support session ticketv2.0.1

5 files changed, 12 insertions, 6 deletions

diff --git a/src/SSL_Analyze.c b/src/SSL_Analyze.c
index 7e93981..5b5d63f 100644
--- a/src/SSL_Analyze.c
+++ b/src/SSL_Analyze.c
@@ -43,7 +43,7 @@ extern "C"
 
 ssl_prog_runtime_parameter_t 	g_ssl_prog_para;
 
-int SSL_VERSION_1_20210428 = 0;
+int SSL_VERSION_1_20210529 = 0;
 
 void ssl_history()
 {
@@ -100,6 +100,7 @@ void ssl_history()
 //2021-02-07 V0.2 add SSLSubKey
 //2021-04-17 V0.2 support esni
 //2021-04-28 V0.2 add certlen for each cert
+//2021-05-29 V0.2 add SSLSerialNumLen
 
 
 
diff --git a/src/SSL_Certificate.c b/src/SSL_Certificate.c
index ee50ded..8ffbbc9 100644
--- a/src/SSL_Certificate.c
+++ b/src/SSL_Certificate.c
@@ -310,7 +310,7 @@ UCHAR ssl_AnalyseCertificate(char *pcSslCertificateData, int iDataLen, ssl_strea
 		{
 			dictator_free(thread_seq,a_ssl_stream->stSSLCert->SSLSubKey);
 			a_ssl_stream->stSSLCert->SSLSubKey = NULL;
-		}
+		}		
 #if PRINTF_CERTIFICATE
 		cert_log(a_ssl_stream); 		
 #endif 		
@@ -1058,9 +1058,10 @@ UCHAR  fn_pGetSSLInfo(char *pcCert, int iLen, ssl_stream *a_ssl_stream,  struct
 		/*serial num*/
 		if(NULL!=x509_handle->cert_info->serialNumber)
 		{
+			a_ssl_stream->stSSLCert->SSLSerialNumLen = x509_handle->cert_info->serialNumber->length;
 			memcpy(a_ssl_stream->stSSLCert->SSLSerialNum, 
 					x509_handle->cert_info->serialNumber->data, 
-					x509_handle->cert_info->serialNumber->length);
+					MIN(x509_handle->cert_info->serialNumber->length,sizeof(a_ssl_stream->stSSLCert->SSLSerialNum)));
 		}		
 
 		/*SSL AgID*/		
diff --git a/src/ssl.h b/src/ssl.h
index 2abb743..270fc4f 100644
--- a/src/ssl.h
+++ b/src/ssl.h
@@ -5,7 +5,7 @@
 #include <stdio.h>
 #include <string.h>
 
-#define SSH_H_VERSION_20201202_ADD_SESSION_TICKET		0
+#define SSH_H_VERSION_20210529_SSLSerialNumLen		0
 
 #define SSL_KEY 									3
 #define SSL_TRUE 								1
@@ -195,7 +195,7 @@ typedef struct _st_cert_t
 {
 	int 					totallen;
 	int 					certlen;
-	char 					SSLVersion[10];   
+	char 					SSLVersion[10]; 	
 	char 					SSLSerialNum[128];
 	char 					SSLAgID [64];     
 	char 					SSLIssuer[512];  	
@@ -213,6 +213,7 @@ typedef struct _st_cert_t
 	uint8_t 				cert_type;
 	unsigned char*			SSLSubKey;
 	int						SSLSubKeyLen;	
+	uint8_t 				SSLSerialNumLen;
 }st_cert_t;
 
 //#############################################certificate end
diff --git a/src/ssl_update.txt b/src/ssl_update.txt
index 0817dce..2bf284a 100644
--- a/src/ssl_update.txt
+++ b/src/ssl_update.txt
@@ -13,6 +13,9 @@ https://blog.csdn.net/liujiayu2/article/details/51860172
 
 bug�͹����޸���ʷ
 *************************************************
+20210529
+����SSLSerialNumLen
+*************************************************
 20210417
 ֧��esni�ֶε���ȡ
 *************************************************
diff --git a/src/tool/test_cert/test_cert.c b/src/tool/test_cert/test_cert.c
index ffd2f17..1a660eb 100644
--- a/src/tool/test_cert/test_cert.c
+++ b/src/tool/test_cert/test_cert.c
@@ -60,7 +60,7 @@ typedef struct _st_cert_t
 	char 					SSLSubO[64]; //organize
 	char 					SSLSubCN[64];//cname		
 	st_san_t* 				SSLSubAltName;  
-	uint8_t 				cert_type;
+	uint8_t 				cert_type;	
 }st_cert_t;
 
 int BtoL3BytesNum(char *pcData)