osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

SSL keys configuration can be read from file 

svn path=/trunk/; revision=20108
This commit is contained in:
Tomas Kukosa 2006-12-11 08:47:38 +00:00
parent a46a240662
commit 9f6a4d9f27
2 changed files with 33 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
epan/dissectors/packet-ssl-utils.c
View File

@ -1600,7 +1600,7 @@ ssl_parse_key_list(const gchar * keys_list, GHashTable *key_hash, GTree* associa
addr = start;
/* split ip/file couple with ';' separator*/
end = strchr(start, ';');
end = strpbrk(start, ";\n\r");
if (end) {
*end = 0;
start = end+1;
@ -1612,7 +1612,7 @@ ssl_parse_key_list(const gchar * keys_list, GHashTable *key_hash, GTree* associa
if (!port)
{
ssl_debug_printf("ssl_init entry malformed can't find port in %s\n", addr);
break;
continue;
}
*port = 0;
port++;
@ -1621,7 +1621,7 @@ ssl_parse_key_list(const gchar * keys_list, GHashTable *key_hash, GTree* associa
if (!protocol)
{
ssl_debug_printf("ssl_init entry malformed can't find protocol in %s\n", port);
break;
continue;
}
*protocol=0;
protocol++;
@ -1630,7 +1630,7 @@ ssl_parse_key_list(const gchar * keys_list, GHashTable *key_hash, GTree* associa
if (!filename)
{
ssl_debug_printf("ssl_init entry malformed can't find filename in %s\n", port);
break;
continue;
}
*filename=0;
filename++;
@ -1649,14 +1649,14 @@ ssl_parse_key_list(const gchar * keys_list, GHashTable *key_hash, GTree* associa
fp = fopen(filename, "rb");
if (!fp) {
fprintf(stderr, "can't open file %s \n",filename);
break;
continue;
}
private_key = ssl_load_key(fp);
if (!private_key) {
fprintf(stderr,"can't load private key from %s\n",
filename);
break;
continue;
}
fclose(fp);

31
epan/dissectors/packet-ssl.c
View File

@ -95,6 +95,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
#ifdef HAVE_SYS_SOCKET_H
@ -109,6 +110,8 @@
#include <epan/dissectors/packet-x509af.h>
#include <epan/emem.h>
#include <epan/tap.h>
#include <epan/filesystem.h>
#include <epan/report_err.h>
#include "packet-ssl.h"
#include "packet-ssl-utils.h"
@ -243,6 +246,10 @@ ssl_parse(void)
{
ep_stack_t tmp_stack;
SslAssociation *tmp_assoc;
FILE *ssl_keys_file;
struct stat statb;
size_t size;
gchar *tmp_buf;
ssl_set_debug(ssl_debug_file_name);
@ -264,7 +271,22 @@ ssl_parse(void)
if (ssl_keys_list && (ssl_keys_list[0] != 0))
{
ssl_parse_key_list(ssl_keys_list,ssl_key_hash,ssl_associations,ssl_handle,TRUE);
if (file_exists(ssl_keys_list)) {
if ((ssl_keys_file = fopen(ssl_keys_list, "r"))) {
fstat(fileno(ssl_keys_file), &statb);
size = statb.st_size;
tmp_buf = ep_alloc0(size + 1);
fread(tmp_buf, size, 1, ssl_keys_file);
tmp_buf[size] = '\0';
fclose(ssl_keys_file);
ssl_parse_key_list(tmp_buf,ssl_key_hash,ssl_associations,ssl_handle,TRUE);
} else {
report_open_failure(ssl_keys_list, errno, FALSE);
}
} else {
ssl_parse_key_list(ssl_keys_list,ssl_key_hash,ssl_associations,ssl_handle,TRUE);
}
}
}
@ -3735,9 +3757,10 @@ proto_register_ssl(void)
&ssl_desegment_app_data);
#ifdef HAVE_LIBGNUTLS
prefs_register_string_preference(ssl_module, "keys_list", "RSA keys list",
"semicolon separated list of private RSA keys used for SSL decryption; "
"each list entry must be in the form of <ip>,<port>,<protocol>,<key_file_name>"
"<key_file_name> is the local file name of the RSA private key used by the specified server\n",
"semicolon separated list of private RSA keys used for SSL decryption;\n"
"each list entry must be in the form of <ip>,<port>,<protocol>,<key_file_name>\n"
"<key_file_name> is the local file name of the RSA private key used by the specified server\n"
"(or name of the file containig such a list)",
(const gchar **)&ssl_keys_list);
prefs_register_string_preference(ssl_module, "debug_file", "SSL debug file",
"redirect ssl debug to file name; leave empty to disable debug, "