forked from osmocom/wireshark
Paolo Abeni:
The attached patch cleanup the debug infrastructure for ssl dissector. Debug messages are by default off and can be enabled via the ssl dissector preference. Debug output can be directed to stderr or file. svn path=/trunk/; revision=17253
This commit is contained in:
parent
fcf7b3789c
commit
b55002ab8d
|
@ -1180,22 +1180,10 @@ void ssl_free_key(SSL_PRIVATE_KEY* key)
|
|||
#endif
|
||||
}
|
||||
|
||||
#ifdef SSL_DECRYPT_DEBUG
|
||||
static FILE* myout=NULL;
|
||||
#endif
|
||||
void
|
||||
ssl_lib_init(void)
|
||||
{
|
||||
gnutls_global_init();
|
||||
|
||||
#ifdef SSL_DECRYPT_DEBUG
|
||||
#ifdef _WIN32
|
||||
/* we don't have standard I/O file available, open a log */
|
||||
myout = fopen("ssl-decrypt.txt","w");
|
||||
if (!myout)
|
||||
#endif /* _WIN32 */
|
||||
myout = stderr;
|
||||
#endif /* SSL_DECRYPT_DEBUG */
|
||||
}
|
||||
|
||||
#else /* HAVE_LIBGNUTLS */
|
||||
|
@ -1268,41 +1256,70 @@ ssl_session_init(SslDecryptSession* ssl_session)
|
|||
}
|
||||
|
||||
#ifdef SSL_DECRYPT_DEBUG
|
||||
|
||||
static FILE* ssl_debug_file=NULL;
|
||||
|
||||
void
|
||||
ssl_set_debug(char* name)
|
||||
{
|
||||
static int debug_file_must_be_closed = 0;
|
||||
int use_stderr = name?(strcmp(name, SSL_DEBUG_USE_STDERR) == 0):0;
|
||||
|
||||
if (debug_file_must_be_closed)
|
||||
fclose(ssl_debug_file);
|
||||
if (use_stderr)
|
||||
ssl_debug_file = stderr;
|
||||
else if (!name || (strcmp(name, "") ==0))
|
||||
ssl_debug_file = NULL;
|
||||
else
|
||||
ssl_debug_file = fopen(name, "w");
|
||||
if (!use_stderr && ssl_debug_file)
|
||||
debug_file_must_be_closed = 1;
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
ssl_debug_printf(const char* fmt, ...)
|
||||
{
|
||||
va_list ap;
|
||||
int ret=0;
|
||||
va_start(ap, fmt);
|
||||
ret += vfprintf(myout, fmt, ap);
|
||||
va_end(ap);
|
||||
fflush(myout);
|
||||
va_list ap;
|
||||
int ret=0;
|
||||
if (!ssl_debug_file)
|
||||
return;
|
||||
|
||||
va_start(ap, fmt);
|
||||
ret += vfprintf(ssl_debug_file, fmt, ap);
|
||||
va_end(ap);
|
||||
fflush(ssl_debug_file);
|
||||
}
|
||||
|
||||
void
|
||||
ssl_print_text_data(const char* name, const unsigned char* data, int len)
|
||||
{
|
||||
int i;
|
||||
fprintf(myout,"%s: ",name);
|
||||
if (!ssl_debug_file)
|
||||
return;
|
||||
fprintf(ssl_debug_file,"%s: ",name);
|
||||
for (i=0; i< len; i++) {
|
||||
fprintf(myout,"%c",data[i]);
|
||||
fprintf(ssl_debug_file,"%c",data[i]);
|
||||
}
|
||||
fprintf(myout,"\n");
|
||||
fflush(myout);
|
||||
fprintf(ssl_debug_file,"\n");
|
||||
fflush(ssl_debug_file);
|
||||
}
|
||||
|
||||
void
|
||||
ssl_print_data(const char* name, const unsigned char* data, int len)
|
||||
{
|
||||
int i;
|
||||
fprintf(myout,"%s[%d]:\n",name, len);
|
||||
if (!ssl_debug_file)
|
||||
return;
|
||||
fprintf(ssl_debug_file,"%s[%d]:\n",name, len);
|
||||
for (i=0; i< len; i++) {
|
||||
if ((i>0) && (i%16 == 0))
|
||||
fprintf(myout,"\n");
|
||||
fprintf(myout,"%.2x ",data[i]&255);
|
||||
fprintf(ssl_debug_file,"\n");
|
||||
fprintf(ssl_debug_file,"%.2x ",data[i]&255);
|
||||
}
|
||||
fprintf(myout,"\n");
|
||||
fflush(myout);
|
||||
fprintf(ssl_debug_file,"\n");
|
||||
fflush(ssl_debug_file);
|
||||
}
|
||||
|
||||
void
|
||||
|
|
|
@ -38,6 +38,7 @@
|
|||
|
||||
/* #define SSL_FAST 1 */
|
||||
#define SSL_DECRYPT_DEBUG
|
||||
#define SSL_DEBUG_USE_STDERR "-"
|
||||
|
||||
#define SSL_CIPHER_CTX gcry_cipher_hd_t
|
||||
#ifdef SSL_FAST
|
||||
|
@ -211,6 +212,8 @@ extern void
|
|||
ssl_print_string(const char* name, const StringInfo* data);
|
||||
extern void
|
||||
ssl_print_text_data(const char* name, const unsigned char* data, int len);
|
||||
extern void
|
||||
ssl_set_debug(char* name);
|
||||
#else
|
||||
|
||||
/* No debug: nullify debug operation*/
|
||||
|
@ -221,6 +224,8 @@ ssl_debug_printf(const char* fmt _U_,...)
