feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Sniffer Statistics

Browse Source 
Added more of the statistics.
This commit is contained in:
John Safranek
2019-05-24 16:21:08 -07:00
parent 2ee7d05dcc
commit c600f7659a
3 changed files with 25 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/sniffer.c
View File

@ -1932,10 +1932,13 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
}
#endif
if (session->sslServer->options.haveSessionId &&
XMEMCMP(session->sslServer->arrays->sessionID,
if (session->sslServer->options.haveSessionId) {
if (XMEMCMP(session->sslServer->arrays->sessionID,
session->sslClient->arrays->sessionID, ID_LEN) == 0)
doResume = 1;
doResume = 1;
else if (session->sslClient->options.haveSessionId)
INC_STAT(SnifferStats.sslResumeMisses);
}
else if (session->sslClient->options.haveSessionId == 0 &&
session->sslServer->options.haveSessionId == 0 &&
session->ticketID)
@ -1962,6 +1965,7 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
session->flags.resuming = 1;
Trace(SERVER_DID_RESUMPTION_STR);
INC_STAT(SnifferStats.sslResumedConns);
if (SetCipherSpecs(session->sslServer) != 0) {
SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
return -1;
@ -1988,6 +1992,9 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
return -1;
}
}
else {
INC_STAT(SnifferStats.sslStandardConns);
}
#ifdef SHOW_SECRETS
{
int i;
@ -2305,6 +2312,8 @@ static int DoHandShake(const byte* input, int* sslBytes,
break;
case certificate:
Trace(GOT_CERT_STR);
if (session->flags.side == WOLFSSL_CLIENT_END)
INC_STAT(SnifferStats.sslClientAuthConns);
break;
case server_hello_done:
Trace(GOT_SERVER_HELLO_DONE_STR);

8
sslSniffer/sslSnifferTest/snifftest.c
View File

@ -89,6 +89,14 @@ static void FreeAll(void)
static void sig_handler(const int sig)
{
SSLStats sslStats;
ssl_ReadStatistics(&sslStats);
printf("SSL Stats (sslStandardConns):%u\n", sslStats.sslStandardConns);
printf("SSL Stats (sslClientAuthConns):%u\n", sslStats.sslClientAuthConns);
printf("SSL Stats (sslResumedConns):%u\n", sslStats.sslResumedConns);
printf("SSL Stats (sslResumeMisses):%u\n", sslStats.sslResumeMisses);
printf("SSL Stats (sslAlerts):%u\n", sslStats.sslAlerts);
printf("SIGINT handled = %d.\n", sig);
FreeAll();
if (sig)

10
wolfssl/sniffer.h
View File

@ -137,11 +137,11 @@ SSL_SNIFFER_API int ssl_SetConnectionCtx(void* ctx);
typedef struct SSLStats
{
unsigned int sslStandardConns;
unsigned int sslRehandshakeConns;
unsigned int sslRehandshakeConns; /* unsupported */
unsigned int sslClientAuthConns;
unsigned int sslResumedConns;
unsigned int sslResumedRehandshakeConns;
unsigned int sslClientAuthRehandshakeConns;
unsigned int sslResumedRehandshakeConns; /* unsupported */
unsigned int sslClientAuthRehandshakeConns; /* unsupported */
unsigned int sslEphemeralMisses;
unsigned int sslResumeMisses;
unsigned int sslCiphersUnsupported;
@ -153,9 +153,9 @@ typedef struct SSLStats
unsigned int sslEncryptedBytes;
unsigned int sslEncryptedPackets;
unsigned int sslDecryptedPackets;
unsigned int sslEncryptedConns;
unsigned int sslKeyMatches;
unsigned int sslEncryptedConnsPerSecond;
unsigned int sslKeyMatches;
unsigned int sslActiveEncryptedConnsPerSecond;
unsigned int sslActiveFlowsPerSecond;
} SSLStats;