pax_global_header00006660000000000000000000000064135417127170014522gustar00rootroot0000000000000052 comment=a6c098fb6860e11111d00b60eb50c8f9f411be66 ssldump-1.1/000077500000000000000000000000001354171271700130525ustar00rootroot00000000000000ssldump-1.1/.gitchangelog.rc000066400000000000000000000141271354171271700161160ustar00rootroot00000000000000## ## Format ## ## ACTION: [AUDIENCE:] COMMIT_MSG [!TAG ...] ## ## Description ## ## ACTION is one of 'chg', 'fix', 'new' ## ## Is WHAT the change is about. ## ## 'chg' is for refactor, small improvement, cosmetic changes... ## 'fix' is for bug fixes ## 'new' is for new features, big improvement ## ## AUDIENCE is optional and one of 'dev', 'usr', 'pkg', 'test', 'doc' ## ## Is WHO is concerned by the change. ## ## 'dev' is for developpers (API changes, refactors...) ## 'usr' is for final users (UI changes) ## 'pkg' is for packagers (packaging changes) ## 'test' is for testers (test only related changes) ## 'doc' is for doc guys (doc only changes) ## ## COMMIT_MSG is ... well ... the commit message itself. ## ## TAGs are additionnal adjective as 'refactor' 'minor' 'cosmetic' ## ## They are preceded with a '!' or a '@' (prefer the former, as the ## latter is wrongly interpreted in github.) Commonly used tags are: ## ## 'refactor' is obviously for refactoring code only ## 'minor' is for a very meaningless change (a typo, adding a comment) ## 'cosmetic' is for cosmetic driven change (re-indentation, 80-col...) ## 'wip' is for partial functionality but complete subfunctionality. ## ## Example: ## ## new: usr: support of bazaar implemented ## chg: re-indentend some lines !cosmetic ## new: dev: updated code to be compatible with last version of killer lib. ## fix: pkg: updated year of licence coverage. ## new: test: added a bunch of test around user usability of feature X. ## fix: typo in spelling my name in comment. !minor ## ## Please note that multi-line commit message are supported, and only the ## first line will be considered as the "summary" of the commit message. So ## tags, and other rules only applies to the summary. The body of the commit ## message will be displayed in the changelog without reformatting. ## ## ``ignore_regexps`` is a line of regexps ## ## Any commit having its full commit message matching any regexp listed here ## will be ignored and won't be reported in the changelog. ## ignore_regexps = [ r'@minor', r'!minor', r'@cosmetic', r'!cosmetic', r'@refactor', r'!refactor', r'@wip', r'!wip', r'^([cC]hg|[fF]ix|[nN]ew)\s*:\s*[p|P]kg:', r'^([cC]hg|[fF]ix|[nN]ew)\s*:\s*[d|D]ev:', r'^(.{3,3}\s*:)?\s*[fF]irst commit.?\s*$', ] ## ``section_regexps`` is a list of 2-tuples associating a string label and a ## list of regexp ## ## Commit messages will be classified in sections thanks to this. Section ## titles are the label, and a commit is classified under this section if any ## of the regexps associated is matching. ## section_regexps = [ ('New', [ r'^[nN]ew\s*:\s*((dev|use?r|pkg|test|doc)\s*:\s*)?([^\n]*)$', ]), ('Changes', [ r'^[cC]hg\s*:\s*((dev|use?r|pkg|test|doc)\s*:\s*)?([^\n]*)$', ]), ('Fix', [ r'^[fF]ix\s*:\s*((dev|use?r|pkg|test|doc)\s*:\s*)?([^\n]*)$', ]), ('Other', None ## Match all lines ), ] ## ``body_process`` is a callable ## ## This callable will be given the original body and result will ## be used in the changelog. ## ## Available constructs are: ## ## - any python callable that take one txt argument and return txt argument. ## ## - ReSub(pattern, replacement): will apply regexp substitution. ## ## - Indent(chars=" "): will indent the text with the prefix ## Please remember that template engines gets also to modify the text and ## will usually indent themselves the text if needed. ## ## - Wrap(regexp=r"\n\n"): re-wrap text in separate paragraph to fill 80-Columns ## ## - noop: do nothing ## ## - ucfirst: ensure the first letter is uppercase. ## (usually used in the ``subject_process`` pipeline) ## ## - final_dot: ensure text finishes with a dot ## (usually used in the ``subject_process`` pipeline) ## ## - strip: remove any spaces before or after the content of the string ## ## Additionally, you can `pipe` the provided filters, for instance: #body_process = Wrap(regexp=r'\n(?=\w+\s*:)') | Indent(chars=" ") #body_process = Wrap(regexp=r'\n(?=\w+\s*:)') #body_process = noop body_process = ReSub(r'((^|\n)[A-Z]\w+(-\w+)*: .*(\n\s+.*)*)+$', r'') | strip ## ``subject_process`` is a callable ## ## This callable will be given the original subject and result will ## be used in the changelog. ## ## Available constructs are those listed in ``body_process`` doc. subject_process = (strip | ReSub(r'^([cC]hg|[fF]ix|[nN]ew)\s*:\s*((dev|use?r|pkg|test|doc)\s*:\s*)?([^\n@]*)(@[a-z]+\s+)*$', r'\4') | ucfirst | final_dot) ## ``tag_filter_regexp`` is a regexp ## ## Tags that will be used for the changelog must match this regexp. ## tag_filter_regexp = r'^v[0-9]+\.[0-9]+$' ## ``unreleased_version_label`` is a string ## ## This label will be used as the changelog Title of the last set of changes ## between last valid tag and HEAD if any. unreleased_version_label = "%%version%% (unreleased)" ## ``output_engine`` is a callable ## ## This will change the output format of the generated changelog file ## ## Available choices are: ## ## - rest_py ## ## Legacy pure python engine, outputs ReSTructured text. ## This is the default. ## ## - mustache() ## ## Template name could be any of the available templates in ## ``templates/mustache/*.tpl``. ## Requires python package ``pystache``. ## Examples: ## - mustache("markdown") ## - mustache("restructuredtext") ## ## - makotemplate() ## ## Template name could be any of the available templates in ## ``templates/mako/*.tpl``. ## Requires python package ``mako``. ## Examples: ## - makotemplate("restructuredtext") ## output_engine = rest_py #output_engine = mustache("restructuredtext") #output_engine = mustache("markdown") #output_engine = makotemplate("restructuredtext") ## ``include_merge`` is a boolean ## ## This option tells git-log whether to include merge commits in the log. ## The default is to include them. include_merge = True ssldump-1.1/.gitignore000066400000000000000000000001111354171271700150330ustar00rootroot00000000000000*~ .#* *.o ssldump Makefile config.log config.status dist autom4te.cache ssldump-1.1/COPYRIGHT000066400000000000000000000060601354171271700143470ustar00rootroot00000000000000SSLDUMP LICENSE Copyright (C) 1999-2001 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE ERIC RESCORLA AND RTFM ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. TCPDUMP LICENSE The manual page for this software is partially excerpted from the tcpdump manual page, which is subject to the following license: Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997 The Regents of the University of California. All rights reserved. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that: (1) source code distributions retain the above copyright notice and this paragraph in its entirety, (2) distributions including binary code include the above copyright notice and this paragraph in its entirety in the documentation or other materials provided with the distribution, and (3) all advertising materials mentioning features or use of this software display the following acknowledgement: ``This product includes software developed by the University of California, Lawrence Berkeley Laboratory and its contributors.'' Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. ssldump-1.1/CREDITS000066400000000000000000000006711354171271700140760ustar00rootroot00000000000000ssldump was written by Eric Rescorla The Windows port of ssldump was provided by Greg Stark. The following people have provided bug fixes, bug reports, or suggestions. Adam Cain Pavel Curtis Chris Jepeway Alexander Fetke Jeffrey Hafey Lutz Jaenicke Dave Jagoda Norbert Klasen Richard Levitte Hugh Mandeville Eric Murray Henrik Nordstrom Alper Akcan If you think you should be on this list, send me mail at . ssldump-1.1/ChangeLog000066400000000000000000000323041354171271700146260ustar00rootroot00000000000000Changelog ========= v1.0 (2019-05-26) ----------------- Changes ~~~~~~~ - [build] v1.0 released. [Alexandre Dulaunoy] - [changelog] v1.0 released. [Alexandre Dulaunoy] - [build] gitchangelogrc configuration added. [Alexandre Dulaunoy] Other ~~~~~ - Merge pull request #21 from qha/repair-make-targets. [Alexandre Dulaunoy] Repair make targets and ssl/ssldecode.c, bump version - Rerun autoconf. [Ulrik Haugen] - Bump version. [Ulrik Haugen] - Repair ssl_key_log_file handling. [Ulrik Haugen] Set ssl_key_log_file to null in ssl_decode_ctx_create if no file name was supplied. Only seek ssl_key_log_file in ssl_read_key_log_file if it is non null. Repair order of fseek parameters. - Take project name and version from configure define. [Ulrik Haugen] ... in print_version. - Enable compiling without std c99 when OPENSSL is defined. [Ulrik Haugen] - Repair spelling in comments. [Ulrik Haugen] - Remove presumably extraneous files. [Ulrik Haugen] - Remove extraneous files. [Ulrik Haugen] - Add .gitignore. [Ulrik Haugen] - Make install target install doc files. [Ulrik Haugen] - Repair installdir variable names. [Ulrik Haugen] - Repair dist target. [Ulrik Haugen] Mark phony targets as such. Cease use of unobtainable version-check.pl. Take version from configure substituted variable. Adjust dist archive location. Prune more backup files. - Whitespace. [Ulrik Haugen] - Set package name in configure.in, move version there. [Ulrik Haugen] - Merge pull request #19 from 1div0/master. [Alexandre Dulaunoy] GREASE - GREASE. [Peter Kovář] - Merge pull request #18 from mathewmarcus/dh_aes_gcm_support. [Alexandre Dulaunoy] Dh aes gcm support - Use macro to check if cipher is AEAD. [mathewmarcus] - Update man page with -l sslkeylogfile option. [mathewmarcus] - Updated relevant ciphersuites with GCM enc. [mathewmarcus] - Added fix for AES256 GCM decryption. [mathewmarcus] - Added case insensitive string comparison macro. [mathewmarcus] - Added support for AES GCM decryption. [mathewmarcus] - Use sslkeylogfile to get MS if possible. [mathewmarcus] - Added function to extract MS from sslkeylogfile. [mathewmarcus] - Added GCM specific ciphersuite info. [mathewmarcus] - Added sslkeylogfile pointer to decode ctx. [mathewmarcus] - Fix decoding and printing of DiffieHellman Client params. [mathewmarcus] - Add l option for SSLKEYLOGFILE. [mathewmarcus] - Merge pull request #17 from mathewmarcus/fix_extension_bug. [Alexandre Dulaunoy] correctly handle case where server hello does not request extension s… - Improve syntax. [mathewmarcus] - Correctly handle case where server hello does not request extension specified by client. [mathewmarcus] - Merge pull request #16 from mathewmarcus/tls_extensions. [Alexandre Dulaunoy] Tls extensions - Code cleanup. [mathewmarcus] - Added support for SNI. [mathewmarcus] - Added support for encrypt-then-mac. [mathewmarcus] - Finished support for extended master secret. [mathewmarcus] - Calculate session hash. [mathewmarcus] - Added struct to store extensions. [mathewmarcus] - Added struct to store extensions. [mathewmarcus] - Revert "moved struct ssl_decoder_ definition into header file because we need it in ssl.enums.c" [Mathew Marcus] This reverts commit 193c6001086920c0623593aba373f948aa275f8d. - Moved struct ssl_decoder_ definition into header file because we need it in ssl.enums.c. [mathewmarcus] - Added handler for extended master secret extension. [mathewmarcus] - Rename functions. [mathewmarcus] - Record handshake messages for session hash. [Mathew Marcus] - Include extensions in output. [mathewmarcus] - Merge pull request #15 from Whissi/update-ciphers. [Alexandre Dulaunoy] Update ciphers - Adjust cipher suite formation. [Thomas Deutschmann] - Add TLS 1.3 cipher suites. [Thomas Deutschmann] - Add fallback signaling cipher suite. [Thomas Deutschmann] - Add CHACHA20_POLY1305 cipher suite. [Thomas Deutschmann] - Merge pull request #14 from davidkretch/fix-typo. [Alexandre Dulaunoy] Fix a typo in the man page - Fix a typo in the man page. [David Kretch] Delete the extra "to" in "To decrypt traffic to to host" under the examples section. - Merge pull request #13 from alperakcan/master. [Alexandre Dulaunoy] fix ssl record queue data read - - fix mis calculation of read_left if queue already has some data, which might not be bigger than ssl_header_size - update q->ptr only if q->data is changed. [Alper Akcan] - Merge pull request #1 from adulau/master. [Alper Akcan] Merge pull request #12 from alperakcan/master - Merge pull request #12 from alperakcan/master. [Alexandre Dulaunoy] Fix packet length calculation if IP length is 0, due to TSO - Fix packet length calculation if IP length is 0, due to TSO. [Alper Akcan] - Typo fixed. [Alexandre Dulaunoy] - Explanation added in a new README. [Alexandre Dulaunoy] - Merge pull request #9 from PequalsNP-team/master. [Alexandre Dulaunoy] updated configure for new libpcap location on most linux distro - Updated configure for new libpcap location on most linux distro. [thez3ro] - Merge pull request #7 from knowtoto/master. [Alexandre Dulaunoy] Fix a null pointer dereference bug - Fix a null pointer dereference bug of tls12_prf be caused by invalid extern declaration for digests variable. [hyunkyu.oh] - Merge pull request #5 from wllm-rbnt/master. [Alexandre Dulaunoy] More code cleaning - Include string.h (remove warnings about memcpy) [William Robinet] - Fix order of arguments in calls to calloc. [William Robinet] - "Each invocation of va_start() must be matched by a corresponding invocation of va_end()" [William Robinet] - Remove dead code. [William Robinet] - Do not use uninitialized variable. [William Robinet] - Make valgrind/memcheck happy. [William Robinet] - Add missing comma (introduced by 2d067c26503ace1466d132e7efd9f0ff7885295a) [William Robinet] - Merge pull request #4 from