-
Notifications
You must be signed in to change notification settings - Fork 17
/
openssl.cpp
100 lines (73 loc) · 2.37 KB
/
openssl.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
/**
* ssltrace - hook SSL libraries to record keying data of SSL connections
* Copyright (C) 2013 Jethro G. Beekman
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
#include "ssltrace.h"
#include <openssl/ssl.h>
#define min(a,b) (((a)<(b))?(a):(b))
static void openssl_dump_session(SSL* ssl)
{
if (ssl->s3)
{
ssltrace_trace_clientrandom(ssl->s3->client_random,SSL3_RANDOM_SIZE,ssl->session->master_key,min(ssl->session->master_key_length,SSL_MAX_MASTER_KEY_LENGTH));
}
else
{
ssltrace_trace_sessionid(ssl->session->session_id,min(ssl->session->session_id_length,SSL_MAX_MASTER_KEY_LENGTH),ssl->session->master_key,min(ssl->session->master_key_length,SSL_MAX_MASTER_KEY_LENGTH));
}
}
WRAP(int,SSL_connect,(SSL *ssl))
{
WRAPINIT(SSL_connect);
if (!ssl->handshake_func) SSL_set_connect_state(ssl);
ssl->handshake_func=&SSL_connect;
int ret=_SSL_connect(ssl);
if (ret==1)
openssl_dump_session(ssl);
return ret;
}
WRAP(int,SSL_accept,(SSL *ssl))
{
WRAPINIT(SSL_accept);
if (!ssl->handshake_func) SSL_set_accept_state(ssl);
ssl->handshake_func=&SSL_accept;
int ret=_SSL_accept(ssl);
if (ret==1)
openssl_dump_session(ssl);
return ret;
}
WRAP(void,SSL_set_connect_state,(SSL *s))
{
WRAPINIT(SSL_set_connect_state);
_SSL_set_connect_state(s);
s->handshake_func=&SSL_connect;
}
WRAP(void,SSL_set_accept_state,(SSL *s))
{
WRAPINIT(SSL_set_accept_state);
_SSL_set_accept_state(s);
s->handshake_func=&SSL_accept;
}
WRAP(int,SSL_set_ssl_method,(SSL *s, const SSL_METHOD *meth))
{
int conn=-1;
WRAPINIT(SSL_set_ssl_method);
conn=(s->handshake_func == s->method->ssl_connect);
int ret=_SSL_set_ssl_method(s,meth);
s->handshake_func=conn?&SSL_connect:&SSL_accept;
return ret;
}