wolfSSL - wolfSSL SSL/TLS library, support up to TLS1.3

Users » wolfSSL » Code » wolfSSL

wolfSSL SSL/TLS library, support up to TLS1.3

Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more

src/sniffer.c@4:1b0d80432c79, 2016-04-28 (annotated)

Committer:: wolfSSL
Date:: Thu Apr 28 00:57:21 2016 +0000
Revision:: 4:1b0d80432c79

wolfSSL 3.9.0

Who changed what in which revision?

User	Revision	Line number	New contents of line
wolfSSL	4:1b0d80432c79	1	/* sniffer.c
wolfSSL	4:1b0d80432c79	2	*
wolfSSL	4:1b0d80432c79	3	* Copyright (C) 2006-2016 wolfSSL Inc.
wolfSSL	4:1b0d80432c79	4	*
wolfSSL	4:1b0d80432c79	5	* This file is part of wolfSSL.
wolfSSL	4:1b0d80432c79	6	*
wolfSSL	4:1b0d80432c79	7	* wolfSSL is free software; you can redistribute it and/or modify
wolfSSL	4:1b0d80432c79	8	* it under the terms of the GNU General Public License as published by
wolfSSL	4:1b0d80432c79	9	* the Free Software Foundation; either version 2 of the License, or
wolfSSL	4:1b0d80432c79	10	* (at your option) any later version.
wolfSSL	4:1b0d80432c79	11	*
wolfSSL	4:1b0d80432c79	12	* wolfSSL is distributed in the hope that it will be useful,
wolfSSL	4:1b0d80432c79	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL	4:1b0d80432c79	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL	4:1b0d80432c79	15	* GNU General Public License for more details.
wolfSSL	4:1b0d80432c79	16	*
wolfSSL	4:1b0d80432c79	17	* You should have received a copy of the GNU General Public License
wolfSSL	4:1b0d80432c79	18	* along with this program; if not, write to the Free Software
wolfSSL	4:1b0d80432c79	19	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
wolfSSL	4:1b0d80432c79	20	*/
wolfSSL	4:1b0d80432c79	21
wolfSSL	4:1b0d80432c79	22
wolfSSL	4:1b0d80432c79	23	#ifdef HAVE_CONFIG_H
wolfSSL	4:1b0d80432c79	24	#include <config.h>
wolfSSL	4:1b0d80432c79	25	#endif
wolfSSL	4:1b0d80432c79	26
wolfSSL	4:1b0d80432c79	27	#include <wolfssl/wolfcrypt/settings.h>
wolfSSL	4:1b0d80432c79	28
wolfSSL	4:1b0d80432c79	29	#ifndef WOLFCRYPT_ONLY
wolfSSL	4:1b0d80432c79	30	#ifdef WOLFSSL_SNIFFER
wolfSSL	4:1b0d80432c79	31
wolfSSL	4:1b0d80432c79	32	#include <assert.h>
wolfSSL	4:1b0d80432c79	33	#include <time.h>
wolfSSL	4:1b0d80432c79	34
wolfSSL	4:1b0d80432c79	35	#ifndef _WIN32
wolfSSL	4:1b0d80432c79	36	#include <arpa/inet.h>
wolfSSL	4:1b0d80432c79	37	#endif
wolfSSL	4:1b0d80432c79	38
wolfSSL	4:1b0d80432c79	39	#ifdef _WIN32
wolfSSL	4:1b0d80432c79	40	#define SNPRINTF _snprintf
wolfSSL	4:1b0d80432c79	41	#else
wolfSSL	4:1b0d80432c79	42	#define SNPRINTF snprintf
wolfSSL	4:1b0d80432c79	43	#endif
wolfSSL	4:1b0d80432c79	44
wolfSSL	4:1b0d80432c79	45	#include <wolfssl/openssl/ssl.h>
wolfSSL	4:1b0d80432c79	46	#include <wolfssl/internal.h>
wolfSSL	4:1b0d80432c79	47	#include <wolfssl/error-ssl.h>
wolfSSL	4:1b0d80432c79	48	#include <wolfssl/sniffer.h>
wolfSSL	4:1b0d80432c79	49	#include <wolfssl/sniffer_error.h>
wolfSSL	4:1b0d80432c79	50	#ifdef NO_INLINE
wolfSSL	4:1b0d80432c79	51	#include <wolfssl/wolfcrypt/misc.h>
wolfSSL	4:1b0d80432c79	52	#else
wolfSSL	4:1b0d80432c79	53	#include <wolfcrypt/src/misc.c>
wolfSSL	4:1b0d80432c79	54	#endif
wolfSSL	4:1b0d80432c79	55
wolfSSL	4:1b0d80432c79	56
wolfSSL	4:1b0d80432c79	57	#ifndef WOLFSSL_HAVE_MIN
wolfSSL	4:1b0d80432c79	58	#define WOLFSSL_HAVE_MIN
wolfSSL	4:1b0d80432c79	59
wolfSSL	4:1b0d80432c79	60	static INLINE word32 min(word32 a, word32 b)
wolfSSL	4:1b0d80432c79	61	{
wolfSSL	4:1b0d80432c79	62	return a > b ? b : a;
wolfSSL	4:1b0d80432c79	63	}
wolfSSL	4:1b0d80432c79	64
wolfSSL	4:1b0d80432c79	65	#endif /* WOLFSSL_HAVE_MIN */
wolfSSL	4:1b0d80432c79	66
wolfSSL	4:1b0d80432c79	67	#ifndef WOLFSSL_SNIFFER_TIMEOUT
wolfSSL	4:1b0d80432c79	68	#define WOLFSSL_SNIFFER_TIMEOUT 900
wolfSSL	4:1b0d80432c79	69	/* Cache unclosed Sessions for 15 minutes since last used */
wolfSSL	4:1b0d80432c79	70	#endif
wolfSSL	4:1b0d80432c79	71
wolfSSL	4:1b0d80432c79	72	/* Misc constants */
wolfSSL	4:1b0d80432c79	73	enum {
wolfSSL	4:1b0d80432c79	74	MAX_SERVER_ADDRESS = 128, /* maximum server address length */
wolfSSL	4:1b0d80432c79	75	MAX_SERVER_NAME = 128, /* maximum server name length */
wolfSSL	4:1b0d80432c79	76	MAX_ERROR_LEN = 80, /* maximum error length */
wolfSSL	4:1b0d80432c79	77	ETHER_IF_ADDR_LEN = 6, /* ethernet interface address length */
wolfSSL	4:1b0d80432c79	78	LOCAL_IF_ADDR_LEN = 4, /* localhost interface address length, !windows */
wolfSSL	4:1b0d80432c79	79	TCP_PROTO = 6, /* TCP_PROTOCOL */
wolfSSL	4:1b0d80432c79	80	IP_HDR_SZ = 20, /* IP header length, min */
wolfSSL	4:1b0d80432c79	81	TCP_HDR_SZ = 20, /* TCP header length, min */
wolfSSL	4:1b0d80432c79	82	IPV4 = 4, /* IP version 4 */
wolfSSL	4:1b0d80432c79	83	TCP_PROTOCOL = 6, /* TCP Protocol id */
wolfSSL	4:1b0d80432c79	84	TRACE_MSG_SZ = 80, /* Trace Message buffer size */
wolfSSL	4:1b0d80432c79	85	HASH_SIZE = 499, /* Session Hash Table Rows */
wolfSSL	4:1b0d80432c79	86	PSEUDO_HDR_SZ = 12, /* TCP Pseudo Header size in bytes */
wolfSSL	4:1b0d80432c79	87	FATAL_ERROR_STATE = 1, /* SnifferSession fatal error state */
wolfSSL	4:1b0d80432c79	88	TICKET_HINT_LEN = 4, /* Session Ticket Hint length */
wolfSSL	4:1b0d80432c79	89	EXT_TYPE_SZ = 2, /* Extension length */
wolfSSL	4:1b0d80432c79	90	MAX_INPUT_SZ = MAX_RECORD_SIZE + COMP_EXTRA + MAX_MSG_EXTRA +
wolfSSL	4:1b0d80432c79	91	MTU_EXTRA, /* Max input sz of reassembly */
wolfSSL	4:1b0d80432c79	92	TICKET_EXT_ID = 0x23 /* Session Ticket Extension ID */
wolfSSL	4:1b0d80432c79	93	};
wolfSSL	4:1b0d80432c79	94
wolfSSL	4:1b0d80432c79	95
wolfSSL	4:1b0d80432c79	96	#ifdef _WIN32
wolfSSL	4:1b0d80432c79	97
wolfSSL	4:1b0d80432c79	98	static HMODULE dllModule; /* for error string resources */
wolfSSL	4:1b0d80432c79	99
wolfSSL	4:1b0d80432c79	100	BOOL APIENTRY DllMain( HMODULE hModule,
wolfSSL	4:1b0d80432c79	101	DWORD ul_reason_for_call,
wolfSSL	4:1b0d80432c79	102	LPVOID lpReserved
wolfSSL	4:1b0d80432c79	103	)
wolfSSL	4:1b0d80432c79	104	{
wolfSSL	4:1b0d80432c79	105	static int didInit = 0;
wolfSSL	4:1b0d80432c79	106
wolfSSL	4:1b0d80432c79	107	switch (ul_reason_for_call)
wolfSSL	4:1b0d80432c79	108	{
wolfSSL	4:1b0d80432c79	109	case DLL_PROCESS_ATTACH:
wolfSSL	4:1b0d80432c79	110	if (didInit == 0) {
wolfSSL	4:1b0d80432c79	111	dllModule = hModule;
wolfSSL	4:1b0d80432c79	112	ssl_InitSniffer();
wolfSSL	4:1b0d80432c79	113	didInit = 1;
wolfSSL	4:1b0d80432c79	114	}
wolfSSL	4:1b0d80432c79	115	break;
wolfSSL	4:1b0d80432c79	116	case DLL_THREAD_ATTACH:
wolfSSL	4:1b0d80432c79	117	break;
wolfSSL	4:1b0d80432c79	118	case DLL_THREAD_DETACH:
wolfSSL	4:1b0d80432c79	119	break;
wolfSSL	4:1b0d80432c79	120	case DLL_PROCESS_DETACH:
wolfSSL	4:1b0d80432c79	121	if (didInit) {
wolfSSL	4:1b0d80432c79	122	ssl_FreeSniffer();
wolfSSL	4:1b0d80432c79	123	didInit = 0;
wolfSSL	4:1b0d80432c79	124	}
wolfSSL	4:1b0d80432c79	125	break;
wolfSSL	4:1b0d80432c79	126	}
wolfSSL	4:1b0d80432c79	127	return TRUE;
wolfSSL	4:1b0d80432c79	128	}
wolfSSL	4:1b0d80432c79	129
wolfSSL	4:1b0d80432c79	130	#endif /* _WIN32 */
wolfSSL	4:1b0d80432c79	131
wolfSSL	4:1b0d80432c79	132
wolfSSL	4:1b0d80432c79	133	static int TraceOn = 0; /* Trace is off by default */
wolfSSL	4:1b0d80432c79	134	static FILE* TraceFile = 0;
wolfSSL	4:1b0d80432c79	135
wolfSSL	4:1b0d80432c79	136
wolfSSL	4:1b0d80432c79	137	/* windows uses .rc table for this */
wolfSSL	4:1b0d80432c79	138	#ifndef _WIN32
wolfSSL	4:1b0d80432c79	139
wolfSSL	4:1b0d80432c79	140	static const char* const msgTable[] =
wolfSSL	4:1b0d80432c79	141	{
wolfSSL	4:1b0d80432c79	142	/* 1 */
wolfSSL	4:1b0d80432c79	143	"Out of Memory",
wolfSSL	4:1b0d80432c79	144	"New SSL Sniffer Server Registered",
wolfSSL	4:1b0d80432c79	145	"Checking IP Header",
wolfSSL	4:1b0d80432c79	146	"SSL Sniffer Server Not Registered",
wolfSSL	4:1b0d80432c79	147	"Checking TCP Header",
wolfSSL	4:1b0d80432c79	148
wolfSSL	4:1b0d80432c79	149	/* 6 */
wolfSSL	4:1b0d80432c79	150	"SSL Sniffer Server Port Not Registered",
wolfSSL	4:1b0d80432c79	151	"RSA Private Decrypt Error",
wolfSSL	4:1b0d80432c79	152	"RSA Private Decode Error",
wolfSSL	4:1b0d80432c79	153	"Set Cipher Spec Error",
wolfSSL	4:1b0d80432c79	154	"Server Hello Input Malformed",
wolfSSL	4:1b0d80432c79	155
wolfSSL	4:1b0d80432c79	156	/* 11 */
wolfSSL	4:1b0d80432c79	157	"Couldn't Resume Session Error",
wolfSSL	4:1b0d80432c79	158	"Server Did Resumption",
wolfSSL	4:1b0d80432c79	159	"Client Hello Input Malformed",
wolfSSL	4:1b0d80432c79	160	"Client Trying to Resume",
wolfSSL	4:1b0d80432c79	161	"Handshake Input Malformed",
wolfSSL	4:1b0d80432c79	162
wolfSSL	4:1b0d80432c79	163	/* 16 */
wolfSSL	4:1b0d80432c79	164	"Got Hello Verify msg",
wolfSSL	4:1b0d80432c79	165	"Got Server Hello msg",
wolfSSL	4:1b0d80432c79	166	"Got Cert Request msg",
wolfSSL	4:1b0d80432c79	167	"Got Server Key Exchange msg",
wolfSSL	4:1b0d80432c79	168	"Got Cert msg",
wolfSSL	4:1b0d80432c79	169
wolfSSL	4:1b0d80432c79	170	/* 21 */
wolfSSL	4:1b0d80432c79	171	"Got Server Hello Done msg",
wolfSSL	4:1b0d80432c79	172	"Got Finished msg",
wolfSSL	4:1b0d80432c79	173	"Got Client Hello msg",
wolfSSL	4:1b0d80432c79	174	"Got Client Key Exchange msg",
wolfSSL	4:1b0d80432c79	175	"Got Cert Verify msg",
wolfSSL	4:1b0d80432c79	176
wolfSSL	4:1b0d80432c79	177	/* 26 */
wolfSSL	4:1b0d80432c79	178	"Got Unknown Handshake msg",
wolfSSL	4:1b0d80432c79	179	"New SSL Sniffer Session created",
wolfSSL	4:1b0d80432c79	180	"Couldn't create new SSL",
wolfSSL	4:1b0d80432c79	181	"Got a Packet to decode",
wolfSSL	4:1b0d80432c79	182	"No data present",
wolfSSL	4:1b0d80432c79	183
wolfSSL	4:1b0d80432c79	184	/* 31 */
wolfSSL	4:1b0d80432c79	185	"Session Not Found",
wolfSSL	4:1b0d80432c79	186	"Got an Old Client Hello msg",
wolfSSL	4:1b0d80432c79	187	"Old Client Hello Input Malformed",
wolfSSL	4:1b0d80432c79	188	"Old Client Hello OK",
wolfSSL	4:1b0d80432c79	189	"Bad Old Client Hello",
wolfSSL	4:1b0d80432c79	190
wolfSSL	4:1b0d80432c79	191	/* 36 */
wolfSSL	4:1b0d80432c79	192	"Bad Record Header",
wolfSSL	4:1b0d80432c79	193	"Record Header Input Malformed",
wolfSSL	4:1b0d80432c79	194	"Got a HandShake msg",
wolfSSL	4:1b0d80432c79	195	"Bad HandShake msg",
wolfSSL	4:1b0d80432c79	196	"Got a Change Cipher Spec msg",
wolfSSL	4:1b0d80432c79	197
wolfSSL	4:1b0d80432c79	198	/* 41 */
wolfSSL	4:1b0d80432c79	199	"Got Application Data msg",
wolfSSL	4:1b0d80432c79	200	"Bad Application Data",
wolfSSL	4:1b0d80432c79	201	"Got an Alert msg",
wolfSSL	4:1b0d80432c79	202	"Another msg to Process",
wolfSSL	4:1b0d80432c79	203	"Removing Session From Table",
wolfSSL	4:1b0d80432c79	204
wolfSSL	4:1b0d80432c79	205	/* 46 */
wolfSSL	4:1b0d80432c79	206	"Bad Key File",
wolfSSL	4:1b0d80432c79	207	"Wrong IP Version",
wolfSSL	4:1b0d80432c79	208	"Wrong Protocol type",
wolfSSL	4:1b0d80432c79	209	"Packet Short for header processing",
wolfSSL	4:1b0d80432c79	210	"Got Unknown Record Type",
wolfSSL	4:1b0d80432c79	211
wolfSSL	4:1b0d80432c79	212	/* 51 */
wolfSSL	4:1b0d80432c79	213	"Can't Open Trace File",
wolfSSL	4:1b0d80432c79	214	"Session in Fatal Error State",
wolfSSL	4:1b0d80432c79	215	"Partial SSL record received",
wolfSSL	4:1b0d80432c79	216	"Buffer Error, malformed input",
wolfSSL	4:1b0d80432c79	217	"Added to Partial Input",
wolfSSL	4:1b0d80432c79	218
wolfSSL	4:1b0d80432c79	219	/* 56 */
wolfSSL	4:1b0d80432c79	220	"Received a Duplicate Packet",
wolfSSL	4:1b0d80432c79	221	"Received an Out of Order Packet",
wolfSSL	4:1b0d80432c79	222	"Received an Overlap Duplicate Packet",
wolfSSL	4:1b0d80432c79	223	"Received an Overlap Reassembly Begin Duplicate Packet",
wolfSSL	4:1b0d80432c79	224	"Received an Overlap Reassembly End Duplicate Packet",
wolfSSL	4:1b0d80432c79	225
wolfSSL	4:1b0d80432c79	226	/* 61 */
wolfSSL	4:1b0d80432c79	227	"Missed the Client Hello Entirely",
wolfSSL	4:1b0d80432c79	228	"Got Hello Request msg",
wolfSSL	4:1b0d80432c79	229	"Got Session Ticket msg",
wolfSSL	4:1b0d80432c79	230	"Bad Input",
wolfSSL	4:1b0d80432c79	231	"Bad Decrypt Type",
wolfSSL	4:1b0d80432c79	232
wolfSSL	4:1b0d80432c79	233	/* 66 */
wolfSSL	4:1b0d80432c79	234	"Bad Finished Message Processing",
wolfSSL	4:1b0d80432c79	235	"Bad Compression Type",
wolfSSL	4:1b0d80432c79	236	"Bad DeriveKeys Error",
wolfSSL	4:1b0d80432c79	237	"Saw ACK for Missing Packet Error",
wolfSSL	4:1b0d80432c79	238	"Bad Decrypt Operation",
wolfSSL	4:1b0d80432c79	239
wolfSSL	4:1b0d80432c79	240	/* 71 */
wolfSSL	4:1b0d80432c79	241	"Decrypt Keys Not Set Up",
wolfSSL	4:1b0d80432c79	242	"Late Key Load Error",
wolfSSL	4:1b0d80432c79	243	"Got Certificate Status msg",
wolfSSL	4:1b0d80432c79	244	"RSA Key Missing Error",
wolfSSL	4:1b0d80432c79	245	"Secure Renegotiation Not Supported",
wolfSSL	4:1b0d80432c79	246
wolfSSL	4:1b0d80432c79	247	/* 76 */
wolfSSL	4:1b0d80432c79	248	"Get Session Stats Failure",
wolfSSL	4:1b0d80432c79	249	"Reassembly Buffer Size Exceeded",
wolfSSL	4:1b0d80432c79	250	"Dropping Lost Fragment",
wolfSSL	4:1b0d80432c79	251	"Dropping Partial Record",
wolfSSL	4:1b0d80432c79	252	"Clear ACK Fault",
wolfSSL	4:1b0d80432c79	253
wolfSSL	4:1b0d80432c79	254	/* 81 */
wolfSSL	4:1b0d80432c79	255	"Bad Decrypt Size"
wolfSSL	4:1b0d80432c79	256	};
wolfSSL	4:1b0d80432c79	257
wolfSSL	4:1b0d80432c79	258
wolfSSL	4:1b0d80432c79	259	/* nix version uses table above /
wolfSSL	4:1b0d80432c79	260	static void GetError(int idx, char* str)
wolfSSL	4:1b0d80432c79	261	{
wolfSSL	4:1b0d80432c79	262	XSTRNCPY(str, msgTable[idx - 1], MAX_ERROR_LEN);
wolfSSL	4:1b0d80432c79	263	}
wolfSSL	4:1b0d80432c79	264
wolfSSL	4:1b0d80432c79	265
wolfSSL	4:1b0d80432c79	266	#else /* _WIN32 */
wolfSSL	4:1b0d80432c79	267
wolfSSL	4:1b0d80432c79	268
wolfSSL	4:1b0d80432c79	269	/* Windows version uses .rc table */
wolfSSL	4:1b0d80432c79	270	static void GetError(int idx, char* buffer)
wolfSSL	4:1b0d80432c79	271	{
wolfSSL	4:1b0d80432c79	272	if (!LoadStringA(dllModule, idx, buffer, MAX_ERROR_LEN))
wolfSSL	4:1b0d80432c79	273	buffer[0] = 0;
wolfSSL	4:1b0d80432c79	274	}
wolfSSL	4:1b0d80432c79	275
wolfSSL	4:1b0d80432c79	276
wolfSSL	4:1b0d80432c79	277	#endif /* _WIN32 */
wolfSSL	4:1b0d80432c79	278
wolfSSL	4:1b0d80432c79	279
wolfSSL	4:1b0d80432c79	280	/* Packet Buffer for reassembly list and ready list */
wolfSSL	4:1b0d80432c79	281	typedef struct PacketBuffer {
wolfSSL	4:1b0d80432c79	282	word32 begin; /* relative sequence begin */
wolfSSL	4:1b0d80432c79	283	word32 end; /* relative sequence end */
wolfSSL	4:1b0d80432c79	284	byte* data; /* actual data */
wolfSSL	4:1b0d80432c79	285	struct PacketBuffer* next; /* next on reassembly list or ready list */
wolfSSL	4:1b0d80432c79	286	} PacketBuffer;
wolfSSL	4:1b0d80432c79	287
wolfSSL	4:1b0d80432c79	288
wolfSSL	4:1b0d80432c79	289	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	290
wolfSSL	4:1b0d80432c79	291	/* NamedKey maps a SNI name to a specific private key */
wolfSSL	4:1b0d80432c79	292	typedef struct NamedKey {
wolfSSL	4:1b0d80432c79	293	char name[MAX_SERVER_NAME]; /* server DNS name */
wolfSSL	4:1b0d80432c79	294	word32 nameSz; /* size of server DNS name */
wolfSSL	4:1b0d80432c79	295	byte* key; /* DER private key */
wolfSSL	4:1b0d80432c79	296	word32 keySz; /* size of DER private key */
wolfSSL	4:1b0d80432c79	297	struct NamedKey* next; /* for list */
wolfSSL	4:1b0d80432c79	298	} NamedKey;
wolfSSL	4:1b0d80432c79	299
wolfSSL	4:1b0d80432c79	300	#endif
wolfSSL	4:1b0d80432c79	301
wolfSSL	4:1b0d80432c79	302
wolfSSL	4:1b0d80432c79	303	/* Sniffer Server holds info for each server/port monitored */
wolfSSL	4:1b0d80432c79	304	typedef struct SnifferServer {
wolfSSL	4:1b0d80432c79	305	SSL_CTX* ctx; /* SSL context */
wolfSSL	4:1b0d80432c79	306	char address[MAX_SERVER_ADDRESS]; /* passed in server address */
wolfSSL	4:1b0d80432c79	307	word32 server; /* netowrk order address */
wolfSSL	4:1b0d80432c79	308	int port; /* server port */
wolfSSL	4:1b0d80432c79	309	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	310	NamedKey* namedKeys; /* mapping of names and keys */
wolfSSL	4:1b0d80432c79	311	wolfSSL_Mutex namedKeysMutex; /* mutex for namedKey list */
wolfSSL	4:1b0d80432c79	312	#endif
wolfSSL	4:1b0d80432c79	313	struct SnifferServer* next; /* for list */
wolfSSL	4:1b0d80432c79	314	} SnifferServer;
wolfSSL	4:1b0d80432c79	315
wolfSSL	4:1b0d80432c79	316
wolfSSL	4:1b0d80432c79	317	/* Session Flags */
wolfSSL	4:1b0d80432c79	318	typedef struct Flags {
wolfSSL	4:1b0d80432c79	319	byte side; /* which end is current packet headed */
wolfSSL	4:1b0d80432c79	320	byte serverCipherOn; /* indicates whether cipher is active */
wolfSSL	4:1b0d80432c79	321	byte clientCipherOn; /* indicates whether cipher is active */
wolfSSL	4:1b0d80432c79	322	byte resuming; /* did this session come from resumption */
wolfSSL	4:1b0d80432c79	323	byte cached; /* have we cached this session yet */
wolfSSL	4:1b0d80432c79	324	byte clientHello; /* processed client hello yet, for SSLv2 */
wolfSSL	4:1b0d80432c79	325	byte finCount; /* get both FINs before removing */
wolfSSL	4:1b0d80432c79	326	byte fatalError; /* fatal error state */
wolfSSL	4:1b0d80432c79	327	byte cliAckFault; /* client acked unseen data from server */
wolfSSL	4:1b0d80432c79	328	byte srvAckFault; /* server acked unseen data from client */
wolfSSL	4:1b0d80432c79	329	byte cliSkipPartial; /* client skips partial data to catch up */
wolfSSL	4:1b0d80432c79	330	byte srvSkipPartial; /* server skips partial data to catch up */
wolfSSL	4:1b0d80432c79	331	} Flags;
wolfSSL	4:1b0d80432c79	332
wolfSSL	4:1b0d80432c79	333
wolfSSL	4:1b0d80432c79	334	/* Out of Order FIN caputre */
wolfSSL	4:1b0d80432c79	335	typedef struct FinCaputre {
wolfSSL	4:1b0d80432c79	336	word32 cliFinSeq; /* client relative sequence FIN 0 is no */
wolfSSL	4:1b0d80432c79	337	word32 srvFinSeq; /* server relative sequence FIN, 0 is no */
wolfSSL	4:1b0d80432c79	338	byte cliCounted; /* did we count yet, detects duplicates */
wolfSSL	4:1b0d80432c79	339	byte srvCounted; /* did we count yet, detects duplicates */
wolfSSL	4:1b0d80432c79	340	} FinCaputre;
wolfSSL	4:1b0d80432c79	341
wolfSSL	4:1b0d80432c79	342
wolfSSL	4:1b0d80432c79	343	/* Sniffer Session holds info for each client/server SSL/TLS session */
wolfSSL	4:1b0d80432c79	344	typedef struct SnifferSession {
wolfSSL	4:1b0d80432c79	345	SnifferServer* context; /* server context */
wolfSSL	4:1b0d80432c79	346	SSL* sslServer; /* SSL server side decode */
wolfSSL	4:1b0d80432c79	347	SSL* sslClient; /* SSL client side decode */
wolfSSL	4:1b0d80432c79	348	word32 server; /* server address in network byte order */
wolfSSL	4:1b0d80432c79	349	word32 client; /* client address in network byte order */
wolfSSL	4:1b0d80432c79	350	word16 srvPort; /* server port */
wolfSSL	4:1b0d80432c79	351	word16 cliPort; /* client port */
wolfSSL	4:1b0d80432c79	352	word32 cliSeqStart; /* client start sequence */
wolfSSL	4:1b0d80432c79	353	word32 srvSeqStart; /* server start sequence */
wolfSSL	4:1b0d80432c79	354	word32 cliExpected; /* client expected sequence (relative) */
wolfSSL	4:1b0d80432c79	355	word32 srvExpected; /* server expected sequence (relative) */
wolfSSL	4:1b0d80432c79	356	FinCaputre finCaputre; /* retain out of order FIN s */
wolfSSL	4:1b0d80432c79	357	Flags flags; /* session flags */
wolfSSL	4:1b0d80432c79	358	time_t lastUsed; /* last used ticks */
wolfSSL	4:1b0d80432c79	359	PacketBuffer* cliReassemblyList; /* client out of order packets */
wolfSSL	4:1b0d80432c79	360	PacketBuffer* srvReassemblyList; /* server out of order packets */
wolfSSL	4:1b0d80432c79	361	word32 cliReassemblyMemory; /* client packet memory used */
wolfSSL	4:1b0d80432c79	362	word32 srvReassemblyMemory; /* server packet memory used */
wolfSSL	4:1b0d80432c79	363	struct SnifferSession* next; /* for hash table list */
wolfSSL	4:1b0d80432c79	364	byte* ticketID; /* mac ID of session ticket */
wolfSSL	4:1b0d80432c79	365	} SnifferSession;
wolfSSL	4:1b0d80432c79	366
wolfSSL	4:1b0d80432c79	367
wolfSSL	4:1b0d80432c79	368	/* Sniffer Server List and mutex */
wolfSSL	4:1b0d80432c79	369	static SnifferServer* ServerList = 0;
wolfSSL	4:1b0d80432c79	370	static wolfSSL_Mutex ServerListMutex;
wolfSSL	4:1b0d80432c79	371
wolfSSL	4:1b0d80432c79	372
wolfSSL	4:1b0d80432c79	373	/* Session Hash Table, mutex, and count */
wolfSSL	4:1b0d80432c79	374	static SnifferSession* SessionTable[HASH_SIZE];
wolfSSL	4:1b0d80432c79	375	static wolfSSL_Mutex SessionMutex;
wolfSSL	4:1b0d80432c79	376	static int SessionCount = 0;
wolfSSL	4:1b0d80432c79	377
wolfSSL	4:1b0d80432c79	378	/* Recovery of missed data switches and stats */
wolfSSL	4:1b0d80432c79	379	static wolfSSL_Mutex RecoveryMutex; /* for stats */
wolfSSL	4:1b0d80432c79	380	static int RecoveryEnabled = 0; /* global switch */
wolfSSL	4:1b0d80432c79	381	static int MaxRecoveryMemory = -1; /* per session max recovery memory */
wolfSSL	4:1b0d80432c79	382	static word32 MissedDataSessions = 0; /* # of sessions with missed data */
wolfSSL	4:1b0d80432c79	383
wolfSSL	4:1b0d80432c79	384
wolfSSL	4:1b0d80432c79	385	static void UpdateMissedDataSessions(void)
wolfSSL	4:1b0d80432c79	386	{
wolfSSL	4:1b0d80432c79	387	LockMutex(&RecoveryMutex);
wolfSSL	4:1b0d80432c79	388	MissedDataSessions += 1;
wolfSSL	4:1b0d80432c79	389	UnLockMutex(&RecoveryMutex);
wolfSSL	4:1b0d80432c79	390	}
wolfSSL	4:1b0d80432c79	391
wolfSSL	4:1b0d80432c79	392
wolfSSL	4:1b0d80432c79	393	/* Initialize overall Sniffer */
wolfSSL	4:1b0d80432c79	394	void ssl_InitSniffer(void)
wolfSSL	4:1b0d80432c79	395	{
wolfSSL	4:1b0d80432c79	396	wolfSSL_Init();
wolfSSL	4:1b0d80432c79	397	InitMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	398	InitMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	399	InitMutex(&RecoveryMutex);
wolfSSL	4:1b0d80432c79	400	}
wolfSSL	4:1b0d80432c79	401
wolfSSL	4:1b0d80432c79	402
wolfSSL	4:1b0d80432c79	403	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	404
wolfSSL	4:1b0d80432c79	405	/* Free Named Key and the zero out the private key it holds */