wllm-rbnt/master. [Alexandre Dulaunoy] Fix cleanup loop - Avoid auto-vivisection during connection clean-up ... [William Robinet] - Fix inactive connection removal. [William Robinet] - Merge pull request #3 from wllm-rbnt/master. [Alexandre Dulaunoy] [bugfix] Initialize initial reference timeval - Initialize initial reference timeval Avoids wrong cleaning of first connection(s) [William Robinet] - Merge pull request #2 from wllm-rbnt/master. [Alexandre Dulaunoy] Fixes for 2 memory leaks and in flight structure cleaning - Fix memory leak if SSL session id is not present. [William Robinet] - In flight connection pool cleaning. [William Robinet] - Fix memory leak at connection closing. [William Robinet] - Merge pull request #1 from wllm-rbnt/csloop. [Alexandre Dulaunoy] Fix for infinite loop in Ciphers Suite decoding - Fix for infinite loop in Ciphers Suite decoding. [William Robinet] - Dtable bug fixed: list overrun (from NetBSD tree) [Alexandre Dulaunoy] - Memory leak per TLS session removed. Call cleanup after each finalization. [Alexandre Dulaunoy] - Free also the packet structure. [Alexandre Dulaunoy] - Snaplen increased to the default jumbo frame size. [Alexandre Dulaunoy] If the snaplen is lower than the total frame length announced, ssldump won't be able to reassemble the payload. "Length mismatch" error. Tested on Ethernet uplinks supporting jumbo frame. - Continue even if no IP address is assigned on the interface. [Alexandre Dulaunoy] ssldump in a production environment can be used on a capture interface where no IP addresses are assigned. Print a warning instead of exiting. - Modern config.guess/sub from Ubuntu ssldump package. [Alexandre Dulaunoy] - Ssldump-0.9-ciphersuites.patch. [Alexandre Dulaunoy] - Ssldump-0.9-ssl-enums.patch. [Alexandre Dulaunoy] - Ssldump-0.9-tlsv12.patch. [Alexandre Dulaunoy] - Ssldump-0.9-pcap-vlan.patch. [Alexandre Dulaunoy] - Ssldump-0.9-link_layer.patch. [Alexandre Dulaunoy] - Ssldump-0.9-table-stops.patch. [Alexandre Dulaunoy] - Sldump-0.9-cvs-20060619.patch. [Alexandre Dulaunoy] - Sldump-0.9-aes.patch. [Alexandre Dulaunoy] - Sldump-0.9-libpcap.patch. [Alexandre Dulaunoy] - Ssldump-0.9-openssl.patch. [Alexandre Dulaunoy] - Ssldump_0.9b3.orig.tar.gz Import. [Alexandre Dulaunoy] Original changelog file ----------------------- Mon 29 May 2017 03:49:00 PM +03 Alper * Fix packet length calculation if IP length is 0 due to TSO. Wed Aug 21 10:48:45 2002 EKR * Installed Greg Stark's new Win32 patches. * Added updated VLAN support (Jeffrey Hafey) Fri Aug 16 16:56:23 2002 EKR * Cleaned up 56-bit ciphersuites in ciphersuites.c * Fixed memory errors in packet copying. * Fixed bugs in processing of bogus SSLv2 messages. * Fixed bugs in TCP packet reassembly code. Tue Aug 13 13:03:41 2002 EKR * Fixed EXPORT1024 DES cipher suites Mon Aug 12 16:49:51 2002 EKR * Added support for VLAN networks (Jeffrey Hafey) * Fixed printing of data with embedded tabs (Pavel Curtis) * Added support for non-promiscuous mode (-P flag) (Bruce M Simpson) * Fixed potential small overrun in RSA decryption. Fri Sep 28 15:54:47 2001 EKR * Fixed install so that we install in /usr/local/sbin with mode 755. Bug report ssldump/22. (Dave Jagoda) * Fixed compilation warning about create_null_analyzer Bug report ssldump/23. Wed Sep 26 14:49:06 2001 EKR * Fixed SYN & SYN/ACK detection to that it works with ECN. (Henrik Nordstrom) * Added /usr/include/pcap to the PCAP search path (Henrik Nordstrom) Sat Sep 15 13:41:10 2001 EKR * Fix to ssldecode.c to remove error with empty struct when compiling with VC++ and no OpenSSL (Greg Stark) * Change to vcwin32.mak to print out that you're not using OpenSSL (Greg Stark) * Automatic version changing courtesy of version-change.pl Fri Sep 14 15:22:29 2001 EKR * Fixed bug 4. Delete the MS after decrypting a PMS to force new MS generation in the key generation phase. This makes decryption of renegotiated connections work correctly. This got broken when session resumption was added. 2001-09-14 Eric Rescorla * Imported Greg Stark's Win32 port Sun Sep 2 15:53:06 2001 EKR * Fixed the reassembler so it doesn't crash when FIN/RST segments have data. * closure/connection freeing now works, thus meaning less memory leakage and less crashing. * A bunch of trivial makefile/configure fixes. Fri Jul 20 16:40:51 2001 EKR * Removed loading of certificate file. This served no real purpose. Fix for bug 5. Fri Jul 20 11:02:09 2001 EKR * Fixed initialization so that the key file is loaded only once. Removed default keyfile and password. You now must specify them. You also get an error if you specify a bad password or keyfile. Fri Jul 20 10:17:36 2001 EKR * Added support for session resumption. Fri Jul 20 10:17:16 2001 EKR * Fixed SEQ_LT problems on Linux and other compilation problems. Tue Mar 6 2001 EKR * Removed statically allocated conn array. We can now have an arbitrary number of Thu Nov 9 12:14:15 2000 EKR * Cleanups to the man page and cleaned up some cases where printing didn't work quite right. Mon Nov 6 10:22:25 2000 EKR * Added the -X flag to force hex-only printing when binary data is displayed as hex dumps. Fri Nov 3 09:23:35 2000 EKR * cleaned up the case where multiple handshake messages are in the same SSL record. Fri Nov 3 09:14:39 2000 EKR * Modified printing so that when we're printing hex dumps of application data traffic we also print the printable sections of the data itself in a column on the side. Thu Nov 2 14:14:21 2000 EKR * Modified cipher suite printing so that the names have SSL_ if we're doing SSLv3 and TLS_ if we're doing TLS. Suggestion by Eric Murray. Thu Nov 2 13:07:09 2000 EKR * Fixed an ABW in ssldecode.c that caused crashes on Solaris. Also, fixed a bunch of memory leaks using Purify. Thu Nov 2 08:45:42 2000 EKR * Various Portability fixes CC=gcc -> CC=@CC@ in Makefile Removed FLAGS in Makefile (it was a noop) in base/tcpconn.c, changed {} to {0} to appease HPUX's compiler made create_null_analyzer.c static as it should be. Removed the final (bogus) entry in null_vtbl. made sslx__print_serial() static to match its prototype Rearranged library order for better linkage Thanks to Lutze Jainecke for these fixes. Thu Nov 2 08:41:10 2000 EKR * Added -r as a synonym for -f. -f will eventually be removed and reused for some other option. This was done for option compatibility with tcpdump and on the theory that someday I might add a -w. * Renamed -h to -H and added it to the documentation. -h now triggers usage info. Thu Nov 2 08:38:06 2000 EKR * Removed blank lines in the man page. This confuses some man page formatters. (Thanks to Hugh Mandeville for pointing this one out) Thu Nov 2 08:37:59 2000 EKR * Wired up -N (it was unwired) Thu Nov 2 08:37:47 2000 EKR * Added -D_BSD_SOURCE=1 when you're compiling on Linux. (Allowing it to compile) ssldump-1.1/FILES000066400000000000000000000001321354171271700136330ustar00rootroot00000000000000record-fmt.txt record_analyze.c record_analyze.h targets.mk CVS: Entries Repository Root ssldump-1.1/INSTALL000066400000000000000000000027701354171271700141110ustar00rootroot00000000000000$Id: INSTALL,v 1.5 2001/09/14 22:29:13 ekr Exp $ If you don't have libpcap, you'll need to get it and install it. You can obtain it from: http://www.tcpdump.org/ If you want to be able to decrypt SSL traffic or view certificates, get OpenSSL if you don't have it: http://www.openssl.org/ Once you've built and installed libpcap and OpenSSL, you're ready to build ssldump. ssldump uses a GNU autoconf-based configuration to automatically configure the build. In the simplest form you can simply do: ./configure If the configure script can't find libpcap, it will abort. If you've installed it in unobvious place, you may need to give configure a hint using the '--with-pcap' or '--with-pcap-{lib,inc}' switches. If the configure script can't find OpenSSL, it will continue without it. If your OpenSSL is in a nonstandard location, you may need to give configure a hint with the '--with-openssl' or '--with-openssl-{lib,include}' switches. Once you've done the configure, you can simply run 'make'. Note that on some platforms (HP/UX) you will have to use GNU make (gmake). If the make succeeds, run a 'make install' (you will probably need to be root to do this.) TESTED PLATFORMS FreeBSD 2.2.8, 3.4 HP/UX 10.20 Linux (Red Hat, Debian) Solaris 2.x If you get ssldump to work on a platform not listed above, please send mail to ssldump@rtfm.com with the platform and any fixes you had to make. INSTALLING ON WINDOWS Read the file INSTALL.W32 in this directory for instructions on installing on Windows. ssldump-1.1/INSTALL.W32000066400000000000000000000106401354171271700144560ustar00rootroot00000000000000 Notes First, make sure you've read the README file. Build Environment ----------------- The build environment is assumed to be Microsoft Visual C++ 6.0 SP4 (VC6), although earlier or later versions may work. In particular, the make-like utility used to build this port of ssldump is NMAKE version 6.00.x from Microsoft. The basis for this port is ssldump version 0.9b3. The win32 directory contains the win32-specific stuff, including the NMAKE makefile vcwin32.mak. You need to have your environment variables and PATH correctly setup to properly use the command-line VC6 tools. In the VC6\bin directory is a batch file, VCVARS32.bat, which should set things up correctly. You should run this batch file prior to attempting a build. What you need (besides the ssldump source) ------------------------------------------ You must have downloaded and installed the following from the WinPcap/Windump project: 1. The Winpcap developer's pack, version 2.3, from http://winpcap.polito.it/install/bin/WPdpack_2_3.zip contains the pcap.h and net/bpf.h files, and the pcap import library. Place these in the win32 directory. 2. The Winpcap source code distribution, version 2.3, from http://winpcap.polito.it/install/bin/WPcapSrc_2_3.zip. It contains some .h files commonly found on UNIX systems that ssldump expects. Place these in the win32 directory. 3. The Winpcap auto-installer, version 2.3, from http://winpcap.polito.it/install/bin/WinPcap_2_3_nogui.exe. This is only needed to run ssldump, not needed to build it. It is needed on *any* windows system on which ssldump is run. It installs a device driver and the pcap library DLL. 4. Possibly the Windump utility from http://windump.polito.it/install/bin/WinDump.exe. This is essentially a Windows port of tcpdump, with an extra -D option. This option enumerates the interface names so that you at least have a clue to what to supply the -i option (see below). The win32 directory should look like the following after these files are downloaded and extracted: winpcap WPdpack Ssldump.html vcwin32.mak OpenSSL Support --------------- By default, the OpenSSL libraries are not linked into ssldump. If you want to link in the OpenSSL libraries, you'll need to customize the makefile. First, look for the macro OPENSSL and change its value to "yes". Next, look for the macro OPENSSL_DIR and make sure it points to the openssl distribution on your machine. You must build a version(s) of SSL that links to the static C run-time library; these are distinguished by the use of the compiler flag /MT for release versions, and /MTd for debug versions. Then you must set the OPENSSL_RELEASE and OPENSSL_DEBUG macros to point to the directories that contain the libraries for these versions. If you only intend to build one of either the debug or release versions, you only need to define the corresponding OPENSSL_ macro. Building ssldump ---------------- To build, run (from the ssldump root directory): nmake /f win32\vcwin32.mak all this creates a directory, out32, which contains the object files and the ssldump.exe executable. The build produces a simple command-line ssldump.exe which must be run from a console window (i.e. a DOS box). It builds the release version by default. Set the macro CFG="debug" to build a debug version, e.g. nmake /f vcwin32.mak all CFG="debug". win32\ssldump.html contains an HTML version of the ssldump.1 manpage. You should read this to learn the options. What are the names of the Interfaces? ------------------------------------- One tricky aspect is choosing the correct interface name for the -i option of ssldump. AFAIK, there is no standard windows utility that will give you the correct names for the interfaces. For example, on my system they are named PPPMAC (for the PPP adapter) and CBEN5 (for my Ethernet Adapter). I did find these names in the registry under HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Class\Net\nnnn\NDIS\LogDriverName, but this may be different on other Windows OSes. The Windump utility from the WinPcap folks has an option, -D, to enumerate these interface names. Use the Windump utility or hunt through the registry to find the names of your interfaces. If you don't specify the interface explicitly with the -i option, ssldump will select the 'first' interface and this may be exactly what you want. ssldump-1.1/Makefile.in000066400000000000000000000117551354171271700151300ustar00rootroot00000000000000# Copyright (C) 1999-2000 RTFM, Inc. # All Rights Reserved # This package is a SSLv3/TLS protocol analyzer written by Eric # Rescorla and licensed by RTFM, Inc. # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # 3. All advertising materials mentioning features or use of this # software must display the following acknowledgement: # # This product includes software developed by Eric Rescorla for # RTFM, Inc. # 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may # be used to endorse or promote products derived from this software # without specific prior written permission. # THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A # PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR # CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF # USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND # ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT # OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY # SUCH DAMAGE. CC=@CC@ all: ssldump PACKAGE_TARNAME=@PACKAGE_TARNAME@ PACKAGE_VERSION=@PACKAGE_VERSION@ OBJSUFFIX=o LIBSUFFIX=a INSTALL=@INSTALL@ prefix=@prefix@ exec_prefix=@exec_prefix@ sbindir=@sbindir@ mandir=@mandir@ datarootdir=@datarootdir@ docdir=@docdir@ RM=rm -f ROOT=./ ANALYZE_SRCDIR=$(ROOT)base/ COMMONDIR=common/ COMMON_LIB_SRCDIR=$(COMMONDIR)lib/ ANALYZE_NULL_SRCDIR=$(ROOT)null/ ANALYZE_SSL_SRCDIR=$(ROOT)ssl/ ANALYZE_RECORD_SRCDIR=$(ROOT)@RECORD_MOD@/ include rules.mk include $(COMMON_LIB_SRCDIR)/targets.mk include $(ANALYZE_SRCDIR)targets.mk include $(ANALYZE_NULL_SRCDIR)targets.mk include $(ANALYZE_SSL_SRCDIR)targets.mk include $(ANALYZE_RECORD_SRCDIR)targets.mk INCLUDES += -I$(COMMONDIR)include/ -I$(ANALYZE_NULL_SRCDIR) -I$(ANALYZE_SSL_SRCDIR) DEFINES += @DEFINES@ INCLUDES += @INCLUDES@ LIBS += @LDFLAGS@ @LIBS@ CFLAGS += @CFLAGS@ @DEFS@ .PHONY: clean install dist ssldump: $(OBJECTS) $(CC) $(OBJECTS) -o $@ $(LIBS) clean: rm -f $(OBJECTS) ssldump install: $(INSTALL) -m 755 -d $(sbindir) $(INSTALL) -m 755 -d $(mandir)/man1 $(INSTALL) -m 755 -d $(docdir) $(INSTALL) -m 755 ssldump $(sbindir)/ssldump $(INSTALL) -m 644 ssldump.1 $(mandir)/man1/ssldump.1 $(INSTALL) -m 644 README $(docdir) $(INSTALL) -m 644 README.md $(docdir) $(INSTALL) -m 644 ChangeLog $(docdir) $(INSTALL) -m 644 COPYRIGHT $(docdir) $(INSTALL) -m 644 CREDITS $(docdir) dist: rm -rf dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) mkdir -p dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) ls -1| grep -vx -e dist -e autom4te.cache \ | xargs cp -pR -t dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) make -C dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) clean rm dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION)/Makefile find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name '*~' -exec rm {} \; -print find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name '*.o' -exec rm {} \; -print find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name '#*#' -exec rm {} \; -print find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name '.#*' -exec rm {} \; -print find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name 'CVS' -exec rm -rf {} \; -print find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name '*bak' -exec rm -rf {} \; -print find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name '*.core' -exec rm -rf {} \; -print find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name '*.tr' -exec rm -rf {} \; -print find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name '*.pl' -exec rm -rf {} \; -print find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name '*.pem' -exec rm -rf {} \; -print find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name '*orig' -exec rm -rf {} \; -print find dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION) -name '*.rej' -exec rm -rf {} \; -print rm -f dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION)/config.status rm -f dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION)/config.log rm -f dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION)/config.cache rm -f dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION)/config.h rm -f dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION)/ssl/a.out rm -f dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION)/all tar cf - -C dist $(PACKAGE_TARNAME)-$(PACKAGE_VERSION) \ | gzip >dist/$(PACKAGE_TARNAME)-$(PACKAGE_VERSION).tar.gz ssldump-1.1/README000066400000000000000000000054541354171271700137420ustar00rootroot00000000000000$Id: README,v 1.9 2002/08/17 01:33:15 ekr Exp $ SSLDUMP 0.9b3 ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic. ssldump depends on the libpcap packet capture library. Some systems (e.g. FreeBSD) now have libpcap as part of their standard install. On other systems, you will need to install it. You can obtain the distribution from: http://www.tcpdump.org/ If linked with OpenSSL, ssldump can display certificates in decoded form and decrypt traffic (provided that it has the appropriate keying material). Again, OpenSSL may be installed on your system. Otherwise you can obtain it from: http://www.openssl.org/ See the file INSTALL for instructions on building and installing ssldump. STABILITY This is a beta release of ssldump. The UNIX portions have received extensive testing and are believed to be quite solid. The Windows port is substantially less stable. CHANGES SINCE 0.9b2 Security fix: some potential over and underflows Added support for VLANs. Added -P flag to disable promiscuous mode. Fixed bugs in the TCP reassembly code. A lot of bug fixes. See the ChangeLog for a more complete list of changes. MAILING LIST For support questions and general discussion on ssldump, please subscribe to the ssldump-users mailing list. Subscription is by majordomo. To subscribe, send a message with no subject and a body consisting of the single line: subscribe ssldump-users to majordomo@rtfm.com. Note, you cannot send messages to the list unless you are subscribed. BUG REPORTS Please send bug reports either to the ssldump-users mailing list or to ssldump@rtfm.com. INTEROPERABILITY NOTE Previous versions of ssldump automatically looked for the keyfile in 'server.pem' and used the password 'password'. This version removes those defaults. For decryption to work you MUST specify the keyfile (and password if the keyfile is encrypted.) NEW VERSIONS Newer versions of ssldump can be found at: http://www.rtfm.com/ssldump/ SSL REFERENCES The SSLv3 specification can be found at: http://home.netscape.com/eng/ssl3/draft302.txt The TLS specification is in RFC 2246 and can be found at: http://www.ietf.org/rfc/rfc2246.txt SHAMELESS PLUG Extremely detailed coverage of SSL/TLS can be found in _SSL_and_TLS:_Designing_and_Building_Secure_Systems_ Eric Rescorla Addison-Wesley, 2001 ISBN 0-201-61598-3 _SSL_and_TLS_ makes extensive use of ssldump to demonstrate real-life SSL behavior. If you like ssldump and want to learn about SSL, you might consider buying my book. ssldump-1.1/README.md000066400000000000000000000027271354171271700143410ustar00rootroot00000000000000 # (unofficial repository) of ssldump SSLDUMP 0.9b3 + a myriad of patches (from Debian and other distributions + contribution (via PR)) ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic. [original and (old) README](README) # Why do you maintain this repository? Because it's a mess. The software maintenance process for old free (unmaintained) software like ssldump is a complete chaotic process. I do this to ease my pain and this could help other too (but this is just a collateral damage). # Where do you use ssldump? I used it for a relatively small project called Passive SSL. For more information, [Passive SSL Passive Detection and Reconnaissance Techniques, to Find, Track, and Attribute Vulnerable ”Devices”](https://www.first.org/resources/papers/conf2015/first_2015_-_leverett_-_dulaunoy_-_passive_detection_20150604.pdf). Additional back-end code available is in the [crl-monitor ](https://github.com/adulau/crl-monitor/tree/master/bin/x509) repository. ## Contributing The contributing policy is simple. If you have a patch to propose, make a pull-request via the interface. If the patch works for me, it's merged. ssldump-1.1/base/000077500000000000000000000000001354171271700137645ustar00rootroot00000000000000ssldump-1.1/base/common.c000066400000000000000000000044571354171271700154320ustar00rootroot00000000000000/** common.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: common.c,v 1.2 2000/10/17 16:09:57 ekr Exp $ ekr@rtfm.com Tue Dec 29 09:59:39 1998 */ static char *RCSSTRING="$Id: common.c,v 1.2 2000/10/17 16:09:57 ekr Exp $"; #include int xdump(label,data,len) char *label; UCHAR *data; int len; { int i; printf("%s[%d]",label,len); for(i=0;i8) && !(i%20)) printf("\n"); printf("%.2x ",data[i]&255); } printf("\n"); return(0); } ssldump-1.1/base/debug.c000066400000000000000000000043711354171271700152230ustar00rootroot00000000000000/** debug.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: debug.c,v 1.2 2000/10/17 16:09:57 ekr Exp $ ekr@rtfm.com Wed Jan 6 17:08:58 1999 */ static char *RCSSTRING="$Id: debug.c,v 1.2 2000/10/17 16:09:57 ekr Exp $"; #ifdef DEBUG #include #include int debug(int class,char *format,...) { va_list ap; va_start(ap,format); vfprintf(stderr,format,ap); fprintf(stderr,"\n"); return(0); } #endif ssldump-1.1/base/debug.h000066400000000000000000000041271354171271700152270ustar00rootroot00000000000000/** debug.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: debug.h,v 1.2 2000/10/17 16:09:57 ekr Exp $ ekr@rtfm.com Wed Jan 6 17:13:00 1999 */ #ifndef _debug_h #define _debug_h #ifdef DEBUG #define DBG(a) debug a int debug(int class,char *format,...); #else #define DBG(a) #endif #endif ssldump-1.1/base/network.c000066400000000000000000000134001354171271700156170ustar00rootroot00000000000000/** network.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: network.c,v 1.10 2002/09/09 21:02:58 ekr Exp $ ekr@rtfm.com Tue Dec 29 09:52:54 1998 */ static char *RCSSTRING="$Id: network.c,v 1.10 2002/09/09 21:02:58 ekr Exp $"; #include #include #include "network.h" #ifndef _WIN32 #include #include #include #include #endif #include "tcppack.h" #ifdef STDC_HEADERS #include #endif UINT4 NET_print_flags; struct network_handler_ { proto_mod *mod; proto_ctx *ctx; }; int network_handler_create(mod,handlerp) proto_mod *mod; n_handler **handlerp; { int r,_status; n_handler *handler=0; if(!(handler=(n_handler *)malloc(sizeof(n_handler)))) ABORT(R_NO_MEMORY); if(mod->vtbl->create_ctx){ if(r=mod->vtbl->create_ctx(mod->handle,&handler->ctx)) ABORT(r); } handler->mod=mod; *handlerp=handler; _status=0; abort: if(_status){ network_handler_destroy(&handler); } return(_status); } int network_handler_destroy(handlerp) n_handler **handlerp; { if(!handlerp || !*handlerp) return(0); free(*handlerp); *handlerp=0; return(0); } int network_process_packet(handler,timestamp,data,length) n_handler *handler; struct timeval *timestamp; UCHAR *data; int length; { int r; int hlen; packet p; u_short off; /*We can pretty much ignore all the options*/ memcpy(&p.ts,timestamp,sizeof(struct timeval)); p.base=data; p._len=length; p.data=data; p.len=length; p.ip=(struct ip *)data; /*Handle, or rather mishandle, fragmentation*/ off=ntohs(p.ip->ip_off); if((off & 0x1fff) || /*Later fragment*/ (off & 0x2000)){ /*More fragments*/ /* fprintf(stderr,"Fragmented packet! rejecting\n"); */ return(0); } hlen=p.ip->ip_hl * 4; p.data += hlen; p.len = ntohs(p.ip->ip_len); if (p.len == 0) { DBG((0,"ip length reported as 0, presumed to be because of 'TCP segmentation offload' (TSO)\n")); p.len = p._len; } p.len -= hlen; switch(p.ip->ip_p){ case IPPROTO_TCP: if(r=process_tcp_packet(handler->mod,handler->ctx,&p)) ERETURN(r); break; } return(0); } int packet_copy(in,out) packet *in; packet **out; { int _status; packet *p=0; if(!(p=(packet *)calloc(1,sizeof(packet)))) ABORT(R_NO_MEMORY); memcpy(&p->ts,&in->ts,sizeof(struct timeval)); if(!(p->base=(UCHAR *)malloc(in->_len))) ABORT(R_NO_MEMORY); memcpy(p->base,in->base,p->_len=in->_len); p->data=p->base + (in->data - in->base); p->len=in->len; p->ip=(struct ip *)(p->base + ((UCHAR *)in->ip - in->base)); p->tcp=(struct tcphdr *)(p->base + ((UCHAR *)in->tcp - in->base)); *out=p; _status=0; abort: if(_status){ packet_destroy(p); } return(_status); } int packet_destroy(p) packet *p; { if(!p) return(0); FREE(p->base); FREE(p); return(0); } int timestamp_diff(t1,t0,diff) struct timeval *t1; struct timeval *t0; struct timeval *diff; { long d; if(t0->tv_sec > t1->tv_sec) ERETURN(R_BAD_ARGS); /*Easy case*/ if(t0->tv_usec <= t1->tv_usec){ diff->tv_sec=t1->tv_sec - t0->tv_sec; diff->tv_usec=t1->tv_usec - t0->tv_usec; return(0); } /*Hard case*/ d=t0->tv_usec - t1->tv_usec; if(t1->tv_sec < (t0->tv_sec + 1)) ERETURN(R_BAD_ARGS); diff->tv_sec=t1->tv_sec - (t0->tv_sec + 1); diff->tv_usec=1000000 - d; return(0); } int lookuphostname(addr,namep) struct in_addr *addr; char **namep; { struct hostent *ne=0; if(!(NET_print_flags & NET_PRINT_NO_RESOLVE)){ ne=gethostbyaddr((char *)addr,4,AF_INET); } if(!ne){ *namep=strdup((char *)inet_ntoa(*addr)); } else{ *namep=strdup(ne->h_name); } return(0); } ssldump-1.1/base/network.h000066400000000000000000000070251354171271700156320ustar00rootroot00000000000000/** network.