diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/CMakeLists.txt | 2 | ||||
| -rw-r--r-- | test/pcap/ssl/3-tls_ech.pcap | bin | 0 -> 8424 bytes | |||
| -rw-r--r-- | test/pcap/ssl/ssl_result.json | 48 | ||||
| -rw-r--r-- | test/ssl_result.json | 32 | ||||
| -rw-r--r-- | test/ssl_test_plug.cpp | 6 |
5 files changed, 54 insertions, 34 deletions
diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 7153a2a..d982b1b 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -37,6 +37,6 @@ set_target_properties(${lib_name}_test_plug PROPERTIES PREFIX "") add_test(NAME COPY_SO COMMAND sh -c "cp ${CMAKE_BINARY_DIR}/${lib_name}.so ${PROTO_TEST_RUN_DIR}/plug/protocol/${lib_name}/${lib_name}.so") add_test(NAME COPY_TEST_SO COMMAND sh -c "cp ${CMAKE_CURRENT_BINARY_DIR}/${lib_name}_test_plug.so ${PROTO_TEST_RUN_DIR}/plug/business/${lib_name}_test_plug/${lib_name}_test_plug.so") -add_test(NAME RUN_SSL_TEST COMMAND proto_test_main ${CMAKE_CURRENT_SOURCE_DIR}/ssl_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/pcap/ssl -name *.pcap|sort -V" WORKING_DIRECTORY ${PROTO_TEST_RUN_DIR}) +add_test(NAME RUN_SSL_TEST COMMAND proto_test_main ${CMAKE_CURRENT_SOURCE_DIR}/pcap/ssl/ssl_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/pcap/ssl -name *.pcap|sort -V" WORKING_DIRECTORY ${PROTO_TEST_RUN_DIR}) add_test(NAME RUN_E21_BUG_E21_TEST COMMAND proto_test_main ${CMAKE_CURRENT_SOURCE_DIR}/pcap/e21/ssl_e21_target_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/pcap/e21/ -name *.pcap|sort -V" WORKING_DIRECTORY ${PROTO_TEST_RUN_DIR}) add_test(NAME RUN_E21_BUG_XXG_TEST COMMAND proto_test_main ${CMAKE_CURRENT_SOURCE_DIR}/pcap/xxg/ssl_xxg_target_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/pcap/xxg/ -name *.pcap|sort -V" WORKING_DIRECTORY ${PROTO_TEST_RUN_DIR}) diff --git a/test/pcap/ssl/3-tls_ech.pcap b/test/pcap/ssl/3-tls_ech.pcap Binary files differnew file mode 100644 index 0000000..0cb473f --- /dev/null +++ b/test/pcap/ssl/3-tls_ech.pcap diff --git a/test/pcap/ssl/ssl_result.json b/test/pcap/ssl/ssl_result.json new file mode 100644 index 0000000..e1857f0 --- /dev/null +++ b/test/pcap/ssl/ssl_result.json @@ -0,0 +1,48 @@ +[{ + "Tuple4": "192.168.50.38.52391>104.16.123.96.443", + "ssl_sni": "ESNI", + "ssl_client_version": "TLS1.2", + "ssl_ja3_hash": "62a4a00de930bd0a5bee0309cc8362ed", + "ssl_ja3s_hash": "eb1d94daa7e0344597e756a1fb6e7054", + "name": "SSL_RESULT_1" +}, { + "Tuple4": "192.168.2.102.56768>34.138.246.121.443", + "ssl_sni": "public.tls-ech.dev", + "ssl_ech": "1", + "ssl_client_version": "TLS1.2", + "ssl_ja3_hash": "a195b9c006fcb23ab9a2343b0871e362", + "ssl_ja3s_hash": "2b0648ab686ee45e0e7c35fcfb0eea7e", + "name": "SSL_RESULT_2" +}, { + "Tuple4": "90.143.182.94.55835>93.186.227.131.443", + "ssl_sni": "sun9-20.userapi.com", + "ssl_client_version": "TLS1.2", + "ssl_ja3_hash": "6f5e62edfa5933b1332ddf8b9fb3ef9d", + "ssl_ja3s_hash": "2d1eb5817ece335c24904f516ad5da12", + "ssl_cert_version": "v3", + "ssl_cert_Issuer": "GlobalSign Organization Validation CA - SHA256 - G2;GlobalSign nv-sa;;;;;BE", + "ssl_cert_IssuerCN": "GlobalSign Organization Validation CA - SHA256 - G2", + "ssl_cert_IssuerO": "GlobalSign nv-sa", + "ssl_cert_IssuerC": "BE", + "ssl_cert_Sub": "*.userapi.com;V Kontakte