wolfSSL	4:1b0d80432c79	406	static void FreeNamedKey(NamedKey* in)
wolfSSL	4:1b0d80432c79	407	{
wolfSSL	4:1b0d80432c79	408	if (in) {
wolfSSL	4:1b0d80432c79	409	if (in->key) {
wolfSSL	4:1b0d80432c79	410	ForceZero(in->key, in->keySz);
wolfSSL	4:1b0d80432c79	411	free(in->key);
wolfSSL	4:1b0d80432c79	412	}
wolfSSL	4:1b0d80432c79	413	free(in);
wolfSSL	4:1b0d80432c79	414	}
wolfSSL	4:1b0d80432c79	415	}
wolfSSL	4:1b0d80432c79	416
wolfSSL	4:1b0d80432c79	417
wolfSSL	4:1b0d80432c79	418	static void FreeNamedKeyList(NamedKey* in)
wolfSSL	4:1b0d80432c79	419	{
wolfSSL	4:1b0d80432c79	420	NamedKey* next;
wolfSSL	4:1b0d80432c79	421
wolfSSL	4:1b0d80432c79	422	while (in) {
wolfSSL	4:1b0d80432c79	423	next = in->next;
wolfSSL	4:1b0d80432c79	424	FreeNamedKey(in);
wolfSSL	4:1b0d80432c79	425	in = next;
wolfSSL	4:1b0d80432c79	426	}
wolfSSL	4:1b0d80432c79	427	}
wolfSSL	4:1b0d80432c79	428
wolfSSL	4:1b0d80432c79	429	#endif
wolfSSL	4:1b0d80432c79	430
wolfSSL	4:1b0d80432c79	431
wolfSSL	4:1b0d80432c79	432	/* Free Sniffer Server's resources/self */
wolfSSL	4:1b0d80432c79	433	static void FreeSnifferServer(SnifferServer* srv)
wolfSSL	4:1b0d80432c79	434	{
wolfSSL	4:1b0d80432c79	435	if (srv) {
wolfSSL	4:1b0d80432c79	436	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	437	LockMutex(&srv->namedKeysMutex);
wolfSSL	4:1b0d80432c79	438	FreeNamedKeyList(srv->namedKeys);
wolfSSL	4:1b0d80432c79	439	UnLockMutex(&srv->namedKeysMutex);
wolfSSL	4:1b0d80432c79	440	FreeMutex(&srv->namedKeysMutex);
wolfSSL	4:1b0d80432c79	441	#endif
wolfSSL	4:1b0d80432c79	442	SSL_CTX_free(srv->ctx);
wolfSSL	4:1b0d80432c79	443	}
wolfSSL	4:1b0d80432c79	444	free(srv);
wolfSSL	4:1b0d80432c79	445	}
wolfSSL	4:1b0d80432c79	446
wolfSSL	4:1b0d80432c79	447
wolfSSL	4:1b0d80432c79	448	/* free PacketBuffer's resources/self */
wolfSSL	4:1b0d80432c79	449	static void FreePacketBuffer(PacketBuffer* del)
wolfSSL	4:1b0d80432c79	450	{
wolfSSL	4:1b0d80432c79	451	if (del) {
wolfSSL	4:1b0d80432c79	452	free(del->data);
wolfSSL	4:1b0d80432c79	453	free(del);
wolfSSL	4:1b0d80432c79	454	}
wolfSSL	4:1b0d80432c79	455	}
wolfSSL	4:1b0d80432c79	456
wolfSSL	4:1b0d80432c79	457
wolfSSL	4:1b0d80432c79	458	/* remove PacketBuffer List */
wolfSSL	4:1b0d80432c79	459	static void FreePacketList(PacketBuffer* in)
wolfSSL	4:1b0d80432c79	460	{
wolfSSL	4:1b0d80432c79	461	if (in) {
wolfSSL	4:1b0d80432c79	462	PacketBuffer* del;
wolfSSL	4:1b0d80432c79	463	PacketBuffer* packet = in;
wolfSSL	4:1b0d80432c79	464
wolfSSL	4:1b0d80432c79	465	while (packet) {
wolfSSL	4:1b0d80432c79	466	del = packet;
wolfSSL	4:1b0d80432c79	467	packet = packet->next;
wolfSSL	4:1b0d80432c79	468	FreePacketBuffer(del);
wolfSSL	4:1b0d80432c79	469	}
wolfSSL	4:1b0d80432c79	470	}
wolfSSL	4:1b0d80432c79	471	}
wolfSSL	4:1b0d80432c79	472
wolfSSL	4:1b0d80432c79	473
wolfSSL	4:1b0d80432c79	474	/* Free Sniffer Session's resources/self */
wolfSSL	4:1b0d80432c79	475	static void FreeSnifferSession(SnifferSession* session)
wolfSSL	4:1b0d80432c79	476	{
wolfSSL	4:1b0d80432c79	477	if (session) {
wolfSSL	4:1b0d80432c79	478	SSL_free(session->sslClient);
wolfSSL	4:1b0d80432c79	479	SSL_free(session->sslServer);
wolfSSL	4:1b0d80432c79	480
wolfSSL	4:1b0d80432c79	481	FreePacketList(session->cliReassemblyList);
wolfSSL	4:1b0d80432c79	482	FreePacketList(session->srvReassemblyList);
wolfSSL	4:1b0d80432c79	483
wolfSSL	4:1b0d80432c79	484	free(session->ticketID);
wolfSSL	4:1b0d80432c79	485	}
wolfSSL	4:1b0d80432c79	486	free(session);
wolfSSL	4:1b0d80432c79	487	}
wolfSSL	4:1b0d80432c79	488
wolfSSL	4:1b0d80432c79	489
wolfSSL	4:1b0d80432c79	490	/* Free overall Sniffer */
wolfSSL	4:1b0d80432c79	491	void ssl_FreeSniffer(void)
wolfSSL	4:1b0d80432c79	492	{
wolfSSL	4:1b0d80432c79	493	SnifferServer* srv;
wolfSSL	4:1b0d80432c79	494	SnifferServer* removeServer;
wolfSSL	4:1b0d80432c79	495	SnifferSession* session;
wolfSSL	4:1b0d80432c79	496	SnifferSession* removeSession;
wolfSSL	4:1b0d80432c79	497	int i;
wolfSSL	4:1b0d80432c79	498
wolfSSL	4:1b0d80432c79	499	LockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	500	LockMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	501
wolfSSL	4:1b0d80432c79	502	srv = ServerList;
wolfSSL	4:1b0d80432c79	503	while (srv) {
wolfSSL	4:1b0d80432c79	504	removeServer = srv;
wolfSSL	4:1b0d80432c79	505	srv = srv->next;
wolfSSL	4:1b0d80432c79	506	FreeSnifferServer(removeServer);
wolfSSL	4:1b0d80432c79	507	}
wolfSSL	4:1b0d80432c79	508
wolfSSL	4:1b0d80432c79	509	for (i = 0; i < HASH_SIZE; i++) {
wolfSSL	4:1b0d80432c79	510	session = SessionTable[i];
wolfSSL	4:1b0d80432c79	511	while (session) {
wolfSSL	4:1b0d80432c79	512	removeSession = session;
wolfSSL	4:1b0d80432c79	513	session = session->next;
wolfSSL	4:1b0d80432c79	514	FreeSnifferSession(removeSession);
wolfSSL	4:1b0d80432c79	515	}
wolfSSL	4:1b0d80432c79	516	}
wolfSSL	4:1b0d80432c79	517
wolfSSL	4:1b0d80432c79	518	UnLockMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	519	UnLockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	520
wolfSSL	4:1b0d80432c79	521	FreeMutex(&RecoveryMutex);
wolfSSL	4:1b0d80432c79	522	FreeMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	523	FreeMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	524
wolfSSL	4:1b0d80432c79	525	if (TraceFile) {
wolfSSL	4:1b0d80432c79	526	TraceOn = 0;
wolfSSL	4:1b0d80432c79	527	fclose(TraceFile);
wolfSSL	4:1b0d80432c79	528	TraceFile = NULL;
wolfSSL	4:1b0d80432c79	529	}
wolfSSL	4:1b0d80432c79	530
wolfSSL	4:1b0d80432c79	531	wolfSSL_Cleanup();
wolfSSL	4:1b0d80432c79	532	}
wolfSSL	4:1b0d80432c79	533
wolfSSL	4:1b0d80432c79	534
wolfSSL	4:1b0d80432c79	535	/* Initialize a SnifferServer */
wolfSSL	4:1b0d80432c79	536	static void InitSnifferServer(SnifferServer* sniffer)
wolfSSL	4:1b0d80432c79	537	{
wolfSSL	4:1b0d80432c79	538	sniffer->ctx = 0;
wolfSSL	4:1b0d80432c79	539	XMEMSET(sniffer->address, 0, MAX_SERVER_ADDRESS);
wolfSSL	4:1b0d80432c79	540	sniffer->server = 0;
wolfSSL	4:1b0d80432c79	541	sniffer->port = 0;
wolfSSL	4:1b0d80432c79	542	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	543	sniffer->namedKeys = 0;
wolfSSL	4:1b0d80432c79	544	InitMutex(&sniffer->namedKeysMutex);
wolfSSL	4:1b0d80432c79	545	#endif
wolfSSL	4:1b0d80432c79	546	sniffer->next = 0;
wolfSSL	4:1b0d80432c79	547	}
wolfSSL	4:1b0d80432c79	548
wolfSSL	4:1b0d80432c79	549
wolfSSL	4:1b0d80432c79	550	/* Initialize session flags */
wolfSSL	4:1b0d80432c79	551	static void InitFlags(Flags* flags)
wolfSSL	4:1b0d80432c79	552	{
wolfSSL	4:1b0d80432c79	553	flags->side = 0;
wolfSSL	4:1b0d80432c79	554	flags->serverCipherOn = 0;
wolfSSL	4:1b0d80432c79	555	flags->clientCipherOn = 0;
wolfSSL	4:1b0d80432c79	556	flags->resuming = 0;
wolfSSL	4:1b0d80432c79	557	flags->cached = 0;
wolfSSL	4:1b0d80432c79	558	flags->clientHello = 0;
wolfSSL	4:1b0d80432c79	559	flags->finCount = 0;
wolfSSL	4:1b0d80432c79	560	flags->fatalError = 0;
wolfSSL	4:1b0d80432c79	561	flags->cliAckFault = 0;
wolfSSL	4:1b0d80432c79	562	flags->srvAckFault = 0;
wolfSSL	4:1b0d80432c79	563	flags->cliSkipPartial = 0;
wolfSSL	4:1b0d80432c79	564	flags->srvSkipPartial = 0;
wolfSSL	4:1b0d80432c79	565	}
wolfSSL	4:1b0d80432c79	566
wolfSSL	4:1b0d80432c79	567
wolfSSL	4:1b0d80432c79	568	/* Initialize FIN Capture */
wolfSSL	4:1b0d80432c79	569	static void InitFinCapture(FinCaputre* cap)
wolfSSL	4:1b0d80432c79	570	{
wolfSSL	4:1b0d80432c79	571	cap->cliFinSeq = 0;
wolfSSL	4:1b0d80432c79	572	cap->srvFinSeq = 0;
wolfSSL	4:1b0d80432c79	573	cap->cliCounted = 0;
wolfSSL	4:1b0d80432c79	574	cap->srvCounted = 0;
wolfSSL	4:1b0d80432c79	575	}
wolfSSL	4:1b0d80432c79	576
wolfSSL	4:1b0d80432c79	577
wolfSSL	4:1b0d80432c79	578	/* Initialize a Sniffer Session */
wolfSSL	4:1b0d80432c79	579	static void InitSession(SnifferSession* session)
wolfSSL	4:1b0d80432c79	580	{
wolfSSL	4:1b0d80432c79	581	session->context = 0;
wolfSSL	4:1b0d80432c79	582	session->sslServer = 0;
wolfSSL	4:1b0d80432c79	583	session->sslClient = 0;
wolfSSL	4:1b0d80432c79	584	session->server = 0;
wolfSSL	4:1b0d80432c79	585	session->client = 0;
wolfSSL	4:1b0d80432c79	586	session->srvPort = 0;
wolfSSL	4:1b0d80432c79	587	session->cliPort = 0;
wolfSSL	4:1b0d80432c79	588	session->cliSeqStart = 0;
wolfSSL	4:1b0d80432c79	589	session->srvSeqStart = 0;
wolfSSL	4:1b0d80432c79	590	session->cliExpected = 0;
wolfSSL	4:1b0d80432c79	591	session->srvExpected = 0;
wolfSSL	4:1b0d80432c79	592	session->lastUsed = 0;
wolfSSL	4:1b0d80432c79	593	session->cliReassemblyList = 0;
wolfSSL	4:1b0d80432c79	594	session->srvReassemblyList = 0;
wolfSSL	4:1b0d80432c79	595	session->cliReassemblyMemory = 0;
wolfSSL	4:1b0d80432c79	596	session->srvReassemblyMemory = 0;
wolfSSL	4:1b0d80432c79	597	session->next = 0;
wolfSSL	4:1b0d80432c79	598	session->ticketID = 0;
wolfSSL	4:1b0d80432c79	599
wolfSSL	4:1b0d80432c79	600	InitFlags(&session->flags);
wolfSSL	4:1b0d80432c79	601	InitFinCapture(&session->finCaputre);
wolfSSL	4:1b0d80432c79	602	}
wolfSSL	4:1b0d80432c79	603
wolfSSL	4:1b0d80432c79	604
wolfSSL	4:1b0d80432c79	605	/* IP Info from IP Header */
wolfSSL	4:1b0d80432c79	606	typedef struct IpInfo {
wolfSSL	4:1b0d80432c79	607	int length; /* length of this header */
wolfSSL	4:1b0d80432c79	608	int total; /* total length of fragment */
wolfSSL	4:1b0d80432c79	609	word32 src; /* network order source address */
wolfSSL	4:1b0d80432c79	610	word32 dst; /* network order destination address */
wolfSSL	4:1b0d80432c79	611	} IpInfo;
wolfSSL	4:1b0d80432c79	612
wolfSSL	4:1b0d80432c79	613
wolfSSL	4:1b0d80432c79	614	/* TCP Info from TCP Header */
wolfSSL	4:1b0d80432c79	615	typedef struct TcpInfo {
wolfSSL	4:1b0d80432c79	616	int srcPort; /* source port */
wolfSSL	4:1b0d80432c79	617	int dstPort; /* source port */
wolfSSL	4:1b0d80432c79	618	int length; /* length of this header */
wolfSSL	4:1b0d80432c79	619	word32 sequence; /* sequence number */
wolfSSL	4:1b0d80432c79	620	word32 ackNumber; /* ack number */
wolfSSL	4:1b0d80432c79	621	byte fin; /* FIN set */
wolfSSL	4:1b0d80432c79	622	byte rst; /* RST set */
wolfSSL	4:1b0d80432c79	623	byte syn; /* SYN set */
wolfSSL	4:1b0d80432c79	624	byte ack; /* ACK set */
wolfSSL	4:1b0d80432c79	625	} TcpInfo;
wolfSSL	4:1b0d80432c79	626
wolfSSL	4:1b0d80432c79	627
wolfSSL	4:1b0d80432c79	628	/* Tcp Pseudo Header for Checksum calculation */
wolfSSL	4:1b0d80432c79	629	typedef struct TcpPseudoHdr {
wolfSSL	4:1b0d80432c79	630	word32 src; /* source address */
wolfSSL	4:1b0d80432c79	631	word32 dst; /* destination address */
wolfSSL	4:1b0d80432c79	632	byte rsv; /* reserved, always 0 */
wolfSSL	4:1b0d80432c79	633	byte protocol; /* IP protocol */
wolfSSL	4:1b0d80432c79	634	word16 length; /* tcp header length + data length (doesn't include */
wolfSSL	4:1b0d80432c79	635	/* pseudo header length) network order */
wolfSSL	4:1b0d80432c79	636	} TcpPseudoHdr;
wolfSSL	4:1b0d80432c79	637
wolfSSL	4:1b0d80432c79	638
wolfSSL	4:1b0d80432c79	639	/* Password Setting Callback */
wolfSSL	4:1b0d80432c79	640	static int SetPassword(char* passwd, int sz, int rw, void* userdata)
wolfSSL	4:1b0d80432c79	641	{
wolfSSL	4:1b0d80432c79	642	(void)rw;
wolfSSL	4:1b0d80432c79	643	XSTRNCPY(passwd, (const char*)userdata, sz);
wolfSSL	4:1b0d80432c79	644	return (int)XSTRLEN((const char*)userdata);
wolfSSL	4:1b0d80432c79	645	}
wolfSSL	4:1b0d80432c79	646
wolfSSL	4:1b0d80432c79	647
wolfSSL	4:1b0d80432c79	648	/* Ethernet Header */
wolfSSL	4:1b0d80432c79	649	typedef struct EthernetHdr {
wolfSSL	4:1b0d80432c79	650	byte dst[ETHER_IF_ADDR_LEN]; /* destination host address */
wolfSSL	4:1b0d80432c79	651	byte src[ETHER_IF_ADDR_LEN]; /* source host address */
wolfSSL	4:1b0d80432c79	652	word16 type; /* IP, ARP, etc */
wolfSSL	4:1b0d80432c79	653	} EthernetHdr;
wolfSSL	4:1b0d80432c79	654
wolfSSL	4:1b0d80432c79	655
wolfSSL	4:1b0d80432c79	656	/* IP Header */
wolfSSL	4:1b0d80432c79	657	typedef struct IpHdr {
wolfSSL	4:1b0d80432c79	658	byte ver_hl; /* version/header length */
wolfSSL	4:1b0d80432c79	659	byte tos; /* type of service */
wolfSSL	4:1b0d80432c79	660	word16 length; /* total length */
wolfSSL	4:1b0d80432c79	661	word16 id; /* identification */
wolfSSL	4:1b0d80432c79	662	word16 offset; /* fragment offset field */
wolfSSL	4:1b0d80432c79	663	byte ttl; /* time to live */
wolfSSL	4:1b0d80432c79	664	byte protocol; /* protocol */
wolfSSL	4:1b0d80432c79	665	word16 sum; /* checksum */
wolfSSL	4:1b0d80432c79	666	word32 src; /* source address */
wolfSSL	4:1b0d80432c79	667	word32 dst; /* destination address */
wolfSSL	4:1b0d80432c79	668	} IpHdr;
wolfSSL	4:1b0d80432c79	669
wolfSSL	4:1b0d80432c79	670
wolfSSL	4:1b0d80432c79	671	#define IP_HL(ip) ( (((ip)->ver_hl) & 0x0f) * 4)
wolfSSL	4:1b0d80432c79	672	#define IP_V(ip) ( ((ip)->ver_hl) >> 4)
wolfSSL	4:1b0d80432c79	673
wolfSSL	4:1b0d80432c79	674	/* TCP Header */
wolfSSL	4:1b0d80432c79	675	typedef struct TcpHdr {
wolfSSL	4:1b0d80432c79	676	word16 srcPort; /* source port */
wolfSSL	4:1b0d80432c79	677	word16 dstPort; /* destination port */
wolfSSL	4:1b0d80432c79	678	word32 sequence; /* sequence number */
wolfSSL	4:1b0d80432c79	679	word32 ack; /* acknoledgment number */
wolfSSL	4:1b0d80432c79	680	byte offset; /* data offset, reserved */
wolfSSL	4:1b0d80432c79	681	byte flags; /* option flags */
wolfSSL	4:1b0d80432c79	682	word16 window; /* window */
wolfSSL	4:1b0d80432c79	683	word16 sum; /* checksum */
wolfSSL	4:1b0d80432c79	684	word16 urgent; /* urgent pointer */
wolfSSL	4:1b0d80432c79	685	} TcpHdr;
wolfSSL	4:1b0d80432c79	686
wolfSSL	4:1b0d80432c79	687	#define TCP_LEN(tcp) ( (((tcp)->offset & 0xf0) >> 4) * 4)
wolfSSL	4:1b0d80432c79	688	#define TCP_FIN 0x01
wolfSSL	4:1b0d80432c79	689	#define TCP_SYN 0x02
wolfSSL	4:1b0d80432c79	690	#define TCP_RST 0x04
wolfSSL	4:1b0d80432c79	691	#define TCP_ACK 0x10
wolfSSL	4:1b0d80432c79	692
wolfSSL	4:1b0d80432c79	693
wolfSSL	4:1b0d80432c79	694
wolfSSL	4:1b0d80432c79	695
wolfSSL	4:1b0d80432c79	696
wolfSSL	4:1b0d80432c79	697	/* Use platform specific GetError to write to tracfile if tracing */
wolfSSL	4:1b0d80432c79	698	static void Trace(int idx)
wolfSSL	4:1b0d80432c79	699	{
wolfSSL	4:1b0d80432c79	700	if (TraceOn) {
wolfSSL	4:1b0d80432c79	701	char myBuffer[MAX_ERROR_LEN];
wolfSSL	4:1b0d80432c79	702	GetError(idx, myBuffer);
wolfSSL	4:1b0d80432c79	703	fprintf(TraceFile, "\t%s\n", myBuffer);
wolfSSL	4:1b0d80432c79	704	#ifdef DEBUG_SNIFFER
wolfSSL	4:1b0d80432c79	705	fprintf(stderr, "\t%s\n", myBuffer);
wolfSSL	4:1b0d80432c79	706	#endif
wolfSSL	4:1b0d80432c79	707	}
wolfSSL	4:1b0d80432c79	708	}
wolfSSL	4:1b0d80432c79	709
wolfSSL	4:1b0d80432c79	710
wolfSSL	4:1b0d80432c79	711	/* Show TimeStamp for beginning of packet Trace */
wolfSSL	4:1b0d80432c79	712	static void TraceHeader(void)
wolfSSL	4:1b0d80432c79	713	{
wolfSSL	4:1b0d80432c79	714	if (TraceOn) {
wolfSSL	4:1b0d80432c79	715	time_t ticks = time(NULL);
wolfSSL	4:1b0d80432c79	716	fprintf(TraceFile, "\n%s", ctime(&ticks));
wolfSSL	4:1b0d80432c79	717	}
wolfSSL	4:1b0d80432c79	718	}
wolfSSL	4:1b0d80432c79	719
wolfSSL	4:1b0d80432c79	720
wolfSSL	4:1b0d80432c79	721	/* Show Set Server info for Trace */
wolfSSL	4:1b0d80432c79	722	static void TraceSetServer(const char* srv, int port, const char* keyFile)
wolfSSL	4:1b0d80432c79	723	{
wolfSSL	4:1b0d80432c79	724	if (TraceOn) {
wolfSSL	4:1b0d80432c79	725	fprintf(TraceFile, "\tTrying to install a new Sniffer Server with\n");
wolfSSL	4:1b0d80432c79	726	fprintf(TraceFile, "\tserver: %s, port: %d, keyFile: %s\n", srv, port,
wolfSSL	4:1b0d80432c79	727	keyFile);
wolfSSL	4:1b0d80432c79	728	}
wolfSSL	4:1b0d80432c79	729	}
wolfSSL	4:1b0d80432c79	730
wolfSSL	4:1b0d80432c79	731
wolfSSL	4:1b0d80432c79	732	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	733
wolfSSL	4:1b0d80432c79	734	/* Show Set Named Server info for Trace */
wolfSSL	4:1b0d80432c79	735	static void TraceSetNamedServer(const char* name,
wolfSSL	4:1b0d80432c79	736	const char* srv, int port, const char* keyFile)
wolfSSL	4:1b0d80432c79	737	{
wolfSSL	4:1b0d80432c79	738	if (TraceOn) {
wolfSSL	4:1b0d80432c79	739	fprintf(TraceFile, "\tTrying to install a new Sniffer Server with\n");
wolfSSL	4:1b0d80432c79	740	fprintf(TraceFile, "\tname: %s, server: %s, port: %d, keyFile: %s\n",
wolfSSL	4:1b0d80432c79	741	name, srv, port, keyFile);
wolfSSL	4:1b0d80432c79	742	}
wolfSSL	4:1b0d80432c79	743	}
wolfSSL	4:1b0d80432c79	744
wolfSSL	4:1b0d80432c79	745	#endif
wolfSSL	4:1b0d80432c79	746
wolfSSL	4:1b0d80432c79	747
wolfSSL	4:1b0d80432c79	748	/* Trace got packet number */
wolfSSL	4:1b0d80432c79	749	static void TracePacket(void)
wolfSSL	4:1b0d80432c79	750	{
wolfSSL	4:1b0d80432c79	751	if (TraceOn) {
wolfSSL	4:1b0d80432c79	752	static word32 packetNumber = 0;
wolfSSL	4:1b0d80432c79	753	fprintf(TraceFile, "\tGot a Packet to decode, packet %u\n",
wolfSSL	4:1b0d80432c79	754	++packetNumber);
wolfSSL	4:1b0d80432c79	755	}
wolfSSL	4:1b0d80432c79	756	}
wolfSSL	4:1b0d80432c79	757
wolfSSL	4:1b0d80432c79	758
wolfSSL	4:1b0d80432c79	759	/* Convert network byte order address into human readable */
wolfSSL	4:1b0d80432c79	760	static char* IpToS(word32 addr, char* str)
wolfSSL	4:1b0d80432c79	761	{
wolfSSL	4:1b0d80432c79	762	byte* p = (byte*)&addr;
wolfSSL	4:1b0d80432c79	763
wolfSSL	4:1b0d80432c79	764	SNPRINTF(str, TRACE_MSG_SZ, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
wolfSSL	4:1b0d80432c79	765
wolfSSL	4:1b0d80432c79	766	return str;
wolfSSL	4:1b0d80432c79	767	}
wolfSSL	4:1b0d80432c79	768
wolfSSL	4:1b0d80432c79	769
wolfSSL	4:1b0d80432c79	770	/* Show destination and source address from Ip Hdr for packet Trace */
wolfSSL	4:1b0d80432c79	771	static void TraceIP(IpHdr* iphdr)
wolfSSL	4:1b0d80432c79	772	{
wolfSSL	4:1b0d80432c79	773	if (TraceOn) {
wolfSSL	4:1b0d80432c79	774	char src[TRACE_MSG_SZ];
wolfSSL	4:1b0d80432c79	775	char dst[TRACE_MSG_SZ];
wolfSSL	4:1b0d80432c79	776	fprintf(TraceFile, "\tdst:%s src:%s\n", IpToS(iphdr->dst, dst),
wolfSSL	4:1b0d80432c79	777	IpToS(iphdr->src, src));
wolfSSL	4:1b0d80432c79	778	}
wolfSSL	4:1b0d80432c79	779	}
wolfSSL	4:1b0d80432c79	780
wolfSSL	4:1b0d80432c79	781
wolfSSL	4:1b0d80432c79	782	/* Show destination and source port from Tcp Hdr for packet Trace */
wolfSSL	4:1b0d80432c79	783	static void TraceTcp(TcpHdr* tcphdr)
wolfSSL	4:1b0d80432c79	784	{
wolfSSL	4:1b0d80432c79	785	if (TraceOn) {
wolfSSL	4:1b0d80432c79	786	fprintf(TraceFile, "\tdstPort:%u srcPort:%u\n", ntohs(tcphdr->dstPort),
wolfSSL	4:1b0d80432c79	787	ntohs(tcphdr->srcPort));
wolfSSL	4:1b0d80432c79	788	}
wolfSSL	4:1b0d80432c79	789	}
wolfSSL	4:1b0d80432c79	790
wolfSSL	4:1b0d80432c79	791
wolfSSL	4:1b0d80432c79	792	/* Show sequence and payload length for Trace */
wolfSSL	4:1b0d80432c79	793	static void TraceSequence(word32 seq, int len)
wolfSSL	4:1b0d80432c79	794	{
wolfSSL	4:1b0d80432c79	795	if (TraceOn) {
wolfSSL	4:1b0d80432c79	796	fprintf(TraceFile, "\tSequence:%u, payload length:%d\n", seq, len);
wolfSSL	4:1b0d80432c79	797	}
wolfSSL	4:1b0d80432c79	798	}
wolfSSL	4:1b0d80432c79	799
wolfSSL	4:1b0d80432c79	800
wolfSSL	4:1b0d80432c79	801	/* Show sequence and payload length for Trace */
wolfSSL	4:1b0d80432c79	802	static void TraceAck(word32 ack, word32 expected)
wolfSSL	4:1b0d80432c79	803	{
wolfSSL	4:1b0d80432c79	804	if (TraceOn) {
wolfSSL	4:1b0d80432c79	805	fprintf(TraceFile, "\tAck:%u Expected:%u\n", ack, expected);
wolfSSL	4:1b0d80432c79	806	}
wolfSSL	4:1b0d80432c79	807	}
wolfSSL	4:1b0d80432c79	808
wolfSSL	4:1b0d80432c79	809
wolfSSL	4:1b0d80432c79	810	/* Show relative expected and relative received sequences */
wolfSSL	4:1b0d80432c79	811	static void TraceRelativeSequence(word32 expected, word32 got)
wolfSSL	4:1b0d80432c79	812	{
wolfSSL	4:1b0d80432c79	813	if (TraceOn) {
wolfSSL	4:1b0d80432c79	814	fprintf(TraceFile, "\tExpected sequence:%u, received sequence:%u\n",
wolfSSL	4:1b0d80432c79	815	expected, got);
wolfSSL	4:1b0d80432c79	816	}
wolfSSL	4:1b0d80432c79	817	}
wolfSSL	4:1b0d80432c79	818
wolfSSL	4:1b0d80432c79	819
wolfSSL	4:1b0d80432c79	820	/* Show server sequence startup from SYN */
wolfSSL	4:1b0d80432c79	821	static void TraceServerSyn(word32 seq)
wolfSSL	4:1b0d80432c79	822	{
wolfSSL	4:1b0d80432c79	823	if (TraceOn) {
wolfSSL	4:1b0d80432c79	824	fprintf(TraceFile, "\tServer SYN, Sequence Start:%u\n", seq);
wolfSSL	4:1b0d80432c79	825	}
wolfSSL	4:1b0d80432c79	826	}
wolfSSL	4:1b0d80432c79	827
wolfSSL	4:1b0d80432c79	828
wolfSSL	4:1b0d80432c79	829	/* Show client sequence startup from SYN */
wolfSSL	4:1b0d80432c79	830	static void TraceClientSyn(word32 seq)
wolfSSL	4:1b0d80432c79	831	{
wolfSSL	4:1b0d80432c79	832	if (TraceOn) {
wolfSSL	4:1b0d80432c79	833	fprintf(TraceFile, "\tClient SYN, Sequence Start:%u\n", seq);
wolfSSL	4:1b0d80432c79	834	}
wolfSSL	4:1b0d80432c79	835	}
wolfSSL	4:1b0d80432c79	836
wolfSSL	4:1b0d80432c79	837
wolfSSL	4:1b0d80432c79	838	/* Show client FIN capture */
wolfSSL	4:1b0d80432c79	839	static void TraceClientFin(word32 finSeq, word32 relSeq)
wolfSSL	4:1b0d80432c79	840	{
wolfSSL	4:1b0d80432c79	841	if (TraceOn) {
wolfSSL	4:1b0d80432c79	842	fprintf(TraceFile, "\tClient FIN capture:%u, current SEQ:%u\n",
wolfSSL	4:1b0d80432c79	843	finSeq, relSeq);
wolfSSL	4:1b0d80432c79	844	}
wolfSSL	4:1b0d80432c79	845	}
wolfSSL	4:1b0d80432c79	846
wolfSSL	4:1b0d80432c79	847
wolfSSL	4:1b0d80432c79	848	/* Show server FIN capture */
wolfSSL	4:1b0d80432c79	849	static void TraceServerFin(word32 finSeq, word32 relSeq)
wolfSSL	4:1b0d80432c79	850	{
wolfSSL	4:1b0d80432c79	851	if (TraceOn) {
wolfSSL	4:1b0d80432c79	852	fprintf(TraceFile, "\tServer FIN capture:%u, current SEQ:%u\n",
wolfSSL	4:1b0d80432c79	853	finSeq, relSeq);
wolfSSL	4:1b0d80432c79	854	}
wolfSSL	4:1b0d80432c79	855	}
wolfSSL	4:1b0d80432c79	856
wolfSSL	4:1b0d80432c79	857
wolfSSL	4:1b0d80432c79	858	/* Show number of SSL data bytes decoded, could be 0 (ok) */
wolfSSL	4:1b0d80432c79	859	static void TraceGotData(int bytes)
wolfSSL	4:1b0d80432c79	860	{
wolfSSL	4:1b0d80432c79	861	if (TraceOn) {
wolfSSL	4:1b0d80432c79	862	fprintf(TraceFile, "\t%d bytes of SSL App data processed\n", bytes);
