESSAGE Invalid configuration "$(CFG)" specified.
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
!MESSAGE
!MESSAGE NMAKE /f "vcwin32.mak" CFG="debug"
!MESSAGE
!MESSAGE Possible choices for configuration are:
!MESSAGE
!MESSAGE "release"
!MESSAGE "debug"
!MESSAGE
!ERROR An invalid configuration is specified.
!ENDIF
!IF "$(OS)" == "Windows_NT"
NULL=
!ELSE
NULL=nul
!ENDIF
# Directories, relative to this one
ROOT=.
ANALYZE_SRCDIR=$(ROOT)\base
COMMONDIR=$(ROOT)\common
COMMON_LIB_SRCDIR=$(COMMONDIR)\lib
ANALYZE_NULL_SRCDIR=$(ROOT)\null
ANALYZE_SSL_SRCDIR=$(ROOT)\ssl
WIN32_DIR=$(ROOT)\win32
OBJ_DIR=$(ROOT)\out32
WINPCAP_DEV_DIR=$(WIN32_DIR)\WPdpack
WINPCAP_SRC_DIR=$(WIN32_DIR)\winpcap
WINPCAP_INCLUDES=-I$(WINPCAP_DEV_DIR)\include -I$(WINPCAP_DEV_DIR)\include\net \
-I$(WINPCAP_SRC_DIR)\wpcap\libpcap\win32\include
#
# OpenSSL-specific stuff
#
!IF "$(OPENSSL)" == ""
OPENSSL=no
!MESSAGE OpenSSL support defaulting to "no".
!ENDIF
!IF "$(OPENSSL)" == "yes"
#
# Customize the next 3 macros match your openssl development setup
#
OPENSSL_DIR=$(ROOT)\..\openssl\openssl-0.9.6g
OPENSSL_RELEASE=$(OPENSSL_DIR)\out32
OPENSSL_DEBUG=$(OPENSSL_DIR)\out32.dbg
OPENSSL_DEFINES=/D OPENSSL
OPENSSL_RELEASE_LIBS=$(OPENSSL_RELEASE)\libeay32.lib $(OPENSSL_RELEASE)\ssleay32.lib
OPENSSL_DEBUG_LIBS=$(OPENSSL_DEBUG)\libeay32.lib $(OPENSSL_DEBUG)\ssleay32.lib
OPENSSL_INCLUDES=-I$(OPENSSL_DIR)\inc32
!ELSE # no OpenSSL
OPENSSL_DEFINES=
OPENSSL_DIR=
OPENSSL_RELEASE=
OPENSSL_RELEASE_LIBS=
OPENSSL_DEBUG=
OPENSSL_DEBUG_LIBS=
OPENSSL_INCLUDES=
!ENDIF
PLATFORM=VC-WIN32
CC=cl.exe
LINK=link.exe
#
# Getting the C run-time flag correct is critical and difficult, sadly
# The same C run-time should be used by all the object code that comprises
# the process. This means all DLL's and static libs we link to must use the
# same C run-time, and we must match it with our flag.
#
# the wpcap.dll is linked to the static C run-time lib, so we will also
#
C_RUNTIME_FLAG=/MT
COMMON_INCLUDES=-I$(ANALYZE_SRCDIR) -I$(COMMONDIR)\include -I$(COMMON_LIB_SRCDIR) -I$(ANALYZE_NULL_SRCDIR) \
-I$(ANALYZE_SSL_SRCDIR) -I$(WIN32_DIR) $(WINPCAP_INCLUDES) $(OPENSSL_INCLUDES)
COMMON_DEFINES=/D STDC /D WIN32 /D _CONSOLE \
$(OPENSSL_DEFINES) /D STDC_HEADERS /D SIZEOF_UNSIGNED_SHORT=2 /D SIZEOF_UNSIGNED_LONG=4 \
/D RETSIGTYPE=void /D SIZEOF_CHAR=1 /D SIZEOF_SHORT=2 /D SIZEOF_INT=4
COMMON_CFLAGS=/nologo /W3 $(COMMON_INCLUDES) $(COMMON_DEFINES) /Fp"$(OBJ_DIR)\ssldump.pch" /YX /Fd"$(OBJ_DIR)\\" /FD /c
COMMON_LIBS=gdi32.lib Wsock32.lib $(WINPCAP_DEV_DIR)\lib\wpcap.lib
COMMON_LFLAGS=/nologo /subsystem:console /machine:I386 /opt:ref /incremental:no
# Set build-specific (i.e., release vs. debug) options
!IF "$(CFG)" == "release"