|
|||
#define ssl_print_data(a, b, c)
|
||||
#define ssl_print_string(a, b)
|
||||
#define ssl_print_text_data(a, b, c)
|
||||
#define ssl_set_debug(name)
|
||||
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
|
|
@ -219,6 +219,7 @@ typedef struct {
|
|||
|
||||
static char* ssl_keys_list = NULL;
|
||||
static char* ssl_ports_list = NULL;
|
||||
static char* ssl_debug_file_name = NULL;
|
||||
|
||||
typedef struct _SslService {
|
||||
address addr;
|
||||
|
@ -340,7 +341,8 @@ ssl_association_remove_handle (gpointer key _U_,
|
|||
return 0;
|
||||
}
|
||||
|
||||
static inline int ssl_packet_from_server(unsigned int port)
|
||||
static inline int
|
||||
ssl_packet_from_server(unsigned int port)
|
||||
{
|
||||
register int ret = ssl_association_find(port) != 0;
|
||||
ssl_debug_printf("ssl_packet_from_server: is from server %d\n", ret);
|
||||
|
@ -348,7 +350,8 @@ static inline int ssl_packet_from_server(unsigned int port)
|
|||
}
|
||||
|
||||
/* initialize/reset per capture state data (ssl sessions cache) */
|
||||
static void ssl_init(void)
|
||||
static void
|
||||
ssl_init(void)
|
||||
{
|
||||
if (ssl_session_hash)
|
||||
g_hash_table_destroy(ssl_session_hash);
|
||||
|
@ -360,7 +363,8 @@ static void ssl_init(void)
|
|||
}
|
||||
|
||||
/* parse ssl related preferences (private keys and ports association strings) */
|
||||
static void ssl_parse(void)
|
||||
static void
|
||||
ssl_parse(void)
|
||||
{
|
||||
if (ssl_key_hash)
|
||||
{
|
||||
|
@ -497,6 +501,8 @@ static void ssl_parse(void)
|
|||
} while (end != NULL);
|
||||
free(tmp);
|
||||
}
|
||||
|
||||
ssl_set_debug(ssl_debug_file_name);
|
||||
|
||||
/* [re] add ssl dissection to defaults ports */
|
||||
ssl_association_add(443, 80, "Hypertext transfer protocol");
|
||||
|
@ -506,7 +512,8 @@ static void ssl_parse(void)
|
|||
}
|
||||
|
||||
/* store master secret into session data cache */
|
||||
static void ssl_save_session(SslDecryptSession* ssl)
|
||||
static void
|
||||
ssl_save_session(SslDecryptSession* ssl)
|
||||
{
|
||||
/* allocate stringinfo chunks for session id and master secret data*/
|
||||
StringInfo* session_id = se_alloc0(sizeof(StringInfo) + ssl->session_id.data_len);
|
||||
|
@ -522,7 +529,8 @@ static void ssl_save_session(SslDecryptSession* ssl)
|
|||
ssl_print_string("ssl_save_session stored master secret", master_secret);
|
||||
}
|
||||
|
||||
static void ssl_restore_session(SslDecryptSession* ssl)
|
||||
static void
|
||||
ssl_restore_session(SslDecryptSession* ssl)
|
||||
{
|
||||
StringInfo* ms = g_hash_table_lookup(ssl_session_hash, &ssl->session_id);
|
||||
if (!ms) {
|
||||
|
|
Loading…
Reference in New Issue