Changeset 372 for asp3_tinet_ecnl_arm/trunk/wolfssl-3.12.2/src/sniffer.c
- Timestamp:
- Feb 7, 2019, 8:36:33 AM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
asp3_tinet_ecnl_arm/trunk/wolfssl-3.12.2/src/sniffer.c
r352 r372 246 246 /* 81 */ 247 247 "Bad Decrypt Size", 248 "Extended Master Secret Hash Error" 248 "Extended Master Secret Hash Error", 249 "Handshake Message Split Across TLS Records" 249 250 }; 250 251 … … 253 254 static void GetError(int idx, char* str) 254 255 { 255 XSTRNCPY(str, msgTable[idx - 1], MAX_ERROR_LEN); 256 XSTRNCPY(str, msgTable[idx - 1], MAX_ERROR_LEN-1); 257 str[MAX_ERROR_LEN-1] = '\0'; 256 258 } 257 259 … … 1016 1018 1017 1019 1020 /* Show SSLInfo if provided and is valid. */ 1021 static void TraceSessionInfo(SSLInfo* sslInfo) 1022 { 1023 if (TraceOn) { 1024 if (sslInfo != NULL && sslInfo->isValid) { 1025 fprintf(TraceFile, 1026 "\tver:(%u %u) suiteId:(%02x %02x) suiteName:(%s)\n", 1027 sslInfo->protocolVersionMajor, 1028 sslInfo->protocolVersionMinor, 1029 sslInfo->serverCipherSuite0, 1030 sslInfo->serverCipherSuite, 1031 sslInfo->serverCipherSuiteName); 1032 } 1033 } 1034 } 1035 1036 1018 1037 /* Set user error string */ 1019 1038 static void SetError(int idx, char* error, SnifferSession* session, int fatal) … … 1166 1185 file = XFOPEN(keyFile, "rb"); 1167 1186 if (file == XBADFILE) return -1; 1168 XFSEEK(file, 0, XSEEK_END);1187 if(XFSEEK(file, 0, XSEEK_END) != 0) return -1; 1169 1188 fileSz = XFTELL(file); 1170 1189 XREWIND(file); … … 1190 1209 ret = -1; 1191 1210 if (saveBuf != NULL) { 1192 saveBufSz = w olfSSL_KeyPemToDer(loadBuf, (int)fileSz,1211 saveBufSz = wc_KeyPemToDer(loadBuf, (int)fileSz, 1193 1212 saveBuf, (int)fileSz, password); 1194 1213 if (saveBufSz < 0) { … … 1249 1268 1250 1269 namedKey->nameSz = (word32)XSTRLEN(name); 1251 XSTRNCPY(namedKey->name, name, sizeof(namedKey->name)); 1252 if (namedKey->nameSz >= sizeof(namedKey->name)) { 1270 if (namedKey->nameSz > sizeof(namedKey->name)-1) 1253 1271 namedKey->nameSz = sizeof(namedKey->name) - 1; 1254 namedKey->name[namedKey->nameSz] = '\0';1255 }1272 XSTRNCPY(namedKey->name, name, namedKey->nameSz); 1273 namedKey->name[MAX_SERVER_NAME-1] = '\0'; 1256 1274 1257 1275 ret = LoadKeyFile(&namedKey->key, &namedKey->keySz, … … 1289 1307 sniffer->port = port; 1290 1308 1291 sniffer->ctx = SSL_CTX_new(TLSv1_ client_method());1309 sniffer->ctx = SSL_CTX_new(TLSv1_2_client_method()); 1292 1310 if (!sniffer->ctx) { 1293 1311 SetError(MEMORY_STR, error, NULL, 0); … … 1302 1320 if (name == NULL) { 1303 1321 if (password) { 1322 #ifdef WOLFSSL_ENCRYPTED_KEYS 1304 1323 SSL_CTX_set_default_passwd_cb(sniffer->ctx, SetPassword); 1305 1324 SSL_CTX_set_default_passwd_cb_userdata( 1306 1325 sniffer->ctx, (void*)password); 1326 #endif 1307 1327 } 1308 1328 ret = SSL_CTX_use_PrivateKey_file(sniffer->ctx, keyFile, type); … … 1829 1849 NamedKey* namedKey; 1830 1850 1831 if (nameSz > = sizeof(name))1851 