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: network.h,v 1.3 2001/09/14 22:29:14 ekr Exp $ ekr@rtfm.com Tue Dec 29 09:53:50 1998 */ #ifndef _network_h #define _network_h #include #include #include #include #ifndef _WIN32 #include #include #else #include #endif #include #include #include #include #include typedef struct network_handler_ n_handler; typedef struct proto_mod_ proto_mod; typedef struct proto_handler_ proto_handler; typedef struct packet_ packet; int network_handler_create PROTO_LIST((proto_mod *mod, n_handler **handlerp)); int network_handler_destroy PROTO_LIST((n_handler **handlerp)); int network_process_packet PROTO_LIST((n_handler *handler, struct timeval *timestamp,UCHAR *data,int length)); int packet_copy PROTO_LIST((packet *in,packet **out)); int packet_destroy PROTO_LIST((packet *p)); int timestamp_diff PROTO_LIST(( struct timeval *t1,struct timeval *t0, struct timeval *diff)); int lookuphostname PROTO_LIST((struct in_addr *addr,char **name)); struct packet_ { struct timeval ts; UCHAR *base; /*The base of the packet*/ int _len; UCHAR *data; /*The data ptr appropriate to this layer*/ int len; /*The length of the data segment*/ /*These just save us the effort of doing casts to the data segments*/ struct ip *ip; /*The IP header*/ struct tcphdr *tcp; /*The TCP header*/ }; #include "tcpconn.h" #include "proto_mod.h" extern UINT4 NET_print_flags; #define NET_PRINT_TCP_HDR 1 #define NET_PRINT_TYPESET 2 #define NET_PRINT_ACKS 4 #define NET_PRINT_NO_RESOLVE 8 #endif ssldump-1.1/base/pcap-snoop.c000066400000000000000000000303151354171271700162110ustar00rootroot00000000000000/** pcap-snoop.c Copyright (C) 1999-2001 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: pcap-snoop.c,v 1.14 2002/09/09 21:02:58 ekr Exp $ ekr@rtfm.com Tue Dec 29 10:17:41 1998 */ static char *RCSSTRING="$Id: pcap-snoop.c,v 1.14 2002/09/09 21:02:58 ekr Exp $"; #include #include #include #ifndef _WIN32 #include #endif #include #ifndef _WIN32 #include #include #else #include #include #endif #include #include #include #include "network.h" #include #include #include "null_analyze.h" #include "ssl_analyze.h" #ifdef ENABLE_RECORD #include "record_analyze.h" #endif #ifndef ETHERTYPE_8021Q # define ETHERTYPE_8021Q 0x8100 #endif char *collapse_args PROTO_LIST((int argc,char **argv)); static int pcap_if_type=DLT_NULL; int err_exit PROTO_LIST((char *str,int num)); int usage PROTO_LIST((void)); int print_version PROTO_LIST((void)); RETSIGTYPE sig_handler PROTO_LIST((void)); void pcap_cb PROTO_LIST((u_char *ptr,struct pcap_pkthdr *hdr,u_char *data)); int main PROTO_LIST((int argc,char **argv)); int packet_cnt = 0; // Packet counter used for connection pool cleaning int conn_freq = 100; // Number of packets after which a connection pool // cleaning is performed int conn_ttl = 100; // TTL of inactive connections in connection pool struct timeval last_packet_seen_time = // Timestamp of the last packet of the (struct timeval) {0}; // last block of conn_freq packets seen int err_exit(str,num) char *str; int num; { fprintf(stderr,"ERROR: %s\n",str); exit(num); } int usage() { fprintf(stderr,"Usage: ssldump [-r dumpfile] [-i interface] [-l sslkeylogfile] \n"); fprintf(stderr," [-k keyfile] [-p password] [-vtaTnsAxVNde]\n"); fprintf(stderr," [filter]\n"); exit(0); } int print_version() { printf(PACKAGE_STRING "\n"); printf("Copyright (C) 1998-2001 RTFM, Inc.\n"); printf("All rights reserved.\n"); #ifdef OPENSSL printf("Compiled with OpenSSL: decryption enabled\n"); #endif exit(0); } RETSIGTYPE sig_handler() { fflush(stdout); exit(0); } void pcap_cb(ptr,hdr,data) u_char *ptr; struct pcap_pkthdr *hdr; u_char *data; { n_handler *n; int len; struct ether_header *e_hdr=(struct ether_header *)data; int type, cleaned_conn; n=(n_handler *)ptr; if(hdr->caplen!=hdr->len) err_exit("Length mismatch",-1); len=hdr->len; switch(pcap_if_type){ case DLT_RAW: #ifdef DLT_LOOP case DLT_LOOP: #endif case DLT_NULL: data+=4; len-=4; break; case DLT_EN10MB: type=ntohs(e_hdr->ether_type); data+=sizeof(struct ether_header); len-=sizeof(struct ether_header); /* if vlans, push past VLAN header (4 bytes) */ if(type==ETHERTYPE_8021Q) { type=ntohs(*(u_int16_t *)(data + 2)); data+=4; len+=4; } if(type!=ETHERTYPE_IP) return; break; case DLT_IEEE802: data+=22; len-=22; break; case DLT_FDDI: data+=21; len-=21; break; #ifdef __amigaos__ case DLT_MIAMI: data+=16; len-=16; break; #endif case DLT_SLIP: #ifdef DLT_SLIP_BSDOS case DLT_SLIP_BSDOS: #endif #if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__) data+=16; len-=16; #else data+=24; len-=24; #endif break; case DLT_PPP: #ifdef DLT_PPP_BSDOS case DLT_PPP_BSDOS: #endif #ifdef DLT_PPP_SERIAL case DLT_PPP_SERIAL: #endif #ifdef DLT_PPP_ETHER case DLT_PPP_ETHER: #endif #if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__bsdi__) || defined(__APPLE__) data+=4; len-=4; #else #if defined(sun) || defined(__sun) data+=8; len-=8; #else data+=24; len-=24; #endif #endif break; #ifdef DLT_ENC case DLT_ENC: data+=12; len-=12; break; #endif #ifdef DLT_LINUX_SLL case DLT_LINUX_SLL: data+=16; len-=16; break; #endif #ifdef DLT_IPNET case DLT_IPNET: data+=24; len-=24; break; #endif } network_process_packet(n,&hdr->ts,data,len); if(packet_cnt == conn_freq) { packet_cnt = 0; memcpy(&last_packet_seen_time,&hdr->ts,sizeof(struct timeval)); if(cleaned_conn = clean_old_conn()) printf("%d inactive connection(s) cleaned from connection pool\n", cleaned_conn); } else { packet_cnt++; } } typedef struct module_def_ { char *name; proto_mod *mod; } module_def; static module_def modules[]={ {"SSL",&ssl_mod}, {"NULL",&null_mod}, #ifdef ENABLE_RECORD {"RECORD",&record_mod}, #endif {0,0} }; int parse_ssl_flag PROTO_LIST((int c)); int main(argc,argv) int argc; char **argv; { pcap_t *p; int r; n_handler *n; #ifdef _WIN32 __declspec(dllimport) char *optarg; __declspec(dllimport) int optind; #else extern char *optarg; extern int optind; #endif char *interface_name=0; char *file=0; char *filter=0; proto_mod *mod=&ssl_mod; bpf_u_int32 localnet,netmask; int c; module_def *m=0; int no_promiscuous=0; char errbuf[PCAP_ERRBUF_SIZE]; signal(SIGINT,sig_handler); while((c=getopt(argc,argv,"vr:F:f:S:yTt:ai:k:l:p:nsAxXhHVNdqem:P"))!=EOF){ switch(c){ case 'v': print_version(); break; case 'f': fprintf(stderr,"-f option replaced by -r. Use that in the future\n"); case 'r': file=strdup(optarg); break; case 'S': ssl_mod.vtbl->parse_flags(optarg); break; case 'y': NET_print_flags|=NET_PRINT_TYPESET; /*Kludge*/ SSL_print_flags |= SSL_PRINT_NROFF; break; case 'a': NET_print_flags |= NET_PRINT_ACKS; break; case 'A': SSL_print_flags |= SSL_PRINT_ALL_FIELDS; break; case 'T': NET_print_flags |= NET_PRINT_TCP_HDR; break; case 'i': interface_name=strdup(optarg); break; case 'k': SSL_keyfile=strdup(optarg); break; case 'l': SSL_keylogfile=strdup(optarg); break; case 'p': SSL_password=strdup(optarg); break; case 'P': ++no_promiscuous; break; case 'n': NET_print_flags |= NET_PRINT_NO_RESOLVE; break; case 't': conn_ttl=atoi(optarg); break; case 'F': conn_freq=atoi(optarg); break; case 'm': for(m=modules;m->name!=0;m++){ if(!strcmp(m->name,optarg)){ mod=m->mod; break; } } if(!m->name){ fprintf(stderr,"Request analysis module %s not found\n", optarg); exit(1); } break; case 'h': usage(); printf("Do 'man ssldump' for documentation\n"); exit(1); case '?': usage(); exit(1); /* must be an SSL flag. This is kind of a gross special case */ default: parse_ssl_flag(c); break; } } argv+=optind; argc-=optind; if(!file){ if(!interface_name){ interface_name=pcap_lookupdev(errbuf); if(!interface_name){ fprintf(stderr,"PCAP: %s\n",errbuf); err_exit("Aborting",-1); } } if(!(p=pcap_open_live(interface_name,65535,!no_promiscuous,1000,errbuf))){ fprintf(stderr,"PCAP: %s\n",errbuf); err_exit("Aborting",-1); } if (pcap_lookupnet(interface_name, &localnet, &netmask, errbuf) < 0) fprintf(stderr,"PCAP: %s\n", errbuf); } else{ if(!(p=pcap_open_offline(file,errbuf))){ fprintf(stderr,"PCAP: %s\n",errbuf); err_exit("Aborting",-1); } netmask=0; localnet=0; } if(argc!=0) filter=collapse_args(argc,argv); if(filter){ struct bpf_program fp; /* (F5 patch) * reformat filter to include traffic with or without the 802.1q * vlan header. for example, "port 80" becomes: * "( port 80 ) or ( vlan and port 80 )". * note that if the filter includes the literals vlan, tagged, or * untagged, then it is assumed that the user knows what she is * doing, and the filter is not reformatted. */ if ((pcap_datalink(p) == DLT_EN10MB) && (filter != NULL) && (strstr(filter,"vlan") == NULL)) { char *tmp_filter; char *fmt = "( (not ether proto 0x8100) and (%s) ) or ( vlan and (%s) )"; tmp_filter = (char *)malloc((strlen(filter) * 2) + strlen(fmt) + 1); if (tmp_filter == NULL) { fprintf(stderr,"PCAP: malloc failed\n"); err_exit("Aborting",-1); } sprintf(tmp_filter,fmt,filter,filter); free(filter); filter = tmp_filter; } if(pcap_compile(p,&fp,filter,0,netmask)<0) verr_exit("PCAP: %s\n",pcap_geterr(p)); if(pcap_setfilter(p,&fp)<0) verr_exit("PCAP: %s\n",pcap_geterr(p)); } pcap_if_type=pcap_datalink(p); if(NET_print_flags & NET_PRINT_TYPESET) printf("\n.nf\n.ps -2\n"); if(r=network_handler_create(mod,&n)) err_exit("Couldn't create network handler",r); pcap_loop(p,-1,pcap_cb,(u_char *)n); if(NET_print_flags & NET_PRINT_TYPESET) printf("\n.ps\n.fi\n"); printf("Cleaning %d remaining connection(s) from connection pool\n", destroy_all_conn()); pcap_close(p); free(n); if(filter) free(filter); if(file) free(file); if(interface_name) free(interface_name); if(SSL_keyfile) free(SSL_keyfile); if(SSL_keylogfile) free(SSL_keylogfile); if(SSL_password) free(SSL_password); exit(0); } char *collapse_args(argc,argv) int argc; char **argv; { int i,len=0; char *ret; if(!argc) return(0); for(i=0;i and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: print_utils.c,v 1.2 2000/10/17 16:09:58 ekr Exp $ ekr@rtfm.com Mon Feb 15 17:23:36 1999 */ static char *RCSSTRING="$Id: print_utils.c,v 1.2 2000/10/17 16:09:58 ekr Exp $"; int explain(char *format,...) { va_list ap; va_start(ap,format); INDENT; vprintf(format,ap); va_end(ap); return(0); } int exdump(name,data) char *name; Data *data; { int i,j; char prefix[100]; INDENT; if(name){ sprintf(prefix,"%s[%d]=\n",name,data->len); printf("%s",prefix); INDENT_INCR; } for(i=0;ilen;i++){ if(!i && (data->len>8)) INDENT; if((data->len>8) && i && !(i%12)){ printf("\n"); INDENT; } printf("%.2x ",data->data[i]&255); } if(name) INDENT_POP; if(data->len>8 && i%12) printf("\n"); return(0); } ssldump-1.1/base/print_utils.h000066400000000000000000000041501354171271700165110ustar00rootroot00000000000000/** print_utils.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: print_utils.h,v 1.2 2000/10/17 16:09:58 ekr Exp $ ekr@rtfm.com Mon Feb 15 17:23:56 1999 */ #ifndef _print_utils_h #define _print_utils_h int explain PROTO_LIST((char *format,...)); int exdump PROTO_LIST((char *name, Data *data)); #endif ssldump-1.1/base/proto_mod.c000066400000000000000000000056271354171271700161440ustar00rootroot00000000000000/** proto_mod.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: proto_mod.c,v 1.3 2001/07/20 23:33:14 ekr Exp $ ekr@rtfm.com Thu Jan 7 22:35:23 1999 */ static char *RCSSTRING="$Id: proto_mod.c,v 1.3 2001/07/20 23:33:14 ekr Exp $"; #include "network.h" int create_proto_handler(mod,ctx,handlerp,conn,first_packet) proto_mod *mod; proto_ctx *ctx; proto_handler **handlerp; tcp_conn *conn; struct timeval *first_packet; { int r,_status; proto_handler *handler=0; if(!(handler=(proto_handler *)calloc(1,sizeof(proto_handler)))) ABORT(R_NO_MEMORY); handler->vtbl=mod->vtbl; if(r=mod->vtbl->create(mod->handle,ctx,conn,&handler->obj, &conn->i_addr,conn->i_port,&conn->r_addr,conn->r_port,first_packet)) ABORT(r); *handlerp=handler; _status=0; abort: if(_status){ destroy_proto_handler(&handler); } return(_status); } int destroy_proto_handler(handlerp) proto_handler **handlerp; { if(!handlerp || !*handlerp) return(0); (*handlerp)->vtbl->destroy(&(*handlerp)->obj); free(*handlerp); *handlerp=0; return(0); } ssldump-1.1/base/proto_mod.h000066400000000000000000000061271354171271700161450ustar00rootroot00000000000000/** proto_mod.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: proto_mod.h,v 1.4 2001/11/26 22:28:16 ekr Exp $ ekr@rtfm.com Thu Dec 24 21:10:05 1998 */ #ifndef _proto_mod_h #define _proto_mod_h typedef struct proto_obj_ proto_obj; typedef struct proto_ctx_ proto_ctx; #define DIR_I2R 1 #define DIR_R2I 2 struct proto_mod_vtbl_ { int (*parse_flags) PROTO_LIST((char *str)); int (*parse_flag) PROTO_LIST((int flag)); int (*create_ctx) PROTO_LIST((void *handle,proto_ctx **ctxp)); int (*create) PROTO_LIST((void *handle,proto_ctx *ctx, tcp_conn *conn, proto_obj **objp, struct in_addr *i_addr,u_short i_port, struct in_addr *r_addr,u_short r_port,struct timeval *time_base)); int (*destroy) PROTO_LIST((proto_obj **objp)); int (*data) PROTO_LIST((proto_obj *obj,segment *data,int direction)); int (*close) PROTO_LIST((proto_obj *obj,packet *p,int direction)); }; struct proto_mod_ { void *handle; struct proto_mod_vtbl_ *vtbl; }; struct proto_handler_ { proto_obj *obj; struct proto_mod_vtbl_ *vtbl; }; int create_proto_handler PROTO_LIST((proto_mod *mod,proto_ctx *ctx, proto_handler **handlerp, tcp_conn *conn,struct timeval *first_packet)); int destroy_proto_handler PROTO_LIST((proto_handler **handlerp)); #endif ssldump-1.1/base/targets.mk000066400000000000000000000163131354171271700157720ustar00rootroot00000000000000# # targets.mk # # $Source: /usr/local/CVS/ssldump/base/targets.mk,v $ # $Revision: 1.3 $ # $Date: 2002/08/17 01:33:16 $ # $Name: $ # $Disclaimer$ # # Copyright (C) 2001, Terisa Systems, Inc. # All Rights Reserved. # # ekr@terisa.com # # # CONFIGURE USER-DEFINED MAKE ENVIRONMENT # # These fields are specified by the user. The remainder of # this file is generated from this user-specified information. # # ANALYZE_DEFINES: # cpp defines, with the -D flag preceeding each # # ANALYZE_INCLUDES: # cpp include directories, with the -I flag preceeding each # # ANALYZE_INTERNAL: # headers files which are local to a specific module directory, # and should not be used by other parts of the toolkit or by # the user # # ANALYZE_LIBNAME: # the library associated with this module directory, used in # most cases for debugging purposes # # ANALYZE_LIBPATHS: # link-time directories to search for libraries, with the -L flag # preceeding each # # ANALYZE_LIBRARIES: # link-time libraries, with the -l flag preceeding each # # ANALYZE_LOCALFLAGS: # compile-time flags specific to compiling only the files in # this module directory--this variable should only be set in # extremely exceptional cases # # ANALYZE_MAKEFILES: # the makefiles # # ANALYZE_PREFIX: # defines the module name, which also serves as the # prefix for all the variable names defined in this file # # ANALYZE_PRIVATE: # the private, for-toolkit-use-only API header files # # ANALYZE_PROGRAMS: # programs to build # # ANALYZE_PUBLIC: # the header files that define the public API for the toolkit # and any other 'public' files that should be copied to # the build directory # # ANALYZE_SOURCES: # the source files to compile to object # ANALYZE_DEFINES = ANALYZE_INCLUDES = -I$(ANALYZE_SRCDIR) ANALYZE_INTERNAL = ANALYZE_LIBNAME = ANALYZE_LIBPATHS = ANALYZE_LIBRARIES = ANALYZE_LOCALFLAGS = ANALYZE_MAKEFILES = targets.mk ANALYZE_PREFIX = ANALYZE ANALYZE_PRIVATE = network.h proto_mod.h tcpconn.h tcppack.h ANALYZE_PROGRAMS = ANALYZE_PUBLIC = ANALYZE_SOURCES = network.c pcap-snoop.c proto_mod.c tcpconn.c \ tcppack.c # # CONFIGURE AUTOMATICALLY-GENERATED MAKE ENVIRONMENT # # ANALYZE_OBJECTS: # object files to build # # ANALYZE_UNUSED: # obsolete files in the module directory that are not # used during the build process # # ANALYZE_USED: # all files in the module directory that are used # during the build process # ANALYZE_OBJECTS = network.