wolfSSL	4:1b0d80432c79	863	}
wolfSSL	4:1b0d80432c79	864	}
wolfSSL	4:1b0d80432c79	865
wolfSSL	4:1b0d80432c79	866
wolfSSL	4:1b0d80432c79	867	/* Show bytes added to old SSL App data */
wolfSSL	4:1b0d80432c79	868	static void TraceAddedData(int newBytes, int existingBytes)
wolfSSL	4:1b0d80432c79	869	{
wolfSSL	4:1b0d80432c79	870	if (TraceOn) {
wolfSSL	4:1b0d80432c79	871	fprintf(TraceFile,
wolfSSL	4:1b0d80432c79	872	"\t%d bytes added to %d existing bytes in User Buffer\n",
wolfSSL	4:1b0d80432c79	873	newBytes, existingBytes);
wolfSSL	4:1b0d80432c79	874	}
wolfSSL	4:1b0d80432c79	875	}
wolfSSL	4:1b0d80432c79	876
wolfSSL	4:1b0d80432c79	877
wolfSSL	4:1b0d80432c79	878	/* Show Stale Session */
wolfSSL	4:1b0d80432c79	879	static void TraceStaleSession(void)
wolfSSL	4:1b0d80432c79	880	{
wolfSSL	4:1b0d80432c79	881	if (TraceOn) {
wolfSSL	4:1b0d80432c79	882	fprintf(TraceFile, "\tFound a stale session\n");
wolfSSL	4:1b0d80432c79	883	}
wolfSSL	4:1b0d80432c79	884	}
wolfSSL	4:1b0d80432c79	885
wolfSSL	4:1b0d80432c79	886
wolfSSL	4:1b0d80432c79	887	/* Show Finding Stale Sessions */
wolfSSL	4:1b0d80432c79	888	static void TraceFindingStale(void)
wolfSSL	4:1b0d80432c79	889	{
wolfSSL	4:1b0d80432c79	890	if (TraceOn) {
wolfSSL	4:1b0d80432c79	891	fprintf(TraceFile, "\tTrying to find Stale Sessions\n");
wolfSSL	4:1b0d80432c79	892	}
wolfSSL	4:1b0d80432c79	893	}
wolfSSL	4:1b0d80432c79	894
wolfSSL	4:1b0d80432c79	895
wolfSSL	4:1b0d80432c79	896	/* Show Removed Session */
wolfSSL	4:1b0d80432c79	897	static void TraceRemovedSession(void)
wolfSSL	4:1b0d80432c79	898	{
wolfSSL	4:1b0d80432c79	899	if (TraceOn) {
wolfSSL	4:1b0d80432c79	900	fprintf(TraceFile, "\tRemoved it\n");
wolfSSL	4:1b0d80432c79	901	}
wolfSSL	4:1b0d80432c79	902	}
wolfSSL	4:1b0d80432c79	903
wolfSSL	4:1b0d80432c79	904
wolfSSL	4:1b0d80432c79	905	/* Set user error string */
wolfSSL	4:1b0d80432c79	906	static void SetError(int idx, char* error, SnifferSession* session, int fatal)
wolfSSL	4:1b0d80432c79	907	{
wolfSSL	4:1b0d80432c79	908	GetError(idx, error);
wolfSSL	4:1b0d80432c79	909	Trace(idx);
wolfSSL	4:1b0d80432c79	910	if (session && fatal == FATAL_ERROR_STATE)
wolfSSL	4:1b0d80432c79	911	session->flags.fatalError = 1;
wolfSSL	4:1b0d80432c79	912	}
wolfSSL	4:1b0d80432c79	913
wolfSSL	4:1b0d80432c79	914
wolfSSL	4:1b0d80432c79	915	/* See if this IPV4 network order address has been registered */
wolfSSL	4:1b0d80432c79	916	/* return 1 is true, 0 is false */
wolfSSL	4:1b0d80432c79	917	static int IsServerRegistered(word32 addr)
wolfSSL	4:1b0d80432c79	918	{
wolfSSL	4:1b0d80432c79	919	int ret = 0; /* false */
wolfSSL	4:1b0d80432c79	920	SnifferServer* sniffer;
wolfSSL	4:1b0d80432c79	921
wolfSSL	4:1b0d80432c79	922	LockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	923
wolfSSL	4:1b0d80432c79	924	sniffer = ServerList;
wolfSSL	4:1b0d80432c79	925	while (sniffer) {
wolfSSL	4:1b0d80432c79	926	if (sniffer->server == addr) {
wolfSSL	4:1b0d80432c79	927	ret = 1;
wolfSSL	4:1b0d80432c79	928	break;
wolfSSL	4:1b0d80432c79	929	}
wolfSSL	4:1b0d80432c79	930	sniffer = sniffer->next;
wolfSSL	4:1b0d80432c79	931	}
wolfSSL	4:1b0d80432c79	932
wolfSSL	4:1b0d80432c79	933	UnLockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	934
wolfSSL	4:1b0d80432c79	935	return ret;
wolfSSL	4:1b0d80432c79	936	}
wolfSSL	4:1b0d80432c79	937
wolfSSL	4:1b0d80432c79	938
wolfSSL	4:1b0d80432c79	939	/* See if this port has been registered to watch */
wolfSSL	4:1b0d80432c79	940	/* return 1 is true, 0 is false */
wolfSSL	4:1b0d80432c79	941	static int IsPortRegistered(word32 port)
wolfSSL	4:1b0d80432c79	942	{
wolfSSL	4:1b0d80432c79	943	int ret = 0; /* false */
wolfSSL	4:1b0d80432c79	944	SnifferServer* sniffer;
wolfSSL	4:1b0d80432c79	945
wolfSSL	4:1b0d80432c79	946	LockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	947
wolfSSL	4:1b0d80432c79	948	sniffer = ServerList;
wolfSSL	4:1b0d80432c79	949	while (sniffer) {
wolfSSL	4:1b0d80432c79	950	if (sniffer->port == (int)port) {
wolfSSL	4:1b0d80432c79	951	ret = 1;
wolfSSL	4:1b0d80432c79	952	break;
wolfSSL	4:1b0d80432c79	953	}
wolfSSL	4:1b0d80432c79	954	sniffer = sniffer->next;
wolfSSL	4:1b0d80432c79	955	}
wolfSSL	4:1b0d80432c79	956
wolfSSL	4:1b0d80432c79	957	UnLockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	958
wolfSSL	4:1b0d80432c79	959	return ret;
wolfSSL	4:1b0d80432c79	960	}
wolfSSL	4:1b0d80432c79	961
wolfSSL	4:1b0d80432c79	962
wolfSSL	4:1b0d80432c79	963	/* Get SnifferServer from IP and Port */
wolfSSL	4:1b0d80432c79	964	static SnifferServer* GetSnifferServer(IpInfo* ipInfo, TcpInfo* tcpInfo)
wolfSSL	4:1b0d80432c79	965	{
wolfSSL	4:1b0d80432c79	966	SnifferServer* sniffer;
wolfSSL	4:1b0d80432c79	967
wolfSSL	4:1b0d80432c79	968	LockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	969
wolfSSL	4:1b0d80432c79	970	sniffer = ServerList;
wolfSSL	4:1b0d80432c79	971	while (sniffer) {
wolfSSL	4:1b0d80432c79	972	if (sniffer->port == tcpInfo->srcPort && sniffer->server == ipInfo->src)
wolfSSL	4:1b0d80432c79	973	break;
wolfSSL	4:1b0d80432c79	974	if (sniffer->port == tcpInfo->dstPort && sniffer->server == ipInfo->dst)
wolfSSL	4:1b0d80432c79	975	break;
wolfSSL	4:1b0d80432c79	976	sniffer = sniffer->next;
wolfSSL	4:1b0d80432c79	977	}
wolfSSL	4:1b0d80432c79	978
wolfSSL	4:1b0d80432c79	979	UnLockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	980
wolfSSL	4:1b0d80432c79	981	return sniffer;
wolfSSL	4:1b0d80432c79	982	}
wolfSSL	4:1b0d80432c79	983
wolfSSL	4:1b0d80432c79	984
wolfSSL	4:1b0d80432c79	985	/* Hash the Session Info, return hash row */
wolfSSL	4:1b0d80432c79	986	static word32 SessionHash(IpInfo* ipInfo, TcpInfo* tcpInfo)
wolfSSL	4:1b0d80432c79	987	{
wolfSSL	4:1b0d80432c79	988	word32 hash = ipInfo->src * ipInfo->dst;
wolfSSL	4:1b0d80432c79	989	hash = tcpInfo->srcPort tcpInfo->dstPort;
wolfSSL	4:1b0d80432c79	990
wolfSSL	4:1b0d80432c79	991	return hash % HASH_SIZE;
wolfSSL	4:1b0d80432c79	992	}
wolfSSL	4:1b0d80432c79	993
wolfSSL	4:1b0d80432c79	994
wolfSSL	4:1b0d80432c79	995	/* Get Exisiting SnifferSession from IP and Port */
wolfSSL	4:1b0d80432c79	996	static SnifferSession* GetSnifferSession(IpInfo* ipInfo, TcpInfo* tcpInfo)
wolfSSL	4:1b0d80432c79	997	{
wolfSSL	4:1b0d80432c79	998	SnifferSession* session;
wolfSSL	4:1b0d80432c79	999	time_t currTime = time(NULL);
wolfSSL	4:1b0d80432c79	1000	word32 row = SessionHash(ipInfo, tcpInfo);
wolfSSL	4:1b0d80432c79	1001
wolfSSL	4:1b0d80432c79	1002	assert(row <= HASH_SIZE);
wolfSSL	4:1b0d80432c79	1003
wolfSSL	4:1b0d80432c79	1004	LockMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	1005
wolfSSL	4:1b0d80432c79	1006	session = SessionTable[row];
wolfSSL	4:1b0d80432c79	1007	while (session) {
wolfSSL	4:1b0d80432c79	1008	if (session->server == ipInfo->src && session->client == ipInfo->dst &&
wolfSSL	4:1b0d80432c79	1009	session->srvPort == tcpInfo->srcPort &&
wolfSSL	4:1b0d80432c79	1010	session->cliPort == tcpInfo->dstPort)
wolfSSL	4:1b0d80432c79	1011	break;
wolfSSL	4:1b0d80432c79	1012	if (session->client == ipInfo->src && session->server == ipInfo->dst &&
wolfSSL	4:1b0d80432c79	1013	session->cliPort == tcpInfo->srcPort &&
wolfSSL	4:1b0d80432c79	1014	session->srvPort == tcpInfo->dstPort)
wolfSSL	4:1b0d80432c79	1015	break;
wolfSSL	4:1b0d80432c79	1016
wolfSSL	4:1b0d80432c79	1017	session = session->next;
wolfSSL	4:1b0d80432c79	1018	}
wolfSSL	4:1b0d80432c79	1019
wolfSSL	4:1b0d80432c79	1020	if (session)
wolfSSL	4:1b0d80432c79	1021	session->lastUsed= currTime; /* keep session alive, remove stale will */
wolfSSL	4:1b0d80432c79	1022	/* leave alone */
wolfSSL	4:1b0d80432c79	1023	UnLockMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	1024
wolfSSL	4:1b0d80432c79	1025	/* determine side */
wolfSSL	4:1b0d80432c79	1026	if (session) {
wolfSSL	4:1b0d80432c79	1027	if (ipInfo->dst == session->context->server &&
wolfSSL	4:1b0d80432c79	1028	tcpInfo->dstPort == session->context->port)
wolfSSL	4:1b0d80432c79	1029	session->flags.side = WOLFSSL_SERVER_END;
wolfSSL	4:1b0d80432c79	1030	else
wolfSSL	4:1b0d80432c79	1031	session->flags.side = WOLFSSL_CLIENT_END;
wolfSSL	4:1b0d80432c79	1032	}
wolfSSL	4:1b0d80432c79	1033
wolfSSL	4:1b0d80432c79	1034	return session;
wolfSSL	4:1b0d80432c79	1035	}
wolfSSL	4:1b0d80432c79	1036
wolfSSL	4:1b0d80432c79	1037
wolfSSL	4:1b0d80432c79	1038	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	1039
wolfSSL	4:1b0d80432c79	1040	static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
wolfSSL	4:1b0d80432c79	1041	const char* keyFile, int typeKey,
wolfSSL	4:1b0d80432c79	1042	const char* password)
wolfSSL	4:1b0d80432c79	1043	{
wolfSSL	4:1b0d80432c79	1044	byte* loadBuf;
wolfSSL	4:1b0d80432c79	1045	long fileSz = 0;
wolfSSL	4:1b0d80432c79	1046	XFILE file;
wolfSSL	4:1b0d80432c79	1047	int ret;
wolfSSL	4:1b0d80432c79	1048
wolfSSL	4:1b0d80432c79	1049	if (keyBuf == NULL \|\| keyBufSz == NULL \|\| keyFile == NULL) {
wolfSSL	4:1b0d80432c79	1050	return -1;
wolfSSL	4:1b0d80432c79	1051	}
wolfSSL	4:1b0d80432c79	1052
wolfSSL	4:1b0d80432c79	1053	file = XFOPEN(keyFile, "rb");
wolfSSL	4:1b0d80432c79	1054	if (file == XBADFILE) return -1;
wolfSSL	4:1b0d80432c79	1055	XFSEEK(file, 0, XSEEK_END);
wolfSSL	4:1b0d80432c79	1056	fileSz = XFTELL(file);
wolfSSL	4:1b0d80432c79	1057	XREWIND(file);
wolfSSL	4:1b0d80432c79	1058
wolfSSL	4:1b0d80432c79	1059	loadBuf = (byte*)malloc(fileSz);
wolfSSL	4:1b0d80432c79	1060	if (loadBuf == NULL) {
wolfSSL	4:1b0d80432c79	1061	XFCLOSE(file);
wolfSSL	4:1b0d80432c79	1062	return -1;
wolfSSL	4:1b0d80432c79	1063	}
wolfSSL	4:1b0d80432c79	1064
wolfSSL	4:1b0d80432c79	1065	ret = (int)XFREAD(loadBuf, fileSz, 1, file);
wolfSSL	4:1b0d80432c79	1066	XFCLOSE(file);
wolfSSL	4:1b0d80432c79	1067
wolfSSL	4:1b0d80432c79	1068	if (typeKey == SSL_FILETYPE_PEM) {
wolfSSL	4:1b0d80432c79	1069	byte* saveBuf = (byte*)malloc(fileSz);
wolfSSL	4:1b0d80432c79	1070	int saveBufSz = 0;
wolfSSL	4:1b0d80432c79	1071
wolfSSL	4:1b0d80432c79	1072	ret = -1;
wolfSSL	4:1b0d80432c79	1073	if (saveBuf != NULL) {
wolfSSL	4:1b0d80432c79	1074	saveBufSz = wolfSSL_KeyPemToDer(loadBuf, (int)fileSz,
wolfSSL	4:1b0d80432c79	1075	saveBuf, (int)fileSz, password);
wolfSSL	4:1b0d80432c79	1076	if (saveBufSz < 0) {
wolfSSL	4:1b0d80432c79	1077	saveBufSz = 0;
wolfSSL	4:1b0d80432c79	1078	free(saveBuf);
wolfSSL	4:1b0d80432c79	1079	}
wolfSSL	4:1b0d80432c79	1080	else
wolfSSL	4:1b0d80432c79	1081	ret = 0;
wolfSSL	4:1b0d80432c79	1082	}
wolfSSL	4:1b0d80432c79	1083
wolfSSL	4:1b0d80432c79	1084	free(loadBuf);
wolfSSL	4:1b0d80432c79	1085
wolfSSL	4:1b0d80432c79	1086	*keyBuf = saveBuf;
wolfSSL	4:1b0d80432c79	1087	*keyBufSz = (word32)saveBufSz;
wolfSSL	4:1b0d80432c79	1088	}
wolfSSL	4:1b0d80432c79	1089	else {
wolfSSL	4:1b0d80432c79	1090	*keyBuf = loadBuf;
wolfSSL	4:1b0d80432c79	1091	*keyBufSz = (word32)fileSz;
wolfSSL	4:1b0d80432c79	1092	}
wolfSSL	4:1b0d80432c79	1093
wolfSSL	4:1b0d80432c79	1094	if (ret < 0) {
wolfSSL	4:1b0d80432c79	1095	return -1;
wolfSSL	4:1b0d80432c79	1096	}
wolfSSL	4:1b0d80432c79	1097
wolfSSL	4:1b0d80432c79	1098	return ret;
wolfSSL	4:1b0d80432c79	1099	}
wolfSSL	4:1b0d80432c79	1100
wolfSSL	4:1b0d80432c79	1101	#endif
wolfSSL	4:1b0d80432c79	1102
wolfSSL	4:1b0d80432c79	1103
wolfSSL	4:1b0d80432c79	1104	static int SetNamedPrivateKey(const char* name, const char* address, int port,
wolfSSL	4:1b0d80432c79	1105	const char* keyFile, int typeKey, const char* password, char* error)
wolfSSL	4:1b0d80432c79	1106	{
wolfSSL	4:1b0d80432c79	1107	SnifferServer* sniffer;
wolfSSL	4:1b0d80432c79	1108	int ret;
wolfSSL	4:1b0d80432c79	1109	int type = (typeKey == FILETYPE_PEM) ? SSL_FILETYPE_PEM :
wolfSSL	4:1b0d80432c79	1110	SSL_FILETYPE_ASN1;
wolfSSL	4:1b0d80432c79	1111	int isNew = 0;
wolfSSL	4:1b0d80432c79	1112	word32 serverIp;
wolfSSL	4:1b0d80432c79	1113
wolfSSL	4:1b0d80432c79	1114	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	1115	NamedKey* namedKey = NULL;
wolfSSL	4:1b0d80432c79	1116	#endif
wolfSSL	4:1b0d80432c79	1117
wolfSSL	4:1b0d80432c79	1118	(void)name;
wolfSSL	4:1b0d80432c79	1119	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	1120	if (name != NULL) {
wolfSSL	4:1b0d80432c79	1121	namedKey = (NamedKey*)malloc(sizeof(NamedKey));
wolfSSL	4:1b0d80432c79	1122	if (namedKey == NULL) {
wolfSSL	4:1b0d80432c79	1123	SetError(MEMORY_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	1124	return -1;
wolfSSL	4:1b0d80432c79	1125	}
wolfSSL	4:1b0d80432c79	1126	XMEMSET(namedKey, 0, sizeof(NamedKey));
wolfSSL	4:1b0d80432c79	1127
wolfSSL	4:1b0d80432c79	1128	namedKey->nameSz = (word32)XSTRLEN(name);
wolfSSL	4:1b0d80432c79	1129	XSTRNCPY(namedKey->name, name, sizeof(namedKey->name));
wolfSSL	4:1b0d80432c79	1130	if (namedKey->nameSz >= sizeof(namedKey->name)) {
wolfSSL	4:1b0d80432c79	1131	namedKey->nameSz = sizeof(namedKey->name) - 1;
wolfSSL	4:1b0d80432c79	1132	namedKey->name[namedKey->nameSz] = '\0';
wolfSSL	4:1b0d80432c79	1133	}
wolfSSL	4:1b0d80432c79	1134
wolfSSL	4:1b0d80432c79	1135	ret = LoadKeyFile(&namedKey->key, &namedKey->keySz,
wolfSSL	4:1b0d80432c79	1136	keyFile, type, password);
wolfSSL	4:1b0d80432c79	1137	if (ret < 0) {
wolfSSL	4:1b0d80432c79	1138	SetError(KEY_FILE_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	1139	FreeNamedKey(namedKey);
wolfSSL	4:1b0d80432c79	1140	return -1;
wolfSSL	4:1b0d80432c79	1141	}
wolfSSL	4:1b0d80432c79	1142	}
wolfSSL	4:1b0d80432c79	1143	#endif
wolfSSL	4:1b0d80432c79	1144
wolfSSL	4:1b0d80432c79	1145	serverIp = inet_addr(address);
wolfSSL	4:1b0d80432c79	1146	sniffer = ServerList;
wolfSSL	4:1b0d80432c79	1147	while (sniffer != NULL &&
wolfSSL	4:1b0d80432c79	1148	(sniffer->server != serverIp \|\| sniffer->port != port)) {
wolfSSL	4:1b0d80432c79	1149	sniffer = sniffer->next;
wolfSSL	4:1b0d80432c79	1150	}
wolfSSL	4:1b0d80432c79	1151
wolfSSL	4:1b0d80432c79	1152	if (sniffer == NULL) {
wolfSSL	4:1b0d80432c79	1153	isNew = 1;
wolfSSL	4:1b0d80432c79	1154	sniffer = (SnifferServer*)malloc(sizeof(SnifferServer));
wolfSSL	4:1b0d80432c79	1155	if (sniffer == NULL) {
wolfSSL	4:1b0d80432c79	1156	SetError(MEMORY_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	1157	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	1158	FreeNamedKey(namedKey);
wolfSSL	4:1b0d80432c79	1159	#endif
wolfSSL	4:1b0d80432c79	1160	return -1;
wolfSSL	4:1b0d80432c79	1161	}
wolfSSL	4:1b0d80432c79	1162	InitSnifferServer(sniffer);
wolfSSL	4:1b0d80432c79	1163
wolfSSL	4:1b0d80432c79	1164	XSTRNCPY(sniffer->address, address, MAX_SERVER_ADDRESS-1);
wolfSSL	4:1b0d80432c79	1165	sniffer->address[MAX_SERVER_ADDRESS-1] = '\0';
wolfSSL	4:1b0d80432c79	1166	sniffer->server = serverIp;
wolfSSL	4:1b0d80432c79	1167	sniffer->port = port;
wolfSSL	4:1b0d80432c79	1168
wolfSSL	4:1b0d80432c79	1169	sniffer->ctx = SSL_CTX_new(TLSv1_client_method());
wolfSSL	4:1b0d80432c79	1170	if (!sniffer->ctx) {
wolfSSL	4:1b0d80432c79	1171	SetError(MEMORY_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	1172	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	1173	FreeNamedKey(namedKey);
wolfSSL	4:1b0d80432c79	1174	#endif
wolfSSL	4:1b0d80432c79	1175	FreeSnifferServer(sniffer);
wolfSSL	4:1b0d80432c79	1176	return -1;
wolfSSL	4:1b0d80432c79	1177	}
wolfSSL	4:1b0d80432c79	1178	}
wolfSSL	4:1b0d80432c79	1179
wolfSSL	4:1b0d80432c79	1180	if (name == NULL) {
wolfSSL	4:1b0d80432c79	1181	if (password) {
wolfSSL	4:1b0d80432c79	1182	SSL_CTX_set_default_passwd_cb(sniffer->ctx, SetPassword);
wolfSSL	4:1b0d80432c79	1183	SSL_CTX_set_default_passwd_cb_userdata(
wolfSSL	4:1b0d80432c79	1184	sniffer->ctx, (void*)password);
wolfSSL	4:1b0d80432c79	1185	}
wolfSSL	4:1b0d80432c79	1186	ret = SSL_CTX_use_PrivateKey_file(sniffer->ctx, keyFile, type);
wolfSSL	4:1b0d80432c79	1187	if (ret != SSL_SUCCESS) {
wolfSSL	4:1b0d80432c79	1188	SetError(KEY_FILE_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	1189	if (isNew)
wolfSSL	4:1b0d80432c79	1190	FreeSnifferServer(sniffer);
wolfSSL	4:1b0d80432c79	1191	return -1;
wolfSSL	4:1b0d80432c79	1192	}
wolfSSL	4:1b0d80432c79	1193	}
wolfSSL	4:1b0d80432c79	1194	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	1195	else {
wolfSSL	4:1b0d80432c79	1196	LockMutex(&sniffer->namedKeysMutex);
wolfSSL	4:1b0d80432c79	1197	namedKey->next = sniffer->namedKeys;
wolfSSL	4:1b0d80432c79	1198	sniffer->namedKeys = namedKey;
wolfSSL	4:1b0d80432c79	1199	UnLockMutex(&sniffer->namedKeysMutex);
wolfSSL	4:1b0d80432c79	1200	}
wolfSSL	4:1b0d80432c79	1201	#endif
wolfSSL	4:1b0d80432c79	1202
wolfSSL	4:1b0d80432c79	1203	if (isNew) {
wolfSSL	4:1b0d80432c79	1204	sniffer->next = ServerList;
wolfSSL	4:1b0d80432c79	1205	ServerList = sniffer;
wolfSSL	4:1b0d80432c79	1206	}
wolfSSL	4:1b0d80432c79	1207
wolfSSL	4:1b0d80432c79	1208	return 0;
wolfSSL	4:1b0d80432c79	1209	}
wolfSSL	4:1b0d80432c79	1210
wolfSSL	4:1b0d80432c79	1211
wolfSSL	4:1b0d80432c79	1212	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	1213
wolfSSL	4:1b0d80432c79	1214	/* Sets the private key for a specific name, server and port */
wolfSSL	4:1b0d80432c79	1215	/* returns 0 on success, -1 on error */
wolfSSL	4:1b0d80432c79	1216	int ssl_SetNamedPrivateKey(const char* name,
wolfSSL	4:1b0d80432c79	1217	const char* address, int port,
wolfSSL	4:1b0d80432c79	1218	const char* keyFile, int typeKey,
wolfSSL	4:1b0d80432c79	1219	const char* password, char* error)
wolfSSL	4:1b0d80432c79	1220	{
wolfSSL	4:1b0d80432c79	1221	int ret;
wolfSSL	4:1b0d80432c79	1222
wolfSSL	4:1b0d80432c79	1223	TraceHeader();
wolfSSL	4:1b0d80432c79	1224	TraceSetNamedServer(name, address, port, keyFile);
wolfSSL	4:1b0d80432c79	1225
wolfSSL	4:1b0d80432c79	1226	LockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	1227	ret = SetNamedPrivateKey(name, address, port, keyFile,
wolfSSL	4:1b0d80432c79	1228	typeKey, password, error);
wolfSSL	4:1b0d80432c79	1229	UnLockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	1230
wolfSSL	4:1b0d80432c79	1231	if (ret == 0)
wolfSSL	4:1b0d80432c79	1232	Trace(NEW_SERVER_STR);
wolfSSL	4:1b0d80432c79	1233
wolfSSL	4:1b0d80432c79	1234	return ret;
wolfSSL	4:1b0d80432c79	1235	}
wolfSSL	4:1b0d80432c79	1236
wolfSSL	4:1b0d80432c79	1237	#endif
wolfSSL	4:1b0d80432c79	1238
wolfSSL	4:1b0d80432c79	1239
wolfSSL	4:1b0d80432c79	1240	/* Sets the private key for a specific server and port */
wolfSSL	4:1b0d80432c79	1241	/* returns 0 on success, -1 on error */
wolfSSL	4:1b0d80432c79	1242	int ssl_SetPrivateKey(const char* address, int port, const char* keyFile,
wolfSSL	4:1b0d80432c79	1243	int typeKey, const char* password, char* error)
wolfSSL	4:1b0d80432c79	1244	{
wolfSSL	4:1b0d80432c79	1245	int ret;
wolfSSL	4:1b0d80432c79	1246
wolfSSL	4:1b0d80432c79	1247	TraceHeader();
wolfSSL	4:1b0d80432c79	1248	TraceSetServer(address, port, keyFile);
wolfSSL	4:1b0d80432c79	1249
wolfSSL	4:1b0d80432c79	1250	LockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	1251	ret = SetNamedPrivateKey(NULL, address, port, keyFile,
wolfSSL	4:1b0d80432c79	1252	typeKey, password, error);
wolfSSL	4:1b0d80432c79	1253	UnLockMutex(&ServerListMutex);
wolfSSL	4:1b0d80432c79	1254
wolfSSL	4:1b0d80432c79	1255	if (ret == 0)
wolfSSL	4:1b0d80432c79	1256	Trace(NEW_SERVER_STR);
wolfSSL	4:1b0d80432c79	1257
wolfSSL	4:1b0d80432c79	1258	return ret;
wolfSSL	4:1b0d80432c79	1259	}
wolfSSL	4:1b0d80432c79	1260
wolfSSL	4:1b0d80432c79	1261
wolfSSL	4:1b0d80432c79	1262	/* Check IP Header for IPV4, TCP, and a registered server address */
wolfSSL	4:1b0d80432c79	1263	/* returns 0 on success, -1 on error */
wolfSSL	4:1b0d80432c79	1264	static int CheckIpHdr(IpHdr* iphdr, IpInfo* info, int length, char* error)
wolfSSL	4:1b0d80432c79	1265	{
wolfSSL	4:1b0d80432c79	1266	int version = IP_V(iphdr);
wolfSSL	4:1b0d80432c79	1267
wolfSSL	4:1b0d80432c79	1268	TraceIP(iphdr);
wolfSSL	4:1b0d80432c79	1269	Trace(IP_CHECK_STR);
wolfSSL	4:1b0d80432c79	1270
wolfSSL	4:1b0d80432c79	1271	if (version != IPV4) {
wolfSSL	4:1b0d80432c79	1272	SetError(BAD_IPVER_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	1273	return -1;
wolfSSL	4:1b0d80432c79	1274	}
wolfSSL	4:1b0d80432c79	1275
wolfSSL	4:1b0d80432c79	1276	if (iphdr->protocol != TCP_PROTOCOL) {
wolfSSL	4:1b0d80432c79	1277	SetError(BAD_PROTO_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	1278	return -1;
wolfSSL	4:1b0d80432c79	1279	}
wolfSSL	4:1b0d80432c79	1280
wolfSSL	4:1b0d80432c79	1281	if (!IsServerRegistered(iphdr->src) && !IsServerRegistered(iphdr->dst)) {
wolfSSL	4:1b0d80432c79	1282	SetError(SERVER_NOT_REG_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	1283	return -1;
wolfSSL	4:1b0d80432c79	1284	}
wolfSSL	4:1b0d80432c79	1285
wolfSSL	4:1b0d80432c79	1286	info->length = IP_HL(iphdr);
wolfSSL	4:1b0d80432c79	1287	info->total = ntohs(iphdr->length);
wolfSSL	4:1b0d80432c79	1288	info->src = iphdr->src;
wolfSSL	4:1b0d80432c79	1289	info->dst = iphdr->dst;
wolfSSL	4:1b0d80432c79	1290
wolfSSL	4:1b0d80432c79	1291	if (info->total == 0)
wolfSSL	4:1b0d80432c79	1292	info->total = length; /* reassembled may be off */
wolfSSL	4:1b0d80432c79	1293
wolfSSL	4:1b0d80432c79	1294	return 0;
wolfSSL	4:1b0d80432c79	1295	}
wolfSSL	4:1b0d80432c79	1296
wolfSSL	4:1b0d80432c79	1297
wolfSSL	4:1b0d80432c79	1298	/* Check TCP Header for a registered port */
wolfSSL	4:1b0d80432c79	1299	/* returns 0 on success, -1 on error */
wolfSSL	4:1b0d80432c79	1300	static int CheckTcpHdr(TcpHdr* tcphdr, TcpInfo* info, char* error)
wolfSSL	4:1b0d80432c79	1301	{
wolfSSL	4:1b0d80432c79	1302	TraceTcp(tcphdr);
wolfSSL	4:1b0d80432c79	1303	Trace(TCP_CHECK_STR);
wolfSSL	4:1b0d80432c79	1304	info->srcPort = ntohs(tcphdr->srcPort);
wolfSSL	4:1b0d80432c79	1305	info->dstPort = ntohs(tcphdr->dstPort);
wolfSSL	4:1b0d80432c79	1306	info->length = TCP_LEN(tcphdr);
wolfSSL	4:1b0d80432c79	1307	info->sequence = ntohl(tcphdr->sequence);
wolfSSL	4:1b0d80432c79	1308	info->fin = tcphdr->flags & TCP_FIN;
wolfSSL	4:1b0d80432c79	1309	info->rst = tcphdr->flags & TCP_RST;
wolfSSL	4:1b0d80432c79	1310	info->syn = tcphdr->flags & TCP_SYN;
