Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-15 21:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Prepared the old analyzer for extracting SSL extensions.

Browse source
This commit is contained in:
Seth Hall 2011-01-19 11:46:35 -05:00
parent 7ffbac68a4
commit c7a5bf071d
3 changed files with 72 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

44
src/SSLCiphers.cc
View file

@ -319,52 +319,52 @@ SSL_CipherSpec SSL_CipherSpecs[] = {
168,
160
},
{ TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5,
{ TLS_DH_anon_EXPORT_WITH_RC4_40_MD5,
SSL_CIPHER_TYPE_STREAM,
SSL_FLAG_EXPORT | SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_RC4,
SSL_MAC_MD5,
SSL_KEY_EXCHANGE_DH_ANON_EXPORT,
SSL_KEY_EXCHANGE_DH_anon_EXPORT,
0,
40,
128
},
{ TLS_DH_ANON_WITH_RC4_128_MD5,
{ TLS_DH_anon_WITH_RC4_128_MD5,
SSL_CIPHER_TYPE_STREAM,
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_RC4,
SSL_MAC_MD5,
SSL_KEY_EXCHANGE_DH_ANON,
SSL_KEY_EXCHANGE_DH_anon,
0,
128,
128
},
{ TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA,
{ TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA,
SSL_CIPHER_TYPE_BLOCK,
SSL_FLAG_EXPORT | SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_DES40,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_DH_ANON,
SSL_KEY_EXCHANGE_DH_anon,
0,
40,
160
},
{ TLS_DH_ANON_WITH_DES_CBC_SHA,
{ TLS_DH_anon_WITH_DES_CBC_SHA,
SSL_CIPHER_TYPE_BLOCK,
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_DES,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_DH_ANON,
SSL_KEY_EXCHANGE_DH_anon,
0,
56,
160
},
{ TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA,
{ TLS_DH_anon_WITH_3DES_EDE_CBC_SHA,
SSL_CIPHER_TYPE_BLOCK,
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_3DES,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_DH_ANON,
SSL_KEY_EXCHANGE_DH_anon,
0,
168,
160
@ -522,12 +522,12 @@ SSL_CipherSpec SSL_CipherSpecs[] = {
128,
160
},
{ TLS_DH_ANON_WITH_AES_128_CBC_SHA,
{ TLS_DH_anon_WITH_AES_128_CBC_SHA,
SSL_CIPHER_TYPE_BLOCK,
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_AES,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_DH_ANON,
SSL_KEY_EXCHANGE_DH_anon,
0,
128,
160
@ -582,12 +582,12 @@ SSL_CipherSpec SSL_CipherSpecs[] = {
256,
160
},
{ TLS_DH_ANON_WITH_AES_256_CBC_SHA,
{ TLS_DH_anon_WITH_AES_256_CBC_SHA,
SSL_CIPHER_TYPE_BLOCK,
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_AES,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_DH_ANON,
SSL_KEY_EXCHANGE_DH_anon,
0,
256,
160
@ -647,7 +647,7 @@ SSL_CipherSpec SSL_CipherSpecs[] = {
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_CAMELLIA,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_DH_ANON,
SSL_KEY_EXCHANGE_DH_anon,
0,
128,
160
@ -707,7 +707,7 @@ SSL_CipherSpec SSL_CipherSpecs[] = {
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_CAMELLIA,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_DH_ANON,
SSL_KEY_EXCHANGE_DH_anon,
0,
256,
160
@ -917,7 +917,7 @@ SSL_CipherSpec SSL_CipherSpecs[] = {
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_3DES,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_ECDH_ANON,
SSL_KEY_EXCHANGE_ECDH_anon,
0,
168,
160
@ -927,7 +927,7 @@ SSL_CipherSpec SSL_CipherSpecs[] = {
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_AES,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_ECDH_ANON,
SSL_KEY_EXCHANGE_ECDH_anon,
0,
128,
160
@ -937,7 +937,7 @@ SSL_CipherSpec SSL_CipherSpecs[] = {
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_AES,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_ECDH_ANON,
SSL_KEY_EXCHANGE_ECDH_anon,
0,
256,
160
@ -947,7 +947,7 @@ SSL_CipherSpec SSL_CipherSpecs[] = {
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_NULL,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_ECDH_ANON,
SSL_KEY_EXCHANGE_ECDH_anon,
0,
0,
160
@ -957,7 +957,7 @@ SSL_CipherSpec SSL_CipherSpecs[] = {
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_RC4,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_ECDH_ANON,
SSL_KEY_EXCHANGE_ECDH_anon,
0,
128,
160
@ -1017,7 +1017,7 @@ SSL_CipherSpec SSL_CipherSpecs[] = {
SSL_FLAG_SSLv30 | SSL_FLAG_SSLv31,
SSL_CIPHER_SEED,
SSL_MAC_SHA,
SSL_KEY_EXCHANGE_DH_ANON,
SSL_KEY_EXCHANGE_DH_anon,
0,
128,
160