$(OBJSUFFIX) pcap-snoop.$(OBJSUFFIX) \ proto_mod.$(OBJSUFFIX) tcpconn.$(OBJSUFFIX) \ tcppack.$(OBJSUFFIX) ANALYZE_UNUSED = common.c debug.c debug.h print_utils.c \ print_utils.h ANALYZE_USED = $(ANALYZE_INTERNAL:%=$(ANALYZE_SRCDIR)%) \ $(ANALYZE_MAKEFILES:%=$(ANALYZE_SRCDIR)%) \ $(ANALYZE_PRIVATE:%=$(ANALYZE_SRCDIR)%) \ $(ANALYZE_PUBLIC:%=$(ANALYZE_SRCDIR)%) \ $(ANALYZE_SOURCES:%=$(ANALYZE_SRCDIR)%) # # NOTES # # The following variables may be used during the build process, # but are not defined in this file. If they are to be set # to something other than the default blank, then they must # be set by the calling make system. # # ANALYZE_SRCDIR: # if the build target directory is different from the # module directory (the source directory), then this # variable contains the relative or full path of # the module directory # # LIBARS: # the library archive files (with fully-specified paths) that # executables built from this module directory depend upon # # LIBPATHS: # the paths to search for library archives (specified with # the -L) # # LIBRARIES: # the libraries to use while building executables from # this module directory (specified with the -l) # # # GLOBAL ENVIRONMENT # DEFINES += $(ANALYZE_DEFINES) INCLUDES += $(ANALYZE_INCLUDES) LIBPATHS += $(ANALYZE_LIBPATHS) LIBRARIES += $(ANALYZE_LIBRARIES) OBJECTS += $(ANALYZE_OBJECTS) PUBLIC += $(ANALYZE_PUBLIC) # # GENERIC DEPENDENCIES # # default: # default dependency, must be the first dependency in this makefile # # all: # build everything in this module directory # # build: # make only the toolkit build files of this module directory # # ci: # perform an RCS check-in of this module directory # # clean: # remove the compiled files # # clean_public: # remove the public header files that have been copied # to a public build directory # # objects: # build the object files (this dependency is used for # building the toolkit library) # # private: # build only the private API header files # # public: # build only the public API header files # default: $(ANALYZE_LIBNAME) default: $(ANALYZE_PROGRAMS) all: $(ANALYZE_PUBLIC) all: $(ANALYZE_OBJECTS) all: $(ANALYZE_LIBNAME) all: $(ANALYZE_PROGRAMS) build: $(ANALYZE_PUBLIC) build: $(ANALYZE_OBJECTS) ci: analyze_ci clean: analyze_clean clean_public: analyze_clean_public objects: $(ANALYZE_OBJECTS) private: $(ANALYZE_PRIVATE) public: $(ANALYZE_PUBLIC) # # LOCAL UTILITY DEPENDENCIES # # utility dependencies are necessary because of some # make-isms having to do with dependencies # analyze_ci: $(CI) $(CIFLAGS) $(ANALYZE_USED) analyze_clean: $(RM) $(RMFLAGS) $(ANALYZE_OBJECTS) $(ANALYZE_LIBNAME) $(ANALYZE_PROGRAMS) analyze_clean_public: $(RM) $(RMFLAGS) $(ANALYZE_PUBLIC) analyze_objects: $(ANALYZE_OBJECTS) analyze_programs: $(ANALYZE_PROGRAMS) analyze_public: $(ANALYZE_PUBLIC) # # BUILD DEPENDENCIES # # build dependencies invoke the rule used to build each # class of file # $(ANALYZE_LIBNAME): $(AR) $(ARFLAGS) $@ $? $(RANLIB) $@ $(ANALYZE_OBJECTS): $(COMPILE.c) $(ANALYZE_SRCDIR)$(@:%.$(OBJSUFFIX)=%.c) $(DEFINES) $(INCLUDES) $(ANALYZE_LOCALFLAGS) $(ANALYZE_PUBLIC): $(CP) $(CPFLAGS) $(ANALYZE_SRCDIR)$@ $@ $(ANALYZE_PROGRAMS): $(LINK.c) -o $@ $@.$(OBJSUFFIX) $(LDLIBS) $(LIBS) $(LIBRARIES) $(LIBPATHS) #LIBS above is obsolete (use LIBARARIES instead) # # FILE DEPENDENCIES # # file dependencies state, for each file that is built, # which file(s) it depends upon # network.$(OBJSUFFIX): $(ANALYZE_SRCDIR)network.h network.$(OBJSUFFIX): $(ANALYZE_SRCDIR)network.c pcap-snoop.$(OBJSUFFIX): $(ANALYZE_SRCDIR)pcap-snoop.c proto_mod.$(OBJSUFFIX): $(ANALYZE_SRCDIR)proto_mod.h proto_mod.$(OBJSUFFIX): $(ANALYZE_SRCDIR)proto_mod.c tcpconn.$(OBJSUFFIX): $(ANALYZE_SRCDIR)tcpconn.h tcpconn.$(OBJSUFFIX): $(ANALYZE_SRCDIR)tcpconn.c tcppack.$(OBJSUFFIX): $(ANALYZE_SRCDIR)tcppack.h tcppack.$(OBJSUFFIX): $(ANALYZE_SRCDIR)tcppack.c $(ANALYZE_LIBNAME): $(ANALYZE_OBJECTS) ssldump-1.1/base/tcpconn.c000066400000000000000000000135401354171271700155770ustar00rootroot00000000000000/** tcpconn.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: tcpconn.c,v 1.7 2002/08/17 01:33:16 ekr Exp $ ekr@rtfm.com Tue Dec 29 15:13:03 1998 */ static char *RCSSTRING="$Id: tcpconn.c,v 1.7 2002/08/17 01:33:16 ekr Exp $"; #include "network.h" #include "tcpconn.h" typedef struct conn_struct_ { tcp_conn conn; struct conn_struct_ *next; struct conn_struct_ *prev; } conn_struct; int conn_number=1; static conn_struct *first_conn=0; extern struct timeval last_packet_seen_time; extern int conn_ttl; static int zero_conn PROTO_LIST((tcp_conn *conn)); static int zero_conn(conn) tcp_conn *conn; { memset(conn,0,sizeof(tcp_conn)); return(0); } int tcp_find_conn(connp,directionp,saddr,sport,daddr,dport) tcp_conn **connp; int *directionp; struct in_addr *saddr; u_short sport; struct in_addr *daddr; u_short dport; { conn_struct *conn; for(conn=first_conn;conn;conn=conn->next){ if(sport == conn->conn.i_port && dport==conn->conn.r_port){ if(!memcmp(saddr,&conn->conn.i_addr,sizeof(struct in_addr)) && !memcmp(daddr,&conn->conn.r_addr,sizeof(struct in_addr))) { *directionp=DIR_I2R; *connp=&(conn->conn); return(0); } } if(dport == conn->conn.i_port && sport==conn->conn.r_port){ if(!memcmp(saddr,&conn->conn.r_addr,sizeof(struct in_addr)) && !memcmp(daddr,&conn->conn.i_addr,sizeof(struct in_addr))) { *directionp=DIR_R2I; *connp=&(conn->conn); return(0); } } } return(R_NOT_FOUND); } int tcp_create_conn(connp,i_addr,i_port,r_addr,r_port) tcp_conn **connp; struct in_addr *i_addr; u_short i_port; struct in_addr *r_addr; u_short r_port; { conn_struct *conn=0; if(!(conn=(conn_struct *)malloc(sizeof(conn_struct)))) return(R_NO_MEMORY); conn->prev=0; zero_conn(&conn->conn); conn->conn.backptr=conn; conn->conn.conn_number=conn_number++; memcpy(&conn->conn.i_addr,i_addr,sizeof(struct in_addr)); conn->conn.i_port=i_port; memcpy(&conn->conn.r_addr,r_addr,sizeof(struct in_addr)); conn->conn.r_port=r_port; *connp=&(conn->conn); /* Insert at the head of the list */ conn->next=first_conn; if(first_conn) first_conn->prev=conn; first_conn=conn; return(0); } int tcp_destroy_conn(conn) tcp_conn *conn; { conn_struct *c=conn->backptr; /* Detach from the list */ if(c->next){ c->next->prev=c->prev; } if(c->prev){ c->prev->next=c->next; } else { first_conn=c->next; } destroy_proto_handler(&conn->analyzer); free_tcp_segment_queue(conn->i2r.oo_queue); free_tcp_segment_queue(conn->r2i.oo_queue); zero_conn(conn); free(conn->backptr); free(conn); return(0); } int clean_old_conn() { conn_struct *conn; tcp_conn *tcpconn; struct timeval dt; int i = 0; if(!last_packet_seen_time.tv_sec) return 0; // Still processing first block of packets conn = first_conn; while(conn) { tcpconn = &conn->conn; conn=conn->next; timestamp_diff(&last_packet_seen_time, &tcpconn->last_seen_time, &dt); if(dt.tv_sec > conn_ttl) { i++; tcp_destroy_conn(tcpconn); } } return i; } int destroy_all_conn() { conn_struct *conn; int i = 0,r; while(first_conn) { i++; tcp_destroy_conn(&first_conn->conn); } return i; } int free_tcp_segment_queue(seg) segment *seg; { segment *tmp; while(seg){ tmp=seg->next; packet_destroy(seg->p); free(seg); seg=tmp; } return(0); } int copy_tcp_segment_queue(out,in) segment **out; segment *in; { int r,_status; segment *base=0; for(;in;in=in->next){ if(!(*out=(segment *)calloc(1,sizeof(segment)))) ABORT(R_NO_MEMORY); if(!base) base=*out; if(r=packet_copy(in->p,&(*out)->p)) ABORT(r); out=&(*out)->next; /* Move the pointer we're assigning to */ } _status=0; abort: if(_status){ free_tcp_segment_queue(base); } return(_status); } ssldump-1.1/base/tcpconn.h000066400000000000000000000067501354171271700156110ustar00rootroot00000000000000/** tcpconn.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: tcpconn.h,v 1.4 2001/07/20 23:33:15 ekr Exp $ ekr@rtfm.com Tue Dec 29 13:00:52 1998 */ #ifndef _tcpconn_h #define _tcpconn_h typedef struct segment_ { u_char *data; u_int len; tcp_seq s_seq; packet *p; struct segment_ *next; } segment; typedef struct stream_data_ { tcp_seq seq; tcp_seq ack; short close; segment *oo_queue; } stream_data; typedef struct tcp_conn_ { int conn_number; int state; #define TCP_STATE_SYN1 1 #define TCP_STATE_SYN2 2 #define TCP_STATE_ACK 3 #define TCP_STATE_ESTABLISHED 4 #define TCP_STATE_FIN1 5 #define TCP_STATE_CLOSED 6 /*The address which sent the first SYN*/ struct in_addr i_addr; u_short i_port; /*The address which sent the second SYN*/ struct in_addr r_addr; u_short r_port; stream_data i2r; /*The stream from initiator to responder*/ stream_data r2i; /*The stream from responder to initiator*/ struct timeval start_time; struct timeval last_seen_time; proto_handler *analyzer; /*The analyzer to call with new data*/ struct conn_struct_ *backptr; } tcp_conn; int tcp_find_conn PROTO_LIST((tcp_conn **connp, int *directionp, struct in_addr *src_addr, u_short src_port, struct in_addr *dst_addr, u_short dst_port)); int tcp_create_conn PROTO_LIST((tcp_conn **connp, struct in_addr *initiator_addr, u_short initiator_port, struct in_addr *responder_addr, u_short responder_port)); int tcp_destroy_conn PROTO_LIST((tcp_conn *conn)); int free_tcp_segment_queue PROTO_LIST((segment *seg)); int copy_tcp_segment_queue PROTO_LIST((segment **out,segment *in)); #endif ssldump-1.1/base/tcppack.c000066400000000000000000000312411354171271700155560ustar00rootroot00000000000000/** tcppack.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: tcppack.c,v 1.11 2002/09/09 21:02:58 ekr Exp $ ekr@rtfm.com Tue Dec 29 12:43:39 1998 */ static char *RCSSTRING="$Id: tcppack.c,v 1.11 2002/09/09 21:02:58 ekr Exp $"; #include "network.h" #ifndef _WIN32 # include # include # ifndef LINUX # include # else # define SEQ_LT(x,y) ((int)((x)-(y))<0) # endif #else # include # define SEQ_LT(x,y) ((int)((x)-(y))<0) #endif #include #include "debug.h" #include "tcpconn.h" #include "tcppack.h" static int process_data_segment PROTO_LIST((tcp_conn *conn, proto_mod *handler,packet *p,stream_data *stream,int direction)); static int new_connection PROTO_LIST((proto_mod *handler,proto_ctx *ctx, packet *p,tcp_conn **connp)); static int print_tcp_packet PROTO_LIST((packet *p)); int STRIM PROTO_LIST((UINT4 _seq,segment *s)); int process_tcp_packet(handler,ctx,p) proto_mod *handler; proto_ctx *ctx; packet *p; { int r,_status; int direction; stream_data *stream; tcp_conn *conn; p->tcp=(struct tcphdr *)p->data; print_tcp_packet(p); if(r=tcp_find_conn(&conn,&direction,&p->ip->ip_src, ntohs(p->tcp->th_sport),&p->ip->ip_dst,ntohs(p->tcp->th_dport))){ if(r!=R_NOT_FOUND) ABORT(r); if((p->tcp->th_flags & TH_SYN)!=TH_SYN){ DBG((0,"TCP: rejecting packet from unknown connection, seq: %u\n",ntohl(p->tcp->th_seq))); return(0); } if(r=new_connection(handler,ctx,p,&conn)) ABORT(r); return(0); } stream=direction==DIR_R2I?&conn->r2i:&conn->i2r; memcpy(&conn->last_seen_time,&p->ts,sizeof(struct timeval)); switch(conn->state){ case TCP_STATE_SYN1: if(direction == DIR_R2I && (p->tcp->th_flags & TH_SYN)) { DBG((0,"SYN2 seq: %u",ntohl(p->tcp->th_seq))); conn->r2i.seq=ntohl(p->tcp->th_seq)+1; conn->r2i.ack=ntohl(p->tcp->th_ack)+1; conn->state=TCP_STATE_ACK; } break; case TCP_STATE_SYN2: if(direction == DIR_I2R && (p->tcp->th_flags & TH_SYN)) { DBG((0,"SYN1 seq: %u",ntohl(p->tcp->th_seq))); conn->i2r.seq=ntohl(p->tcp->th_seq)+1; conn->i2r.ack=ntohl(p->tcp->th_ack)+1; conn->state=TCP_STATE_ACK; } break; case TCP_STATE_ACK: { char *sn=0,*dn=0; if(direction != DIR_I2R) break; DBG((0,"ACK seq: %u",ntohl(p->tcp->th_seq))); conn->i2r.ack=ntohl(p->tcp->th_ack)+1; lookuphostname(&conn->i_addr,&sn); lookuphostname(&conn->r_addr,&dn); if(NET_print_flags & NET_PRINT_TYPESET) printf("\\fC"); printf("New TCP connection #%d: %s(%d) <-> %s(%d)\n", conn->conn_number, sn,conn->i_port, dn,conn->r_port); if(NET_print_flags & NET_PRINT_TYPESET) printf("\\fR"); conn->state=TCP_STATE_ESTABLISHED; free(sn); free(dn); } case TCP_STATE_ESTABLISHED: case TCP_STATE_FIN1: { UINT4 length; if(p->tcp->th_flags & TH_SYN) break; length=p->len - (p->tcp->th_off * 4); if(r=process_data_segment(conn,handler,p,stream,direction)) ABORT(r); } break; default: break; } if(conn->state==TCP_STATE_CLOSED) tcp_destroy_conn(conn); _status=0; abort: return(_status); } static int new_connection(handler,ctx,p,connp) proto_mod *handler; proto_ctx *ctx; packet *p; tcp_conn **connp; { int r,_status; tcp_conn *conn=0; if ((p->tcp->th_flags & (TH_SYN|TH_ACK))==TH_SYN) { if(r=tcp_create_conn(&conn,&p->ip->ip_src,ntohs(p->tcp->th_sport), &p->ip->ip_dst,ntohs(p->tcp->th_dport))) ABORT(r); DBG((0,"SYN1 seq: %u",ntohl(p->tcp->th_seq))); conn->i2r.seq=ntohl(p->tcp->th_seq)+1; conn->i2r.ack=ntohl(p->tcp->th_ack)+1; conn->state=TCP_STATE_SYN1; } else { // SYN&ACK comes first somehow if(r=tcp_create_conn(&conn,&p->ip->ip_dst,ntohs(p->tcp->th_dport), &p->ip->ip_src,ntohs(p->tcp->th_sport))) ABORT(r); DBG((0,"SYN2 seq: %u",ntohl(p->tcp->th_seq))); conn->r2i.seq=ntohl(p->tcp->th_seq)+1; conn->r2i.ack=ntohl(p->tcp->th_ack)+1; conn->state=TCP_STATE_SYN2; } memcpy(&conn->start_time,&p->ts,sizeof(struct timeval)); memcpy(&conn->last_seen_time,&p->ts,sizeof(struct timeval)); if(r=create_proto_handler(handler,ctx,&conn->analyzer,conn,&p->ts)) ABORT(r); *connp=conn; _status=0; abort: return(_status); } /*#define STRIM(_seq,s) { \ int l;\ int off;\ l=(s)->s_seq - _seq; \ off=(s)->p->tcp->th_off*4; \ if(l>((s)->p->len-off)) ERETURN(R_BAD_DATA);\ (s)->data=(s)->p->data + off + (l) ; \ (s)->len=(s)->p->len - off + (l); \ (s)->s_seq += (l); \ if((s)->next) { \ if((s)->s_seq >= (s)->next->s_seq) {\ l=(s)->next->s_seq - (s)->s_seq; \ if((s)->len){\ (s)->len-=(l+1); \ (s)->s_seq-=(l+1);\ }\ }\ }\ } */ static int process_data_segment(conn,handler,p,stream,direction) tcp_conn *conn; proto_mod *handler; packet *p; stream_data *stream; int direction; { int r,_status; tcp_seq seq,right_edge; segment _seg; segment *seg,*nseg=0; long l; l=p->len - p->tcp->th_off * 4; if(stream->close){ DBG((0,"Rejecting packet received after FIN: %u:%u(%u)", ntohl(p->tcp->th_seq),ntohl(p->tcp->th_seq+l),l)); return(0); } /*The idea here is to pass all available segments to the analyzer at once. Since we want to preserve the segment packet data, we pass the data as a linked list of segments*/ seq=ntohl(p->tcp->th_seq); /*Add ACK processing logic here */ if(p->tcp->th_flags & TH_ACK){ long acknum,acked; acknum=ntohl(p->tcp->th_ack); acked=acknum-stream->ack; if(acked && !l){ /* if(r=timestamp_diff(&p->ts,&conn->start_time,&dt)) ERETURN(r); printf("%d%c%4.4d ",dt.tv_sec,'.',dt.tv_usec/100); if(direction == DIR_R2I) printf("S>C "); else printf("C>S "); printf("ACK (%d)\n",acked); */ } stream->ack=acknum; } DBG((0,"Stream Seq %u ",stream->seq)); /* Check to see if this packet has been processed already */ right_edge=seq + (p->len - (p->tcp->th_off)*4); if(!