wolfSSL	4:1b0d80432c79	1311	info->ack = tcphdr->flags & TCP_ACK;
wolfSSL	4:1b0d80432c79	1312	if (info->ack)
wolfSSL	4:1b0d80432c79	1313	info->ackNumber = ntohl(tcphdr->ack);
wolfSSL	4:1b0d80432c79	1314
wolfSSL	4:1b0d80432c79	1315	if (!IsPortRegistered(info->srcPort) && !IsPortRegistered(info->dstPort)) {
wolfSSL	4:1b0d80432c79	1316	SetError(SERVER_PORT_NOT_REG_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	1317	return -1;
wolfSSL	4:1b0d80432c79	1318	}
wolfSSL	4:1b0d80432c79	1319
wolfSSL	4:1b0d80432c79	1320	return 0;
wolfSSL	4:1b0d80432c79	1321	}
wolfSSL	4:1b0d80432c79	1322
wolfSSL	4:1b0d80432c79	1323
wolfSSL	4:1b0d80432c79	1324	/* Decode Record Layer Header */
wolfSSL	4:1b0d80432c79	1325	static int GetRecordHeader(const byte* input, RecordLayerHeader* rh, int* size)
wolfSSL	4:1b0d80432c79	1326	{
wolfSSL	4:1b0d80432c79	1327	XMEMCPY(rh, input, RECORD_HEADER_SZ);
wolfSSL	4:1b0d80432c79	1328	*size = (rh->length[0] << 8) \| rh->length[1];
wolfSSL	4:1b0d80432c79	1329
wolfSSL	4:1b0d80432c79	1330	if (*size > (MAX_RECORD_SIZE + COMP_EXTRA + MAX_MSG_EXTRA))
wolfSSL	4:1b0d80432c79	1331	return LENGTH_ERROR;
wolfSSL	4:1b0d80432c79	1332
wolfSSL	4:1b0d80432c79	1333	return 0;
wolfSSL	4:1b0d80432c79	1334	}
wolfSSL	4:1b0d80432c79	1335
wolfSSL	4:1b0d80432c79	1336
wolfSSL	4:1b0d80432c79	1337	/* Process Client Key Exchange, RSA only */
wolfSSL	4:1b0d80432c79	1338	static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
wolfSSL	4:1b0d80432c79	1339	SnifferSession* session, char* error)
wolfSSL	4:1b0d80432c79	1340	{
wolfSSL	4:1b0d80432c79	1341	word32 idx = 0;
wolfSSL	4:1b0d80432c79	1342	RsaKey key;
wolfSSL	4:1b0d80432c79	1343	int ret;
wolfSSL	4:1b0d80432c79	1344
wolfSSL	4:1b0d80432c79	1345	if (session->sslServer->buffers.key == NULL \|\|
wolfSSL	4:1b0d80432c79	1346	session->sslServer->buffers.key->buffer == NULL \|\|
wolfSSL	4:1b0d80432c79	1347	session->sslServer->buffers.key->length == 0) {
wolfSSL	4:1b0d80432c79	1348
wolfSSL	4:1b0d80432c79	1349	SetError(RSA_KEY_MISSING_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1350	return -1;
wolfSSL	4:1b0d80432c79	1351	}
wolfSSL	4:1b0d80432c79	1352	ret = wc_InitRsaKey(&key, 0);
wolfSSL	4:1b0d80432c79	1353	if (ret == 0)
wolfSSL	4:1b0d80432c79	1354	ret = wc_RsaPrivateKeyDecode(session->sslServer->buffers.key->buffer,
wolfSSL	4:1b0d80432c79	1355	&idx, &key, session->sslServer->buffers.key->length);
wolfSSL	4:1b0d80432c79	1356	if (ret == 0) {
wolfSSL	4:1b0d80432c79	1357	int length = wc_RsaEncryptSize(&key);
wolfSSL	4:1b0d80432c79	1358
wolfSSL	4:1b0d80432c79	1359	if (IsTLS(session->sslServer))
wolfSSL	4:1b0d80432c79	1360	input += 2; /* tls pre length */
wolfSSL	4:1b0d80432c79	1361
wolfSSL	4:1b0d80432c79	1362	if (length > *sslBytes) {
wolfSSL	4:1b0d80432c79	1363	SetError(PARTIAL_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1364	wc_FreeRsaKey(&key);
wolfSSL	4:1b0d80432c79	1365	return -1;
wolfSSL	4:1b0d80432c79	1366	}
wolfSSL	4:1b0d80432c79	1367	ret = wc_RsaPrivateDecrypt(input, length,
wolfSSL	4:1b0d80432c79	1368	session->sslServer->arrays->preMasterSecret,SECRET_LEN, &key);
wolfSSL	4:1b0d80432c79	1369
wolfSSL	4:1b0d80432c79	1370	if (ret != SECRET_LEN) {
wolfSSL	4:1b0d80432c79	1371	SetError(RSA_DECRYPT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1372	wc_FreeRsaKey(&key);
wolfSSL	4:1b0d80432c79	1373	return -1;
wolfSSL	4:1b0d80432c79	1374	}
wolfSSL	4:1b0d80432c79	1375	session->sslServer->arrays->preMasterSz = SECRET_LEN;
wolfSSL	4:1b0d80432c79	1376
wolfSSL	4:1b0d80432c79	1377	/* store for client side as well */
wolfSSL	4:1b0d80432c79	1378	XMEMCPY(session->sslClient->arrays->preMasterSecret,
wolfSSL	4:1b0d80432c79	1379	session->sslServer->arrays->preMasterSecret, SECRET_LEN);
wolfSSL	4:1b0d80432c79	1380	session->sslClient->arrays->preMasterSz = SECRET_LEN;
wolfSSL	4:1b0d80432c79	1381
wolfSSL	4:1b0d80432c79	1382	#ifdef SHOW_SECRETS
wolfSSL	4:1b0d80432c79	1383	{
wolfSSL	4:1b0d80432c79	1384	int i;
wolfSSL	4:1b0d80432c79	1385	printf("pre master secret: ");
wolfSSL	4:1b0d80432c79	1386	for (i = 0; i < SECRET_LEN; i++)
wolfSSL	4:1b0d80432c79	1387	printf("%02x", session->sslServer->arrays->preMasterSecret[i]);
wolfSSL	4:1b0d80432c79	1388	printf("\n");
wolfSSL	4:1b0d80432c79	1389	}
wolfSSL	4:1b0d80432c79	1390	#endif
wolfSSL	4:1b0d80432c79	1391	}
wolfSSL	4:1b0d80432c79	1392	else {
wolfSSL	4:1b0d80432c79	1393	SetError(RSA_DECODE_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1394	wc_FreeRsaKey(&key);
wolfSSL	4:1b0d80432c79	1395	return -1;
wolfSSL	4:1b0d80432c79	1396	}
wolfSSL	4:1b0d80432c79	1397
wolfSSL	4:1b0d80432c79	1398	if (SetCipherSpecs(session->sslServer) != 0) {
wolfSSL	4:1b0d80432c79	1399	SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1400	wc_FreeRsaKey(&key);
wolfSSL	4:1b0d80432c79	1401	return -1;
wolfSSL	4:1b0d80432c79	1402	}
wolfSSL	4:1b0d80432c79	1403
wolfSSL	4:1b0d80432c79	1404	if (SetCipherSpecs(session->sslClient) != 0) {
wolfSSL	4:1b0d80432c79	1405	SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1406	wc_FreeRsaKey(&key);
wolfSSL	4:1b0d80432c79	1407	return -1;
wolfSSL	4:1b0d80432c79	1408	}
wolfSSL	4:1b0d80432c79	1409
wolfSSL	4:1b0d80432c79	1410	ret = MakeMasterSecret(session->sslServer);
wolfSSL	4:1b0d80432c79	1411	ret += MakeMasterSecret(session->sslClient);
wolfSSL	4:1b0d80432c79	1412	ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE);
wolfSSL	4:1b0d80432c79	1413	ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE);
wolfSSL	4:1b0d80432c79	1414
wolfSSL	4:1b0d80432c79	1415	if (ret != 0) {
wolfSSL	4:1b0d80432c79	1416	SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1417	return -1;
wolfSSL	4:1b0d80432c79	1418	}
wolfSSL	4:1b0d80432c79	1419
wolfSSL	4:1b0d80432c79	1420	#ifdef SHOW_SECRETS
wolfSSL	4:1b0d80432c79	1421	{
wolfSSL	4:1b0d80432c79	1422	int i;
wolfSSL	4:1b0d80432c79	1423	printf("server master secret: ");
wolfSSL	4:1b0d80432c79	1424	for (i = 0; i < SECRET_LEN; i++)
wolfSSL	4:1b0d80432c79	1425	printf("%02x", session->sslServer->arrays->masterSecret[i]);
wolfSSL	4:1b0d80432c79	1426	printf("\n");
wolfSSL	4:1b0d80432c79	1427
wolfSSL	4:1b0d80432c79	1428	printf("client master secret: ");
wolfSSL	4:1b0d80432c79	1429	for (i = 0; i < SECRET_LEN; i++)
wolfSSL	4:1b0d80432c79	1430	printf("%02x", session->sslClient->arrays->masterSecret[i]);
wolfSSL	4:1b0d80432c79	1431	printf("\n");
wolfSSL	4:1b0d80432c79	1432
wolfSSL	4:1b0d80432c79	1433	printf("server suite = %d\n", session->sslServer->options.cipherSuite);
wolfSSL	4:1b0d80432c79	1434	printf("client suite = %d\n", session->sslClient->options.cipherSuite);
wolfSSL	4:1b0d80432c79	1435	}
wolfSSL	4:1b0d80432c79	1436	#endif
wolfSSL	4:1b0d80432c79	1437
wolfSSL	4:1b0d80432c79	1438	wc_FreeRsaKey(&key);
wolfSSL	4:1b0d80432c79	1439	return ret;
wolfSSL	4:1b0d80432c79	1440	}
wolfSSL	4:1b0d80432c79	1441
wolfSSL	4:1b0d80432c79	1442
wolfSSL	4:1b0d80432c79	1443	/* Process Session Ticket */
wolfSSL	4:1b0d80432c79	1444	static int ProcessSessionTicket(const byte* input, int* sslBytes,
wolfSSL	4:1b0d80432c79	1445	SnifferSession* session, char* error)
wolfSSL	4:1b0d80432c79	1446	{
wolfSSL	4:1b0d80432c79	1447	word16 len;
wolfSSL	4:1b0d80432c79	1448
wolfSSL	4:1b0d80432c79	1449	/* make sure can read through hint and len */
wolfSSL	4:1b0d80432c79	1450	if (TICKET_HINT_LEN + LENGTH_SZ > *sslBytes) {
wolfSSL	4:1b0d80432c79	1451	SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1452	return -1;
wolfSSL	4:1b0d80432c79	1453	}
wolfSSL	4:1b0d80432c79	1454
wolfSSL	4:1b0d80432c79	1455	input += TICKET_HINT_LEN; /* skip over hint */
wolfSSL	4:1b0d80432c79	1456	*sslBytes -= TICKET_HINT_LEN;
wolfSSL	4:1b0d80432c79	1457
wolfSSL	4:1b0d80432c79	1458	len = (word16)((input[0] << 8) \| input[1]);
wolfSSL	4:1b0d80432c79	1459	input += LENGTH_SZ;
wolfSSL	4:1b0d80432c79	1460	*sslBytes -= LENGTH_SZ;
wolfSSL	4:1b0d80432c79	1461
wolfSSL	4:1b0d80432c79	1462	/* make sure can read through ticket */
wolfSSL	4:1b0d80432c79	1463	if (len > *sslBytes \|\| len < ID_LEN) {
wolfSSL	4:1b0d80432c79	1464	SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1465	return -1;
wolfSSL	4:1b0d80432c79	1466	}
wolfSSL	4:1b0d80432c79	1467
wolfSSL	4:1b0d80432c79	1468	/* store session with macID as sessionID */
wolfSSL	4:1b0d80432c79	1469	session->sslServer->options.haveSessionId = 1;
wolfSSL	4:1b0d80432c79	1470	XMEMCPY(session->sslServer->arrays->sessionID, input + len - ID_LEN,ID_LEN);
wolfSSL	4:1b0d80432c79	1471
wolfSSL	4:1b0d80432c79	1472	return 0;
wolfSSL	4:1b0d80432c79	1473	}
wolfSSL	4:1b0d80432c79	1474
wolfSSL	4:1b0d80432c79	1475
wolfSSL	4:1b0d80432c79	1476	/* Process Server Hello */
wolfSSL	4:1b0d80432c79	1477	static int ProcessServerHello(const byte* input, int* sslBytes,
wolfSSL	4:1b0d80432c79	1478	SnifferSession* session, char* error)
wolfSSL	4:1b0d80432c79	1479	{
wolfSSL	4:1b0d80432c79	1480	ProtocolVersion pv;
wolfSSL	4:1b0d80432c79	1481	byte b;
wolfSSL	4:1b0d80432c79	1482	int toRead = VERSION_SZ + RAN_LEN + ENUM_LEN;
wolfSSL	4:1b0d80432c79	1483	int doResume = 0;
wolfSSL	4:1b0d80432c79	1484
wolfSSL	4:1b0d80432c79	1485	/* make sure we didn't miss ClientHello */
wolfSSL	4:1b0d80432c79	1486	if (session->flags.clientHello == 0) {
wolfSSL	4:1b0d80432c79	1487	SetError(MISSED_CLIENT_HELLO_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1488	return -1;
wolfSSL	4:1b0d80432c79	1489	}
wolfSSL	4:1b0d80432c79	1490
wolfSSL	4:1b0d80432c79	1491	/* make sure can read through session len */
wolfSSL	4:1b0d80432c79	1492	if (toRead > *sslBytes) {
wolfSSL	4:1b0d80432c79	1493	SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1494	return -1;
wolfSSL	4:1b0d80432c79	1495	}
wolfSSL	4:1b0d80432c79	1496
wolfSSL	4:1b0d80432c79	1497	XMEMCPY(&pv, input, VERSION_SZ);
wolfSSL	4:1b0d80432c79	1498	input += VERSION_SZ;
wolfSSL	4:1b0d80432c79	1499	*sslBytes -= VERSION_SZ;
wolfSSL	4:1b0d80432c79	1500
wolfSSL	4:1b0d80432c79	1501	session->sslServer->version = pv;
wolfSSL	4:1b0d80432c79	1502	session->sslClient->version = pv;
wolfSSL	4:1b0d80432c79	1503
wolfSSL	4:1b0d80432c79	1504	XMEMCPY(session->sslServer->arrays->serverRandom, input, RAN_LEN);
wolfSSL	4:1b0d80432c79	1505	XMEMCPY(session->sslClient->arrays->serverRandom, input, RAN_LEN);
wolfSSL	4:1b0d80432c79	1506	input += RAN_LEN;
wolfSSL	4:1b0d80432c79	1507	*sslBytes -= RAN_LEN;
wolfSSL	4:1b0d80432c79	1508
wolfSSL	4:1b0d80432c79	1509	b = *input++;
wolfSSL	4:1b0d80432c79	1510	*sslBytes -= 1;
wolfSSL	4:1b0d80432c79	1511
wolfSSL	4:1b0d80432c79	1512	/* make sure can read through compression */
wolfSSL	4:1b0d80432c79	1513	if ( (b + SUITE_LEN + ENUM_LEN) > *sslBytes) {
wolfSSL	4:1b0d80432c79	1514	SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1515	return -1;
wolfSSL	4:1b0d80432c79	1516	}
wolfSSL	4:1b0d80432c79	1517	if (b) {
wolfSSL	4:1b0d80432c79	1518	XMEMCPY(session->sslServer->arrays->sessionID, input, ID_LEN);
wolfSSL	4:1b0d80432c79	1519	session->sslServer->options.haveSessionId = 1;
wolfSSL	4:1b0d80432c79	1520	}
wolfSSL	4:1b0d80432c79	1521	input += b;
wolfSSL	4:1b0d80432c79	1522	*sslBytes -= b;
wolfSSL	4:1b0d80432c79	1523
wolfSSL	4:1b0d80432c79	1524	/* cipher suite */
wolfSSL	4:1b0d80432c79	1525	b = input++; / first byte, ECC or not */
wolfSSL	4:1b0d80432c79	1526	session->sslServer->options.cipherSuite0 = b;
wolfSSL	4:1b0d80432c79	1527	session->sslClient->options.cipherSuite0 = b;
wolfSSL	4:1b0d80432c79	1528	b = *input++;
wolfSSL	4:1b0d80432c79	1529	session->sslServer->options.cipherSuite = b;
wolfSSL	4:1b0d80432c79	1530	session->sslClient->options.cipherSuite = b;
wolfSSL	4:1b0d80432c79	1531	*sslBytes -= SUITE_LEN;
wolfSSL	4:1b0d80432c79	1532
wolfSSL	4:1b0d80432c79	1533	/* compression */
wolfSSL	4:1b0d80432c79	1534	b = *input++;
wolfSSL	4:1b0d80432c79	1535	*sslBytes -= ENUM_LEN;
wolfSSL	4:1b0d80432c79	1536
wolfSSL	4:1b0d80432c79	1537	if (b) {
wolfSSL	4:1b0d80432c79	1538	SetError(BAD_COMPRESSION_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1539	return -1;
wolfSSL	4:1b0d80432c79	1540	}
wolfSSL	4:1b0d80432c79	1541
wolfSSL	4:1b0d80432c79	1542	if (session->sslServer->options.haveSessionId &&
wolfSSL	4:1b0d80432c79	1543	XMEMCMP(session->sslServer->arrays->sessionID,
wolfSSL	4:1b0d80432c79	1544	session->sslClient->arrays->sessionID, ID_LEN) == 0)
wolfSSL	4:1b0d80432c79	1545	doResume = 1;
wolfSSL	4:1b0d80432c79	1546	else if (session->sslClient->options.haveSessionId == 0 &&
wolfSSL	4:1b0d80432c79	1547	session->sslServer->options.haveSessionId == 0 &&
wolfSSL	4:1b0d80432c79	1548	session->ticketID)
wolfSSL	4:1b0d80432c79	1549	doResume = 1;
wolfSSL	4:1b0d80432c79	1550
wolfSSL	4:1b0d80432c79	1551	if (session->ticketID && doResume) {
wolfSSL	4:1b0d80432c79	1552	/* use ticketID to retrieve from session, prefer over sessionID */
wolfSSL	4:1b0d80432c79	1553	XMEMCPY(session->sslServer->arrays->sessionID,session->ticketID,ID_LEN);
wolfSSL	4:1b0d80432c79	1554	session->sslServer->options.haveSessionId = 1; /* may not have
wolfSSL	4:1b0d80432c79	1555	actual sessionID */
wolfSSL	4:1b0d80432c79	1556	}
wolfSSL	4:1b0d80432c79	1557
wolfSSL	4:1b0d80432c79	1558	if (doResume ) {
wolfSSL	4:1b0d80432c79	1559	int ret = 0;
wolfSSL	4:1b0d80432c79	1560	SSL_SESSION* resume = GetSession(session->sslServer,
wolfSSL	4:1b0d80432c79	1561	session->sslServer->arrays->masterSecret);
wolfSSL	4:1b0d80432c79	1562	if (resume == NULL) {
wolfSSL	4:1b0d80432c79	1563	SetError(BAD_SESSION_RESUME_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1564	return -1;
wolfSSL	4:1b0d80432c79	1565	}
wolfSSL	4:1b0d80432c79	1566	/* make sure client has master secret too */
wolfSSL	4:1b0d80432c79	1567	XMEMCPY(session->sslClient->arrays->masterSecret,
wolfSSL	4:1b0d80432c79	1568	session->sslServer->arrays->masterSecret, SECRET_LEN);
wolfSSL	4:1b0d80432c79	1569	session->flags.resuming = 1;
wolfSSL	4:1b0d80432c79	1570
wolfSSL	4:1b0d80432c79	1571	Trace(SERVER_DID_RESUMPTION_STR);
wolfSSL	4:1b0d80432c79	1572	if (SetCipherSpecs(session->sslServer) != 0) {
wolfSSL	4:1b0d80432c79	1573	SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1574	return -1;
wolfSSL	4:1b0d80432c79	1575	}
wolfSSL	4:1b0d80432c79	1576
wolfSSL	4:1b0d80432c79	1577	if (SetCipherSpecs(session->sslClient) != 0) {
wolfSSL	4:1b0d80432c79	1578	SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1579	return -1;
wolfSSL	4:1b0d80432c79	1580	}
wolfSSL	4:1b0d80432c79	1581
wolfSSL	4:1b0d80432c79	1582	if (session->sslServer->options.tls) {
wolfSSL	4:1b0d80432c79	1583	ret = DeriveTlsKeys(session->sslServer);
wolfSSL	4:1b0d80432c79	1584	ret += DeriveTlsKeys(session->sslClient);
wolfSSL	4:1b0d80432c79	1585	}
wolfSSL	4:1b0d80432c79	1586	else {
wolfSSL	4:1b0d80432c79	1587	ret = DeriveKeys(session->sslServer);
wolfSSL	4:1b0d80432c79	1588	ret += DeriveKeys(session->sslClient);
wolfSSL	4:1b0d80432c79	1589	}
wolfSSL	4:1b0d80432c79	1590	ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE);
wolfSSL	4:1b0d80432c79	1591	ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE);
wolfSSL	4:1b0d80432c79	1592
wolfSSL	4:1b0d80432c79	1593	if (ret != 0) {
wolfSSL	4:1b0d80432c79	1594	SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1595	return -1;
wolfSSL	4:1b0d80432c79	1596	}
wolfSSL	4:1b0d80432c79	1597	}
wolfSSL	4:1b0d80432c79	1598	#ifdef SHOW_SECRETS
wolfSSL	4:1b0d80432c79	1599	{
wolfSSL	4:1b0d80432c79	1600	int i;
wolfSSL	4:1b0d80432c79	1601	printf("cipher suite = 0x%02x\n",
wolfSSL	4:1b0d80432c79	1602	session->sslServer->options.cipherSuite);
wolfSSL	4:1b0d80432c79	1603	printf("server random: ");
wolfSSL	4:1b0d80432c79	1604	for (i = 0; i < RAN_LEN; i++)
wolfSSL	4:1b0d80432c79	1605	printf("%02x", session->sslServer->arrays->serverRandom[i]);
wolfSSL	4:1b0d80432c79	1606	printf("\n");
wolfSSL	4:1b0d80432c79	1607	}
wolfSSL	4:1b0d80432c79	1608	#endif
wolfSSL	4:1b0d80432c79	1609	return 0;
wolfSSL	4:1b0d80432c79	1610	}
wolfSSL	4:1b0d80432c79	1611
wolfSSL	4:1b0d80432c79	1612
wolfSSL	4:1b0d80432c79	1613	/* Process normal Client Hello */
wolfSSL	4:1b0d80432c79	1614	static int ProcessClientHello(const byte* input, int* sslBytes,
wolfSSL	4:1b0d80432c79	1615	SnifferSession* session, char* error)
wolfSSL	4:1b0d80432c79	1616	{
wolfSSL	4:1b0d80432c79	1617	byte bLen;
wolfSSL	4:1b0d80432c79	1618	word16 len;
wolfSSL	4:1b0d80432c79	1619	int toRead = VERSION_SZ + RAN_LEN + ENUM_LEN;
wolfSSL	4:1b0d80432c79	1620
wolfSSL	4:1b0d80432c79	1621	#ifdef HAVE_SNI
wolfSSL	4:1b0d80432c79	1622	{
wolfSSL	4:1b0d80432c79	1623	byte name[MAX_SERVER_NAME];
wolfSSL	4:1b0d80432c79	1624	word32 nameSz = sizeof(name);
wolfSSL	4:1b0d80432c79	1625	int ret;
wolfSSL	4:1b0d80432c79	1626
wolfSSL	4:1b0d80432c79	1627	ret = wolfSSL_SNI_GetFromBuffer(
wolfSSL	4:1b0d80432c79	1628	input - HANDSHAKE_HEADER_SZ - RECORD_HEADER_SZ,
wolfSSL	4:1b0d80432c79	1629	*sslBytes + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ,
wolfSSL	4:1b0d80432c79	1630	WOLFSSL_SNI_HOST_NAME, name, &nameSz);
wolfSSL	4:1b0d80432c79	1631
wolfSSL	4:1b0d80432c79	1632	if (ret == SSL_SUCCESS) {
wolfSSL	4:1b0d80432c79	1633	NamedKey* namedKey;
wolfSSL	4:1b0d80432c79	1634
wolfSSL	4:1b0d80432c79	1635	if (nameSz >= sizeof(name))
wolfSSL	4:1b0d80432c79	1636	nameSz = sizeof(name) - 1;
wolfSSL	4:1b0d80432c79	1637	name[nameSz] = 0;
wolfSSL	4:1b0d80432c79	1638	LockMutex(&session->context->namedKeysMutex);
wolfSSL	4:1b0d80432c79	1639	namedKey = session->context->namedKeys;
wolfSSL	4:1b0d80432c79	1640	while (namedKey != NULL) {
wolfSSL	4:1b0d80432c79	1641	if (nameSz == namedKey->nameSz &&
wolfSSL	4:1b0d80432c79	1642	XSTRNCMP((char*)name, namedKey->name, nameSz) == 0) {
wolfSSL	4:1b0d80432c79	1643	if (wolfSSL_use_PrivateKey_buffer(session->sslServer,
wolfSSL	4:1b0d80432c79	1644	namedKey->key, namedKey->keySz,
wolfSSL	4:1b0d80432c79	1645	SSL_FILETYPE_ASN1) != SSL_SUCCESS) {
wolfSSL	4:1b0d80432c79	1646	UnLockMutex(&session->context->namedKeysMutex);
wolfSSL	4:1b0d80432c79	1647	SetError(CLIENT_HELLO_LATE_KEY_STR, error, session,
wolfSSL	4:1b0d80432c79	1648	FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1649	return -1;
wolfSSL	4:1b0d80432c79	1650	}
wolfSSL	4:1b0d80432c79	1651	break;
wolfSSL	4:1b0d80432c79	1652	}
wolfSSL	4:1b0d80432c79	1653	else
wolfSSL	4:1b0d80432c79	1654	namedKey = namedKey->next;
wolfSSL	4:1b0d80432c79	1655	}
wolfSSL	4:1b0d80432c79	1656	UnLockMutex(&session->context->namedKeysMutex);
wolfSSL	4:1b0d80432c79	1657	}
wolfSSL	4:1b0d80432c79	1658	}
wolfSSL	4:1b0d80432c79	1659	#endif
wolfSSL	4:1b0d80432c79	1660
wolfSSL	4:1b0d80432c79	1661	session->flags.clientHello = 1; /* don't process again */
wolfSSL	4:1b0d80432c79	1662
wolfSSL	4:1b0d80432c79	1663	/* make sure can read up to session len */
wolfSSL	4:1b0d80432c79	1664	if (toRead > *sslBytes) {
wolfSSL	4:1b0d80432c79	1665	SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1666	return -1;
wolfSSL	4:1b0d80432c79	1667	}
wolfSSL	4:1b0d80432c79	1668
wolfSSL	4:1b0d80432c79	1669	/* skip, get negotiated one from server hello */
wolfSSL	4:1b0d80432c79	1670	input += VERSION_SZ;
wolfSSL	4:1b0d80432c79	1671	*sslBytes -= VERSION_SZ;
wolfSSL	4:1b0d80432c79	1672
wolfSSL	4:1b0d80432c79	1673	XMEMCPY(session->sslServer->arrays->clientRandom, input, RAN_LEN);
wolfSSL	4:1b0d80432c79	1674	XMEMCPY(session->sslClient->arrays->clientRandom, input, RAN_LEN);
wolfSSL	4:1b0d80432c79	1675
wolfSSL	4:1b0d80432c79	1676	input += RAN_LEN;
wolfSSL	4:1b0d80432c79	1677	*sslBytes -= RAN_LEN;
wolfSSL	4:1b0d80432c79	1678
wolfSSL	4:1b0d80432c79	1679	/* store session in case trying to resume */
wolfSSL	4:1b0d80432c79	1680	bLen = *input++;
wolfSSL	4:1b0d80432c79	1681	*sslBytes -= ENUM_LEN;
wolfSSL	4:1b0d80432c79	1682	if (bLen) {
wolfSSL	4:1b0d80432c79	1683	if (ID_LEN > *sslBytes) {
wolfSSL	4:1b0d80432c79	1684	SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1685	return -1;
wolfSSL	4:1b0d80432c79	1686	}
wolfSSL	4:1b0d80432c79	1687	Trace(CLIENT_RESUME_TRY_STR);
wolfSSL	4:1b0d80432c79	1688	XMEMCPY(session->sslClient->arrays->sessionID, input, ID_LEN);
wolfSSL	4:1b0d80432c79	1689	session->sslClient->options.haveSessionId = 1;
wolfSSL	4:1b0d80432c79	1690	}
wolfSSL	4:1b0d80432c79	1691	#ifdef SHOW_SECRETS
wolfSSL	4:1b0d80432c79	1692	{
wolfSSL	4:1b0d80432c79	1693	int i;
wolfSSL	4:1b0d80432c79	1694	printf("client random: ");
wolfSSL	4:1b0d80432c79	1695	for (i = 0; i < RAN_LEN; i++)
wolfSSL	4:1b0d80432c79	1696	printf("%02x", session->sslServer->arrays->clientRandom[i]);
wolfSSL	4:1b0d80432c79	1697	printf("\n");
wolfSSL	4:1b0d80432c79	1698	}
wolfSSL	4:1b0d80432c79	1699	#endif
wolfSSL	4:1b0d80432c79	1700
wolfSSL	4:1b0d80432c79	1701	input += bLen;
wolfSSL	4:1b0d80432c79	1702	*sslBytes -= bLen;
wolfSSL	4:1b0d80432c79	1703
wolfSSL	4:1b0d80432c79	1704	/* skip cipher suites */
wolfSSL	4:1b0d80432c79	1705	/* make sure can read len */
wolfSSL	4:1b0d80432c79	1706	if (SUITE_LEN > *sslBytes) {
wolfSSL	4:1b0d80432c79	1707	SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1708	return -1;
wolfSSL	4:1b0d80432c79	1709	}
wolfSSL	4:1b0d80432c79	1710	len = (word16)((input[0] << 8) \| input[1]);
wolfSSL	4:1b0d80432c79	1711	input += SUITE_LEN;
wolfSSL	4:1b0d80432c79	1712	*sslBytes -= SUITE_LEN;
wolfSSL	4:1b0d80432c79	1713	/* make sure can read suites + comp len */
wolfSSL	4:1b0d80432c79	1714	if (len + ENUM_LEN > *sslBytes) {
wolfSSL	4:1b0d80432c79	1715	SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1716	return -1;
wolfSSL	4:1b0d80432c79	1717	}
wolfSSL	4:1b0d80432c79	1718	input += len;
wolfSSL	4:1b0d80432c79	1719	*sslBytes -= len;
wolfSSL	4:1b0d80432c79	1720
wolfSSL	4:1b0d80432c79	1721	/* skip compression */
wolfSSL	4:1b0d80432c79	1722	bLen = *input++;
wolfSSL	4:1b0d80432c79	1723	*sslBytes -= ENUM_LEN;
wolfSSL	4:1b0d80432c79	1724	/* make sure can read len */
wolfSSL	4:1b0d80432c79	1725	if (bLen > *sslBytes) {
wolfSSL	4:1b0d80432c79	1726	SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1727	return -1;
wolfSSL	4:1b0d80432c79	1728	}