if (nameSz > sizeof(name) - 1) 1832 1852 nameSz = sizeof(name) - 1; 1833 1853 name[nameSz] = 0; … … 2059 2079 2060 2080 if (*sslBytes < size) { 2061 SetError(HANDSHAKE_INPUT_STR, error, session, FATAL_ERROR_STATE); 2062 return -1; 2081 Trace(SPLIT_HANDSHAKE_MSG_STR); 2082 *sslBytes = 0; 2083 return ret; 2063 2084 } 2064 2085 … … 3462 3483 3463 3484 3485 /* Copies the session's infomation to the provided sslInfo. Skip copy if 3486 * SSLInfo is not provided. */ 3487 static void CopySessionInfo(SnifferSession* session, SSLInfo* sslInfo) 3488 { 3489 if (NULL != sslInfo) { 3490 XMEMSET(sslInfo, 0, sizeof(SSLInfo)); 3491 3492 /* Pass back Session Info after we have processed the Server Hello. */ 3493 if (0 != session->sslServer->options.cipherSuite) { 3494 const char* pCipher; 3495 3496 sslInfo->isValid = 1; 3497 sslInfo->protocolVersionMajor = session->sslServer->version.major; 3498 sslInfo->protocolVersionMinor = session->sslServer->version.minor; 3499 sslInfo->serverCipherSuite0 = 3500 session->sslServer->options.cipherSuite0; 3501 sslInfo->serverCipherSuite = 3502 session->sslServer->options.cipherSuite; 3503 3504 pCipher = wolfSSL_get_cipher(session->sslServer); 3505 if (NULL != pCipher) { 3506 XSTRNCPY((char*)sslInfo->serverCipherSuiteName, pCipher, 3507 sizeof(sslInfo->serverCipherSuiteName)); 3508 sslInfo->serverCipherSuiteName 3509 [sizeof(sslInfo->serverCipherSuiteName) - 1] = '\0'; 3510 } 3511 TraceSessionInfo(sslInfo); 3512 } 3513 } 3514 } 3515 3516 3464 3517 /* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */ 3465 3518 /* returns Number of bytes on success, 0 for no data yet, and -1 on error */ 3466 int ssl_DecodePacket(const byte* packet, int length, byte** data, char* error) 3519 static int ssl_DecodePacketInternal(const byte* packet, int length, 3520 byte** data, SSLInfo* sslInfo, char* error) 3467 3521 { 3468 3522 TcpInfo tcpInfo; … … 3497 3551 if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1; 3498 3552 CheckFinCapture(&ipInfo, &tcpInfo, session); 3553 3554 CopySessionInfo(session, sslInfo); 3555 3499 3556 return ret; 3557 } 3558 3559 3560 /* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */ 3561 /* returns Number of bytes on success, 0 for no data yet, and -1 on error */ 3562 /* Also returns Session Info if available */ 3563 int ssl_DecodePacketWithSessionInfo(const unsigned char* packet, int length, 3564 unsigned char** data, SSLInfo* sslInfo, char* error) 3565 { 3566 return ssl_DecodePacketInternal(packet, length, data, sslInfo, error); 3567 } 3568 3569 3570 /* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */ 3571 /* returns Number of bytes on success, 0 for no data yet, and -1 on error */ 3572 int ssl_DecodePacket(const byte* packet, int length, byte** data, char* error) 3573 { 3574 return ssl_DecodePacketInternal(packet, length, data, NULL, error); 3500 3575 } 3501 3576
Note:
See TracChangeset
for help on using the changeset viewer.