adulau/ssldump
1
0
Fork 0
mirror of https://github.com/adulau/ssldump.git synced 2024-11-21 17:07:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

Lint ALL the things !

Browse source
This commit is contained in:
William Robinet 2023-08-14 12:37:08 +02:00
parent 26a3816051
commit ecacee7c36
No known key found for this signature in database
GPG key ID: 003FA3DF74C7A949
58 changed files with 8234 additions and 9935 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

80
base/network.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: network.c,v 1.10 2002/09/09 21:02:58 ekr Exp $ $Id: network.c,v 1.10 2002/09/09 21:02:58 ekr Exp $
@ -43,8 +44,6 @@
ekr@rtfm.com Tue Dec 29 09:52:54 1998 ekr@rtfm.com Tue Dec 29 09:52:54 1998
*/ */
#include <sys/types.h> #include <sys/types.h>
#include <r_common.h> #include <r_common.h>
#include "network.h" #include "network.h"
@ -68,9 +67,7 @@ struct network_handler_ {
proto_ctx *ctx; proto_ctx *ctx;
}; };
int int network_handler_create(proto_mod *mod, n_handler **handlerp) {
network_handler_create (proto_mod *mod, n_handler **handlerp)
{
int r, _status; int r, _status;
n_handler *handler = 0; n_handler *handler = 0;
@ -90,9 +87,7 @@ network_handler_create (proto_mod *mod, n_handler **handlerp)
return (_status); return (_status);
} }
int int network_handler_destroy(proto_mod *mod, n_handler **handlerp) {
network_handler_destroy (proto_mod *mod, n_handler **handlerp)
{
n_handler *handler = 0; n_handler *handler = 0;
if(!handlerp || !*handlerp) if(!handlerp || !*handlerp)
return (0); return (0);
@ -105,9 +100,11 @@ network_handler_destroy (proto_mod *mod, n_handler **handlerp)
return (0); return (0);
} }
int int network_process_packet(n_handler *handler,
network_process_packet (n_handler *handler, struct timeval *timestamp, UCHAR *data, int length, int af) struct timeval *timestamp,
{ UCHAR *data,
int length,
int af) {
int r; int r;
int hlen; int hlen;
packet p; packet p;
@ -124,7 +121,9 @@ network_process_packet (n_handler *handler, struct timeval *timestamp, UCHAR *da
if(p.len < 20) { if(p.len < 20) {
if(!(NET_print_flags & NET_PRINT_JSON)) if(!(NET_print_flags & NET_PRINT_JSON))
printf("Malformed packet, packet too small to contain IP header, skipping ...\n"); printf(
"Malformed packet, packet too small to contain IP header, skipping "
"...\n");
return (0); return (0);
} }
@ -133,9 +132,11 @@ network_process_packet (n_handler *handler, struct timeval *timestamp, UCHAR *da
if(af == AF_INET) { if(af == AF_INET) {
p.l3_hdr.ip = (struct ip *)data; p.l3_hdr.ip = (struct ip *)data;
memcpy(&p.i_addr.so_in.sin_addr, &p.l3_hdr.ip->ip_src, sizeof(struct in_addr)); memcpy(&p.i_addr.so_in.sin_addr, &p.l3_hdr.ip->ip_src,
sizeof(struct in_addr));
p.i_addr.so_in.sin_family = AF_INET; p.i_addr.so_in.sin_family = AF_INET;
memcpy(&p.r_addr.so_in.sin_addr, &p.l3_hdr.ip->ip_dst, sizeof(struct in_addr)); memcpy(&p.r_addr.so_in.sin_addr, &p.l3_hdr.ip->ip_dst,
sizeof(struct in_addr));
p.r_addr.so_in.sin_family = AF_INET; p.r_addr.so_in.sin_family = AF_INET;
/*Handle, or rather mishandle, fragmentation*/ /*Handle, or rather mishandle, fragmentation*/
@ -153,12 +154,16 @@ network_process_packet (n_handler *handler, struct timeval *timestamp, UCHAR *da
if(p.len > length) { if(p.len > length) {
if(!(NET_print_flags & NET_PRINT_JSON)) if(!(NET_print_flags & NET_PRINT_JSON))
printf("Malformed packet, size from IP header is larger than size reported by libpcap, skipping ...\n"); printf(
"Malformed packet, size from IP header is larger than size "
"reported by libpcap, skipping ...\n");
return (0); return (0);
} }
if(p.len == 0) { if(p.len == 0) {
DBG((0,"ip length reported as 0, presumed to be because of 'TCP segmentation offload' (TSO)\n")); DBG((0,
"ip length reported as 0, presumed to be because of 'TCP "
"segmentation offload' (TSO)\n"));
p.len = p._len; p.len = p._len;
} }
p.len -= hlen; p.len -= hlen;
@ -166,9 +171,11 @@ network_process_packet (n_handler *handler, struct timeval *timestamp, UCHAR *da
proto = p.l3_hdr.ip->ip_p; proto = p.l3_hdr.ip->ip_p;
} else { } else {
p.l3_hdr.ip6 = (struct ip6_hdr *)data; p.l3_hdr.ip6 = (struct ip6_hdr *)data;
memcpy(&p.i_addr.so_in6.sin6_addr, &p.l3_hdr.ip6->ip6_src, sizeof(struct in6_addr)); memcpy(&p.i_addr.so_in6.sin6_addr, &p.l3_hdr.ip6->ip6_src,
sizeof(struct in6_addr));
p.i_addr.so_in6.sin6_family = AF_INET6; p.i_addr.so_in6.sin6_family = AF_INET6;
memcpy(&p.r_addr.so_in6.sin6_addr, &p.l3_hdr.ip6->ip6_dst, sizeof(struct in6_addr)); memcpy(&p.r_addr.so_in6.sin6_addr, &p.l3_hdr.ip6->ip6_dst,
sizeof(struct in6_addr));
p.r_addr.so_in6.sin6_family = AF_INET6; p.r_addr.so_in6.sin6_family = AF_INET6;
// Skip packets with header extensions // Skip packets with header extensions
if(p.l3_hdr.ip6->ip6_ctlun.ip6_un1.ip6_un1_nxt != IPPROTO_TCP) { if(p.l3_hdr.ip6->ip6_ctlun.ip6_un1.ip6_un1_nxt != IPPROTO_TCP) {
@ -180,12 +187,16 @@ network_process_packet (n_handler *handler, struct timeval *timestamp, UCHAR *da
p.len = ntohs(p.l3_hdr.ip6->ip6_ctlun.ip6_un1.ip6_un1_plen); p.len = ntohs(p.l3_hdr.ip6->ip6_ctlun.ip6_un1.ip6_un1_plen);
if(p.len > length) { if(p.len > length) {
if(!(NET_print_flags & NET_PRINT_JSON)) if(!(NET_print_flags & NET_PRINT_JSON))
printf("Malformed packet, size from IP header is larger than size reported by libpcap, skipping ...\n"); printf(
"Malformed packet, size from IP header is larger than size "
"reported by libpcap, skipping ...\n");
return (0); return (0);
} }
if(p.len == 0) { if(p.len == 0) {
DBG((0,"ip length reported as 0, presumed to be because of 'TCP segmentation offload' (TSO)\n")); DBG((0,
"ip length reported as 0, presumed to be because of 'TCP "
"segmentation offload' (TSO)\n"));
p.len = p._len; p.len = p._len;
} }
@ -202,9 +213,7 @@ network_process_packet (n_handler *handler, struct timeval *timestamp, UCHAR *da
return (0); return (0);
} }
int int packet_copy(packet *in, packet **out) {
packet_copy (packet *in, packet **out)
{
int _status; int _status;
packet *p = 0; packet *p = 0;
@ -233,9 +242,7 @@ packet_copy (packet *in, packet **out)
return (_status); return (_status);
} }
int int packet_destroy(packet *p) {
packet_destroy (packet *p)
{
if(!p) if(!p)
return (0); return (0);
@ -244,9 +251,9 @@ packet_destroy (packet *p)
return (0); return (0);
} }
int int timestamp_diff(struct timeval *t1,
timestamp_diff (struct timeval *t1, struct timeval *t0, struct timeval *diff) struct timeval *t0,
{ struct timeval *diff) {
long d; long d;
if(t0->tv_sec > t1->tv_sec) if(t0->tv_sec > t1->tv_sec)
@ -269,17 +276,14 @@ timestamp_diff (struct timeval *t1, struct timeval *t0, struct timeval *diff)
return (0); return (0);
} }
int lookuphostname(struct sockaddr_storage *so_st, char **namep) {
int
lookuphostname (struct sockaddr_storage *so_st, char **namep)
{
int r = 1; int r = 1;
*namep = calloc(1, NI_MAXHOST); *namep = calloc(1, NI_MAXHOST);
void *addr = NULL; void *addr = NULL;
if(!(NET_print_flags & NET_PRINT_NO_RESOLVE)) { if(!(NET_print_flags & NET_PRINT_NO_RESOLVE)) {
r = getnameinfo((struct sockaddr *) so_st, sizeof(struct sockaddr_storage), *namep, NI_MAXHOST, NULL, 0, 0); r = getnameinfo((struct sockaddr *)so_st, sizeof(struct sockaddr_storage),
*namep, NI_MAXHOST, NULL, 0, 0);
} }
if(r) { if(r) {
@ -294,9 +298,7 @@ lookuphostname (struct sockaddr_storage *so_st, char **namep)
return (0); return (0);
} }
int int addrtotext(struct sockaddr_storage *so_st, char **namep) {
addrtotext (struct sockaddr_storage *so_st, char **namep)
{
*namep = calloc(1, NI_MAXHOST); *namep = calloc(1, NI_MAXHOST);
void *addr = NULL; void *addr = NULL;

16
base/network.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: network.h,v 1.3 2001/09/14 22:29:14 ekr Exp $ $Id: network.h,v 1.3 2001/09/14 22:29:14 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Dec 29 09:53:50 1998 ekr@rtfm.com Tue Dec 29 09:53:50 1998
*/ */
#ifndef _network_h #ifndef _network_h
#define _network_h #define _network_h
@ -74,14 +74,17 @@ typedef struct proto_mod_ proto_mod;
typedef struct proto_handler_ proto_handler; typedef struct proto_handler_ proto_handler;
typedef struct packet_ packet; typedef struct packet_ packet;
int network_handler_create PROTO_LIST((proto_mod *mod, int network_handler_create PROTO_LIST((proto_mod * mod, n_handler **handlerp));
n_handler **handlerp));
int network_handler_destroy PROTO_LIST((proto_mod * mod, n_handler **handlerp)); int network_handler_destroy PROTO_LIST((proto_mod * mod, n_handler **handlerp));
int network_process_packet PROTO_LIST((n_handler * handler, int network_process_packet PROTO_LIST((n_handler * handler,
struct timeval *timestamp,UCHAR *data,int length,int af)); struct timeval *timestamp,
UCHAR *data,
int length,
int af));
int packet_copy PROTO_LIST((packet * in, packet **out)); int packet_copy PROTO_LIST((packet * in, packet **out));
int packet_destroy PROTO_LIST((packet * p)); int packet_destroy PROTO_LIST((packet * p));
int timestamp_diff PROTO_LIST(( struct timeval *t1,struct timeval *t0, int timestamp_diff PROTO_LIST((struct timeval * t1,
struct timeval *t0,
struct timeval *diff)); struct timeval *diff));
int lookuphostname PROTO_LIST((struct sockaddr_storage * addr, char **name)); int lookuphostname PROTO_LIST((struct sockaddr_storage * addr, char **name));
int addrtotext PROTO_LIST((struct sockaddr_storage * addr, char **name)); int addrtotext PROTO_LIST((struct sockaddr_storage * addr, char **name));
@ -126,4 +129,3 @@ extern UINT4 NET_print_flags;
#define NET_PRINT_JSON 16 #define NET_PRINT_JSON 16
#define NET_PRINT_TS 32 #define NET_PRINT_TS 32
#endif #endif

101
base/pcap-snoop.c.in
View file

@ -46,9 +46,6 @@
ekr@rtfm.com Tue Dec 29 10:17:41 1998 ekr@rtfm.com Tue Dec 29 10:17:41 1998
*/ */
#include <pcap.h> #include <pcap.h>
#include <unistd.h> #include <unistd.h>
#ifndef __OpenBSD__ #ifndef __OpenBSD__
@ -89,7 +86,9 @@ int err_exit PROTO_LIST((char *str,int num));
int usage PROTO_LIST((void)); int usage PROTO_LIST((void));
int print_version PROTO_LIST((void)); int print_version PROTO_LIST((void));
void sig_handler PROTO_LIST((int sig)); void sig_handler PROTO_LIST((int sig));
void pcap_cb PROTO_LIST((u_char *ptr,const struct pcap_pkthdr *hdr,const u_char *data)); void pcap_cb PROTO_LIST((u_char * ptr,
const struct pcap_pkthdr *hdr,
const u_char *data));
int main PROTO_LIST((int argc, char **argv)); int main PROTO_LIST((int argc, char **argv));
int packet_cnt = 0; // Packet counter used for connection pool cleaning int packet_cnt = 0; // Packet counter used for connection pool cleaning
@ -101,28 +100,27 @@ struct timeval last_packet_seen_time = // Timestamp of the last packet of the
logger_mod *logger = NULL; logger_mod *logger = NULL;
int int err_exit(char *str, int num) {
err_exit (char *str, int num)
{
fprintf(stderr, "ERROR: %s\n", str); fprintf(stderr, "ERROR: %s\n", str);
sig_handler(SIGQUIT); sig_handler(SIGQUIT);
exit(num); exit(num);
} }
int int usage(void) {
usage (void) fprintf(stderr,
{ "Usage: ssldump [-r dumpfile] [-i interface] [-l sslkeylogfile] [-w "
fprintf(stderr,"Usage: ssldump [-r dumpfile] [-i interface] [-l sslkeylogfile] [-w outpcapfile]\n"); "outpcapfile]\n");
fprintf(stderr," [-k keyfile] [-p password] [-vtaTznsAxVNde]\n"); fprintf(stderr,
" [-k keyfile] [-p password] [-vtaTznsAxVNde]\n");
fprintf(stderr, " [filter]\n"); fprintf(stderr, " [filter]\n");
exit(0); exit(0);
} }
int int print_version(void) {
print_version (void)
{
printf("Version: @ssldump_VERSION@ (@ssldump_DESCRIPTION@)\n"); printf("Version: @ssldump_VERSION@ (@ssldump_DESCRIPTION@)\n");
printf("Maintained by a bunch of volunteers, see https://github.com/adulau/ssldump/blob/master/CREDITS\n"); printf(
"Maintained by a bunch of volunteers, see "
"https://github.com/adulau/ssldump/blob/master/CREDITS\n");
printf("Copyright (C) 2015-2023 the aforementioned volunteers\n"); printf("Copyright (C) 2015-2023 the aforementioned volunteers\n");
printf("Copyright (C) 1998-2001 RTFM, Inc.\n"); printf("Copyright (C) 1998-2001 RTFM, Inc.\n");
printf("All rights reserved.\n"); printf("All rights reserved.\n");
@ -138,8 +136,7 @@ n_handler *n;
char *interface_name = 0; char *interface_name = 0;
char *file = 0; char *file = 0;
char *filter = 0; char *filter = 0;
void sig_handler(int sig) void sig_handler(int sig) {
{
int freed_conn = 0; int freed_conn = 0;
fflush(stdout); fflush(stdout);
if(logger) if(logger)
@ -147,7 +144,8 @@ void sig_handler(int sig)
freed_conn = destroy_all_conn(); freed_conn = destroy_all_conn();
if(freed_conn && !(NET_print_flags & NET_PRINT_JSON)) if(freed_conn && !(NET_print_flags & NET_PRINT_JSON))
printf("Cleaned %d remaining connection(s) from connection pool\n", freed_conn); printf("Cleaned %d remaining connection(s) from connection pool\n",
freed_conn);
network_handler_destroy(mod, &n); network_handler_destroy(mod, &n);
@ -163,15 +161,15 @@ void sig_handler(int sig)
exit(sig); exit(sig);
} }
void pcap_cb(u_char *ptr, const struct pcap_pkthdr *hdr, const u_char *data) void pcap_cb(u_char *ptr, const struct pcap_pkthdr *hdr, const u_char *data) {
{
n_handler *n; n_handler *n;
int len; int len;
struct ether_header *e_hdr = (struct ether_header *)data; struct ether_header *e_hdr = (struct ether_header *)data;
int type, cleaned_conn; int type, cleaned_conn;
n = (n_handler *)ptr; n = (n_handler *)ptr;
if(hdr->caplen!=hdr->len) err_exit("Length mismatch",-1); if(hdr->caplen != hdr->len)
err_exit("Length mismatch", -1);
len = hdr->len; len = hdr->len;
@ -187,7 +185,9 @@ void pcap_cb(u_char *ptr, const struct pcap_pkthdr *hdr, const u_char *data)
case DLT_EN10MB: case DLT_EN10MB:
if(len < sizeof(struct ether_header)) { if(len < sizeof(struct ether_header)) {
if(!(NET_print_flags & NET_PRINT_JSON)) if(!(NET_print_flags & NET_PRINT_JSON))
printf("Frame size too small to contain Ethernet header, skipping ...\n"); printf(
"Frame size too small to contain Ethernet header, skipping "
"...\n");
return; return;
} }
@ -226,7 +226,8 @@ void pcap_cb(u_char *ptr, const struct pcap_pkthdr *hdr, const u_char *data)
#ifdef DLT_SLIP_BSDOS #ifdef DLT_SLIP_BSDOS
case DLT_SLIP_BSDOS: case DLT_SLIP_BSDOS:
#endif #endif
#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__) #if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || \
defined(__bsdi__) || defined(__APPLE__)
data += 16; data += 16;
len -= 16; len -= 16;
#else #else
@ -244,7 +245,8 @@ void pcap_cb(u_char *ptr, const struct pcap_pkthdr *hdr, const u_char *data)
#ifdef DLT_PPP_ETHER #ifdef DLT_PPP_ETHER
case DLT_PPP_ETHER: case DLT_PPP_ETHER:
#endif #endif
#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__) #if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || \
defined(__bsdi__) || defined(__APPLE__)
data += 4; data += 4;
len -= 4; len -= 4;
#else #else
@ -278,15 +280,18 @@ void pcap_cb(u_char *ptr, const struct pcap_pkthdr *hdr, const u_char *data)
} }
if(type == ETHERTYPE_IPV6) if(type == ETHERTYPE_IPV6)
network_process_packet(n,(struct timeval *) &hdr->ts,(u_char *)data,len, AF_INET6); network_process_packet(n, (struct timeval *)&hdr->ts, (u_char *)data, len,
AF_INET6);
else else
network_process_packet(n,(struct timeval *) &hdr->ts,(u_char *)data,len, AF_INET); network_process_packet(n, (struct timeval *)&hdr->ts, (u_char *)data, len,
AF_INET);
if(packet_cnt == conn_freq) { if(packet_cnt == conn_freq) {
packet_cnt = 0; packet_cnt = 0;
memcpy(&last_packet_seen_time, &hdr->ts, sizeof(struct timeval)); memcpy(&last_packet_seen_time, &hdr->ts, sizeof(struct timeval));
if((cleaned_conn = clean_old_conn()) && !(NET_print_flags & NET_PRINT_JSON)) if((cleaned_conn = clean_old_conn()) && !(NET_print_flags & NET_PRINT_JSON))
printf("%d inactive connection(s) cleaned from connection pool\n", cleaned_conn); printf("%d inactive connection(s) cleaned from connection pool\n",
cleaned_conn);
} else { } else {
packet_cnt++; packet_cnt++;
} }
@ -297,21 +302,16 @@ typedef struct module_def_ {
proto_mod *mod; proto_mod *mod;
} module_def; } module_def;
static module_def modules[]={ static module_def modules[] = {{"SSL", &ssl_mod},
{"SSL",&ssl_mod},
{"NULL", &null_mod}, {"NULL", &null_mod},
#ifdef ENABLE_RECORD #ifdef ENABLE_RECORD
{"RECORD", &record_mod}, {"RECORD", &record_mod},
#endif #endif
{0,0} {0, 0}};
};
int parse_ssl_flag PROTO_LIST((int c)); int parse_ssl_flag PROTO_LIST((int c));
int int main(int argc, char **argv) {
main (int argc, char **argv)
{
int r; int r;
#ifdef _WIN32 #ifdef _WIN32
__declspec(dllimport) char *optarg; __declspec(dllimport) char *optarg;
@ -331,7 +331,8 @@ main (int argc, char **argv)
signal(SIGINT, sig_handler); signal(SIGINT, sig_handler);
while((c=getopt(argc,argv,"vr:F:f:S:jyTt:ai:k:l:w:p:znsAxXhHVNdqem:P"))!=EOF){ while((c = getopt(argc, argv, "vr:F:f:S:jyTt:ai:k:l:w:p:znsAxXhHVNdqem:P")) !=
EOF) {
switch(c) { switch(c) {
case 'v': case 'v':
print_version(); print_version();
@ -377,8 +378,7 @@ main (int argc, char **argv)
case 'w': case 'w':
logger = &pcap_mod; logger = &pcap_mod;
if(logger->vtbl->init(optarg) != 0) { if(logger->vtbl->init(optarg) != 0) {
fprintf(stderr,"Can not open/create out pcap %s\n", fprintf(stderr, "Can not open/create out pcap %s\n", optarg);
optarg);
exit(1); exit(1);
} }
break; break;
@ -405,8 +405,7 @@ main (int argc, char **argv)
} }
} }
if(!m->name) { if(!m->name) {
fprintf(stderr,"Request analysis module %s not found\n", fprintf(stderr, "Request analysis module %s not found\n", optarg);
optarg);
exit(1); exit(1);
} }
break; break;
@ -442,15 +441,15 @@ main (int argc, char **argv)
err_exit("Aborting", -1); err_exit("Aborting", -1);
} }
} }
if(!(p=pcap_open_live(interface_name,65535,!no_promiscuous,1000,errbuf))){ if(!(p = pcap_open_live(interface_name, 65535, !no_promiscuous, 1000,
errbuf))) {
fprintf(stderr, "PCAP: %s\n", errbuf); fprintf(stderr, "PCAP: %s\n", errbuf);
err_exit("Aborting", -1); err_exit("Aborting", -1);
} }
if(pcap_lookupnet(interface_name, &localnet, &netmask, errbuf) < 0) if(pcap_lookupnet(interface_name, &localnet, &netmask, errbuf) < 0)
fprintf(stderr, "PCAP: %s\n", errbuf); fprintf(stderr, "PCAP: %s\n", errbuf);
} } else {
else{
if(!(p = pcap_open_offline(file, errbuf))) { if(!(p = pcap_open_offline(file, errbuf))) {
fprintf(stderr, "PCAP: %s\n", errbuf); fprintf(stderr, "PCAP: %s\n", errbuf);
err_exit("Aborting", -1); err_exit("Aborting", -1);
@ -474,8 +473,7 @@ main (int argc, char **argv)
* untagged, then it is assumed that the user knows what she is * untagged, then it is assumed that the user knows what she is
* doing, and the filter is not reformatted. * doing, and the filter is not reformatted.
*/ */
if ((pcap_datalink(p) == DLT_EN10MB) && if((pcap_datalink(p) == DLT_EN10MB) && (filter != NULL) &&
(filter != NULL) &&
(strstr(filter, "vlan") == NULL)) { (strstr(filter, "vlan") == NULL)) {
char *tmp_filter; char *tmp_filter;
char *fmt = "( (not ether proto 0x8100) and (%s) ) or ( vlan and (%s) )"; char *fmt = "( (not ether proto 0x8100) and (%s) ) or ( vlan and (%s) )";
@ -515,7 +513,8 @@ main (int argc, char **argv)
freed_conn = destroy_all_conn(); freed_conn = destroy_all_conn();
if(freed_conn && !(NET_print_flags & NET_PRINT_JSON)) if(freed_conn && !(NET_print_flags & NET_PRINT_JSON))
printf("Cleaned %d remaining connection(s) from connection pool\n", freed_conn); printf("Cleaned %d remaining connection(s) from connection pool\n",
freed_conn);
network_handler_destroy(mod, &n); network_handler_destroy(mod, &n);
pcap_close(p); pcap_close(p);
@ -534,18 +533,14 @@ main (int argc, char **argv)
free(SSL_keylogfile); free(SSL_keylogfile);
if(SSL_password) if(SSL_password)
free(SSL_password); free(SSL_password);
if (logger) if(logger) {
{
logger->vtbl->deinit(); logger->vtbl->deinit();
} }
exit(0); exit(0);
} }
char *collapse_args(int argc, char **argv) {
char *
collapse_args (int argc, char **argv)
{
int i, len = 0; int i, len = 0;
char *ret; char *ret;

21
base/print_utils.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: print_utils.c,v 1.2 2000/10/17 16:09:58 ekr Exp $ $Id: print_utils.c,v 1.2 2000/10/17 16:09:58 ekr Exp $
@ -43,9 +44,7 @@
ekr@rtfm.com Mon Feb 15 17:23:36 1999 ekr@rtfm.com Mon Feb 15 17:23:36 1999
*/ */
int explain(char *format, ...) {
int explain(char *format,...)
{
va_list ap; va_list ap;
va_start(ap, format); va_start(ap, format);
@ -57,8 +56,7 @@ int explain(char *format,...)
return (0); return (0);
} }
int exdump(name,data) int exdump(name, data) char *name;
char *name;
Data *data; Data *data;
{ {
int i, j; int i, j;
@ -72,16 +70,17 @@ int exdump(name,data)
INDENT_INCR; INDENT_INCR;
} }
for(i = 0; i < data->len; i++) { for(i = 0; i < data->len; i++) {
if(!i && (data->len>8)) INDENT; if(!i && (data->len > 8))
INDENT;
if((data->len > 8) && i && !(i % 12)) { if((data->len > 8) && i && !(i % 12)) {
LF;INDENT; LF;
INDENT;
} }
printf("%.2x ", data->data[i] & 255); printf("%.2x ", data->data[i] & 255);
} }
if(name) INDENT_POP; if(name)
INDENT_POP;
if(data->len > 8 && i % 12) if(data->len > 8 && i % 12)
LF; LF;
return (0); return (0);
} }

9
base/print_utils.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: print_utils.h,v 1.2 2000/10/17 16:09:58 ekr Exp $ $Id: print_utils.h,v 1.2 2000/10/17 16:09:58 ekr Exp $
@ -43,14 +44,10 @@
ekr@rtfm.com Mon Feb 15 17:23:56 1999 ekr@rtfm.com Mon Feb 15 17:23:56 1999
*/ */
#ifndef _print_utils_h #ifndef _print_utils_h
#define _print_utils_h #define _print_utils_h
int explain PROTO_LIST((char *format, ...)); int explain PROTO_LIST((char *format, ...));
int exdump PROTO_LIST((char *name, int exdump PROTO_LIST((char *name, Data *data));
Data *data));
#endif #endif

20
base/proto_mod.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: proto_mod.c,v 1.3 2001/07/20 23:33:14 ekr Exp $ $Id: proto_mod.c,v 1.3 2001/07/20 23:33:14 ekr Exp $
@ -43,13 +44,13 @@
ekr@rtfm.com Thu Jan 7 22:35:23 1999 ekr@rtfm.com Thu Jan 7 22:35:23 1999
*/ */
#include "network.h" #include "network.h"
int int create_proto_handler(proto_mod *mod,
create_proto_handler (proto_mod *mod, proto_ctx *ctx, proto_handler **handlerp, tcp_conn *conn, struct timeval *first_packet) proto_ctx *ctx,
{ proto_handler **handlerp,
tcp_conn *conn,
struct timeval *first_packet) {
int r, _status; int r, _status;
proto_handler *handler = 0; proto_handler *handler = 0;
@ -57,7 +58,8 @@ create_proto_handler (proto_mod *mod, proto_ctx *ctx, proto_handler **handlerp,
ABORT(R_NO_MEMORY); ABORT(R_NO_MEMORY);
handler->vtbl = mod->vtbl; handler->vtbl = mod->vtbl;
if((r = mod->vtbl->create(mod->handle, ctx, conn, &handler->obj, if((r = mod->vtbl->create(mod->handle, ctx, conn, &handler->obj,
&conn->i_addr,conn->i_port,&conn->r_addr,conn->r_port,first_packet))) &conn->i_addr, conn->i_port, &conn->r_addr,
conn->r_port, first_packet)))
ABORT(r); ABORT(r);
*handlerp = handler; *handlerp = handler;
@ -70,9 +72,7 @@ create_proto_handler (proto_mod *mod, proto_ctx *ctx, proto_handler **handlerp,
return (_status); return (_status);
} }
int int destroy_proto_handler(proto_handler **handlerp) {
destroy_proto_handler (proto_handler **handlerp)
{
if(!handlerp || !*handlerp) if(!handlerp || !*handlerp)
return (0); return (0);

36
base/proto_mod.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: proto_mod.h,v 1.4 2001/11/26 22:28:16 ekr Exp $ $Id: proto_mod.h,v 1.4 2001/11/26 22:28:16 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Thu Dec 24 21:10:05 1998 ekr@rtfm.com Thu Dec 24 21:10:05 1998
*/ */
#ifndef _proto_mod_h #ifndef _proto_mod_h
#define _proto_mod_h #define _proto_mod_h
@ -57,11 +57,15 @@ struct proto_mod_vtbl_ {
int(*parse_flags) PROTO_LIST((char *str)); int(*parse_flags) PROTO_LIST((char *str));
int(*parse_flag) PROTO_LIST((int flag)); int(*parse_flag) PROTO_LIST((int flag));
int(*create_ctx) PROTO_LIST((void *handle, proto_ctx **ctxp)); int(*create_ctx) PROTO_LIST((void *handle, proto_ctx **ctxp));
int (*create) PROTO_LIST((void *handle,proto_ctx *ctx, int(*create) PROTO_LIST((void *handle,
proto_ctx *ctx,
tcp_conn *conn, tcp_conn *conn,
proto_obj **objp, proto_obj **objp,
struct sockaddr_storage *i_addr,u_short i_port, struct sockaddr_storage *i_addr,
struct sockaddr_storage *r_addr,u_short r_port,struct timeval *time_base)); u_short i_port,
struct sockaddr_storage *r_addr,
u_short r_port,
struct timeval *time_base));
int(*destroy_ctx) PROTO_LIST((void *handle, proto_ctx **ctxp)); int(*destroy_ctx) PROTO_LIST((void *handle, proto_ctx **ctxp));
int(*destroy) PROTO_LIST((proto_obj * *objp)); int(*destroy) PROTO_LIST((proto_obj * *objp));
int(*data) PROTO_LIST((proto_obj * obj, segment *data, int direction)); int(*data) PROTO_LIST((proto_obj * obj, segment *data, int direction));
@ -78,22 +82,29 @@ struct proto_handler_ {
struct proto_mod_vtbl_ *vtbl; struct proto_mod_vtbl_ *vtbl;
}; };
int create_proto_handler PROTO_LIST((proto_mod *mod,proto_ctx *ctx, int create_proto_handler PROTO_LIST((proto_mod * mod,
proto_ctx *ctx,
proto_handler **handlerp, proto_handler **handlerp,
tcp_conn *conn,struct timeval *first_packet)); tcp_conn *conn,
struct timeval *first_packet));
int destroy_proto_handler PROTO_LIST((proto_handler * *handlerp)); int destroy_proto_handler PROTO_LIST((proto_handler * *handlerp));
// add logger // add logger
struct logger_mod_vtbl_ { struct logger_mod_vtbl_ {
int(*init) PROTO_LIST((void *data)); int(*init) PROTO_LIST((void *data));
// deinit must be async signal safe(!!!) // deinit must be async signal safe(!!!)
int(*deinit) PROTO_LIST(()); int(*deinit) PROTO_LIST(());
int (*create) PROTO_LIST((proto_obj **objp, struct sockaddr_storage *i_addr,u_short i_port, int(*create) PROTO_LIST((proto_obj * *objp,
struct sockaddr_storage *r_addr,u_short r_port,struct timeval *time_base)); struct sockaddr_storage *i_addr,
u_short i_port,
struct sockaddr_storage *r_addr,
u_short r_port,
struct timeval *time_base));
int(*destroy) PROTO_LIST((proto_obj * *objp)); int(*destroy) PROTO_LIST((proto_obj * *objp));
int (*data) PROTO_LIST((proto_obj *obj,unsigned char *data,unsigned int len,int direction)); int(*data) PROTO_LIST(
int (*close) PROTO_LIST((proto_obj *obj,unsigned char *data,unsigned int len,int direction)); (proto_obj * obj, unsigned char *data, unsigned int len, int direction));
int(*close) PROTO_LIST(
(proto_obj * obj, unsigned char *data, unsigned int len, int direction));
}; };
struct logger_mod_ { struct logger_mod_ {
@ -106,4 +117,3 @@ typedef struct logger_mod_ logger_mod;
extern logger_mod *logger; extern logger_mod *logger;
#endif #endif

62
base/tcpconn.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: tcpconn.c,v 1.7 2002/08/17 01:33:16 ekr Exp $ $Id: tcpconn.c,v 1.7 2002/08/17 01:33:16 ekr Exp $
@ -43,11 +44,9 @@
ekr@rtfm.com Tue Dec 29 15:13:03 1998 ekr@rtfm.com Tue Dec 29 15:13:03 1998
*/ */
#include "network.h" #include "network.h"
#include "tcpconn.h" #include "tcpconn.h"
typedef struct conn_struct_ { typedef struct conn_struct_ {
tcp_conn conn; tcp_conn conn;
struct conn_struct_ *next; struct conn_struct_ *next;
@ -63,24 +62,23 @@ extern int conn_ttl;
static int zero_conn PROTO_LIST((tcp_conn * conn)); static int zero_conn PROTO_LIST((tcp_conn * conn));
static int static int zero_conn(tcp_conn *conn) {
zero_conn (tcp_conn *conn)
{
memset(conn, 0, sizeof(tcp_conn)); memset(conn, 0, sizeof(tcp_conn));
return (0); return (0);
} }
int tcp_find_conn(tcp_conn **connp, int *directionp,struct sockaddr_storage *saddr, int tcp_find_conn(tcp_conn **connp,
u_short sport, struct sockaddr_storage *daddr, u_short dport) int *directionp,
{ struct sockaddr_storage *saddr,
u_short sport,
struct sockaddr_storage *daddr,
u_short dport) {
conn_struct *conn; conn_struct *conn;
for(conn = first_conn; conn; conn = conn->next) { for(conn = first_conn; conn; conn = conn->next) {
if(sport == conn->conn.i_port && dport == conn->conn.r_port) { if(sport == conn->conn.i_port && dport == conn->conn.r_port) {
if(!memcmp(saddr,&conn->conn.i_addr,sizeof(struct sockaddr_storage)) if(!memcmp(saddr, &conn->conn.i_addr, sizeof(struct sockaddr_storage)) &&
&& !memcmp(daddr,&conn->conn.r_addr,sizeof(struct sockaddr_storage))) !memcmp(daddr, &conn->conn.r_addr, sizeof(struct sockaddr_storage))) {
{
*directionp = DIR_I2R; *directionp = DIR_I2R;
*connp = &(conn->conn); *connp = &(conn->conn);
return (0); return (0);
@ -88,9 +86,8 @@ int tcp_find_conn(tcp_conn **connp, int *directionp,struct sockaddr_storage *sad
} }
if(dport == conn->conn.i_port && sport == conn->conn.r_port) { if(dport == conn->conn.i_port && sport == conn->conn.r_port) {
if(!memcmp(saddr,&conn->conn.r_addr,sizeof(struct sockaddr_storage)) if(!memcmp(saddr, &conn->conn.r_addr, sizeof(struct sockaddr_storage)) &&
&& !memcmp(daddr,&conn->conn.i_addr,sizeof(struct sockaddr_storage))) !memcmp(daddr, &conn->conn.i_addr, sizeof(struct sockaddr_storage))) {
{
*directionp = DIR_R2I; *directionp = DIR_R2I;
*connp = &(conn->conn); *connp = &(conn->conn);
return (0); return (0);
@ -101,9 +98,11 @@ int tcp_find_conn(tcp_conn **connp, int *directionp,struct sockaddr_storage *sad
return (R_NOT_FOUND); return (R_NOT_FOUND);
} }
int tcp_create_conn(tcp_conn **connp,struct sockaddr_storage *i_addr, int tcp_create_conn(tcp_conn **connp,
u_short i_port, struct sockaddr_storage *r_addr, u_short r_port) struct sockaddr_storage *i_addr,
{ u_short i_port,
struct sockaddr_storage *r_addr,
u_short r_port) {
conn_struct *conn = 0; conn_struct *conn = 0;
if(!(conn = (conn_struct *)malloc(sizeof(conn_struct)))) if(!(conn = (conn_struct *)malloc(sizeof(conn_struct))))
@ -127,13 +126,10 @@ int tcp_create_conn(tcp_conn **connp,struct sockaddr_storage *i_addr,
first_conn->prev = conn; first_conn->prev = conn;
first_conn = conn; first_conn = conn;
return (0); return (0);
} }
int int tcp_destroy_conn(tcp_conn *conn) {
tcp_destroy_conn (tcp_conn *conn)
{
conn_struct *c = conn->backptr; conn_struct *c = conn->backptr;
/* Detach from the list */ /* Detach from the list */
@ -142,8 +138,7 @@ tcp_destroy_conn (tcp_conn *conn)
} }
if(c->prev) { if(c->prev) {
c->prev->next = c->next; c->prev->next = c->next;
} } else {
else {
first_conn = c->next; first_conn = c->next;
} }
@ -161,8 +156,7 @@ tcp_destroy_conn (tcp_conn *conn)
return (0); return (0);
} }
int int clean_old_conn(void) {
clean_old_conn (void) {
conn_struct *conn; conn_struct *conn;
tcp_conn *tcpconn; tcp_conn *tcpconn;
struct timeval dt; struct timeval dt;
@ -185,8 +179,7 @@ clean_old_conn (void) {
return i; return i;
} }
int int destroy_all_conn(void) {
destroy_all_conn (void) {
int i = 0; int i = 0;
while(first_conn) { while(first_conn) {
i++; i++;
@ -195,9 +188,7 @@ destroy_all_conn (void) {
return i; return i;
} }
int int free_tcp_segment_queue(segment *seg) {
free_tcp_segment_queue (segment *seg)
{
segment *tmp; segment *tmp;
while(seg) { while(seg) {
@ -210,16 +201,15 @@ free_tcp_segment_queue (segment *seg)
return (0); return (0);
} }
int int copy_tcp_segment_queue(segment **out, segment *in) {
copy_tcp_segment_queue (segment **out, segment *in)
{
int r, _status; int r, _status;
segment *base = 0; segment *base = 0;
for(; in; in = in->next) { for(; in; in = in->next) {
if(!(*out = (segment *)calloc(1, sizeof(segment)))) if(!(*out = (segment *)calloc(1, sizeof(segment))))
ABORT(R_NO_MEMORY); ABORT(R_NO_MEMORY);
if(!base) base=*out; if(!base)
base = *out;
if((r = packet_copy(in->p, &(*out)->p))) if((r = packet_copy(in->p, &(*out)->p)))
ABORT(r); ABORT(r);

17
base/tcpconn.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: tcpconn.h,v 1.4 2001/07/20 23:33:15 ekr Exp $ $Id: tcpconn.h,v 1.4 2001/07/20 23:33:15 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Dec 29 13:00:52 1998 ekr@rtfm.com Tue Dec 29 13:00:52 1998
*/ */
#ifndef _tcpconn_h #ifndef _tcpconn_h
#define _tcpconn_h #define _tcpconn_h
@ -94,12 +94,16 @@ typedef struct tcp_conn_ {
int tcp_find_conn PROTO_LIST((tcp_conn * *connp, int tcp_find_conn PROTO_LIST((tcp_conn * *connp,
int *directionp, int *directionp,
struct sockaddr_storage *src_addr, u_short src_port, struct sockaddr_storage *src_addr,
struct sockaddr_storage *dst_addr, u_short dst_port)); u_short src_port,
struct sockaddr_storage *dst_addr,
u_short dst_port));
int tcp_create_conn PROTO_LIST((tcp_conn * *connp, int tcp_create_conn PROTO_LIST((tcp_conn * *connp,
struct sockaddr_storage *initiator_addr, u_short initiator_port, struct sockaddr_storage *initiator_addr,
struct sockaddr_storage *responder_addr, u_short responder_port)); u_short initiator_port,
struct sockaddr_storage *responder_addr,
u_short responder_port));
int tcp_destroy_conn PROTO_LIST((tcp_conn * conn)); int tcp_destroy_conn PROTO_LIST((tcp_conn * conn));
int free_tcp_segment_queue PROTO_LIST((segment * seg)); int free_tcp_segment_queue PROTO_LIST((segment * seg));
@ -109,4 +113,3 @@ int clean_old_conn(void);
int destroy_all_conn(void); int destroy_all_conn(void);
#endif #endif

113
base/tcppack.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: tcppack.c,v 1.11 2002/09/09 21:02:58 ekr Exp $ $Id: tcppack.c,v 1.11 2002/09/09 21:02:58 ekr Exp $
@ -43,8 +44,6 @@
ekr@rtfm.com Tue Dec 29 12:43:39 1998 ekr@rtfm.com Tue Dec 29 12:43:39 1998
*/ */
#include "network.h" #include "network.h"
#ifndef _WIN32 #ifndef _WIN32
#include <sys/socket.h> #include <sys/socket.h>
@ -63,17 +62,17 @@
#include "tcpconn.h" #include "tcpconn.h"
#include "tcppack.h" #include "tcppack.h"
static int process_data_segment PROTO_LIST((tcp_conn * conn, static int process_data_segment PROTO_LIST((tcp_conn * conn,
proto_mod *handler,packet *p,stream_data *stream,int direction)); proto_mod *handler,
static int new_connection PROTO_LIST((proto_mod *handler,proto_ctx *ctx, packet *p,
packet *p,tcp_conn **connp)); stream_data *stream,
int direction));
static int new_connection PROTO_LIST(
(proto_mod * handler, proto_ctx *ctx, packet *p, tcp_conn **connp));
static int print_tcp_packet PROTO_LIST((packet * p)); static int print_tcp_packet PROTO_LIST((packet * p));
int STRIM PROTO_LIST((UINT4 _seq, segment *s)); int STRIM PROTO_LIST((UINT4 _seq, segment *s));
int int process_tcp_packet(proto_mod *handler, proto_ctx *ctx, packet *p) {
process_tcp_packet (proto_mod *handler, proto_ctx *ctx, packet *p)
{
int r, _status; int r, _status;
int direction; int direction;
stream_data *stream; stream_data *stream;
@ -87,12 +86,14 @@ process_tcp_packet (proto_mod *handler, proto_ctx *ctx, packet *p)
print_tcp_packet(p); print_tcp_packet(p);
if((r = tcp_find_conn(&conn, &direction, &p->i_addr.so_st, if((r = tcp_find_conn(&conn, &direction, &p->i_addr.so_st,
ntohs(p->tcp->th_sport),&p->r_addr.so_st,ntohs(p->tcp->th_dport)))){ ntohs(p->tcp->th_sport), &p->r_addr.so_st,
ntohs(p->tcp->th_dport)))) {
if(r != R_NOT_FOUND) if(r != R_NOT_FOUND)
ABORT(r); ABORT(r);
if((p->tcp->th_flags & TH_SYN) != TH_SYN) { if((p->tcp->th_flags & TH_SYN) != TH_SYN) {
DBG((0,"TCP: rejecting packet from unknown connection, seq: %u\n",ntohl(p->tcp->th_seq))); DBG((0, "TCP: rejecting packet from unknown connection, seq: %u\n",
ntohl(p->tcp->th_seq)));
return (0); return (0);
} }
@ -122,8 +123,7 @@ process_tcp_packet (proto_mod *handler, proto_ctx *ctx, packet *p)
conn->state = TCP_STATE_ACK; conn->state = TCP_STATE_ACK;
} }
break; break;
case TCP_STATE_ACK: case TCP_STATE_ACK: {
{
if(direction != DIR_I2R) if(direction != DIR_I2R)
break; break;
DBG((0, "ACK seq: %u", ntohl(p->tcp->th_seq))); DBG((0, "ACK seq: %u", ntohl(p->tcp->th_seq)));
@ -131,24 +131,20 @@ process_tcp_packet (proto_mod *handler, proto_ctx *ctx, packet *p)
if(!(NET_print_flags & NET_PRINT_JSON)) { if(!(NET_print_flags & NET_PRINT_JSON)) {
if(NET_print_flags & NET_PRINT_TYPESET) if(NET_print_flags & NET_PRINT_TYPESET)
printf("\\fC"); printf("\\fC");
printf("New TCP connection #%d: %s(%d) <-> %s(%d)\n", printf("New TCP connection #%d: %s(%d) <-> %s(%d)\n", conn->conn_number,
conn->conn_number, conn->i_name, conn->i_port, conn->r_name, conn->r_port);
conn->i_name,conn->i_port,
conn->r_name,conn->r_port);
if(NET_print_flags & NET_PRINT_TYPESET) if(NET_print_flags & NET_PRINT_TYPESET)
printf("\\fR"); printf("\\fR");
} }
conn->state = TCP_STATE_ESTABLISHED; conn->state = TCP_STATE_ESTABLISHED;
} }
case TCP_STATE_ESTABLISHED: case TCP_STATE_ESTABLISHED:
case TCP_STATE_FIN1: case TCP_STATE_FIN1: {
{
if(p->tcp->th_flags & TH_SYN) if(p->tcp->th_flags & TH_SYN)
break; break;
if((r = process_data_segment(conn, handler, p, stream, direction))) if((r = process_data_segment(conn, handler, p, stream, direction)))
ABORT(r); ABORT(r);
} } break;
break;
default: default:
break; break;
} }
@ -156,16 +152,16 @@ process_tcp_packet (proto_mod *handler, proto_ctx *ctx, packet *p)
if(conn->state == TCP_STATE_CLOSED) if(conn->state == TCP_STATE_CLOSED)
tcp_destroy_conn(conn); tcp_destroy_conn(conn);
_status = 0; _status = 0;
abort: abort:
return (_status); return (_status);
} }
static int static int new_connection(proto_mod *handler,
new_connection (proto_mod *handler, proto_ctx *ctx, packet *p, tcp_conn **connp) proto_ctx *ctx,
{ packet *p,
tcp_conn **connp) {
int r, _status; int r, _status;
tcp_conn *conn = 0; tcp_conn *conn = 0;
@ -222,9 +218,11 @@ new_connection (proto_mod *handler, proto_ctx *ctx, packet *p, tcp_conn **connp)
} }
*/ */
static int static int process_data_segment(tcp_conn *conn,
process_data_segment (tcp_conn *conn, proto_mod *handler, packet *p, stream_data *stream, int direction) proto_mod *handler,
{ packet *p,
stream_data *stream,
int direction) {
int r, _status; int r, _status;
tcp_seq seq, right_edge; tcp_seq seq, right_edge;
segment _seg; segment _seg;
@ -234,7 +232,9 @@ process_data_segment (tcp_conn *conn, proto_mod *handler, packet *p, stream_data
l = p->len - p->tcp->th_off * 4; l = p->len - p->tcp->th_off * 4;
if(l < 0) { if(l < 0) {
fprintf(stderr,"Malformed packet, computed TCP segment size is negative, skipping ...\n"); fprintf(stderr,
"Malformed packet, computed TCP segment size is negative, skipping "
"...\n");
return (0); return (0);
} }
@ -254,7 +254,6 @@ process_data_segment (tcp_conn *conn, proto_mod *handler, packet *p, stream_data
if(p->tcp->th_flags & TH_ACK) { if(p->tcp->th_flags & TH_ACK) {
long acknum, acked; long acknum, acked;
acknum = ntohl(p->tcp->th_ack); acknum = ntohl(p->tcp->th_ack);
acked = acknum - stream->ack; acked = acknum - stream->ack;
@ -274,7 +273,6 @@ process_data_segment (tcp_conn *conn, proto_mod *handler, packet *p, stream_data
stream->ack = acknum; stream->ack = acknum;
} }
DBG((0, "Stream Seq %u ", stream->seq)); DBG((0, "Stream Seq %u ", stream->seq));
/* Check to see if this packet has been processed already */ /* Check to see if this packet has been processed already */
@ -301,16 +299,14 @@ process_data_segment (tcp_conn *conn, proto_mod *handler, packet *p, stream_data
if(seg) { if(seg) {
nseg->next = seg->next; nseg->next = seg->next;
seg->next = nseg; seg->next = nseg;
} } else {
else{
nseg->next = stream->oo_queue; nseg->next = stream->oo_queue;
stream->oo_queue = nseg; stream->oo_queue = nseg;
} }
left_edge = seg ? seg->s_seq : stream->seq; left_edge = seg ? seg->s_seq : stream->seq;
STRIM(left_edge, nseg); STRIM(left_edge, nseg);
} } else {
else{
/*First segment -- just thread the unallocated data on the /*First segment -- just thread the unallocated data on the
list so we can pass to the analyzer*/ list so we can pass to the analyzer*/
_seg.next = 0; _seg.next = 0;
@ -326,15 +322,13 @@ process_data_segment (tcp_conn *conn, proto_mod *handler, packet *p, stream_data
seg = &_seg; seg = &_seg;
conn->state = TCP_STATE_CLOSED; conn->state = TCP_STATE_CLOSED;
} } else {
else{
STRIM(stream->seq, &_seg); STRIM(stream->seq, &_seg);
if(_seg.p->tcp->th_flags & (TH_FIN)) { if(_seg.p->tcp->th_flags & (TH_FIN)) {
stream->close = _seg.p->tcp->th_flags & (TH_FIN); stream->close = _seg.p->tcp->th_flags & (TH_FIN);
seg = &_seg; seg = &_seg;
} } else {
else {
for(seg = &_seg; seg->next; seg = seg->next) { for(seg = &_seg; seg->next; seg = seg->next) {
if(seg->p->tcp->th_flags & (TH_FIN)) { if(seg->p->tcp->th_flags & (TH_FIN)) {
stream->close = _seg.p->tcp->th_flags & (TH_FIN); stream->close = _seg.p->tcp->th_flags & (TH_FIN);
@ -361,17 +355,22 @@ process_data_segment (tcp_conn *conn, proto_mod *handler, packet *p, stream_data
seg->next = 0; seg->next = 0;
stream->seq = seg->s_seq + seg->len; stream->seq = seg->s_seq + seg->len;
DBG((0,"Analyzing segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len)); DBG((0, "Analyzing segment: %u:%u(%u)", seg->s_seq, seg->s_seq + seg->len,
if((r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction))) { seg->len));
DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len)); if((r = conn->analyzer->vtbl->data(conn->analyzer->obj, &_seg,
direction))) {
DBG((0, "ABORT due to segment: %u:%u(%u)", seg->s_seq,
seg->s_seq + seg->len, seg->len));
ABORT(r); ABORT(r);
} }
} }
if(stream->close) { if(stream->close) {
DBG((0,"Closing with segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len)); DBG((0, "Closing with segment: %u:%u(%u)", seg->s_seq, stream->seq,
seg->len));
if((r = conn->analyzer->vtbl->close(conn->analyzer->obj, p, direction))) { if((r = conn->analyzer->vtbl->close(conn->analyzer->obj, p, direction))) {
DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len)); DBG((0, "ABORT due to segment: %u:%u(%u)", seg->s_seq, stream->seq,
seg->len));
ABORT(r); ABORT(r);
} }
} }
@ -384,9 +383,7 @@ process_data_segment (tcp_conn *conn, proto_mod *handler, packet *p, stream_data
return (_status); return (_status);
} }
static int static int print_tcp_packet(packet *p) {
print_tcp_packet (packet *p)
{
char *src = 0, *dst = 0; char *src = 0, *dst = 0;
struct timeval *ts = &p->ts; struct timeval *ts = &p->ts;
@ -399,17 +396,13 @@ print_tcp_packet (packet *p)
if(!(NET_print_flags & NET_PRINT_JSON)) { if(!(NET_print_flags & NET_PRINT_JSON)) {
if(NET_print_flags & NET_PRINT_TS) { if(NET_print_flags & NET_PRINT_TS) {
printf("%lld%c%4.4lld ", (long long)ts->tv_sec,'.',(long long)ts->tv_usec/100); printf("%lld%c%4.4lld ", (long long)ts->tv_sec, '.',
(long long)ts->tv_usec / 100);
} }
printf("TCP: %s(%d) -> %s(%d) ", printf("TCP: %s(%d) -> %s(%d) ", src, ntohs(p->tcp->th_sport), dst,
src,
ntohs(p->tcp->th_sport),
dst,
ntohs(p->tcp->th_dport)); ntohs(p->tcp->th_dport));
printf("Seq %u.(%d) ", printf("Seq %u.(%d) ", ntohl(p->tcp->th_seq), p->len - p->tcp->th_off * 4);
ntohl(p->tcp->th_seq),
p->len - p->tcp->th_off *4);
if(p->tcp->th_flags & TH_ACK) if(p->tcp->th_flags & TH_ACK)
printf("ACK %u ", ntohl(p->tcp->th_ack)); printf("ACK %u ", ntohl(p->tcp->th_ack));
@ -432,9 +425,7 @@ print_tcp_packet (packet *p)
return (0); return (0);
} }
int int STRIM(UINT4 _seq, segment *s) {
STRIM (UINT4 _seq, segment *s)
{
int l; int l;
int off; int off;
@ -447,7 +438,8 @@ STRIM (UINT4 _seq, segment *s)
l = _seq - (s)->s_seq; /* number of bytes to trim l = _seq - (s)->s_seq; /* number of bytes to trim
from the left of s */ from the left of s */
off = (s)->p->tcp->th_off * 4; off = (s)->p->tcp->th_off * 4;
if(l>((s)->p->len-off)) ERETURN(R_BAD_DATA); if(l > ((s)->p->len - off))
ERETURN(R_BAD_DATA);
/* Now remove the leading l bytes */ /* Now remove the leading l bytes */
(s)->data = (s)->p->data + off + (l); (s)->data = (s)->p->data + off + (l);
@ -467,4 +459,3 @@ STRIM (UINT4 _seq, segment *s)
return (0); return (0);
} }

8
base/tcppack.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: tcppack.h,v 1.3 2001/07/20 23:33:15 ekr Exp $ $Id: tcppack.h,v 1.3 2001/07/20 23:33:15 ekr Exp $
@ -43,12 +44,9 @@
ekr@rtfm.com Wed Jan 6 15:08:30 1999 ekr@rtfm.com Wed Jan 6 15:08:30 1999
*/ */
#ifndef _tcppack_h #ifndef _tcppack_h
#define _tcppack_h #define _tcppack_h
int process_tcp_packet PROTO_LIST((proto_mod *mod,proto_ctx *ctx, int process_tcp_packet PROTO_LIST((proto_mod * mod, proto_ctx *ctx, packet *p));
packet *p));
#endif #endif

23
common/include/r_assoc.h
View file

@ -39,7 +39,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_assoc.h,v 1.3 2001/12/24 06:06:26 ekr Exp $ $Id: r_assoc.h,v 1.3 2001/12/24 06:06:26 ekr Exp $
@ -47,21 +48,24 @@
ekr@rtfm.com Sun Jan 17 17:57:18 1999 ekr@rtfm.com Sun Jan 17 17:57:18 1999
*/ */
#ifndef _r_assoc_h #ifndef _r_assoc_h
#define _r_assoc_h #define _r_assoc_h
typedef struct r_assoc_ r_assoc; typedef struct r_assoc_ r_assoc;
int r_assoc_create PROTO_LIST((r_assoc * *assocp)); int r_assoc_create PROTO_LIST((r_assoc * *assocp));
int r_assoc_insert PROTO_LIST((r_assoc *assoc,char *key,int len, int r_assoc_insert PROTO_LIST((r_assoc * assoc,
void *value,int (*copy)(void **new,void *old), char *key,
int (*destroy)(void *ptr),int how)); int len,
void *value,
int (*copy)(void **new, void *old),
int (*destroy)(void *ptr),
int how));
#define R_ASSOC_REPLACE 0x1 #define R_ASSOC_REPLACE 0x1
#define R_ASSOC_NEW 0x2 #define R_ASSOC_NEW 0x2
int r_assoc_fetch PROTO_LIST((r_assoc *assoc,char *key, int len, int r_assoc_fetch
void **value)); PROTO_LIST((r_assoc * assoc, char *key, int len, void **value));
int r_assoc_copy PROTO_LIST((r_assoc * *new, r_assoc *old)); int r_assoc_copy PROTO_LIST((r_assoc * *new, r_assoc *old));
int r_assoc_destroy PROTO_LIST((r_assoc * *assocp)); int r_assoc_destroy PROTO_LIST((r_assoc * *assocp));
@ -75,9 +79,8 @@ typedef struct r_assoc_iterator_ {
} r_assoc_iterator; } r_assoc_iterator;
int r_assoc_init_iter PROTO_LIST((r_assoc * assoc, r_assoc_iterator *)); int r_assoc_init_iter PROTO_LIST((r_assoc * assoc, r_assoc_iterator *));
int r_assoc_iter PROTO_LIST((r_assoc_iterator *iter,void **key,int *keyl, int r_assoc_iter
void **val)); PROTO_LIST((r_assoc_iterator * iter, void **key, int *keyl, void **val));
int r_assoc_iter_delete PROTO_LIST((r_assoc_iterator *)); int r_assoc_iter_delete PROTO_LIST((r_assoc_iterator *));
#endif #endif

2
common/include/r_bitfield.h
View file

@ -7,7 +7,6 @@
ekr@rtfm.com Wed Oct 3 10:43:50 2001 ekr@rtfm.com Wed Oct 3 10:43:50 2001
*/ */
#ifndef _r_bitfield_h #ifndef _r_bitfield_h
#define _r_bitfield_h #define _r_bitfield_h
@ -23,4 +22,3 @@ int r_bitfield_create PROTO_LIST((r_bitfield **setp,UINT4 size));
int r_bitfield_destroy PROTO_LIST((r_bitfield * *setp)); int r_bitfield_destroy PROTO_LIST((r_bitfield * *setp));
#endif #endif

5
common/include/r_common.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_common.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ $Id: r_common.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Dec 22 10:40:07 1998 ekr@rtfm.com Tue Dec 22 10:40:07 1998
*/ */
#ifndef _r_common_h #ifndef _r_common_h
#define _r_common_h #define _r_common_h
@ -67,4 +67,3 @@ char *strdup PROTO_LIST((char *in));
#endif #endif
#endif #endif

17
common/include/r_data.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_data.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ $Id: r_data.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Wed Feb 10 14:18:19 1999 ekr@rtfm.com Wed Feb 10 14:18:19 1999
*/ */
#ifndef _r_data_h #ifndef _r_data_h
#define _r_data_h #define _r_data_h
@ -60,9 +60,14 @@ int r_data_copy PROTO_LIST((Data *dst,Data *src));
int r_data_zfree PROTO_LIST((Data * d)); int r_data_zfree PROTO_LIST((Data * d));
int r_data_compare PROTO_LIST((Data * d1, Data *d2)); int r_data_compare PROTO_LIST((Data * d1, Data *d2));
#define INIT_DATA(a,b,c) (a).data=b; (a).len=c #define INIT_DATA(a, b, c) \
#define ATTACH_DATA(a,b) (a).data=b; (a).len=sizeof(b) (a).data = b; \
#define ZERO_DATA(a) (a).data=0; (a).len=0 (a).len = c
#define ATTACH_DATA(a, b) \
(a).data = b; \
(a).len = sizeof(b)
#define ZERO_DATA(a) \
(a).data = 0; \
(a).len = 0
#endif #endif

6
common/include/r_defaults.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_defaults.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ $Id: r_defaults.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Dec 22 10:39:14 1998 ekr@rtfm.com Tue Dec 22 10:39:14 1998
*/ */
#ifndef _r_defaults_h #ifndef _r_defaults_h
#define _r_defaults_h #define _r_defaults_h
@ -51,9 +51,7 @@
#define R_USE_PROTOTYPES 1 #define R_USE_PROTOTYPES 1
#endif #endif
/*The needs defines don't belong here*/ /*The needs defines don't belong here*/
#define R_NEEDS_STDLIB_H #define R_NEEDS_STDLIB_H
#endif #endif

5
common/include/r_errors.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_errors.h,v 1.3 2002/01/21 17:36:51 ekr Exp $ $Id: r_errors.h,v 1.3 2002/01/21 17:36:51 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Dec 22 10:59:49 1998 ekr@rtfm.com Tue Dec 22 10:59:49 1998
*/ */
#ifndef _r_errors_h #ifndef _r_errors_h
#define _r_errors_h #define _r_errors_h
@ -59,4 +59,3 @@
int verr_exit PROTO_LIST((char *fmt, ...)); int verr_exit PROTO_LIST((char *fmt, ...));
#endif #endif

5
common/include/r_includes.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_includes.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ $Id: r_includes.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Dec 22 11:38:50 1998 ekr@rtfm.com Tue Dec 22 11:38:50 1998
*/ */
#ifndef _r_includes_h #ifndef _r_includes_h
#define _r_includes_h #define _r_includes_h
@ -59,4 +59,3 @@
#include <string.h> #include <string.h>
#endif #endif

10
common/include/r_list.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_list.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ $Id: r_list.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Jan 19 08:36:48 1999 ekr@rtfm.com Tue Jan 19 08:36:48 1999
*/ */
#ifndef _r_list_h #ifndef _r_list_h
#define _r_list_h #define _r_list_h
@ -57,10 +57,12 @@ typedef struct r_list_iterator_ {
int r_list_create PROTO_LIST((r_list * *listp)); int r_list_create PROTO_LIST((r_list * *listp));
int r_list_destroy PROTO_LIST((r_list * *listp)); int r_list_destroy PROTO_LIST((r_list * *listp));
int r_list_copy PROTO_LIST((r_list * *out, r_list *in)); int r_list_copy PROTO_LIST((r_list * *out, r_list *in));
int r_list_insert PROTO_LIST((r_list *list,void *value, int r_list_insert PROTO_LIST((r_list * list,
void *value,
int (*copy)(void **new, void *old), int (*copy)(void **new, void *old),
int (*destroy)(void **ptr))); int (*destroy)(void **ptr)));
int r_list_append PROTO_LIST((r_list *list,void *value, int r_list_append PROTO_LIST((r_list * list,
void *value,
int (*copy)(void **new, void *old), int (*copy)(void **new, void *old),
int (*destroy)(void **ptr))); int (*destroy)(void **ptr)));
int r_list_init_iter PROTO_LIST((r_list * list, r_list_iterator *iter)); int r_list_init_iter PROTO_LIST((r_list * list, r_list_iterator *iter));

42
common/include/r_macros.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_macros.h,v 1.4 2001/11/20 17:45:18 ekr Exp $ $Id: r_macros.h,v 1.4 2001/11/20 17:45:18 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Dec 22 10:37:32 1998 ekr@rtfm.com Tue Dec 22 10:37:32 1998
*/ */
#ifndef _r_macros_h #ifndef _r_macros_h
#define _r_macros_h #define _r_macros_h
@ -58,22 +58,40 @@
#endif #endif
#ifdef R_TRACE_ERRORS #ifdef R_TRACE_ERRORS
#define REPORT_ERROR_(caller,a) fprintf(stderr,"%s: error %d at %s:%d (function %s)\n", \ #define REPORT_ERROR_(caller, a) \
caller,a,__FILE__,__LINE__,__FUNCTION__) fprintf(stderr, "%s: error %d at %s:%d (function %s)\n", caller, a, \
__FILE__, __LINE__, __FUNCTION__)
#else #else
#define REPORT_ERROR_(caller, a) #define REPORT_ERROR_(caller, a)
#endif #endif
#ifndef ERETURN #ifndef ERETURN
#define ERETURN(a) do {int _r=a; if(!_r) _r=-1; REPORT_ERROR_("ERETURN",_r); return(_r);} while(0) #define ERETURN(a) \
do { \
int _r = a; \
if(!_r) \
_r = -1; \
REPORT_ERROR_("ERETURN", _r); \
return (_r); \
} while(0)
#endif #endif
#ifndef ABORT #ifndef ABORT
#define ABORT(a) do { int _r=a; if(!_r) _r=-1; REPORT_ERROR_("ABORT",_r); _status=_r; goto abort;} while(0) #define ABORT(a) \
do { \
int _r = a; \
if(!_r) \
_r = -1; \
REPORT_ERROR_("ABORT", _r); \
_status = _r; \
goto abort; \
} while(0)
#endif #endif
#ifndef FREE #ifndef FREE
#define FREE(a) if(a) free(a) #define FREE(a) \
if(a) \
free(a)
#endif #endif
#ifndef MIN #ifndef MIN
#define MIN(a, b) (((a) > (b)) ? (b) : (a)) #define MIN(a, b) (((a) > (b)) ? (b) : (a))
@ -99,14 +117,20 @@ int debug(int class,char *format,...);
#endif #endif
#ifndef RFREE #ifndef RFREE
#define RFREE(a) if(a) free(a) #define RFREE(a) \
if(a) \
free(a)
#endif #endif
#ifndef RREALLOC #ifndef RREALLOC
#define RREALLOC(a, b) realloc(a, b) #define RREALLOC(a, b) realloc(a, b)
#endif #endif
#define UNIMPLEMENTED do { fprintf(stderr,"Function %s unimplemented\n",__FUNCTION__); abort(); } while(0) #define UNIMPLEMENTED \
do { \
fprintf(stderr, "Function %s unimplemented\n", __FUNCTION__); \
abort(); \
} while(0)
#ifdef STDC_HEADERS #ifdef STDC_HEADERS
#include <string.h> #include <string.h>

8
common/include/r_thread.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_thread.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ $Id: r_thread.h,v 1.2 2000/10/17 16:09:59 ekr Exp $
@ -43,15 +44,13 @@
ekr@rtfm.com Tue Feb 23 14:58:36 1999 ekr@rtfm.com Tue Feb 23 14:58:36 1999
*/ */
#ifndef _r_thread_h #ifndef _r_thread_h
#define _r_thread_h #define _r_thread_h
typedef void *r_thread; typedef void *r_thread;
typedef void *r_rwlock; typedef void *r_rwlock;
int r_thread_fork PROTO_LIST((void (*func)(void *),void *arg, int r_thread_fork PROTO_LIST((void (*func)(void *), void *arg, r_thread *tid));
r_thread *tid));
int r_thread_destroy PROTO_LIST((r_thread tid)); int r_thread_destroy PROTO_LIST((r_thread tid));
int r_thread_yield PROTO_LIST((void)); int r_thread_yield PROTO_LIST((void));
int r_thread_exit PROTO_LIST((void)); int r_thread_exit PROTO_LIST((void));
@ -66,4 +65,3 @@ int r_rwlock_lock PROTO_LIST((r_rwlock *lock,int action));
#define R_RWLOCK_WLOCK 2 #define R_RWLOCK_WLOCK 2
#endif #endif

11
common/include/r_time.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_time.h,v 1.4 2001/12/24 06:06:26 ekr Exp $ $Id: r_time.h,v 1.4 2001/12/24 06:06:26 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Thu Mar 4 08:45:41 1999 ekr@rtfm.com Thu Mar 4 08:45:41 1999
*/ */
#ifndef _r_time_h #ifndef _r_time_h
#define _r_time_h #define _r_time_h
@ -67,13 +67,14 @@
#endif #endif
#endif #endif
int r_timeval_diff PROTO_LIST((struct timeval *t1,struct timeval *t0, int r_timeval_diff PROTO_LIST((struct timeval * t1,
struct timeval *t0,
struct timeval *diff)); struct timeval *diff));
int r_timeval_add PROTO_LIST((struct timeval *t1,struct timeval *t2, int r_timeval_add PROTO_LIST((struct timeval * t1,
struct timeval *t2,
struct timeval *sum)); struct timeval *sum));
UINT8 r_timeval2int PROTO_LIST((struct timeval * tv)); UINT8 r_timeval2int PROTO_LIST((struct timeval * tv));
UINT8 r_gettimeint PROTO_LIST((void)); UINT8 r_gettimeint PROTO_LIST((void));
#endif #endif

5
common/include/r_types.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_types.h,v 1.3 2002/09/09 21:02:58 ekr Exp $ $Id: r_types.h,v 1.3 2002/09/09 21:02:58 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Dec 22 10:36:02 1998 ekr@rtfm.com Tue Dec 22 10:36:02 1998
*/ */
#ifndef _r_types_h #ifndef _r_types_h
#define _r_types_h #define _r_types_h
@ -92,4 +92,3 @@ typedef unsigned char UCHAR;
#endif #endif
#endif #endif

5
common/lib/assoc.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: assoc.h,v 1.2 2000/10/17 16:10:00 ekr Exp $ $Id: assoc.h,v 1.2 2000/10/17 16:10:00 ekr Exp $
@ -43,11 +44,9 @@
ekr@rtfm.com Sun Jan 17 17:56:35 1999 ekr@rtfm.com Sun Jan 17 17:56:35 1999
*/ */
#ifndef _assoc_h #ifndef _assoc_h
#define _assoc_h #define _assoc_h
typedef struct assoc_ assoc; typedef struct assoc_ assoc;
#endif #endif

20
common/lib/debug.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: debug.c,v 1.3 2001/12/24 06:06:26 ekr Exp $ $Id: debug.c,v 1.3 2001/12/24 06:06:26 ekr Exp $
@ -43,16 +44,12 @@
ekr@rtfm.com Wed Jan 6 17:08:58 1999 ekr@rtfm.com Wed Jan 6 17:08:58 1999
*/ */
#include <stdarg.h> #include <stdarg.h>
#include <stdio.h> #include <stdio.h>
#include "r_common.h" #include "r_common.h"
#include "debug.h" #include "debug.h"
int debug(int class,char *format,...) int debug(int class, char *format, ...) {
{
va_list ap; va_list ap;
va_start(ap, format); va_start(ap, format);
@ -62,16 +59,13 @@ int debug(int class,char *format,...)
return (0); return (0);
} }
int int xdump(char *name, UCHAR *data, int len) {
xdump (char *name, UCHAR *data, int len)
{
int i; int i;
if(name) { if(name) {
printf("%s[%d]=\n", name, len); printf("%s[%d]=\n", name, len);
} }
for(i = 0; i < len; i++) { for(i = 0; i < len; i++) {
if((len > 8) && i && !(i % 12)) { if((len > 8) && i && !(i % 12)) {
printf("\n"); printf("\n");
} }
@ -81,9 +75,3 @@ xdump (char *name, UCHAR *data, int len)
printf("\n"); printf("\n");
return (0); return (0);
} }

8
common/lib/debug.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: debug.h,v 1.3 2001/12/24 06:06:26 ekr Exp $ $Id: debug.h,v 1.3 2001/12/24 06:06:26 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Wed Jan 6 17:13:00 1999 ekr@rtfm.com Wed Jan 6 17:13:00 1999
*/ */
#ifndef _debug_h #ifndef _debug_h
#define _debug_h #define _debug_h
@ -54,8 +54,6 @@
#endif #endif
int debug(int class, char *format, ...); int debug(int class, char *format, ...);
int xdump PROTO_LIST((char *name,UCHAR *data, int xdump PROTO_LIST((char *name, UCHAR *data, int len));
int len));
#endif #endif