(p->tcp->th_flags & (TH_RST)) && SEQ_LT(right_edge,stream->seq)) return(0); if(SEQ_LT(stream->seq,seq)){ /* Out of order segment */ tcp_seq left_edge; for(seg=0;seg;seg=seg?seg->next:stream->oo_queue){ if(seg->next->s_seq > seq) break; } if(!(nseg=(segment *)calloc(1,sizeof(segment)))) ABORT(R_NO_MEMORY); if(r=packet_copy(p,&nseg->p)) ABORT(r); nseg->s_seq=seq; /*Insert this segment into the reassembly queue*/ if(seg){ nseg->next=seg->next; seg->next=nseg; } else{ nseg->next=stream->oo_queue; stream->oo_queue=nseg; } left_edge=seg?seg->s_seq:stream->seq; STRIM(left_edge,nseg); } else{ /*First segment -- just thread the unallocated data on the list so we can pass to the analyzer*/ _seg.next=0; _seg.p=p; _seg.s_seq=seq; /*Now split the queue. Assemble as many packets as possible and pass them to the analyzer. But process anything with a RST in it immediately and ignore any data that might be in it */ if(_seg.p->tcp->th_flags & (TH_RST)){ stream->close=_seg.p->tcp->th_flags & (TH_RST); seg=&_seg; conn->state=TCP_STATE_CLOSED; } else{ STRIM(stream->seq,&_seg); if(_seg.p->tcp->th_flags & (TH_FIN)){ stream->close=_seg.p->tcp->th_flags & (TH_FIN); seg=&_seg; } else { for(seg=&_seg;seg->next;seg=seg->next){ if(seg->p->tcp->th_flags & (TH_FIN)){ stream->close=_seg.p->tcp->th_flags & (TH_FIN); break; } if(seg->len + seg->s_seq != seg->next->s_seq) break; } } /*Note that this logic is broken because it doesn't do the CLOSE_WAIT/FIN_WAIT stuff, but it's probably close enough, since this is a higher level protocol analyzer, not a TCP analyzer*/ if(seg->p->tcp->th_flags & (TH_FIN) ){ if(conn->state == TCP_STATE_ESTABLISHED) conn->state=TCP_STATE_FIN1; else conn->state=TCP_STATE_CLOSED; } stream->oo_queue=seg->next; seg->next=0; stream->seq=seg->s_seq + seg->len; DBG((0,"Analyzing segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len)); if(r=conn->analyzer->vtbl->data(conn->analyzer->obj,&_seg,direction)) { DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, seg->s_seq+seg->len, seg->len)); ABORT(r); } } if(stream->close){ DBG((0,"Closing with segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len)); if(r=conn->analyzer->vtbl->close(conn->analyzer->obj,p,direction)) { DBG((0,"ABORT due to segment: %u:%u(%u)", seg->s_seq, stream->seq, seg->len)); ABORT(r); } } free_tcp_segment_queue(_seg.next); } _status=0; abort: return(_status); } static int print_tcp_packet(p) packet *p; { char *src=0,*dst=0; if(!(NET_print_flags & NET_PRINT_TCP_HDR)) return(0); lookuphostname(&p->ip->ip_src,&src); lookuphostname(&p->ip->ip_dst,&dst); printf("TCP: %s(%d) -> %s(%d) ", src, ntohs(p->tcp->th_sport), dst, ntohs(p->tcp->th_dport)); printf("Seq %u.(%d) ", ntohl(p->tcp->th_seq), p->len - p->tcp->th_off *4); if(p->tcp->th_flags & TH_ACK) printf("ACK %u ",ntohl(p->tcp->th_ack)); if(p->tcp->th_flags & TH_FIN) printf("FIN "); if(p->tcp->th_flags & TH_SYN) printf("SYN "); if(p->tcp->th_flags & TH_RST) printf("RST "); if(p->tcp->th_flags & TH_PUSH) printf("PUSH "); if(p->tcp->th_flags & TH_URG) printf("URG "); printf("\n"); free(src); free(dst); return(0); } int STRIM(_seq,s) UINT4 _seq; segment *s; { int l; int off; /* Test: this shouldn't damage things at all s->p->data-=4; s->p->len+=4; s->s_seq-=4; */ l=_seq - (s)->s_seq; /* number of bytes to trim from the left of s */ off=(s)->p->tcp->th_off*4; if(l>((s)->p->len-off)) ERETURN(R_BAD_DATA); /* Now remove the leading l bytes */ (s)->data=(s)->p->data + off + (l) ; (s)->len=(s)->p->len - (off + l); (s)->s_seq += (l); /* Now trim to the right if necessary */ if((s)->next) { if((s)->s_seq >= (s)->next->s_seq) { l=(s)->s_seq - (s)->next->s_seq; if((s)->len){ (s)->len-=(l+1); } } } return(0); } ssldump-1.1/base/tcppack.h000066400000000000000000000041111354171271700155570ustar00rootroot00000000000000/** tcppack.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: tcppack.h,v 1.3 2001/07/20 23:33:15 ekr Exp $ ekr@rtfm.com Wed Jan 6 15:08:30 1999 */ #ifndef _tcppack_h #define _tcppack_h int process_tcp_packet PROTO_LIST((proto_mod *mod,proto_ctx *ctx, packet *p)); #endif ssldump-1.1/common/000077500000000000000000000000001354171271700143425ustar00rootroot00000000000000ssldump-1.1/common/include/000077500000000000000000000000001354171271700157655ustar00rootroot00000000000000ssldump-1.1/common/include/r_assoc.h000066400000000000000000000061311354171271700175700ustar00rootroot00000000000000/** r_assoc.h Associative array code. This code has the advantage that different elements can have different create and destroy operators. Unfortunately, this can waste space. Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_assoc.h,v 1.3 2001/12/24 06:06:26 ekr Exp $ ekr@rtfm.com Sun Jan 17 17:57:18 1999 */ #ifndef _r_assoc_h #define _r_assoc_h typedef struct r_assoc_ r_assoc; int r_assoc_create PROTO_LIST((r_assoc **assocp)); int r_assoc_insert PROTO_LIST((r_assoc *assoc,char *key,int len, void *value,int (*copy)(void **new,void *old), int (*destroy)(void *ptr),int how)); #define R_ASSOC_REPLACE 0x1 #define R_ASSOC_NEW 0x2 int r_assoc_fetch PROTO_LIST((r_assoc *assoc,char *key, int len, void **value)); int r_assoc_copy PROTO_LIST((r_assoc **new,r_assoc *old)); int r_assoc_destroy PROTO_LIST((r_assoc **assocp)); /*We need iterators, but I haven't written them yet*/ typedef struct r_assoc_iterator_ { r_assoc *assoc; int prev_chain; struct r_assoc_el_ *prev; int next_chain; struct r_assoc_el_ *next; } r_assoc_iterator; int r_assoc_init_iter PROTO_LIST((r_assoc *assoc,r_assoc_iterator *)); int r_assoc_iter PROTO_LIST((r_assoc_iterator *iter,void **key,int *keyl, void **val)); int r_assoc_iter_delete PROTO_LIST((r_assoc_iterator *)); #endif ssldump-1.1/common/include/r_bitfield.h000066400000000000000000000007761354171271700202530ustar00rootroot00000000000000/** r_bitfield.h Copyright (C) 2001 RTFM, Inc. All Rights Reserved. ekr@rtfm.com Wed Oct 3 10:43:50 2001 */ #ifndef _r_bitfield_h #define _r_bitfield_h typedef struct r_bitfield_ { UINT4 *data; UINT4 len; UINT4 base; } r_bitfield; int r_bitfield_set PROTO_LIST((r_bitfield *,int bit)); int r_bitfield_isset PROTO_LIST((r_bitfield *,int bit)); int r_bitfield_create PROTO_LIST((r_bitfield **setp,UINT4 size)); int r_bitfield_destroy PROTO_LIST((r_bitfield **setp)); #endif ssldump-1.1/common/include/r_common.h000066400000000000000000000044621354171271700177550ustar00rootroot00000000000000/** r_common.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_common.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ ekr@rtfm.com Tue Dec 22 10:40:07 1998 */ #ifndef _r_common_h #define _r_common_h #include "r_defaults.h" #include "r_includes.h" #include "r_types.h" #include "r_macros.h" #include "r_errors.h" #include "r_data.h" /*AAH*/ int xdump PROTO_LIST((char *label,UCHAR *data,int len)); /* defines for possibly replaced functions */ #ifndef HAVE_STRDUP char *strdup PROTO_LIST((char *in)); #endif #endif ssldump-1.1/common/include/r_data.h000066400000000000000000000050441354171271700173730ustar00rootroot00000000000000/** r_data.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_data.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ ekr@rtfm.com Wed Feb 10 14:18:19 1999 */ #ifndef _r_data_h #define _r_data_h typedef struct Data_ { UCHAR *data; int len; } Data; int r_data_create PROTO_LIST((Data **dp,UCHAR *d,int l)); int r_data_alloc PROTO_LIST((Data **dp, int l)); int r_data_make PROTO_LIST((Data *dp, UCHAR *d,int l)); int r_data_destroy PROTO_LIST((Data **dp)); int r_data_copy PROTO_LIST((Data *dst,Data *src)); int r_data_zfree PROTO_LIST((Data *d)); int r_data_compare PROTO_LIST((Data *d1,Data *d2)); #define INIT_DATA(a,b,c) (a).data=b; (a).len=c #define ATTACH_DATA(a,b) (a).data=b; (a).len=sizeof(b) #define ZERO_DATA(a) (a).data=0; (a).len=0 #endif ssldump-1.1/common/include/r_defaults.h000066400000000000000000000042021354171271700202640ustar00rootroot00000000000000/** r_defaults.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_defaults.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ ekr@rtfm.com Tue Dec 22 10:39:14 1998 */ #ifndef _r_defaults_h #define _r_defaults_h #ifndef R_USE_PROTOTYPES #define R_USE_PROTOTYPES 1 #endif /*The needs defines don't belong here*/ #define R_NEEDS_STDLIB_H #endif ssldump-1.1/common/include/r_errors.h000066400000000000000000000046221354171271700177770ustar00rootroot00000000000000/** r_errors.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_errors.h,v 1.3 2002/01/21 17:36:51 ekr Exp $ ekr@rtfm.com Tue Dec 22 10:59:49 1998 */ #ifndef _r_errors_h #define _r_errors_h #define R_NO_MEMORY 1 /*out of memory*/ #define R_NOT_FOUND 2 /*Item not found*/ #define R_INTERNAL 3 /*Unspecified internal error*/ #define R_ALREADY 4 /*Action already done*/ #define R_EOD 5 /*end of data*/ #define R_BAD_ARGS 6 /*Bad arguments*/ #define R_BAD_DATA 7 /*Bad data*/ #define R_WOULDBLOCK 8 /*Operation would block */ int verr_exit PROTO_LIST((char *fmt,...)); #endif ssldump-1.1/common/include/r_includes.h000066400000000000000000000042231354171271700202660ustar00rootroot00000000000000/** r_includes.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_includes.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ ekr@rtfm.com Tue Dec 22 11:38:50 1998 */ #ifndef _r_includes_h #define _r_includes_h #ifdef R_NEEDS_STDLIB_H #include #endif #ifdef R_NEEDS_MEMORY_H #include #endif #include #include #endif ssldump-1.1/common/include/r_list.h000066400000000000000000000052241354171271700174350ustar00rootroot00000000000000/** r_list.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_list.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ ekr@rtfm.com Tue Jan 19 08:36:48 1999 */ #ifndef _r_list_h #define _r_list_h typedef struct r_list_ r_list; typedef struct r_list_iterator_ { r_list *list; struct r_list_el_ *ptr; } r_list_iterator; int r_list_create PROTO_LIST((r_list **listp)); int r_list_destroy PROTO_LIST((r_list **listp)); int r_list_copy PROTO_LIST((r_list **out,r_list *in)); int r_list_insert PROTO_LIST((r_list *list,void *value, int (*copy)(void **new,void *old), int (*destroy)(void **ptr))); int r_list_append PROTO_LIST((r_list *list,void *value, int (*copy)(void **new,void *old), int (*destroy)(void **ptr))); int r_list_init_iter PROTO_LIST((r_list *list,r_list_iterator *iter)); int r_list_iter PROTO_LIST((r_list_iterator *iter,void **val)); #endif ssldump-1.1/common/include/r_macros.h000066400000000000000000000065351354171271700177540ustar00rootroot00000000000000/** r_macros.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_macros.h,v 1.4 2001/11/20 17:45:18 ekr Exp $ ekr@rtfm.com Tue Dec 22 10:37:32 1998 */ #ifndef _r_macros_h #define _r_macros_h #if (R_USE_PROTOTYPES==1) #define PROTO_LIST(a) a #else #define PROTO_LIST(a) () #endif #ifndef __GNUC__ #define __FUNCTION__ "unknown" #endif #ifdef R_TRACE_ERRORS #define REPORT_ERROR_(caller,a) fprintf(stderr,"%s: error %d at %s:%d (function %s)\n", \ caller,a,__FILE__,__LINE__,__FUNCTION__) #else #define REPORT_ERROR_(caller,a) #endif #ifndef ERETURN #define ERETURN(a) do {int _r=a; if(!_r) _r=-1; REPORT_ERROR_("ERETURN",_r); return(_r);} while(0) #endif #ifndef ABORT #define ABORT(a) do { int _r=a; if(!_r) _r=-1; REPORT_ERROR_("ABORT",_r); _status=_r; goto abort;} while(0) #endif #ifndef FREE #define FREE(a) if(a) free(a) #endif #ifndef MIN #define MIN(a,b) ((a)>(b))?(b):(a) #endif #ifndef MAX #define MAX(a,b) ((b)>(a))?(b):(a) #endif #ifdef DEBUG #define DBG(a) debug a int debug(int class,char *format,...); #else #define DBG(a) #endif #ifndef RMALLOC #define RMALLOC(a) malloc(a) #endif #ifndef RCALLOC #define RCALLOC(a) calloc(1,a) #endif #ifndef RFREE #define RFREE(a) if(a) free(a) #endif #ifndef RREALLOC #define RREALLOC(a,b) realloc(a,b) #endif #define UNIMPLEMENTED do { fprintf(stderr,"Function %s unimplemented\n",__FUNCTION__); abort(); } while(0) #ifdef STDC_HEADERS #include #endif #ifndef STRNICMP #ifdef _WIN32 #define STRNICMP(a,b,n) strnicmp(a,b,n) #else #define STRNICMP(a,b,n) strncasecmp(a,b,n) #endif #endif #endif ssldump-1.1/common/include/r_thread.h000066400000000000000000000050301354171271700177240ustar00rootroot00000000000000/** r_thread.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_thread.h,v 1.2 2000/10/17 16:09:59 ekr Exp $ ekr@rtfm.com Tue Feb 23 14:58:36 1999 */ #ifndef _r_thread_h #define _r_thread_h typedef void *r_thread; typedef void *r_rwlock; int r_thread_fork PROTO_LIST((void (*func)(void *),void *arg, r_thread *tid)); int r_thread_destroy PROTO_LIST((r_thread tid)); int r_thread_yield PROTO_LIST((void)); int r_thread_exit PROTO_LIST((void)); int r_thread_wait_last PROTO_LIST((void)); int r_rwlock_create PROTO_LIST((r_rwlock **lockp)); int r_rwlock_destroy PROTO_LIST((r_rwlock **lock)); int r_rwlock_lock PROTO_LIST((r_rwlock *lock,int action)); #define R_RWLOCK_UNLOCK 0 #define R_RWLOCK_RLOCK 1 #define R_RWLOCK_WLOCK 2 #endif ssldump-1.1/common/include/r_time.h000066400000000000000000000050171354171271700174200ustar00rootroot00000000000000/** r_time.