feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add new sniffer APIs, framework

Browse Source
This commit is contained in:
toddouska
2015-09-08 14:31:32 -07:00
parent 10ad789c6f
commit 7e2906de52
5 changed files with 90 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
src/sniffer.c
View File

@@ -240,7 +240,10 @@ static const char* const msgTable[] =
"Late Key Load Error", "Late Key Load Error",
"Got Certificate Status msg", "Got Certificate Status msg",
"RSA Key Missing Error", "RSA Key Missing Error",
"Secure Renegotiation Not Supported" "Secure Renegotiation Not Supported",
/* 76 */
"Get Session Stats Failure"
}; };
@@ -357,6 +360,13 @@ static SnifferSession* SessionTable[HASH_SIZE];
static wolfSSL_Mutex SessionMutex; static wolfSSL_Mutex SessionMutex;
static int SessionCount = 0; static int SessionCount = 0;
/* Recovery of missed data switches and stats */
static wolfSSL_Mutex RecoveryMutex; /* for stats */
static int RecoveryEnabled = 0; /* global switch */
static int MaxRecoveryMemory = -1; /* per session max recovery memory */
static word32 MissedDataSessions = 0; /* # of sessions with missed data */
static word32 ReassemblyMemory = 0; /* total reassembly memory in use */
/* Initialize overall Sniffer */ /* Initialize overall Sniffer */
void ssl_InitSniffer(void) void ssl_InitSniffer(void)
@@ -364,6 +374,7 @@ void ssl_InitSniffer(void)
wolfSSL_Init(); wolfSSL_Init();
InitMutex(&ServerListMutex); InitMutex(&ServerListMutex);
InitMutex(&SessionMutex); InitMutex(&SessionMutex);
InitMutex(&RecoveryMutex);
} }
@@ -485,6 +496,7 @@ void ssl_FreeSniffer(void)
UnLockMutex(&SessionMutex); UnLockMutex(&SessionMutex);
UnLockMutex(&ServerListMutex); UnLockMutex(&ServerListMutex);
FreeMutex(&RecoveryMutex);
FreeMutex(&SessionMutex); FreeMutex(&SessionMutex);
FreeMutex(&ServerListMutex); FreeMutex(&ServerListMutex);
@@ -2980,6 +2992,49 @@ int ssl_Trace(const char* traceFile, char* error)
} }
/* Enables/Disables Recovery of missed data if later packets allow
* maxMemory is number of bytes to use for reassembly buffering per session,
* -1 means unlimited
* returns 0 on success, -1 on error */
int ssl_EnableRecovery(int onOff, int maxMemory, char* error)
{
(void)error;
RecoveryEnabled = onOff;
if (onOff)
MaxRecoveryMemory = maxMemory;
return 0;
}
int ssl_GetSessionStats(unsigned int* active, unsigned int* total,
unsigned int* peak, unsigned int* maxSessions,
unsigned int* missedData, unsigned int* reassemblyMem,
char* error)
{
int ret;
LockMutex(&RecoveryMutex);
if (missedData)
*missedData = MissedDataSessions;
if (reassemblyMem)
*reassemblyMem = ReassemblyMemory;
UnLockMutex(&RecoveryMutex);
ret = wolfSSL_get_session_stats(active, total, peak, maxSessions);
if (ret == SSL_SUCCESS)
return 0;
else {
SetError(BAD_SESSION_STATS, error, NULL, 0);
return -1;
}
}
#endif /* WOLFSSL_SNIFFER */ #endif /* WOLFSSL_SNIFFER */

11
wolfssl/sniffer.h
View File

@@ -61,6 +61,17 @@ SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length,
WOLFSSL_API WOLFSSL_API
SSL_SNIFFER_API int ssl_Trace(const char* traceFile, char* error); SSL_SNIFFER_API int ssl_Trace(const char* traceFile, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_EnableRecovery(int onOff, int maxMemory, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_GetSessionStats(unsigned int* active,
unsigned int* total,
unsigned int* peak,
unsigned int* maxSessions,
unsigned int* missedData,
unsigned int* reassemblyMemory,
char* error);
WOLFSSL_API void ssl_InitSniffer(void); WOLFSSL_API void ssl_InitSniffer(void);

2
wolfssl/sniffer_error.h
View File

@@ -108,6 +108,8 @@
#define GOT_CERT_STATUS_STR 73 #define GOT_CERT_STATUS_STR 73
#define RSA_KEY_MISSING_STR 74 #define RSA_KEY_MISSING_STR 74
#define NO_SECURE_RENEGOTIATION 75 #define NO_SECURE_RENEGOTIATION 75
#define BAD_SESSION_STATS 76
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */ /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */

2
wolfssl/sniffer_error.rc
View File

@@ -90,5 +90,7 @@ STRINGTABLE
73, "Got Certificate Status msg" 73, "Got Certificate Status msg"
74, "RSA Key Missing Error" 74, "RSA Key Missing Error"
75, "Secure Renegotiation Not Supported" 75, "Secure Renegotiation Not Supported"
76, "Get Session Stats Failure"
} }

11
wolfssl/wolfcrypt/settings.h
View File

@@ -932,11 +932,20 @@ static char *fgets(char *buff, int sz, FILE *fp)
#endif #endif
/* sniffer requires static RSA cipher suites */ /* sniffer requires:
* static RSA cipher suites
* session stats and peak stats
*/
#ifdef WOLFSSL_SNIFFER #ifdef WOLFSSL_SNIFFER
#ifndef WOLFSSL_STATIC_RSA #ifndef WOLFSSL_STATIC_RSA
#define WOLFSSL_STATIC_RSA #define WOLFSSL_STATIC_RSA
#endif #endif
#ifndef WOLFSSL_SESSION_STATS
#define WOLFSSL_SESSION_STATS
#endif
#ifndef WOLFSSL_PEAK_SESSIONS
#define WOLFSSL_PEAK_SESSIONS
#endif
#endif #endif
/* Place any other flags or defines here */ /* Place any other flags or defines here */