48
src/SSLCiphers.h
View file

@ -51,11 +51,11 @@ enum SSL3_1_CipherSpec {
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014,
TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015,
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016,
TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5 = 0x0017,
TLS_DH_ANON_WITH_RC4_128_MD5 = 0x0018,
TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA = 0x0019,
TLS_DH_ANON_WITH_DES_CBC_SHA = 0x001A,
TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA = 0x001B,
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017,
TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018,
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019,
TLS_DH_anon_WITH_DES_CBC_SHA = 0x001A,
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B,
// --- special SSLv3 ciphers
SSL_FORTEZZA_KEA_WITH_NULL_SHA = 0x001C,
SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 0x001D,
@ -82,13 +82,13 @@ enum SSL3_1_CipherSpec {
TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033,
TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034,
TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034,
TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035,
TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036,
TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039,
TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A,
TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A,
TLS_RSA_WITH_NULL_SHA256 = 0x003B,
TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C,
TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D,
@ -101,7 +101,7 @@ enum SSL3_1_CipherSpec {
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0043,
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0044,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0045,
TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA = 0x0046,
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = 0x0046,
// -- Non-RFC. Widely deployed implementation (ciphers not fully described in SSLCiphers.cc)
TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = 0x0060,
TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = 0x0061,
@ -116,15 +116,15 @@ enum SSL3_1_CipherSpec {
TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B,
TLS_DH_ANON_WITH_AES_128_CBC_SHA256 = 0x006C,
TLS_DH_ANON_WITH_AES_256_CBC_SHA256 = 0x006D,
TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C,
TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D,
// -- RFC 5932
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0084,
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0085,
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0086,
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0087,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088,
TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA = 0x0089,
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = 0x0089,
// -- RFC 4279 (ciphers not fully described in SSLCiphers.cc)
TLS_PSK_WITH_RC4_128_SHA = 0x008A,
TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B,
@ -144,7 +144,7 @@ enum SSL3_1_CipherSpec {
TLS_DH_RSA_WITH_SEED_CBC_SHA = 0x0098,
TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099,
TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A,
TLS_DH_ANON_WITH_SEED_CBC_SHA = 0x009B,
TLS_DH_anon_WITH_SEED_CBC_SHA = 0x009B,
// -- RFC 5288 (ciphers not fully described in SSLCiphers.cc)
TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C,
TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D,
@ -156,8 +156,8 @@ enum SSL3_1_CipherSpec {
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3,
TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4,
TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5,
TLS_DH_ANON_WITH_AES_128_GCM_SHA256 = 0x00A6,
TLS_DH_ANON_WITH_AES_256_GCM_SHA384 = 0x00A7,
TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6,
TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7,
// -- RFC 5487 (ciphers not fully described in SSLCiphers.cc)
TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8,
TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9,
@ -183,13 +183,13 @@ enum SSL3_1_CipherSpec {
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BC,
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BD,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BE,
TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BF,
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BF,
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C0,
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C1,
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C2,
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C3,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C4,
TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5,
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5,
// -- RFC 4492
TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001,
TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002,
@ -211,11 +211,11 @@ enum SSL3_1_CipherSpec {
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014,
TLS_ECDH_ANON_WITH_NULL_SHA = 0xC015,
TLS_ECDH_ANON_WITH_RC4_128_SHA = 0xC016,
TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA = 0xC017,
TLS_ECDH_ANON_WITH_AES_128_CBC_SHA = 0xC018,
TLS_ECDH_ANON_WITH_AES_256_CBC_SHA = 0xC019,
TLS_ECDH_anon_WITH_NULL_SHA = 0xC015,
TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016,
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017,
TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018,
TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019,
// -- RFC 5054 (ciphers not fully described in SSLCiphers.cc)
TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A,
TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B,
@ -299,8 +299,8 @@ enum SSL_KeyExchangeAlgorithm {
SSL_KEY_EXCHANGE_DHE_DSS_EXPORT,
SSL_KEY_EXCHANGE_DHE_RSA,
SSL_KEY_EXCHANGE_DHE_RSA_EXPORT,
SSL_KEY_EXCHANGE_DH_ANON,
SSL_KEY_EXCHANGE_DH_ANON_EXPORT,
SSL_KEY_EXCHANGE_DH_anon,
SSL_KEY_EXCHANGE_DH_anon_EXPORT,
SSL_KEY_EXCHANGE_FORTEZZA_KEA,
// --- new 56 bit export ciphers
SSL_KEY_EXCHANGE_RSA_EXPORT1024,
@ -310,7 +310,7 @@ enum SSL_KeyExchangeAlgorithm {
SSL_KEY_EXCHANGE_ECDHE_ECDSA,
SSL_KEY_EXCHANGE_ECDH_RSA,
SSL_KEY_EXCHANGE_ECDHE_RSA,
SSL_KEY_EXCHANGE_ECDH_ANON,
SSL_KEY_EXCHANGE_ECDH_anon,
};
#if 0