wolfSSL	4:1b0d80432c79	1729	input += bLen;
wolfSSL	4:1b0d80432c79	1730	*sslBytes -= bLen;
wolfSSL	4:1b0d80432c79	1731
wolfSSL	4:1b0d80432c79	1732	if (*sslBytes == 0) {
wolfSSL	4:1b0d80432c79	1733	/* no extensions */
wolfSSL	4:1b0d80432c79	1734	return 0;
wolfSSL	4:1b0d80432c79	1735	}
wolfSSL	4:1b0d80432c79	1736
wolfSSL	4:1b0d80432c79	1737	/* skip extensions until session ticket */
wolfSSL	4:1b0d80432c79	1738	/* make sure can read len */
wolfSSL	4:1b0d80432c79	1739	if (SUITE_LEN > *sslBytes) {
wolfSSL	4:1b0d80432c79	1740	SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1741	return -1;
wolfSSL	4:1b0d80432c79	1742	}
wolfSSL	4:1b0d80432c79	1743	len = (word16)((input[0] << 8) \| input[1]);
wolfSSL	4:1b0d80432c79	1744	input += SUITE_LEN;
wolfSSL	4:1b0d80432c79	1745	*sslBytes -= SUITE_LEN;
wolfSSL	4:1b0d80432c79	1746	/* make sure can read through all extensions */
wolfSSL	4:1b0d80432c79	1747	if (len > *sslBytes) {
wolfSSL	4:1b0d80432c79	1748	SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1749	return -1;
wolfSSL	4:1b0d80432c79	1750	}
wolfSSL	4:1b0d80432c79	1751
wolfSSL	4:1b0d80432c79	1752	while (len > EXT_TYPE_SZ + LENGTH_SZ) {
wolfSSL	4:1b0d80432c79	1753	byte extType[EXT_TYPE_SZ];
wolfSSL	4:1b0d80432c79	1754	word16 extLen;
wolfSSL	4:1b0d80432c79	1755
wolfSSL	4:1b0d80432c79	1756	extType[0] = input[0];
wolfSSL	4:1b0d80432c79	1757	extType[1] = input[1];
wolfSSL	4:1b0d80432c79	1758	input += EXT_TYPE_SZ;
wolfSSL	4:1b0d80432c79	1759	*sslBytes -= EXT_TYPE_SZ;
wolfSSL	4:1b0d80432c79	1760
wolfSSL	4:1b0d80432c79	1761	extLen = (word16)((input[0] << 8) \| input[1]);
wolfSSL	4:1b0d80432c79	1762	input += LENGTH_SZ;
wolfSSL	4:1b0d80432c79	1763	*sslBytes -= LENGTH_SZ;
wolfSSL	4:1b0d80432c79	1764
wolfSSL	4:1b0d80432c79	1765	/* make sure can read through individual extension */
wolfSSL	4:1b0d80432c79	1766	if (extLen > *sslBytes) {
wolfSSL	4:1b0d80432c79	1767	SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1768	return -1;
wolfSSL	4:1b0d80432c79	1769	}
wolfSSL	4:1b0d80432c79	1770
wolfSSL	4:1b0d80432c79	1771	if (extType[0] == 0x00 && extType[1] == TICKET_EXT_ID) {
wolfSSL	4:1b0d80432c79	1772
wolfSSL	4:1b0d80432c79	1773	/* make sure can read through ticket if there is a non blank one */
wolfSSL	4:1b0d80432c79	1774	if (extLen && extLen < ID_LEN) {
wolfSSL	4:1b0d80432c79	1775	SetError(CLIENT_HELLO_INPUT_STR, error, session,
wolfSSL	4:1b0d80432c79	1776	FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1777	return -1;
wolfSSL	4:1b0d80432c79	1778	}
wolfSSL	4:1b0d80432c79	1779
wolfSSL	4:1b0d80432c79	1780	if (extLen) {
wolfSSL	4:1b0d80432c79	1781	if (session->ticketID == 0) {
wolfSSL	4:1b0d80432c79	1782	session->ticketID = (byte*)malloc(ID_LEN);
wolfSSL	4:1b0d80432c79	1783	if (session->ticketID == 0) {
wolfSSL	4:1b0d80432c79	1784	SetError(MEMORY_STR, error, session,
wolfSSL	4:1b0d80432c79	1785	FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1786	return -1;
wolfSSL	4:1b0d80432c79	1787	}
wolfSSL	4:1b0d80432c79	1788	}
wolfSSL	4:1b0d80432c79	1789	XMEMCPY(session->ticketID, input + extLen - ID_LEN, ID_LEN);
wolfSSL	4:1b0d80432c79	1790	}
wolfSSL	4:1b0d80432c79	1791	}
wolfSSL	4:1b0d80432c79	1792
wolfSSL	4:1b0d80432c79	1793	input += extLen;
wolfSSL	4:1b0d80432c79	1794	*sslBytes -= extLen;
wolfSSL	4:1b0d80432c79	1795	len -= extLen + EXT_TYPE_SZ + LENGTH_SZ;
wolfSSL	4:1b0d80432c79	1796	}
wolfSSL	4:1b0d80432c79	1797
wolfSSL	4:1b0d80432c79	1798	return 0;
wolfSSL	4:1b0d80432c79	1799	}
wolfSSL	4:1b0d80432c79	1800
wolfSSL	4:1b0d80432c79	1801
wolfSSL	4:1b0d80432c79	1802	/* Process Finished */
wolfSSL	4:1b0d80432c79	1803	static int ProcessFinished(const byte* input, int size, int* sslBytes,
wolfSSL	4:1b0d80432c79	1804	SnifferSession* session, char* error)
wolfSSL	4:1b0d80432c79	1805	{
wolfSSL	4:1b0d80432c79	1806	SSL* ssl;
wolfSSL	4:1b0d80432c79	1807	word32 inOutIdx = 0;
wolfSSL	4:1b0d80432c79	1808	int ret;
wolfSSL	4:1b0d80432c79	1809
wolfSSL	4:1b0d80432c79	1810	if (session->flags.side == WOLFSSL_SERVER_END)
wolfSSL	4:1b0d80432c79	1811	ssl = session->sslServer;
wolfSSL	4:1b0d80432c79	1812	else
wolfSSL	4:1b0d80432c79	1813	ssl = session->sslClient;
wolfSSL	4:1b0d80432c79	1814
wolfSSL	4:1b0d80432c79	1815	ret = DoFinished(ssl, input, &inOutIdx, (word32) size, (word32) *sslBytes,
wolfSSL	4:1b0d80432c79	1816	SNIFF);
wolfSSL	4:1b0d80432c79	1817	*sslBytes -= (int)inOutIdx;
wolfSSL	4:1b0d80432c79	1818
wolfSSL	4:1b0d80432c79	1819	if (ret < 0) {
wolfSSL	4:1b0d80432c79	1820	SetError(BAD_FINISHED_MSG, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1821	return ret;
wolfSSL	4:1b0d80432c79	1822	}
wolfSSL	4:1b0d80432c79	1823
wolfSSL	4:1b0d80432c79	1824	if (ret == 0 && session->flags.cached == 0) {
wolfSSL	4:1b0d80432c79	1825	if (session->sslServer->options.haveSessionId) {
wolfSSL	4:1b0d80432c79	1826	WOLFSSL_SESSION* sess = GetSession(session->sslServer, NULL);
wolfSSL	4:1b0d80432c79	1827	if (sess == NULL)
wolfSSL	4:1b0d80432c79	1828	AddSession(session->sslServer); /* don't re add */
wolfSSL	4:1b0d80432c79	1829	session->flags.cached = 1;
wolfSSL	4:1b0d80432c79	1830	}
wolfSSL	4:1b0d80432c79	1831	}
wolfSSL	4:1b0d80432c79	1832
wolfSSL	4:1b0d80432c79	1833	/* If receiving a finished message from one side, free the resources
wolfSSL	4:1b0d80432c79	1834	* from the other side's tracker. */
wolfSSL	4:1b0d80432c79	1835	if (session->flags.side == WOLFSSL_SERVER_END)
wolfSSL	4:1b0d80432c79	1836	FreeHandshakeResources(session->sslClient);
wolfSSL	4:1b0d80432c79	1837	else
wolfSSL	4:1b0d80432c79	1838	FreeHandshakeResources(session->sslServer);
wolfSSL	4:1b0d80432c79	1839
wolfSSL	4:1b0d80432c79	1840	return ret;
wolfSSL	4:1b0d80432c79	1841	}
wolfSSL	4:1b0d80432c79	1842
wolfSSL	4:1b0d80432c79	1843
wolfSSL	4:1b0d80432c79	1844	/* Process HandShake input */
wolfSSL	4:1b0d80432c79	1845	static int DoHandShake(const byte* input, int* sslBytes,
wolfSSL	4:1b0d80432c79	1846	SnifferSession* session, char* error)
wolfSSL	4:1b0d80432c79	1847	{
wolfSSL	4:1b0d80432c79	1848	byte type;
wolfSSL	4:1b0d80432c79	1849	int size;
wolfSSL	4:1b0d80432c79	1850	int ret = 0;
wolfSSL	4:1b0d80432c79	1851	int startBytes;
wolfSSL	4:1b0d80432c79	1852
wolfSSL	4:1b0d80432c79	1853	if (*sslBytes < HANDSHAKE_HEADER_SZ) {
wolfSSL	4:1b0d80432c79	1854	SetError(HANDSHAKE_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1855	return -1;
wolfSSL	4:1b0d80432c79	1856	}
wolfSSL	4:1b0d80432c79	1857	type = input[0];
wolfSSL	4:1b0d80432c79	1858	size = (input[1] << 16) \| (input[2] << 8) \| input[3];
wolfSSL	4:1b0d80432c79	1859
wolfSSL	4:1b0d80432c79	1860	input += HANDSHAKE_HEADER_SZ;
wolfSSL	4:1b0d80432c79	1861	*sslBytes -= HANDSHAKE_HEADER_SZ;
wolfSSL	4:1b0d80432c79	1862	startBytes = *sslBytes;
wolfSSL	4:1b0d80432c79	1863
wolfSSL	4:1b0d80432c79	1864	if (*sslBytes < size) {
wolfSSL	4:1b0d80432c79	1865	SetError(HANDSHAKE_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1866	return -1;
wolfSSL	4:1b0d80432c79	1867	}
wolfSSL	4:1b0d80432c79	1868
wolfSSL	4:1b0d80432c79	1869	/* A session's arrays are released when the handshake is completed. */
wolfSSL	4:1b0d80432c79	1870	if (session->sslServer->arrays == NULL &&
wolfSSL	4:1b0d80432c79	1871	session->sslClient->arrays == NULL) {
wolfSSL	4:1b0d80432c79	1872
wolfSSL	4:1b0d80432c79	1873	SetError(NO_SECURE_RENEGOTIATION, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1874	return -1;
wolfSSL	4:1b0d80432c79	1875	}
wolfSSL	4:1b0d80432c79	1876
wolfSSL	4:1b0d80432c79	1877	switch (type) {
wolfSSL	4:1b0d80432c79	1878	case hello_verify_request:
wolfSSL	4:1b0d80432c79	1879	Trace(GOT_HELLO_VERIFY_STR);
wolfSSL	4:1b0d80432c79	1880	break;
wolfSSL	4:1b0d80432c79	1881	case hello_request:
wolfSSL	4:1b0d80432c79	1882	Trace(GOT_HELLO_REQUEST_STR);
wolfSSL	4:1b0d80432c79	1883	break;
wolfSSL	4:1b0d80432c79	1884	case session_ticket:
wolfSSL	4:1b0d80432c79	1885	Trace(GOT_SESSION_TICKET_STR);
wolfSSL	4:1b0d80432c79	1886	ret = ProcessSessionTicket(input, sslBytes, session, error);
wolfSSL	4:1b0d80432c79	1887	break;
wolfSSL	4:1b0d80432c79	1888	case server_hello:
wolfSSL	4:1b0d80432c79	1889	Trace(GOT_SERVER_HELLO_STR);
wolfSSL	4:1b0d80432c79	1890	ret = ProcessServerHello(input, sslBytes, session, error);
wolfSSL	4:1b0d80432c79	1891	break;
wolfSSL	4:1b0d80432c79	1892	case certificate_request:
wolfSSL	4:1b0d80432c79	1893	Trace(GOT_CERT_REQ_STR);
wolfSSL	4:1b0d80432c79	1894	break;
wolfSSL	4:1b0d80432c79	1895	case server_key_exchange:
wolfSSL	4:1b0d80432c79	1896	Trace(GOT_SERVER_KEY_EX_STR);
wolfSSL	4:1b0d80432c79	1897	/* can't know temp key passively */
wolfSSL	4:1b0d80432c79	1898	SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	1899	ret = -1;
wolfSSL	4:1b0d80432c79	1900	break;
wolfSSL	4:1b0d80432c79	1901	case certificate:
wolfSSL	4:1b0d80432c79	1902	Trace(GOT_CERT_STR);
wolfSSL	4:1b0d80432c79	1903	break;
wolfSSL	4:1b0d80432c79	1904	case server_hello_done:
wolfSSL	4:1b0d80432c79	1905	Trace(GOT_SERVER_HELLO_DONE_STR);
wolfSSL	4:1b0d80432c79	1906	break;
wolfSSL	4:1b0d80432c79	1907	case finished:
wolfSSL	4:1b0d80432c79	1908	Trace(GOT_FINISHED_STR);
wolfSSL	4:1b0d80432c79	1909	ret = ProcessFinished(input, size, sslBytes, session, error);
wolfSSL	4:1b0d80432c79	1910	break;
wolfSSL	4:1b0d80432c79	1911	case client_hello:
wolfSSL	4:1b0d80432c79	1912	Trace(GOT_CLIENT_HELLO_STR);
wolfSSL	4:1b0d80432c79	1913	ret = ProcessClientHello(input, sslBytes, session, error);
wolfSSL	4:1b0d80432c79	1914	break;
wolfSSL	4:1b0d80432c79	1915	case client_key_exchange:
wolfSSL	4:1b0d80432c79	1916	Trace(GOT_CLIENT_KEY_EX_STR);
wolfSSL	4:1b0d80432c79	1917	ret = ProcessClientKeyExchange(input, sslBytes, session, error);
wolfSSL	4:1b0d80432c79	1918	break;
wolfSSL	4:1b0d80432c79	1919	case certificate_verify:
wolfSSL	4:1b0d80432c79	1920	Trace(GOT_CERT_VER_STR);
wolfSSL	4:1b0d80432c79	1921	break;
wolfSSL	4:1b0d80432c79	1922	case certificate_status:
wolfSSL	4:1b0d80432c79	1923	Trace(GOT_CERT_STATUS_STR);
wolfSSL	4:1b0d80432c79	1924	break;
wolfSSL	4:1b0d80432c79	1925	default:
wolfSSL	4:1b0d80432c79	1926	SetError(GOT_UNKNOWN_HANDSHAKE_STR, error, session, 0);
wolfSSL	4:1b0d80432c79	1927	return -1;
wolfSSL	4:1b0d80432c79	1928	}
wolfSSL	4:1b0d80432c79	1929
wolfSSL	4:1b0d80432c79	1930	sslBytes = startBytes - size; / actual bytes of full process */
wolfSSL	4:1b0d80432c79	1931
wolfSSL	4:1b0d80432c79	1932	return ret;
wolfSSL	4:1b0d80432c79	1933	}
wolfSSL	4:1b0d80432c79	1934
wolfSSL	4:1b0d80432c79	1935
wolfSSL	4:1b0d80432c79	1936	/* Decrypt input into plain output, 0 on success */
wolfSSL	4:1b0d80432c79	1937	static int Decrypt(SSL* ssl, byte* output, const byte* input, word32 sz)
wolfSSL	4:1b0d80432c79	1938	{
wolfSSL	4:1b0d80432c79	1939	int ret = 0;
wolfSSL	4:1b0d80432c79	1940
wolfSSL	4:1b0d80432c79	1941	switch (ssl->specs.bulk_cipher_algorithm) {
wolfSSL	4:1b0d80432c79	1942	#ifdef BUILD_ARC4
wolfSSL	4:1b0d80432c79	1943	case wolfssl_rc4:
wolfSSL	4:1b0d80432c79	1944	wc_Arc4Process(ssl->decrypt.arc4, output, input, sz);
wolfSSL	4:1b0d80432c79	1945	break;
wolfSSL	4:1b0d80432c79	1946	#endif
wolfSSL	4:1b0d80432c79	1947
wolfSSL	4:1b0d80432c79	1948	#ifdef BUILD_DES3
wolfSSL	4:1b0d80432c79	1949	case wolfssl_triple_des:
wolfSSL	4:1b0d80432c79	1950	ret = wc_Des3_CbcDecrypt(ssl->decrypt.des3, output, input, sz);
wolfSSL	4:1b0d80432c79	1951	break;
wolfSSL	4:1b0d80432c79	1952	#endif
wolfSSL	4:1b0d80432c79	1953
wolfSSL	4:1b0d80432c79	1954	#ifdef BUILD_AES
wolfSSL	4:1b0d80432c79	1955	case wolfssl_aes:
wolfSSL	4:1b0d80432c79	1956	ret = wc_AesCbcDecrypt(ssl->decrypt.aes, output, input, sz);
wolfSSL	4:1b0d80432c79	1957	break;
wolfSSL	4:1b0d80432c79	1958	#endif
wolfSSL	4:1b0d80432c79	1959
wolfSSL	4:1b0d80432c79	1960	#ifdef HAVE_HC128
wolfSSL	4:1b0d80432c79	1961	case wolfssl_hc128:
wolfSSL	4:1b0d80432c79	1962	wc_Hc128_Process(ssl->decrypt.hc128, output, input, sz);
wolfSSL	4:1b0d80432c79	1963	break;
wolfSSL	4:1b0d80432c79	1964	#endif
wolfSSL	4:1b0d80432c79	1965
wolfSSL	4:1b0d80432c79	1966	#ifdef BUILD_RABBIT
wolfSSL	4:1b0d80432c79	1967	case wolfssl_rabbit:
wolfSSL	4:1b0d80432c79	1968	wc_RabbitProcess(ssl->decrypt.rabbit, output, input, sz);
wolfSSL	4:1b0d80432c79	1969	break;
wolfSSL	4:1b0d80432c79	1970	#endif
wolfSSL	4:1b0d80432c79	1971
wolfSSL	4:1b0d80432c79	1972	#ifdef HAVE_CAMELLIA
wolfSSL	4:1b0d80432c79	1973	case wolfssl_camellia:
wolfSSL	4:1b0d80432c79	1974	wc_CamelliaCbcDecrypt(ssl->decrypt.cam, output, input, sz);
wolfSSL	4:1b0d80432c79	1975	break;
wolfSSL	4:1b0d80432c79	1976	#endif
wolfSSL	4:1b0d80432c79	1977
wolfSSL	4:1b0d80432c79	1978	#ifdef HAVE_IDEA
wolfSSL	4:1b0d80432c79	1979	case wolfssl_idea:
wolfSSL	4:1b0d80432c79	1980	wc_IdeaCbcDecrypt(ssl->decrypt.idea, output, input, sz);
wolfSSL	4:1b0d80432c79	1981	break;
wolfSSL	4:1b0d80432c79	1982	#endif
wolfSSL	4:1b0d80432c79	1983
wolfSSL	4:1b0d80432c79	1984	#ifdef HAVE_AESGCM
wolfSSL	4:1b0d80432c79	1985	case wolfssl_aes_gcm:
wolfSSL	4:1b0d80432c79	1986	if (sz >= (word32)(AESGCM_EXP_IV_SZ + ssl->specs.aead_mac_size))
wolfSSL	4:1b0d80432c79	1987	{
wolfSSL	4:1b0d80432c79	1988	byte nonce[AESGCM_NONCE_SZ];
wolfSSL	4:1b0d80432c79	1989	XMEMCPY(nonce, ssl->keys.aead_dec_imp_IV, AESGCM_IMP_IV_SZ);
wolfSSL	4:1b0d80432c79	1990	XMEMCPY(nonce + AESGCM_IMP_IV_SZ, input, AESGCM_EXP_IV_SZ);
wolfSSL	4:1b0d80432c79	1991
wolfSSL	4:1b0d80432c79	1992	if (wc_AesGcmEncrypt(ssl->decrypt.aes,
wolfSSL	4:1b0d80432c79	1993	output,
wolfSSL	4:1b0d80432c79	1994	input + AESGCM_EXP_IV_SZ,
wolfSSL	4:1b0d80432c79	1995	sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
wolfSSL	4:1b0d80432c79	1996	nonce, AESGCM_NONCE_SZ,
wolfSSL	4:1b0d80432c79	1997	NULL, 0,
wolfSSL	4:1b0d80432c79	1998	NULL, 0) < 0) {
wolfSSL	4:1b0d80432c79	1999	Trace(BAD_DECRYPT);
wolfSSL	4:1b0d80432c79	2000	ret = -1;
wolfSSL	4:1b0d80432c79	2001	}
wolfSSL	4:1b0d80432c79	2002	ForceZero(nonce, AESGCM_NONCE_SZ);
wolfSSL	4:1b0d80432c79	2003	}
wolfSSL	4:1b0d80432c79	2004	else {
wolfSSL	4:1b0d80432c79	2005	Trace(BAD_DECRYPT_SIZE);
wolfSSL	4:1b0d80432c79	2006	ret = -1;
wolfSSL	4:1b0d80432c79	2007	}
wolfSSL	4:1b0d80432c79	2008	break;
wolfSSL	4:1b0d80432c79	2009	#endif
wolfSSL	4:1b0d80432c79	2010
wolfSSL	4:1b0d80432c79	2011	default:
wolfSSL	4:1b0d80432c79	2012	Trace(BAD_DECRYPT_TYPE);
wolfSSL	4:1b0d80432c79	2013	ret = -1;
wolfSSL	4:1b0d80432c79	2014	break;
wolfSSL	4:1b0d80432c79	2015	}
wolfSSL	4:1b0d80432c79	2016
wolfSSL	4:1b0d80432c79	2017	return ret;
wolfSSL	4:1b0d80432c79	2018	}
wolfSSL	4:1b0d80432c79	2019
wolfSSL	4:1b0d80432c79	2020
wolfSSL	4:1b0d80432c79	2021	/* Decrypt input message into output, adjust output steam if needed */
wolfSSL	4:1b0d80432c79	2022	static const byte* DecryptMessage(SSL* ssl, const byte* input, word32 sz,
wolfSSL	4:1b0d80432c79	2023	byte* output, int* error, int* advance)
wolfSSL	4:1b0d80432c79	2024	{
wolfSSL	4:1b0d80432c79	2025	int ivExtra = 0;
wolfSSL	4:1b0d80432c79	2026
wolfSSL	4:1b0d80432c79	2027	int ret = Decrypt(ssl, output, input, sz);
wolfSSL	4:1b0d80432c79	2028	if (ret != 0) {
wolfSSL	4:1b0d80432c79	2029	*error = ret;
wolfSSL	4:1b0d80432c79	2030	return NULL;
wolfSSL	4:1b0d80432c79	2031	}
wolfSSL	4:1b0d80432c79	2032	ssl->keys.encryptSz = sz;
wolfSSL	4:1b0d80432c79	2033	if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) {
wolfSSL	4:1b0d80432c79	2034	output += ssl->specs.block_size; /* go past TLSv1.1 IV */
wolfSSL	4:1b0d80432c79	2035	ivExtra = ssl->specs.block_size;
wolfSSL	4:1b0d80432c79	2036	*advance = ssl->specs.block_size;
wolfSSL	4:1b0d80432c79	2037	}
wolfSSL	4:1b0d80432c79	2038
wolfSSL	4:1b0d80432c79	2039	if (ssl->specs.cipher_type == aead) {
wolfSSL	4:1b0d80432c79	2040	*advance = ssl->specs.aead_mac_size;
wolfSSL	4:1b0d80432c79	2041	ssl->keys.padSz = ssl->specs.aead_mac_size;
wolfSSL	4:1b0d80432c79	2042	}
wolfSSL	4:1b0d80432c79	2043	else
wolfSSL	4:1b0d80432c79	2044	ssl->keys.padSz = ssl->specs.hash_size;
wolfSSL	4:1b0d80432c79	2045
wolfSSL	4:1b0d80432c79	2046	if (ssl->specs.cipher_type == block)
wolfSSL	4:1b0d80432c79	2047	ssl->keys.padSz += *(output + sz - ivExtra - 1) + 1;
wolfSSL	4:1b0d80432c79	2048
wolfSSL	4:1b0d80432c79	2049	return output;
wolfSSL	4:1b0d80432c79	2050	}
wolfSSL	4:1b0d80432c79	2051
wolfSSL	4:1b0d80432c79	2052
wolfSSL	4:1b0d80432c79	2053	/* remove session from table, use rowHint if no info (means we have a lock) */
wolfSSL	4:1b0d80432c79	2054	static void RemoveSession(SnifferSession* session, IpInfo* ipInfo,
wolfSSL	4:1b0d80432c79	2055	TcpInfo* tcpInfo, word32 rowHint)
wolfSSL	4:1b0d80432c79	2056	{
wolfSSL	4:1b0d80432c79	2057	SnifferSession* previous = 0;
wolfSSL	4:1b0d80432c79	2058	SnifferSession* current;
wolfSSL	4:1b0d80432c79	2059	word32 row = rowHint;
wolfSSL	4:1b0d80432c79	2060	int haveLock = 0;
wolfSSL	4:1b0d80432c79	2061
wolfSSL	4:1b0d80432c79	2062	if (ipInfo && tcpInfo)
wolfSSL	4:1b0d80432c79	2063	row = SessionHash(ipInfo, tcpInfo);
wolfSSL	4:1b0d80432c79	2064	else
wolfSSL	4:1b0d80432c79	2065	haveLock = 1;
wolfSSL	4:1b0d80432c79	2066
wolfSSL	4:1b0d80432c79	2067	assert(row <= HASH_SIZE);
wolfSSL	4:1b0d80432c79	2068	Trace(REMOVE_SESSION_STR);
wolfSSL	4:1b0d80432c79	2069
wolfSSL	4:1b0d80432c79	2070	if (!haveLock)
wolfSSL	4:1b0d80432c79	2071	LockMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	2072
wolfSSL	4:1b0d80432c79	2073	current = SessionTable[row];
wolfSSL	4:1b0d80432c79	2074
wolfSSL	4:1b0d80432c79	2075	while (current) {
wolfSSL	4:1b0d80432c79	2076	if (current == session) {
wolfSSL	4:1b0d80432c79	2077	if (previous)
wolfSSL	4:1b0d80432c79	2078	previous->next = current->next;
wolfSSL	4:1b0d80432c79	2079	else
wolfSSL	4:1b0d80432c79	2080	SessionTable[row] = current->next;
wolfSSL	4:1b0d80432c79	2081	FreeSnifferSession(session);
wolfSSL	4:1b0d80432c79	2082	TraceRemovedSession();
wolfSSL	4:1b0d80432c79	2083	break;
wolfSSL	4:1b0d80432c79	2084	}
wolfSSL	4:1b0d80432c79	2085	previous = current;
wolfSSL	4:1b0d80432c79	2086	current = current->next;
wolfSSL	4:1b0d80432c79	2087	}
wolfSSL	4:1b0d80432c79	2088
wolfSSL	4:1b0d80432c79	2089	if (!haveLock)
wolfSSL	4:1b0d80432c79	2090	UnLockMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	2091	}
wolfSSL	4:1b0d80432c79	2092
wolfSSL	4:1b0d80432c79	2093
wolfSSL	4:1b0d80432c79	2094	/* Remove stale sessions from the Session Table, have a lock */
wolfSSL	4:1b0d80432c79	2095	static void RemoveStaleSessions(void)
wolfSSL	4:1b0d80432c79	2096	{
wolfSSL	4:1b0d80432c79	2097	word32 i;
wolfSSL	4:1b0d80432c79	2098	SnifferSession* session;
wolfSSL	4:1b0d80432c79	2099
wolfSSL	4:1b0d80432c79	2100	for (i = 0; i < HASH_SIZE; i++) {
wolfSSL	4:1b0d80432c79	2101	session = SessionTable[i];
wolfSSL	4:1b0d80432c79	2102	while (session) {
wolfSSL	4:1b0d80432c79	2103	SnifferSession* next = session->next;
wolfSSL	4:1b0d80432c79	2104	if (time(NULL) >= session->lastUsed + WOLFSSL_SNIFFER_TIMEOUT) {
wolfSSL	4:1b0d80432c79	2105	TraceStaleSession();
wolfSSL	4:1b0d80432c79	2106	RemoveSession(session, NULL, NULL, i);
wolfSSL	4:1b0d80432c79	2107	}
wolfSSL	4:1b0d80432c79	2108	session = next;
wolfSSL	4:1b0d80432c79	2109	}
wolfSSL	4:1b0d80432c79	2110	}
wolfSSL	4:1b0d80432c79	2111	}
wolfSSL	4:1b0d80432c79	2112
wolfSSL	4:1b0d80432c79	2113
wolfSSL	4:1b0d80432c79	2114	/* Create a new Sniffer Session */
wolfSSL	4:1b0d80432c79	2115	static SnifferSession* CreateSession(IpInfo* ipInfo, TcpInfo* tcpInfo,
wolfSSL	4:1b0d80432c79	2116	char* error)
wolfSSL	4:1b0d80432c79	2117	{
wolfSSL	4:1b0d80432c79	2118	SnifferSession* session = 0;
wolfSSL	4:1b0d80432c79	2119	int row;
wolfSSL	4:1b0d80432c79	2120
wolfSSL	4:1b0d80432c79	2121	Trace(NEW_SESSION_STR);
wolfSSL	4:1b0d80432c79	2122	/* create a new one */
wolfSSL	4:1b0d80432c79	2123	session = (SnifferSession*)malloc(sizeof(SnifferSession));
wolfSSL	4:1b0d80432c79	2124	if (session == NULL) {
wolfSSL	4:1b0d80432c79	2125	SetError(MEMORY_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	2126	return 0;
wolfSSL	4:1b0d80432c79	2127	}
wolfSSL	4:1b0d80432c79	2128	InitSession(session);
wolfSSL	4:1b0d80432c79	2129	session->server = ipInfo->dst;
wolfSSL	4:1b0d80432c79	2130	session->client = ipInfo->src;
wolfSSL	4:1b0d80432c79	2131	session->srvPort = (word16)tcpInfo->dstPort;
wolfSSL	4:1b0d80432c79	2132	session->cliPort = (word16)tcpInfo->srcPort;
wolfSSL	4:1b0d80432c79	2133	session->cliSeqStart = tcpInfo->sequence;
wolfSSL	4:1b0d80432c79	2134	session->cliExpected = 1; /* relative */
wolfSSL	4:1b0d80432c79	2135	session->lastUsed= time(NULL);
wolfSSL	4:1b0d80432c79	2136
wolfSSL	4:1b0d80432c79	2137	session->context = GetSnifferServer(ipInfo, tcpInfo);
wolfSSL	4:1b0d80432c79	2138	if (session->context == NULL) {
wolfSSL	4:1b0d80432c79	2139	SetError(SERVER_NOT_REG_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	2140	free(session);
wolfSSL	4:1b0d80432c79	2141	return 0;
wolfSSL	4:1b0d80432c79	2142	}
wolfSSL	4:1b0d80432c79	2143
wolfSSL	4:1b0d80432c79	2144	session->sslServer = SSL_new(session->context->ctx);
wolfSSL	4:1b0d80432c79	2145	if (session->sslServer == NULL) {
wolfSSL	4:1b0d80432c79	2146	SetError(BAD_NEW_SSL_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2147	free(session);
wolfSSL	4:1b0d80432c79	2148	return 0;
wolfSSL	4:1b0d80432c79	2149	}
wolfSSL	4:1b0d80432c79	2150	session->sslClient = SSL_new(session->context->ctx);
wolfSSL	4:1b0d80432c79	2151	if (session->sslClient == NULL) {
wolfSSL	4:1b0d80432c79	2152	SSL_free(session->sslServer);
wolfSSL	4:1b0d80432c79	2153	session->sslServer = 0;
wolfSSL	4:1b0d80432c79	2154
wolfSSL	4:1b0d80432c79	2155	SetError(BAD_NEW_SSL_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2156	free(session);
wolfSSL	4:1b0d80432c79	2157	return 0;
wolfSSL	4:1b0d80432c79	2158	}
wolfSSL	4:1b0d80432c79	2159	/* put server back into server mode */
wolfSSL	4:1b0d80432c79	2160	session->sslServer->options.side = WOLFSSL_SERVER_END;
wolfSSL	4:1b0d80432c79	2161
wolfSSL	4:1b0d80432c79	2162	row = SessionHash(ipInfo, tcpInfo);
wolfSSL	4:1b0d80432c79	2163
