add new sniffer APIs, framework

src/sniffer.c

@@ -240,7 +240,10 @@ static const char* const msgTable[] =
     "Late Key Load Error",
     "Got Certificate Status msg",
     "RSA Key Missing Error",
-    "Secure Renegotiation Not Supported"
+    "Secure Renegotiation Not Supported",
+
+    /* 76 */
+    "Get Session Stats Failure"
 };
 
 
@@ -357,6 +360,13 @@ static SnifferSession* SessionTable[HASH_SIZE];
 static wolfSSL_Mutex SessionMutex;
 static int SessionCount = 0;
 
+/* Recovery of missed data switches and stats */
+static wolfSSL_Mutex RecoveryMutex;      /* for stats */
+static int RecoveryEnabled    = 0;       /* global switch */
+static int MaxRecoveryMemory  = -1;      /* per session max recovery memory */
+static word32 MissedDataSessions = 0;    /* # of sessions with missed data */
+static word32 ReassemblyMemory   = 0;    /* total reassembly memory in use */
+
 
 /* Initialize overall Sniffer */
 void ssl_InitSniffer(void)
@@ -364,6 +374,7 @@ void ssl_InitSniffer(void)
     wolfSSL_Init();
     InitMutex(&ServerListMutex);
     InitMutex(&SessionMutex);
+    InitMutex(&RecoveryMutex);
 }
 
 
@@ -485,6 +496,7 @@ void ssl_FreeSniffer(void)
     UnLockMutex(&SessionMutex);
     UnLockMutex(&ServerListMutex);
 
+    FreeMutex(&RecoveryMutex);
     FreeMutex(&SessionMutex);
     FreeMutex(&ServerListMutex);
 
@@ -2980,6 +2992,49 @@ int ssl_Trace(const char* traceFile, char* error)
 }
 
 
+/* Enables/Disables Recovery of missed data if later packets allow
+ * maxMemory is number of bytes to use for reassembly buffering per session,
+ * -1 means unlimited
+ * returns 0 on success, -1 on error */
+int ssl_EnableRecovery(int onOff, int maxMemory, char* error)
+{
+    (void)error;
+
+    RecoveryEnabled = onOff;
+    if (onOff)
+        MaxRecoveryMemory = maxMemory;
+
+    return 0;
+}
+
+
+
+int ssl_GetSessionStats(unsigned int* active,     unsigned int* total,
+                        unsigned int* peak,       unsigned int* maxSessions,
+                        unsigned int* missedData, unsigned int* reassemblyMem,
+                        char* error)
+{
+    int ret;
+
+    LockMutex(&RecoveryMutex);
+
+    if (missedData)
+        *missedData = MissedDataSessions;
+    if (reassemblyMem)
+        *reassemblyMem = ReassemblyMemory;
+
+    UnLockMutex(&RecoveryMutex);
+
+    ret = wolfSSL_get_session_stats(active, total, peak, maxSessions);
+
+    if (ret == SSL_SUCCESS)
+        return 0;
+    else {
+        SetError(BAD_SESSION_STATS, error, NULL, 0);
+        return -1;
+    }
+}
+
 
 
 #endif /* WOLFSSL_SNIFFER */

wolfssl/sniffer.h

@@ -40,10 +40,10 @@
     extern "C" {
 #endif
 
-/* @param typeK: (formerly keyType) was shadowing a global declaration in 
+/* @param typeK: (formerly keyType) was shadowing a global declaration in
  *                wolfssl/wolfcrypt/asn.h line 175
  */
-WOLFSSL_API 
+WOLFSSL_API
 SSL_SNIFFER_API int ssl_SetPrivateKey(const char* address, int port,
                                       const char* keyFile, int typeK,
                                       const char* password, char* error);
@@ -54,19 +54,30 @@ SSL_SNIFFER_API int ssl_SetNamedPrivateKey(const char* name,
                                            const char* keyFile, int typeK,
                                            const char* password, char* error);
 
-WOLFSSL_API 
+WOLFSSL_API
 SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length,
                                      unsigned char* data, char* error);
 
-WOLFSSL_API 
+WOLFSSL_API
 SSL_SNIFFER_API int ssl_Trace(const char* traceFile, char* error);
-        
-        
+
+WOLFSSL_API
+SSL_SNIFFER_API int ssl_EnableRecovery(int onOff, int maxMemory, char* error);
+
+WOLFSSL_API
+SSL_SNIFFER_API int ssl_GetSessionStats(unsigned int* active,
+                                        unsigned int* total,
+                                        unsigned int* peak,
+                                        unsigned int* maxSessions,
+                                        unsigned int* missedData,
+                                        unsigned int* reassemblyMemory,
+                                        char* error);
+
 WOLFSSL_API void ssl_InitSniffer(void);
-        
+
 WOLFSSL_API void ssl_FreeSniffer(void);
 
-        
+
 /* ssl_SetPrivateKey typeKs */
 enum {
     FILETYPE_PEM = 1,

wolfssl/sniffer_error.h

@@ -101,13 +101,15 @@
 #define BAD_COMPRESSION_STR 67
 #define BAD_DERIVE_STR 68
 #define ACK_MISSED_STR 69
-#define BAD_DECRYPT    70 
+#define BAD_DECRYPT    70
 
 #define DECRYPT_KEYS_NOT_SETUP 71
 #define CLIENT_HELLO_LATE_KEY_STR 72
 #define GOT_CERT_STATUS_STR 73
 #define RSA_KEY_MISSING_STR 74
 #define NO_SECURE_RENEGOTIATION 75
+
+#define BAD_SESSION_STATS 76
 /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */
 
 

wolfssl/sniffer_error.rc

@@ -90,5 +90,7 @@ STRINGTABLE
     73, "Got Certificate Status msg"
     74, "RSA Key Missing Error"
     75, "Secure Renegotiation Not Supported"
+
+    76, "Get Session Stats Failure"
 }
 

wolfssl/wolfcrypt/settings.h

@@ -932,11 +932,20 @@ static char *fgets(char *buff, int sz, FILE *fp)
 #endif
 
 
-/* sniffer requires static RSA cipher suites */
+/* sniffer requires:
+ * static RSA cipher suites
+ * session stats and peak stats
+ */
 #ifdef WOLFSSL_SNIFFER
     #ifndef WOLFSSL_STATIC_RSA
         #define WOLFSSL_STATIC_RSA
     #endif
+    #ifndef WOLFSSL_SESSION_STATS
+        #define WOLFSSL_SESSION_STATS
+    #endif
+    #ifndef WOLFSSL_PEAK_SESSIONS
+        #define WOLFSSL_PEAK_SESSIONS
+    #endif
 #endif
 
 /* Place any other flags or defines here */