46
src/SSLv3.cc
View file

@ -195,7 +195,7 @@ void SSLv3_Interpreter::printStats()
printf( "SSLv3x:\n" );
printf( "Note: Because handshake messages may be coalesced into a \n");
printf( " single SSLv3x record, the number of total messages for SSLv3x plus \n");
printf( " the number of total records seen for SSLv2 won't match \n");
printf( " the number of total records seen for SSLv3 won't match \n");
printf( " SSLProxy_Analyzer::totalRecords! \n");
printf( "total connections = %u\n", totalConnections );
printf( "opened connections (complete handshake) = %u\n", openedConnections );
@ -554,7 +554,7 @@ void SSLv3_Interpreter::DeliverSSLv3_Record(SSLv3_HandshakeRecord* rec)
}
else
{
if ( keyXAlgorithm == SSL_KEY_EXCHANGE_DH || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_DSS || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_DSS_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_RSA || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_RSA_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_RSA || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_RSA_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_ANON || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_ANON_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS_EXPORT1024 )
if ( keyXAlgorithm == SSL_KEY_EXCHANGE_DH || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_DSS || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_DSS_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_RSA || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_RSA_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_RSA || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_RSA_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_anon || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_anon_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS_EXPORT1024 )
{
if ( rec->length < 2 )
{
@ -595,11 +595,11 @@ void SSLv3_Interpreter::DeliverSSLv3_Record(SSLv3_HandshakeRecord* rec)
switch (cipherSuite)
{
case TLS_NULL_WITH_NULL_NULL:
case TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5:
case TLS_DH_ANON_WITH_RC4_128_MD5:
case TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA:
case TLS_DH_ANON_WITH_DES_CBC_SHA:
case TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA:
case TLS_DH_anon_EXPORT_WITH_RC4_40_MD5:
case TLS_DH_anon_WITH_RC4_128_MD5:
case TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA:
case TLS_DH_anon_WITH_DES_CBC_SHA:
case TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
{
Weird("SSLv3x: Sending certificate-request not allowed for anonymous servers!");
break;
@ -618,7 +618,7 @@ void SSLv3_Interpreter::DeliverSSLv3_Record(SSLv3_HandshakeRecord* rec)
break;
}
if ( pCipherSuite->keyExchangeAlgorithm == SSL_KEY_EXCHANGE_DH_ANON || pCipherSuite->keyExchangeAlgorithm == SSL_KEY_EXCHANGE_DH_ANON_EXPORT )
if ( pCipherSuite->keyExchangeAlgorithm == SSL_KEY_EXCHANGE_DH_anon || pCipherSuite->keyExchangeAlgorithm == SSL_KEY_EXCHANGE_DH_anon_EXPORT )
Weird("SSLv3x: Sending certificate-request not allowed for anonymous servers!");
// FIXME: Insert weird checks!
@ -654,7 +654,7 @@ void SSLv3_Interpreter::DeliverSSLv3_Record(SSLv3_HandshakeRecord* rec)
}
else