wolfSSL	4:1b0d80432c79	2164	/* add it to the session table */
wolfSSL	4:1b0d80432c79	2165	LockMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	2166
wolfSSL	4:1b0d80432c79	2167	session->next = SessionTable[row];
wolfSSL	4:1b0d80432c79	2168	SessionTable[row] = session;
wolfSSL	4:1b0d80432c79	2169
wolfSSL	4:1b0d80432c79	2170	SessionCount++;
wolfSSL	4:1b0d80432c79	2171
wolfSSL	4:1b0d80432c79	2172	if ( (SessionCount % HASH_SIZE) == 0) {
wolfSSL	4:1b0d80432c79	2173	TraceFindingStale();
wolfSSL	4:1b0d80432c79	2174	RemoveStaleSessions();
wolfSSL	4:1b0d80432c79	2175	}
wolfSSL	4:1b0d80432c79	2176
wolfSSL	4:1b0d80432c79	2177	UnLockMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	2178
wolfSSL	4:1b0d80432c79	2179	/* determine headed side */
wolfSSL	4:1b0d80432c79	2180	if (ipInfo->dst == session->context->server &&
wolfSSL	4:1b0d80432c79	2181	tcpInfo->dstPort == session->context->port)
wolfSSL	4:1b0d80432c79	2182	session->flags.side = WOLFSSL_SERVER_END;
wolfSSL	4:1b0d80432c79	2183	else
wolfSSL	4:1b0d80432c79	2184	session->flags.side = WOLFSSL_CLIENT_END;
wolfSSL	4:1b0d80432c79	2185
wolfSSL	4:1b0d80432c79	2186	return session;
wolfSSL	4:1b0d80432c79	2187	}
wolfSSL	4:1b0d80432c79	2188
wolfSSL	4:1b0d80432c79	2189
wolfSSL	4:1b0d80432c79	2190	#ifdef OLD_HELLO_ALLOWED
wolfSSL	4:1b0d80432c79	2191
wolfSSL	4:1b0d80432c79	2192	/* Process Old Client Hello Input */
wolfSSL	4:1b0d80432c79	2193	static int DoOldHello(SnifferSession* session, const byte* sslFrame,
wolfSSL	4:1b0d80432c79	2194	int* rhSize, int* sslBytes, char* error)
wolfSSL	4:1b0d80432c79	2195	{
wolfSSL	4:1b0d80432c79	2196	const byte* input = sslFrame;
wolfSSL	4:1b0d80432c79	2197	byte b0, b1;
wolfSSL	4:1b0d80432c79	2198	word32 idx = 0;
wolfSSL	4:1b0d80432c79	2199	int ret;
wolfSSL	4:1b0d80432c79	2200
wolfSSL	4:1b0d80432c79	2201	Trace(GOT_OLD_CLIENT_HELLO_STR);
wolfSSL	4:1b0d80432c79	2202	session->flags.clientHello = 1; /* don't process again */
wolfSSL	4:1b0d80432c79	2203	b0 = *input++;
wolfSSL	4:1b0d80432c79	2204	b1 = *input++;
wolfSSL	4:1b0d80432c79	2205	*sslBytes -= 2;
wolfSSL	4:1b0d80432c79	2206	*rhSize = ((b0 & 0x7f) << 8) \| b1;
wolfSSL	4:1b0d80432c79	2207
wolfSSL	4:1b0d80432c79	2208	if (rhSize > sslBytes) {
wolfSSL	4:1b0d80432c79	2209	SetError(OLD_CLIENT_INPUT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2210	return -1;
wolfSSL	4:1b0d80432c79	2211	}
wolfSSL	4:1b0d80432c79	2212
wolfSSL	4:1b0d80432c79	2213	ret = ProcessOldClientHello(session->sslServer, input, &idx, *sslBytes,
wolfSSL	4:1b0d80432c79	2214	(word16)*rhSize);
wolfSSL	4:1b0d80432c79	2215	if (ret < 0 && ret != MATCH_SUITE_ERROR) {
wolfSSL	4:1b0d80432c79	2216	SetError(BAD_OLD_CLIENT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2217	return -1;
wolfSSL	4:1b0d80432c79	2218	}
wolfSSL	4:1b0d80432c79	2219
wolfSSL	4:1b0d80432c79	2220	Trace(OLD_CLIENT_OK_STR);
wolfSSL	4:1b0d80432c79	2221	XMEMCPY(session->sslClient->arrays->clientRandom,
wolfSSL	4:1b0d80432c79	2222	session->sslServer->arrays->clientRandom, RAN_LEN);
wolfSSL	4:1b0d80432c79	2223
wolfSSL	4:1b0d80432c79	2224	sslBytes -= rhSize;
wolfSSL	4:1b0d80432c79	2225	return 0;
wolfSSL	4:1b0d80432c79	2226	}
wolfSSL	4:1b0d80432c79	2227
wolfSSL	4:1b0d80432c79	2228	#endif /* OLD_HELLO_ALLOWED */
wolfSSL	4:1b0d80432c79	2229
wolfSSL	4:1b0d80432c79	2230
wolfSSL	4:1b0d80432c79	2231	#if 0
wolfSSL	4:1b0d80432c79	2232	/* Calculate the TCP checksum, see RFC 1071 */
wolfSSL	4:1b0d80432c79	2233	/* return 0 for success, -1 on error */
wolfSSL	4:1b0d80432c79	2234	/* can be called from decode() with
wolfSSL	4:1b0d80432c79	2235	TcpChecksum(&ipInfo, &tcpInfo, sslBytes, packet + ipInfo.length);
wolfSSL	4:1b0d80432c79	2236	could also add a 64bit version if type available and using this
wolfSSL	4:1b0d80432c79	2237	*/
wolfSSL	4:1b0d80432c79	2238	int TcpChecksum(IpInfo* ipInfo, TcpInfo* tcpInfo, int dataLen,
wolfSSL	4:1b0d80432c79	2239	const byte* packet)
wolfSSL	4:1b0d80432c79	2240	{
wolfSSL	4:1b0d80432c79	2241	TcpPseudoHdr pseudo;
wolfSSL	4:1b0d80432c79	2242	int count = PSEUDO_HDR_SZ;
wolfSSL	4:1b0d80432c79	2243	const word16* data = (word16*)&pseudo;
wolfSSL	4:1b0d80432c79	2244	word32 sum = 0;
wolfSSL	4:1b0d80432c79	2245	word16 checksum;
wolfSSL	4:1b0d80432c79	2246
wolfSSL	4:1b0d80432c79	2247	pseudo.src = ipInfo->src;
wolfSSL	4:1b0d80432c79	2248	pseudo.dst = ipInfo->dst;
wolfSSL	4:1b0d80432c79	2249	pseudo.rsv = 0;
wolfSSL	4:1b0d80432c79	2250	pseudo.protocol = TCP_PROTO;
wolfSSL	4:1b0d80432c79	2251	pseudo.length = htons(tcpInfo->length + dataLen);
wolfSSL	4:1b0d80432c79	2252
wolfSSL	4:1b0d80432c79	2253	/* pseudo header sum */
wolfSSL	4:1b0d80432c79	2254	while (count >= 2) {
wolfSSL	4:1b0d80432c79	2255	sum += *data++;
wolfSSL	4:1b0d80432c79	2256	count -= 2;
wolfSSL	4:1b0d80432c79	2257	}
wolfSSL	4:1b0d80432c79	2258
wolfSSL	4:1b0d80432c79	2259	count = tcpInfo->length + dataLen;
wolfSSL	4:1b0d80432c79	2260	data = (word16*)packet;
wolfSSL	4:1b0d80432c79	2261
wolfSSL	4:1b0d80432c79	2262	/* main sum */
wolfSSL	4:1b0d80432c79	2263	while (count > 1) {
wolfSSL	4:1b0d80432c79	2264	sum += *data++;
wolfSSL	4:1b0d80432c79	2265	count -=2;
wolfSSL	4:1b0d80432c79	2266	}
wolfSSL	4:1b0d80432c79	2267
wolfSSL	4:1b0d80432c79	2268	/* get left-over, if any */
wolfSSL	4:1b0d80432c79	2269	packet = (byte*)data;
wolfSSL	4:1b0d80432c79	2270	if (count > 0) {
wolfSSL	4:1b0d80432c79	2271	sum += *packet;
wolfSSL	4:1b0d80432c79	2272	}
wolfSSL	4:1b0d80432c79	2273
wolfSSL	4:1b0d80432c79	2274	/* fold 32bit sum into 16 bits */
wolfSSL	4:1b0d80432c79	2275	while (sum >> 16)
wolfSSL	4:1b0d80432c79	2276	sum = (sum & 0xffff) + (sum >> 16);
wolfSSL	4:1b0d80432c79	2277
wolfSSL	4:1b0d80432c79	2278	checksum = (word16)~sum;
wolfSSL	4:1b0d80432c79	2279	/* checksum should now equal 0, since included already calcd checksum */
wolfSSL	4:1b0d80432c79	2280	/* field, but tcp checksum offloading could negate calculation */
wolfSSL	4:1b0d80432c79	2281	if (checksum == 0)
wolfSSL	4:1b0d80432c79	2282	return 0;
wolfSSL	4:1b0d80432c79	2283	return -1;
wolfSSL	4:1b0d80432c79	2284	}
wolfSSL	4:1b0d80432c79	2285	#endif
wolfSSL	4:1b0d80432c79	2286
wolfSSL	4:1b0d80432c79	2287
wolfSSL	4:1b0d80432c79	2288	/* Check IP and TCP headers, set payload */
wolfSSL	4:1b0d80432c79	2289	/* returns 0 on success, -1 on error */
wolfSSL	4:1b0d80432c79	2290	static int CheckHeaders(IpInfo* ipInfo, TcpInfo* tcpInfo, const byte* packet,
wolfSSL	4:1b0d80432c79	2291	int length, const byte** sslFrame, int* sslBytes, char* error)
wolfSSL	4:1b0d80432c79	2292	{
wolfSSL	4:1b0d80432c79	2293	TraceHeader();
wolfSSL	4:1b0d80432c79	2294	TracePacket();
wolfSSL	4:1b0d80432c79	2295
wolfSSL	4:1b0d80432c79	2296	/* ip header */
wolfSSL	4:1b0d80432c79	2297	if (length < IP_HDR_SZ) {
wolfSSL	4:1b0d80432c79	2298	SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	2299	return -1;
wolfSSL	4:1b0d80432c79	2300	}
wolfSSL	4:1b0d80432c79	2301	if (CheckIpHdr((IpHdr*)packet, ipInfo, length, error) != 0)
wolfSSL	4:1b0d80432c79	2302	return -1;
wolfSSL	4:1b0d80432c79	2303
wolfSSL	4:1b0d80432c79	2304	/* tcp header */
wolfSSL	4:1b0d80432c79	2305	if (length < (ipInfo->length + TCP_HDR_SZ)) {
wolfSSL	4:1b0d80432c79	2306	SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	2307	return -1;
wolfSSL	4:1b0d80432c79	2308	}
wolfSSL	4:1b0d80432c79	2309	if (CheckTcpHdr((TcpHdr*)(packet + ipInfo->length), tcpInfo, error) != 0)
wolfSSL	4:1b0d80432c79	2310	return -1;
wolfSSL	4:1b0d80432c79	2311
wolfSSL	4:1b0d80432c79	2312	/* setup */
wolfSSL	4:1b0d80432c79	2313	*sslFrame = packet + ipInfo->length + tcpInfo->length;
wolfSSL	4:1b0d80432c79	2314	if (*sslFrame > packet + length) {
wolfSSL	4:1b0d80432c79	2315	SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	2316	return -1;
wolfSSL	4:1b0d80432c79	2317	}
wolfSSL	4:1b0d80432c79	2318	sslBytes = (int)(packet + length - sslFrame);
wolfSSL	4:1b0d80432c79	2319
wolfSSL	4:1b0d80432c79	2320	return 0;
wolfSSL	4:1b0d80432c79	2321	}
wolfSSL	4:1b0d80432c79	2322
wolfSSL	4:1b0d80432c79	2323
wolfSSL	4:1b0d80432c79	2324	/* Create or Find existing session */
wolfSSL	4:1b0d80432c79	2325	/* returns 0 on success (continue), -1 on error, 1 on success (end) */
wolfSSL	4:1b0d80432c79	2326	static int CheckSession(IpInfo* ipInfo, TcpInfo* tcpInfo, int sslBytes,
wolfSSL	4:1b0d80432c79	2327	SnifferSession** session, char* error)
wolfSSL	4:1b0d80432c79	2328	{
wolfSSL	4:1b0d80432c79	2329	/* create a new SnifferSession on client SYN */
wolfSSL	4:1b0d80432c79	2330	if (tcpInfo->syn && !tcpInfo->ack) {
wolfSSL	4:1b0d80432c79	2331	TraceClientSyn(tcpInfo->sequence);
wolfSSL	4:1b0d80432c79	2332	*session = CreateSession(ipInfo, tcpInfo, error);
wolfSSL	4:1b0d80432c79	2333	if (*session == NULL) {
wolfSSL	4:1b0d80432c79	2334	*session = GetSnifferSession(ipInfo, tcpInfo);
wolfSSL	4:1b0d80432c79	2335	/* already had existing, so OK */
wolfSSL	4:1b0d80432c79	2336	if (*session)
wolfSSL	4:1b0d80432c79	2337	return 1;
wolfSSL	4:1b0d80432c79	2338
wolfSSL	4:1b0d80432c79	2339	SetError(MEMORY_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	2340	return -1;
wolfSSL	4:1b0d80432c79	2341	}
wolfSSL	4:1b0d80432c79	2342	return 1;
wolfSSL	4:1b0d80432c79	2343	}
wolfSSL	4:1b0d80432c79	2344	/* get existing sniffer session */
wolfSSL	4:1b0d80432c79	2345	else {
wolfSSL	4:1b0d80432c79	2346	*session = GetSnifferSession(ipInfo, tcpInfo);
wolfSSL	4:1b0d80432c79	2347	if (*session == NULL) {
wolfSSL	4:1b0d80432c79	2348	/* don't worry about extraneous RST or duplicate FINs */
wolfSSL	4:1b0d80432c79	2349	if (tcpInfo->fin \|\| tcpInfo->rst)
wolfSSL	4:1b0d80432c79	2350	return 1;
wolfSSL	4:1b0d80432c79	2351	/* don't worry about duplicate ACKs either */
wolfSSL	4:1b0d80432c79	2352	if (sslBytes == 0 && tcpInfo->ack)
wolfSSL	4:1b0d80432c79	2353	return 1;
wolfSSL	4:1b0d80432c79	2354
wolfSSL	4:1b0d80432c79	2355	SetError(BAD_SESSION_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	2356	return -1;
wolfSSL	4:1b0d80432c79	2357	}
wolfSSL	4:1b0d80432c79	2358	}
wolfSSL	4:1b0d80432c79	2359	return 0;
wolfSSL	4:1b0d80432c79	2360	}
wolfSSL	4:1b0d80432c79	2361
wolfSSL	4:1b0d80432c79	2362
wolfSSL	4:1b0d80432c79	2363	/* Create a Packet Buffer from begin - end, adjust new begin and bytesLeft */
wolfSSL	4:1b0d80432c79	2364	static PacketBuffer* CreateBuffer(word32* begin, word32 end, const byte* data,
wolfSSL	4:1b0d80432c79	2365	int* bytesLeft)
wolfSSL	4:1b0d80432c79	2366	{
wolfSSL	4:1b0d80432c79	2367	PacketBuffer* pb;
wolfSSL	4:1b0d80432c79	2368
wolfSSL	4:1b0d80432c79	2369	int added = end - *begin + 1;
wolfSSL	4:1b0d80432c79	2370	assert(*begin <= end);
wolfSSL	4:1b0d80432c79	2371
wolfSSL	4:1b0d80432c79	2372	pb = (PacketBuffer*)malloc(sizeof(PacketBuffer));
wolfSSL	4:1b0d80432c79	2373	if (pb == NULL) return NULL;
wolfSSL	4:1b0d80432c79	2374
wolfSSL	4:1b0d80432c79	2375	pb->next = 0;
wolfSSL	4:1b0d80432c79	2376	pb->begin = *begin;
wolfSSL	4:1b0d80432c79	2377	pb->end = end;
wolfSSL	4:1b0d80432c79	2378	pb->data = (byte*)malloc(added);
wolfSSL	4:1b0d80432c79	2379
wolfSSL	4:1b0d80432c79	2380	if (pb->data == NULL) {
wolfSSL	4:1b0d80432c79	2381	free(pb);
wolfSSL	4:1b0d80432c79	2382	return NULL;
wolfSSL	4:1b0d80432c79	2383	}
wolfSSL	4:1b0d80432c79	2384	XMEMCPY(pb->data, data, added);
wolfSSL	4:1b0d80432c79	2385
wolfSSL	4:1b0d80432c79	2386	*bytesLeft -= added;
wolfSSL	4:1b0d80432c79	2387	*begin = pb->end + 1;
wolfSSL	4:1b0d80432c79	2388
wolfSSL	4:1b0d80432c79	2389	return pb;
wolfSSL	4:1b0d80432c79	2390	}
wolfSSL	4:1b0d80432c79	2391
wolfSSL	4:1b0d80432c79	2392
wolfSSL	4:1b0d80432c79	2393	/* Add sslFrame to Reassembly List */
wolfSSL	4:1b0d80432c79	2394	/* returns 1 (end) on success, -1, on error */
wolfSSL	4:1b0d80432c79	2395	static int AddToReassembly(byte from, word32 seq, const byte* sslFrame,
wolfSSL	4:1b0d80432c79	2396	int sslBytes, SnifferSession* session, char* error)
wolfSSL	4:1b0d80432c79	2397	{
wolfSSL	4:1b0d80432c79	2398	PacketBuffer* add;
wolfSSL	4:1b0d80432c79	2399	PacketBuffer** front = (from == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2400	&session->cliReassemblyList: &session->srvReassemblyList;
wolfSSL	4:1b0d80432c79	2401	PacketBuffer* curr = *front;
wolfSSL	4:1b0d80432c79	2402	PacketBuffer* prev = curr;
wolfSSL	4:1b0d80432c79	2403
wolfSSL	4:1b0d80432c79	2404	word32* reassemblyMemory = (from == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2405	&session->cliReassemblyMemory : &session->srvReassemblyMemory;
wolfSSL	4:1b0d80432c79	2406	word32 startSeq = seq;
wolfSSL	4:1b0d80432c79	2407	word32 added;
wolfSSL	4:1b0d80432c79	2408	int bytesLeft = sslBytes; /* could be overlapping fragment */
wolfSSL	4:1b0d80432c79	2409
wolfSSL	4:1b0d80432c79	2410	/* if list is empty add full frame to front */
wolfSSL	4:1b0d80432c79	2411	if (!curr) {
wolfSSL	4:1b0d80432c79	2412	if (MaxRecoveryMemory != -1 &&
wolfSSL	4:1b0d80432c79	2413	(int)(*reassemblyMemory + sslBytes) > MaxRecoveryMemory) {
wolfSSL	4:1b0d80432c79	2414	SetError(REASSEMBLY_MAX_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2415	return -1;
wolfSSL	4:1b0d80432c79	2416	}
wolfSSL	4:1b0d80432c79	2417	add = CreateBuffer(&seq, seq + sslBytes - 1, sslFrame, &bytesLeft);
wolfSSL	4:1b0d80432c79	2418	if (add == NULL) {
wolfSSL	4:1b0d80432c79	2419	SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2420	return -1;
wolfSSL	4:1b0d80432c79	2421	}
wolfSSL	4:1b0d80432c79	2422	*front = add;
wolfSSL	4:1b0d80432c79	2423	*reassemblyMemory += sslBytes;
wolfSSL	4:1b0d80432c79	2424	return 1;
wolfSSL	4:1b0d80432c79	2425	}
wolfSSL	4:1b0d80432c79	2426
wolfSSL	4:1b0d80432c79	2427	/* add to front if before current front, up to next->begin */
wolfSSL	4:1b0d80432c79	2428	if (seq < curr->begin) {
wolfSSL	4:1b0d80432c79	2429	word32 end = seq + sslBytes - 1;
wolfSSL	4:1b0d80432c79	2430
wolfSSL	4:1b0d80432c79	2431	if (end >= curr->begin)
wolfSSL	4:1b0d80432c79	2432	end = curr->begin - 1;
wolfSSL	4:1b0d80432c79	2433
wolfSSL	4:1b0d80432c79	2434	if (MaxRecoveryMemory -1 &&
wolfSSL	4:1b0d80432c79	2435	(int)(*reassemblyMemory + sslBytes) > MaxRecoveryMemory) {
wolfSSL	4:1b0d80432c79	2436	SetError(REASSEMBLY_MAX_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2437	return -1;
wolfSSL	4:1b0d80432c79	2438	}
wolfSSL	4:1b0d80432c79	2439	add = CreateBuffer(&seq, end, sslFrame, &bytesLeft);
wolfSSL	4:1b0d80432c79	2440	if (add == NULL) {
wolfSSL	4:1b0d80432c79	2441	SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2442	return -1;
wolfSSL	4:1b0d80432c79	2443	}
wolfSSL	4:1b0d80432c79	2444	add->next = curr;
wolfSSL	4:1b0d80432c79	2445	*front = add;
wolfSSL	4:1b0d80432c79	2446	*reassemblyMemory += sslBytes;
wolfSSL	4:1b0d80432c79	2447	}
wolfSSL	4:1b0d80432c79	2448
wolfSSL	4:1b0d80432c79	2449	/* while we have bytes left, try to find a gap to fill */
wolfSSL	4:1b0d80432c79	2450	while (bytesLeft > 0) {
wolfSSL	4:1b0d80432c79	2451	/* get previous packet in list */
wolfSSL	4:1b0d80432c79	2452	while (curr && (seq >= curr->begin)) {
wolfSSL	4:1b0d80432c79	2453	prev = curr;
wolfSSL	4:1b0d80432c79	2454	curr = curr->next;
wolfSSL	4:1b0d80432c79	2455	}
wolfSSL	4:1b0d80432c79	2456
wolfSSL	4:1b0d80432c79	2457	/* don't add duplicate data */
wolfSSL	4:1b0d80432c79	2458	if (prev->end >= seq) {
wolfSSL	4:1b0d80432c79	2459	if ( (seq + bytesLeft - 1) <= prev->end)
wolfSSL	4:1b0d80432c79	2460	return 1;
wolfSSL	4:1b0d80432c79	2461	seq = prev->end + 1;
wolfSSL	4:1b0d80432c79	2462	bytesLeft = startSeq + sslBytes - seq;
wolfSSL	4:1b0d80432c79	2463	}
wolfSSL	4:1b0d80432c79	2464
wolfSSL	4:1b0d80432c79	2465	if (!curr)
wolfSSL	4:1b0d80432c79	2466	/* we're at the end */
wolfSSL	4:1b0d80432c79	2467	added = bytesLeft;
wolfSSL	4:1b0d80432c79	2468	else
wolfSSL	4:1b0d80432c79	2469	/* we're in between two frames */
wolfSSL	4:1b0d80432c79	2470	added = min((word32)bytesLeft, curr->begin - seq);
wolfSSL	4:1b0d80432c79	2471
wolfSSL	4:1b0d80432c79	2472	/* data already there */
wolfSSL	4:1b0d80432c79	2473	if (added == 0)
wolfSSL	4:1b0d80432c79	2474	continue;
wolfSSL	4:1b0d80432c79	2475
wolfSSL	4:1b0d80432c79	2476	if (MaxRecoveryMemory != -1 &&
wolfSSL	4:1b0d80432c79	2477	(int)(*reassemblyMemory + added) > MaxRecoveryMemory) {
wolfSSL	4:1b0d80432c79	2478	SetError(REASSEMBLY_MAX_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2479	return -1;
wolfSSL	4:1b0d80432c79	2480	}
wolfSSL	4:1b0d80432c79	2481	add = CreateBuffer(&seq, seq + added - 1, &sslFrame[seq - startSeq],
wolfSSL	4:1b0d80432c79	2482	&bytesLeft);
wolfSSL	4:1b0d80432c79	2483	if (add == NULL) {
wolfSSL	4:1b0d80432c79	2484	SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2485	return -1;
wolfSSL	4:1b0d80432c79	2486	}
wolfSSL	4:1b0d80432c79	2487	add->next = prev->next;
wolfSSL	4:1b0d80432c79	2488	prev->next = add;
wolfSSL	4:1b0d80432c79	2489	*reassemblyMemory += added;
wolfSSL	4:1b0d80432c79	2490	}
wolfSSL	4:1b0d80432c79	2491	return 1;
wolfSSL	4:1b0d80432c79	2492	}
wolfSSL	4:1b0d80432c79	2493
wolfSSL	4:1b0d80432c79	2494
wolfSSL	4:1b0d80432c79	2495	/* Add out of order FIN capture */
wolfSSL	4:1b0d80432c79	2496	/* returns 1 for success (end) */
wolfSSL	4:1b0d80432c79	2497	static int AddFinCapture(SnifferSession* session, word32 sequence)
wolfSSL	4:1b0d80432c79	2498	{
wolfSSL	4:1b0d80432c79	2499	if (session->flags.side == WOLFSSL_SERVER_END) {
wolfSSL	4:1b0d80432c79	2500	if (session->finCaputre.cliCounted == 0)
wolfSSL	4:1b0d80432c79	2501	session->finCaputre.cliFinSeq = sequence;
wolfSSL	4:1b0d80432c79	2502	}
wolfSSL	4:1b0d80432c79	2503	else {
wolfSSL	4:1b0d80432c79	2504	if (session->finCaputre.srvCounted == 0)
wolfSSL	4:1b0d80432c79	2505	session->finCaputre.srvFinSeq = sequence;
wolfSSL	4:1b0d80432c79	2506	}
wolfSSL	4:1b0d80432c79	2507	return 1;
wolfSSL	4:1b0d80432c79	2508	}
wolfSSL	4:1b0d80432c79	2509
wolfSSL	4:1b0d80432c79	2510
wolfSSL	4:1b0d80432c79	2511	/* Adjust incoming sequence based on side */
wolfSSL	4:1b0d80432c79	2512	/* returns 0 on success (continue), -1 on error, 1 on success (end) */
wolfSSL	4:1b0d80432c79	2513	static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session,
wolfSSL	4:1b0d80432c79	2514	int* sslBytes, const byte** sslFrame, char* error)
wolfSSL	4:1b0d80432c79	2515	{
wolfSSL	4:1b0d80432c79	2516	word32 seqStart = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2517	session->cliSeqStart :session->srvSeqStart;
wolfSSL	4:1b0d80432c79	2518	word32 real = tcpInfo->sequence - seqStart;
wolfSSL	4:1b0d80432c79	2519	word32* expected = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2520	&session->cliExpected : &session->srvExpected;
wolfSSL	4:1b0d80432c79	2521	PacketBuffer* reassemblyList = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2522	session->cliReassemblyList : session->srvReassemblyList;
wolfSSL	4:1b0d80432c79	2523	byte skipPartial = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2524	session->flags.srvSkipPartial :
wolfSSL	4:1b0d80432c79	2525	session->flags.cliSkipPartial;
wolfSSL	4:1b0d80432c79	2526
wolfSSL	4:1b0d80432c79	2527	/* handle rollover of sequence */
wolfSSL	4:1b0d80432c79	2528	if (tcpInfo->sequence < seqStart)
wolfSSL	4:1b0d80432c79	2529	real = 0xffffffffU - seqStart + tcpInfo->sequence;
wolfSSL	4:1b0d80432c79	2530
wolfSSL	4:1b0d80432c79	2531	TraceRelativeSequence(*expected, real);
wolfSSL	4:1b0d80432c79	2532
wolfSSL	4:1b0d80432c79	2533	if (real < *expected) {
wolfSSL	4:1b0d80432c79	2534	Trace(DUPLICATE_STR);
wolfSSL	4:1b0d80432c79	2535	if (real + sslBytes > expected) {
wolfSSL	4:1b0d80432c79	2536	int overlap = *expected - real;
wolfSSL	4:1b0d80432c79	2537	Trace(OVERLAP_DUPLICATE_STR);
wolfSSL	4:1b0d80432c79	2538
wolfSSL	4:1b0d80432c79	2539	/* adjust to expected, remove duplicate */
wolfSSL	4:1b0d80432c79	2540	*sslFrame += overlap;
wolfSSL	4:1b0d80432c79	2541	*sslBytes -= overlap;
wolfSSL	4:1b0d80432c79	2542
wolfSSL	4:1b0d80432c79	2543	/* The following conditional block is duplicated below. It is the
wolfSSL	4:1b0d80432c79	2544	* same action but for a different setup case. If changing this
wolfSSL	4:1b0d80432c79	2545	* block be sure to also update the block below. */
wolfSSL	4:1b0d80432c79	2546	if (reassemblyList) {
wolfSSL	4:1b0d80432c79	2547	word32 newEnd = expected + sslBytes;
wolfSSL	4:1b0d80432c79	2548
wolfSSL	4:1b0d80432c79	2549	if (newEnd > reassemblyList->begin) {
wolfSSL	4:1b0d80432c79	2550	Trace(OVERLAP_REASSEMBLY_BEGIN_STR);
wolfSSL	4:1b0d80432c79	2551
wolfSSL	4:1b0d80432c79	2552	/* remove bytes already on reassembly list */
wolfSSL	4:1b0d80432c79	2553	*sslBytes -= newEnd - reassemblyList->begin;
wolfSSL	4:1b0d80432c79	2554	}
wolfSSL	4:1b0d80432c79	2555	if (newEnd > reassemblyList->end) {
wolfSSL	4:1b0d80432c79	2556	Trace(OVERLAP_REASSEMBLY_END_STR);
wolfSSL	4:1b0d80432c79	2557
wolfSSL	4:1b0d80432c79	2558	/* may be past reassembly list end (could have more on list)
wolfSSL	4:1b0d80432c79	2559	so try to add what's past the front->end */
wolfSSL	4:1b0d80432c79	2560	AddToReassembly(session->flags.side, reassemblyList->end +1,
wolfSSL	4:1b0d80432c79	2561	sslFrame + reassemblyList->end - expected + 1,
wolfSSL	4:1b0d80432c79	2562	newEnd - reassemblyList->end, session, error);
wolfSSL	4:1b0d80432c79	2563	}
wolfSSL	4:1b0d80432c79	2564	}
wolfSSL	4:1b0d80432c79	2565	}
wolfSSL	4:1b0d80432c79	2566	else
wolfSSL	4:1b0d80432c79	2567	return 1;
wolfSSL	4:1b0d80432c79	2568	}
wolfSSL	4:1b0d80432c79	2569	else if (real > *expected) {
wolfSSL	4:1b0d80432c79	2570	Trace(OUT_OF_ORDER_STR);
wolfSSL	4:1b0d80432c79	2571	if (*sslBytes > 0) {
wolfSSL	4:1b0d80432c79	2572	int addResult = AddToReassembly(session->flags.side, real,
wolfSSL	4:1b0d80432c79	2573	sslFrame, sslBytes, session, error);
wolfSSL	4:1b0d80432c79	2574	if (skipPartial) {
wolfSSL	4:1b0d80432c79	2575	*sslBytes = 0;
wolfSSL	4:1b0d80432c79	2576	return 0;
wolfSSL	4:1b0d80432c79	2577	}
wolfSSL	4:1b0d80432c79	2578	else
wolfSSL	4:1b0d80432c79	2579	return addResult;
wolfSSL	4:1b0d80432c79	2580	}
