feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add new sniffer APIs, framework

Browse Source
This commit is contained in:
toddouska
2015-09-08 14:31:32 -07:00
parent 10ad789c6f
commit 7e2906de52
5 changed files with 90 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
src/sniffer.c
View File

@ -240,7 +240,10 @@ static const char* const msgTable[] =
"Late Key Load Error",
"Got Certificate Status msg",
"RSA Key Missing Error",
"Secure Renegotiation Not Supported"
"Secure Renegotiation Not Supported",
/* 76 */
"Get Session Stats Failure"
};
@ -357,6 +360,13 @@ static SnifferSession* SessionTable[HASH_SIZE];
static wolfSSL_Mutex SessionMutex;
static int SessionCount = 0;
/* Recovery of missed data switches and stats */
static wolfSSL_Mutex RecoveryMutex; /* for stats */
static int RecoveryEnabled = 0; /* global switch */
static int MaxRecoveryMemory = -1; /* per session max recovery memory */
static word32 MissedDataSessions = 0; /* # of sessions with missed data */
static word32 ReassemblyMemory = 0; /* total reassembly memory in use */
/* Initialize overall Sniffer */
void ssl_InitSniffer(void)
@ -364,6 +374,7 @@ void ssl_InitSniffer(void)
wolfSSL_Init();
InitMutex(&ServerListMutex);
InitMutex(&SessionMutex);
InitMutex(&RecoveryMutex);
}
@ -485,6 +496,7 @@ void ssl_FreeSniffer(void)
UnLockMutex(&SessionMutex);
UnLockMutex(&ServerListMutex);
FreeMutex(&RecoveryMutex);
FreeMutex(&SessionMutex);
FreeMutex(&ServerListMutex);
@ -2980,6 +2992,49 @@ int ssl_Trace(const char* traceFile, char* error)
}
/* Enables/Disables Recovery of missed data if later packets allow
* maxMemory is number of bytes to use for reassembly buffering per session,
* -1 means unlimited
* returns 0 on success, -1 on error */
int ssl_EnableRecovery(int onOff, int maxMemory, char* error)
{
(void)error;
RecoveryEnabled = onOff;
if (onOff)
MaxRecoveryMemory = maxMemory;
return 0;
}
int ssl_GetSessionStats(unsigned int* active, unsigned int* total,
unsigned int* peak, unsigned int* maxSessions,
unsigned int* missedData, unsigned int* reassemblyMem,
char* error)
{
int ret;
LockMutex(&RecoveryMutex);
if (missedData)
*missedData = MissedDataSessions;
if (reassemblyMem)
*reassemblyMem = ReassemblyMemory;
UnLockMutex(&RecoveryMutex);
ret = wolfSSL_get_session_stats(active, total, peak, maxSessions);
if (ret == SSL_SUCCESS)
return 0;
else {
SetError(BAD_SESSION_STATS, error, NULL, 0);
return -1;
}
}
#endif /* WOLFSSL_SNIFFER */

11
wolfssl/sniffer.h
View File

@ -61,6 +61,17 @@ SSL_SNIFFER_API int ssl_DecodePacket(const unsigned char* packet, int length,
WOLFSSL_API
SSL_SNIFFER_API int ssl_Trace(const char* traceFile, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_EnableRecovery(int onOff, int maxMemory, char* error);
WOLFSSL_API
SSL_SNIFFER_API int ssl_GetSessionStats(unsigned int* active,
unsigned int* total,
unsigned int* peak,
unsigned int* maxSessions,
unsigned int* missedData,
unsigned int* reassemblyMemory,
char* error);
WOLFSSL_API void ssl_InitSniffer(void);

2
wolfssl/sniffer_error.h
View File

@ -108,6 +108,8 @@
#define GOT_CERT_STATUS_STR 73
#define RSA_KEY_MISSING_STR 74
#define NO_SECURE_RENEGOTIATION 75
#define BAD_SESSION_STATS 76
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */

2
wolfssl/sniffer_error.rc
View File

@ -90,5 +90,7 @@ STRINGTABLE
73, "Got Certificate Status msg"
74, "RSA Key Missing Error"
75, "Secure Renegotiation Not Supported"
76, "Get Session Stats Failure"
}

11
wolfssl/wolfcrypt/settings.h
View File

@ -932,11 +932,20 @@ static char *fgets(char *buff, int sz, FILE *fp)
#endif
/* sniffer requires static RSA cipher suites */
/* sniffer requires:
* static RSA cipher suites
* session stats and peak stats
*/
#ifdef WOLFSSL_SNIFFER
#ifndef WOLFSSL_STATIC_RSA
#define WOLFSSL_STATIC_RSA
#endif
#ifndef WOLFSSL_SESSION_STATS
#define WOLFSSL_SESSION_STATS
#endif
#ifndef WOLFSSL_PEAK_SESSIONS
#define WOLFSSL_PEAK_SESSIONS
#endif
#endif
/* Place any other flags or defines here */