84
common/lib/r_assoc.c
View file

@ -46,7 +46,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_assoc.c,v 1.4 2001/12/24 06:06:26 ekr Exp $ $Id: r_assoc.c,v 1.4 2001/12/24 06:06:26 ekr Exp $
@ -54,7 +55,6 @@
ekr@rtfm.com Sun Jan 17 17:57:15 1999 ekr@rtfm.com Sun Jan 17 17:57:15 1999
*/ */
#include <r_common.h> #include <r_common.h>
#include "r_assoc.h" #include "r_assoc.h"
@ -77,15 +77,12 @@ struct r_assoc_ {
#define DEFAULT_TABLE_BITS 5 #define DEFAULT_TABLE_BITS 5
static int destroy_assoc_chain PROTO_LIST((r_assoc_el * chain)); static int destroy_assoc_chain PROTO_LIST((r_assoc_el * chain));
static int r_assoc_fetch_bucket PROTO_LIST((r_assoc *assoc, static int r_assoc_fetch_bucket
char *key,int len,r_assoc_el **bucketp)); PROTO_LIST((r_assoc * assoc, char *key, int len, r_assoc_el **bucketp));
UINT4 hash_compute PROTO_LIST((char *key, int len, int size)); UINT4 hash_compute PROTO_LIST((char *key, int len, int size));
static int copy_assoc_chain PROTO_LIST((r_assoc_el **newp, static int copy_assoc_chain PROTO_LIST((r_assoc_el * *newp, r_assoc_el *old));
r_assoc_el *old));
int int r_assoc_create(r_assoc **assocp) {
r_assoc_create (r_assoc **assocp)
{
r_assoc *assoc = 0; r_assoc *assoc = 0;
int _status; int _status;
@ -94,8 +91,8 @@ r_assoc_create (r_assoc **assocp)
assoc->size = (1 << DEFAULT_TABLE_BITS); assoc->size = (1 << DEFAULT_TABLE_BITS);
assoc->bits = DEFAULT_TABLE_BITS; assoc->bits = DEFAULT_TABLE_BITS;
if(!(assoc->chains=(r_assoc_el **)calloc(sizeof(r_assoc_el *), if(!(assoc->chains =
assoc->size))) (r_assoc_el **)calloc(sizeof(r_assoc_el *), assoc->size)))
ABORT(R_NO_MEMORY); ABORT(R_NO_MEMORY);
*assocp = assoc; *assocp = assoc;
@ -108,9 +105,7 @@ r_assoc_create (r_assoc **assocp)
return (_status); return (_status);
} }
int int r_assoc_destroy(r_assoc **assocp) {
r_assoc_destroy (r_assoc **assocp)
{
r_assoc *assoc; r_assoc *assoc;
int i; int i;
@ -127,9 +122,7 @@ r_assoc_destroy (r_assoc **assocp)
return (0); return (0);
} }
static int static int destroy_assoc_chain(r_assoc_el *chain) {
destroy_assoc_chain (r_assoc_el *chain)
{
r_assoc_el *nxt; r_assoc_el *nxt;
while(chain) { while(chain) {
@ -147,9 +140,7 @@ destroy_assoc_chain (r_assoc_el *chain)
return (0); return (0);
} }
static int static int copy_assoc_chain(r_assoc_el **newp, r_assoc_el *old) {
copy_assoc_chain (r_assoc_el **newp, r_assoc_el *old)
{
r_assoc_el *new = 0, *ptr, *tmp; r_assoc_el *new = 0, *ptr, *tmp;
int r, _status; int r, _status;
@ -164,8 +155,7 @@ copy_assoc_chain (r_assoc_el **newp, r_assoc_el *old)
if(!new) { if(!new) {
new = tmp; new = tmp;
ptr = new; ptr = new;
} } else {
else{
ptr->next = tmp; ptr->next = tmp;
tmp->prev = ptr; tmp->prev = ptr;
ptr = tmp; ptr = tmp;
@ -177,8 +167,7 @@ copy_assoc_chain (r_assoc_el **newp, r_assoc_el *old)
if(old->copy) { if(old->copy) {
if((r = old->copy(&ptr->data, old->data))) if((r = old->copy(&ptr->data, old->data)))
ABORT(r); ABORT(r);
} } else
else
ptr->data = old->data; ptr->data = old->data;
if(!(ptr->key = (char *)malloc(old->key_len))) if(!(ptr->key = (char *)malloc(old->key_len)))
@ -196,9 +185,10 @@ copy_assoc_chain (r_assoc_el **newp, r_assoc_el *old)
return (_status); return (_status);
} }
static int static int r_assoc_fetch_bucket(r_assoc *assoc,
r_assoc_fetch_bucket (r_assoc *assoc, char *key, int len, r_assoc_el **bucketp) char *key,
{ int len,
r_assoc_el **bucketp) {
UINT4 hash_value; UINT4 hash_value;
r_assoc_el *bucket; r_assoc_el *bucket;
@ -214,9 +204,7 @@ r_assoc_fetch_bucket (r_assoc *assoc, char *key, int len, r_assoc_el **bucketp)
return (R_NOT_FOUND); return (R_NOT_FOUND);
} }
int int r_assoc_fetch(r_assoc *assoc, char *key, int len, void **datap) {
r_assoc_fetch (r_assoc *assoc, char *key, int len, void **datap)
{
r_assoc_el *bucket; r_assoc_el *bucket;
int r; int r;
@ -230,15 +218,13 @@ r_assoc_fetch (r_assoc *assoc, char *key, int len, void **datap)
return (0); return (0);
} }
int r_assoc_insert( int r_assoc_insert(r_assoc *assoc,
r_assoc *assoc,
char *key, char *key,
int len, int len,
void *data, void *data,
int(*copy) PROTO_LIST((void **new, void *old)), int(*copy) PROTO_LIST((void **new, void *old)),
int(*destroy) PROTO_LIST((void *ptr)), int(*destroy) PROTO_LIST((void *ptr)),
int how) int how) {
{
r_assoc_el *bucket, *new_bucket = 0; r_assoc_el *bucket, *new_bucket = 0;
int r, _status; int r, _status;
@ -263,8 +249,7 @@ int r_assoc_insert(
new_bucket->next = assoc->chains[hash_value]; new_bucket->next = assoc->chains[hash_value];
assoc->chains[hash_value] = new_bucket; assoc->chains[hash_value] = new_bucket;
bucket = new_bucket; bucket = new_bucket;
} } else {
else{
if(!(how & R_ASSOC_REPLACE)) if(!(how & R_ASSOC_REPLACE))
ABORT(R_ALREADY); ABORT(R_ALREADY);
@ -285,9 +270,7 @@ int r_assoc_insert(
return (_status); return (_status);
} }
int int r_assoc_copy(r_assoc **newp, r_assoc *old) {
r_assoc_copy (r_assoc **newp, r_assoc *old)
{
int r, _status, i; int r, _status, i;
r_assoc *new; r_assoc *new;
@ -312,9 +295,7 @@ r_assoc_copy (r_assoc **newp, r_assoc *old)
return (_status); return (_status);
} }
int int r_assoc_init_iter(r_assoc *assoc, r_assoc_iterator *iter) {
r_assoc_init_iter (r_assoc *assoc, r_assoc_iterator *iter)
{
int i; int i;
iter->assoc = assoc; iter->assoc = assoc;
@ -335,9 +316,7 @@ r_assoc_init_iter (r_assoc *assoc, r_assoc_iterator *iter)
return (0); return (0);
} }
int int r_assoc_iter(r_assoc_iterator *iter, void **key, int *keyl, void **val) {
r_assoc_iter (r_assoc_iterator *iter, void **key, int *keyl, void **val)
{
int i; int i;
r_assoc_el *ret; r_assoc_el *ret;
@ -356,8 +335,7 @@ r_assoc_iter (r_assoc_iterator *iter, void **key, int *keyl, void **val)
/* More on this chain */ /* More on this chain */
if(iter->next->next) { if(iter->next->next) {
iter->next = iter->next->next; iter->next = iter->next->next;
} } else {
else{
iter->next = 0; iter->next = 0;
/* FInd the next occupied chain*/ /* FInd the next occupied chain*/
@ -374,15 +352,12 @@ r_assoc_iter (r_assoc_iterator *iter, void **key, int *keyl, void **val)
} }
/* Delete the last returned value*/ /* Delete the last returned value*/
int int r_assoc_iter_delete(r_assoc_iterator *iter) {
r_assoc_iter_delete (r_assoc_iterator *iter)
{
/* First unhook it from the list*/ /* First unhook it from the list*/
if(!iter->prev->prev) { if(!iter->prev->prev) {
/* First element*/ /* First element*/
iter->assoc->chains[iter->prev_chain] = iter->prev->next; iter->assoc->chains[iter->prev_chain] = iter->prev->next;
} } else {
else{
iter->prev->prev->next = iter->prev->next; iter->prev->prev->next = iter->prev->next;
} }
@ -396,12 +371,10 @@ r_assoc_iter_delete (r_assoc_iterator *iter)
return (0); return (0);
} }
/*This is a hack from AMS. Supposedly, it's pretty good for strings, even /*This is a hack from AMS. Supposedly, it's pretty good for strings, even
though it doesn't take into account all the data*/ though it doesn't take into account all the data*/
UINT4 UINT4
hash_compute (char *key, int len, int bits) hash_compute(char *key, int len, int bits) {
{
UINT4 h = 0; UINT4 h = 0;
h = key[0] + (key[len - 1] * len); h = key[0] + (key[len - 1] * len);
@ -410,4 +383,3 @@ hash_compute (char *key, int len, int bits)
return (h); return (h);
} }

21
common/lib/r_assoc_test.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_assoc_test.c,v 1.2 2000/10/17 16:10:00 ekr Exp $ $Id: r_assoc_test.c,v 1.2 2000/10/17 16:10:00 ekr Exp $
@ -43,14 +44,10 @@
ekr@rtfm.com Sun Jan 17 21:09:22 1999 ekr@rtfm.com Sun Jan 17 21:09:22 1999
*/ */
#include <r_common.h> #include <r_common.h>
#include <r_assoc.h> #include <r_assoc.h>
int int main(void) {
main (void)
{
char test_vector[1024], *v; char test_vector[1024], *v;
int rnd, ct, r; int rnd, ct, r;
r_assoc *assoc, *new_assoc; r_assoc *assoc, *new_assoc;
@ -69,7 +66,6 @@ main (void)
v[2] = (ct >> 16) & 255; v[2] = (ct >> 16) & 255;
v[3] = (ct >> 24) & 255; v[3] = (ct >> 24) & 255;
if(r = r_assoc_insert(assoc, v, 4, v, 0, 0, R_ASSOC_REPLACE)) { if(r = r_assoc_insert(assoc, v, 4, v, 0, 0, R_ASSOC_REPLACE)) {
fprintf(stderr, "Couldn't insert %d\n", ct); fprintf(stderr, "Couldn't insert %d\n", ct);
exit(1); exit(1);
@ -95,9 +91,7 @@ main (void)
exit(0); exit(0);
} }
int int fetch_test(r_assoc *assoc) {
fetch_test (r_assoc *assoc)
{
int ct; int ct;
char vec[4], *v; char vec[4], *v;
int r, _status, rnd; int r, _status, rnd;
@ -113,15 +107,12 @@ fetch_test (r_assoc *assoc)
vec[3] = (rnd >> 24) & 255; vec[3] = (rnd >> 24) & 255;
if(r = r_assoc_fetch(assoc, vec, 4, (void **)&v)) { if(r = r_assoc_fetch(assoc, vec, 4, (void **)&v)) {
if(rnd < 256) { if(rnd < 256) {
fprintf(stderr, "Couldn't fetch\n"); fprintf(stderr, "Couldn't fetch\n");
exit(1); exit(1);
} } else
else
continue; continue;
} } else {
else{
if(rnd > 255) { if(rnd > 255) {
fprintf(stderr, "Spurious fetch\n"); fprintf(stderr, "Spurious fetch\n");
exit(1); exit(1);

18
common/lib/r_bitfield.c
View file

@ -7,14 +7,10 @@
ekr@rtfm.com Wed Oct 3 11:15:23 2001 ekr@rtfm.com Wed Oct 3 11:15:23 2001
*/ */
#include <r_common.h> #include <r_common.h>
#include "r_bitfield.h" #include "r_bitfield.h"
int int r_bitfield_create(r_bitfield **setp, UINT4 size) {
r_bitfield_create (r_bitfield **setp, UINT4 size)
{
r_bitfield *set = 0; r_bitfield *set = 0;
int _status; int _status;
int num_words = size / 32 + !!(size % 32); int num_words = size / 32 + !!(size % 32);
@ -39,9 +35,7 @@ r_bitfield_create (r_bitfield **setp, UINT4 size)
return (_status); return (_status);
} }
int int r_bitfield_destroy(r_bitfield **setp) {
r_bitfield_destroy (r_bitfield **setp)
{
r_bitfield *set; r_bitfield *set;
if(!setp || !*setp) if(!setp || !*setp)
@ -56,9 +50,7 @@ r_bitfield_destroy (r_bitfield **setp)
return (0); return (0);
} }
int int r_bitfield_set(r_bitfield *set, int bit) {
r_bitfield_set (r_bitfield *set, int bit)
{
int word = (bit - set->base) / 32; int word = (bit - set->base) / 32;
int bbit = (bit - set->base) % 32; int bbit = (bit - set->base) % 32;
int _status; int _status;
@ -88,9 +80,7 @@ r_bitfield_set (r_bitfield *set, int bit)
return (_status); return (_status);
} }
int int r_bitfield_isset(r_bitfield *set, int bit) {
r_bitfield_isset (r_bitfield *set, int bit)
{
int word = (bit - set->base) / 32; int word = (bit - set->base) / 32;
int bbit = (bit - set->base) % 32; int bbit = (bit - set->base) % 32;
int _status; int _status;

34
common/lib/r_data.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_data.c,v 1.3 2001/07/20 23:33:15 ekr Exp $ $Id: r_data.c,v 1.3 2001/07/20 23:33:15 ekr Exp $
@ -43,14 +44,10 @@
ekr@rtfm.com Tue Aug 17 15:39:50 1999 ekr@rtfm.com Tue Aug 17 15:39:50 1999
*/ */
#include <r_common.h> #include <r_common.h>
#include <r_data.h> #include <r_data.h>
int int r_data_create(Data **dp, UCHAR *d, int l) {
r_data_create (Data **dp, UCHAR *d, int l)
{
Data *d_ = 0; Data *d_ = 0;
int _status; int _status;
@ -72,9 +69,7 @@ r_data_create (Data **dp, UCHAR *d, int l)
return (_status); return (_status);
} }
int int r_data_alloc(Data **dp, int l) {
r_data_alloc (Data **dp, int l)
{
Data *d_ = 0; Data *d_ = 0;
int _status; int _status;
@ -94,9 +89,7 @@ r_data_alloc (Data **dp, int l)
return (_status); return (_status);
} }
int int r_data_make(Data *dp, UCHAR *d, int l) {
r_data_make (Data *dp, UCHAR *d, int l)
{
if(!(dp->data = (UCHAR *)malloc(l))) if(!(dp->data = (UCHAR *)malloc(l)))
ERETURN(R_NO_MEMORY); ERETURN(R_NO_MEMORY);
@ -106,9 +99,7 @@ r_data_make (Data *dp, UCHAR *d, int l)
return (0); return (0);
} }
int int r_data_destroy(Data **dp) {
r_data_destroy (Data **dp)
{
if(!dp || !*dp) if(!dp || !*dp)
return (0); return (0);
@ -121,18 +112,14 @@ r_data_destroy (Data **dp)
return (0); return (0);
} }
int int r_data_copy(Data *dst, Data *src) {
r_data_copy (Data *dst, Data *src)
{
if(!(dst->data = (UCHAR *)malloc(src->len))) if(!(dst->data = (UCHAR *)malloc(src->len)))
ERETURN(R_NO_MEMORY); ERETURN(R_NO_MEMORY);
memcpy(dst->data, src->data, dst->len = src->len); memcpy(dst->data, src->data, dst->len = src->len);
return (0); return (0);
} }
int int r_data_zfree(Data *d) {
r_data_zfree (Data *d)
{
if(!d) if(!d)
return (0); return (0);
if(!d->data) if(!d->data)
@ -142,13 +129,10 @@ r_data_zfree (Data *d)
return (0); return (0);
} }
int int r_data_compare(Data *d1, Data *d2) {
r_data_compare (Data *d1, Data *d2)
{
if(d1->len < d2->len) if(d1->len < d2->len)
return (-1); return (-1);
if(d2->len < d1->len) if(d2->len < d1->len)
return (-1); return (-1);
return (memcmp(d1->data, d2->data, d1->len)); return (memcmp(d1->data, d2->data, d1->len));
} }

6
common/lib/r_data.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_data.h,v 1.2 2000/10/17 16:10:00 ekr Exp $ $Id: r_data.h,v 1.2 2000/10/17 16:10:00 ekr Exp $
@ -43,10 +44,7 @@
ekr@rtfm.com Fri Feb 4 08:58:48 2000 ekr@rtfm.com Fri Feb 4 08:58:48 2000
*/ */
#ifndef _r_data_h #ifndef _r_data_h
#define _r_data_h #define _r_data_h
#endif #endif

8
common/lib/r_errors.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_errors.c,v 1.3 2001/12/24 06:06:27 ekr Exp $ $Id: r_errors.c,v 1.3 2001/12/24 06:06:27 ekr Exp $
@ -43,15 +44,12 @@
ekr@rtfm.com Tue Feb 16 16:37:05 1999 ekr@rtfm.com Tue Feb 16 16:37:05 1999
*/ */
#include <stdio.h> #include <stdio.h>
#include <stdarg.h> #include <stdarg.h>
#include "r_common.h" #include "r_common.h"
#include "r_errors.h" #include "r_errors.h"
int verr_exit(char *fmt,...) int verr_exit(char *fmt, ...) {
{
va_list ap; va_list ap;
va_start(ap, fmt); va_start(ap, fmt);

42
common/lib/r_list.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_list.c,v 1.4 2001/12/24 06:06:27 ekr Exp $ $Id: r_list.c,v 1.4 2001/12/24 06:06:27 ekr Exp $
@ -43,8 +44,6 @@
ekr@rtfm.com Tue Jan 19 08:36:39 1999 ekr@rtfm.com Tue Jan 19 08:36:39 1999
*/ */
#include <r_common.h> #include <r_common.h>
#include "r_list.h" #include "r_list.h"
@ -61,9 +60,7 @@ struct r_list_ {
struct r_list_el_ *last; struct r_list_el_ *last;
}; };
int int r_list_create(r_list **listp) {
r_list_create (r_list **listp)
{
r_list *list = 0; r_list *list = 0;
int _status; int _status;
@ -79,9 +76,7 @@ r_list_create (r_list **listp)
return (_status); return (_status);
} }
int int r_list_destroy(r_list **listp) {
r_list_destroy (r_list **listp)
{
r_list *list; r_list *list;
r_list_el *el; r_list_el *el;
@ -107,9 +102,7 @@ r_list_destroy (r_list **listp)
return (0); return (0);
} }
int int r_list_copy(r_list **outp, r_list *in) {
r_list_copy (r_list **outp, r_list *in)
{
r_list *out = 0; r_list *out = 0;
r_list_el *el, *el2, *last = 0; r_list_el *el, *el2, *last = 0;
int r, _status; int r, _status;
@ -148,8 +141,7 @@ r_list_copy (r_list **outp, r_list *in)
return (_status); return (_status);
} }
int r_list_insert(list,value,copy,destroy) int r_list_insert(list, value, copy, destroy) r_list *list;
r_list *list;
void *value; void *value;
int(*copy) PROTO_LIST((void **out, void *in)); int(*copy) PROTO_LIST((void **out, void *in));
int(*destroy) PROTO_LIST((void **val)); int(*destroy) PROTO_LIST((void **val));
@ -175,8 +167,7 @@ int r_list_insert(list,value,copy,destroy)
return (_status); return (_status);
} }
int r_list_append(list,value,copy,destroy) int r_list_append(list, value, copy, destroy) r_list *list;
r_list *list;
void *value; void *value;
int(*copy) PROTO_LIST((void **out, void *in)); int(*copy) PROTO_LIST((void **out, void *in));
int(*destroy) PROTO_LIST((void **val)); int(*destroy) PROTO_LIST((void **val));
@ -193,8 +184,10 @@ int r_list_append(list,value,copy,destroy)
el->prev = list->last; el->prev = list->last;
el->next = 0; el->next = 0;
if(list->last) list->last->next=el; if(list->last)
else list->first=el; list->last->next = el;
else
list->first = el;
list->last = el; list->last = el;
@ -203,18 +196,14 @@ int r_list_append(list,value,copy,destroy)
return (_status); return (_status);
} }
int int r_list_init_iter(r_list *list, r_list_iterator *iter) {
r_list_init_iter (r_list *list, r_list_iterator *iter)
{
iter->list = list; iter->list = list;
iter->ptr = list->first; iter->ptr = list->first;
return (0); return (0);
} }
int int r_list_iter(r_list_iterator *iter, void **val) {
r_list_iter (r_list_iterator *iter, void **val)
{
if(!iter->ptr) if(!iter->ptr)
return (R_EOD); return (R_EOD);
@ -223,8 +212,3 @@ r_list_iter (r_list_iterator *iter, void **val)
return (0); return (0);
} }

10
common/lib/r_replace.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_replace.c,v 1.2 2000/10/17 16:10:00 ekr Exp $ $Id: r_replace.c,v 1.2 2000/10/17 16:10:00 ekr Exp $
@ -43,15 +44,11 @@
ekr@rtfm.com Sun Oct 1 11:18:49 2000 ekr@rtfm.com Sun Oct 1 11:18:49 2000
*/ */
#include "r_common.h" #include "r_common.h"
#ifndef HAVE_STRDUP #ifndef HAVE_STRDUP
char * char *strdup(char *str) {
strdup (char *str)
{
int len = strlen(str); int len = strlen(str);
char *n; char *n;
@ -63,4 +60,3 @@ strdup (char *str)
return (n); return (n);
} }
#endif #endif

27
common/lib/r_time.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: r_time.c,v 1.6 2002/09/09 21:02:58 ekr Exp $ $Id: r_time.c,v 1.6 2002/09/09 21:02:58 ekr Exp $
@ -43,8 +44,6 @@
ekr@rtfm.com Thu Mar 4 08:43:46 1999 ekr@rtfm.com Thu Mar 4 08:43:46 1999
*/ */
#include <r_common.h> #include <r_common.h>
#include <r_time.h> #include <r_time.h>
@ -52,8 +51,7 @@
#include <windows.h> #include <windows.h>
int gettimeofday(struct timeval *tv, struct timezone *tzp) int gettimeofday(struct timeval *tv, struct timezone *tzp) {
{
/* JAN1_1970_OFFSET is the number of 100-nanoseconds ticks /* JAN1_1970_OFFSET is the number of 100-nanoseconds ticks
between midnight jan 1, 1970 and jan 1, 1601. between midnight jan 1, 1970 and jan 1, 1601.
*/ */
@ -84,9 +82,9 @@ int gettimeofday(struct timeval *tv, struct timezone *tzp)
} }
#endif #endif
/*Note that t1 must be > t0 */ /*Note that t1 must be > t0 */
int int r_timeval_diff(struct timeval *t1,
r_timeval_diff (struct timeval *t1, struct timeval *t0, struct timeval *diff) struct timeval *t0,
{ struct timeval *diff) {
long d; long d;
if(t0->tv_sec > t1->tv_sec) if(t0->tv_sec > t1->tv_sec)
@ -109,9 +107,7 @@ r_timeval_diff (struct timeval *t1, struct timeval *t0, struct timeval *diff)
return (0); return (0);
} }
int int r_timeval_add(struct timeval *t1, struct timeval *t2, struct timeval *sum) {
r_timeval_add (struct timeval *t1, struct timeval *t2, struct timeval *sum)
{
long tv_sec, tv_usec, d; long tv_sec, tv_usec, d;
tv_sec = t1->tv_sec + t2->tv_sec; tv_sec = t1->tv_sec + t2->tv_sec;
@ -120,8 +116,7 @@ r_timeval_add (struct timeval *t1, struct timeval *t2, struct timeval *sum)
if(d > 1000000) { if(d > 1000000) {
tv_sec++; tv_sec++;
tv_usec = d - 1000000; tv_usec = d - 1000000;
} } else {
else{
tv_usec = d; tv_usec = d;
} }
@ -132,8 +127,7 @@ r_timeval_add (struct timeval *t1, struct timeval *t2, struct timeval *sum)
} }
UINT8 UINT8
r_timeval2int (struct timeval *tv) r_timeval2int(struct timeval *tv) {
{
UINT8 r = 0; UINT8 r = 0;
r = (tv->tv_sec); r = (tv->tv_sec);
@ -144,8 +138,7 @@ r_timeval2int (struct timeval *tv)
} }
UINT8 UINT8
r_gettimeint (void) r_gettimeint(void) {
{
struct timeval tv; struct timeval tv;
gettimeofday(&tv, 0); gettimeofday(&tv, 0);

37
common/lib/threads/pthreads/pthread.c
View file

@ -7,8 +7,6 @@
ekr@rtfm.com Tue Feb 23 15:08:03 1999 ekr@rtfm.com Tue Feb 23 15:08:03 1999
*/ */
#include <r_common.h> #include <r_common.h>
#include <r_thread.h> #include <r_thread.h>
#include <pthread.h> #include <pthread.h>
@ -20,12 +18,9 @@ typedef struct {
void *arg; void *arg;
} helper; } helper;
static void *r_thread_real_create PROTO_LIST((void *arg)); static void *r_thread_real_create PROTO_LIST((void *arg));
static void * static void *r_thread_real_create(void *arg) {
r_thread_real_create (void *arg)
{
helper *h; helper *h;
h = (helper *)arg; h = (helper *)arg;
@ -39,8 +34,7 @@ r_thread_real_create (void *arg)
return (0); return (0);
} }
int r_thread_fork(func,arg,id) int r_thread_fork(func, arg, id) void(*func) PROTO_LIST((void *));
void (*func) PROTO_LIST((void *));
void *arg; void *arg;
r_thread *id; r_thread *id;
{ {
@ -61,23 +55,17 @@ int r_thread_fork(func,arg,id)
return (_status); return (_status);
} }
int int r_thread_yield(void) {
r_thread_yield (void)
{
pthread_yield(); pthread_yield();
} }
int int r_thread_exit(void) {
r_thread_exit (void)
{
thread_count--; thread_count--;
pthread_exit(0); pthread_exit(0);
return (0); return (0);
} }
int int r_thread_wait_last(void) {
r_thread_wait_last (void)
{
do { do {
pthread_yield(); pthread_yield();
usleep(10000); usleep(10000);
@ -87,9 +75,7 @@ r_thread_wait_last (void)
return (0); return (0);
} }
int int r_rwlock_create(r_rwlock **lockp) {
r_rwlock_create (r_rwlock **lockp)
{
pthread_rwlock_t *lock; pthread_rwlock_t *lock;
int r; int r;
@ -103,9 +89,7 @@ r_rwlock_create (r_rwlock **lockp)
return (0); return (0);
} }
int int r_rwlock_destroy(r_rwlock **lock) {
r_rwlock_destroy (r_rwlock **lock)
{
pthread_rwlock_t *plock; pthread_rwlock_t *plock;
if(!lock || !*lock) if(!lock || !*lock)
@ -118,9 +102,7 @@ r_rwlock_destroy (r_rwlock **lock)
return (0); return (0);
} }
int int r_rwlock_lock(r_rwlock *lock, int action) {
r_rwlock_lock (r_rwlock *lock, int action)
{
pthread_rwlock_t *plock; pthread_rwlock_t *plock;
int r, _status; int r, _status;
@ -147,6 +129,3 @@ r_rwlock_lock (r_rwlock *lock, int action)
abort: abort:
return (_status); return (_status);
} }

52
null/null_analyze.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: null_analyze.c,v 1.6 2001/11/26 22:28:16 ekr Exp $ $Id: null_analyze.c,v 1.6 2001/11/26 22:28:16 ekr Exp $
@ -43,8 +44,6 @@
ekr@rtfm.com Thu Jan 7 22:58:27 1999 ekr@rtfm.com Thu Jan 7 22:58:27 1999
*/ */
#include <ctype.h> #include <ctype.h>
#include "network.h" #include "network.h"
#include "proto_mod.h" #include "proto_mod.h"
@ -55,14 +54,24 @@ typedef struct null_analyzer_ {
} null_analyzer; } null_analyzer;
static int create_null_analyzer PROTO_LIST((void *handle, static int create_null_analyzer PROTO_LIST((void *handle,
proto_ctx *ctx,tcp_conn *conn,proto_obj **objp, proto_ctx *ctx,
struct sockaddr_storage *i_addr,u_short i_port, tcp_conn *conn,
struct sockaddr_storage *r_addr,u_short r_port, struct timeval *base_time)); proto_obj **objp,
struct sockaddr_storage *i_addr,
u_short i_port,
struct sockaddr_storage *r_addr,
u_short r_port,
struct timeval *base_time));
static int create_null_analyzer(void *handle, proto_ctx *ctx, tcp_conn *conn, static int create_null_analyzer(void *handle,
proto_obj **objp, struct sockaddr_storage *i_addr, u_short i_port, struct sockaddr_storage *r_addr, proto_ctx *ctx,
u_short r_port, struct timeval *base_time) tcp_conn *conn,
{ proto_obj **objp,
struct sockaddr_storage *i_addr,
u_short i_port,
struct sockaddr_storage *r_addr,
u_short r_port,
struct timeval *base_time) {
null_analyzer *obj = 0; null_analyzer *obj = 0;
static int ctr; static int ctr;
@ -77,9 +86,7 @@ static int create_null_analyzer(void *handle, proto_ctx *ctx, tcp_conn *conn,
return (0); return (0);
} }
int int destroy_null_analyzer(proto_obj **objp) {
destroy_null_analyzer (proto_obj **objp)
{
null_analyzer *obj; null_analyzer *obj;
if(!objp || !*objp) if(!objp || !*objp)
@ -94,14 +101,11 @@ destroy_null_analyzer (proto_obj **objp)
return (0); return (0);
} }
int int data_null_analyzer(proto_obj *_obj, segment *seg, int direction) {
data_null_analyzer (proto_obj *_obj, segment *seg, int direction)
{
#ifdef DEBUG #ifdef DEBUG
null_analyzer *obj = (null_analyzer *)_obj; null_analyzer *obj = (null_analyzer *)_obj;
#endif #endif
DBG((0,"Processing data for connection %d dir %d\n",obj->num, DBG((0, "Processing data for connection %d dir %d\n", obj->num, direction));
direction));
for(; seg; seg = seg->next) { for(; seg; seg = seg->next) {
int i; int i;
@ -122,9 +126,7 @@ data_null_analyzer (proto_obj *_obj, segment *seg, int direction)
return (0); return (0);
} }
int int fin_null_analyzer(proto_obj *_obj, packet *p, int direction) {
fin_null_analyzer (proto_obj *_obj, packet *p, int direction)
{
#ifdef DEBUG #ifdef DEBUG
null_analyzer *obj = (null_analyzer *)_obj; null_analyzer *obj = (null_analyzer *)_obj;
#endif #endif
@ -132,9 +134,6 @@ fin_null_analyzer (proto_obj *_obj, packet *p, int direction)
return (0); return (0);
} }
static struct proto_mod_vtbl_ null_vtbl = { static struct proto_mod_vtbl_ null_vtbl = {
0, 0,
0, 0,
@ -146,7 +145,4 @@ static struct proto_mod_vtbl_ null_vtbl ={
fin_null_analyzer, fin_null_analyzer,
}; };
struct proto_mod_ null_mod = { struct proto_mod_ null_mod = {0, &null_vtbl};
0,
&null_vtbl
};

5
null/null_analyze.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: null_analyze.h,v 1.2 2000/10/17 16:10:01 ekr Exp $ $Id: null_analyze.h,v 1.2 2000/10/17 16:10:01 ekr Exp $
@ -43,11 +44,9 @@
ekr@rtfm.com Fri Jan 8 11:23:10 1999 ekr@rtfm.com Fri Jan 8 11:23:10 1999
*/ */
#ifndef _null_analyze_h #ifndef _null_analyze_h
#define _null_analyze_h #define _null_analyze_h
extern proto_mod null_mod; extern proto_mod null_mod;
#endif #endif