wolfSSL	4:1b0d80432c79	2581	else if (tcpInfo->fin)
wolfSSL	4:1b0d80432c79	2582	return AddFinCapture(session, real);
wolfSSL	4:1b0d80432c79	2583	}
wolfSSL	4:1b0d80432c79	2584	else if (*sslBytes > 0) {
wolfSSL	4:1b0d80432c79	2585	if (skipPartial) {
wolfSSL	4:1b0d80432c79	2586	AddToReassembly(session->flags.side, real,
wolfSSL	4:1b0d80432c79	2587	sslFrame, sslBytes, session, error);
wolfSSL	4:1b0d80432c79	2588	expected += sslBytes;
wolfSSL	4:1b0d80432c79	2589	*sslBytes = 0;
wolfSSL	4:1b0d80432c79	2590	if (tcpInfo->fin)
wolfSSL	4:1b0d80432c79	2591	*expected += 1;
wolfSSL	4:1b0d80432c79	2592	return 0;
wolfSSL	4:1b0d80432c79	2593	}
wolfSSL	4:1b0d80432c79	2594	/* The following conditional block is duplicated above. It is the
wolfSSL	4:1b0d80432c79	2595	* same action but for a different setup case. If changing this
wolfSSL	4:1b0d80432c79	2596	* block be sure to also update the block above. */
wolfSSL	4:1b0d80432c79	2597	else if (reassemblyList) {
wolfSSL	4:1b0d80432c79	2598	word32 newEnd = expected + sslBytes;
wolfSSL	4:1b0d80432c79	2599
wolfSSL	4:1b0d80432c79	2600	if (newEnd > reassemblyList->begin) {
wolfSSL	4:1b0d80432c79	2601	Trace(OVERLAP_REASSEMBLY_BEGIN_STR);
wolfSSL	4:1b0d80432c79	2602
wolfSSL	4:1b0d80432c79	2603	/* remove bytes already on reassembly list */
wolfSSL	4:1b0d80432c79	2604	*sslBytes -= newEnd - reassemblyList->begin;
wolfSSL	4:1b0d80432c79	2605	}
wolfSSL	4:1b0d80432c79	2606	if (newEnd > reassemblyList->end) {
wolfSSL	4:1b0d80432c79	2607	Trace(OVERLAP_REASSEMBLY_END_STR);
wolfSSL	4:1b0d80432c79	2608
wolfSSL	4:1b0d80432c79	2609	/* may be past reassembly list end (could have more on list)
wolfSSL	4:1b0d80432c79	2610	so try to add what's past the front->end */
wolfSSL	4:1b0d80432c79	2611	AddToReassembly(session->flags.side, reassemblyList->end +1,
wolfSSL	4:1b0d80432c79	2612	sslFrame + reassemblyList->end - expected + 1,
wolfSSL	4:1b0d80432c79	2613	newEnd - reassemblyList->end, session, error);
wolfSSL	4:1b0d80432c79	2614	}
wolfSSL	4:1b0d80432c79	2615	}
wolfSSL	4:1b0d80432c79	2616	}
wolfSSL	4:1b0d80432c79	2617	/* got expected sequence */
wolfSSL	4:1b0d80432c79	2618	expected += sslBytes;
wolfSSL	4:1b0d80432c79	2619	if (tcpInfo->fin)
wolfSSL	4:1b0d80432c79	2620	*expected += 1;
wolfSSL	4:1b0d80432c79	2621
wolfSSL	4:1b0d80432c79	2622	return 0;
wolfSSL	4:1b0d80432c79	2623	}
wolfSSL	4:1b0d80432c79	2624
wolfSSL	4:1b0d80432c79	2625
wolfSSL	4:1b0d80432c79	2626	static int FindNextRecordInAssembly(SnifferSession* session,
wolfSSL	4:1b0d80432c79	2627	const byte** sslFrame, int* sslBytes,
wolfSSL	4:1b0d80432c79	2628	const byte** end, char* error)
wolfSSL	4:1b0d80432c79	2629	{
wolfSSL	4:1b0d80432c79	2630	PacketBuffer** front = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2631	&session->cliReassemblyList :
wolfSSL	4:1b0d80432c79	2632	&session->srvReassemblyList;
wolfSSL	4:1b0d80432c79	2633	PacketBuffer* curr = *front;
wolfSSL	4:1b0d80432c79	2634	PacketBuffer* prev = NULL;
wolfSSL	4:1b0d80432c79	2635	byte* skipPartial = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2636	&session->flags.srvSkipPartial :
wolfSSL	4:1b0d80432c79	2637	&session->flags.cliSkipPartial;
wolfSSL	4:1b0d80432c79	2638	word32* reassemblyMemory = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2639	&session->cliReassemblyMemory :
wolfSSL	4:1b0d80432c79	2640	&session->srvReassemblyMemory;
wolfSSL	4:1b0d80432c79	2641	SSL* ssl = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2642	session->sslServer :
wolfSSL	4:1b0d80432c79	2643	session->sslClient;
wolfSSL	4:1b0d80432c79	2644	ProtocolVersion pv = ssl->version;
wolfSSL	4:1b0d80432c79	2645	word32* expected = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2646	&session->cliExpected :
wolfSSL	4:1b0d80432c79	2647	&session->srvExpected;
wolfSSL	4:1b0d80432c79	2648
wolfSSL	4:1b0d80432c79	2649	while (curr != NULL) {
wolfSSL	4:1b0d80432c79	2650	*expected = curr->end + 1;
wolfSSL	4:1b0d80432c79	2651
wolfSSL	4:1b0d80432c79	2652	if (curr->data[0] == application_data &&
wolfSSL	4:1b0d80432c79	2653	curr->data[1] == pv.major &&
wolfSSL	4:1b0d80432c79	2654	curr->data[2] == pv.minor) {
wolfSSL	4:1b0d80432c79	2655
wolfSSL	4:1b0d80432c79	2656	if (ssl->buffers.inputBuffer.length > 0)
wolfSSL	4:1b0d80432c79	2657	Trace(DROPPING_PARTIAL_RECORD);
wolfSSL	4:1b0d80432c79	2658
wolfSSL	4:1b0d80432c79	2659	*sslBytes = curr->end - curr->begin + 1;
wolfSSL	4:1b0d80432c79	2660	if ( (word32)*sslBytes > ssl->buffers.inputBuffer.bufferSize) {
wolfSSL	4:1b0d80432c79	2661	if (GrowInputBuffer(ssl, *sslBytes, 0) < 0) {
wolfSSL	4:1b0d80432c79	2662	SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2663	return -1;
wolfSSL	4:1b0d80432c79	2664	}
wolfSSL	4:1b0d80432c79	2665	}
wolfSSL	4:1b0d80432c79	2666
wolfSSL	4:1b0d80432c79	2667	XMEMCPY(ssl->buffers.inputBuffer.buffer, curr->data, *sslBytes);
wolfSSL	4:1b0d80432c79	2668
wolfSSL	4:1b0d80432c79	2669	*front = curr->next;
wolfSSL	4:1b0d80432c79	2670	reassemblyMemory -= sslBytes;
wolfSSL	4:1b0d80432c79	2671	FreePacketBuffer(curr);
wolfSSL	4:1b0d80432c79	2672
wolfSSL	4:1b0d80432c79	2673	ssl->buffers.inputBuffer.length = *sslBytes;
wolfSSL	4:1b0d80432c79	2674	*sslFrame = ssl->buffers.inputBuffer.buffer;
wolfSSL	4:1b0d80432c79	2675	end = sslFrame + *sslBytes;
wolfSSL	4:1b0d80432c79	2676	*skipPartial = 0;
wolfSSL	4:1b0d80432c79	2677
wolfSSL	4:1b0d80432c79	2678	return 0;
wolfSSL	4:1b0d80432c79	2679	}
wolfSSL	4:1b0d80432c79	2680	else if (ssl->specs.cipher_type == block) {
wolfSSL	4:1b0d80432c79	2681	if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes)
wolfSSL	4:1b0d80432c79	2682	wc_AesSetIV(ssl->decrypt.aes,
wolfSSL	4:1b0d80432c79	2683	curr->data + curr->end - curr->begin
wolfSSL	4:1b0d80432c79	2684	- ssl->specs.block_size + 1);
wolfSSL	4:1b0d80432c79	2685	else if (ssl->specs.bulk_cipher_algorithm == wolfssl_triple_des)
wolfSSL	4:1b0d80432c79	2686	wc_Des3_SetIV(ssl->decrypt.des3,
wolfSSL	4:1b0d80432c79	2687	curr->data + curr->end - curr->begin
wolfSSL	4:1b0d80432c79	2688	- ssl->specs.block_size + 1);
wolfSSL	4:1b0d80432c79	2689	}
wolfSSL	4:1b0d80432c79	2690
wolfSSL	4:1b0d80432c79	2691	Trace(DROPPING_LOST_FRAG_STR);
wolfSSL	4:1b0d80432c79	2692	prev = curr;
wolfSSL	4:1b0d80432c79	2693	curr = curr->next;
wolfSSL	4:1b0d80432c79	2694	*reassemblyMemory -= (prev->end - prev->begin + 1);
wolfSSL	4:1b0d80432c79	2695	FreePacketBuffer(prev);
wolfSSL	4:1b0d80432c79	2696	}
wolfSSL	4:1b0d80432c79	2697
wolfSSL	4:1b0d80432c79	2698	*front = curr;
wolfSSL	4:1b0d80432c79	2699
wolfSSL	4:1b0d80432c79	2700	return 0;
wolfSSL	4:1b0d80432c79	2701	}
wolfSSL	4:1b0d80432c79	2702
wolfSSL	4:1b0d80432c79	2703
wolfSSL	4:1b0d80432c79	2704	static int FixSequence(TcpInfo* tcpInfo, SnifferSession* session)
wolfSSL	4:1b0d80432c79	2705	{
wolfSSL	4:1b0d80432c79	2706	word32* expected = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2707	&session->srvExpected : &session->cliExpected;
wolfSSL	4:1b0d80432c79	2708	PacketBuffer* list = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2709	session->srvReassemblyList :
wolfSSL	4:1b0d80432c79	2710	session->cliReassemblyList;
wolfSSL	4:1b0d80432c79	2711	byte* skipPartial = (session->flags.side != WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2712	&session->flags.srvSkipPartial :
wolfSSL	4:1b0d80432c79	2713	&session->flags.cliSkipPartial;
wolfSSL	4:1b0d80432c79	2714
wolfSSL	4:1b0d80432c79	2715	*skipPartial = 1;
wolfSSL	4:1b0d80432c79	2716	if (list != NULL)
wolfSSL	4:1b0d80432c79	2717	*expected = list->begin;
wolfSSL	4:1b0d80432c79	2718	else {
wolfSSL	4:1b0d80432c79	2719	word32 seqStart = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2720	session->srvSeqStart : session->cliSeqStart;
wolfSSL	4:1b0d80432c79	2721	word32 real = tcpInfo->ackNumber - seqStart;
wolfSSL	4:1b0d80432c79	2722
wolfSSL	4:1b0d80432c79	2723	*expected = real;
wolfSSL	4:1b0d80432c79	2724	}
wolfSSL	4:1b0d80432c79	2725
wolfSSL	4:1b0d80432c79	2726	return 1;
wolfSSL	4:1b0d80432c79	2727	}
wolfSSL	4:1b0d80432c79	2728
wolfSSL	4:1b0d80432c79	2729
wolfSSL	4:1b0d80432c79	2730	/* Check latest ack number for missing packets
wolfSSL	4:1b0d80432c79	2731	return 0 ok, <0 on error */
wolfSSL	4:1b0d80432c79	2732	static int CheckAck(TcpInfo* tcpInfo, SnifferSession* session)
wolfSSL	4:1b0d80432c79	2733	{
wolfSSL	4:1b0d80432c79	2734	if (tcpInfo->ack) {
wolfSSL	4:1b0d80432c79	2735	word32 seqStart = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2736	session->srvSeqStart :session->cliSeqStart;
wolfSSL	4:1b0d80432c79	2737	word32 real = tcpInfo->ackNumber - seqStart;
wolfSSL	4:1b0d80432c79	2738	word32 expected = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2739	session->srvExpected : session->cliExpected;
wolfSSL	4:1b0d80432c79	2740
wolfSSL	4:1b0d80432c79	2741	/* handle rollover of sequence */
wolfSSL	4:1b0d80432c79	2742	if (tcpInfo->ackNumber < seqStart)
wolfSSL	4:1b0d80432c79	2743	real = 0xffffffffU - seqStart + tcpInfo->ackNumber;
wolfSSL	4:1b0d80432c79	2744
wolfSSL	4:1b0d80432c79	2745	TraceAck(real, expected);
wolfSSL	4:1b0d80432c79	2746
wolfSSL	4:1b0d80432c79	2747	if (real > expected)
wolfSSL	4:1b0d80432c79	2748	return -1; /* we missed a packet, ACKing data we never saw */
wolfSSL	4:1b0d80432c79	2749	}
wolfSSL	4:1b0d80432c79	2750	return 0;
wolfSSL	4:1b0d80432c79	2751	}
wolfSSL	4:1b0d80432c79	2752
wolfSSL	4:1b0d80432c79	2753
wolfSSL	4:1b0d80432c79	2754	/* Check TCP Sequence status */
wolfSSL	4:1b0d80432c79	2755	/* returns 0 on success (continue), -1 on error, 1 on success (end) */
wolfSSL	4:1b0d80432c79	2756	static int CheckSequence(IpInfo* ipInfo, TcpInfo* tcpInfo,
wolfSSL	4:1b0d80432c79	2757	SnifferSession* session, int* sslBytes,
wolfSSL	4:1b0d80432c79	2758	const byte** sslFrame, char* error)
wolfSSL	4:1b0d80432c79	2759	{
wolfSSL	4:1b0d80432c79	2760	int actualLen;
wolfSSL	4:1b0d80432c79	2761	byte* ackFault = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2762	&session->flags.cliAckFault :
wolfSSL	4:1b0d80432c79	2763	&session->flags.srvAckFault;
wolfSSL	4:1b0d80432c79	2764
wolfSSL	4:1b0d80432c79	2765	/* init SEQ from server to client */
wolfSSL	4:1b0d80432c79	2766	if (tcpInfo->syn && tcpInfo->ack) {
wolfSSL	4:1b0d80432c79	2767	session->srvSeqStart = tcpInfo->sequence;
wolfSSL	4:1b0d80432c79	2768	session->srvExpected = 1;
wolfSSL	4:1b0d80432c79	2769	TraceServerSyn(tcpInfo->sequence);
wolfSSL	4:1b0d80432c79	2770	return 1;
wolfSSL	4:1b0d80432c79	2771	}
wolfSSL	4:1b0d80432c79	2772
wolfSSL	4:1b0d80432c79	2773	/* adjust potential ethernet trailer */
wolfSSL	4:1b0d80432c79	2774	actualLen = ipInfo->total - ipInfo->length - tcpInfo->length;
wolfSSL	4:1b0d80432c79	2775	if (*sslBytes > actualLen) {
wolfSSL	4:1b0d80432c79	2776	*sslBytes = actualLen;
wolfSSL	4:1b0d80432c79	2777	}
wolfSSL	4:1b0d80432c79	2778
wolfSSL	4:1b0d80432c79	2779	TraceSequence(tcpInfo->sequence, *sslBytes);
wolfSSL	4:1b0d80432c79	2780	if (CheckAck(tcpInfo, session) < 0) {
wolfSSL	4:1b0d80432c79	2781	if (!RecoveryEnabled) {
wolfSSL	4:1b0d80432c79	2782	UpdateMissedDataSessions();
wolfSSL	4:1b0d80432c79	2783	SetError(ACK_MISSED_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2784	return -1;
wolfSSL	4:1b0d80432c79	2785	}
wolfSSL	4:1b0d80432c79	2786	else {
wolfSSL	4:1b0d80432c79	2787	SetError(ACK_MISSED_STR, error, session, 0);
wolfSSL	4:1b0d80432c79	2788	if (*ackFault == 0) {
wolfSSL	4:1b0d80432c79	2789	*ackFault = 1;
wolfSSL	4:1b0d80432c79	2790	UpdateMissedDataSessions();
wolfSSL	4:1b0d80432c79	2791	}
wolfSSL	4:1b0d80432c79	2792	return FixSequence(tcpInfo, session);
wolfSSL	4:1b0d80432c79	2793	}
wolfSSL	4:1b0d80432c79	2794	}
wolfSSL	4:1b0d80432c79	2795
wolfSSL	4:1b0d80432c79	2796	if (*ackFault) {
wolfSSL	4:1b0d80432c79	2797	Trace(CLEAR_ACK_FAULT);
wolfSSL	4:1b0d80432c79	2798	*ackFault = 0;
wolfSSL	4:1b0d80432c79	2799	}
wolfSSL	4:1b0d80432c79	2800
wolfSSL	4:1b0d80432c79	2801	return AdjustSequence(tcpInfo, session, sslBytes, sslFrame, error);
wolfSSL	4:1b0d80432c79	2802	}
wolfSSL	4:1b0d80432c79	2803
wolfSSL	4:1b0d80432c79	2804
wolfSSL	4:1b0d80432c79	2805	/* Check Status before record processing */
wolfSSL	4:1b0d80432c79	2806	/* returns 0 on success (continue), -1 on error, 1 on success (end) */
wolfSSL	4:1b0d80432c79	2807	static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
wolfSSL	4:1b0d80432c79	2808	const byte sslFrame, SnifferSession session,
wolfSSL	4:1b0d80432c79	2809	int* sslBytes, const byte** end, char* error)
wolfSSL	4:1b0d80432c79	2810	{
wolfSSL	4:1b0d80432c79	2811	word32 length;
wolfSSL	4:1b0d80432c79	2812	SSL* ssl = ((*session)->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2813	(session)->sslServer : (session)->sslClient;
wolfSSL	4:1b0d80432c79	2814	byte skipPartial = ((*session)->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2815	(*session)->flags.srvSkipPartial :
wolfSSL	4:1b0d80432c79	2816	(*session)->flags.cliSkipPartial;
wolfSSL	4:1b0d80432c79	2817	/* remove SnifferSession on 2nd FIN or RST */
wolfSSL	4:1b0d80432c79	2818	if (tcpInfo->fin \|\| tcpInfo->rst) {
wolfSSL	4:1b0d80432c79	2819	/* flag FIN and RST */
wolfSSL	4:1b0d80432c79	2820	if (tcpInfo->fin)
wolfSSL	4:1b0d80432c79	2821	(*session)->flags.finCount += 1;
wolfSSL	4:1b0d80432c79	2822	else if (tcpInfo->rst)
wolfSSL	4:1b0d80432c79	2823	(*session)->flags.finCount += 2;
wolfSSL	4:1b0d80432c79	2824
wolfSSL	4:1b0d80432c79	2825	if ((*session)->flags.finCount >= 2) {
wolfSSL	4:1b0d80432c79	2826	RemoveSession(*session, ipInfo, tcpInfo, 0);
wolfSSL	4:1b0d80432c79	2827	*session = NULL;
wolfSSL	4:1b0d80432c79	2828	return 1;
wolfSSL	4:1b0d80432c79	2829	}
wolfSSL	4:1b0d80432c79	2830	}
wolfSSL	4:1b0d80432c79	2831
wolfSSL	4:1b0d80432c79	2832	if ((*session)->flags.fatalError == FATAL_ERROR_STATE) {
wolfSSL	4:1b0d80432c79	2833	SetError(FATAL_ERROR_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	2834	return -1;
wolfSSL	4:1b0d80432c79	2835	}
wolfSSL	4:1b0d80432c79	2836
wolfSSL	4:1b0d80432c79	2837	if (skipPartial) {
wolfSSL	4:1b0d80432c79	2838	if (FindNextRecordInAssembly(*session,
wolfSSL	4:1b0d80432c79	2839	sslFrame, sslBytes, end, error) < 0) {
wolfSSL	4:1b0d80432c79	2840	return -1;
wolfSSL	4:1b0d80432c79	2841	}
wolfSSL	4:1b0d80432c79	2842	}
wolfSSL	4:1b0d80432c79	2843
wolfSSL	4:1b0d80432c79	2844	if (*sslBytes == 0) {
wolfSSL	4:1b0d80432c79	2845	Trace(NO_DATA_STR);
wolfSSL	4:1b0d80432c79	2846	return 1;
wolfSSL	4:1b0d80432c79	2847	}
wolfSSL	4:1b0d80432c79	2848
wolfSSL	4:1b0d80432c79	2849	/* if current partial data, add to end of partial */
wolfSSL	4:1b0d80432c79	2850	/* if skipping, the data is already at the end of partial */
wolfSSL	4:1b0d80432c79	2851	if ( !skipPartial &&
wolfSSL	4:1b0d80432c79	2852	(length = ssl->buffers.inputBuffer.length) ) {
wolfSSL	4:1b0d80432c79	2853	Trace(PARTIAL_ADD_STR);
wolfSSL	4:1b0d80432c79	2854
wolfSSL	4:1b0d80432c79	2855	if ( (*sslBytes + length) > ssl->buffers.inputBuffer.bufferSize) {
wolfSSL	4:1b0d80432c79	2856	if (GrowInputBuffer(ssl, *sslBytes, length) < 0) {
wolfSSL	4:1b0d80432c79	2857	SetError(MEMORY_STR, error, *session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2858	return -1;
wolfSSL	4:1b0d80432c79	2859	}
wolfSSL	4:1b0d80432c79	2860	}
wolfSSL	4:1b0d80432c79	2861	XMEMCPY(&ssl->buffers.inputBuffer.buffer[length], sslFrame, sslBytes);
wolfSSL	4:1b0d80432c79	2862	*sslBytes += length;
wolfSSL	4:1b0d80432c79	2863	ssl->buffers.inputBuffer.length = *sslBytes;
wolfSSL	4:1b0d80432c79	2864	*sslFrame = ssl->buffers.inputBuffer.buffer;
wolfSSL	4:1b0d80432c79	2865	end = sslFrame + *sslBytes;
wolfSSL	4:1b0d80432c79	2866	}
wolfSSL	4:1b0d80432c79	2867
wolfSSL	4:1b0d80432c79	2868	if ((session)->flags.clientHello == 0 && *sslFrame != handshake) {
wolfSSL	4:1b0d80432c79	2869	/* Sanity check the packet for an old style client hello. */
wolfSSL	4:1b0d80432c79	2870	int rhSize = (((sslFrame)[0] & 0x7f) << 8) \| ((sslFrame)[1]);
wolfSSL	4:1b0d80432c79	2871
wolfSSL	4:1b0d80432c79	2872	if ((rhSize <= (*sslBytes - 2)) &&
wolfSSL	4:1b0d80432c79	2873	(sslFrame)[2] == OLD_HELLO_ID && (sslFrame)[3] == SSLv3_MAJOR) {
wolfSSL	4:1b0d80432c79	2874	#ifdef OLD_HELLO_ALLOWED
wolfSSL	4:1b0d80432c79	2875	int ret = DoOldHello(session, sslFrame, &rhSize, sslBytes, error);
wolfSSL	4:1b0d80432c79	2876	if (ret < 0)
wolfSSL	4:1b0d80432c79	2877	return -1; /* error already set */
wolfSSL	4:1b0d80432c79	2878	if (*sslBytes <= 0)
wolfSSL	4:1b0d80432c79	2879	return 1;
wolfSSL	4:1b0d80432c79	2880	#endif
wolfSSL	4:1b0d80432c79	2881	}
wolfSSL	4:1b0d80432c79	2882	else {
wolfSSL	4:1b0d80432c79	2883	#ifdef STARTTLS_ALLOWED
wolfSSL	4:1b0d80432c79	2884	return 1;
wolfSSL	4:1b0d80432c79	2885	#endif
wolfSSL	4:1b0d80432c79	2886	}
wolfSSL	4:1b0d80432c79	2887	}
wolfSSL	4:1b0d80432c79	2888
wolfSSL	4:1b0d80432c79	2889	return 0;
wolfSSL	4:1b0d80432c79	2890	}
wolfSSL	4:1b0d80432c79	2891
wolfSSL	4:1b0d80432c79	2892
wolfSSL	4:1b0d80432c79	2893	/* See if input on the reassembly list is ready for consuming */
wolfSSL	4:1b0d80432c79	2894	/* returns 1 for TRUE, 0 for FALSE */
wolfSSL	4:1b0d80432c79	2895	static int HaveMoreInput(SnifferSession* session, const byte** sslFrame,
wolfSSL	4:1b0d80432c79	2896	int* sslBytes, const byte** end, char* error)
wolfSSL	4:1b0d80432c79	2897	{
wolfSSL	4:1b0d80432c79	2898	/* sequence and reassembly based on from, not to */
wolfSSL	4:1b0d80432c79	2899	int moreInput = 0;
wolfSSL	4:1b0d80432c79	2900	PacketBuffer** front = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2901	&session->cliReassemblyList : &session->srvReassemblyList;
wolfSSL	4:1b0d80432c79	2902	word32* expected = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2903	&session->cliExpected : &session->srvExpected;
wolfSSL	4:1b0d80432c79	2904	/* buffer is on receiving end */
wolfSSL	4:1b0d80432c79	2905	word32* length = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2906	&session->sslServer->buffers.inputBuffer.length :
wolfSSL	4:1b0d80432c79	2907	&session->sslClient->buffers.inputBuffer.length;
wolfSSL	4:1b0d80432c79	2908	byte** myBuffer = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2909	&session->sslServer->buffers.inputBuffer.buffer :
wolfSSL	4:1b0d80432c79	2910	&session->sslClient->buffers.inputBuffer.buffer;
wolfSSL	4:1b0d80432c79	2911	word32* bufferSize = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2912	&session->sslServer->buffers.inputBuffer.bufferSize :
wolfSSL	4:1b0d80432c79	2913	&session->sslClient->buffers.inputBuffer.bufferSize;
wolfSSL	4:1b0d80432c79	2914	SSL* ssl = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2915	session->sslServer : session->sslClient;
wolfSSL	4:1b0d80432c79	2916	word32* reassemblyMemory = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2917	&session->cliReassemblyMemory : &session->srvReassemblyMemory;
wolfSSL	4:1b0d80432c79	2918
wolfSSL	4:1b0d80432c79	2919	while (front && ((front)->begin == *expected) ) {
wolfSSL	4:1b0d80432c79	2920	word32 room = bufferSize - length;
wolfSSL	4:1b0d80432c79	2921	word32 packetLen = (front)->end - (front)->begin + 1;
wolfSSL	4:1b0d80432c79	2922
wolfSSL	4:1b0d80432c79	2923	if (packetLen > room && *bufferSize < MAX_INPUT_SZ) {
wolfSSL	4:1b0d80432c79	2924	if (GrowInputBuffer(ssl, packetLen, *length) < 0) {
wolfSSL	4:1b0d80432c79	2925	SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2926	return 0;
wolfSSL	4:1b0d80432c79	2927	}
wolfSSL	4:1b0d80432c79	2928	room = bufferSize - length; /* bufferSize is now bigger */
wolfSSL	4:1b0d80432c79	2929	}
wolfSSL	4:1b0d80432c79	2930
wolfSSL	4:1b0d80432c79	2931	if (packetLen <= room) {
wolfSSL	4:1b0d80432c79	2932	PacketBuffer* del = *front;
wolfSSL	4:1b0d80432c79	2933	byte* buf = *myBuffer;
wolfSSL	4:1b0d80432c79	2934
wolfSSL	4:1b0d80432c79	2935	XMEMCPY(&buf[length], (front)->data, packetLen);
wolfSSL	4:1b0d80432c79	2936	*length += packetLen;
wolfSSL	4:1b0d80432c79	2937	*expected += packetLen;
wolfSSL	4:1b0d80432c79	2938
wolfSSL	4:1b0d80432c79	2939	/* remove used packet */
wolfSSL	4:1b0d80432c79	2940	front = (front)->next;
wolfSSL	4:1b0d80432c79	2941
wolfSSL	4:1b0d80432c79	2942	*reassemblyMemory -= packetLen;
wolfSSL	4:1b0d80432c79	2943	FreePacketBuffer(del);
wolfSSL	4:1b0d80432c79	2944
wolfSSL	4:1b0d80432c79	2945	moreInput = 1;
wolfSSL	4:1b0d80432c79	2946	}
wolfSSL	4:1b0d80432c79	2947	else
wolfSSL	4:1b0d80432c79	2948	break;
wolfSSL	4:1b0d80432c79	2949	}
wolfSSL	4:1b0d80432c79	2950	if (moreInput) {
wolfSSL	4:1b0d80432c79	2951	sslFrame = myBuffer;
wolfSSL	4:1b0d80432c79	2952	sslBytes = length;
wolfSSL	4:1b0d80432c79	2953	end = myBuffer + *length;
wolfSSL	4:1b0d80432c79	2954	}
wolfSSL	4:1b0d80432c79	2955	return moreInput;
wolfSSL	4:1b0d80432c79	2956	}
wolfSSL	4:1b0d80432c79	2957
wolfSSL	4:1b0d80432c79	2958
wolfSSL	4:1b0d80432c79	2959
wolfSSL	4:1b0d80432c79	2960	/* Process Message(s) from sslFrame */
wolfSSL	4:1b0d80432c79	2961	/* return Number of bytes on success, 0 for no data yet, and -1 on error */
wolfSSL	4:1b0d80432c79	2962	static int ProcessMessage(const byte* sslFrame, SnifferSession* session,
wolfSSL	4:1b0d80432c79	2963	int sslBytes, byte** data, const byte* end,
wolfSSL	4:1b0d80432c79	2964	char* error)
wolfSSL	4:1b0d80432c79	2965	{
wolfSSL	4:1b0d80432c79	2966	const byte* sslBegin = sslFrame;
wolfSSL	4:1b0d80432c79	2967	const byte* recordEnd; /* end of record indicator */
wolfSSL	4:1b0d80432c79	2968	const byte* inRecordEnd; /* indicator from input stream not decrypt */
wolfSSL	4:1b0d80432c79	2969	RecordLayerHeader rh;
wolfSSL	4:1b0d80432c79	2970	int rhSize = 0;
wolfSSL	4:1b0d80432c79	2971	int ret;
wolfSSL	4:1b0d80432c79	2972	int errCode = 0;
wolfSSL	4:1b0d80432c79	2973	int decoded = 0; /* bytes stored for user in data */
wolfSSL	4:1b0d80432c79	2974	int notEnough; /* notEnough bytes yet flag */
wolfSSL	4:1b0d80432c79	2975	int decrypted = 0; /* was current msg decrypted */
wolfSSL	4:1b0d80432c79	2976	SSL* ssl = (session->flags.side == WOLFSSL_SERVER_END) ?