{
if ( keyXAlgorithm == SSL_KEY_EXCHANGE_DH || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_DSS || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_DSS_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_RSA || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_RSA_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_RSA || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_RSA_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_ANON || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_ANON_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS_EXPORT1024 )
if ( keyXAlgorithm == SSL_KEY_EXCHANGE_DH || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_DSS || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_DSS_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_RSA || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_RSA_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_RSA || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_RSA_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_anon || keyXAlgorithm == SSL_KEY_EXCHANGE_DH_anon_EXPORT || keyXAlgorithm == SSL_KEY_EXCHANGE_DHE_DSS_EXPORT1024 )
{
if ( rec->length < 2 )
{
@ -1328,7 +1328,9 @@ int SSLv3_HandshakeRecord::checkClientHello()
version != SSLProxy_Analyzer::SSLv31 )
endp->Interpreter()->Weird("SSLv3x: Corrupt version information in Client hello!");
uint8 sessionIDLength = uint8(data[38]);
uint16 offset = 38;
uint8 sessionIDLength = uint8(data[offset]);
offset += (1 + sessionIDLength);
if ( sessionIDLength > 32 )
{
endp->Interpreter()->Weird("SSLv3x: SessionID too long in Client hello!");
@ -1336,33 +1338,37 @@ int SSLv3_HandshakeRecord::checkClientHello()
}
uint16 cipherSuiteLength =
uint16(data[39 + sessionIDLength] << 8 ) |
data[40 + sessionIDLength];
uint16(data[offset] << 8) | data[offset+1];
offset += (2 + cipherSuiteLength);
if ( cipherSuiteLength < 2 )
endp->Interpreter()->Weird("SSLv3x: CipherSuite length too small!");
if ( cipherSuiteLength + sessionIDLength + 41 > recordLength )
if ( offset > recordLength )
{
endp->Interpreter()->Weird("SSLv3x: Client hello too small, corrupt length fields!");
return 0;
}
uint8 compressionMethodLength =
uint8(data[41 + sessionIDLength + cipherSuiteLength]);
uint8 compressionMethodLength = uint8(data[offset]);
offset += (1 + compressionMethodLength);
if ( compressionMethodLength < 1 )
endp->Interpreter()->Weird("SSLv3x: CompressionMethod length too small!");
if ( sessionIDLength + cipherSuiteLength +
compressionMethodLength + 38 != length )
if ( offset != length )
{
uint16 sslExtensionsLength =
uint16(data[41 + sessionIDLength + cipherSuiteLength + compressionMethodLength + 1 ] << 8 ) | data[41 + sessionIDLength + cipherSuiteLength + compressionMethodLength + 2 ];
uint16(data[offset] << 8 ) | data[offset+1];
offset += 2;
if ( sslExtensionsLength < 4 )
endp->Interpreter()->Weird("SSLv3x: Extensions length too small!");
if ( sessionIDLength + cipherSuiteLength +
compressionMethodLength + 2 + sslExtensionsLength + 38 != length )
// TODO: extract SSL extensions here
offset += sslExtensionsLength;
if ( offset != length+4 )
{
endp->Interpreter()->Weird("SSLv3x: Corrupt length fields in Client hello!");
return 0;