348
pcap/logpkt.c
View file

@ -149,9 +149,7 @@ typedef struct __attribute__((packed)) {
* IP/TCP checksumming operating on uint32_t intermediate state variable C. * IP/TCP checksumming operating on uint32_t intermediate state variable C.
*/ */
#define CHKSUM_INIT(C) \ #define CHKSUM_INIT(C) \
{ \ { (C) = 0; }
(C) = 0; \
}
#define CHKSUM_ADD_RANGE(C, B, S) \ #define CHKSUM_ADD_RANGE(C, B, S) \
{ \ { \
uint16_t *p = (uint16_t *)(B); \ uint16_t *p = (uint16_t *)(B); \
@ -164,13 +162,9 @@ typedef struct __attribute__((packed)) {
} \ } \
} }
#define CHKSUM_ADD_UINT32(C, U) \ #define CHKSUM_ADD_UINT32(C, U) \
{ \ { (C) += ((U) >> 16) + ((U)&0xFFFF); }
(C) += ((U) >> 16) + ((U) & 0xFFFF); \
}
#define CHKSUM_ADD_UINT16(C, U) \ #define CHKSUM_ADD_UINT16(C, U) \
{ \ { (C) += (U); }
(C) += (U); \
}
#define CHKSUM_FINALIZE(C) \ #define CHKSUM_FINALIZE(C) \
{ \ { \
(C) = ((C) >> 16) + ((C)&0xffff); \ (C) = ((C) >> 16) + ((C)&0xffff); \
@ -189,9 +183,7 @@ typedef struct __attribute__((packed)) {
* *
* Returns 0 on success and -1 on failure. * Returns 0 on success and -1 on failure.
*/ */
static int static int logpkt_write_global_pcap_hdr(int fd) {
logpkt_write_global_pcap_hdr(int fd)
{
pcap_file_hdr_t hdr; pcap_file_hdr_t hdr;
memset(&hdr, 0x0, sizeof(hdr)); memset(&hdr, 0x0, sizeof(hdr));
@ -214,8 +206,7 @@ logpkt_write_global_pcap_hdr(int fd)
* file descriptor. On error, -1 is returned and the file descriptor is in an * file descriptor. On error, -1 is returned and the file descriptor is in an
* undefined but still open state. * undefined but still open state.
*/ */
int int logpkt_pcap_open_fd(int fd) {
logpkt_pcap_open_fd(int fd) {
pcap_file_hdr_t hdr; pcap_file_hdr_t hdr;
off_t sz; off_t sz;
ssize_t n; ssize_t n;
@ -255,12 +246,15 @@ logpkt_pcap_open_fd(int fd) {
* match the actual link layer addresses to be used when sending traffic, not * match the actual link layer addresses to be used when sending traffic, not
* some emulated addresses. * some emulated addresses.
*/ */
void void logpkt_ctx_init(logpkt_ctx_t *ctx,
logpkt_ctx_init(logpkt_ctx_t *ctx, libnet_t *libnet, size_t mtu, libnet_t *libnet,
const uint8_t *src_ether, const uint8_t *dst_ether, size_t mtu,
const struct sockaddr *src_addr, socklen_t src_addr_len, const uint8_t *src_ether,
const struct sockaddr *dst_addr, socklen_t dst_addr_len) const uint8_t *dst_ether,
{ const struct sockaddr *src_addr,
socklen_t src_addr_len,
const struct sockaddr *dst_addr,
socklen_t dst_addr_len) {
ctx->libnet = libnet; ctx->libnet = libnet;
memcpy(ctx->src_ether, src_ether, ETHER_ADDR_LEN); memcpy(ctx->src_ether, src_ether, ETHER_ADDR_LEN);
memcpy(ctx->dst_ether, dst_ether, ETHER_ADDR_LEN); memcpy(ctx->dst_ether, dst_ether, ETHER_ADDR_LEN);
@ -269,9 +263,8 @@ logpkt_ctx_init(logpkt_ctx_t *ctx, libnet_t *libnet, size_t mtu,
ctx->src_seq = 0; ctx->src_seq = 0;
ctx->dst_seq = 0; ctx->dst_seq = 0;
if(mtu) { if(mtu) {
ctx->mss = mtu - sizeof(tcp_hdr_t) ctx->mss = mtu - sizeof(tcp_hdr_t) -
- (dst_addr->sa_family == AF_INET (dst_addr->sa_family == AF_INET ? sizeof(ip4_hdr_t)
? sizeof(ip4_hdr_t)
: sizeof(ip6_hdr_t)); : sizeof(ip6_hdr_t));
} else { } else {
ctx->mss = dst_addr->sa_family == AF_INET ? MSS_IP4 : MSS_IP6; ctx->mss = dst_addr->sa_family == AF_INET ? MSS_IP4 : MSS_IP6;
@ -282,9 +275,7 @@ logpkt_ctx_init(logpkt_ctx_t *ctx, libnet_t *libnet, size_t mtu,
* Write the layer 2 frame contained in *pkt* to file descriptor *fd* already * Write the layer 2 frame contained in *pkt* to file descriptor *fd* already
* open for writing. First writes a PCAP record header, then the actual frame. * open for writing. First writes a PCAP record header, then the actual frame.
*/ */
static int static int logpkt_pcap_write(const uint8_t *pkt, size_t pktsz, int fd) {
logpkt_pcap_write(const uint8_t *pkt, size_t pktsz, int fd)
{
pcap_rec_hdr_t rec_hdr; pcap_rec_hdr_t rec_hdr;
struct timeval tv; struct timeval tv;
@ -294,13 +285,11 @@ logpkt_pcap_write(const uint8_t *pkt, size_t pktsz, int fd)
rec_hdr.orig_len = rec_hdr.incl_len = pktsz; rec_hdr.orig_len = rec_hdr.incl_len = pktsz;
if(write(fd, &rec_hdr, sizeof(rec_hdr)) != sizeof(rec_hdr)) { if(write(fd, &rec_hdr, sizeof(rec_hdr)) != sizeof(rec_hdr)) {
printf("Error writing pcap record hdr: %s\n", printf("Error writing pcap record hdr: %s\n", strerror(errno));
strerror(errno));
return -1; return -1;
} }
if(write(fd, pkt, pktsz) != (ssize_t)pktsz) { if(write(fd, pkt, pktsz) != (ssize_t)pktsz) {
printf("Error writing pcap record: %s\n", printf("Error writing pcap record: %s\n", strerror(errno));
strerror(errno));
return -1; return -1;
} }
return 0; return 0;
@ -317,14 +306,16 @@ logpkt_pcap_write(const uint8_t *pkt, size_t pktsz, int fd)
* This function is stateless. For header fields that cannot be directly * This function is stateless. For header fields that cannot be directly
* derived from the arguments, default values will be used. * derived from the arguments, default values will be used.
*/ */
static size_t static size_t logpkt_pcap_build(uint8_t *pkt,
logpkt_pcap_build(uint8_t *pkt, uint8_t *src_ether,
uint8_t *src_ether, uint8_t *dst_ether, uint8_t *dst_ether,
const struct sockaddr *src_addr, const struct sockaddr *src_addr,
const struct sockaddr *dst_addr, const struct sockaddr *dst_addr,
char flags, uint32_t seq, uint32_t ack, char flags,
const uint8_t *payload, size_t payloadlen) uint32_t seq,
{ uint32_t ack,
const uint8_t *payload,
size_t payloadlen) {
ether_hdr_t *ether_hdr; ether_hdr_t *ether_hdr;
ip4_hdr_t *ip4_hdr; ip4_hdr_t *ip4_hdr;
ip6_hdr_t *ip6_hdr; ip6_hdr_t *ip6_hdr;
@ -339,14 +330,11 @@ logpkt_pcap_build(uint8_t *pkt,
if(dst_addr->sa_family == AF_INET) { if(dst_addr->sa_family == AF_INET) {
ether_hdr->ethertype = htons(ETHERTYPE_IP); ether_hdr->ethertype = htons(ETHERTYPE_IP);
ip4_hdr = (ip4_hdr_t *)(((uint8_t *)ether_hdr) + ip4_hdr = (ip4_hdr_t *)(((uint8_t *)ether_hdr) + sizeof(ether_hdr_t));
sizeof(ether_hdr_t));
ip4_hdr->version_ihl = 0x45; /* version 4, ihl 5 words */ ip4_hdr->version_ihl = 0x45; /* version 4, ihl 5 words */
ip4_hdr->dscp_ecn = 0; ip4_hdr->dscp_ecn = 0;
ip4_hdr->len = htons(sizeof(ip4_hdr_t) + ip4_hdr->len = htons(sizeof(ip4_hdr_t) + sizeof(tcp_hdr_t) + payloadlen);
sizeof(tcp_hdr_t) + payloadlen); ip4_hdr->id = sys_rand16(), ip4_hdr->frag = 0;
ip4_hdr->id = sys_rand16(),
ip4_hdr->frag = 0;
ip4_hdr->ttl = 64; ip4_hdr->ttl = 64;
ip4_hdr->proto = IPPROTO_TCP; ip4_hdr->proto = IPPROTO_TCP;
ip4_hdr->src_addr = CSIN(src_addr)->sin_addr.s_addr; ip4_hdr->src_addr = CSIN(src_addr)->sin_addr.s_addr;
@ -357,8 +345,7 @@ logpkt_pcap_build(uint8_t *pkt,
CHKSUM_FINALIZE(sum); CHKSUM_FINALIZE(sum);
ip4_hdr->chksum = sum; ip4_hdr->chksum = sum;
sz += sizeof(ip4_hdr_t); sz += sizeof(ip4_hdr_t);
tcp_hdr = (tcp_hdr_t *)(((uint8_t *)ip4_hdr) + tcp_hdr = (tcp_hdr_t *)(((uint8_t *)ip4_hdr) + sizeof(ip4_hdr_t));
sizeof(ip4_hdr_t));
tcp_hdr->src_port = CSIN(src_addr)->sin_port; tcp_hdr->src_port = CSIN(src_addr)->sin_port;
tcp_hdr->dst_port = CSIN(dst_addr)->sin_port; tcp_hdr->dst_port = CSIN(dst_addr)->sin_port;
/* pseudo header */ /* pseudo header */
@ -369,8 +356,7 @@ logpkt_pcap_build(uint8_t *pkt,
CHKSUM_ADD_UINT16(sum, htons(sizeof(tcp_hdr_t) + payloadlen)); CHKSUM_ADD_UINT16(sum, htons(sizeof(tcp_hdr_t) + payloadlen));
} else { } else {
ether_hdr->ethertype = htons(ETHERTYPE_IPV6); ether_hdr->ethertype = htons(ETHERTYPE_IPV6);
ip6_hdr = (ip6_hdr_t *)(((uint8_t *)ether_hdr) + ip6_hdr = (ip6_hdr_t *)(((uint8_t *)ether_hdr) + sizeof(ether_hdr_t));
sizeof(ether_hdr_t));
ip6_hdr->flags = htonl(0x60000000UL); /* version 6 */ ip6_hdr->flags = htonl(0x60000000UL); /* version 6 */
ip6_hdr->len = htons(sizeof(tcp_hdr_t) + payloadlen); ip6_hdr->len = htons(sizeof(tcp_hdr_t) + payloadlen);
ip6_hdr->next_hdr = IPPROTO_TCP; ip6_hdr->next_hdr = IPPROTO_TCP;
@ -380,16 +366,13 @@ logpkt_pcap_build(uint8_t *pkt,
memcpy(ip6_hdr->dst_addr, CSIN6(dst_addr)->sin6_addr.s6_addr, memcpy(ip6_hdr->dst_addr, CSIN6(dst_addr)->sin6_addr.s6_addr,
sizeof(ip6_hdr->dst_addr)); sizeof(ip6_hdr->dst_addr));
sz += sizeof(ip6_hdr_t); sz += sizeof(ip6_hdr_t);
tcp_hdr = (tcp_hdr_t *)(((uint8_t *)ip6_hdr) + tcp_hdr = (tcp_hdr_t *)(((uint8_t *)ip6_hdr) + sizeof(ip6_hdr_t));
sizeof(ip6_hdr_t));
tcp_hdr->src_port = CSIN6(src_addr)->sin6_port; tcp_hdr->src_port = CSIN6(src_addr)->sin6_port;
tcp_hdr->dst_port = CSIN6(dst_addr)->sin6_port; tcp_hdr->dst_port = CSIN6(dst_addr)->sin6_port;
/* pseudo header */ /* pseudo header */
CHKSUM_INIT(sum); CHKSUM_INIT(sum);
CHKSUM_ADD_RANGE(sum, ip6_hdr->src_addr, CHKSUM_ADD_RANGE(sum, ip6_hdr->src_addr, sizeof(ip6_hdr->src_addr));
sizeof(ip6_hdr->src_addr)); CHKSUM_ADD_RANGE(sum, ip6_hdr->dst_addr, sizeof(ip6_hdr->dst_addr));
CHKSUM_ADD_RANGE(sum, ip6_hdr->dst_addr,
sizeof(ip6_hdr->dst_addr));
CHKSUM_ADD_UINT32(sum, ip6_hdr->len); CHKSUM_ADD_UINT32(sum, ip6_hdr->len);
CHKSUM_ADD_UINT16(sum, htons(IPPROTO_TCP)); CHKSUM_ADD_UINT16(sum, htons(IPPROTO_TCP));
} }
@ -412,80 +395,63 @@ logpkt_pcap_build(uint8_t *pkt,
* Build a packet using libnet intended for mirroring mode. The packet will * Build a packet using libnet intended for mirroring mode. The packet will
* be dynamically allocated on the heap by the libnet instance *libnet*. * be dynamically allocated on the heap by the libnet instance *libnet*.
*/ */
static int static int logpkt_mirror_build(libnet_t *libnet,
logpkt_mirror_build(libnet_t *libnet, uint8_t *src_ether,
uint8_t *src_ether, uint8_t *dst_ether, uint8_t *dst_ether,
const struct sockaddr *src_addr, const struct sockaddr *src_addr,
const struct sockaddr *dst_addr, const struct sockaddr *dst_addr,
char flags, uint32_t seq, uint32_t ack, char flags,
const uint8_t *payload, size_t payloadlen) uint32_t seq,
{ uint32_t ack,
const uint8_t *payload,
size_t payloadlen) {
libnet_ptag_t ptag; libnet_ptag_t ptag;
ptag = libnet_build_tcp(htons(src_addr->sa_family == AF_INET ptag = libnet_build_tcp(
? CSIN(src_addr)->sin_port htons(src_addr->sa_family == AF_INET ? CSIN(src_addr)->sin_port
: CSIN6(src_addr)->sin6_port), : CSIN6(src_addr)->sin6_port),
htons(dst_addr->sa_family == AF_INET htons(dst_addr->sa_family == AF_INET ? CSIN(dst_addr)->sin_port
? CSIN(dst_addr)->sin_port
: CSIN6(dst_addr)->sin6_port), : CSIN6(dst_addr)->sin6_port),
seq, seq, ack, flags, 32767, /* window size */
ack,
flags,
32767, /* window size */
0, /* checksum */ 0, /* checksum */
0, /* urgent pointer */ 0, /* urgent pointer */
LIBNET_TCP_H + payloadlen, LIBNET_TCP_H + payloadlen, (uint8_t *)payload, payloadlen, libnet, 0);
(uint8_t *)payload, payloadlen,
libnet, 0);
if(ptag == -1) { if(ptag == -1) {
printf("Error building tcp header: %s", printf("Error building tcp header: %s", libnet_geterror(libnet));
libnet_geterror(libnet));
return -1; return -1;
} }
if(dst_addr->sa_family == AF_INET) { if(dst_addr->sa_family == AF_INET) {
ptag = libnet_build_ipv4(LIBNET_IPV4_H + LIBNET_TCP_H + ptag = libnet_build_ipv4(
payloadlen, LIBNET_IPV4_H + LIBNET_TCP_H + payloadlen, 0, /* TOS */
0, /* TOS */ (uint16_t)sys_rand16(), /* id */
(uint16_t)
sys_rand16(), /* id */
0x4000, /* frag */ 0x4000, /* frag */
64, /* TTL */ 64, /* TTL */
IPPROTO_TCP, /* protocol */ IPPROTO_TCP, /* protocol */
0, /* checksum */ 0, /* checksum */
CSIN(src_addr)->sin_addr.s_addr, CSIN(src_addr)->sin_addr.s_addr, CSIN(dst_addr)->sin_addr.s_addr, NULL,
CSIN(dst_addr)->sin_addr.s_addr, 0, libnet, 0);
NULL, 0,
libnet, 0);
} else { } else {
ptag = libnet_build_ipv6(0, /* traffic class */ ptag = libnet_build_ipv6(
0, /* traffic class */
0, /* flow label */ 0, /* flow label */
LIBNET_IPV6_H + LIBNET_TCP_H + LIBNET_IPV6_H + LIBNET_TCP_H + payloadlen, IPPROTO_TCP,
payloadlen,
IPPROTO_TCP,
255, /* hop limit */ 255, /* hop limit */
*(struct libnet_in6_addr *) *(struct libnet_in6_addr *)&CSIN6(src_addr)->sin6_addr,
&CSIN6(src_addr)->sin6_addr, *(struct libnet_in6_addr *)&CSIN6(dst_addr)->sin6_addr, NULL, 0, libnet,
*(struct libnet_in6_addr *) 0);
&CSIN6(dst_addr)->sin6_addr,
NULL, 0,
libnet, 0);
} }
if(ptag == -1) { if(ptag == -1) {
printf("Error building ip header: %s", printf("Error building ip header: %s", libnet_geterror(libnet));
libnet_geterror(libnet));
return -1; return -1;
} }
ptag = libnet_build_ethernet(dst_ether, ptag = libnet_build_ethernet(
src_ether, dst_ether, src_ether,
dst_addr->sa_family == AF_INET dst_addr->sa_family == AF_INET ? ETHERTYPE_IP : ETHERTYPE_IPV6, NULL, 0,
? ETHERTYPE_IP : ETHERTYPE_IPV6,
NULL, 0,
libnet, 0); libnet, 0);
if(ptag == -1) { if(ptag == -1) {
printf("Error building ethernet header: %s", printf("Error building ethernet header: %s", libnet_geterror(libnet));
libnet_geterror(libnet));
return -1; return -1;
} }
return 0; return 0;
@ -502,31 +468,25 @@ logpkt_mirror_build(libnet_t *libnet,
* Caller must ensure that *payload* fits into a frame depending on the MTU * Caller must ensure that *payload* fits into a frame depending on the MTU
* selected (interface in mirroring mode, MTU value in PCAP writing mode). * selected (interface in mirroring mode, MTU value in PCAP writing mode).
*/ */
static int static int logpkt_write_packet(logpkt_ctx_t *ctx,
logpkt_write_packet(logpkt_ctx_t *ctx, int fd, int direction, char flags, int fd,
const uint8_t *payload, size_t payloadlen) int direction,
{ char flags,
const uint8_t *payload,
size_t payloadlen) {
int rv; int rv;
if(fd != -1) { if(fd != -1) {
uint8_t buf[MAX_PKTSZ]; uint8_t buf[MAX_PKTSZ];
size_t sz; size_t sz;
if(direction == LOGPKT_REQUEST) { if(direction == LOGPKT_REQUEST) {
sz = logpkt_pcap_build(buf, sz = logpkt_pcap_build(buf, ctx->src_ether, ctx->dst_ether,
ctx->src_ether, ctx->dst_ether, CSA(&ctx->src_addr), CSA(&ctx->dst_addr), flags,
CSA(&ctx->src_addr), ctx->src_seq, ctx->dst_seq, payload, payloadlen);
CSA(&ctx->dst_addr),
flags,
ctx->src_seq, ctx->dst_seq,
payload, payloadlen);
} else { } else {
sz = logpkt_pcap_build(buf, sz = logpkt_pcap_build(buf, ctx->dst_ether, ctx->src_ether,
ctx->dst_ether, ctx->src_ether, CSA(&ctx->dst_addr), CSA(&ctx->src_addr), flags,
CSA(&ctx->dst_addr), ctx->dst_seq, ctx->src_seq, payload, payloadlen);
CSA(&ctx->src_addr),
flags,
ctx->dst_seq, ctx->src_seq,
payload, payloadlen);
} }
rv = logpkt_pcap_write(buf, sz, fd); rv = logpkt_pcap_write(buf, sz, fd);
if(rv == -1) { if(rv == -1) {
@ -539,21 +499,13 @@ logpkt_write_packet(logpkt_ctx_t *ctx, int fd, int direction, char flags,
* local MAC address and target MAC address for mirroring the * local MAC address and target MAC address for mirroring the
* packets to; use them as-is for both directions. */ * packets to; use them as-is for both directions. */
if(direction == LOGPKT_REQUEST) { if(direction == LOGPKT_REQUEST) {
rv = logpkt_mirror_build(ctx->libnet, rv = logpkt_mirror_build(ctx->libnet, ctx->src_ether, ctx->dst_ether,
ctx->src_ether, ctx->dst_ether, CSA(&ctx->src_addr), CSA(&ctx->dst_addr), flags,
CSA(&ctx->src_addr), ctx->src_seq, ctx->dst_seq, payload, payloadlen);
CSA(&ctx->dst_addr),
flags,
ctx->src_seq, ctx->dst_seq,
payload, payloadlen);
} else { } else {
rv = logpkt_mirror_build(ctx->libnet, rv = logpkt_mirror_build(ctx->libnet, ctx->src_ether, ctx->dst_ether,
ctx->src_ether, ctx->dst_ether, CSA(&ctx->dst_addr), CSA(&ctx->src_addr), flags,
CSA(&ctx->dst_addr), ctx->dst_seq, ctx->src_seq, payload, payloadlen);
CSA(&ctx->src_addr),
flags,
ctx->dst_seq, ctx->src_seq,
payload, payloadlen);
} }
if(rv == -1) { if(rv == -1) {
printf("Error building packet\n"); printf("Error building packet\n");
@ -561,8 +513,7 @@ logpkt_write_packet(logpkt_ctx_t *ctx, int fd, int direction, char flags,
} }
rv = libnet_write(ctx->libnet); rv = libnet_write(ctx->libnet);
if(rv == -1) { if(rv == -1) {
printf("Error writing packet: %s\n", printf("Error writing packet: %s\n", libnet_geterror(ctx->libnet));
libnet_geterror(ctx->libnet));
} }
libnet_clear_packet(ctx->libnet); libnet_clear_packet(ctx->libnet);
#else /* WITHOUT_MIRROR */ #else /* WITHOUT_MIRROR */
@ -575,21 +526,17 @@ logpkt_write_packet(logpkt_ctx_t *ctx, int fd, int direction, char flags,
/* /*
* Emulate the initial SYN handshake. * Emulate the initial SYN handshake.
*/ */
static int static int logpkt_write_syn_handshake(logpkt_ctx_t *ctx, int fd) {
logpkt_write_syn_handshake(logpkt_ctx_t *ctx, int fd)
{
ctx->src_seq = sys_rand32(); ctx->src_seq = sys_rand32();
if (logpkt_write_packet(ctx, fd, LOGPKT_REQUEST, if(logpkt_write_packet(ctx, fd, LOGPKT_REQUEST, TH_SYN, NULL, 0) == -1)
TH_SYN, NULL, 0) == -1)
return -1; return -1;
ctx->src_seq += 1; ctx->src_seq += 1;
ctx->dst_seq = sys_rand32(); ctx->dst_seq = sys_rand32();
if (logpkt_write_packet(ctx, fd, LOGPKT_RESPONSE, if(logpkt_write_packet(ctx, fd, LOGPKT_RESPONSE, TH_SYN | TH_ACK, NULL, 0) ==
TH_SYN|TH_ACK, NULL, 0) == -1) -1)
return -1; return -1;
ctx->dst_seq += 1; ctx->dst_seq += 1;
if (logpkt_write_packet(ctx, fd, LOGPKT_REQUEST, if(logpkt_write_packet(ctx, fd, LOGPKT_REQUEST, TH_ACK, NULL, 0) == -1)
TH_ACK, NULL, 0) == -1)
return -1; return -1;
return 0; return 0;
} }
@ -599,12 +546,13 @@ logpkt_write_syn_handshake(logpkt_ctx_t *ctx, int fd)
* necessary, a SYN handshake will automatically be generated before emitting * necessary, a SYN handshake will automatically be generated before emitting
* the packet carrying the payload plus a matching ACK. * the packet carrying the payload plus a matching ACK.
*/ */
int int logpkt_write_payload(logpkt_ctx_t *ctx,
logpkt_write_payload(logpkt_ctx_t *ctx, int fd, int direction, int fd,
const uint8_t *payload, size_t payloadlen) int direction,
{ const uint8_t *payload,
int other_direction = (direction == LOGPKT_REQUEST) ? LOGPKT_RESPONSE size_t payloadlen) {
: LOGPKT_REQUEST; int other_direction =
(direction == LOGPKT_REQUEST) ? LOGPKT_RESPONSE : LOGPKT_REQUEST;
if(ctx->src_seq == 0) { if(ctx->src_seq == 0) {
if(logpkt_write_syn_handshake(ctx, fd) == -1) if(logpkt_write_syn_handshake(ctx, fd) == -1)
@ -613,10 +561,12 @@ logpkt_write_payload(logpkt_ctx_t *ctx, int fd, int direction,
while(payloadlen > 0) { while(payloadlen > 0) {
size_t n = payloadlen > ctx->mss ? ctx->mss : payloadlen; size_t n = payloadlen > ctx->mss ? ctx->mss : payloadlen;
if (logpkt_write_packet(ctx, fd, direction, if(logpkt_write_packet(ctx, fd, direction, TH_PUSH | TH_ACK, payload, n) ==
TH_PUSH|TH_ACK, payload, n) == -1) { -1) {
printf("Warning: Failed to write to pcap log" printf(
": %s\n", strerror(errno)); "Warning: Failed to write to pcap log"
": %s\n",
strerror(errno));
return -1; return -1;
} }
if(direction == LOGPKT_REQUEST) { if(direction == LOGPKT_REQUEST) {
@ -628,10 +578,8 @@ logpkt_write_payload(logpkt_ctx_t *ctx, int fd, int direction,
payloadlen -= n; payloadlen -= n;
} }
if (logpkt_write_packet(ctx, fd, other_direction, if(logpkt_write_packet(ctx, fd, other_direction, TH_ACK, NULL, 0) == -1) {
TH_ACK, NULL, 0) == -1) { printf("Warning: Failed to write to pcap log: %s\n", strerror(errno));
printf("Warning: Failed to write to pcap log: %s\n",
strerror(errno));
return -1; return -1;
} }
return 0; return 0;
@ -641,18 +589,16 @@ logpkt_write_payload(logpkt_ctx_t *ctx, int fd, int direction,
* Emulate a connection close, emitting a FIN handshake in the correct * Emulate a connection close, emitting a FIN handshake in the correct
* direction. Does not close the file descriptor. * direction. Does not close the file descriptor.
*/ */
int int logpkt_write_close(logpkt_ctx_t *ctx, int fd, int direction) {
logpkt_write_close(logpkt_ctx_t *ctx, int fd, int direction) { int other_direction =
int other_direction = (direction == LOGPKT_REQUEST) ? LOGPKT_RESPONSE (direction == LOGPKT_REQUEST) ? LOGPKT_RESPONSE : LOGPKT_REQUEST;
: LOGPKT_REQUEST;
if(ctx->src_seq == 0) { if(ctx->src_seq == 0) {
if(logpkt_write_syn_handshake(ctx, fd) == -1) if(logpkt_write_syn_handshake(ctx, fd) == -1)
return -1; return -1;
} }
if (logpkt_write_packet(ctx, fd, direction, if(logpkt_write_packet(ctx, fd, direction, TH_FIN | TH_ACK, NULL, 0) == -1) {
TH_FIN|TH_ACK, NULL, 0) == -1) {
printf("Warning: Failed to write packet\n"); printf("Warning: Failed to write packet\n");
return -1; return -1;
} }
@ -662,8 +608,8 @@ logpkt_write_close(logpkt_ctx_t *ctx, int fd, int direction) {
ctx->dst_seq += 1; ctx->dst_seq += 1;
} }
if (logpkt_write_packet(ctx, fd, other_direction, if(logpkt_write_packet(ctx, fd, other_direction, TH_FIN | TH_ACK, NULL, 0) ==
TH_FIN|TH_ACK, NULL, 0) == -1) { -1) {
printf("Warning: Failed to write packet\n"); printf("Warning: Failed to write packet\n");
return -1; return -1;
} }
@ -673,8 +619,7 @@ logpkt_write_close(logpkt_ctx_t *ctx, int fd, int direction) {
ctx->dst_seq += 1; ctx->dst_seq += 1;
} }
if (logpkt_write_packet(ctx, fd, direction, if(logpkt_write_packet(ctx, fd, direction, TH_ACK, NULL, 0) == -1) {
TH_ACK, NULL, 0) == -1) {
printf("Warning: Failed to write packet\n"); printf("Warning: Failed to write packet\n");
return -1; return -1;
} }
@ -692,11 +637,9 @@ typedef struct {
/* /*
* Receive a single ARP reply and copy the resulting ether to ctx->ether. * Receive a single ARP reply and copy the resulting ether to ctx->ether.
*/ */
static void static void logpkt_recv_arp_reply(uint8_t *user,
logpkt_recv_arp_reply(uint8_t *user,
UNUSED const struct pcap_pkthdr *h, UNUSED const struct pcap_pkthdr *h,
const uint8_t *packet) const uint8_t *packet) {
{
logpkt_recv_arp_reply_ctx_t *ctx = (logpkt_recv_arp_reply_ctx_t *)user; logpkt_recv_arp_reply_ctx_t *ctx = (logpkt_recv_arp_reply_ctx_t *)user;
struct libnet_802_3_hdr *heth = (void *)packet; struct libnet_802_3_hdr *heth = (void *)packet;
struct libnet_arp_hdr *harp = (void *)((char *)heth + LIBNET_ETH_H); struct libnet_arp_hdr *harp = (void *)((char *)heth + LIBNET_ETH_H);
@ -718,8 +661,7 @@ logpkt_recv_arp_reply(uint8_t *user,
heth->_802_3_shost, ETHER_ADDR_LEN)) heth->_802_3_shost, ETHER_ADDR_LEN))
return; return;
memcpy(ctx->ether, memcpy(ctx->ether, (u_char *)harp + sizeof(struct libnet_arp_hdr),
(u_char*)harp + sizeof(struct libnet_arp_hdr),
ETHER_ADDR_LEN); ETHER_ADDR_LEN);
ctx->result = 0; ctx->result = 0;
} }
@ -729,16 +671,15 @@ logpkt_recv_arp_reply(uint8_t *user,
* mirroring packets to dst_ip_s on interface dst_if_s. * mirroring packets to dst_ip_s on interface dst_if_s.
* Only IPv4 mirror targets are supported. * Only IPv4 mirror targets are supported.
*/ */
int int logpkt_ether_lookup(libnet_t *libnet,
logpkt_ether_lookup(libnet_t *libnet, uint8_t *src_ether,
uint8_t *src_ether, uint8_t *dst_ether, uint8_t *dst_ether,
const char *dst_ip_s, const char *dst_if_s) const char *dst_ip_s,
{ const char *dst_if_s) {
char errbuf[PCAP_ERRBUF_SIZE]; char errbuf[PCAP_ERRBUF_SIZE];
uint8_t broadcast_ether[ETHER_ADDR_LEN] = { uint8_t broadcast_ether[ETHER_ADDR_LEN] = {0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; 0xff, 0xff, 0xff};
uint8_t zero_ether[ETHER_ADDR_LEN] = { uint8_t zero_ether[ETHER_ADDR_LEN] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0};
0x0, 0x0, 0x0, 0x0, 0x0, 0x0};
struct libnet_ether_addr *src_ether_addr; struct libnet_ether_addr *src_ether_addr;
uint32_t src_ip; uint32_t src_ip;
struct bpf_program bp; struct bpf_program bp;
@ -751,43 +692,31 @@ logpkt_ether_lookup(libnet_t *libnet,
} }
ctx.result = -1; ctx.result = -1;
ctx.ip = libnet_name2addr4(libnet, (char *)dst_ip_s, ctx.ip = libnet_name2addr4(libnet, (char *)dst_ip_s, LIBNET_DONT_RESOLVE);
LIBNET_DONT_RESOLVE);
if(ctx.ip == (uint32_t)-1) { if(ctx.ip == (uint32_t)-1) {
printf("Error converting dst IP address: %s\n", printf("Error converting dst IP address: %s\n", libnet_geterror(libnet));
libnet_geterror(libnet));
goto out; goto out;
} }
src_ip = libnet_get_ipaddr4(libnet); src_ip = libnet_get_ipaddr4(libnet);
if(src_ip == (uint32_t)-1) { if(src_ip == (uint32_t)-1) {
printf("Error getting src IP address: %s\n", printf("Error getting src IP address: %s\n", libnet_geterror(libnet));
libnet_geterror(libnet));
goto out; goto out;
} }
src_ether_addr = libnet_get_hwaddr(libnet); src_ether_addr = libnet_get_hwaddr(libnet);
if(src_ether_addr == NULL) { if(src_ether_addr == NULL) {
printf("Error getting src ethernet address: %s\n", printf("Error getting src ethernet address: %s\n", libnet_geterror(libnet));
libnet_geterror(libnet));
goto out; goto out;
} }
memcpy(src_ether, src_ether_addr->ether_addr_octet, ETHER_ADDR_LEN); memcpy(src_ether, src_ether_addr->ether_addr_octet, ETHER_ADDR_LEN);
if (libnet_autobuild_arp(ARPOP_REQUEST, if(libnet_autobuild_arp(ARPOP_REQUEST, src_ether, (uint8_t *)&src_ip,
src_ether, zero_ether, (uint8_t *)&ctx.ip, libnet) == -1) {
(uint8_t*)&src_ip, printf("Error building arp header: %s\n", libnet_geterror(libnet));
zero_ether,
(uint8_t*)&ctx.ip,
libnet) == -1) {
printf("Error building arp header: %s\n",
libnet_geterror(libnet));
goto out; goto out;
} }
if (libnet_autobuild_ethernet(broadcast_ether, if(libnet_autobuild_ethernet(broadcast_ether, ETHERTYPE_ARP, libnet) == -1) {
ETHERTYPE_ARP, printf("Error building ethernet header: %s", libnet_geterror(libnet));
libnet) == -1) {
printf("Error building ethernet header: %s",
libnet_geterror(libnet));
goto out; goto out;
} }
@ -798,13 +727,11 @@ logpkt_ether_lookup(libnet_t *libnet,
} }
if(pcap_compile(pcap, &bp, "arp", 0, -1) == -1) { if(pcap_compile(pcap, &bp, "arp", 0, -1) == -1) {
printf("Error in pcap_compile(): %s\n", printf("Error in pcap_compile(): %s\n", pcap_geterr(pcap));
pcap_geterr(pcap));
goto out2; goto out2;
} }
if(pcap_setfilter(pcap, &bp) == -1) { if(pcap_setfilter(pcap, &bp) == -1) {
printf("Error in pcap_setfilter(): %s\n", printf("Error in pcap_setfilter(): %s\n", pcap_geterr(pcap));
pcap_geterr(pcap));
goto out3; goto out3;
} }
@ -812,16 +739,13 @@ logpkt_ether_lookup(libnet_t *libnet,
if(libnet_write(libnet) != -1) { if(libnet_write(libnet) != -1) {
/* Limit # of packets to process, so we can loop to /* Limit # of packets to process, so we can loop to
* send arp requests on busy networks. */ * send arp requests on busy networks. */
if (pcap_dispatch(pcap, 1000, if(pcap_dispatch(pcap, 1000, (pcap_handler)logpkt_recv_arp_reply,
(pcap_handler)logpkt_recv_arp_reply,
(u_char *)&ctx) < 0) { (u_char *)&ctx) < 0) {
printf("Error in pcap_dispatch(): %s\n", printf("Error in pcap_dispatch(): %s\n", pcap_geterr(pcap));
pcap_geterr(pcap));
break; break;
} }
} else { } else {
printf("Error writing arp packet: %s", printf("Error writing arp packet: %s", libnet_geterror(libnet));
libnet_geterror(libnet));
break; break;
} }
sleep(1); sleep(1);

28
pcap/logpkt.h
View file

@ -35,7 +35,6 @@
#include <stdint.h> #include <stdint.h>
#include <time.h> #include <time.h>
#ifndef WITHOUT_MIRROR #ifndef WITHOUT_MIRROR
#include <libnet.h> #include <libnet.h>
#else /* WITHOUT_MIRROR */ #else /* WITHOUT_MIRROR */
@ -58,14 +57,25 @@ typedef struct {
#define LOGPKT_RESPONSE 1 #define LOGPKT_RESPONSE 1
int logpkt_pcap_open_fd(int fd) WUNRES; int logpkt_pcap_open_fd(int fd) WUNRES;
void logpkt_ctx_init(logpkt_ctx_t *, libnet_t *, size_t, void logpkt_ctx_init(logpkt_ctx_t *,
const uint8_t *, const uint8_t *, libnet_t *,
const struct sockaddr *, socklen_t, size_t,
const struct sockaddr *, socklen_t); const uint8_t *,
int logpkt_write_payload(logpkt_ctx_t *, int, int, const uint8_t *,
const unsigned char *, size_t) WUNRES; const struct sockaddr *,
socklen_t,
const struct sockaddr *,
socklen_t);
int logpkt_write_payload(logpkt_ctx_t *,
int,
int,
const unsigned char *,
size_t) WUNRES;
int logpkt_write_close(logpkt_ctx_t *, int, int); int logpkt_write_close(logpkt_ctx_t *, int, int);
int logpkt_ether_lookup(libnet_t *, uint8_t *, uint8_t *, int logpkt_ether_lookup(libnet_t *,
const char *, const char *) WUNRES; uint8_t *,
uint8_t *,
const char *,
const char *) WUNRES;
#endif /* !LOGPKT_H */ #endif /* !LOGPKT_H */

87
pcap/pcap_logger.c
View file

@ -19,19 +19,25 @@
static int init_pcap_logger PROTO_LIST((void *data)); static int init_pcap_logger PROTO_LIST((void *data));
static int deinit_pcap_logger PROTO_LIST(()); static int deinit_pcap_logger PROTO_LIST(());
static int create_pcap_logger PROTO_LIST((proto_obj **objp, struct sockaddr_storage *i_addr, static int create_pcap_logger PROTO_LIST((proto_obj * *objp,
u_short i_port,struct sockaddr_storage *r_addr, u_short r_port, struct timeval *base_time)); struct sockaddr_storage *i_addr,
u_short i_port,
struct sockaddr_storage *r_addr,
u_short r_port,
struct timeval *base_time));
static int destroy_pcap_logger PROTO_LIST((proto_obj * *objp)); static int destroy_pcap_logger PROTO_LIST((proto_obj * *objp));
static int data_pcap_logger PROTO_LIST((proto_obj *_obj, unsigned char *data,unsigned int len, int dir)); static int data_pcap_logger PROTO_LIST(
static int close_pcap_logger PROTO_LIST((proto_obj *_obj, unsigned char *data,unsigned int len, int dir)); (proto_obj * _obj, unsigned char *data, unsigned int len, int dir));
static int close_pcap_logger PROTO_LIST(
(proto_obj * _obj, unsigned char *data, unsigned int len, int dir));
int pcap_fd = -1; int pcap_fd = -1;
static uint8_t content_pcap_src_ether[ETHER_ADDR_LEN] = {0x02, 0x00, 0x00, 0x11, 0x11, 0x11}; static uint8_t content_pcap_src_ether[ETHER_ADDR_LEN] = {0x02, 0x00, 0x00,
static uint8_t content_pcap_dst_ether[ETHER_ADDR_LEN] = {0x02, 0x00, 0x00, 0x22, 0x22, 0x22}; 0x11, 0x11, 0x11};
static uint8_t content_pcap_dst_ether[ETHER_ADDR_LEN] = {0x02, 0x00, 0x00,
0x22, 0x22, 0x22};
static int static int init_pcap_logger(void *data) {
init_pcap_logger (void *data)
{
char *pcap_outfile = (char *)data; char *pcap_outfile = (char *)data;
pcap_fd = open(pcap_outfile, O_RDWR | O_CREAT, DFLT_FILEMODE); pcap_fd = open(pcap_outfile, O_RDWR | O_CREAT, DFLT_FILEMODE);
if(pcap_fd == -1) { if(pcap_fd == -1) {
@ -47,16 +53,18 @@ init_pcap_logger (void *data)
return 0; return 0;
} }
static int static int deinit_pcap_logger(void) {
deinit_pcap_logger (void)
{
fdatasync(pcap_fd); fdatasync(pcap_fd);
close(pcap_fd); close(pcap_fd);
return 0; return 0;
} }
static int create_pcap_logger(proto_obj **objp, struct sockaddr_storage *i_addr, u_short i_port, struct sockaddr_storage *r_addr, u_short r_port, struct timeval *base_time) static int create_pcap_logger(proto_obj **objp,
{ struct sockaddr_storage *i_addr,
u_short i_port,
struct sockaddr_storage *r_addr,
u_short r_port,
struct timeval *base_time) {
int r, _status; int r, _status;
logpkt_ctx_t *pcap_obj = 0; logpkt_ctx_t *pcap_obj = 0;
struct sockaddr_in src_addr, dst_addr; struct sockaddr_in src_addr, dst_addr;
@ -74,9 +82,10 @@ static int create_pcap_logger(proto_obj **objp, struct sockaddr_storage *i_addr,
memcpy(&dst_addr, r_addr, sizeof(struct sockaddr_in)); memcpy(&dst_addr, r_addr, sizeof(struct sockaddr_in));
dst_addr.sin_port = htons(r_port); dst_addr.sin_port = htons(r_port);
logpkt_ctx_init(pcap_obj,NULL,0,content_pcap_src_ether, content_pcap_dst_ether, logpkt_ctx_init(pcap_obj, NULL, 0, content_pcap_src_ether,
(const struct sockaddr*)&src_addr, sizeof(src_addr), content_pcap_dst_ether, (const struct sockaddr *)&src_addr,
(const struct sockaddr*)&dst_addr, sizeof(dst_addr)); sizeof(src_addr), (const struct sockaddr *)&dst_addr,
sizeof(dst_addr));
*objp = (proto_obj *)pcap_obj; *objp = (proto_obj *)pcap_obj;
_status = 0; _status = 0;
abort: abort:
@ -86,9 +95,7 @@ static int create_pcap_logger(proto_obj **objp, struct sockaddr_storage *i_addr,
return (_status); return (_status);
} }
static int static int destroy_pcap_logger(proto_obj **objp) {
destroy_pcap_logger (proto_obj **objp)
{
logpkt_ctx_t *pcap_obj; logpkt_ctx_t *pcap_obj;
if(!objp || !*objp) if(!objp || !*objp)
@ -102,30 +109,36 @@ destroy_pcap_logger (proto_obj **objp)
return (0); return (0);
} }
static int static int data_pcap_logger(proto_obj *_obj,
data_pcap_logger (proto_obj *_obj, unsigned char *data, unsigned int len, int dir) unsigned char *data,
{ unsigned int len,
int dir) {
logpkt_ctx_t *pcap_obj = (logpkt_ctx_t *)_obj; logpkt_ctx_t *pcap_obj = (logpkt_ctx_t *)_obj;
int direction; int direction;
int status; int status;
if (dir == DIR_I2R ) direction = LOGPKT_REQUEST; if(dir == DIR_I2R)
else direction = LOGPKT_RESPONSE; direction = LOGPKT_REQUEST;
else
direction = LOGPKT_RESPONSE;
status = logpkt_write_payload(pcap_obj, pcap_fd, direction, data, len); status = logpkt_write_payload(pcap_obj, pcap_fd, direction, data, len);
return status; return status;
} }
int int close_pcap_logger(proto_obj *_obj,
close_pcap_logger (proto_obj *_obj, unsigned char *data, unsigned int len, int dir) unsigned char *data,
{ unsigned int len,
int dir) {
logpkt_ctx_t *pcap_obj = (logpkt_ctx_t *)_obj; logpkt_ctx_t *pcap_obj = (logpkt_ctx_t *)_obj;
int direction; int direction;
int status; int status;
if (dir == DIR_I2R ) direction = LOGPKT_REQUEST; if(dir == DIR_I2R)
else direction = LOGPKT_RESPONSE; direction = LOGPKT_REQUEST;
else
direction = LOGPKT_RESPONSE;
status = logpkt_write_close(pcap_obj, pcap_fd, direction); status = logpkt_write_close(pcap_obj, pcap_fd, direction);
@ -133,16 +146,8 @@ close_pcap_logger (proto_obj *_obj, unsigned char *data, unsigned int len, int d
} }
static struct logger_mod_vtbl_ pcap_vtbl = { static struct logger_mod_vtbl_ pcap_vtbl = {
init_pcap_logger, init_pcap_logger, deinit_pcap_logger, create_pcap_logger,
deinit_pcap_logger, destroy_pcap_logger, data_pcap_logger, close_pcap_logger,
create_pcap_logger,
destroy_pcap_logger,
data_pcap_logger,
close_pcap_logger,
};
struct logger_mod_ pcap_mod = {
"PCAP",
&pcap_vtbl
}; };
struct logger_mod_ pcap_mod = {"PCAP", &pcap_vtbl};

1
pcap/pcap_logger.h
View file

@ -4,4 +4,3 @@
extern logger_mod pcap_mod; extern logger_mod pcap_mod;
#endif #endif

18
pcap/sys.c
View file

@ -53,12 +53,11 @@
/* /*
* Determine address family of addr * Determine address family of addr
*/ */
int int sys_get_af(const char *addr) {
sys_get_af(const char *addr)
{
if(strstr(addr, ":")) if(strstr(addr, ":"))
return AF_INET6; return AF_INET6;
else if (!strpbrk(addr, "abcdefghijklmnopqrstu" else if(!strpbrk(addr,
"abcdefghijklmnopqrstu"
"vwxyzABCDEFGHIJKLMNOP" "vwxyzABCDEFGHIJKLMNOP"
"QRSTUVWXYZ-")) "QRSTUVWXYZ-"))
return AF_INET; return AF_INET;
@ -66,11 +65,9 @@ sys_get_af(const char *addr)
return AF_UNSPEC; return AF_UNSPEC;
} }
static int sys_rand_seeded = 0; static int sys_rand_seeded = 0;
static void static void sys_rand_seed(void) {
sys_rand_seed(void) {
struct timeval seed; struct timeval seed;
if(gettimeofday(&seed, NULL) == -1) { if(gettimeofday(&seed, NULL) == -1) {
@ -81,19 +78,16 @@ sys_rand_seed(void) {
sys_rand_seeded = 1; sys_rand_seeded = 1;
} }
uint16_t uint16_t sys_rand16(void) {
sys_rand16(void) {
if(unlikely(!sys_rand_seeded)) if(unlikely(!sys_rand_seeded))
sys_rand_seed(); sys_rand_seed();
return random(); return random();
} }
uint32_t uint32_t sys_rand32(void) {
sys_rand32(void) {
if(unlikely(!sys_rand_seeded)) if(unlikely(!sys_rand_seeded))
sys_rand_seed(); sys_rand_seed();
return random(); return random();
} }
/* vim: set noet ft=c: */ /* vim: set noet ft=c: */

17
ssl/ciphersuites.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: ciphersuites.c,v 1.3 2002/08/17 01:33:17 ekr Exp $ $Id: ciphersuites.c,v 1.3 2002/08/17 01:33:17 ekr Exp $
@ -43,8 +44,6 @@
ekr@rtfm.com Tue Mar 30 17:19:56 1999 ekr@rtfm.com Tue Mar 30 17:19:56 1999
*/ */
#include <r_common.h> #include <r_common.h>
#include "sslciphers.h" #include "sslciphers.h"
@ -156,7 +155,8 @@ static SSL_CipherSuite CipherSuites[]={
{197, KEX_DH, SIG_NONE, ENC_CAMELLIA256, 16, 256, 256, DIG_SHA256, 32, 0}, {197, KEX_DH, SIG_NONE, ENC_CAMELLIA256, 16, 256, 256, DIG_SHA256, 32, 0},
{4865, KEX_DH, SIG_NONE, ENC_AES128_GCM, 16, 128, 128, DIG_SHA256, 32, 0}, {4865, KEX_DH, SIG_NONE, ENC_AES128_GCM, 16, 128, 128, DIG_SHA256, 32, 0},
{4866, KEX_DH, SIG_NONE, ENC_AES256_GCM, 16, 256, 256, DIG_SHA384, 48, 0}, {4866, KEX_DH, SIG_NONE, ENC_AES256_GCM, 16, 256, 256, DIG_SHA384, 48, 0},
{4867,KEX_DH,SIG_NONE,ENC_CHACHA20_POLY1305,64,256,256,DIG_SHA256,32,0}, {4867, KEX_DH, SIG_NONE, ENC_CHACHA20_POLY1305, 64, 256, 256, DIG_SHA256,
32, 0},
{4868, KEX_DH, SIG_NONE, ENC_AES128_CCM, 16, 128, 128, DIG_SHA256, 32, 0}, {4868, KEX_DH, SIG_NONE, ENC_AES128_CCM, 16, 128, 128, DIG_SHA256, 32, 0},
{4869, KEX_DH, SIG_NONE, ENC_AES128_CCM_8, 16, 128, 128, DIG_SHA256, 32, 0}, {4869, KEX_DH, SIG_NONE, ENC_AES128_CCM_8, 16, 128, 128, DIG_SHA256, 32, 0},
{49153, KEX_DH, SIG_DSS, ENC_NULL, 0, 0, 0, DIG_SHA, 20, 0}, {49153, KEX_DH, SIG_DSS, ENC_NULL, 0, 0, 0, DIG_SHA, 20, 0},
@ -230,12 +230,9 @@ static SSL_CipherSuite CipherSuites[]={
{49292, KEX_DH, SIG_RSA, ENC_CAMELLIA128, 4, 128, 128, DIG_SHA256, 32, 0}, {49292, KEX_DH, SIG_RSA, ENC_CAMELLIA128, 4, 128, 128, DIG_SHA256, 32, 0},
{49293, KEX_DH, SIG_RSA, ENC_CAMELLIA256, 4, 256, 256, DIG_SHA384, 48, 0}, {49293, KEX_DH, SIG_RSA, ENC_CAMELLIA256, 4, 256, 256, DIG_SHA384, 48, 0},
// Missing: 49294-49307 // Missing: 49294-49307
{-1} {-1}};
};
int int ssl_find_cipher(int num, SSL_CipherSuite **cs) {
ssl_find_cipher (int num, SSL_CipherSuite **cs)
{
SSL_CipherSuite *c; SSL_CipherSuite *c;
for(c = CipherSuites; c->number != -1; c++) { for(c = CipherSuites; c->number != -1; c++) {
@ -247,5 +244,3 @@ ssl_find_cipher (int num, SSL_CipherSuite **cs)
ERETURN(R_NOT_FOUND); ERETURN(R_NOT_FOUND);
} }

3319
ssl/ssl.enums.c
View file

File diff suppressed because it is too large Load diff

274
ssl/ssl_analyze.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: ssl_analyze.c,v 1.8 2002/01/21 18:46:13 ekr Exp $ $Id: ssl_analyze.c,v 1.8 2002/01/21 18:46:13 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Fri Jan 8 14:07:05 1999 ekr@rtfm.com Fri Jan 8 14:07:05 1999
*/ */
#include <json.h> #include <json.h>
#include <arpa/inet.h> #include <arpa/inet.h>
#include <netdb.h> #include <netdb.h>
@ -59,24 +59,34 @@ UINT4 SSL_print_flags = 1 | P_HT | P_HL;
static int parse_ssl_flags PROTO_LIST((char *str)); static int parse_ssl_flags PROTO_LIST((char *str));
static int create_ssl_ctx PROTO_LIST((void *handle, proto_ctx **ctxp)); static int create_ssl_ctx PROTO_LIST((void *handle, proto_ctx **ctxp));
static int create_ssl_analyzer PROTO_LIST((void *handle, static int create_ssl_analyzer PROTO_LIST((void *handle,
proto_ctx *ctx,tcp_conn *conn,proto_obj **objp, proto_ctx *ctx,
struct sockaddr_storage *i_addr,u_short i_port, tcp_conn *conn,
struct sockaddr_storage *r_addr,u_short r_port, struct timeval *base_time)); proto_obj **objp,
struct sockaddr_storage *i_addr,
u_short i_port,
struct sockaddr_storage *r_addr,
u_short r_port,
struct timeval *base_time));
static int destroy_ssl_ctx PROTO_LIST((void *handle, proto_ctx **ctxp)); static int destroy_ssl_ctx PROTO_LIST((void *handle, proto_ctx **ctxp));
static int destroy_ssl_analyzer PROTO_LIST((proto_obj * *objp)); static int destroy_ssl_analyzer PROTO_LIST((proto_obj * *objp));
static int read_ssl_record PROTO_LIST((ssl_obj *obj,r_queue *q,segment *seg, static int read_ssl_record PROTO_LIST((ssl_obj * obj,
int offset,segment **lastp,int *offsetp)); r_queue *q,
static int read_data PROTO_LIST((r_queue *q,segment *seg,int offset, segment *seg,
segment **lastp,int *offsetp)); int offset,
static int data_ssl_analyzer PROTO_LIST((proto_obj *_obj,segment *seg, segment **lastp,
int *offsetp));
static int read_data PROTO_LIST(
(r_queue * q, segment *seg, int offset, segment **lastp, int *offsetp));
static int data_ssl_analyzer PROTO_LIST((proto_obj * _obj,
segment *seg,
int direction)); int direction));
int close_ssl_analyzer PROTO_LIST((proto_obj * _obj, packet *p, int direction)); int close_ssl_analyzer PROTO_LIST((proto_obj * _obj, packet *p, int direction));
static int create_r_queue PROTO_LIST((r_queue * *qp)); static int create_r_queue PROTO_LIST((r_queue * *qp));
static int free_r_queue PROTO_LIST((r_queue * q)); static int free_r_queue PROTO_LIST((r_queue * q));
static int print_ssl_record PROTO_LIST((ssl_obj *obj,int direction, static int print_ssl_record PROTO_LIST(
segment *q,UCHAR *data,int len)); (ssl_obj * obj, int direction, segment *q, UCHAR *data, int len));
char *SSL_keyfile = 0; char *SSL_keyfile = 0;
char *SSL_password = 0; char *SSL_password = 0;
char *SSL_keylogfile = 0; char *SSL_keylogfile = 0;
@ -95,84 +105,29 @@ flag_struct flags[]={
"ts", "ts",
SSL_PRINT_TIMESTAMP, SSL_PRINT_TIMESTAMP,
}, },
{ {'e', "tsa", SSL_PRINT_TIMESTAMP | SSL_PRINT_TIMESTAMP_ABSOLUTE},
'e', {'x', "x", SSL_PRINT_HEXDUMP},
"tsa", {'X', "X", SSL_PRINT_HEX_ONLY},
SSL_PRINT_TIMESTAMP|SSL_PRINT_TIMESTAMP_ABSOLUTE {'r', "rh", SSL_PRINT_RECORD_HEADER},
}, {0, "ht", SSL_PRINT_HANDSHAKE_TYPE},
{ {0, "H", SSL_PRINT_HIGHLIGHTS},
'x', {'A', "all", SSL_PRINT_ALL_FIELDS},
"x", {0, "d", SSL_PRINT_DECODE},
SSL_PRINT_HEXDUMP {'y', "nroff", SSL_PRINT_NROFF},
}, {'N', "asn", SSL_PRINT_DECODE_ASN1},
{ {0, "crypto", SSL_PRINT_CRYPTO},
'X', {'d', "appdata", SSL_PRINT_APP_DATA},
"X", {'q', "quiet", P_HL | NEGATE},
SSL_PRINT_HEX_ONLY {0}};
},
{
'r',
"rh",
SSL_PRINT_RECORD_HEADER
},
{
0,
"ht",
SSL_PRINT_HANDSHAKE_TYPE
},
{
0,
"H",
SSL_PRINT_HIGHLIGHTS
},
{
'A',
"all",
SSL_PRINT_ALL_FIELDS
},
{
0,
"d",
SSL_PRINT_DECODE
},
{
'y',
"nroff",
SSL_PRINT_NROFF
},
{
'N',
"asn",
SSL_PRINT_DECODE_ASN1
},
{
0,
"crypto",
SSL_PRINT_CRYPTO
},
{
'd',
"appdata",
SSL_PRINT_APP_DATA
},
{ 'q',
"quiet",
P_HL | NEGATE
},
{0}
};
int int parse_ssl_flag(int flag) {
parse_ssl_flag (int flag)
{
flag_struct *fl; flag_struct *fl;
for(fl = flags; fl->name; fl++) { for(fl = flags; fl->name; fl++) {
if(fl->ch == flag) { if(fl->ch == flag) {
if(fl->flag & NEGATE) { if(fl->flag & NEGATE) {
SSL_print_flags &= ~(fl->flag); SSL_print_flags &= ~(fl->flag);
} } else
else
SSL_print_flags |= fl->flag; SSL_print_flags |= fl->flag;
break; break;
} }
@ -181,9 +136,7 @@ parse_ssl_flag (int flag)
return (0); return (0);
} }
static int static int parse_ssl_flags(char *str) {
parse_ssl_flags (char *str)
{
char *x, *y; char *x, *y;
flag_struct *fl; flag_struct *fl;
int bang; int bang;
@ -196,13 +149,14 @@ parse_ssl_flags (char *str)
if(*x == '!') { if(*x == '!') {
bang = 1; bang = 1;
x++; x++;
} } else
else
bang = 0; bang = 0;
for(fl = flags; fl->name; fl++) { for(fl = flags; fl->name; fl++) {
if(!strcmp(x, fl->name)) { if(!strcmp(x, fl->name)) {
if(!bang) SSL_print_flags |= fl->flag; if(!bang)
else SSL_print_flags &= ~fl->flag; SSL_print_flags |= fl->flag;
else
SSL_print_flags &= ~fl->flag;
break; break;
} }
} }
@ -214,13 +168,12 @@ parse_ssl_flags (char *str)
return (0); return (0);
} }
static int static int create_ssl_ctx(void *handle, proto_ctx **ctxp) {
create_ssl_ctx (void *handle, proto_ctx **ctxp)
{
ssl_decode_ctx *ctx = 0; ssl_decode_ctx *ctx = 0;
int r, _status; int r, _status;
if((r=ssl_decode_ctx_create(&ctx,SSL_keyfile,SSL_password,SSL_keylogfile))) if((r = ssl_decode_ctx_create(&ctx, SSL_keyfile, SSL_password,
SSL_keylogfile)))
ABORT(r); ABORT(r);
*ctxp = (proto_ctx *)ctx; *ctxp = (proto_ctx *)ctx;
@ -229,19 +182,22 @@ create_ssl_ctx (void *handle, proto_ctx **ctxp)
return (_status); return (_status);
} }
static int static int destroy_ssl_ctx(void *handle, proto_ctx **ctxp) {
destroy_ssl_ctx (void *handle, proto_ctx **ctxp)
{
ssl_decode_ctx *ctx = 0; ssl_decode_ctx *ctx = 0;
ctx = (ssl_decode_ctx *)*ctxp; ctx = (ssl_decode_ctx *)*ctxp;
ssl_decode_ctx_destroy(&ctx); ssl_decode_ctx_destroy(&ctx);
return 0; return 0;
} }
static int create_ssl_analyzer(void *handle, proto_ctx *ctx, tcp_conn *conn, static int create_ssl_analyzer(void *handle,
proto_obj **objp, struct sockaddr_storage *i_addr, u_short i_port, struct sockaddr_storage *r_addr, proto_ctx *ctx,
u_short r_port, struct timeval *base_time) tcp_conn *conn,
{ proto_obj **objp,
struct sockaddr_storage *i_addr,
u_short i_port,
struct sockaddr_storage *r_addr,
u_short r_port,
struct timeval *base_time) {
int r, _status; int r, _status;
ssl_obj *obj = 0; ssl_obj *obj = 0;
@ -281,7 +237,9 @@ static int create_ssl_analyzer(void *handle, proto_ctx *ctx, tcp_conn *conn,
_status = 0; _status = 0;
// check logger... // check logger...
if (logger) _status=logger->vtbl->create(&obj->logger_obj,i_addr,i_port,r_addr,r_port,base_time); if(logger)
_status = logger->vtbl->create(&obj->logger_obj, i_addr, i_port, r_addr,
r_port, base_time);
abort: abort:
if(_status) { if(_status) {
@ -290,9 +248,7 @@ static int create_ssl_analyzer(void *handle, proto_ctx *ctx, tcp_conn *conn,
return (_status); return (_status);
} }
static int static int destroy_ssl_analyzer(proto_obj **objp) {
destroy_ssl_analyzer (proto_obj **objp)
{
ssl_obj *obj; ssl_obj *obj;
if(!objp || !*objp) if(!objp || !*objp)
@ -302,7 +258,8 @@ destroy_ssl_analyzer (proto_obj **objp)
DBG((0, "Destroying SSL analyzer")); DBG((0, "Destroying SSL analyzer"));
// check logger... // check logger...
if (logger) logger->vtbl->destroy(&obj->logger_obj); if(logger)
logger->vtbl->destroy(&obj->logger_obj);
free_r_queue(obj->i2r_queue); free_r_queue(obj->i2r_queue);
free_r_queue(obj->r2i_queue); free_r_queue(obj->r2i_queue);
@ -318,19 +275,15 @@ destroy_ssl_analyzer (proto_obj **objp)
return (0); return (0);
} }
static int free_r_queue(r_queue *q) {
static int
free_r_queue (r_queue *q)
{
FREE(q->data); FREE(q->data);
if(q->q) free_tcp_segment_queue(q->q); if(q->q)
free_tcp_segment_queue(q->q);
free(q); free(q);
return (0); return (0);
} }
static int static int create_r_queue(r_queue **qp) {
create_r_queue (r_queue **qp)
{
r_queue *q = 0; r_queue *q = 0;
int _status; int _status;
@ -353,8 +306,12 @@ create_r_queue (r_queue **qp)
return (_status); return (_status);
} }
static int static int read_ssl_record(ssl_obj *obj,
read_ssl_record (ssl_obj *obj, r_queue *q, segment *seg, int offset, segment **lastp, int *offsetp) r_queue *q,
segment *seg,
int offset,
segment **lastp,
int *offsetp)
{ {
segment *last = seg; segment *last = seg;
@ -414,10 +371,11 @@ read_ssl_record (ssl_obj *obj, r_queue *q, segment *seg, int offset, segment **l
return (_status); return (_status);
} }
static int read_data(r_queue *q,
static int segment *seg,
read_data (r_queue *q, segment *seg, int offset, segment **lastp, int *offsetp) int offset,
{ segment **lastp,
int *offsetp) {
int tocpy = 0, r, _status; int tocpy = 0, r, _status;
#ifdef DEBUG #ifdef DEBUG
int bread = 0; int bread = 0;
@ -451,13 +409,14 @@ read_data (r_queue *q, segment *seg, int offset, segment **lastp, int *offsetp)
if(seg && tocpy == (seg->len - offset)) { if(seg && tocpy == (seg->len - offset)) {
*lastp = 0; *lastp = 0;
*offsetp = 0; *offsetp = 0;
} } else {
else{
*lastp = seg; *lastp = seg;
if(seg) *offsetp=tocpy+offset; if(seg)
*offsetp = tocpy + offset;
} }
if(q->read_left<0) abort(); if(q->read_left < 0)
abort();
DBG((0, "read_data %d bytes read", bread)); DBG((0, "read_data %d bytes read", bread));
@ -466,9 +425,7 @@ read_data (r_queue *q, segment *seg, int offset, segment **lastp, int *offsetp)
return (_status); return (_status);
} }
static int static int data_ssl_analyzer(proto_obj *_obj, segment *seg, int direction) {
data_ssl_analyzer (proto_obj *_obj, segment *seg, int direction)
{
int _status, r; int _status, r;
r_queue *q; r_queue *q;
segment *last, *q_next = NULL, *assembled; segment *last, *q_next = NULL, *assembled;
@ -493,7 +450,6 @@ data_ssl_analyzer (proto_obj *_obj, segment *seg, int direction)
} }
if(ssl->i_state == SSL_ST_SENT_NOTHING) { if(ssl->i_state == SSL_ST_SENT_NOTHING) {
r = process_beginning_plaintext(ssl, seg, direction); r = process_beginning_plaintext(ssl, seg, direction);
if(r == SSL_NO_DATA) if(r == SSL_NO_DATA)
return (0); return (0);
@ -512,8 +468,7 @@ data_ssl_analyzer (proto_obj *_obj, segment *seg, int direction)
if(q->q_last) { if(q->q_last) {
q->q_last->next = seg; q->q_last->next = seg;
assembled = q->q; assembled = q->q;
} } else
else
assembled = seg; assembled = seg;
ssl->direction = direction; ssl->direction = direction;
@ -523,11 +478,16 @@ data_ssl_analyzer (proto_obj *_obj, segment *seg, int direction)
/*Now reset things, so we can read another record*/ /*Now reset things, so we can read another record*/
if(q) { if(q) {
if(q->q_last) q->q_last->next=0; if(q->q_last)
q->q_last->next = 0;
if(last) if(last)
last->next = q_next; last->next = q_next;
free_tcp_segment_queue(q->q); free_tcp_segment_queue(q->q);
q->q=0;q->q_last=0;q->offset=0;q->len=0;q->ptr=q->data; q->q = 0;
q->q_last = 0;
q->offset = 0;
q->len = 0;
q->ptr = q->data;
q->state = SSL_READ_NONE; q->state = SSL_READ_NONE;
} }
@ -542,16 +502,19 @@ data_ssl_analyzer (proto_obj *_obj, segment *seg, int direction)
return (_status); return (_status);
} }
static int static int print_ssl_header(ssl_obj *obj,
print_ssl_header (ssl_obj *obj, int direction, segment *q, UCHAR *data, int len) int direction,
{ segment *q,
UCHAR *data,
int len) {
int ct = 0; int ct = 0;
segment *s; segment *s;
ssl_print_record_num(obj); ssl_print_record_num(obj);
if(SSL_print_flags & SSL_PRINT_TIMESTAMP) { if(SSL_print_flags & SSL_PRINT_TIMESTAMP) {
for(s=q;s;s=s->next) ct++; for(s = q; s; s = s->next)
ct++;
for(s = q; s; s = s->next) { for(s = q; s; s = s->next) {
ssl_print_timestamp(obj, &s->p->ts); ssl_print_timestamp(obj, &s->p->ts);
@ -566,9 +529,11 @@ print_ssl_header (ssl_obj *obj, int direction, segment *q, UCHAR *data, int len)
return (0); return (0);
} }
static int static int print_ssl_record(ssl_obj *obj,
print_ssl_record (ssl_obj *obj, int direction, segment *q, UCHAR *data, int len) int direction,
{ segment *q,
UCHAR *data,
int len) {
int r; int r;
obj->cur_json_st = json_object_new_object(); obj->cur_json_st = json_object_new_object();
@ -582,7 +547,8 @@ print_ssl_record (ssl_obj *obj, int direction, segment *q, UCHAR *data, int len)
INIT_DATA(d, data, len); INIT_DATA(d, data, len);
exdump(obj, "Packet data", &d); exdump(obj, "Packet data", &d);
LF;LF; LF;
LF;
} }
if(SSL_print_flags & SSL_PRINT_JSON) if(SSL_print_flags & SSL_PRINT_JSON)
@ -593,9 +559,7 @@ print_ssl_record (ssl_obj *obj, int direction, segment *q, UCHAR *data, int len)
return (0); return (0);
} }
int int close_ssl_analyzer(proto_obj *_obj, packet *p, int dir) {
close_ssl_analyzer (proto_obj *_obj, packet *p, int dir)
{
ssl_obj *ssl = (ssl_obj *)_obj; ssl_obj *ssl = (ssl_obj *)_obj;
char *what; char *what;
@ -605,7 +569,8 @@ close_ssl_analyzer (proto_obj *_obj, packet *p, int dir)
what = "FIN"; what = "FIN";
// check logger... // check logger...
if (logger) logger->vtbl->close(ssl->logger_obj,NULL,0,dir); if(logger)
logger->vtbl->close(ssl->logger_obj, NULL, 0, dir);
explain(ssl, "%d ", ssl->conn->conn_number); explain(ssl, "%d ", ssl->conn->conn_number);
ssl_print_timestamp(ssl, &p->ts); ssl_print_timestamp(ssl, &p->ts);
@ -615,23 +580,10 @@ close_ssl_analyzer (proto_obj *_obj, packet *p, int dir)
return (0); return (0);
} }
static struct proto_mod_vtbl_ ssl_vtbl = { static struct proto_mod_vtbl_ ssl_vtbl = {
parse_ssl_flags, parse_ssl_flags, parse_ssl_flag, create_ssl_ctx,
parse_ssl_flag, create_ssl_analyzer, destroy_ssl_ctx, destroy_ssl_analyzer,
create_ssl_ctx, data_ssl_analyzer, close_ssl_analyzer,
create_ssl_analyzer,
destroy_ssl_ctx,
destroy_ssl_analyzer,
data_ssl_analyzer,
close_ssl_analyzer,
}; };
struct proto_mod_ ssl_mod = { struct proto_mod_ ssl_mod = {0, &ssl_vtbl};
0,
&ssl_vtbl
};

5
ssl/ssl_analyze.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: ssl_analyze.h,v 1.3 2000/11/09 18:52:24 ekr Exp $ $Id: ssl_analyze.h,v 1.3 2000/11/09 18:52:24 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Jan 12 08:45:44 1999 ekr@rtfm.com Tue Jan 12 08:45:44 1999
*/ */
#ifndef _ssl_analyze_h #ifndef _ssl_analyze_h
#define _ssl_analyze_h #define _ssl_analyze_h
@ -87,4 +87,3 @@ extern char *SSL_password;
extern char *SSL_keylogfile; extern char *SSL_keylogfile;
#endif #endif

7
ssl/ssl_h.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: ssl_h.h,v 1.6 2002/08/17 01:33:17 ekr Exp $ $Id: ssl_h.h,v 1.6 2002/08/17 01:33:17 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Fri Jan 8 14:09:37 1999 ekr@rtfm.com Fri Jan 8 14:09:37 1999
*/ */
#ifndef _ssl_h #ifndef _ssl_h
#define _ssl_h #define _ssl_h
@ -52,7 +52,6 @@
typedef struct ssl_decode_ctx_ ssl_decode_ctx; typedef struct ssl_decode_ctx_ ssl_decode_ctx;
typedef struct ssl_decoder_ ssl_decoder; typedef struct ssl_decoder_ ssl_decoder;
typedef struct d_queue_ { typedef struct d_queue_ {
short state; /*What state we're in*/ short state; /*What state we're in*/
#define SSL_READ_NONE 1 #define SSL_READ_NONE 1
@ -146,6 +145,4 @@ typedef struct decoder_ {
#include "ssldecode.h" #include "ssldecode.h"
#endif #endif

156
ssl/ssl_rec.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: ssl_rec.c,v 1.3 2000/11/03 06:38:06 ekr Exp $ $Id: ssl_rec.c,v 1.3 2000/11/03 06:38:06 ekr Exp $
@ -43,8 +44,6 @@
ekr@rtfm.com Wed Aug 18 15:46:57 1999 ekr@rtfm.com Wed Aug 18 15:46:57 1999
*/ */
#include "network.h" #include "network.h"
#include "ssl_h.h" #include "ssl_h.h"
#include "sslprint.h" #include "sslprint.h"
@ -58,7 +57,6 @@
#include "ssldecode.h" #include "ssldecode.h"
#include "ssl_rec.h" #include "ssl_rec.h"
struct ssl_rec_decoder_ { struct ssl_rec_decoder_ {
SSL_CipherSuite *cs; SSL_CipherSuite *cs;
Data *mac_key; Data *mac_key;
@ -70,43 +68,35 @@ struct ssl_rec_decoder_ {
UINT8 seq; UINT8 seq;
}; };
char *digests[]={ char *digests[] = {"MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", NULL};
"MD5",
"SHA1",
"SHA224",
"SHA256",
"SHA384",
"SHA512",
NULL
};
char *ciphers[] = { char *ciphers[] = {
"DES", "DES", "3DES",
"3DES", "RC4", "RC2",
"RC4", "IDEA", "AES128",
"RC2", "AES256", "CAMELLIA128",
"IDEA", "CAMELLIA256", "SEED",
"AES128", NULL, "aes-128-gcm",
"AES256", "aes-256-gcm", "ChaCha20-Poly1305",
"CAMELLIA128",
"CAMELLIA256",
"SEED",
NULL,
"aes-128-gcm",
"aes-256-gcm",
"ChaCha20-Poly1305",
"aes-128-ccm", "aes-128-ccm",
"aes-128-ccm", // for ccm 8, uses the same cipher "aes-128-ccm", // for ccm 8, uses the same cipher
}; };
static int tls_check_mac PROTO_LIST((ssl_rec_decoder * d,
static int tls_check_mac PROTO_LIST((ssl_rec_decoder *d,int ct, int ct,
int ver,UCHAR *data,UINT4 datalen,UCHAR *iv,UINT4 ivlen,UCHAR *mac)); int ver,
UCHAR *data,
UINT4 datalen,
UCHAR *iv,
UINT4 ivlen,
UCHAR *mac));
static int fmt_seq PROTO_LIST((UINT4 num, UCHAR *buf)); static int fmt_seq PROTO_LIST((UINT4 num, UCHAR *buf));
int int ssl_create_rec_decoder(ssl_rec_decoder **dp,
ssl_create_rec_decoder (ssl_rec_decoder **dp, ssl_obj *ssl, UCHAR *mk, UCHAR *sk, UCHAR *iv) ssl_obj *ssl,
{ UCHAR *mk,
UCHAR *sk,
UCHAR *iv) {
int r, _status; int r, _status;
ssl_rec_decoder *dec = 0; ssl_rec_decoder *dec = 0;
#ifdef OPENSSL #ifdef OPENSSL
@ -118,8 +108,7 @@ ssl_create_rec_decoder (ssl_rec_decoder **dp, ssl_obj *ssl, UCHAR *mk, UCHAR *sk
ciph = (EVP_CIPHER *)EVP_get_cipherbyname(ciphers[ssl->cs->enc - 0x30]); ciph = (EVP_CIPHER *)EVP_get_cipherbyname(ciphers[ssl->cs->enc - 0x30]);
if(!ciph) if(!ciph)
ABORT(R_INTERNAL); ABORT(R_INTERNAL);
} } else {
else {
ciph = EVP_enc_null(); ciph = EVP_enc_null();
} }
@ -139,14 +128,13 @@ ssl_create_rec_decoder (ssl_rec_decoder **dp, ssl_obj *ssl, UCHAR *mk, UCHAR *sk
ABORT(r); ABORT(r);
/* /*
This is necessary for AEAD ciphers, because we must wait to fully initialize the cipher This is necessary for AEAD ciphers, because we must wait to fully
in order to include the implicit IV initialize the cipher in order to include the implicit IV
*/ */
if(IS_AEAD_CIPHER(ssl->cs)) { if(IS_AEAD_CIPHER(ssl->cs)) {
sk = NULL; sk = NULL;
iv = NULL; iv = NULL;
} } else
else
memcpy(dec->mac_key->data, mk, ssl->cs->dig_len); memcpy(dec->mac_key->data, mk, ssl->cs->dig_len);
if(!(dec->evp = EVP_CIPHER_CTX_new())) if(!(dec->evp = EVP_CIPHER_CTX_new()))
@ -164,9 +152,7 @@ ssl_create_rec_decoder (ssl_rec_decoder **dp, ssl_obj *ssl, UCHAR *mk, UCHAR *sk
return (_status); return (_status);
} }
int int ssl_destroy_rec_decoder(ssl_rec_decoder **dp) {
ssl_destroy_rec_decoder (ssl_rec_decoder **dp)
{
ssl_rec_decoder *d; ssl_rec_decoder *d;
if(!dp || !*dp) if(!dp || !*dp)
@ -187,21 +173,23 @@ ssl_destroy_rec_decoder (ssl_rec_decoder **dp)
return (0); return (0);
} }
#define MSB(a) ((a >> 8) & 0xff) #define MSB(a) ((a >> 8) & 0xff)
#define LSB(a) (a & 0xff) #define LSB(a) (a & 0xff)
int int tls13_update_rec_key(ssl_rec_decoder *d, UCHAR *newkey, UCHAR *newiv) {
tls13_update_rec_key (ssl_rec_decoder *d, UCHAR *newkey, UCHAR *newiv)
{
d->write_key->data = newkey; d->write_key->data = newkey;
d->implicit_iv->data = newiv; d->implicit_iv->data = newiv;
d->seq = 0; d->seq = 0;
} }
int int tls13_decode_rec_data(ssl_obj *ssl,
tls13_decode_rec_data (ssl_obj *ssl, ssl_rec_decoder *d, int ct, int version, UCHAR *in, int inl, UCHAR *out, int *outl) ssl_rec_decoder *d,
{ int ct,
int version,
UCHAR *in,
int inl,
UCHAR *out,
int *outl) {
int pad, i; int pad, i;
int r, encpadl, x, _status = 0; int r, encpadl, x, _status = 0;
UCHAR aad[5], aead_nonce[12], *tag; UCHAR aad[5], aead_nonce[12], *tag;
@ -235,7 +223,8 @@ tls13_decode_rec_data (ssl_obj *ssl, ssl_rec_decoder *d, int ct, int version, UC
ABORT(-1); ABORT(-1);
} }
if (IS_CCM_CIPHER(d->cs) && !EVP_CIPHER_CTX_ctrl(d->evp, EVP_CTRL_AEAD_SET_TAG, taglen, tag)) { if(IS_CCM_CIPHER(d->cs) &&
!EVP_CIPHER_CTX_ctrl(d->evp, EVP_CTRL_AEAD_SET_TAG, taglen, tag)) {
fprintf(stderr, "Unable to set tag for ccm cipher\n"); fprintf(stderr, "Unable to set tag for ccm cipher\n");
ABORT(-1); ABORT(-1);
} }
@ -245,7 +234,8 @@ tls13_decode_rec_data (ssl_obj *ssl, ssl_rec_decoder *d, int ct, int version, UC
ABORT(-1); ABORT(-1);
} }
if (IS_CCM_CIPHER(d->cs) && !EVP_DecryptUpdate(d->evp,NULL,outl,NULL,inl)){ if(IS_CCM_CIPHER(d->cs) &&
!EVP_DecryptUpdate(d->evp, NULL, outl, NULL, inl)) {
fprintf(stderr, "Unable to update data length\n"); fprintf(stderr, "Unable to update data length\n");
ABORT(-1); ABORT(-1);
} }
@ -261,7 +251,9 @@ tls13_decode_rec_data (ssl_obj *ssl, ssl_rec_decoder *d, int ct, int version, UC
ABORT(-1); ABORT(-1);
} }
if (!IS_CCM_CIPHER(d->cs) && (!EVP_CIPHER_CTX_ctrl(d->evp,EVP_CTRL_GCM_SET_TAG,taglen,tag) || !EVP_DecryptFinal(d->evp,NULL,&x))) { if(!IS_CCM_CIPHER(d->cs) &&
(!EVP_CIPHER_CTX_ctrl(d->evp, EVP_CTRL_GCM_SET_TAG, taglen, tag) ||
!EVP_DecryptFinal(d->evp, NULL, &x))) {
fprintf(stderr, "BAD MAC\n"); fprintf(stderr, "BAD MAC\n");
ABORT(SSL_BAD_MAC); ABORT(SSL_BAD_MAC);
} }
@ -271,9 +263,14 @@ abort:
return _status; return _status;
} }
int int ssl_decode_rec_data(ssl_obj *ssl,
ssl_decode_rec_data (ssl_obj *ssl, ssl_rec_decoder *d, int ct, int version, UCHAR *in, int inl, UCHAR *out, int *outl) ssl_rec_decoder *d,
{ int ct,
int version,
UCHAR *in,
int inl,
UCHAR *out,
int *outl) {
#ifdef OPENSSL #ifdef OPENSSL
int pad; int pad;
int r, encpadl, x; int r, encpadl, x;
@ -286,10 +283,7 @@ ssl_decode_rec_data (ssl_obj *ssl, ssl_rec_decoder *d, int ct, int version, UCHA
in += 12 - d->implicit_iv->len; in += 12 - d->implicit_iv->len;
inl -= 12 - d->implicit_iv->len; inl -= 12 - d->implicit_iv->len;
EVP_DecryptInit(d->evp, EVP_DecryptInit(d->evp, NULL, d->write_key->data, aead_nonce);
NULL,
d->write_key->data,
aead_nonce);
/* /*
Then tag is always 16 bytes, as per: Then tag is always 16 bytes, as per:
@ -341,8 +335,7 @@ ssl_decode_rec_data (ssl_obj *ssl, ssl_rec_decoder *d, int ct, int version, UCHA
if(blk <= *outl) { if(blk <= *outl) {
*outl -= blk; *outl -= blk;
memmove(out, out + blk, *outl); memmove(out, out + blk, *outl);
} } else {
else {
DBG((0, "Block size greater than Plaintext!")); DBG((0, "Block size greater than Plaintext!"));
ERETURN(SSL_BAD_MAC); ERETURN(SSL_BAD_MAC);
} }
@ -350,13 +343,10 @@ ssl_decode_rec_data (ssl_obj *ssl, ssl_rec_decoder *d, int ct, int version, UCHA
if((r = tls_check_mac(d, ct, version, in + blk, encpadl, in, blk, mac))) if((r = tls_check_mac(d, ct, version, in + blk, encpadl, in, blk, mac)))
ERETURN(r); ERETURN(r);
} } else if((r = tls_check_mac(d, ct, version, in, encpadl, NULL, 0, mac)))
else
if((r=tls_check_mac(d,ct,version,in,encpadl,NULL,0,mac)))
ERETURN(r); ERETURN(r);
} } else {
else {
/* First decrypt*/ /* First decrypt*/
EVP_Cipher(d->evp, out, in, inl); EVP_Cipher(d->evp, out, in, inl);
@ -378,8 +368,7 @@ ssl_decode_rec_data (ssl_obj *ssl, ssl_rec_decoder *d, int ct, int version, UCHA
if(ssl->version == 0x300) { if(ssl->version == 0x300) {
if((r = ssl3_check_mac(d, ct, version, out, *outl, mac))) if((r = ssl3_check_mac(d, ct, version, out, *outl, mac)))
ERETURN(r); ERETURN(r);
} } else {
else{
/* TLS 1.1 and beyond: remove explicit IV, only used with /* TLS 1.1 and beyond: remove explicit IV, only used with
* non-stream ciphers. */ * non-stream ciphers. */
if(ssl->version >= 0x0302 && ssl->cs->block > 1) { if(ssl->version >= 0x0302 && ssl->cs->block > 1) {
@ -387,8 +376,7 @@ ssl_decode_rec_data (ssl_obj *ssl, ssl_rec_decoder *d, int ct, int version, UCHA
if(blk <= *outl) { if(blk <= *outl) {
*outl -= blk; *outl -= blk;
memmove(out, out + blk, *outl); memmove(out, out + blk, *outl);
} } else {
else {
DBG((0, "Block size greater than Plaintext!")); DBG((0, "Block size greater than Plaintext!"));
ERETURN(SSL_BAD_MAC); ERETURN(SSL_BAD_MAC);
} }
@ -401,14 +389,11 @@ ssl_decode_rec_data (ssl_obj *ssl, ssl_rec_decoder *d, int ct, int version, UCHA
return (0); return (0);
} }
#ifdef OPENSSL #ifdef OPENSSL
/* This should go to 2^128, but we're never really going to see /* This should go to 2^128, but we're never really going to see
more than 2^64, so we cheat*/ more than 2^64, so we cheat*/
static int static int fmt_seq(UINT4 num, UCHAR *buf) {
fmt_seq (UINT4 num, UCHAR *buf)
{
UINT4 netnum; UINT4 netnum;
memset(buf, 0, 8); memset(buf, 0, 8);
@ -418,9 +403,14 @@ fmt_seq (UINT4 num, UCHAR *buf)
return (0); return (0);
} }
static int static int tls_check_mac(ssl_rec_decoder *d,
tls_check_mac (ssl_rec_decoder *d, int ct, int ver, UCHAR *data, UINT4 datalen, UCHAR *iv, UINT4 ivlen, UCHAR *mac) int ct,
{ int ver,
UCHAR *data,
UINT4 datalen,
UCHAR *iv,
UINT4 ivlen,
UCHAR *mac) {
HMAC_CTX *hm = HMAC_CTX_new(); HMAC_CTX *hm = HMAC_CTX_new();
if(!hm) if(!hm)
ERETURN(R_NO_MEMORY); ERETURN(R_NO_MEMORY);
@ -449,8 +439,7 @@ tls_check_mac (ssl_rec_decoder *d, int ct, int ver, UCHAR *data, UINT4 datalen,
if(ivlen && iv) { if(ivlen && iv) {
HMAC_Update(hm, iv, ivlen); HMAC_Update(hm, iv, ivlen);
HMAC_Update(hm, data, datalen - ivlen); HMAC_Update(hm, data, datalen - ivlen);
} } else
else
HMAC_Update(hm, data, datalen); HMAC_Update(hm, data, datalen);
HMAC_Final(hm, buf, &l); HMAC_Final(hm, buf, &l);
@ -461,9 +450,12 @@ tls_check_mac (ssl_rec_decoder *d, int ct, int ver, UCHAR *data, UINT4 datalen,
return (0); return (0);
} }
int int ssl3_check_mac(ssl_rec_decoder *d,
ssl3_check_mac (ssl_rec_decoder *d, int ct, int ver, UCHAR *data, UINT4 datalen, UCHAR *mac) int ct,
{ int ver,
UCHAR *data,
UINT4 datalen,
UCHAR *mac) {
EVP_MD_CTX *mc = EVP_MD_CTX_new(); EVP_MD_CTX *mc = EVP_MD_CTX_new();
const EVP_MD *md; const EVP_MD *md;
UINT4 l; UINT4 l;