BUILD_SPECIFIC_INCLUDES=
BUILD_SPECIFIC_DEFINES=/D NDEBUG
BUILD_SPECIFIC_CFLAGS=$(C_RUNTIME_FLAG) /O2 $(BUILD_SPECIFIC_INCLUDES) $(BUILD_SPECIFIC_DEFINES)
BUILD_SPECIFIC_LIBS=$(OPENSSL_RELEASE_LIBS)
BUILD_SPECIFIC_LFLAGS=
!ELSE # =="debug"
BUILD_SPECIFIC_INCLUDES=
BUILD_SPECIFIC_DEFINES=/D _DEBUG
BUILD_SPECIFIC_CFLAGS=$(C_RUNTIME_FLAG)d /ZI /Od /GZ $(BUILD_SPECIFIC_INCLUDES) $(BUILD_SPECIFIC_DEFINES)
BUILD_SPECIFIC_LIBS=$(OPENSSL_DEBUG_LIBS)
BUILD_SPECIFIC_LFLAGS=
!ENDIF
CFLAGS=$(COMMON_CFLAGS) $(BUILD_SPECIFIC_CFLAGS)
LFLAGS=$(COMMON_LFLAGS) $(BUILD_SPECIFIC_LFLAGS) $(COMMON_LIBS) $(BUILD_SPECIFIC_LIBS)
ALL : $(OBJ_DIR) "$(OBJ_DIR)\ssldump.exe"
"$(OBJ_DIR)" :
if not exist "$(OBJ_DIR)/$(NULL)" mkdir "$(OBJ_DIR)"
CLEAN :
-@erase "$(OBJ_DIR)\debug.obj"
-@erase "$(OBJ_DIR)\r_assoc.obj"
-@erase "$(OBJ_DIR)\r_data.obj"
-@erase "$(OBJ_DIR)\r_errors.obj"
-@erase "$(OBJ_DIR)\r_list.obj"
-@erase "$(OBJ_DIR)\r_replace.obj"
-@erase "$(OBJ_DIR)\r_time.obj"
-@erase "$(OBJ_DIR)\network.obj"
-@erase "$(OBJ_DIR)\pcap-snoop.obj"
-@erase "$(OBJ_DIR)\proto_mod.obj"
-@erase "$(OBJ_DIR)\tcpconn.obj"
-@erase "$(OBJ_DIR)\tcppack.obj"
-@erase "$(OBJ_DIR)\null_analyze.obj"
-@erase "$(OBJ_DIR)\ciphersuites.obj"
-@erase "$(OBJ_DIR)\ssl.enums.obj"
-@erase "$(OBJ_DIR)\ssl_analyze.obj"
-@erase "$(OBJ_DIR)\ssl_rec.obj"
-@erase "$(OBJ_DIR)\ssldecode.obj"
-@erase "$(OBJ_DIR)\sslprint.obj"
-@erase "$(OBJ_DIR)\sslxprint.obj"
-@erase "$(OBJ_DIR)\ssldump.exe"
LINK_OBJS= \
"$(OBJ_DIR)\debug.obj" \
"$(OBJ_DIR)\r_assoc.obj" \
"$(OBJ_DIR)\r_data.obj" \
"$(OBJ_DIR)\r_errors.obj" \
"$(OBJ_DIR)\r_list.obj" \
"$(OBJ_DIR)\r_replace.obj" \
"$(OBJ_DIR)\r_time.obj" \
"$(OBJ_DIR)\network.obj" \
"$(OBJ_DIR)\pcap-snoop.obj" \
"$(OBJ_DIR)\proto_mod.obj" \
"$(OBJ_DIR)\tcpconn.obj" \
"$(OBJ_DIR)\tcppack.obj" \
"$(OBJ_DIR)\null_analyze.obj" \
"$(OBJ_DIR)\ciphersuites.obj" \
"$(OBJ_DIR)\ssl.enums.obj" \
"$(OBJ_DIR)\ssl_analyze.obj" \
"$(OBJ_DIR)\ssl_rec.obj" \
"$(OBJ_DIR)\ssldecode.obj" \
"$(OBJ_DIR)\sslprint.obj" \
"$(OBJ_DIR)\sslxprint.obj"
"$(OBJ_DIR)\ssldump.exe": "$(OBJ_DIR)" $(LINK_OBJS)
$(LINK) @<<
/OUT:$@ $(LFLAGS) $(LINK_OBJS)
<<
#
# FILE DEPENDENCIES
#
# file dependencies state, for each file that is built,
# which file(s) it depends upon
#
$(OBJ_DIR)\debug.obj: $(COMMON_LIB_SRCDIR)\debug.h
$(OBJ_DIR)\debug.obj: $(COMMON_LIB_SRCDIR)\debug.c
$(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\debug.c
$(OBJ_DIR)\r_assoc.obj: $(COMMON_LIB_SRCDIR)\r_assoc.c
$(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_assoc.c
$(OBJ_DIR)\r_data.obj: $(COMMON_LIB_SRCDIR)\r_data.h
$(OBJ_DIR)\r_data.obj: $(COMMON_LIB_SRCDIR)\r_data.c
$(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_data.c
