diff options
| author | liuxueli <[email protected]> | 2023-09-06 18:42:57 +0800 |
|---|---|---|
| committer | liuxueli <[email protected]> | 2023-09-06 18:42:57 +0800 |
| commit | 8934001da67933f5fabc1a0effc68bb5b1a1f135 (patch) | |
| tree | 68e2afb6ee9938b6871662cd2df56f85fcd5d727 | |
| parent | 12a97dede4cb6e58f71bbb53562d9f88357a3b15 (diff) | |
TSG-16294: client hello分数据包传输时,支持识别SSL协议v6.1.8
| -rw-r--r-- | src/tsg_entry.cpp | 10 | ||||
| -rw-r--r-- | src/tsg_ssl_utils.cpp | 27 | ||||
| -rw-r--r-- | src/tsg_ssl_utils.h | 1 |
3 files changed, 26 insertions, 12 deletions
diff --git a/src/tsg_entry.cpp b/src/tsg_entry.cpp index 8cb48c1..c1580af 100644 --- a/src/tsg_entry.cpp +++ b/src/tsg_entry.cpp @@ -1487,6 +1487,16 @@ int session_l7_protocol_identify(const struct streaminfo *a_stream, struct sessi return 1; } + if(chello!=NULL) + { + if(chello->is_ssl==1) + { + srt_process_context->proto=PROTO_SSL; + ssl_chello_free(chello); + return 1; + } + } + ssl_chello_free(chello); } diff --git a/src/tsg_ssl_utils.cpp b/src/tsg_ssl_utils.cpp index 71d73c1..99d2142 100644 --- a/src/tsg_ssl_utils.cpp +++ b/src/tsg_ssl_utils.cpp @@ -299,6 +299,7 @@ struct ssl_chello* ssl_chello_parse(const unsigned char* buff, size_t buff_len, *result = CHELLO_PARSE_INVALID_FORMAT; return _chello; } + _chello->max_version.major = buff[pos]; _chello->max_version.minor = buff[pos + 1]; _chello->max_version.ossl_format=(uint16_t)_chello->max_version.major<<8|_chello->max_version.minor; @@ -307,7 +308,7 @@ struct ssl_chello* ssl_chello_parse(const unsigned char* buff, size_t buff_len, } else { - if (buff_len < 5) + if (buff_len < 6) { *result = CHELLO_PARSE_NOT_ENOUGH_BUFF; return NULL; @@ -317,6 +318,12 @@ struct ssl_chello* ssl_chello_parse(const unsigned char* buff, size_t buff_len, *result = CHELLO_PARSE_INVALID_FORMAT; return NULL; } + if (buff[5] != 0x01) + { + *result = CHELLO_PARSE_INVALID_FORMAT; + return NULL; + } + struct ssl_chello* _chello = (struct ssl_chello*)ALLOC(struct ssl_chello, 1); _chello->min_version.major = buff[1]; _chello->min_version.minor = buff[2]; @@ -325,6 +332,11 @@ struct ssl_chello* ssl_chello_parse(const unsigned char* buff, size_t buff_len, _chello->max_version.minor = (uint8_t)(-1); _chello->sni = NULL; + if(buff[0] == 0x16) + { + _chello->is_ssl=1; + } + /* TLS record length */ size_t len = ((size_t)buff[3] << 8) + (size_t)buff[4] + 5; if (buff_len < len) @@ -333,17 +345,8 @@ struct ssl_chello* ssl_chello_parse(const unsigned char* buff, size_t buff_len, return _chello; } buff_len = len; - size_t pos = 5; - if (pos + 1 > buff_len) - { - *result = CHELLO_PARSE_INVALID_FORMAT; - return _chello; - } - if (buff[pos] != 0x01) - { - *result = CHELLO_PARSE_INVALID_FORMAT; - return _chello; - } + size_t pos = 6; + pos += 4; if(pos + 2 > buff_len) { diff --git a/src/tsg_ssl_utils.h b/src/tsg_ssl_utils.h index 9d34746..501ccd1 100644 --- a/src/tsg_ssl_utils.h +++ b/src/tsg_ssl_utils.h @@ -26,6 +26,7 @@ struct ssl_chello struct ssl_version max_version; char* sni; + int is_ssl; int is_encrypt_sni; int is_encrypt_chello; }; |