44
ssl/ssl_rec.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: ssl_rec.h,v 1.2 2000/10/17 16:10:02 ekr Exp $ $Id: ssl_rec.h,v 1.2 2000/10/17 16:10:02 ekr Exp $
@ -43,24 +44,43 @@
ekr@rtfm.com Wed Aug 18 16:16:23 1999 ekr@rtfm.com Wed Aug 18 16:16:23 1999
*/ */
#ifndef _ssl_rec_h #ifndef _ssl_rec_h
#define _ssl_rec_h #define _ssl_rec_h
typedef struct ssl_rec_decoder_ ssl_rec_decoder; typedef struct ssl_rec_decoder_ ssl_rec_decoder;
int ssl_destroy_rec_decoder PROTO_LIST((ssl_rec_decoder * *dp)); int ssl_destroy_rec_decoder PROTO_LIST((ssl_rec_decoder * *dp));
int ssl_create_rec_decoder PROTO_LIST((ssl_rec_decoder **dp, int ssl_create_rec_decoder PROTO_LIST(
ssl_obj *ssl,UCHAR *mk,UCHAR *sk,UCHAR *iv)); (ssl_rec_decoder * *dp, ssl_obj *ssl, UCHAR *mk, UCHAR *sk, UCHAR *iv));
int ssl_decode_rec_data PROTO_LIST((ssl_obj *ssl,ssl_rec_decoder *d, int ssl_decode_rec_data PROTO_LIST((ssl_obj * ssl,
int ct,int version,UCHAR *in,int inl,UCHAR *out,int *outl)); ssl_rec_decoder *d,
int tls13_decode_rec_data PROTO_LIST((ssl_obj *ssl,ssl_rec_decoder *d,int ct,int version,UCHAR *in,int inl,UCHAR *out,int *outl)); int ct,
int tls13_update_rec_key PROTO_LIST((ssl_rec_decoder *d,UCHAR *newkey, UCHAR *newiv)); int version,
UCHAR *in,
int inl,
UCHAR *out,
int *outl));
int tls13_decode_rec_data PROTO_LIST((ssl_obj * ssl,
ssl_rec_decoder *d,
int ct,
int version,
UCHAR *in,
int inl,
UCHAR *out,
int *outl));
int tls13_update_rec_key PROTO_LIST((ssl_rec_decoder * d,
UCHAR *newkey,
UCHAR *newiv));
int ssl3_check_mac(ssl_rec_decoder *d, int ct, int ver, UCHAR *data, int ssl3_check_mac(ssl_rec_decoder *d,
UINT4 datalen, UCHAR *mac); int ct,
int ver,
UCHAR *data,
UINT4 datalen,
UCHAR *mac);
#define IS_AEAD_CIPHER(cs) (cs->enc==0x3b||cs->enc==0x3c||cs->enc==0x3d||cs->enc==0x3e||cs->enc==0x3f) #define IS_AEAD_CIPHER(cs) \
(cs->enc == 0x3b || cs->enc == 0x3c || cs->enc == 0x3d || cs->enc == 0x3e || \
cs->enc == 0x3f)
#define IS_CCM_CIPHER(cs) (cs->enc == 0x3e || cs->enc == 0x3f) #define IS_CCM_CIPHER(cs) (cs->enc == 0x3e || cs->enc == 0x3f)
#endif #endif

6
ssl/sslciphers.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: sslciphers.h,v 1.3 2002/08/17 01:33:17 ekr Exp $ $Id: sslciphers.h,v 1.3 2002/08/17 01:33:17 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Mar 30 18:11:55 1999 ekr@rtfm.com Tue Mar 30 18:11:55 1999
*/ */
#ifndef _sslciphers_h #ifndef _sslciphers_h
#define _sslciphers_h #define _sslciphers_h
typedef struct SSL_CipherSuite_ { typedef struct SSL_CipherSuite_ {
@ -92,6 +92,4 @@ typedef struct SSL_CipherSuite_ {
int ssl_find_cipher PROTO_LIST((int num, SSL_CipherSuite **cs)); int ssl_find_cipher PROTO_LIST((int num, SSL_CipherSuite **cs));
#endif #endif

455
ssl/ssldecode.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: ssldecode.c,v 1.9 2002/08/17 01:33:17 ekr Exp $ $Id: ssldecode.c,v 1.9 2002/08/17 01:33:17 ekr Exp $
@ -60,12 +61,12 @@
#include "ssl_rec.h" #include "ssl_rec.h"
#include "r_assoc.h" #include "r_assoc.h"
#define PRF(ssl,secret,usage,rnd1,rnd2,out) (ssl->version==SSLV3_VERSION)? \ #define PRF(ssl, secret, usage, rnd1, rnd2, out) \
ssl3_prf(ssl,secret,usage,rnd1,rnd2,out): \ (ssl->version == SSLV3_VERSION) \
((ssl->version == TLSV12_VERSION) ? \ ? ssl3_prf(ssl, secret, usage, rnd1, rnd2, out) \
tls12_prf(ssl,secret,usage,rnd1,rnd2,out): \ : ((ssl->version == TLSV12_VERSION) \
tls_prf(ssl,secret,usage,rnd1,rnd2,out)) ? tls12_prf(ssl, secret, usage, rnd1, rnd2, out) \
: tls_prf(ssl, secret, usage, rnd1, rnd2, out))
static char *ssl_password; static char *ssl_password;
@ -105,18 +106,29 @@ struct ssl_decoder_ {
ssl_rec_decoder *s_to_c_n; ssl_rec_decoder *s_to_c_n;
}; };
#ifdef OPENSSL #ifdef OPENSSL
static int tls_P_hash PROTO_LIST((ssl_obj *ssl,Data *secret,Data *seed, static int tls_P_hash PROTO_LIST(
const EVP_MD *md,Data *out)); (ssl_obj * ssl, Data *secret, Data *seed, const EVP_MD *md, Data *out));
static int tls12_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage, static int tls12_prf PROTO_LIST((ssl_obj * ssl,
Data *rnd1,Data *rnd2,Data *out)); Data *secret,
static int tls_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage, char *usage,
Data *rnd1,Data *rnd2,Data *out)); Data *rnd1,
static int ssl3_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage, Data *rnd2,
Data *rnd1,Data *rnd2,Data *out)); Data *out));
static int ssl3_generate_export_iv PROTO_LIST((ssl_obj *ssl, static int tls_prf PROTO_LIST((ssl_obj * ssl,
Data *rnd1,Data *rnd2,Data *out)); Data *secret,
char *usage,
Data *rnd1,
Data *rnd2,
Data *out));
static int ssl3_prf PROTO_LIST((ssl_obj * ssl,
Data *secret,
char *usage,
Data *rnd1,
Data *rnd2,
Data *out));
static int ssl3_generate_export_iv
PROTO_LIST((ssl_obj * ssl, Data *rnd1, Data *rnd2, Data *out));
static int ssl_generate_keying_material PROTO_LIST((ssl_obj * ssl, static int ssl_generate_keying_material PROTO_LIST((ssl_obj * ssl,
ssl_decoder *d)); ssl_decoder *d));
static int ssl_generate_session_hash PROTO_LIST((ssl_obj * ssl, static int ssl_generate_session_hash PROTO_LIST((ssl_obj * ssl,
@ -124,14 +136,13 @@ static int ssl_generate_session_hash PROTO_LIST((ssl_obj *ssl,
static int ssl_read_key_log_file PROTO_LIST((ssl_obj * obj, ssl_decoder *d)); static int ssl_read_key_log_file PROTO_LIST((ssl_obj * obj, ssl_decoder *d));
#endif #endif
static int ssl_create_session_lookup_key PROTO_LIST((ssl_obj *ssl, static int ssl_create_session_lookup_key PROTO_LIST(
UCHAR *id,UINT4 idlen,UCHAR **keyp,UINT4 *keyl)); (ssl_obj * ssl, UCHAR *id, UINT4 idlen, UCHAR **keyp, UINT4 *keyl));
int ssl_save_session PROTO_LIST((ssl_obj * ssl, ssl_decoder *d)); int ssl_save_session PROTO_LIST((ssl_obj * ssl, ssl_decoder *d));
int ssl_restore_session PROTO_LIST((ssl_obj * ssl, ssl_decoder *d)); int ssl_restore_session PROTO_LIST((ssl_obj * ssl, ssl_decoder *d));
/*The password code is not thread safe*/ /*The password code is not thread safe*/
static int password_cb(char *buf,int num,int rwflag,void *userdata) static int password_cb(char *buf, int num, int rwflag, void *userdata) {
{
if(num < strlen(ssl_password) + 1) if(num < strlen(ssl_password) + 1)
return (0); return (0);
@ -139,9 +150,10 @@ static int password_cb(char *buf,int num,int rwflag,void *userdata)
return (strlen(ssl_password)); return (strlen(ssl_password));
} }
int int ssl_decode_ctx_create(ssl_decode_ctx **dp,
ssl_decode_ctx_create (ssl_decode_ctx **dp, char *keyfile, char *pass, char *keylogfile) char *keyfile,
{ char *pass,
char *keylogfile) {
#ifdef OPENSSL #ifdef OPENSSL
ssl_decode_ctx *d = 0; ssl_decode_ctx *d = 0;
int _status; int _status;
@ -163,7 +175,8 @@ ssl_decode_ctx_create (ssl_decode_ctx **dp, char *keyfile, char *pass, char *key
ABORT(R_INTERNAL); ABORT(R_INTERNAL);
} }
#endif #endif
if(SSL_CTX_use_PrivateKey_file(d->ssl_ctx,keyfile,SSL_FILETYPE_PEM)!=1){ if(SSL_CTX_use_PrivateKey_file(d->ssl_ctx, keyfile, SSL_FILETYPE_PEM) !=
1) {
fprintf(stderr, "Problem loading private key\n"); fprintf(stderr, "Problem loading private key\n");
ABORT(R_INTERNAL); ABORT(R_INTERNAL);
} }
@ -194,12 +207,11 @@ ssl_decode_ctx_create (ssl_decode_ctx **dp, char *keyfile, char *pass, char *key
#endif #endif
} }
int int ssl_decode_ctx_destroy(ssl_decode_ctx **dp) {
ssl_decode_ctx_destroy (ssl_decode_ctx **dp)
{
#ifdef OPENSSL #ifdef OPENSSL
ssl_decode_ctx *d = *dp; ssl_decode_ctx *d = *dp;
if (!d) return 0; if(!d)
return 0;
if(d->ssl_key_log_file) { if(d->ssl_key_log_file) {
fclose(d->ssl_key_log_file); fclose(d->ssl_key_log_file);
} }
@ -214,9 +226,7 @@ ssl_decode_ctx_destroy (ssl_decode_ctx **dp)
return (0); return (0);
} }
int int ssl_decoder_create(ssl_decoder **dp, ssl_decode_ctx *ctx) {
ssl_decoder_create (ssl_decoder **dp, ssl_decode_ctx *ctx)
{
int _status; int _status;
ssl_decoder *d = 0; ssl_decoder *d = 0;
@ -237,9 +247,7 @@ ssl_decoder_create (ssl_decoder **dp, ssl_decode_ctx *ctx)
#endif #endif
} }
int int ssl_decoder_destroy(ssl_decoder **dp) {
ssl_decoder_destroy (ssl_decoder **dp)
{
#ifdef OPENSSL #ifdef OPENSSL
ssl_decoder *d; ssl_decoder *d;
@ -263,9 +271,7 @@ ssl_decoder_destroy (ssl_decoder **dp)
return (0); return (0);
} }
int int ssl_set_client_random(ssl_decoder *d, UCHAR *msg, int len) {
ssl_set_client_random (ssl_decoder *d, UCHAR *msg, int len)
{
#ifdef OPENSSL #ifdef OPENSSL
int r; int r;
@ -276,9 +282,7 @@ ssl_set_client_random (ssl_decoder *d, UCHAR *msg, int len)
return (0); return (0);
} }
int int ssl_set_server_random(ssl_decoder *d, UCHAR *msg, int len) {
ssl_set_server_random (ssl_decoder *d, UCHAR *msg, int len)
{
#ifdef OPENSSL #ifdef OPENSSL
int r; int r;
@ -289,9 +293,7 @@ ssl_set_server_random (ssl_decoder *d, UCHAR *msg, int len)
return (0); return (0);
} }
int int ssl_set_client_session_id(ssl_decoder *d, UCHAR *msg, int len) {
ssl_set_client_session_id (ssl_decoder *d, UCHAR *msg, int len)
{
#ifdef OPENSSL #ifdef OPENSSL
int r; int r;
@ -304,9 +306,10 @@ ssl_set_client_session_id (ssl_decoder *d, UCHAR *msg, int len)
return (0); return (0);
} }
int int ssl_process_server_session_id(ssl_obj *ssl,
ssl_process_server_session_id (ssl_obj *ssl, ssl_decoder *d, UCHAR *msg, int len) ssl_decoder *d,
{ UCHAR *msg,
int len) {
#ifdef OPENSSL #ifdef OPENSSL
int r, _status; int r, _status;
Data idd; Data idd;
@ -315,7 +318,8 @@ ssl_process_server_session_id (ssl_obj *ssl, ssl_decoder *d, UCHAR *msg, int len
INIT_DATA(idd, msg, len); INIT_DATA(idd, msg, len);
if(ssl->version == TLSV13_VERSION) { if(ssl->version == TLSV13_VERSION) {
// No need to save/restore session in tls1.3 since the only way of decrypting is through log file // No need to save/restore session in tls1.3 since the only way of
// decrypting is through log file
} else { } else {
/* First check to see if the client tried to restore */ /* First check to see if the client tried to restore */
if(d->session_id) { if(d->session_id) {
@ -346,34 +350,31 @@ ssl_process_server_session_id (ssl_obj *ssl, ssl_decoder *d, UCHAR *msg, int len
#endif #endif
} }
int int ssl_process_client_session_id(ssl_obj *ssl,
ssl_process_client_session_id (ssl_obj *ssl, ssl_decoder *d, UCHAR *msg, int len) ssl_decoder *d,
{ UCHAR *msg,
int len) {
#ifdef OPENSSL #ifdef OPENSSL
int _status; int _status;
/* First check if the client set session id */ /* First check if the client set session id */
//todo: check that session_id in decoder and msg are the same (and if not then take from msg?) // todo: check that session_id in decoder and msg are the same (and if not
if(d->session_id) // then take from msg?)
{ if(d->session_id) {
/* Remove the master secret */ /* Remove the master secret */
// todo: better save and destroy only when successfully read key log // todo: better save and destroy only when successfully read key log
r_data_destroy(&d->MS); r_data_destroy(&d->MS);
if(d->ctx->ssl_key_log_file && (ssl_read_key_log_file(ssl, d)==0) && d->MS) if(d->ctx->ssl_key_log_file && (ssl_read_key_log_file(ssl, d) == 0) &&
{ d->MS) {
// we found master secret for session in keylog // we found master secret for session in keylog
// try to save session // try to save session
_status = ssl_save_session(ssl, d); _status = ssl_save_session(ssl, d);
} } else {
else
{
// just return error // just return error
_status = -1; _status = -1;
} }
} } else {
else
{
_status = -1; _status = -1;
} }
return (_status); return (_status);
@ -384,7 +385,8 @@ ssl_process_client_session_id (ssl_obj *ssl, ssl_decoder *d, UCHAR *msg, int len
int ssl_process_handshake_finished(ssl_obj *ssl, ssl_decoder *dec, Data *data) { int ssl_process_handshake_finished(ssl_obj *ssl, ssl_decoder *dec, Data *data) {
if(ssl->version == TLSV13_VERSION) { if(ssl->version == TLSV13_VERSION) {
if (ssl->direction==DIR_I2R){ // Change from handshake decoder to data traffic decoder if(ssl->direction ==
DIR_I2R) { // Change from handshake decoder to data traffic decoder
dec->c_to_s = dec->c_to_s_n; dec->c_to_s = dec->c_to_s_n;
dec->c_to_s_n = 0; dec->c_to_s_n = 0;
} else { } else {
@ -394,28 +396,32 @@ int ssl_process_handshake_finished(ssl_obj* ssl,ssl_decoder *dec, Data *data){
} }
} }
int int ssl_process_change_cipher_spec(ssl_obj *ssl,
ssl_process_change_cipher_spec (ssl_obj *ssl, ssl_decoder *d, int direction) ssl_decoder *d,
{ int direction) {
#ifdef OPENSSL #ifdef OPENSSL
if(ssl->version != TLSV13_VERSION) { if(ssl->version != TLSV13_VERSION) {
if(direction == DIR_I2R) { if(direction == DIR_I2R) {
d->c_to_s = d->c_to_s_n; d->c_to_s = d->c_to_s_n;
d->c_to_s_n = 0; d->c_to_s_n = 0;
if(d->c_to_s) ssl->process_ciphertext |= direction; if(d->c_to_s)
} ssl->process_ciphertext |= direction;
else { } else {
d->s_to_c = d->s_to_c_n; d->s_to_c = d->s_to_c_n;
d->s_to_c_n = 0; d->s_to_c_n = 0;
if(d->s_to_c) ssl->process_ciphertext |= direction; if(d->s_to_c)
ssl->process_ciphertext |= direction;
} }
} }
#endif #endif
return (0); return (0);
} }
int int ssl_decode_record(ssl_obj *ssl,
ssl_decode_record (ssl_obj *ssl, ssl_decoder *dec, int direction, int ct, int version, Data *d) ssl_decoder *dec,
{ int direction,
int ct,
int version,
Data *d) {
ssl_rec_decoder *rd; ssl_rec_decoder *rd;
UCHAR *out; UCHAR *out;
int outl; int outl;
@ -428,15 +434,15 @@ ssl_decode_record (ssl_obj *ssl, ssl_decoder *dec, int direction, int ct, int ve
rd = 0; rd = 0;
state = (direction == DIR_I2R) ? ssl->i_state : ssl->r_state; state = (direction == DIR_I2R) ? ssl->i_state : ssl->r_state;
if (ssl->version == TLSV13_VERSION && ct != 23) { // Only type 23 is encrypted in tls1.3 if(ssl->version == TLSV13_VERSION &&
ct != 23) { // Only type 23 is encrypted in tls1.3
ssl->record_encryption = REC_PLAINTEXT; ssl->record_encryption = REC_PLAINTEXT;
return 0; return 0;
} else if(!rd) { } else if(!rd) {
if(state & SSL_ST_SENT_CHANGE_CIPHER_SPEC) { if(state & SSL_ST_SENT_CHANGE_CIPHER_SPEC) {
ssl->record_encryption = REC_CIPHERTEXT; ssl->record_encryption = REC_CIPHERTEXT;
return (SSL_NO_DECRYPT); return (SSL_NO_DECRYPT);
} } else {
else {
ssl->record_encryption = REC_PLAINTEXT; ssl->record_encryption = REC_PLAINTEXT;
return (0); return (0);
} }
@ -448,7 +454,8 @@ ssl_decode_record (ssl_obj *ssl, ssl_decoder *dec, int direction, int ct, int ve
ABORT(R_NO_MEMORY); ABORT(R_NO_MEMORY);
if(ssl->version == TLSV13_VERSION) { if(ssl->version == TLSV13_VERSION) {
r=tls13_decode_rec_data(ssl,rd,ct,version,d->data,d->len,out,&outl); r = tls13_decode_rec_data(ssl, rd, ct, version, d->data, d->len, out,
&outl);
} else { } else {
r = ssl_decode_rec_data(ssl, rd, ct, version, d->data, d->len, out, &outl); r = ssl_decode_rec_data(ssl, rd, ct, version, d->data, d->len, out, &outl);
} }
@ -470,9 +477,7 @@ ssl_decode_record (ssl_obj *ssl, ssl_decoder *dec, int direction, int ct, int ve
#endif #endif
} }
int int ssl_update_handshake_messages(ssl_obj *ssl, Data *data) {
ssl_update_handshake_messages (ssl_obj *ssl, Data *data)
{
#ifdef OPENSSL #ifdef OPENSSL
Data *hms; Data *hms;
UCHAR *d; UCHAR *d;
@ -488,20 +493,20 @@ ssl_update_handshake_messages (ssl_obj *ssl, Data *data)
memcpy(hms->data + hms->len, d, l); memcpy(hms->data + hms->len, d, l);
hms->len += l; hms->len += l;
} } else {
else{
if((r = r_data_create(&hms, d, l))) if((r = r_data_create(&hms, d, l)))
ERETURN(r); ERETURN(r);
ssl->decoder->handshake_messages = hms; ssl->decoder->handshake_messages = hms;
} }
#endif #endif
return (0); return (0);
} }
static int static int ssl_create_session_lookup_key(ssl_obj *ssl,
ssl_create_session_lookup_key (ssl_obj *ssl, UCHAR *id, UINT4 idlen, UCHAR **keyp, UINT4 *keyl) UCHAR *id,
{ UINT4 idlen,
UCHAR **keyp,
UINT4 *keyl) {
UCHAR *key = 0; UCHAR *key = 0;
UINT4 l; UINT4 l;
int _status; int _status;
@ -526,21 +531,19 @@ ssl_create_session_lookup_key (ssl_obj *ssl, UCHAR *id, UINT4 idlen, UCHAR **key
/* Look up the session id in the session cache and generate /* Look up the session id in the session cache and generate
the appropriate keying material */ the appropriate keying material */
int int ssl_restore_session(ssl_obj *ssl, ssl_decoder *d) {
ssl_restore_session (ssl_obj *ssl, ssl_decoder *d)
{
UCHAR *lookup_key = 0; UCHAR *lookup_key = 0;
void *msv; void *msv;
Data *msd; Data *msd;
int lookup_key_len; int lookup_key_len;
int r, _status; int r, _status;
#ifdef OPENSSL #ifdef OPENSSL
if((r=ssl_create_session_lookup_key(ssl, if((r = ssl_create_session_lookup_key(ssl, d->session_id->data,
d->session_id->data,d->session_id->len,&lookup_key, d->session_id->len, &lookup_key,
(UINT4 *)&lookup_key_len))) (UINT4 *)&lookup_key_len)))
ABORT(r); ABORT(r);
if((r=r_assoc_fetch(d->ctx->session_cache,(char *) lookup_key,lookup_key_len, if((r = r_assoc_fetch(d->ctx->session_cache, (char *)lookup_key,
&msv))) lookup_key_len, &msv)))
ABORT(r); ABORT(r);
msd = (Data *)msv; msd = (Data *)msv;
if((r = r_data_create(&d->MS, msd->data, msd->len))) if((r = r_data_create(&d->MS, msd->data, msd->len)))
@ -570,9 +573,7 @@ ssl_restore_session (ssl_obj *ssl, ssl_decoder *d)
/* Look up the session id in the session cache and generate /* Look up the session id in the session cache and generate
the appropriate keying material */ the appropriate keying material */
int int ssl_save_session(ssl_obj *ssl, ssl_decoder *d) {
ssl_save_session (ssl_obj *ssl, ssl_decoder *d)
{
#ifdef OPENSSL #ifdef OPENSSL
UCHAR *lookup_key = 0; UCHAR *lookup_key = 0;
Data *msd = 0; Data *msd = 0;
@ -585,8 +586,9 @@ ssl_save_session (ssl_obj *ssl, ssl_decoder *d)
ABORT(r); ABORT(r);
if((r = r_data_create(&msd, d->MS->data, d->MS->len))) if((r = r_data_create(&msd, d->MS->data, d->MS->len)))
ABORT(r); ABORT(r);
if((r=r_assoc_insert(d->ctx->session_cache,(char *)lookup_key,lookup_key_len, if((r = r_assoc_insert(d->ctx->session_cache, (char *)lookup_key,
(void *)msd,0,(int (*)(void *))r_data_zfree, lookup_key_len, (void *)msd, 0,
(int (*)(void *))r_data_zfree,
R_ASSOC_NEW | R_ASSOC_REPLACE))) R_ASSOC_NEW | R_ASSOC_REPLACE)))
ABORT(r); ABORT(r);
@ -604,9 +606,10 @@ ssl_save_session (ssl_obj *ssl, ssl_decoder *d)
/* This only works with RSA because the other cipher suites /* This only works with RSA because the other cipher suites
offer PFS. Yuck. */ offer PFS. Yuck. */
int int ssl_process_client_key_exchange(ssl_obj *ssl,
ssl_process_client_key_exchange (ssl_obj *ssl, ssl_decoder *d, UCHAR *msg, int len) ssl_decoder *d,
{ UCHAR *msg,
int len) {
#ifdef OPENSSL #ifdef OPENSSL
int r, _status; int r, _status;
int i; int i;
@ -618,9 +621,7 @@ ssl_process_client_key_exchange (ssl_obj *ssl, ssl_decoder *d, UCHAR *msg, int l
case we're renegotiating */ case we're renegotiating */
r_data_destroy(&d->MS); r_data_destroy(&d->MS);
if(!d->ctx->ssl_key_log_file || if(!d->ctx->ssl_key_log_file || ssl_read_key_log_file(ssl, d) || !d->MS) {
ssl_read_key_log_file(ssl,d) ||
!d->MS){
if(ssl->cs->kex != KEX_RSA) if(ssl->cs->kex != KEX_RSA)
return (-1); return (-1);
@ -638,8 +639,8 @@ ssl_process_client_key_exchange (ssl_obj *ssl, ssl_decoder *d, UCHAR *msg, int l
if((r = r_data_alloc(&d->PMS, BN_num_bytes(n)))) if((r = r_data_alloc(&d->PMS, BN_num_bytes(n))))
ABORT(r); ABORT(r);
i=RSA_private_decrypt(len,msg,d->PMS->data, i = RSA_private_decrypt(len, msg, d->PMS->data, EVP_PKEY_get0_RSA(pk),
EVP_PKEY_get0_RSA(pk),RSA_PKCS1_PADDING); RSA_PKCS1_PADDING);
if(i != 48) if(i != 48)
ABORT(SSL_BAD_PMS); ABORT(SSL_BAD_PMS);
@ -661,7 +662,6 @@ ssl_process_client_key_exchange (ssl_obj *ssl, ssl_decoder *d, UCHAR *msg, int l
ABORT(SSL_CANT_DO_CIPHER); ABORT(SSL_CANT_DO_CIPHER);
} }
/* Now store the data in the session cache */ /* Now store the data in the session cache */
if((r = ssl_save_session(ssl, d))) if((r = ssl_save_session(ssl, d)))
ABORT(r); ABORT(r);
@ -672,17 +672,14 @@ ssl_process_client_key_exchange (ssl_obj *ssl, ssl_decoder *d, UCHAR *msg, int l
#else #else
return 0; return 0;
#endif #endif
} }
#ifdef OPENSSL #ifdef OPENSSL
static int tls_P_hash(ssl_obj *ssl, static int tls_P_hash(ssl_obj *ssl,
Data *secret, Data *secret,
Data *seed, Data *seed,
const EVP_MD *md, const EVP_MD *md,
Data *out) Data *out) {
{
UCHAR *ptr = out->data; UCHAR *ptr = out->data;
int left = out->len; int left = out->len;
int tocpy; int tocpy;
@ -720,10 +717,12 @@ static int tls_P_hash(ssl_obj *ssl,
return (0); return (0);
} }
static int tls_prf(ssl_obj *ssl,
static int Data *secret,
tls_prf (ssl_obj *ssl, Data *secret, char *usage, Data *rnd1, Data *rnd2, Data *out) char *usage,
{ Data *rnd1,
Data *rnd2,
Data *out) {
int r, _status; int r, _status;
Data *md5_out = 0, *sha_out = 0; Data *md5_out = 0, *sha_out = 0;
Data *seed; Data *seed;
@ -738,9 +737,12 @@ tls_prf (ssl_obj *ssl, Data *secret, char *usage, Data *rnd1, Data *rnd2, Data *
if((r = r_data_alloc(&seed, strlen(usage) + rnd1->len + rnd2->len))) if((r = r_data_alloc(&seed, strlen(usage) + rnd1->len + rnd2->len)))
ABORT(r); ABORT(r);
ptr = seed->data; ptr = seed->data;
memcpy(ptr,usage,strlen(usage)); ptr+=strlen(usage); memcpy(ptr, usage, strlen(usage));
memcpy(ptr,rnd1->data,rnd1->len); ptr+=rnd1->len; ptr += strlen(usage);
memcpy(ptr,rnd2->data,rnd2->len); ptr+=rnd2->len; memcpy(ptr, rnd1->data, rnd1->len);
ptr += rnd1->len;
memcpy(ptr, rnd2->data, rnd2->len);
ptr += rnd2->len;
S_l = secret->len / 2 + secret->len % 2; S_l = secret->len / 2 + secret->len % 2;
@ -752,13 +754,11 @@ tls_prf (ssl_obj *ssl, Data *secret, char *usage, Data *rnd1, Data *rnd2, Data *
memcpy(S1->data, secret->data, S_l); memcpy(S1->data, secret->data, S_l);
memcpy(S2->data, secret->data + (secret->len - S_l), S_l); memcpy(S2->data, secret->data + (secret->len - S_l), S_l);
if((r=tls_P_hash if((r = tls_P_hash(ssl, S1, seed, EVP_get_digestbyname("MD5"), md5_out)))
(ssl,S1,seed,EVP_get_digestbyname("MD5"),md5_out)))
ABORT(r); ABORT(r);
if((r = tls_P_hash(ssl, S2, seed, EVP_get_digestbyname("SHA1"), sha_out))) if((r = tls_P_hash(ssl, S2, seed, EVP_get_digestbyname("SHA1"), sha_out)))
ABORT(r); ABORT(r);
for(i = 0; i < out->len; i++) for(i = 0; i < out->len; i++)
out->data[i] = md5_out->data[i] ^ sha_out->data[i]; out->data[i] = md5_out->data[i] ^ sha_out->data[i];
@ -771,11 +771,14 @@ tls_prf (ssl_obj *ssl, Data *secret, char *usage, Data *rnd1, Data *rnd2, Data *
r_data_destroy(&S1); r_data_destroy(&S1);
r_data_destroy(&S2); r_data_destroy(&S2);
return (_status); return (_status);
} }
static int static int tls12_prf(ssl_obj *ssl,
tls12_prf (ssl_obj *ssl, Data *secret, char *usage, Data *rnd1, Data *rnd2, Data *out) Data *secret,
char *usage,
Data *rnd1,
Data *rnd2,
Data *out)
{ {
const EVP_MD *md; const EVP_MD *md;
@ -790,9 +793,12 @@ tls12_prf (ssl_obj *ssl, Data *secret, char *usage, Data *rnd1, Data *rnd2, Data
if((r = r_data_alloc(&seed, strlen(usage) + rnd1->len + rnd2->len))) if((r = r_data_alloc(&seed, strlen(usage) + rnd1->len + rnd2->len)))
ABORT(r); ABORT(r);
ptr = seed->data; ptr = seed->data;
memcpy(ptr,usage,strlen(usage)); ptr+=strlen(usage); memcpy(ptr, usage, strlen(usage));
memcpy(ptr,rnd1->data,rnd1->len); ptr+=rnd1->len; ptr += strlen(usage);
memcpy(ptr,rnd2->data,rnd2->len); ptr+=rnd2->len; memcpy(ptr, rnd1->data, rnd1->len);
ptr += rnd1->len;
memcpy(ptr, rnd2->data, rnd2->len);
ptr += rnd2->len;
/* Earlier versions of openssl didn't have SHA256 of course... */ /* Earlier versions of openssl didn't have SHA256 of course... */
dgi = MAX(DIG_SHA256, ssl->cs->dig); dgi = MAX(DIG_SHA256, ssl->cs->dig);
@ -814,12 +820,12 @@ tls12_prf (ssl_obj *ssl, Data *secret, char *usage, Data *rnd1, Data *rnd2, Data
r_data_destroy(&sha_out); r_data_destroy(&sha_out);
r_data_destroy(&seed); r_data_destroy(&seed);
return (_status); return (_status);
} }
static int static int ssl3_generate_export_iv(ssl_obj *ssl,
ssl3_generate_export_iv (ssl_obj *ssl, Data *r1, Data *r2, Data *out) Data *r1,
{ Data *r2,
Data *out) {
MD5_CTX md5; MD5_CTX md5;
UCHAR tmp[16]; UCHAR tmp[16];
@ -833,9 +839,12 @@ ssl3_generate_export_iv (ssl_obj *ssl, Data *r1, Data *r2, Data *out)
return (0); return (0);
} }
static int static int ssl3_prf(ssl_obj *ssl,
ssl3_prf (ssl_obj *ssl, Data *secret, char *usage, Data *r1, Data *r2, Data *out) Data *secret,
{ char *usage,
Data *r1,
Data *r2,
Data *out) {
MD5_CTX md5; MD5_CTX md5;
SHA_CTX sha; SHA_CTX sha;
Data *rnd1, *rnd2; Data *rnd1, *rnd2;
@ -843,7 +852,8 @@ ssl3_prf (ssl_obj *ssl, Data *secret, char *usage, Data *r1, Data *r2, Data *out
int i = 0, j; int i = 0, j;
UCHAR buf[20]; UCHAR buf[20];
rnd1=r1; rnd2=r2; rnd1 = r1;
rnd2 = r2;
CRDUMPD("Secret", secret); CRDUMPD("Secret", secret);
CRDUMPD("RND1", rnd1); CRDUMPD("RND1", rnd1);
@ -865,16 +875,17 @@ ssl3_prf (ssl_obj *ssl, Data *secret, char *usage, Data *r1, Data *r2, Data *out
SHA1_Update(&sha, buf, i); SHA1_Update(&sha, buf, i);
CRDUMP("BUF", buf, i); CRDUMP("BUF", buf, i);
if(secret) SHA1_Update(&sha,secret->data,secret->len); if(secret)
SHA1_Update(&sha, secret->data, secret->len);
CRDUMPD("secret", secret); CRDUMPD("secret", secret);
if(!strcmp(usage,"client write key") || !strcmp(usage,"server write key")){ if(!strcmp(usage, "client write key") ||
!strcmp(usage, "server write key")) {
SHA1_Update(&sha, rnd2->data, rnd2->len); SHA1_Update(&sha, rnd2->data, rnd2->len);
CRDUMPD("rnd2", rnd2); CRDUMPD("rnd2", rnd2);
SHA1_Update(&sha, rnd1->data, rnd1->len); SHA1_Update(&sha, rnd1->data, rnd1->len);
CRDUMPD("rnd1", rnd1); CRDUMPD("rnd1", rnd1);
} } else {
else{
SHA1_Update(&sha, rnd1->data, rnd1->len); SHA1_Update(&sha, rnd1->data, rnd1->len);
CRDUMPD("rnd1", rnd1); CRDUMPD("rnd1", rnd1);
SHA1_Update(&sha, rnd2->data, rnd2->len); SHA1_Update(&sha, rnd2->data, rnd2->len);
@ -899,15 +910,14 @@ ssl3_prf (ssl_obj *ssl, Data *secret, char *usage, Data *r1, Data *r2, Data *out
return (0); return (0);
} }
static int static int ssl_generate_keying_material(ssl_obj *ssl, ssl_decoder *d) {
ssl_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
{
Data *key_block = 0, temp; Data *key_block = 0, temp;
UCHAR _iv_c[8], _iv_s[8]; UCHAR _iv_c[8], _iv_s[8];
UCHAR _key_c[16], _key_s[16]; UCHAR _key_c[16], _key_s[16];
int needed; int needed;
int r, _status; int r, _status;
UCHAR *ptr,*c_wk,*s_wk,*c_mk=NULL,*s_mk=NULL,*c_iv=NULL,*s_iv=NULL; UCHAR *ptr, *c_wk, *s_wk, *c_mk = NULL, *s_mk = NULL, *c_iv = NULL,
*s_iv = NULL;
if(!d->MS) { if(!d->MS) {
if((r = r_data_alloc(&d->MS, 48))) if((r = r_data_alloc(&d->MS, 48)))
@ -921,10 +931,8 @@ ssl_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
if((r = PRF(ssl, d->PMS, "extended master secret", d->session_hash, &temp, if((r = PRF(ssl, d->PMS, "extended master secret", d->session_hash, &temp,
d->MS))) d->MS)))
ABORT(r); ABORT(r);
} } else if((r = PRF(ssl, d->PMS, "master secret", d->client_random,
else d->server_random, d->MS)))
if((r=PRF(ssl,d->PMS,"master secret",d->client_random,d->server_random,
d->MS)))
ABORT(r); ABORT(r);
CRDUMPD("MS", d->MS); CRDUMPD("MS", d->MS);
@ -935,8 +943,8 @@ ssl_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
/* Ideally find a cleaner way to check for AEAD cipher */ /* Ideally find a cleaner way to check for AEAD cipher */
needed = !IS_AEAD_CIPHER(ssl->cs) ? ssl->cs->dig_len * 2 : 0; needed = !IS_AEAD_CIPHER(ssl->cs) ? ssl->cs->dig_len * 2 : 0;
needed += ssl->cs->bits / 4; needed += ssl->cs->bits / 4;
if(ssl->cs->block>1) needed+=ssl->cs->block*2; if(ssl->cs->block > 1)
needed += ssl->cs->block * 2;
if((r = r_data_alloc(&key_block, needed))) if((r = r_data_alloc(&key_block, needed)))
ABORT(r); ABORT(r);
@ -947,16 +955,22 @@ ssl_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
ptr = key_block->data; ptr = key_block->data;
/* Ideally find a cleaner way to check for AEAD cipher */ /* Ideally find a cleaner way to check for AEAD cipher */
if(!IS_AEAD_CIPHER(ssl->cs)) { if(!IS_AEAD_CIPHER(ssl->cs)) {
c_mk=ptr; ptr+=ssl->cs->dig_len; c_mk = ptr;
s_mk=ptr; ptr+=ssl->cs->dig_len; ptr += ssl->cs->dig_len;
s_mk = ptr;
ptr += ssl->cs->dig_len;
} }
c_wk=ptr; ptr+=ssl->cs->eff_bits/8; c_wk = ptr;
s_wk=ptr; ptr+=ssl->cs->eff_bits/8; ptr += ssl->cs->eff_bits / 8;
s_wk = ptr;
ptr += ssl->cs->eff_bits / 8;
if(ssl->cs->block > 1) { if(ssl->cs->block > 1) {
c_iv=ptr; ptr+=ssl->cs->block; c_iv = ptr;
s_iv=ptr; ptr+=ssl->cs->block; ptr += ssl->cs->block;
s_iv = ptr;
ptr += ssl->cs->block;
} }
if(ssl->cs->export) { if(ssl->cs->export) {
@ -969,14 +983,13 @@ ssl_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
ATTACH_DATA(iv_s, _iv_s); ATTACH_DATA(iv_s, _iv_s);
if(ssl->version == SSLV3_VERSION) { if(ssl->version == SSLV3_VERSION) {
if((r=ssl3_generate_export_iv(ssl,d->client_random, if((r = ssl3_generate_export_iv(ssl, d->client_random, d->server_random,
d->server_random,&iv_c))) &iv_c)))
ABORT(r); ABORT(r);
if((r=ssl3_generate_export_iv(ssl,d->server_random, if((r = ssl3_generate_export_iv(ssl, d->server_random, d->client_random,
d->client_random,&iv_s))) &iv_s)))
ABORT(r); ABORT(r);
} } else {
else{
UCHAR _iv_block[16]; UCHAR _iv_block[16];
Data iv_block; Data iv_block;
Data key_null; Data key_null;
@ -1019,18 +1032,17 @@ ssl_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
MD5_Update(&md5, d->client_random->data, d->client_random->len); MD5_Update(&md5, d->client_random->data, d->client_random->len);
MD5_Final(_key_s, &md5); MD5_Final(_key_s, &md5);
s_wk = _key_s; s_wk = _key_s;
} } else {
else{
ATTACH_DATA(key_c, _key_c); ATTACH_DATA(key_c, _key_c);
ATTACH_DATA(key_s, _key_s); ATTACH_DATA(key_s, _key_s);
INIT_DATA(k, c_wk, ssl->cs->eff_bits / 8); INIT_DATA(k, c_wk, ssl->cs->eff_bits / 8);
if((r=PRF(ssl,&k,"client write key",d->client_random,d->server_random, if((r = PRF(ssl, &k, "client write key", d->client_random,
&key_c))) d->server_random, &key_c)))
ABORT(r); ABORT(r);
c_wk = _key_c; c_wk = _key_c;
INIT_DATA(k, s_wk, ssl->cs->eff_bits / 8); INIT_DATA(k, s_wk, ssl->cs->eff_bits / 8);
if((r=PRF(ssl,&k,"server write key",d->client_random,d->server_random, if((r = PRF(ssl, &k, "server write key", d->client_random,
&key_s))) d->server_random, &key_s)))
ABORT(r); ABORT(r);
s_wk = _key_s; s_wk = _key_s;
} }
@ -1048,14 +1060,11 @@ ssl_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
CRDUMP("Server Write IV", s_iv, ssl->cs->block); CRDUMP("Server Write IV", s_iv, ssl->cs->block);
} }
if((r=ssl_create_rec_decoder(&d->c_to_s_n, if((r = ssl_create_rec_decoder(&d->c_to_s_n, ssl, c_mk, c_wk, c_iv)))
ssl,c_mk,c_wk,c_iv)))
ABORT(r); ABORT(r);
if((r=ssl_create_rec_decoder(&d->s_to_c_n, if((r = ssl_create_rec_decoder(&d->s_to_c_n, ssl, s_mk, s_wk, s_iv)))
ssl,s_mk,s_wk,s_iv)))
ABORT(r); ABORT(r);
_status = 0; _status = 0;
abort: abort:
if(key_block) { if(key_block) {
@ -1071,8 +1080,7 @@ static int hkdf_expand_label(ssl_obj *ssl,
char *label, char *label,
Data *context, Data *context,
uint16_t length, uint16_t length,
UCHAR **out) UCHAR **out) {
{
int r; int r;
size_t outlen = length; size_t outlen = length;
EVP_PKEY_CTX *pctx; EVP_PKEY_CTX *pctx;
@ -1110,7 +1118,8 @@ static int hkdf_expand_label(ssl_obj *ssl,
fprintf(stderr, "EVP_PKEY_CTX_hkdf_mode failed\n"); fprintf(stderr, "EVP_PKEY_CTX_hkdf_mode failed\n");
goto abort; goto abort;
} }
if (EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_get_digestbyname(digests[ssl->cs->dig-0x40])) <= 0) { if(EVP_PKEY_CTX_set_hkdf_md(
pctx, EVP_get_digestbyname(digests[ssl->cs->dig - 0x40])) <= 0) {
fprintf(stderr, "EVP_PKEY_CTX_set_hkdf_md failed\n"); fprintf(stderr, "EVP_PKEY_CTX_set_hkdf_md failed\n");
goto abort; goto abort;
} }
@ -1135,9 +1144,9 @@ abort:
} }
// Will update the keys for the particular direction // Will update the keys for the particular direction
int int ssl_tls13_update_keying_material(ssl_obj *ssl,
ssl_tls13_update_keying_material (ssl_obj *ssl, ssl_decoder *d, int direction) ssl_decoder *d,
{ int direction) {
Data *secret; Data *secret;
ssl_rec_decoder *decoder; ssl_rec_decoder *decoder;
UCHAR *newsecret; UCHAR *newsecret;
@ -1151,28 +1160,28 @@ ssl_tls13_update_keying_material (ssl_obj *ssl, ssl_decoder *d, int direction)
secret = d->STS; secret = d->STS;
decoder = d->s_to_c; decoder = d->s_to_c;
} }
hkdf_expand_label(ssl, d, secret, "traffic upd", NULL, ssl->cs->dig_len, &newsecret); hkdf_expand_label(ssl, d, secret, "traffic upd", NULL, ssl->cs->dig_len,
&newsecret);
secret->data = newsecret; secret->data = newsecret;
hkdf_expand_label(ssl, d, secret, "key", NULL, ssl->cs->eff_bits/8, &newkey); hkdf_expand_label(ssl, d, secret, "key", NULL, ssl->cs->eff_bits / 8,
&newkey);
hkdf_expand_label(ssl, d, secret, "iv", NULL, 12, &newiv); hkdf_expand_label(ssl, d, secret, "iv", NULL, 12, &newiv);
tls13_update_rec_key(decoder, newkey, newiv); tls13_update_rec_key(decoder, newkey, newiv);
return 0; return 0;
} }
int int ssl_tls13_generate_keying_material(ssl_obj *ssl, ssl_decoder *d) {
ssl_tls13_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
{
int r, _status; int r, _status;
Data out; Data out;
UCHAR *s_wk_h,*s_iv_h,*c_wk_h,*c_iv_h, UCHAR *s_wk_h, *s_iv_h, *c_wk_h, *c_iv_h, *s_wk, *s_iv, *c_wk, *c_iv;
*s_wk,*s_iv,*c_wk,*c_iv;
if(!(d->ctx->ssl_key_log_file && ssl_read_key_log_file(ssl, d) == 0 && if(!(d->ctx->ssl_key_log_file && ssl_read_key_log_file(ssl, d) == 0 &&
d->SHTS && d->CHTS && d->STS && d->CTS)) { d->SHTS && d->CHTS && d->STS && d->CTS)) {
ABORT(-1); ABORT(-1);
} }
// It is 12 for all ciphers // It is 12 for all ciphers
if (hkdf_expand_label(ssl, d, d->SHTS, "key", NULL, ssl->cs->eff_bits/8, &s_wk_h)) { if(hkdf_expand_label(ssl, d, d->SHTS, "key", NULL, ssl->cs->eff_bits / 8,
&s_wk_h)) {
fprintf(stderr, "s_wk_h hkdf_expand_label failed\n"); fprintf(stderr, "s_wk_h hkdf_expand_label failed\n");
goto abort; goto abort;
} }
@ -1180,7 +1189,8 @@ ssl_tls13_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
fprintf(stderr, "s_iv_h hkdf_expand_label failed\n"); fprintf(stderr, "s_iv_h hkdf_expand_label failed\n");
goto abort; goto abort;
} }
if (hkdf_expand_label(ssl, d, d->CHTS, "key", NULL, ssl->cs->eff_bits/8, &c_wk_h)) { if(hkdf_expand_label(ssl, d, d->CHTS, "key", NULL, ssl->cs->eff_bits / 8,
&c_wk_h)) {
fprintf(stderr, "c_wk_h hkdf_expand_label failed\n"); fprintf(stderr, "c_wk_h hkdf_expand_label failed\n");
goto abort; goto abort;
} }
@ -1188,7 +1198,8 @@ ssl_tls13_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
fprintf(stderr, "c_iv_h hkdf_expand_label failed\n"); fprintf(stderr, "c_iv_h hkdf_expand_label failed\n");
goto abort; goto abort;
} }
if (hkdf_expand_label(ssl, d, d->STS, "key", NULL, ssl->cs->eff_bits/8, &s_wk)) { if(hkdf_expand_label(ssl, d, d->STS, "key", NULL, ssl->cs->eff_bits / 8,
&s_wk)) {
fprintf(stderr, "s_wk hkdf_expand_label failed\n"); fprintf(stderr, "s_wk hkdf_expand_label failed\n");
goto abort; goto abort;
} }
@ -1196,7 +1207,8 @@ ssl_tls13_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
fprintf(stderr, "s_iv hkdf_expand_label failed\n"); fprintf(stderr, "s_iv hkdf_expand_label failed\n");
goto abort; goto abort;
} }
if (hkdf_expand_label(ssl, d, d->CTS, "key", NULL, ssl->cs->eff_bits/8, &c_wk)) { if(hkdf_expand_label(ssl, d, d->CTS, "key", NULL, ssl->cs->eff_bits / 8,
&c_wk)) {
fprintf(stderr, "c_wk hkdf_expand_label failed\n"); fprintf(stderr, "c_wk hkdf_expand_label failed\n");
goto abort; goto abort;
} }
@ -1213,26 +1225,20 @@ ssl_tls13_generate_keying_material (ssl_obj *ssl, ssl_decoder *d)
CRDUMP("Client Write key", c_wk, ssl->cs->eff_bits / 8); CRDUMP("Client Write key", c_wk, ssl->cs->eff_bits / 8);
CRDUMP("Client IV", c_iv, 12); CRDUMP("Client IV", c_iv, 12);
if((r=ssl_create_rec_decoder(&d->c_to_s_n, if((r = ssl_create_rec_decoder(&d->c_to_s_n, ssl, NULL, c_wk, c_iv)))
ssl,NULL,c_wk,c_iv)))
ABORT(r); ABORT(r);
if((r=ssl_create_rec_decoder(&d->s_to_c_n, if((r = ssl_create_rec_decoder(&d->s_to_c_n, ssl, NULL, s_wk, s_iv)))
ssl,NULL,s_wk,s_iv)))
ABORT(r); ABORT(r);
if((r=ssl_create_rec_decoder(&d->c_to_s, if((r = ssl_create_rec_decoder(&d->c_to_s, ssl, NULL, c_wk_h, c_iv_h)))
ssl,NULL,c_wk_h,c_iv_h)))
ABORT(r); ABORT(r);
if((r=ssl_create_rec_decoder(&d->s_to_c, if((r = ssl_create_rec_decoder(&d->s_to_c, ssl, NULL, s_wk_h, s_iv_h)))
ssl,NULL,s_wk_h,s_iv_h)))
ABORT(r); ABORT(r);
return 0; return 0;
abort: abort:
return r; return r;
} }
static int static int ssl_generate_session_hash(ssl_obj *ssl, ssl_decoder *d) {
ssl_generate_session_hash (ssl_obj *ssl, ssl_decoder *d)
{
int r, _status, dgi; int r, _status, dgi;
unsigned int len; unsigned int len;
const EVP_MD *md; const EVP_MD *md;
@ -1251,20 +1257,26 @@ ssl_generate_session_hash (ssl_obj *ssl, ssl_decoder *d)
} }
EVP_DigestInit(dgictx, md); EVP_DigestInit(dgictx, md);
EVP_DigestUpdate(dgictx,d->handshake_messages->data,d->handshake_messages->len); EVP_DigestUpdate(dgictx, d->handshake_messages->data,
EVP_DigestFinal(dgictx,d->session_hash->data,(unsigned int *) &d->session_hash->len); d->handshake_messages->len);
EVP_DigestFinal(dgictx, d->session_hash->data,
(unsigned int *)&d->session_hash->len);
break; break;
case SSLV3_VERSION: case SSLV3_VERSION:
case TLSV1_VERSION: case TLSV1_VERSION:
case TLSV11_VERSION: case TLSV11_VERSION:
EVP_DigestInit(dgictx, EVP_get_digestbyname("MD5")); EVP_DigestInit(dgictx, EVP_get_digestbyname("MD5"));
EVP_DigestUpdate(dgictx,d->handshake_messages->data,d->handshake_messages->len); EVP_DigestUpdate(dgictx, d->handshake_messages->data,
EVP_DigestFinal_ex(dgictx,d->session_hash->data,(unsigned int *) &d->session_hash->len); d->handshake_messages->len);
EVP_DigestFinal_ex(dgictx, d->session_hash->data,
(unsigned int *)&d->session_hash->len);
EVP_DigestInit(dgictx, EVP_get_digestbyname("SHA1")); EVP_DigestInit(dgictx, EVP_get_digestbyname("SHA1"));
EVP_DigestUpdate(dgictx,d->handshake_messages->data,d->handshake_messages->len); EVP_DigestUpdate(dgictx, d->handshake_messages->data,
EVP_DigestFinal(dgictx,d->session_hash->data+d->session_hash->len,&len); d->handshake_messages->len);
EVP_DigestFinal(dgictx, d->session_hash->data + d->session_hash->len,
&len);
d->session_hash->len += len; d->session_hash->len += len;
break; break;
@ -1287,33 +1299,42 @@ static int read_hex_string(char *str, UCHAR *buf, int n) {
} }
return 0; return 0;
} }
static int static int ssl_read_key_log_file(ssl_obj *ssl, ssl_decoder *d) {
ssl_read_key_log_file (ssl_obj *ssl, ssl_decoder *d)
{
int r, _status, n, i; int r, _status, n, i;
unsigned int t; unsigned int t;
size_t l = 0; size_t l = 0;
char *line, *d_client_random, *label, *client_random, *secret; char *line, *d_client_random, *label, *client_random, *secret;
if (ssl->version==TLSV13_VERSION && !ssl->cs)// ssl->cs is not set when called from ssl_process_client_session_id if(ssl->version == TLSV13_VERSION &&
!ssl->cs) // ssl->cs is not set when called from
// ssl_process_client_session_id
ABORT(r); ABORT(r);
if(!(d_client_random = malloc((d->client_random->len * 2) + 1))) if(!(d_client_random = malloc((d->client_random->len * 2) + 1)))
ABORT(r); ABORT(r);
for(i = 0; i < d->client_random->len; i++) for(i = 0; i < d->client_random->len; i++)
if (snprintf(d_client_random + (i * 2), 3, "%02x", d->client_random->data[i]) != 2) if(snprintf(d_client_random + (i * 2), 3, "%02x",
d->client_random->data[i]) != 2)
ABORT(r); ABORT(r);
while((n = getline(&line, &l, d->ctx->ssl_key_log_file)) != -1) { while((n = getline(&line, &l, d->ctx->ssl_key_log_file)) != -1) {
if (line[n-1] =='\n') line[n-1] = '\0'; if(line[n - 1] == '\n')
if (!(label=strtok(line, " "))) continue; line[n - 1] = '\0';
if (!(client_random=strtok(NULL, " ")) || strlen(client_random)!=64 || STRNICMP(client_random, d_client_random, 64)) continue; if(!(label = strtok(line, " ")))
continue;
if(!(client_random = strtok(NULL, " ")) || strlen(client_random) != 64 ||
STRNICMP(client_random, d_client_random, 64))
continue;
secret = strtok(NULL, " "); secret = strtok(NULL, " ");
if (!(secret) || strlen(secret)!=(ssl->version==TLSV13_VERSION?ssl->cs->dig_len*2:96)) continue; if(!(secret) ||
strlen(secret) !=
(ssl->version == TLSV13_VERSION ? ssl->cs->dig_len * 2 : 96))
continue;
if(!strncmp(label, "CLIENT_RANDOM", 13)) { if(!strncmp(label, "CLIENT_RANDOM", 13)) {
if((r = r_data_alloc(&d->MS, 48))) if((r = r_data_alloc(&d->MS, 48)))
ABORT(r); ABORT(r);
if(read_hex_string(secret, d->MS->data, 48)) if(read_hex_string(secret, d->MS->data, 48))
ABORT(r); ABORT(r);
} }
if (ssl->version!=TLSV13_VERSION) continue; if(ssl->version != TLSV13_VERSION)
continue;
if(!strncmp(label, "SERVER_HANDSHAKE_TRAFFIC_SECRET", 31)) { if(!strncmp(label, "SERVER_HANDSHAKE_TRAFFIC_SECRET", 31)) {
if((r = r_data_alloc(&d->SHTS, ssl->cs->dig_len))) if((r = r_data_alloc(&d->SHTS, ssl->cs->dig_len)))
ABORT(r); ABORT(r);