wolfSSL	4:1b0d80432c79	2977	session->sslServer : session->sslClient;
wolfSSL	4:1b0d80432c79	2978	doMessage:
wolfSSL	4:1b0d80432c79	2979	notEnough = 0;
wolfSSL	4:1b0d80432c79	2980	if (sslBytes < 0) {
wolfSSL	4:1b0d80432c79	2981	SetError(PACKET_HDR_SHORT_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2982	return -1;
wolfSSL	4:1b0d80432c79	2983	}
wolfSSL	4:1b0d80432c79	2984	if (sslBytes >= RECORD_HEADER_SZ) {
wolfSSL	4:1b0d80432c79	2985	if (GetRecordHeader(sslFrame, &rh, &rhSize) != 0) {
wolfSSL	4:1b0d80432c79	2986	SetError(BAD_RECORD_HDR_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	2987	return -1;
wolfSSL	4:1b0d80432c79	2988	}
wolfSSL	4:1b0d80432c79	2989	}
wolfSSL	4:1b0d80432c79	2990	else
wolfSSL	4:1b0d80432c79	2991	notEnough = 1;
wolfSSL	4:1b0d80432c79	2992
wolfSSL	4:1b0d80432c79	2993	if (notEnough \|\| rhSize > (sslBytes - RECORD_HEADER_SZ)) {
wolfSSL	4:1b0d80432c79	2994	/* don't have enough input yet to process full SSL record */
wolfSSL	4:1b0d80432c79	2995	Trace(PARTIAL_INPUT_STR);
wolfSSL	4:1b0d80432c79	2996
wolfSSL	4:1b0d80432c79	2997	/* store partial if not there already or we advanced */
wolfSSL	4:1b0d80432c79	2998	if (ssl->buffers.inputBuffer.length == 0 \|\| sslBegin != sslFrame) {
wolfSSL	4:1b0d80432c79	2999	if (sslBytes > (int)ssl->buffers.inputBuffer.bufferSize) {
wolfSSL	4:1b0d80432c79	3000	if (GrowInputBuffer(ssl, sslBytes, 0) < 0) {
wolfSSL	4:1b0d80432c79	3001	SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	3002	return -1;
wolfSSL	4:1b0d80432c79	3003	}
wolfSSL	4:1b0d80432c79	3004	}
wolfSSL	4:1b0d80432c79	3005	XMEMMOVE(ssl->buffers.inputBuffer.buffer, sslFrame, sslBytes);
wolfSSL	4:1b0d80432c79	3006	ssl->buffers.inputBuffer.length = sslBytes;
wolfSSL	4:1b0d80432c79	3007	}
wolfSSL	4:1b0d80432c79	3008	if (HaveMoreInput(session, &sslFrame, &sslBytes, &end, error))
wolfSSL	4:1b0d80432c79	3009	goto doMessage;
wolfSSL	4:1b0d80432c79	3010	return decoded;
wolfSSL	4:1b0d80432c79	3011	}
wolfSSL	4:1b0d80432c79	3012	sslFrame += RECORD_HEADER_SZ;
wolfSSL	4:1b0d80432c79	3013	sslBytes -= RECORD_HEADER_SZ;
wolfSSL	4:1b0d80432c79	3014	recordEnd = sslFrame + rhSize; /* may have more than one record */
wolfSSL	4:1b0d80432c79	3015	inRecordEnd = recordEnd;
wolfSSL	4:1b0d80432c79	3016
wolfSSL	4:1b0d80432c79	3017	/* decrypt if needed */
wolfSSL	4:1b0d80432c79	3018	if ((session->flags.side == WOLFSSL_SERVER_END &&
wolfSSL	4:1b0d80432c79	3019	session->flags.serverCipherOn)
wolfSSL	4:1b0d80432c79	3020	\|\| (session->flags.side == WOLFSSL_CLIENT_END &&
wolfSSL	4:1b0d80432c79	3021	session->flags.clientCipherOn)) {
wolfSSL	4:1b0d80432c79	3022	int ivAdvance = 0; /* TLSv1.1 advance amount */
wolfSSL	4:1b0d80432c79	3023	if (ssl->decrypt.setup != 1) {
wolfSSL	4:1b0d80432c79	3024	SetError(DECRYPT_KEYS_NOT_SETUP, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	3025	return -1;
wolfSSL	4:1b0d80432c79	3026	}
wolfSSL	4:1b0d80432c79	3027	if (CheckAvailableSize(ssl, rhSize) < 0) {
wolfSSL	4:1b0d80432c79	3028	SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	3029	return -1;
wolfSSL	4:1b0d80432c79	3030	}
wolfSSL	4:1b0d80432c79	3031	sslFrame = DecryptMessage(ssl, sslFrame, rhSize,
wolfSSL	4:1b0d80432c79	3032	ssl->buffers.outputBuffer.buffer, &errCode,
wolfSSL	4:1b0d80432c79	3033	&ivAdvance);
wolfSSL	4:1b0d80432c79	3034	recordEnd = sslFrame - ivAdvance + rhSize; /* sslFrame moved so
wolfSSL	4:1b0d80432c79	3035	should recordEnd */
wolfSSL	4:1b0d80432c79	3036	decrypted = 1;
wolfSSL	4:1b0d80432c79	3037	if (errCode != 0) {
wolfSSL	4:1b0d80432c79	3038	SetError(BAD_DECRYPT, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	3039	return -1;
wolfSSL	4:1b0d80432c79	3040	}
wolfSSL	4:1b0d80432c79	3041	}
wolfSSL	4:1b0d80432c79	3042
wolfSSL	4:1b0d80432c79	3043	doPart:
wolfSSL	4:1b0d80432c79	3044
wolfSSL	4:1b0d80432c79	3045	switch ((enum ContentType)rh.type) {
wolfSSL	4:1b0d80432c79	3046	case handshake:
wolfSSL	4:1b0d80432c79	3047	{
wolfSSL	4:1b0d80432c79	3048	int startIdx = sslBytes;
wolfSSL	4:1b0d80432c79	3049	int used;
wolfSSL	4:1b0d80432c79	3050
wolfSSL	4:1b0d80432c79	3051	Trace(GOT_HANDSHAKE_STR);
wolfSSL	4:1b0d80432c79	3052	ret = DoHandShake(sslFrame, &sslBytes, session, error);
wolfSSL	4:1b0d80432c79	3053	if (ret != 0) {
wolfSSL	4:1b0d80432c79	3054	if (session->flags.fatalError == 0)
wolfSSL	4:1b0d80432c79	3055	SetError(BAD_HANDSHAKE_STR, error, session,
wolfSSL	4:1b0d80432c79	3056	FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	3057	return -1;
wolfSSL	4:1b0d80432c79	3058	}
wolfSSL	4:1b0d80432c79	3059
wolfSSL	4:1b0d80432c79	3060	/* DoHandShake now fully decrements sslBytes to remaining */
wolfSSL	4:1b0d80432c79	3061	used = startIdx - sslBytes;
wolfSSL	4:1b0d80432c79	3062	sslFrame += used;
wolfSSL	4:1b0d80432c79	3063	if (decrypted)
wolfSSL	4:1b0d80432c79	3064	sslFrame += ssl->keys.padSz;
wolfSSL	4:1b0d80432c79	3065	}
wolfSSL	4:1b0d80432c79	3066	break;
wolfSSL	4:1b0d80432c79	3067	case change_cipher_spec:
wolfSSL	4:1b0d80432c79	3068	if (session->flags.side == WOLFSSL_SERVER_END)
wolfSSL	4:1b0d80432c79	3069	session->flags.serverCipherOn = 1;
wolfSSL	4:1b0d80432c79	3070	else
wolfSSL	4:1b0d80432c79	3071	session->flags.clientCipherOn = 1;
wolfSSL	4:1b0d80432c79	3072	Trace(GOT_CHANGE_CIPHER_STR);
wolfSSL	4:1b0d80432c79	3073	ssl->options.handShakeState = HANDSHAKE_DONE;
wolfSSL	4:1b0d80432c79	3074	ssl->options.handShakeDone = 1;
wolfSSL	4:1b0d80432c79	3075
wolfSSL	4:1b0d80432c79	3076	sslFrame += 1;
wolfSSL	4:1b0d80432c79	3077	sslBytes -= 1;
wolfSSL	4:1b0d80432c79	3078
wolfSSL	4:1b0d80432c79	3079	break;
wolfSSL	4:1b0d80432c79	3080	case application_data:
wolfSSL	4:1b0d80432c79	3081	Trace(GOT_APP_DATA_STR);
wolfSSL	4:1b0d80432c79	3082	{
wolfSSL	4:1b0d80432c79	3083	word32 inOutIdx = 0;
wolfSSL	4:1b0d80432c79	3084
wolfSSL	4:1b0d80432c79	3085	ret = DoApplicationData(ssl, (byte*)sslFrame, &inOutIdx);
wolfSSL	4:1b0d80432c79	3086	if (ret == 0) {
wolfSSL	4:1b0d80432c79	3087	ret = ssl->buffers.clearOutputBuffer.length;
wolfSSL	4:1b0d80432c79	3088	TraceGotData(ret);
wolfSSL	4:1b0d80432c79	3089	if (ret) { /* may be blank message */
wolfSSL	4:1b0d80432c79	3090	byte* tmpData; /* don't leak on realloc free */
wolfSSL	4:1b0d80432c79	3091	/* add an extra byte at end of allocation in case user
wolfSSL	4:1b0d80432c79	3092	* wants to null terminate plaintext */
wolfSSL	4:1b0d80432c79	3093	tmpData = (byte)realloc(data, decoded + ret + 1);
wolfSSL	4:1b0d80432c79	3094	if (tmpData == NULL) {
wolfSSL	4:1b0d80432c79	3095	free(*data);
wolfSSL	4:1b0d80432c79	3096	*data = NULL;
wolfSSL	4:1b0d80432c79	3097	SetError(MEMORY_STR, error, session,
wolfSSL	4:1b0d80432c79	3098	FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	3099	return -1;
wolfSSL	4:1b0d80432c79	3100	}
wolfSSL	4:1b0d80432c79	3101	*data = tmpData;
wolfSSL	4:1b0d80432c79	3102	XMEMCPY(*data + decoded,
wolfSSL	4:1b0d80432c79	3103	ssl->buffers.clearOutputBuffer.buffer, ret);
wolfSSL	4:1b0d80432c79	3104	TraceAddedData(ret, decoded);
wolfSSL	4:1b0d80432c79	3105	decoded += ret;
wolfSSL	4:1b0d80432c79	3106	ssl->buffers.clearOutputBuffer.length = 0;
wolfSSL	4:1b0d80432c79	3107	}
wolfSSL	4:1b0d80432c79	3108	}
wolfSSL	4:1b0d80432c79	3109	else {
wolfSSL	4:1b0d80432c79	3110	SetError(BAD_APP_DATA_STR, error,session,FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	3111	return -1;
wolfSSL	4:1b0d80432c79	3112	}
wolfSSL	4:1b0d80432c79	3113	if (ssl->buffers.outputBuffer.dynamicFlag)
wolfSSL	4:1b0d80432c79	3114	ShrinkOutputBuffer(ssl);
wolfSSL	4:1b0d80432c79	3115
wolfSSL	4:1b0d80432c79	3116	sslFrame += inOutIdx;
wolfSSL	4:1b0d80432c79	3117	sslBytes -= inOutIdx;
wolfSSL	4:1b0d80432c79	3118	}
wolfSSL	4:1b0d80432c79	3119	break;
wolfSSL	4:1b0d80432c79	3120	case alert:
wolfSSL	4:1b0d80432c79	3121	Trace(GOT_ALERT_STR);
wolfSSL	4:1b0d80432c79	3122	sslFrame += rhSize;
wolfSSL	4:1b0d80432c79	3123	sslBytes -= rhSize;
wolfSSL	4:1b0d80432c79	3124	break;
wolfSSL	4:1b0d80432c79	3125	case no_type:
wolfSSL	4:1b0d80432c79	3126	default:
wolfSSL	4:1b0d80432c79	3127	SetError(GOT_UNKNOWN_RECORD_STR, error, session, FATAL_ERROR_STATE);
wolfSSL	4:1b0d80432c79	3128	return -1;
wolfSSL	4:1b0d80432c79	3129	}
wolfSSL	4:1b0d80432c79	3130
wolfSSL	4:1b0d80432c79	3131	/* do we have another msg in record ? */
wolfSSL	4:1b0d80432c79	3132	if (sslFrame < recordEnd) {
wolfSSL	4:1b0d80432c79	3133	Trace(ANOTHER_MSG_STR);
wolfSSL	4:1b0d80432c79	3134	goto doPart;
wolfSSL	4:1b0d80432c79	3135	}
wolfSSL	4:1b0d80432c79	3136
wolfSSL	4:1b0d80432c79	3137	/* back to input stream instead of potential decrypt buffer */
wolfSSL	4:1b0d80432c79	3138	recordEnd = inRecordEnd;
wolfSSL	4:1b0d80432c79	3139
wolfSSL	4:1b0d80432c79	3140	/* do we have more records ? */
wolfSSL	4:1b0d80432c79	3141	if (recordEnd < end) {
wolfSSL	4:1b0d80432c79	3142	Trace(ANOTHER_MSG_STR);
wolfSSL	4:1b0d80432c79	3143	sslFrame = recordEnd;
wolfSSL	4:1b0d80432c79	3144	sslBytes = (int)(end - recordEnd);
wolfSSL	4:1b0d80432c79	3145	goto doMessage;
wolfSSL	4:1b0d80432c79	3146	}
wolfSSL	4:1b0d80432c79	3147
wolfSSL	4:1b0d80432c79	3148	/* clear used input */
wolfSSL	4:1b0d80432c79	3149	ssl->buffers.inputBuffer.length = 0;
wolfSSL	4:1b0d80432c79	3150
wolfSSL	4:1b0d80432c79	3151	/* could have more input ready now */
wolfSSL	4:1b0d80432c79	3152	if (HaveMoreInput(session, &sslFrame, &sslBytes, &end, error))
wolfSSL	4:1b0d80432c79	3153	goto doMessage;
wolfSSL	4:1b0d80432c79	3154
wolfSSL	4:1b0d80432c79	3155	if (ssl->buffers.inputBuffer.dynamicFlag)
wolfSSL	4:1b0d80432c79	3156	ShrinkInputBuffer(ssl, NO_FORCED_FREE);
wolfSSL	4:1b0d80432c79	3157
wolfSSL	4:1b0d80432c79	3158	return decoded;
wolfSSL	4:1b0d80432c79	3159	}
wolfSSL	4:1b0d80432c79	3160
wolfSSL	4:1b0d80432c79	3161
wolfSSL	4:1b0d80432c79	3162	/* See if we need to process any pending FIN captures */
wolfSSL	4:1b0d80432c79	3163	static void CheckFinCapture(IpInfo* ipInfo, TcpInfo* tcpInfo,
wolfSSL	4:1b0d80432c79	3164	SnifferSession* session)
wolfSSL	4:1b0d80432c79	3165	{
wolfSSL	4:1b0d80432c79	3166	if (session->finCaputre.cliFinSeq && session->finCaputre.cliFinSeq <=
wolfSSL	4:1b0d80432c79	3167	session->cliExpected) {
wolfSSL	4:1b0d80432c79	3168	if (session->finCaputre.cliCounted == 0) {
wolfSSL	4:1b0d80432c79	3169	session->flags.finCount += 1;
wolfSSL	4:1b0d80432c79	3170	session->finCaputre.cliCounted = 1;
wolfSSL	4:1b0d80432c79	3171	TraceClientFin(session->finCaputre.cliFinSeq, session->cliExpected);
wolfSSL	4:1b0d80432c79	3172	}
wolfSSL	4:1b0d80432c79	3173	}
wolfSSL	4:1b0d80432c79	3174
wolfSSL	4:1b0d80432c79	3175	if (session->finCaputre.srvFinSeq && session->finCaputre.srvFinSeq <=
wolfSSL	4:1b0d80432c79	3176	session->srvExpected) {
wolfSSL	4:1b0d80432c79	3177	if (session->finCaputre.srvCounted == 0) {
wolfSSL	4:1b0d80432c79	3178	session->flags.finCount += 1;
wolfSSL	4:1b0d80432c79	3179	session->finCaputre.srvCounted = 1;
wolfSSL	4:1b0d80432c79	3180	TraceServerFin(session->finCaputre.srvFinSeq, session->srvExpected);
wolfSSL	4:1b0d80432c79	3181	}
wolfSSL	4:1b0d80432c79	3182	}
wolfSSL	4:1b0d80432c79	3183
wolfSSL	4:1b0d80432c79	3184	if (session->flags.finCount >= 2)
wolfSSL	4:1b0d80432c79	3185	RemoveSession(session, ipInfo, tcpInfo, 0);
wolfSSL	4:1b0d80432c79	3186	}
wolfSSL	4:1b0d80432c79	3187
wolfSSL	4:1b0d80432c79	3188
wolfSSL	4:1b0d80432c79	3189	/* If session is in fatal error state free resources now
wolfSSL	4:1b0d80432c79	3190	return true if removed, 0 otherwise */
wolfSSL	4:1b0d80432c79	3191	static int RemoveFatalSession(IpInfo* ipInfo, TcpInfo* tcpInfo,
wolfSSL	4:1b0d80432c79	3192	SnifferSession* session, char* error)
wolfSSL	4:1b0d80432c79	3193	{
wolfSSL	4:1b0d80432c79	3194	if (session && session->flags.fatalError == FATAL_ERROR_STATE) {
wolfSSL	4:1b0d80432c79	3195	RemoveSession(session, ipInfo, tcpInfo, 0);
wolfSSL	4:1b0d80432c79	3196	SetError(FATAL_ERROR_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	3197	return 1;
wolfSSL	4:1b0d80432c79	3198	}
wolfSSL	4:1b0d80432c79	3199	return 0;
wolfSSL	4:1b0d80432c79	3200	}
wolfSSL	4:1b0d80432c79	3201
wolfSSL	4:1b0d80432c79	3202
wolfSSL	4:1b0d80432c79	3203	/* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */
wolfSSL	4:1b0d80432c79	3204	/* returns Number of bytes on success, 0 for no data yet, and -1 on error */
wolfSSL	4:1b0d80432c79	3205	int ssl_DecodePacket(const byte* packet, int length, byte** data, char* error)
wolfSSL	4:1b0d80432c79	3206	{
wolfSSL	4:1b0d80432c79	3207	TcpInfo tcpInfo;
wolfSSL	4:1b0d80432c79	3208	IpInfo ipInfo;
wolfSSL	4:1b0d80432c79	3209	const byte* sslFrame;
wolfSSL	4:1b0d80432c79	3210	const byte* end = packet + length;
wolfSSL	4:1b0d80432c79	3211	int sslBytes; /* ssl bytes unconsumed */
wolfSSL	4:1b0d80432c79	3212	int ret;
wolfSSL	4:1b0d80432c79	3213	SnifferSession* session = 0;
wolfSSL	4:1b0d80432c79	3214
wolfSSL	4:1b0d80432c79	3215	if (CheckHeaders(&ipInfo, &tcpInfo, packet, length, &sslFrame, &sslBytes,
wolfSSL	4:1b0d80432c79	3216	error) != 0)
wolfSSL	4:1b0d80432c79	3217	return -1;
wolfSSL	4:1b0d80432c79	3218
wolfSSL	4:1b0d80432c79	3219	ret = CheckSession(&ipInfo, &tcpInfo, sslBytes, &session, error);
wolfSSL	4:1b0d80432c79	3220	if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1;
wolfSSL	4:1b0d80432c79	3221	else if (ret == -1) return -1;
wolfSSL	4:1b0d80432c79	3222	else if (ret == 1) return 0; /* done for now */
wolfSSL	4:1b0d80432c79	3223
wolfSSL	4:1b0d80432c79	3224	ret = CheckSequence(&ipInfo, &tcpInfo, session, &sslBytes, &sslFrame,error);
wolfSSL	4:1b0d80432c79	3225	if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1;
wolfSSL	4:1b0d80432c79	3226	else if (ret == -1) return -1;
wolfSSL	4:1b0d80432c79	3227	else if (ret == 1) return 0; /* done for now */
wolfSSL	4:1b0d80432c79	3228
wolfSSL	4:1b0d80432c79	3229	ret = CheckPreRecord(&ipInfo, &tcpInfo, &sslFrame, &session, &sslBytes,
wolfSSL	4:1b0d80432c79	3230	&end, error);
wolfSSL	4:1b0d80432c79	3231	if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1;
wolfSSL	4:1b0d80432c79	3232	else if (ret == -1) return -1;
wolfSSL	4:1b0d80432c79	3233	else if (ret == 1) return 0; /* done for now */
wolfSSL	4:1b0d80432c79	3234
wolfSSL	4:1b0d80432c79	3235	ret = ProcessMessage(sslFrame, session, sslBytes, data, end, error);
wolfSSL	4:1b0d80432c79	3236	if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1;
wolfSSL	4:1b0d80432c79	3237	CheckFinCapture(&ipInfo, &tcpInfo, session);
wolfSSL	4:1b0d80432c79	3238	return ret;
wolfSSL	4:1b0d80432c79	3239	}
wolfSSL	4:1b0d80432c79	3240
wolfSSL	4:1b0d80432c79	3241
wolfSSL	4:1b0d80432c79	3242	/* Deallocator for the decoded data buffer. */
wolfSSL	4:1b0d80432c79	3243	/* returns 0 on success, -1 on error */
wolfSSL	4:1b0d80432c79	3244	int ssl_FreeDecodeBuffer(byte** data, char* error)
wolfSSL	4:1b0d80432c79	3245	{
wolfSSL	4:1b0d80432c79	3246	(void)error;
wolfSSL	4:1b0d80432c79	3247
wolfSSL	4:1b0d80432c79	3248	if (data != NULL) {
wolfSSL	4:1b0d80432c79	3249	free(*data);
wolfSSL	4:1b0d80432c79	3250	*data = NULL;
wolfSSL	4:1b0d80432c79	3251	}
wolfSSL	4:1b0d80432c79	3252
wolfSSL	4:1b0d80432c79	3253	return 0;
wolfSSL	4:1b0d80432c79	3254	}
wolfSSL	4:1b0d80432c79	3255
wolfSSL	4:1b0d80432c79	3256
wolfSSL	4:1b0d80432c79	3257	/* Enables (if traceFile)/ Disables debug tracing */
wolfSSL	4:1b0d80432c79	3258	/* returns 0 on success, -1 on error */
wolfSSL	4:1b0d80432c79	3259	int ssl_Trace(const char* traceFile, char* error)
wolfSSL	4:1b0d80432c79	3260	{
wolfSSL	4:1b0d80432c79	3261	if (traceFile) {
wolfSSL	4:1b0d80432c79	3262	TraceFile = fopen(traceFile, "a");
wolfSSL	4:1b0d80432c79	3263	if (!TraceFile) {
wolfSSL	4:1b0d80432c79	3264	SetError(BAD_TRACE_FILE_STR, error, NULL, 0);
wolfSSL	4:1b0d80432c79	3265	return -1;
wolfSSL	4:1b0d80432c79	3266	}
wolfSSL	4:1b0d80432c79	3267	TraceOn = 1;
wolfSSL	4:1b0d80432c79	3268	}
wolfSSL	4:1b0d80432c79	3269	else
wolfSSL	4:1b0d80432c79	3270	TraceOn = 0;
wolfSSL	4:1b0d80432c79	3271
wolfSSL	4:1b0d80432c79	3272	return 0;
wolfSSL	4:1b0d80432c79	3273	}
wolfSSL	4:1b0d80432c79	3274
wolfSSL	4:1b0d80432c79	3275
wolfSSL	4:1b0d80432c79	3276	/* Enables/Disables Recovery of missed data if later packets allow
wolfSSL	4:1b0d80432c79	3277	* maxMemory is number of bytes to use for reassembly buffering per session,
wolfSSL	4:1b0d80432c79	3278	* -1 means unlimited
wolfSSL	4:1b0d80432c79	3279	* returns 0 on success, -1 on error */
wolfSSL	4:1b0d80432c79	3280	int ssl_EnableRecovery(int onOff, int maxMemory, char* error)
wolfSSL	4:1b0d80432c79	3281	{
wolfSSL	4:1b0d80432c79	3282	(void)error;
wolfSSL	4:1b0d80432c79	3283
wolfSSL	4:1b0d80432c79	3284	RecoveryEnabled = onOff;
wolfSSL	4:1b0d80432c79	3285	if (onOff)
wolfSSL	4:1b0d80432c79	3286	MaxRecoveryMemory = maxMemory;
wolfSSL	4:1b0d80432c79	3287
wolfSSL	4:1b0d80432c79	3288	return 0;
wolfSSL	4:1b0d80432c79	3289	}
wolfSSL	4:1b0d80432c79	3290
wolfSSL	4:1b0d80432c79	3291
wolfSSL	4:1b0d80432c79	3292
wolfSSL	4:1b0d80432c79	3293	int ssl_GetSessionStats(unsigned int* active, unsigned int* total,
wolfSSL	4:1b0d80432c79	3294	unsigned int* peak, unsigned int* maxSessions,
wolfSSL	4:1b0d80432c79	3295	unsigned int* missedData, unsigned int* reassemblyMem,
wolfSSL	4:1b0d80432c79	3296	char* error)
wolfSSL	4:1b0d80432c79	3297	{
wolfSSL	4:1b0d80432c79	3298	int ret;
wolfSSL	4:1b0d80432c79	3299
wolfSSL	4:1b0d80432c79	3300	if (missedData) {
wolfSSL	4:1b0d80432c79	3301	LockMutex(&RecoveryMutex);
wolfSSL	4:1b0d80432c79	3302	*missedData = MissedDataSessions;
wolfSSL	4:1b0d80432c79	3303	UnLockMutex(&RecoveryMutex);
wolfSSL	4:1b0d80432c79	3304	}
wolfSSL	4:1b0d80432c79	3305
wolfSSL	4:1b0d80432c79	3306	if (reassemblyMem) {
wolfSSL	4:1b0d80432c79	3307	SnifferSession* session;
wolfSSL	4:1b0d80432c79	3308	int i;
wolfSSL	4:1b0d80432c79	3309
wolfSSL	4:1b0d80432c79	3310	*reassemblyMem = 0;
wolfSSL	4:1b0d80432c79	3311	LockMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	3312	for (i = 0; i < HASH_SIZE; i++) {
wolfSSL	4:1b0d80432c79	3313	session = SessionTable[i];
wolfSSL	4:1b0d80432c79	3314	while (session) {
wolfSSL	4:1b0d80432c79	3315	*reassemblyMem += session->cliReassemblyMemory;
wolfSSL	4:1b0d80432c79	3316	*reassemblyMem += session->srvReassemblyMemory;
wolfSSL	4:1b0d80432c79	3317	session = session->next;
wolfSSL	4:1b0d80432c79	3318	}
wolfSSL	4:1b0d80432c79	3319	}
wolfSSL	4:1b0d80432c79	3320	UnLockMutex(&SessionMutex);
wolfSSL	4:1b0d80432c79	3321	}
wolfSSL	4:1b0d80432c79	3322
wolfSSL	4:1b0d80432c79	3323	ret = wolfSSL_get_session_stats(active, total, peak, maxSessions);
wolfSSL	4:1b0d80432c79	3324
wolfSSL	4:1b0d80432c79	3325	if (ret == SSL_SUCCESS)
wolfSSL	4:1b0d80432c79	3326	return 0;
wolfSSL	4:1b0d80432c79	3327	else {
wolfSSL	4:1b0d80432c79	3328	SetError(BAD_SESSION_STATS, error, NULL, 0);
wolfSSL	4:1b0d80432c79	3329	return -1;
wolfSSL	4:1b0d80432c79	3330	}
wolfSSL	4:1b0d80432c79	3331	}
wolfSSL	4:1b0d80432c79	3332
wolfSSL	4:1b0d80432c79	3333
wolfSSL	4:1b0d80432c79	3334
wolfSSL	4:1b0d80432c79	3335	#endif /* WOLFSSL_SNIFFER */
wolfSSL	4:1b0d80432c79	3336	#endif /* WOLFCRYPT_ONLY */
wolfSSL	4:1b0d80432c79	3337

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	26 Jun 2015
Imports:	673
Forks:	0
Commits:	18
Dependents:	29
Dependencies:	0
Followers:	21

src/sniffer.c@4:1b0d80432c79, 2016-04-28 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning