mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sniffer Logging

Browse Source 
1. Capture the SNI in the SSLInfo.
2. Save the private key length and capture it in the SSLInfo.
This commit is contained in:
John Safranek 2019-05-16 10:56:10 -07:00
parent 651087ab5a
commit 1781a9fd76
2 changed files with 34 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/sniffer.c
View File

@ -374,12 +374,16 @@ typedef struct SnifferSession {
FinCaputre finCaputre; /* retain out of order FIN s */
Flags flags; /* session flags */
time_t lastUsed; /* last used ticks */
word32 keySz; /* size of the private key */
PacketBuffer* cliReassemblyList; /* client out of order packets */
PacketBuffer* srvReassemblyList; /* server out of order packets */
word32 cliReassemblyMemory; /* client packet memory used */
word32 srvReassemblyMemory; /* server packet memory used */
struct SnifferSession* next; /* for hash table list */
byte* ticketID; /* mac ID of session ticket */
#ifdef HAVE_SNI
const char* sni; /* server name indication */
#endif
#ifdef HAVE_EXTENDED_MASTER
HsHashes* hash;
#endif
@ -1025,12 +1029,20 @@ static void TraceSessionInfo(SSLInfo* sslInfo)
if (TraceOn) {
if (sslInfo != NULL && sslInfo->isValid) {
fprintf(TraceFile,
"\tver:(%u %u) suiteId:(%02x %02x) suiteName:(%s)\n",
"\tver:(%u %u) suiteId:(%02x %02x) suiteName:(%s) "
#ifdef HAVE_SNI
"sni:(%s) "
#endif
"keySize:(%u)\n",
sslInfo->protocolVersionMajor,
sslInfo->protocolVersionMinor,
sslInfo->serverCipherSuite0,
sslInfo->serverCipherSuite,
sslInfo->serverCipherSuiteName);
sslInfo->serverCipherSuiteName,
#ifdef HAVE_SNI
sslInfo->serverNameIndication,
#endif
sslInfo->keySize);
}
}
}
@ -1537,6 +1549,10 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
}
if (ret == 0) {
session->keySz = length * 8;
/* length is the key size in bytes */
session->sslServer->arrays->preMasterSz = SECRET_LEN;
do {
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wc_AsyncWait(ret, &key.asyncDev,
@ -1545,7 +1561,7 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
if (ret >= 0) {
ret = wc_RsaPrivateDecrypt(input, length,
session->sslServer->arrays->preMasterSecret,
SECRET_LEN, &key);
session->sslServer->arrays->preMasterSz, &key);
}
} while (ret == WC_PENDING_E);
@ -1554,8 +1570,6 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
}
}
session->sslServer->arrays->preMasterSz = SECRET_LEN;
wc_FreeRsaKey(&key);
}
@ -1604,6 +1618,9 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
}
if (ret == 0) {
session->keySz = (length - 1) * 4;
/* The length is the key size in bytes, times 2 for the (x,y)
* coordinates, plus 1 for the type. */
session->sslServer->arrays->preMasterSz = ENCRYPT_LEN;
do {
@ -1953,6 +1970,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes,
FATAL_ERROR_STATE);
return -1;
}
session->sni = namedKey->name;
break;
}
else
@ -3608,6 +3626,15 @@ static void CopySessionInfo(SnifferSession* session, SSLInfo* sslInfo)
sslInfo->serverCipherSuiteName
[sizeof(sslInfo->serverCipherSuiteName) - 1] = '\0';
}
sslInfo->keySize = session->keySz;
#ifdef HAVE_SNI
if (NULL != session->sni) {
XSTRNCPY((char*)sslInfo->serverNameIndication,
session->sni, sizeof(sslInfo->serverNameIndication));
sslInfo->serverNameIndication
[sizeof(sslInfo->serverNameIndication) - 1] = '\0';
}
#endif
TraceSessionInfo(sslInfo);
}
}

2
wolfssl/sniffer.h
View File

@ -115,6 +115,8 @@ typedef struct SSLInfo
unsigned char serverCipherSuite; /* second byte, actual suite */
unsigned char serverCipherSuiteName[256];
/* cipher name, e.g., "TLS_RSA_..." */
unsigned char serverNameIndication[128];
unsigned int keySize;
} WOLFSSL_PACK SSLInfo;