69
ssl/ssldecode.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: ssldecode.h,v 1.3 2001/07/20 23:33:16 ekr Exp $ $Id: ssldecode.h,v 1.3 2001/07/20 23:33:16 ekr Exp $
@ -43,40 +44,56 @@
ekr@rtfm.com Thu Apr 1 15:02:02 1999 ekr@rtfm.com Thu Apr 1 15:02:02 1999
*/ */
#ifndef _ssldecode_h #ifndef _ssldecode_h
#define _ssldecode_h #define _ssldecode_h
#define CRDUMP(a,b,c) P_(P_CR) {Data d; d.data=b; d.len=c; exdump(ssl,a,&d); LF;} #define CRDUMP(a, b, c) \
#define CRDUMPD(a,b) P_(P_CR) {exdump(ssl,a,b);LF;} P_(P_CR) { \
Data d; \
d.data = b; \
d.len = c; \
exdump(ssl, a, &d); \
LF; \
}
#define CRDUMPD(a, b) \
P_(P_CR) { \
exdump(ssl, a, b); \
LF; \
}
int ssl_decode_ctx_create PROTO_LIST((ssl_decode_ctx **ctx, int ssl_decode_ctx_create PROTO_LIST(
char *keyfile,char *password,char *keylogfile)); (ssl_decode_ctx * *ctx, char *keyfile, char *password, char *keylogfile));
int ssl_decode_ctx_destroy(ssl_decode_ctx **dp); int ssl_decode_ctx_destroy(ssl_decode_ctx **dp);
int ssl_decoder_destroy PROTO_LIST((ssl_decoder * *dp)); int ssl_decoder_destroy PROTO_LIST((ssl_decoder * *dp));
int ssl_decoder_create PROTO_LIST((ssl_decoder * *dp, ssl_decode_ctx *ctx)); int ssl_decoder_create PROTO_LIST((ssl_decoder * *dp, ssl_decode_ctx *ctx));
int ssl_set_client_random PROTO_LIST((ssl_decoder *dp, int ssl_set_client_random PROTO_LIST((ssl_decoder * dp, UCHAR *msg, int len));
UCHAR *msg,int len)); int ssl_set_server_random PROTO_LIST((ssl_decoder * dp, UCHAR *msg, int len));
int ssl_set_server_random PROTO_LIST((ssl_decoder *dp,
UCHAR *msg,int len));
int ssl_set_client_session_id PROTO_LIST((ssl_decoder * dp, int ssl_set_client_session_id PROTO_LIST((ssl_decoder * dp,
UCHAR *msg,int len)); UCHAR *msg,
int ssl_process_server_session_id PROTO_LIST((ssl_obj *obj,ssl_decoder *dp, int len));
UCHAR *msg,int len)); int ssl_process_server_session_id
int ssl_process_client_session_id PROTO_LIST((ssl_obj *obj,ssl_decoder *dp, PROTO_LIST((ssl_obj * obj, ssl_decoder *dp, UCHAR *msg, int len));
UCHAR *msg,int len)); int ssl_process_client_session_id
int ssl_process_client_key_exchange PROTO_LIST((struct ssl_obj_ *, PROTO_LIST((ssl_obj * obj, ssl_decoder *dp, UCHAR *msg, int len));
ssl_decoder *d,UCHAR *msg,int len)); int ssl_process_client_key_exchange
PROTO_LIST((struct ssl_obj_ *, ssl_decoder *d, UCHAR *msg, int len));
int ssl_process_change_cipher_spec PROTO_LIST((ssl_obj * ssl, int ssl_process_change_cipher_spec PROTO_LIST((ssl_obj * ssl,
ssl_decoder *d,int direction)); ssl_decoder *d,
int ssl_update_handshake_messages PROTO_LIST((ssl_obj *ssl, int direction));
int ssl_update_handshake_messages PROTO_LIST((ssl_obj * ssl, Data *data));
int ssl_decode_record PROTO_LIST((ssl_obj * ssl,
ssl_decoder *dec,
int direction,
int ct,
int version,
Data *d));
int ssl_tls13_generate_keying_material PROTO_LIST((ssl_obj * obj,
ssl_decoder *dec));
int ssl_process_handshake_finished PROTO_LIST((ssl_obj * ssl,
ssl_decoder *dec,
Data *data)); Data *data));
int ssl_decode_record PROTO_LIST((ssl_obj *ssl,ssl_decoder *dec,int direction, int ssl_tls13_update_keying_material PROTO_LIST((ssl_obj * ssl,
int ct,int version,Data *d)); ssl_decoder *dec,
int ssl_tls13_generate_keying_material PROTO_LIST((ssl_obj *obj,ssl_decoder *dec)); int dir));
int ssl_process_handshake_finished PROTO_LIST((ssl_obj* ssl,ssl_decoder *dec, Data *data));
int ssl_tls13_update_keying_material PROTO_LIST((ssl_obj *ssl,ssl_decoder *dec,int dir));
#endif #endif