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_time.h,v 1.4 2001/12/24 06:06:26 ekr Exp $ ekr@rtfm.com Thu Mar 4 08:45:41 1999 */ #ifndef _r_time_h #define _r_time_h #ifdef _WIN32 # include #else /* Cribbed from the autoconf doc */ # if TIME_WITH_SYS_TIME # include # include # else # if HAVE_SYS_TIME_H # include # else # include # endif # endif #endif int r_timeval_diff PROTO_LIST((struct timeval *t1,struct timeval *t0, struct timeval *diff)); int r_timeval_add PROTO_LIST((struct timeval *t1,struct timeval *t2, struct timeval *sum)); UINT8 r_timeval2int PROTO_LIST((struct timeval *tv)); UINT8 r_gettimeint PROTO_LIST((void)); #endif ssldump-1.1/common/include/r_types.h000066400000000000000000000055301354171271700176260ustar00rootroot00000000000000/** r_types.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_types.h,v 1.3 2002/09/09 21:02:58 ekr Exp $ ekr@rtfm.com Tue Dec 22 10:36:02 1998 */ #ifndef _r_types_h #define _r_types_h #ifndef R_DEFINED_UINT4 #ifndef SIZEOF_UNSIGNED_INT typedef unsigned int UINT4; #else # if (SIZEOF_UNSIGNED_INT==4) typedef unsigned int UINT4; # elif (SIZEOF_UNSIGNED_SHORT==4) typedef unsigned short UINT4; # elif (SIZEOF_UNSIGNED_LONG==4) typedef unsigned long UINT4; # else # error no type for UINT4 # endif #endif #endif #ifndef R_DEFINED_UINT8 #ifndef SIZEOF_UNSIGNED_LONG typedef unsigned long UINT8; #else # if (SIZEOF_UNSIGNED_INT==8) typedef unsigned int UINT8; # elif (SIZEOF_UNSIGNED_SHORT==8) typedef unsigned short UINT8; # elif (SIZEOF_UNSIGNED_LONG==8) typedef unsigned long UINT8; # elif (SIZEOF_UNSIGNED_LONG_LONG==8) typedef unsigned long long UINT8; # elif defined (_WIN32) && defined (_MSC_VER) typedef unsigned __int64 UINT8; # else # error no type for UINT8 # endif #endif #endif #ifndef R_DEFINED_UCHAR typedef unsigned char UCHAR; #endif #endif ssldump-1.1/common/lib/000077500000000000000000000000001354171271700151105ustar00rootroot00000000000000ssldump-1.1/common/lib/assoc.h000066400000000000000000000040151354171271700163710ustar00rootroot00000000000000/** assoc.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: assoc.h,v 1.2 2000/10/17 16:10:00 ekr Exp $ ekr@rtfm.com Sun Jan 17 17:56:35 1999 */ #ifndef _assoc_h #define _assoc_h typedef struct assoc_ assoc; #endif ssldump-1.1/common/lib/debug.c000066400000000000000000000051551354171271700163500ustar00rootroot00000000000000/** debug.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: debug.c,v 1.3 2001/12/24 06:06:26 ekr Exp $ ekr@rtfm.com Wed Jan 6 17:08:58 1999 */ static char *RCSSTRING="$Id: debug.c,v 1.3 2001/12/24 06:06:26 ekr Exp $"; #include #include #include "r_common.h" #include "debug.h" int debug(int class,char *format,...) { va_list ap; va_start(ap,format); vfprintf(stderr,format,ap); fprintf(stderr,"\n"); va_end(ap); return(0); } int xdump(name,data,len) char *name; UCHAR *data; int len; { int i; if(name){ printf("%s[%d]=\n",name,len); } for(i=0;i8) && i && !(i%12)){ printf("\n"); } printf("%.2x ",data[i]&255); } if(i%12) printf("\n"); return(0); } ssldump-1.1/common/lib/debug.h000066400000000000000000000042231354171271700163500ustar00rootroot00000000000000/** debug.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: debug.h,v 1.3 2001/12/24 06:06:26 ekr Exp $ ekr@rtfm.com Wed Jan 6 17:13:00 1999 */ #ifndef _debug_h #define _debug_h #ifdef DEBUG #define DBG(a) debug a #else #define DBG(a) #endif int debug(int class,char *format,...); int xdump PROTO_LIST((char *name,UCHAR *data, int len)); #endif ssldump-1.1/common/lib/local.mk000066400000000000000000000167531354171271700165470ustar00rootroot00000000000000# # local.mk # # $Source: /usr/local/CVS/ssldump/common/lib/local.mk,v $ # $Revision: 1.2 $ # $Date: 2001/10/04 17:19:47 $ # $Name: $ # $Disclaimer$ # # Copyright (C) 2001, Terisa Systems, Inc. # All Rights Reserved. # # ekr@terisa.com # # # CONFIGURE USER-DEFINED MAKE ENVIRONMENT # # These fields are specified by the user. The remainder of # this file is generated from this user-specified information. # # COMMON_LIB_DEFINES: # cpp defines, with the -D flag preceeding each # # COMMON_LIB_INCLUDES: # cpp include directories, with the -I flag preceeding each # # COMMON_LIB_INTERNAL: # headers files which are local to a specific module directory, # and should not be used by other parts of the toolkit or by # the user # # COMMON_LIB_LIBNAME: # the library associated with this module directory, used in # most cases for debugging purposes # # COMMON_LIB_LIBPATHS: # link-time directories to search for libraries, with the -L flag # preceeding each # # COMMON_LIB_LIBRARIES: # link-time libraries, with the -l flag preceeding each # # COMMON_LIB_LOCALFLAGS: # compile-time flags specific to compiling only the files in # this module directory--this variable should only be set in # extremely exceptional cases # # COMMON_LIB_MAKEFILES: # the makefiles # # COMMON_LIB_PREFIX: # defines the module name, which also serves as the # prefix for all the variable names defined in this file # # COMMON_LIB_PRIVATE: # the private, for-toolkit-use-only API header files # # COMMON_LIB_PROGRAMS: # programs to build # # COMMON_LIB_PUBLIC: # the header files that define the public API for the toolkit # and any other 'public' files that should be copied to # the build directory # # COMMON_LIB_SOURCES: # the source files to compile to object # COMMON_LIB_DEFINES = COMMON_LIB_INCLUDES = COMMON_LIB_INTERNAL = COMMON_LIB_LIBNAME = COMMON_LIB_LIBPATHS = COMMON_LIB_LIBRARIES = COMMON_LIB_LOCALFLAGS = COMMON_LIB_MAKEFILES = targets.mk COMMON_LIB_PREFIX = COMMON_LIB COMMON_LIB_PRIVATE = COMMON_LIB_PROGRAMS = COMMON_LIB_PUBLIC = COMMON_LIB_SOURCES = debug.c r_assoc.c r_bitfield.c r_data.c \ r_errors.c r_list.c r_replace.c r_time.c # # CONFIGURE AUTOMATICALLY-GENERATED MAKE ENVIRONMENT # # COMMON_LIB_OBJECTS: # object files to build # # COMMON_LIB_UNUSED: # obsolete files in the module directory that are not # used during the build process # # COMMON_LIB_USED: # all files in the module directory that are used # during the build process # COMMON_LIB_OBJECTS = debug.$(OBJSUFFIX) r_assoc.$(OBJSUFFIX) \ r_bitfield.$(OBJSUFFIX) r_data.$(OBJSUFFIX) \ r_errors.$(OBJSUFFIX) r_list.$(OBJSUFFIX) \ r_replace.$(OBJSUFFIX) r_time.$(OBJSUFFIX) COMMON_LIB_UNUSED = assoc.h debug.h local.mk r_assoc_test.c r_data.h COMMON_LIB_USED = $(COMMON_LIB_INTERNAL:%=$(COMMON_LIB_SRCDIR)%) \ $(COMMON_LIB_MAKEFILES:%=$(COMMON_LIB_SRCDIR)%) \ $(COMMON_LIB_PRIVATE:%=$(COMMON_LIB_SRCDIR)%) \ $(COMMON_LIB_PUBLIC:%=$(COMMON_LIB_SRCDIR)%) \ $(COMMON_LIB_SOURCES:%=$(COMMON_LIB_SRCDIR)%) # # NOTES # # The following variables may be used during the build process, # but are not defined in this file. If they are to be set # to something other than the default blank, then they must # be set by the calling make system. # # COMMON_LIB_SRCDIR: # if the build target directory is different from the # module directory (the source directory), then this # variable contains the relative or full path of # the module directory # # LIBARS: # the library archive files (with fully-specified paths) that # executables built from this module directory depend upon # # LIBPATHS: # the paths to search for library archives (specified with # the -L) # # LIBRARIES: # the libraries to use while building executables from # this module directory (specified with the -l) # # # GLOBAL ENVIRONMENT # DEFINES += $(COMMON_LIB_DEFINES) INCLUDES += $(COMMON_LIB_INCLUDES) LIBPATHS += $(COMMON_LIB_LIBPATHS) LIBRARIES += $(COMMON_LIB_LIBRARIES) OBJECTS += $(COMMON_LIB_OBJECTS) PUBLIC += $(COMMON_LIB_PUBLIC) # # GENERIC DEPENDENCIES # # default: # default dependency, must be the first dependency in this makefile # # all: # build everything in this module directory # # build: # make only the toolkit build files of this module directory # # ci: # perform an RCS check-in of this module directory # # clean: # remove the compiled files # # clean_public: # remove the public header files that have been copied # to a public build directory # # objects: # build the object files (this dependency is used for # building the toolkit library) # # private: # build only the private API header files # # public: # build only the public API header files # default: $(COMMON_LIB_LIBNAME) default: $(COMMON_LIB_PROGRAMS) all: $(COMMON_LIB_PUBLIC) all: $(COMMON_LIB_OBJECTS) all: $(COMMON_LIB_LIBNAME) all: $(COMMON_LIB_PROGRAMS) build: $(COMMON_LIB_PUBLIC) build: $(COMMON_LIB_OBJECTS) ci: common_lib_ci clean: common_lib_clean clean_public: common_lib_clean_public objects: $(COMMON_LIB_OBJECTS) private: $(COMMON_LIB_PRIVATE) public: $(COMMON_LIB_PUBLIC) # # LOCAL UTILITY DEPENDENCIES # # utility dependencies are necessary because of some # make-isms having to do with dependencies # common_lib_ci: $(CI) $(CIFLAGS) $(COMMON_LIB_USED) common_lib_clean: $(RM) $(RMFLAGS) $(COMMON_LIB_OBJECTS) $(COMMON_LIB_LIBNAME) $(COMMON_LIB_PROGRAMS) common_lib_clean_public: $(RM) $(RMFLAGS) $(COMMON_LIB_PUBLIC) common_lib_objects: $(COMMON_LIB_OBJECTS) common_lib_programs: $(COMMON_LIB_PROGRAMS) common_lib_public: $(COMMON_LIB_PUBLIC) # # BUILD DEPENDENCIES # # build dependencies invoke the rule used to build each # class of file # $(COMMON_LIB_LIBNAME): $(AR) $(ARFLAGS) $@ $? $(RANLIB) $@ $(COMMON_LIB_OBJECTS): $(COMPILE.c) $(COMMON_LIB_SRCDIR)$(@:%.$(OBJSUFFIX)=%.c) $(DEFINES) $(INCLUDES) $(COMMON_LIB_LOCALFLAGS) $(COMMON_LIB_PUBLIC): $(CP) $(CPFLAGS) $(COMMON_LIB_SRCDIR)$@ $@ $(COMMON_LIB_PROGRAMS): $(LINK.c) $@.$(OBJSUFFIX) $(LDLIBS) $(LIBS) $(LIBRARIES) $(LIBPATHS) #LIBS above is obsolete (use LIBARARIES instead) # # FILE DEPENDENCIES # # file dependencies state, for each file that is built, # which file(s) it depends upon # debug.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)debug.h debug.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)debug.c r_assoc.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_assoc.c r_bitfield.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_bitfield.c r_data.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_data.h r_data.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_data.c r_errors.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_errors.c r_list.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_list.c r_replace.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_replace.c r_time.$(OBJSUFFIX): $(COMMON_LIB_SRCDIR)r_time.c $(COMMON_LIB_LIBNAME): $(COMMON_LIB_OBJECTS) ssldump-1.1/common/lib/r_assoc.c000066400000000000000000000227771354171271700167240ustar00rootroot00000000000000/** r_assoc.c This is an associative array implementation, using an open-chained hash bucket technique. Note that this implementation permits each data entry to have separate copy constructors and destructors. This currently wastes space, but could be implemented while saving space by using the high order bit of the length value or somesuch. The major problem with this code is it's not resizable, though it could be made so. Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_assoc.c,v 1.4 2001/12/24 06:06:26 ekr Exp $ ekr@rtfm.com Sun Jan 17 17:57:15 1999 */ static char *RCSSTRING="$Id: r_assoc.c,v 1.4 2001/12/24 06:06:26 ekr Exp $"; #include #include "r_assoc.h" typedef struct r_assoc_el_ { char *key; int key_len; void *data; struct r_assoc_el_ *prev; struct r_assoc_el_ *next; int (*copy) PROTO_LIST((void **new,void *old)); int (*destroy) PROTO_LIST((void *ptr)); } r_assoc_el; struct r_assoc_ { int size; int bits; r_assoc_el **chains; }; #define DEFAULT_TABLE_BITS 5 static int destroy_assoc_chain PROTO_LIST((r_assoc_el *chain)); static int r_assoc_fetch_bucket PROTO_LIST((r_assoc *assoc, char *key,int len,r_assoc_el **bucketp)); UINT4 hash_compute PROTO_LIST((char *key,int len,int size)); static int copy_assoc_chain PROTO_LIST((r_assoc_el **newp, r_assoc_el *old)); int r_assoc_create(assocp) r_assoc **assocp; { r_assoc *assoc=0; int _status; if(!(assoc=(r_assoc *)calloc(sizeof(r_assoc),1))) ABORT(R_NO_MEMORY); assoc->size=(1<bits=DEFAULT_TABLE_BITS; if(!(assoc->chains=(r_assoc_el **)calloc(sizeof(r_assoc_el *), assoc->size))) ABORT(R_NO_MEMORY); *assocp=assoc; _status=0; abort: if(_status){ r_assoc_destroy(&assoc); } return(_status); } int r_assoc_destroy(assocp) r_assoc **assocp; { r_assoc *assoc; int i; if(!assocp || !*assocp) return(0); assoc=*assocp; for(i=0;isize;i++) destroy_assoc_chain(assoc->chains[i]); return(0); } static int destroy_assoc_chain(chain) r_assoc_el *chain; { r_assoc_el *nxt; while(chain){ nxt=chain->next; if(chain->destroy) chain->destroy(chain->data); free(chain->key); free(chain); chain=nxt; } return(0); } static int copy_assoc_chain(newp,old) r_assoc_el **newp; r_assoc_el *old; { r_assoc_el *new=0,*ptr,*tmp; int r,_status; if(!old) { *newp=0; return(0); } for(;old;old=old->next){ if(!(tmp=(r_assoc_el *)calloc(sizeof(r_assoc_el),1))) ABORT(R_NO_MEMORY); if(!new){ new=tmp; ptr=new; } else{ ptr->next=tmp; tmp->prev=ptr; ptr=tmp; } ptr->destroy=old->destroy; ptr->copy=old->copy; if(old->copy){ if(r=old->copy(&ptr->data,old->data)) ABORT(r); } else ptr->data=old->data; if(!(ptr->key=(char *)malloc(old->key_len))) ABORT(R_NO_MEMORY); memcpy(ptr->key,old->key,ptr->key_len=old->key_len); } *newp=new; _status=0; abort: if(_status){ destroy_assoc_chain(new); } return(_status); } static int r_assoc_fetch_bucket(assoc,key,len,bucketp) r_assoc *assoc; char *key; int len; r_assoc_el **bucketp; { UINT4 hash_value; r_assoc_el *bucket; hash_value=hash_compute(key,len,assoc->bits); for(bucket=assoc->chains[hash_value];bucket;bucket=bucket->next){ if(bucket->key_len == len && !memcmp(bucket->key,key,len)){ *bucketp=bucket; return(0); } } return(R_NOT_FOUND); } int r_assoc_fetch(assoc,key,len,datap) r_assoc *assoc; char *key; int len; void **datap; { r_assoc_el *bucket; int r; if(r=r_assoc_fetch_bucket(assoc,key,len,&bucket)){ if(r!