summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.gitignore2
-rw-r--r--ci/travis.sh7
-rw-r--r--src/SSL_Message.c20
-rw-r--r--test/CMakeLists.txt1
-rw-r--r--test/pcap/extensions_exceed_16/1-ssl.ex.exceed16-192.168.64.8.53446-185.63.190.2.443.pcapbin0 -> 24631 bytes
-rw-r--r--test/pcap/extensions_exceed_16/extensions_exceed_16_result.json10
6 files changed, 23 insertions, 17 deletions
diff --git a/.gitignore b/.gitignore
index d8d0064..19b1542 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,4 @@
.vscode/
-build/
+build*/
cmake-build-*/
ssl.si4project/
diff --git a/ci/travis.sh b/ci/travis.sh
index 80df870..13fb857 100644
--- a/ci/travis.sh
+++ b/ci/travis.sh
@@ -66,10 +66,3 @@ if [ -n "${UPLOAD_RPM}" ]; then
cp ~/rpm_upload_tools.py ./
python3 rpm_upload_tools.py ${PULP3_REPO_NAME} ${PULP3_DIST_NAME} *.rpm
fi
-
-if [ -n "${UPLOAD_SYMBOL_FILES}" ]; then
- rpm -i $SYMBOL_TARGET*debuginfo*.rpm
- _symbol_file=`find /usr/lib/debug/ -name "$SYMBOL_TARGET*.so*.debug"`
- cp $_symbol_file ${_symbol_file}info.${CI_COMMIT_SHORT_SHA}
- sentry-cli upload-dif -t elf ${_symbol_file}info.${CI_COMMIT_SHORT_SHA}
-fi
diff --git a/src/SSL_Message.c b/src/SSL_Message.c
index d4e81b2..d3bff89 100644
--- a/src/SSL_Message.c
+++ b/src/SSL_Message.c
@@ -372,37 +372,39 @@ int ssl_parse_client_hello(struct ssl_client_hello *chello, unsigned char *paylo
chello->extensions.len=(unsigned short)BtoL2BytesNum((const char *)(payload+offset));
offset+=sizeof(chello->extensions.len);
- for(int i=0; payload_len-offset >= 4 && i < MAX_EXTENSION_NUM; i++) // min len of ext is 4 byte
+ int ex_offset=0;
+ for(int i=0; payload_len-offset >= 4 && ex_offset < MAX_EXTENSION_NUM; i++) // min len of ext is 4 byte
{
- one_ltv=ssl_parse_ltv2(&(chello->extensions.extension[i]), payload+offset, payload_len-offset);
+ one_ltv=ssl_parse_ltv2(&(chello->extensions.extension[ex_offset]), payload+offset, payload_len-offset);
if(one_ltv==-1)
{
return SSL_FLASE;
}
offset+=one_ltv;
- chello->extensions.num++;
- switch(chello->extensions.extension[i].type)
+ switch(chello->extensions.extension[ex_offset].type)
{
case SERVER_NAME_EXT_TYPE:
- ssl_parse_server_name(chello, &(chello->extensions.extension[i]));
+ ssl_parse_server_name(chello, &(chello->extensions.extension[ex_offset++]));
break;
case SESSION_TICKET_EXT_TYPE:
- chello->session_ticket=&(chello->extensions.extension[i]);
+ chello->session_ticket=&(chello->extensions.extension[ex_offset++]);
break;
case ENCRPTED_SERVER_NAME_EXT_TYPE:
- ssl_parse_encrypt_server_name(chello, &(chello->extensions.extension[i]));
+ ssl_parse_encrypt_server_name(chello, &(chello->extensions.extension[ex_offset++]));
break;
case ENCRPTED_CLIENT_HELLO_EXT_TYPE:
- chello->encrypt_chello=&(chello->extensions.extension[i]);
+ chello->encrypt_chello=&(chello->extensions.extension[ex_offset++]);
break;
case ALPN_EXT_TYPE:
- chello->alpn=&(chello->extensions.extension[i]);
+ chello->alpn=&(chello->extensions.extension[ex_offset++]);
break;
default:
break;
}
}
+
+ chello->extensions.num=ex_offset;
}
return SSL_TRUE;
}
diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt
index c659d31..6959e78 100644
--- a/test/CMakeLists.txt
+++ b/test/CMakeLists.txt
@@ -43,3 +43,4 @@ add_test(NAME RUN_E21_BUG_XXG_TEST COMMAND proto_test_main ${CMAKE_CURRENT_SOURC
add_test(NAME RUN_BUG_TEST COMMAND proto_test_main ${CMAKE_CURRENT_SOURCE_DIR}/pcap/bug/ssl_bug_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/pcap/bug/ -name *.pcap|sort -V" WORKING_DIRECTORY ${PROTO_TEST_RUN_DIR})
add_test(NAME RUN_MULTIPLE_HANDSHAKE_TEST COMMAND proto_test_main ${CMAKE_CURRENT_SOURCE_DIR}/pcap/multiple_handshake/ssl_multiple_handshake_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/pcap/multiple_handshake/ -name *.pcap|sort -V" WORKING_DIRECTORY ${PROTO_TEST_RUN_DIR})
add_test(NAME RUN_CLOSE_CONTAINS_PAYLOAD_TEST COMMAND proto_test_main ${CMAKE_CURRENT_SOURCE_DIR}/pcap/close_contains_payload/ssl_close_contains_payload_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/pcap/close_contains_payload/ -name *.pcap|sort -V" WORKING_DIRECTORY ${PROTO_TEST_RUN_DIR})
+add_test(NAME RUN_EXTENSION_EXCEED_16 COMMAND proto_test_main ${CMAKE_CURRENT_SOURCE_DIR}/pcap/extensions_exceed_16/extensions_exceed_16_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/pcap/extensions_exceed_16/ -name *.pcap|sort -V" WORKING_DIRECTORY ${PROTO_TEST_RUN_DIR})
diff --git a/test/pcap/extensions_exceed_16/1-ssl.ex.exceed16-192.168.64.8.53446-185.63.190.2.443.pcap b/test/pcap/extensions_exceed_16/1-ssl.ex.exceed16-192.168.64.8.53446-185.63.190.2.443.pcap
new file mode 100644
index 0000000..79f6f41
--- /dev/null
+++ b/test/pcap/extensions_exceed_16/1-ssl.ex.exceed16-192.168.64.8.53446-185.63.190.2.443.pcap
Binary files differ
diff --git a/test/pcap/extensions_exceed_16/extensions_exceed_16_result.json b/test/pcap/extensions_exceed_16/extensions_exceed_16_result.json
new file mode 100644
index 0000000..c5416e0
--- /dev/null
+++ b/test/pcap/extensions_exceed_16/extensions_exceed_16_result.json
@@ -0,0 +1,10 @@
+[
+ {
+ "Tuple4": "192.168.64.8.53466>185.63.190.2.443",
+ "ssl_sni": "fermer.ru",
+ "ssl_ech": "1",
+ "ssl_client_version": "TLS1.2",
+ "ssl_ja3_hash": "afa0d02228072fc4b02a7772a668c64a",
+ "name": "SSL_RESULT_1"
+ }
+] \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 15:47:48 +0000