302
ssl/sslprint.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: sslprint.c,v 1.8 2002/08/17 01:33:17 ekr Exp $ $Id: sslprint.c,v 1.8 2002/08/17 01:33:17 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Tue Jan 12 18:06:39 1999 ekr@rtfm.com Tue Jan 12 18:06:39 1999
*/ */
#include <json.h> #include <json.h>
#include <ctype.h> #include <ctype.h>
#include <stdarg.h> #include <stdarg.h>
@ -56,12 +56,10 @@
extern decoder ContentType_decoder[]; extern decoder ContentType_decoder[];
extern decoder HandshakeType_decoder[]; extern decoder HandshakeType_decoder[];
#define BYTES_NEEDED(x) \
(x <= 255) ? 1 : ((x <= (1 << 16)) ? 2 : (x <= (1 << 24) ? 3 : 4))
#define BYTES_NEEDED(x) (x<=255)?1:((x<=(1<<16))?2:(x<=(1<<24)?3:4)) int process_beginning_plaintext(ssl_obj *ssl, segment *seg, int direction) {
int
process_beginning_plaintext (ssl_obj *ssl, segment *seg, int direction)
{
Data d; Data d;
if(seg->len == 0) if(seg->len == 0)
return (SSL_NO_DATA); return (SSL_NO_DATA);
@ -73,7 +71,8 @@ process_beginning_plaintext (ssl_obj *ssl, segment *seg, int direction)
if(d.data[0] == 0x16) if(d.data[0] == 0x16)
return (SSL_BAD_CONTENT_TYPE); return (SSL_BAD_CONTENT_TYPE);
if (logger) logger->vtbl->data(ssl->logger_obj,d.data,d.len,direction); if(logger)
logger->vtbl->data(ssl->logger_obj, d.data, d.len, direction);
P_(P_AD) { P_(P_AD) {
ssl_print_timestamp(ssl, &seg->p->ts); ssl_print_timestamp(ssl, &seg->p->ts);
@ -87,9 +86,7 @@ process_beginning_plaintext (ssl_obj *ssl, segment *seg, int direction)
return (0); return (0);
} }
int int process_v2_hello(ssl_obj *ssl, segment *seg) {
process_v2_hello (ssl_obj *ssl, segment *seg)
{
int r; int r;
int rec_len; int rec_len;
int _status; int _status;
@ -111,7 +108,8 @@ process_v2_hello (ssl_obj *ssl, segment *seg)
if(d.len < 4) if(d.len < 4)
ABORT(SSL_BAD_CONTENT_TYPE); ABORT(SSL_BAD_CONTENT_TYPE);
rec_len = ((d.data[0] & 0x7f) << 8) | (d.data[1]); rec_len = ((d.data[0] & 0x7f) << 8) | (d.data[1]);
d.data+=2; d.len-=2; d.data += 2;
d.len -= 2;
if(d.len != rec_len) /* Whatever this is it isn't valid SSLv2*/ if(d.len != rec_len) /* Whatever this is it isn't valid SSLv2*/
ABORT(SSL_BAD_CONTENT_TYPE); ABORT(SSL_BAD_CONTENT_TYPE);
@ -133,14 +131,15 @@ process_v2_hello (ssl_obj *ssl, segment *seg)
ssl_print_timestamp(ssl, &seg->p->ts); ssl_print_timestamp(ssl, &seg->p->ts);
ssl_print_direction_indicator(ssl, DIR_I2R); ssl_print_direction_indicator(ssl, DIR_I2R);
explain(ssl, " SSLv2 compatible client hello\n"); explain(ssl, " SSLv2 compatible client hello\n");
json_object_object_add(ssl->cur_json_st, "msg_type", json_object_new_string("Handshake")); json_object_object_add(ssl->cur_json_st, "msg_type",
json_object_object_add(ssl->cur_json_st, "handshake_type", json_object_new_string("ClientHello_v2_compat")); json_object_new_string("Handshake"));
json_object_object_add(ssl->cur_json_st, "handshake_type",
json_object_new_string("ClientHello_v2_compat"));
INDENT_INCR; INDENT_INCR;
P_(P_HL) { P_(P_HL) {
explain(ssl,"Version %d.%d ",(ver>>8)&0xff, explain(ssl, "Version %d.%d ", (ver >> 8) & 0xff, ver & 0xff);
ver&0xff);
LF; LF;
} }
SSL_DECODE_UINT16_ABORT(ssl, "cipher_spec_length", P_DC, &d, &cs_len); SSL_DECODE_UINT16_ABORT(ssl, "cipher_spec_length", P_DC, &d, &cs_len);
@ -151,18 +150,14 @@ process_v2_hello (ssl_obj *ssl, segment *seg)
fprintf(stderr, "Bad cipher spec length %d\n", cs_len); fprintf(stderr, "Bad cipher spec length %d\n", cs_len);
ABORT(SSL_BAD_DATA); ABORT(SSL_BAD_DATA);
} }
P_(P_HL){ P_(P_HL) { explain(ssl, "cipher suites\n"); }
explain(ssl,"cipher suites\n");
}
for(; cs_len; cs_len -= 3) { for(; cs_len; cs_len -= 3) {
UINT4 val; UINT4 val;
SSL_DECODE_UINT24_ABORT(ssl, 0, 0, &d, &val); SSL_DECODE_UINT24_ABORT(ssl, 0, 0, &d, &val);
ssl_print_cipher_suite(ssl, ver, P_HL, val); ssl_print_cipher_suite(ssl, ver, P_HL, val);
P_(P_HL){ P_(P_HL) { explain(ssl, "\n"); }
explain(ssl,"\n");
}
} }
if(sid_len != 0) { if(sid_len != 0) {
@ -175,11 +170,8 @@ process_v2_hello (ssl_obj *ssl, segment *seg)
ABORT(SSL_BAD_DATA); ABORT(SSL_BAD_DATA);
} }
SSL_DECODE_OPAQUE_ARRAY_ABORT(ssl,0,chall_len, SSL_DECODE_OPAQUE_ARRAY_ABORT(ssl, 0, chall_len, 0, &d, &chall);
0,&d,&chall); P_(P_DC) { exdump(ssl, "Challenge", &chall); }
P_(P_DC){
exdump(ssl,"Challenge",&chall);
}
memset(random, 0, 32); memset(random, 0, 32);
memcpy(random + (32 - chall_len), chall.data, chall_len); memcpy(random + (32 - chall_len), chall.data, chall_len);
@ -192,7 +184,8 @@ process_v2_hello (ssl_obj *ssl, segment *seg)
INIT_DATA(d, seg->data, seg->len); INIT_DATA(d, seg->data, seg->len);
exdump(ssl, "Packet data", &d); exdump(ssl, "Packet data", &d);
LF;LF; LF;
LF;
} }
INDENT_POP; INDENT_POP;
@ -210,9 +203,12 @@ process_v2_hello (ssl_obj *ssl, segment *seg)
return (_status); return (_status);
} }
int int ssl_decode_switch(ssl_obj *ssl,
ssl_decode_switch (ssl_obj *ssl, decoder *dtable, int value, int dir, segment *seg, Data *data) decoder *dtable,
{ int value,
int dir,
segment *seg,
Data *data) {
while(dtable && dtable->type != -1 && dtable->name != NULL) { while(dtable && dtable->type != -1 && dtable->name != NULL) {
if(dtable->type == value) { if(dtable->type == value) {
INDENT_INCR; INDENT_INCR;
@ -231,9 +227,11 @@ ssl_decode_switch (ssl_obj *ssl, decoder *dtable, int value, int dir, segment *s
ERETURN(R_NOT_FOUND); ERETURN(R_NOT_FOUND);
} }
int int ssl_expand_record(ssl_obj *ssl,
ssl_expand_record (ssl_obj *ssl, segment *q, int direction, UCHAR *data, int len) segment *q,
{ int direction,
UCHAR *data,
int len) {
int r; int r;
Data d; Data d;
UINT4 ct, vermaj, vermin, length; UINT4 ct, vermaj, vermin, length;
@ -253,7 +251,8 @@ ssl_expand_record (ssl_obj *ssl, segment *q, int direction, UCHAR *data, int len
SSL_DECODE_UINT16(ssl, 0, 0, &d, &length); SSL_DECODE_UINT16(ssl, 0, 0, &d, &length);
if(d.len != length) { if(d.len != length) {
explain(ssl," Short record: %u bytes available (expecting: %u)\n",length,d.len); explain(ssl, " Short record: %u bytes available (expecting: %u)\n", length,
d.len);
return (0); return (0);
} }
version = ssl->version ? ssl->version : (vermaj * 256 + vermin); version = ssl->version ? ssl->version : (vermaj * 256 + vermin);
@ -285,19 +284,21 @@ ssl_expand_record (ssl_obj *ssl, segment *q, int direction, UCHAR *data, int len
if(!(SSL_print_flags & SSL_PRINT_JSON)) if(!(SSL_print_flags & SSL_PRINT_JSON))
LF; LF;
} } else {
else{
// try to save unencrypted data to logger // try to save unencrypted data to logger
//we must save record with type "application_data" (this is unencrypted data) // we must save record with type "application_data" (this is unencrypted
// data)
if(ct == 23) { if(ct == 23) {
if(logger) { if(logger) {
logger->vtbl->data(ssl->logger_obj, d.data, d.len, direction); logger->vtbl->data(ssl->logger_obj, d.data, d.len, direction);
} }
if(ssl->version == TLSV13_VERSION) { if(ssl->version == TLSV13_VERSION) {
ct = d.data[--d.len]; // In TLS 1.3 ct is stored in the end for encrypted records ct = d.data[--d.len]; // In TLS 1.3 ct is stored in the end for
// encrypted records
} }
} }
if((r=ssl_decode_switch(ssl,ContentType_decoder,ct,direction,q, &d))) { if((r = ssl_decode_switch(ssl, ContentType_decoder, ct, direction, q,
&d))) {
if(!(SSL_print_flags & SSL_PRINT_JSON)) if(!(SSL_print_flags & SSL_PRINT_JSON))
printf(" unknown record type: %d\n", ct); printf(" unknown record type: %d\n", ct);
ERETURN(r); ERETURN(r);
@ -307,13 +308,17 @@ ssl_expand_record (ssl_obj *ssl, segment *q, int direction, UCHAR *data, int len
return (0); return (0);
} }
int int ssl_decode_uintX(ssl_obj *ssl,
ssl_decode_uintX (ssl_obj *ssl, char *name, int size, UINT4 p, Data *data, UINT4 *x) char *name,
{ int size,
UINT4 p,
Data *data,
UINT4 *x) {
UINT4 v = 0; UINT4 v = 0;
UINT4 _x; UINT4 _x;
if(!x) x=&_x; if(!x)
x = &_x;
if(size > data->len) { if(size > data->len) {
fprintf(stderr, "Short read: %d bytes available (expecting %d)\n", fprintf(stderr, "Short read: %d bytes available (expecting %d)\n",
@ -327,30 +332,31 @@ ssl_decode_uintX (ssl_obj *ssl, char *name, int size, UINT4 p, Data *data, UINT4
data->len--; data->len--;
} }
P_(p){ P_(p) { explain(ssl, "%s = %d\n", name, *x); }
explain(ssl,"%s = %d\n",name,*x);
}
*x = v; *x = v;
return (0); return (0);
} }
int int ssl_decode_opaque_array(ssl_obj *ssl,
ssl_decode_opaque_array (ssl_obj *ssl, char *name, int size, UINT4 p, Data *data, Data *x) char *name,
{ int size,
UINT4 p,
Data *data,
Data *x) {
UINT4 len; UINT4 len;
char n[1000]; char n[1000];
int r; int r;
Data _x; Data _x;
if(!x) x=&_x; if(!x)
x = &_x;
sprintf(n, "%s (length)", name ? name : "<unknown>"); sprintf(n, "%s (length)", name ? name : "<unknown>");
if(size < 0) { if(size < 0) {
size *= -1; size *= -1;
if((r = ssl_decode_uintX(ssl, n, BYTES_NEEDED(size), P_DC, data, &len))) if((r = ssl_decode_uintX(ssl, n, BYTES_NEEDED(size), P_DC, data, &len)))
ERETURN(r); ERETURN(r);
} } else {
else{
len = size; len = size;
} }
@ -365,16 +371,12 @@ ssl_decode_opaque_array (ssl_obj *ssl, char *name, int size, UINT4 p, Data *data
data->data += len; data->data += len;
data->len -= len; data->len -= len;
P_(p){ P_(p) { exdump(ssl, name, x); }
exdump(ssl,name,x);
}
return (0); return (0);
} }
int int ssl_lookup_enum(ssl_obj *ssl, decoder *dtable, UINT4 val, char **ptr) {
ssl_lookup_enum (ssl_obj *ssl, decoder *dtable, UINT4 val, char **ptr)
{
while(dtable && dtable->type != -1) { while(dtable && dtable->type != -1) {
if(dtable->type == val) { if(dtable->type == val) {
*ptr = dtable->name; *ptr = dtable->name;
@ -386,13 +388,18 @@ ssl_lookup_enum (ssl_obj *ssl, decoder *dtable, UINT4 val, char **ptr)
return (R_NOT_FOUND); return (R_NOT_FOUND);
} }
int int ssl_decode_enum(ssl_obj *ssl,
ssl_decode_enum (ssl_obj *ssl, char *name, int size, decoder *dtable, UINT4 p, Data *data, UINT4 *x) char *name,
{ int size,
decoder *dtable,
UINT4 p,
Data *data,
UINT4 *x) {
int r; int r;
UINT4 _x; UINT4 _x;
if(!x) x=&_x; if(!x)
x = &_x;
if((r = ssl_decode_uintX(ssl, name, size, 0, data, x))) if((r = ssl_decode_uintX(ssl, name, size, 0, data, x)))
ERETURN(r); ERETURN(r);
@ -406,11 +413,9 @@ ssl_decode_enum (ssl_obj *ssl, char *name, int size, decoder *dtable, UINT4 p, D
return (0); return (0);
} }
int int ssl_print_enum(ssl_obj *ssl, char *name, decoder *dtable, UINT4 value) {
ssl_print_enum (ssl_obj *ssl, char *name, decoder *dtable, UINT4 value) if(name)
{ explain(ssl, "%s ", name);
if(name) explain(ssl,"%s ",name);
INDENT; INDENT;
while(dtable && dtable->type != -1) { while(dtable && dtable->type != -1) {
@ -426,9 +431,7 @@ ssl_print_enum (ssl_obj *ssl, char *name, decoder *dtable, UINT4 value)
return (R_NOT_FOUND); return (R_NOT_FOUND);
} }
int int ssl_get_enum_str(ssl_obj *ssl, char *outstr, decoder *dtable, UINT4 value) {
ssl_get_enum_str (ssl_obj *ssl, char *outstr, decoder *dtable, UINT4 value)
{
while(dtable && dtable->type != -1) { while(dtable && dtable->type != -1) {
if(dtable->type == value) { if(dtable->type == value) {
strncpy(outstr, dtable->name, 20); strncpy(outstr, dtable->name, 20);
@ -439,8 +442,7 @@ ssl_get_enum_str (ssl_obj *ssl, char *outstr, decoder *dtable, UINT4 value)
return (R_NOT_FOUND); return (R_NOT_FOUND);
} }
int explain(ssl_obj *ssl,char *format,...) int explain(ssl_obj *ssl, char *format, ...) {
{
va_list ap; va_list ap;
if(!(SSL_print_flags & SSL_PRINT_JSON)) { if(!(SSL_print_flags & SSL_PRINT_JSON)) {
va_start(ap, format); va_start(ap, format);
@ -459,39 +461,33 @@ int explain(ssl_obj *ssl,char *format,...)
return (0); return (0);
} }
int int exdump(ssl_obj *ssl, char *name, Data *data) {
exdump (ssl_obj *ssl, char *name, Data *data)
{
int i; int i;
if(!(SSL_print_flags & SSL_PRINT_JSON)) { if(!(SSL_print_flags & SSL_PRINT_JSON)) {
if(name) { if(name) {
explain(ssl, "%s[%d]=\n", name, data->len); explain(ssl, "%s[%d]=\n", name, data->len);
INDENT_INCR; INDENT_INCR;
} }
P_(P_NR){ P_(P_NR) { printf("\\f(CB"); }
printf("\\f(CB");
}
for(i = 0; i < data->len; i++) { for(i = 0; i < data->len; i++) {
if(!i)
if(!i) INDENT; INDENT;
if((data->len > 8) && i && !(i % 16)) { if((data->len > 8) && i && !(i % 16)) {
LF; INDENT; LF;
INDENT;
} }
printf("%.2x ", data->data[i] & 255); printf("%.2x ", data->data[i] & 255);
} }
P_(P_NR){ P_(P_NR) { printf("\\fR"); }
printf("\\fR"); if(name)
} INDENT_POP;
if(name) INDENT_POP;
LF; LF;
} }
return (0); return (0);
} }
int int exstr(ssl_obj *ssl, char *outstr, Data *data) {
exstr (ssl_obj *ssl, char *outstr, Data *data)
{
int i; int i;
char *ptr = outstr; char *ptr = outstr;
@ -507,9 +503,7 @@ exstr (ssl_obj *ssl, char *outstr, Data *data)
return (0); return (0);
} }
int int combodump(ssl_obj *ssl, char *name, Data *data) {
combodump (ssl_obj *ssl, char *name, Data *data)
{
UCHAR *ptr = data->data; UCHAR *ptr = data->data;
int len = data->len; int len = data->len;
@ -555,21 +549,19 @@ combodump (ssl_obj *ssl, char *name, Data *data)
len -= bytes; len -= bytes;
ptr += bytes; ptr += bytes;
} }
P_(P_NR){ P_(P_NR) { printf("\\fR"); }
printf("\\fR"); if(name)
} INDENT_POP;
if(name) INDENT_POP;
return (0); return (0);
} }
int int print_data(ssl_obj *ssl, Data *d) {
print_data (ssl_obj *ssl, Data *d)
{
int i, bit8 = 0; int i, bit8 = 0;
LF; LF;
for(i = 0; i < d->len; i++) { for(i = 0; i < d->len; i++) {
if(d->data[i] == 0 || (!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i]))){ if(d->data[i] == 0 ||
(!isprint(d->data[i]) && !strchr("\r\n\t", d->data[i]))) {
bit8 = 1; bit8 = 1;
break; break;
} }
@ -578,17 +570,14 @@ print_data (ssl_obj *ssl, Data *d)
if(bit8) { if(bit8) {
INDENT; INDENT;
printf("---------------------------------------------------------------\n"); printf("---------------------------------------------------------------\n");
P_(P_HO){ P_(P_HO) { exdump(ssl, 0, d); }
exdump(ssl,0,d);
}
else { else {
combodump(ssl, 0, d); combodump(ssl, 0, d);
} }
INDENT; INDENT;
printf("---------------------------------------------------------------\n"); printf("---------------------------------------------------------------\n");
} } else {
else{
int nl = 1; int nl = 1;
INDENT; INDENT;
printf("---------------------------------------------------------------\n"); printf("---------------------------------------------------------------\n");
@ -607,7 +596,10 @@ print_data (ssl_obj *ssl, Data *d)
nl = 0; nl = 0;
putchar(d->data[i]); putchar(d->data[i]);
if(d->data[i]=='\n') {nl=1;INDENT;} if(d->data[i] == '\n') {
nl = 1;
INDENT;
}
} }
printf("---------------------------------------------------------------\n"); printf("---------------------------------------------------------------\n");
if(SSL_print_flags & SSL_PRINT_NROFF) { if(SSL_print_flags & SSL_PRINT_NROFF) {
@ -617,9 +609,7 @@ print_data (ssl_obj *ssl, Data *d)
return (0); return (0);
} }
int int ssl_print_direction_indicator(ssl_obj *ssl, int dir) {
ssl_print_direction_indicator (ssl_obj *ssl, int dir)
{
struct json_object *jobj; struct json_object *jobj;
#if 0 #if 0
if(dir==DIR_I2R){ if(dir==DIR_I2R){
@ -637,23 +627,34 @@ ssl_print_direction_indicator (ssl_obj *ssl, int dir)
if(dir == DIR_I2R) { if(dir == DIR_I2R) {
explain(ssl, "C>S"); explain(ssl, "C>S");
if(jobj) { if(jobj) {
json_object_object_add(jobj, "src_name", json_object_new_string(ssl->client_name)); json_object_object_add(jobj, "src_name",
json_object_object_add(jobj, "src_ip", json_object_new_string(ssl->client_ip)); json_object_new_string(ssl->client_name));
json_object_object_add(jobj, "src_port", json_object_new_int(ssl->client_port)); json_object_object_add(jobj, "src_ip",
json_object_object_add(jobj, "dst_name", json_object_new_string(ssl->server_name)); json_object_new_string(ssl->client_ip));
json_object_object_add(jobj, "dst_ip", json_object_new_string(ssl->server_ip)); json_object_object_add(jobj, "src_port",
json_object_object_add(jobj, "dst_port", json_object_new_int(ssl->server_port)); json_object_new_int(ssl->client_port));
json_object_object_add(jobj, "dst_name",
json_object_new_string(ssl->server_name));
json_object_object_add(jobj, "dst_ip",
json_object_new_string(ssl->server_ip));
json_object_object_add(jobj, "dst_port",
json_object_new_int(ssl->server_port));
} }
} } else {
else{
explain(ssl, "S>C"); explain(ssl, "S>C");
if(jobj) { if(jobj) {
json_object_object_add(jobj, "src_name", json_object_new_string(ssl->server_name)); json_object_object_add(jobj, "src_name",
json_object_object_add(jobj, "src_ip", json_object_new_string(ssl->server_ip)); json_object_new_string(ssl->server_name));
json_object_object_add(jobj, "src_port", json_object_new_int(ssl->server_port)); json_object_object_add(jobj, "src_ip",
json_object_object_add(jobj, "dst_name", json_object_new_string(ssl->client_name)); json_object_new_string(ssl->server_ip));
json_object_object_add(jobj, "dst_ip", json_object_new_string(ssl->client_ip)); json_object_object_add(jobj, "src_port",
json_object_object_add(jobj, "dst_port", json_object_new_int(ssl->client_port)); json_object_new_int(ssl->server_port));
json_object_object_add(jobj, "dst_name",
json_object_new_string(ssl->client_name));
json_object_object_add(jobj, "dst_ip",
json_object_new_string(ssl->client_ip));
json_object_object_add(jobj, "dst_port",
json_object_new_int(ssl->client_port));
} }
} }
#endif #endif
@ -661,9 +662,7 @@ ssl_print_direction_indicator (ssl_obj *ssl, int dir)
return (0); return (0);
} }
int int ssl_print_timestamp(ssl_obj *ssl, struct timeval *ts) {
ssl_print_timestamp (ssl_obj *ssl, struct timeval *ts)
{
struct timeval dt; struct timeval dt;
int r; int r;
@ -672,60 +671,58 @@ ssl_print_timestamp (ssl_obj *ssl, struct timeval *ts)
jobj = ssl->cur_json_st; jobj = ssl->cur_json_st;
if(jobj) { if(jobj) {
snprintf(ts_str,40, "%lld%c%4.4lld",(long long)ts->tv_sec,'.',(long long)ts->tv_usec/100); snprintf(ts_str, 40, "%lld%c%4.4lld", (long long)ts->tv_sec, '.',
(long long)ts->tv_usec / 100);
json_object *j_ts_str = json_object_new_string(ts_str); json_object *j_ts_str = json_object_new_string(ts_str);
json_object_object_add(jobj, "timestamp", j_ts_str); json_object_object_add(jobj, "timestamp", j_ts_str);
} }
if(SSL_print_flags & SSL_PRINT_TIMESTAMP_ABSOLUTE) { if(SSL_print_flags & SSL_PRINT_TIMESTAMP_ABSOLUTE) {
if(!(SSL_print_flags & SSL_PRINT_JSON)) if(!(SSL_print_flags & SSL_PRINT_JSON))
explain(ssl,"%lld%c%4.4lld ",(long long)ts->tv_sec,'.',(long long)ts->tv_usec/100); explain(ssl, "%lld%c%4.4lld ", (long long)ts->tv_sec, '.',
} (long long)ts->tv_usec / 100);
else{ } else {
if((r = timestamp_diff(ts, &ssl->time_start, &dt))) if((r = timestamp_diff(ts, &ssl->time_start, &dt)))
ERETURN(r); ERETURN(r);
if(!(SSL_print_flags & SSL_PRINT_JSON)) if(!(SSL_print_flags & SSL_PRINT_JSON))
explain(ssl,"%lld%c%4.4lld ",(long long)dt.tv_sec,'.',(long long)dt.tv_usec/100); explain(ssl, "%lld%c%4.4lld ", (long long)dt.tv_sec, '.',
(long long)dt.tv_usec / 100);
} }
if((r = timestamp_diff(ts, &ssl->time_last, &dt))) { if((r = timestamp_diff(ts, &ssl->time_last, &dt))) {
ERETURN(r); ERETURN(r);
} }
if(!(SSL_print_flags & SSL_PRINT_JSON)) if(!(SSL_print_flags & SSL_PRINT_JSON))
explain(ssl,"(%lld%c%4.4lld) ",(long long)dt.tv_sec,'.',(long long)dt.tv_usec/100); explain(ssl, "(%lld%c%4.4lld) ", (long long)dt.tv_sec, '.',
(long long)dt.tv_usec / 100);
memcpy(&ssl->time_last, ts, sizeof(struct timeval)); memcpy(&ssl->time_last, ts, sizeof(struct timeval));
return (0); return (0);
} }
int ssl_print_record_num(ssl_obj *ssl) {
int
ssl_print_record_num (ssl_obj *ssl)
{
struct json_object *jobj; struct json_object *jobj;
jobj = ssl->cur_json_st; jobj = ssl->cur_json_st;
ssl->record_count++; ssl->record_count++;
if(!(SSL_print_flags & SSL_PRINT_JSON)) { if(!(SSL_print_flags & SSL_PRINT_JSON)) {
if(SSL_print_flags & SSL_PRINT_NROFF) { if(SSL_print_flags & SSL_PRINT_NROFF) {
printf("\\fI%d %d\\fR %s", printf("\\fI%d %d\\fR %s", ssl->conn->conn_number, ssl->record_count,
ssl->conn->conn_number, ssl->record_count < 10 ? " " : "");
ssl->record_count,ssl->record_count<10?" ":""); } else {
} printf("%d %d %s", ssl->conn->conn_number, ssl->record_count,
else{ ssl->record_count < 10 ? " " : "");
printf("%d %d %s",ssl->conn->conn_number,
ssl->record_count,ssl->record_count<10?" ":"");
} }
} }
json_object_object_add(jobj, "connection_number", json_object_new_int(ssl->conn->conn_number)); json_object_object_add(jobj, "connection_number",
json_object_object_add(jobj, "record_count", json_object_new_int(ssl->record_count)); json_object_new_int(ssl->conn->conn_number));
json_object_object_add(jobj, "record_count",
json_object_new_int(ssl->record_count));
return (0); return (0);
} }
int int ssl_print_cipher_suite(ssl_obj *ssl, int version, int p, UINT4 val) {
ssl_print_cipher_suite (ssl_obj *ssl, int version, int p, UINT4 val)
{
char *str; char *str;
char *prefix = version <= 0x300 ? "SSL_" : "TLS_"; char *prefix = version <= 0x300 ? "SSL_" : "TLS_";
int r; int r;
@ -740,16 +737,9 @@ ssl_print_cipher_suite (ssl_obj *ssl, int version, int p, UINT4 val)
and the version is SSLv3 then we replace it with SSL_*/ and the version is SSLv3 then we replace it with SSL_*/
if(!strncmp(str, "TLS_", 4)) { if(!strncmp(str, "TLS_", 4)) {
explain(ssl, "%s%s", prefix, str + 4); explain(ssl, "%s%s", prefix, str + 4);
} } else {
else{
explain(ssl, "%s", str); explain(ssl, "%s", str);
} }
} }
return (0); return (0);
} }

111
ssl/sslprint.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: sslprint.h,v 1.3 2000/11/03 06:38:06 ekr Exp $ $Id: sslprint.h,v 1.3 2000/11/03 06:38:06 ekr Exp $
@ -43,66 +44,104 @@
ekr@rtfm.com Wed Feb 10 15:34:14 1999 ekr@rtfm.com Wed Feb 10 15:34:14 1999
*/ */
#ifndef _sslprint_h #ifndef _sslprint_h
#define _sslprint_h #define _sslprint_h
#include "ssl_analyze.h" #include "ssl_analyze.h"
#include "ssl_h.h" #include "ssl_h.h"
int ssl_expand_record PROTO_LIST((ssl_obj *ssl, int ssl_expand_record PROTO_LIST(
segment *q,int direction,UCHAR *data,int len)); (ssl_obj * ssl, segment *q, int direction, UCHAR *data, int len));
int ssl_decode_switch PROTO_LIST((ssl_obj * ssl, int ssl_decode_switch PROTO_LIST((ssl_obj * ssl,
decoder *dtable,int value,int dir,segment *seg,Data *data)); decoder *dtable,
int ssl_decode_uintX PROTO_LIST((ssl_obj *ssl,char *name,int size, int value,
UINT4 print,Data *data,UINT4 *x)); int dir,
int ssl_decode_opaque_array PROTO_LIST((ssl_obj *ssl,char *name,int size, segment *seg,
UINT4 print,Data *data,Data *x)); Data *data));
int ssl_decode_enum PROTO_LIST((ssl_obj *ssl,char *name, int ssl_decode_uintX PROTO_LIST(
int size,decoder *decode,UINT4 p,Data *data, (ssl_obj * ssl, char *name, int size, UINT4 print, Data *data, UINT4 *x));
int ssl_decode_opaque_array PROTO_LIST(
(ssl_obj * ssl, char *name, int size, UINT4 print, Data *data, Data *x));
int ssl_decode_enum PROTO_LIST((ssl_obj * ssl,
char *name,
int size,
decoder *decode,
UINT4 p,
Data *data,
UINT4 *x)); UINT4 *x));
int ssl_lookup_enum PROTO_LIST((ssl_obj *ssl,decoder *dtable, int ssl_lookup_enum
UINT4 val,char **ptr)); PROTO_LIST((ssl_obj * ssl, decoder *dtable, UINT4 val, char **ptr));
int ssl_print_enum PROTO_LIST((ssl_obj *obj,char *name, int ssl_print_enum
decoder *decode,UINT4 value)); PROTO_LIST((ssl_obj * obj, char *name, decoder *decode, UINT4 value));
int ssl_get_enum_str PROTO_LIST((ssl_obj *obj,char *outstr, int ssl_get_enum_str
decoder *decode,UINT4 value)); PROTO_LIST((ssl_obj * obj, char *outstr, decoder *decode, UINT4 value));
int print_data PROTO_LIST((ssl_obj * ssl, Data *d)); int print_data PROTO_LIST((ssl_obj * ssl, Data *d));
int process_v2_hello PROTO_LIST((ssl_obj * ssl, segment *seg)); int process_v2_hello PROTO_LIST((ssl_obj * ssl, segment *seg));
int process_beginning_plaintext PROTO_LIST((ssl_obj * ssl, int process_beginning_plaintext PROTO_LIST((ssl_obj * ssl,
segment *seg,int direction)); segment *seg,
int direction));
int ssl_print_direction_indicator PROTO_LIST((ssl_obj * ssl, int dir)); int ssl_print_direction_indicator PROTO_LIST((ssl_obj * ssl, int dir));
int ssl_print_timestamp PROTO_LIST((ssl_obj * ssl, struct timeval *ts)); int ssl_print_timestamp PROTO_LIST((ssl_obj * ssl, struct timeval *ts));
int ssl_print_record_num PROTO_LIST((ssl_obj * ssl)); int ssl_print_record_num PROTO_LIST((ssl_obj * ssl));
int ssl_print_cipher_suite PROTO_LIST((ssl_obj *ssl,int version,int p, int ssl_print_cipher_suite
UINT4 val)); PROTO_LIST((ssl_obj * ssl, int version, int p, UINT4 val));
int explain PROTO_LIST((ssl_obj * ssl, char *format, ...)); int explain PROTO_LIST((ssl_obj * ssl, char *format, ...));
int exdump PROTO_LIST((ssl_obj * ssl, char *name, Data *data)); int exdump PROTO_LIST((ssl_obj * ssl, char *name, Data *data));
int exstr PROTO_LIST((ssl_obj * ssl, char *name, Data *data)); int exstr PROTO_LIST((ssl_obj * ssl, char *name, Data *data));
#define SSL_DECODE_UINT8(a, n, b, c, d) \
#define SSL_DECODE_UINT8(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,1,b,c,d))) ERETURN(r) if((r = ssl_decode_uintX(a, n, 1, b, c, d))) \
#define SSL_DECODE_UINT16(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,2,b,c,d))) ERETURN(r) ERETURN(r)
#define SSL_DECODE_UINT24(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,3,b,c,d))) ERETURN(r) #define SSL_DECODE_UINT16(a, n, b, c, d) \
#define SSL_DECODE_UINT32(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,4,b,c,d))) ERETURN(r) if((r = ssl_decode_uintX(a, n, 2, b, c, d))) \
#define SSL_DECODE_OPAQUE_ARRAY(a,n,b,c,d,e) if((r=ssl_decode_opaque_array(a,n,b,c,d,e))) ERETURN(r) ERETURN(r)
#define SSL_DECODE_ENUM(a,b,c,d,e,f,g) if((r=ssl_decode_enum(a,b,c,d,e,f,g))) ERETURN(r) #define SSL_DECODE_UINT24(a, n, b, c, d) \
#define SSL_DECODE_UINT8_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,1,b,c,d))) ABORT(r) if((r = ssl_decode_uintX(a, n, 3, b, c, d))) \
#define SSL_DECODE_UINT16_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,2,b,c,d))) ABORT(r) ERETURN(r)
#define SSL_DECODE_UINT24_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,3,b,c,d))) ABORT(r) #define SSL_DECODE_UINT32(a, n, b, c, d) \
#define SSL_DECODE_UINT32_ABORT(a,n,b,c,d) if((r=ssl_decode_uintX(a,n,4,b,c,d))) ABORT(r) if((r = ssl_decode_uintX(a, n, 4, b, c, d))) \
#define SSL_DECODE_OPAQUE_ARRAY_ABORT(a,n,b,c,d,e) if((r=ssl_decode_opaque_array(a,n,b,c,d,e))) ABORT(r) ERETURN(r)
#define SSL_DECODE_ENUM_ABORT(a,b,c,d,e,f,g) if((r=ssl_decode_enum(a,b,c,d,e,f,g))) ABORT(r) #define SSL_DECODE_OPAQUE_ARRAY(a, n, b, c, d, e) \
if((r = ssl_decode_opaque_array(a, n, b, c, d, e))) \
ERETURN(r)
#define SSL_DECODE_ENUM(a, b, c, d, e, f, g) \
if((r = ssl_decode_enum(a, b, c, d, e, f, g))) \
ERETURN(r)
#define SSL_DECODE_UINT8_ABORT(a, n, b, c, d) \
if((r = ssl_decode_uintX(a, n, 1, b, c, d))) \
ABORT(r)
#define SSL_DECODE_UINT16_ABORT(a, n, b, c, d) \
if((r = ssl_decode_uintX(a, n, 2, b, c, d))) \
ABORT(r)
#define SSL_DECODE_UINT24_ABORT(a, n, b, c, d) \
if((r = ssl_decode_uintX(a, n, 3, b, c, d))) \
ABORT(r)
#define SSL_DECODE_UINT32_ABORT(a, n, b, c, d) \
if((r = ssl_decode_uintX(a, n, 4, b, c, d))) \
ABORT(r)
#define SSL_DECODE_OPAQUE_ARRAY_ABORT(a, n, b, c, d, e) \
if((r = ssl_decode_opaque_array(a, n, b, c, d, e))) \
ABORT(r)
#define SSL_DECODE_ENUM_ABORT(a, b, c, d, e, f, g) \
if((r = ssl_decode_enum(a, b, c, d, e, f, g))) \
ABORT(r)
#define P_(p) if((p == SSL_PRINT_ALL) || (p & SSL_print_flags)) #define P_(p) if((p == SSL_PRINT_ALL) || (p & SSL_print_flags))
#define INDENT if(!(NET_print_flags & NET_PRINT_JSON)) do {int i; for(i=0;i<(ssl->indent_depth + ssl->indent_name_len);i++) printf("%s",SSL_print_flags & SSL_PRINT_NROFF?" ":" ");} while(0) #define INDENT \
if(!(NET_print_flags & NET_PRINT_JSON)) \
do { \
int i; \
for(i = 0; i < (ssl->indent_depth + ssl->indent_name_len); i++) \
printf("%s", SSL_print_flags &SSL_PRINT_NROFF ? " " : " "); \
} while(0)
#define INDENT_INCR ssl->indent_depth += 2 #define INDENT_INCR ssl->indent_depth += 2
#define INDENT_POP ssl->indent_depth -= 2 #define INDENT_POP ssl->indent_depth -= 2
#define INDENT_NAME(x) ssl->indent_name_len += strlen(x) #define INDENT_NAME(x) ssl->indent_name_len += strlen(x)
#define INDENT_NAME_POP ssl->indent_name_len = 0 #define INDENT_NAME_POP ssl->indent_name_len = 0
#define LINE_LEFT (80-(ssl->indent_name_len + ssl->indent_depth) #define LINE_LEFT (80-(ssl->indent_name_len + ssl->indent_depth)
#define LF if(!(NET_print_flags & NET_PRINT_JSON)) printf("\n") #define LF \
if(!(NET_print_flags & NET_PRINT_JSON)) \
printf("\n")
#endif #endif

62
ssl/sslxprint.c
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: sslxprint.c,v 1.3 2000/11/03 06:38:06 ekr Exp $ $Id: sslxprint.c,v 1.3 2000/11/03 06:38:06 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Thu Mar 25 21:17:16 1999 ekr@rtfm.com Thu Mar 25 21:17:16 1999
*/ */
#include <json.h> #include <json.h>
#include "network.h" #include "network.h"
#include "ssl_h.h" #include "ssl_h.h"
@ -62,9 +62,7 @@ static int sslx__print_dn PROTO_LIST((ssl_obj *ssl,char *x));
static int sslx__print_serial PROTO_LIST((ssl_obj * ssl, ASN1_INTEGER *a)); static int sslx__print_serial PROTO_LIST((ssl_obj * ssl, ASN1_INTEGER *a));
#endif #endif
int int sslx_print_certificate(ssl_obj *ssl, Data *data, int pf) {
sslx_print_certificate (ssl_obj *ssl, Data *data, int pf)
{
#ifdef OPENSSL #ifdef OPENSSL
X509 *x = 0; X509 *x = 0;
ASN1_INTEGER *a; ASN1_INTEGER *a;
@ -89,29 +87,31 @@ sslx_print_certificate (ssl_obj *ssl, Data *data, int pf)
d = data->data; d = data->data;
if(!(b64_cert=(char *)calloc(1,sizeof(char) * ((((data->len) + 3 - 1)/3) * 4 + 1)))) if(!(b64_cert = (char *)calloc(
1, sizeof(char) * ((((data->len) + 3 - 1) / 3) * 4 + 1))))
ABORT(R_NO_MEMORY); ABORT(R_NO_MEMORY);
EVP_EncodeBlock((unsigned char *)b64_cert, d, data->len); EVP_EncodeBlock((unsigned char *)b64_cert, d, data->len);
json_object_object_add(cert_obj, "cert_der", json_object_new_string(b64_cert)); json_object_object_add(cert_obj, "cert_der",
json_object_new_string(b64_cert));
free(b64_cert); free(b64_cert);
if(!(x = d2i_X509(0, (const unsigned char **)&d, data->len))) { if(!(x = d2i_X509(0, (const unsigned char **)&d, data->len))) {
explain(ssl, "Bad certificate"); explain(ssl, "Bad certificate");
ABORT(R_BAD_DATA); ABORT(R_BAD_DATA);
} }
X509_NAME_oneline(X509_get_subject_name(x),buf, X509_NAME_oneline(X509_get_subject_name(x), buf, BUFSIZE);
BUFSIZE);
explain(ssl, "Subject\n"); explain(ssl, "Subject\n");
INDENT_INCR; INDENT_INCR;
json_object_object_add(cert_obj, "cert_subject", json_object_new_string(buf)); json_object_object_add(cert_obj, "cert_subject",
json_object_new_string(buf));
sslx__print_dn(ssl, buf); sslx__print_dn(ssl, buf);
INDENT_POP; INDENT_POP;
X509_NAME_oneline(X509_get_issuer_name(x),buf, X509_NAME_oneline(X509_get_issuer_name(x), buf, BUFSIZE);
BUFSIZE);
explain(ssl, "Issuer\n"); explain(ssl, "Issuer\n");
INDENT_INCR; INDENT_INCR;
json_object_object_add(cert_obj, "cert_issuer", json_object_new_string(buf)); json_object_object_add(cert_obj, "cert_issuer",
json_object_new_string(buf));
sslx__print_dn(ssl, buf); sslx__print_dn(ssl, buf);
INDENT_POP; INDENT_POP;
a = X509_get_serialNumber(x); a = X509_get_serialNumber(x);
@ -120,7 +120,8 @@ sslx_print_certificate (ssl_obj *ssl, Data *data, int pf)
ABORT(R_NO_MEMORY); ABORT(R_NO_MEMORY);
INIT_DATA(data_tmp, a->data, a->length); INIT_DATA(data_tmp, a->data, a->length);
exstr(ssl, serial_str, &data_tmp); exstr(ssl, serial_str, &data_tmp);
json_object_object_add(cert_obj, "cert_serial", json_object_new_string(serial_str)); json_object_object_add(cert_obj, "cert_serial",
json_object_new_string(serial_str));
free(serial_str); free(serial_str);
sslx__print_serial(ssl, a); sslx__print_serial(ssl, a);
@ -162,12 +163,9 @@ sslx_print_certificate (ssl_obj *ssl, Data *data, int pf)
} }
INDENT_POP; INDENT_POP;
} } else {
else{
#endif #endif
P_(pf){ P_(pf) { exdump(ssl, "certificate", data); }
exdump(ssl,"certificate",data);
}
#ifdef OPENSSL #ifdef OPENSSL
} }
@ -180,15 +178,15 @@ sslx_print_certificate (ssl_obj *ssl, Data *data, int pf)
_status = 0; _status = 0;
abort: abort:
#ifdef OPENSSL #ifdef OPENSSL
if(x) X509_free(x); if(x)
X509_free(x);
#endif #endif
if(_status && cert_obj) json_object_put(cert_obj); if(_status && cert_obj)
json_object_put(cert_obj);
return (_status); return (_status);
} }
int int sslx_print_dn(ssl_obj *ssl, Data *data, int pf) {
sslx_print_dn (ssl_obj *ssl, Data *data, int pf)
{
UCHAR buf[BUFSIZE]; UCHAR buf[BUFSIZE];
int _status; int _status;
UCHAR *d = data->data; UCHAR *d = data->data;
@ -198,9 +196,8 @@ sslx_print_dn (ssl_obj *ssl, Data *data, int pf)
P_(pf){ P_(pf){
#ifdef OPENSSL #ifdef OPENSSL
P_(P_ASN){ P_(P_ASN){if(!(n = d2i_X509_NAME(0, (const unsigned char **)&d,
if(!(n=d2i_X509_NAME(0,(const unsigned char **) &d,data->len))) data->len))) ABORT(R_BAD_DATA);
ABORT(R_BAD_DATA);
X509_NAME_oneline(n, (char *)buf, BUFSIZE); X509_NAME_oneline(n, (char *)buf, BUFSIZE);
sslx__print_dn(ssl, (char *)buf); sslx__print_dn(ssl, (char *)buf);
} }
@ -220,12 +217,11 @@ sslx_print_dn (ssl_obj *ssl, Data *data, int pf)
return (_status); return (_status);
} }
static int static int sslx__print_dn(ssl_obj *ssl, char *x) {
sslx__print_dn (ssl_obj *ssl, char *x)
{
char *slash; char *slash;
if(*x=='/') x++; if(*x == '/')
x++;
while(x) { while(x) {
if((slash = strchr(x, '/'))) { if((slash = strchr(x, '/'))) {
@ -241,9 +237,7 @@ sslx__print_dn (ssl_obj *ssl, char *x)
} }
#ifdef OPENSSL #ifdef OPENSSL
static int static int sslx__print_serial(ssl_obj *ssl, ASN1_INTEGER *a) {
sslx__print_serial (ssl_obj *ssl, ASN1_INTEGER *a)
{
Data d; Data d;
if(a->length == 0) if(a->length == 0)

5
ssl/sslxprint.h
View file

@ -35,7 +35,8 @@
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH
DAMAGE.
$Id: sslxprint.h,v 1.2 2000/10/17 16:10:02 ekr Exp $ $Id: sslxprint.h,v 1.2 2000/10/17 16:10:02 ekr Exp $
@ -43,7 +44,6 @@
ekr@rtfm.com Thu Mar 25 21:23:34 1999 ekr@rtfm.com Thu Mar 25 21:23:34 1999
*/ */
#ifndef _sslxprint_h #ifndef _sslxprint_h
#define _sslxprint_h #define _sslxprint_h
@ -51,4 +51,3 @@ int sslx_print_certificate PROTO_LIST((ssl_obj *ssl,Data *data,int pf));
int sslx_print_dn PROTO_LIST((ssl_obj * ssl, Data *data, int pf)); int sslx_print_dn PROTO_LIST((ssl_obj * ssl, Data *data, int pf));
#endif #endif