$(OBJ_DIR)\r_errors.obj: $(COMMON_LIB_SRCDIR)\r_errors.c
$(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_errors.c
$(OBJ_DIR)\r_list.obj: $(COMMON_LIB_SRCDIR)\r_list.c
$(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_list.c
$(OBJ_DIR)\r_replace.obj: $(COMMON_LIB_SRCDIR)\r_replace.c
$(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_replace.c
$(OBJ_DIR)\r_time.obj: $(COMMON_LIB_SRCDIR)\r_time.c
$(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_time.c
$(OBJ_DIR)\network.obj: $(ANALYZE_SRCDIR)\network.h
$(OBJ_DIR)\network.obj: $(ANALYZE_SRCDIR)\network.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SRCDIR)\network.c
$(OBJ_DIR)\pcap-snoop.obj: $(ANALYZE_SRCDIR)\pcap-snoop.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SRCDIR)\pcap-snoop.c
$(OBJ_DIR)\proto_mod.obj: $(ANALYZE_SRCDIR)\proto_mod.h
$(OBJ_DIR)\proto_mod.obj: $(ANALYZE_SRCDIR)\proto_mod.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SRCDIR)\proto_mod.c
$(OBJ_DIR)\tcpconn.obj: $(ANALYZE_SRCDIR)\tcpconn.h
$(OBJ_DIR)\tcpconn.obj: $(ANALYZE_SRCDIR)\tcpconn.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SRCDIR)\tcpconn.c
$(OBJ_DIR)\tcppack.obj: $(ANALYZE_SRCDIR)\tcppack.h
$(OBJ_DIR)\tcppack.obj: $(ANALYZE_SRCDIR)\tcppack.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SRCDIR)\tcppack.c
$(OBJ_DIR)\null_analyze.obj: $(ANALYZE_NULL_SRCDIR)\null_analyze.h
$(OBJ_DIR)\null_analyze.obj: $(ANALYZE_NULL_SRCDIR)\null_analyze.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_NULL_SRCDIR)\null_analyze.c
$(OBJ_DIR)\ciphersuites.obj: $(ANALYZE_SSL_SRCDIR)\ciphersuites.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\ciphersuites.c
$(OBJ_DIR)\ssl.enums.obj: $(ANALYZE_SSL_SRCDIR)\ssl.enums.h
$(OBJ_DIR)\ssl.enums.obj: $(ANALYZE_SSL_SRCDIR)\ssl.enums.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\ssl.enums.c
$(OBJ_DIR)\ssl_analyze.obj: $(ANALYZE_SSL_SRCDIR)\ssl_analyze.h
$(OBJ_DIR)\ssl_analyze.obj: $(ANALYZE_SSL_SRCDIR)\ssl_analyze.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\ssl_analyze.c
$(OBJ_DIR)\ssl_rec.obj: $(ANALYZE_SSL_SRCDIR)\ssl_rec.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\ssl_rec.c
$(OBJ_DIR)\ssldecode.obj: $(ANALYZE_SSL_SRCDIR)\ssldecode.h
$(OBJ_DIR)\ssldecode.obj: $(ANALYZE_SSL_SRCDIR)\ssldecode.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\ssldecode.c
$(OBJ_DIR)\sslprint.obj: $(ANALYZE_SSL_SRCDIR)\sslprint.h
$(OBJ_DIR)\sslprint.obj: $(ANALYZE_SSL_SRCDIR)\sslprint.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\sslprint.c
$(OBJ_DIR)\sslxprint.obj: $(ANALYZE_SSL_SRCDIR)\sslxprint.h
$(OBJ_DIR)\sslxprint.obj: $(ANALYZE_SSL_SRCDIR)\sslxprint.c
$(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\sslxprint.c