LLC;;Saint-Petersburg;;Saint-Petersburg;RU", + "ssl_cert_SubCN": "*.userapi.com", + "ssl_cert_SubO": "V Kontakte LLC", + "ssl_cert_SubC": "RU", + "ssl_cert_SubP": "Saint-Petersburg", + "ssl_cert_SubL": "Saint-Petersburg", + "ssl_cert_SubCN": "*.userapi.com", + "ssl_cert_SubAltName": "*.userapi.com;vk.me;*.vk-cdn.net;*.vkuserlive.com;*.vkuserlive.net;*.vkuseraudio.net;*.vkuseraudio.com;*.vkuservideo.net;*.vkuservideo.com;*.vk.me;userapi.com", + "ssl_cert_SerialNum": "0x5afa3a189e6a5c11e1e18b0f", + "ssl_cert_AgID": "1.2.840.113549.1.1.11", + "ssl_cert_From": "180717083809Z", + "ssl_cert_To": "190714162604Z", + "name": "SSL_RESULT_3" +}, { + "Tuple4": "192.168.2.102.56776>34.138.246.121.443", + "ssl_sni": "public.tls-ech.dev", + "ssl_ech": "1", + "ssl_client_version": "TLS1.2", + "ssl_ja3_hash": "a195b9c006fcb23ab9a2343b0871e362", + "ssl_ja3s_hash": "2b0648ab686ee45e0e7c35fcfb0eea7e", + "name": "SSL_RESULT_4" +}]
\ No newline at end of file diff --git a/test/ssl_result.json b/test/ssl_result.json deleted file mode 100644 index 85f55d0..0000000 --- a/test/ssl_result.json +++ /dev/null @@ -1,32 +0,0 @@ -[{ - "Tuple4": "192.168.50.38.52391>104.16.123.96.443", - "ssl_sni": "ESNI", - "ssl_client_version": "TLS1.2", - "ssl_ja3_hash": "62a4a00de930bd0a5bee0309cc8362ed", - "ssl_ja3s_hash": "eb1d94daa7e0344597e756a1fb6e7054", - "name": "SSL_RESULT_1" -}, { - "Tuple4": "90.143.182.94.55835>93.186.227.131.443", - "ssl_sni": "sun9-20.userapi.com", - "ssl_client_version": "TLS1.2", - "ssl_ja3_hash": "6f5e62edfa5933b1332ddf8b9fb3ef9d", - "ssl_ja3s_hash": "2d1eb5817ece335c24904f516ad5da12", - "ssl_cert_version": "v3", - "ssl_cert_Issuer": "GlobalSign Organization Validation CA - SHA256 - G2;GlobalSign nv-sa;;;;;BE", - "ssl_cert_IssuerCN": "GlobalSign Organization Validation CA - SHA256 - G2", - "ssl_cert_IssuerO": "GlobalSign nv-sa", - "ssl_cert_IssuerC": "BE", - "ssl_cert_Sub": "*.userapi.com;V Kontakte LLC;;Saint-Petersburg;;Saint-Petersburg;RU", - "ssl_cert_SubCN": "*.userapi.com", - "ssl_cert_SubO": "V Kontakte LLC", - "ssl_cert_SubC": "RU", - "ssl_cert_SubP": "Saint-Petersburg", - "ssl_cert_SubL": "Saint-Petersburg", - "ssl_cert_SubCN": "*.userapi.com", - "ssl_cert_SubAltName": "*.userapi.com;vk.me;*.vk-cdn.net;*.vkuserlive.com;*.vkuserlive.net;*.vkuseraudio.net;*.vkuseraudio.com;*.vkuservideo.net;*.vkuservideo.com;*.vk.me;userapi.com", - "ssl_cert_SerialNum": "0x5afa3a189e6a5c11e1e18b0f", - "ssl_cert_AgID": "1.2.840.113549.1.1.11", - "ssl_cert_From": "180717083809Z", - "ssl_cert_To": "190714162604Z", - "name": "SSL_RESULT_2" -}] diff --git a/test/ssl_test_plug.cpp b/test/ssl_test_plug.cpp index e4cbbec..9f956e6 100644 --- a/test/ssl_test_plug.cpp +++ b/test/ssl_test_plug.cpp @@ -83,10 +83,14 @@ extern "C" unsigned char SSL_TEST_PLUG_ENTRY(stSessionInfo *session_info, void * break; } - if (a_ssl->stClientHello->server_name != NULL && strlen((char *)(a_ssl->stClientHello->server_name)) > 0) + if (strlen((char *)(a_ssl->stClientHello->server_name)) > 0) { cJSON_AddStringToObject(ctx, (const char *)"ssl_sni", (const char *)(a_ssl->stClientHello->server_name)); } + if (a_ssl->stClientHello->encrypt_chello != NULL) + { + cJSON_AddStringToObject(ctx, (const char *)"ssl_ech", "1"); + } if (a_ssl->stClientHello->encrypted_server_name.esni != NULL) { |