=R_NOT_FOUND) ERETURN(r); return(r); } *datap=bucket->data; return(0); } int r_assoc_insert(assoc,key,len,data,copy,destroy,how) r_assoc *assoc; char *key; int len; void *data; int (*copy) PROTO_LIST((void **new,void *old)); int (*destroy) PROTO_LIST((void *ptr)); int how; { r_assoc_el *bucket,*new_bucket=0; int r,_status; if(r=r_assoc_fetch_bucket(assoc,key,len,&bucket)){ /*Note that we compute the hash value twice*/ UINT4 hash_value; if(r!=R_NOT_FOUND) ABORT(r); hash_value=hash_compute(key,len,assoc->bits); if(!(new_bucket=(r_assoc_el *)calloc(sizeof(r_assoc_el),1))) ABORT(R_NO_MEMORY); if(!(new_bucket->key=(char *)malloc(len))) ABORT(R_NO_MEMORY); memcpy(new_bucket->key,key,len); new_bucket->key_len=len; /*Insert at the list head. Is FIFO a good algorithm?*/ if(assoc->chains[hash_value]) assoc->chains[hash_value]->prev=new_bucket; new_bucket->next=assoc->chains[hash_value]; assoc->chains[hash_value]=new_bucket; bucket=new_bucket; } else{ if(!(how&R_ASSOC_REPLACE)) ABORT(R_ALREADY); if(bucket->destroy) bucket->destroy(bucket->data); } bucket->data=data; bucket->copy=copy; bucket->destroy=destroy; _status=0; abort: if(_status && new_bucket){ free(new_bucket->key); free(new_bucket); } return(_status); } int r_assoc_copy(newp,old) r_assoc **newp; r_assoc *old; { int r,_status,i; r_assoc *new; if(!(new=(r_assoc *)calloc(sizeof(r_assoc),1))) ABORT(R_NO_MEMORY); new->size=old->size; new->bits=old->bits; if(!(new->chains=(r_assoc_el **)calloc(sizeof(r_assoc_el),old->size))) ABORT(R_NO_MEMORY); for(i=0;isize;i++){ if(r=copy_assoc_chain(new->chains+i,old->chains[i])) ABORT(R_NO_MEMORY); } *newp=new; _status=0; abort: if(_status){ r_assoc_destroy(&new); } return(_status); } int r_assoc_init_iter(assoc,iter) r_assoc *assoc; r_assoc_iterator *iter; { int i; iter->assoc=assoc; iter->prev_chain=-1; iter->prev=0; iter->next_chain=assoc->size; iter->next=0; for(i=0;isize;i++){ if(assoc->chains[i]!=0){ iter->next_chain=i; iter->next=assoc->chains[i]; break; } } return(0); } int r_assoc_iter(iter,key,keyl,val) r_assoc_iterator *iter; void **key; int *keyl; void **val; { int i; r_assoc_el *ret; if(!iter->next) return(R_EOD); ret=iter->next; *key=ret->key; *keyl=ret->key_len; *val=ret->data; /* Now increment */ iter->prev_chain=iter->next_chain; iter->prev=iter->next; /* More on this chain */ if(iter->next->next){ iter->next=iter->next->next; } else{ iter->next=0; /* FInd the next occupied chain*/ for(i=iter->next_chain;iassoc->size;i++){ if(iter->assoc->chains[i]){ iter->next_chain=i; iter->next=iter->assoc->chains[i]; break; } } } return(0); } /* Delete the last returned value*/ int r_assoc_iter_delete(iter) r_assoc_iterator *iter; { /* First unhook it from the list*/ if(!iter->prev->prev){ /* First element*/ iter->assoc->chains[iter->prev_chain]=iter->prev->next; } else{ iter->prev->prev->next=iter->prev->next; } if(iter->prev->next){ iter->prev->next->prev=iter->prev->prev; } iter->prev->destroy(iter->prev->data); free(iter->prev->data); free(iter->prev); return(0); } /*This is a hack from AMS. Supposedly, it's pretty good for strings, even though it doesn't take into account all the data*/ UINT4 hash_compute(key,len,bits) char *key; int len; int bits; { UINT4 h=0; h=key[0] +(key[len-1] * len); h &= (1< and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_assoc_test.c,v 1.2 2000/10/17 16:10:00 ekr Exp $ ekr@rtfm.com Sun Jan 17 21:09:22 1999 */ static char *RCSSTRING="$Id: r_assoc_test.c,v 1.2 2000/10/17 16:10:00 ekr Exp $"; #include #include int main() { char test_vector[1024],*v; int rnd,ct,r; r_assoc *assoc,*new_assoc; if(r=r_assoc_create(&assoc)){ fprintf(stderr,"Couldn't create\n"); exit(1); } srand(getpid()); v=test_vector; for(ct=0;ct<256;ct++){ v[0]=ct & 255; v[1]=(ct>>8) & 255; v[2]=(ct>>16) & 255; v[3]=(ct>>24) & 255; if(r=r_assoc_insert(assoc,v,4,v,0,0,R_ASSOC_REPLACE)){ fprintf(stderr,"Couldn't insert %d\n",ct); exit(1); } v+=4; } fetch_test(assoc); if(r=r_assoc_copy(&new_assoc,assoc)){ fprintf(stderr,"Couldn't copy\n"); exit(1); } r_assoc_destroy(&assoc); fetch_test(new_assoc); r_assoc_destroy(&new_assoc); printf("Tests pass\n"); exit(0); } int fetch_test(assoc) r_assoc *assoc; { int ct; char vec[4],*v; int r,_status,rnd; for(ct=0;ct<65537;ct++){ rnd=rand(); rnd &= 0x3ff; vec[0]=rnd & 255; vec[1]=(rnd>>8) & 255; vec[2]=(rnd>>16) & 255; vec[3]=(rnd>>24) & 255; if(r=r_assoc_fetch(assoc,vec,4,(void **)&v)){ if(rnd<256){ fprintf(stderr,"Couldn't fetch\n"); exit(1); } else continue; } else{ if(rnd>255){ fprintf(stderr,"Spurious fetch\n"); exit(1); } } if(memcmp(vec,v,4)){ fprintf(stderr,"Fetch error\n"); exit(1); } } return(0); } ssldump-1.1/common/lib/r_bitfield.c000066400000000000000000000035051354171271700173620ustar00rootroot00000000000000/** r_bitfield.c Copyright (C) 2001 RTFM, Inc. All Rights Reserved. ekr@rtfm.com Wed Oct 3 11:15:23 2001 */ static char *RCSSTRING="$Id: r_bitfield.c,v 1.3 2001/12/24 06:06:26 ekr Exp $"; #include #include "r_bitfield.h" int r_bitfield_create(setp,size) r_bitfield **setp; UINT4 size; { r_bitfield *set=0; int _status; int num_words=size/32+!!(size%32); if(!(set=(r_bitfield *)RMALLOC(sizeof(r_bitfield)))) ABORT(R_NO_MEMORY); if(!(set->data=(UINT4 *)RMALLOC(num_words*4))) ABORT(R_NO_MEMORY); memset(set->data,0,4*num_words); set->base=0; set->len=num_words; *setp=set; _status=0; abort: if(_status){ r_bitfield_destroy(&set); } return(_status); } int r_bitfield_destroy(setp) r_bitfield **setp; { r_bitfield *set; if(!setp || !*setp) return(0); set=*setp; RFREE(set->data); RFREE(set); *setp=0; return(0); } int r_bitfield_set(set,bit) r_bitfield *set; int bit; { int word=(bit-set->base)/32; int bbit=(bit-set->base)%32; int _status; /* Resize? */ if(word>set->len){ UINT4 newlen=set->len; UINT4 *tmp; while(newlendata,set->len*4); memset(tmp+set->len*4,0,(newlen-set->len)*4); RFREE(set->data); set->data=tmp; } set->data[word]|=1<base)/32; int bbit=(bit-set->base)%32; int _status; if(bitbase) return(0); /* Resize? */ if(word>set->len) return(0); return(set->data[word]&(1< and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_data.c,v 1.3 2001/07/20 23:33:15 ekr Exp $ ekr@rtfm.com Tue Aug 17 15:39:50 1999 */ static char *RCSSTRING="$Id: r_data.c,v 1.3 2001/07/20 23:33:15 ekr Exp $"; #include #include int r_data_create(dp,d,l) Data **dp; UCHAR *d; int l; { Data *d_=0; int _status; if(!(d_=(Data *)calloc(sizeof(Data),1))) ABORT(R_NO_MEMORY); if(!(d_->data=(UCHAR *)malloc(l))) ABORT(R_NO_MEMORY); memcpy(d_->data,d,l); d_->len=l; *dp=d_; _status=0; abort: if(_status) r_data_destroy(&d_); return(_status); } int r_data_alloc(dp,l) Data **dp; int l; { Data *d_=0; int _status; if(!(d_=(Data *)calloc(sizeof(Data),1))) ABORT(R_NO_MEMORY); if(!(d_->data=(UCHAR *)calloc(l,1))) ABORT(R_NO_MEMORY); d_->len=l; *dp=d_; _status=0; abort: if(_status) r_data_destroy(&d_); return(_status); } int r_data_make(dp,d,l) Data *dp; UCHAR *d; int l; { if(!(dp->data=(UCHAR *)malloc(l))) ERETURN(R_NO_MEMORY); memcpy(dp->data,d,l); dp->len=l; return(0); } int r_data_destroy(dp) Data **dp; { if(!dp || !*dp) return(0); if((*dp)->data) free((*dp)->data); free(*dp); *dp=0; return(0); } int r_data_copy(dst,src) Data *dst; Data *src; { if(!(dst->data=(UCHAR *)malloc(src->len))) ERETURN(R_NO_MEMORY); memcpy(dst->data,src->data,dst->len=src->len); return(0); } int r_data_zfree(d) Data *d; { if(!d) return(0); if(!d->data) return(0); memset(d->data,0,d->len); free(d->data); return(0); } int r_data_compare(d1,d2) Data *d1; Data *d2; { if(d1->lenlen) return(-1); if(d2->lenlen) return(-1); return(memcmp(d1->data,d2->data,d1->len)); } ssldump-1.1/common/lib/r_data.h000066400000000000000000000037641354171271700165250ustar00rootroot00000000000000/** r_data.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_data.h,v 1.2 2000/10/17 16:10:00 ekr Exp $ ekr@rtfm.com Fri Feb 4 08:58:48 2000 */ #ifndef _r_data_h #define _r_data_h #endif ssldump-1.1/common/lib/r_errors.c000066400000000000000000000043431354171271700171150ustar00rootroot00000000000000/** r_errors.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_errors.c,v 1.3 2001/12/24 06:06:27 ekr Exp $ ekr@rtfm.com Tue Feb 16 16:37:05 1999 */ static char *RCSSTRING="$Id: r_errors.c,v 1.3 2001/12/24 06:06:27 ekr Exp $"; #include #include #include "r_common.h" #include "r_errors.h" int verr_exit(char *fmt,...) { va_list ap; va_start(ap,fmt); vfprintf(stderr,fmt,ap); exit(1); } ssldump-1.1/common/lib/r_list.c000066400000000000000000000121751354171271700165560ustar00rootroot00000000000000/** r_list.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_list.c,v 1.4 2001/12/24 06:06:27 ekr Exp $ ekr@rtfm.com Tue Jan 19 08:36:39 1999 */ static char *RCSSTRING="$Id: r_list.c,v 1.4 2001/12/24 06:06:27 ekr Exp $"; #include #include "r_list.h" typedef struct r_list_el_ { void *data; struct r_list_el_ *next; struct r_list_el_ *prev; int (*copy) PROTO_LIST((void **new,void *old)); int (*destroy) PROTO_LIST((void **ptr)); } r_list_el; struct r_list_ { struct r_list_el_ *first; struct r_list_el_ *last; }; int r_list_create(listp) r_list **listp; { r_list *list=0; int _status; if(!(list=(r_list *)calloc(sizeof(r_list),1))) ABORT(R_NO_MEMORY); list->first=0; list->last=0; *listp=list; _status=0; abort: return(_status); } int r_list_destroy(listp) r_list **listp; { r_list *list; r_list_el *el; if(!listp || !*listp) return(0); list=*listp; el=list->first; while(el){ r_list_el *el_t; if(el->destroy && el->data) el->destroy(&el->data); el_t=el; el=el->next; free(el_t); } free(list); *listp=0; return(0); } int r_list_copy(outp,in) r_list**outp; r_list *in; { r_list *out=0; r_list_el *el,*el2,*last=0; int r, _status; if(r=r_list_create(&out)) ABORT(r); for(el=in->first;in;el=el->next){ if(!(el2=(r_list_el *)calloc(sizeof(r_list_el),1))) ABORT(R_NO_MEMORY); if(el->copy && el->data){ if(r=el->copy(&el2->data,el->data)) ABORT(r); } el2->copy=el->copy; el2->destroy=el->destroy; if(!(out->first)) out->first=el2; el2->prev=last; last->next=el2; last=el2; } out->last=last; *outp=out; _status=0; abort: if(_status) r_list_destroy(&out); return(_status); } int r_list_insert(list,value,copy,destroy) r_list *list; void *value; int (*copy) PROTO_LIST((void **out, void *in)); int (*destroy) PROTO_LIST((void **val)); { r_list_el *el=0; int _status; if(!(el=(r_list_el *)calloc(sizeof(r_list_el),1))) ABORT(R_NO_MEMORY); el->data=value; el->copy=copy; el->destroy=destroy; el->prev=0; el->next=list->first; if(list->first){ list->first->prev=el; } list->first=el; _status=0; abort: return(_status); } int r_list_append(list,value,copy,destroy) r_list *list; void *value; int (*copy) PROTO_LIST((void **out, void *in)); int (*destroy) PROTO_LIST((void **val)); { r_list_el *el=0; int _status; if(!(el=(r_list_el *)calloc(sizeof(r_list_el),1))) ABORT(R_NO_MEMORY); el->data=value; el->copy=copy; el->destroy=destroy; el->prev=list->last; el->next=0; if(list->last) list->last->next=el; else list->first=el; list->last=el; _status=0; abort: return(_status); } int r_list_init_iter(list,iter) r_list *list; r_list_iterator *iter; { iter->list=list; iter->ptr=list->first; return(0); } int r_list_iter(iter,val) r_list_iterator *iter; void **val; { if(!iter->ptr) return(R_EOD); *val=iter->ptr->data; iter->ptr=iter->ptr->next; return(0); } ssldump-1.1/common/lib/r_replace.c000066400000000000000000000044051354171271700172130ustar00rootroot00000000000000/** r_replace.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_replace.c,v 1.2 2000/10/17 16:10:00 ekr Exp $ ekr@rtfm.com Sun Oct 1 11:18:49 2000 */ static char *RCSSTRING="$Id: r_replace.c,v 1.2 2000/10/17 16:10:00 ekr Exp $"; #include "r_common.h" #ifndef HAVE_STRDUP char *strdup(str) char *str; { int len=strlen(str); char *n; if(!(n=(char *)malloc(len+1))) return(0); memcpy(n,str,len+1); return(n); } #endif ssldump-1.1/common/lib/r_time.c000066400000000000000000000107371354171271700165430ustar00rootroot00000000000000/** r_time.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: r_time.c,v 1.6 2002/09/09 21:02:58 ekr Exp $ ekr@rtfm.com Thu Mar 4 08:43:46 1999 */ static char *RCSSTRING="$Id: r_time.c,v 1.6 2002/09/09 21:02:58 ekr Exp $"; #include #include #ifdef _WIN32 #include int gettimeofday(struct timeval *tv, struct timezone *tzp) { /* JAN1_1970_OFFSET is the number of 100-nanoseconds ticks between midnight jan 1, 1970 and jan 1, 1601. */ const ULARGE_INTEGER JAN1_1970_OFFSET = {0xd53e8000, 0x019db1de}; ULARGE_INTEGER currentTimeSinceJan_1_1970; FILETIME currentTime; GetSystemTimeAsFileTime( ¤tTime ); currentTimeSinceJan_1_1970.LowPart = currentTime.dwLowDateTime; currentTimeSinceJan_1_1970.HighPart = currentTime.dwHighDateTime; currentTimeSinceJan_1_1970.QuadPart -= JAN1_1970_OFFSET.QuadPart; /* At this point, currentTimeSinceJan_1_1970 contains the number of 100-nanosecond 'ticks' since midnight, Jan. 1, 1970. This is equivalent to 10 * the number of microseconds elapsed since this time. The BSD man pages for gettimeofday() suggest that we should return the whole number of seconds in the tv_sec field, and the fractional number of seconds in units of microseconds in the tv_usec field. sec = time / 10000000, usec = (time % 10000000) / 10; */ tv->tv_sec = currentTimeSinceJan_1_1970.QuadPart / 10000000; tv->tv_usec = (currentTimeSinceJan_1_1970.QuadPart % 10000000) / 10; return 0; } #endif /*Note that t1 must be > t0 */ int r_timeval_diff(t1,t0,diff) struct timeval *t1; struct timeval *t0; struct timeval *diff; { long d; if(t0->tv_sec > t1->tv_sec) ERETURN(R_BAD_ARGS); /*Easy case*/ if(t0->tv_usec <= t1->tv_usec){ diff->tv_sec=t1->tv_sec - t0->tv_sec; diff->tv_usec=t1->tv_usec - t0->tv_usec; return(0); } /*Hard case*/ d=t0->tv_usec - t1->tv_usec; if(t1->tv_sec < (t0->tv_sec + 1)) ERETURN(R_BAD_ARGS); diff->tv_sec=t1->tv_sec - (t0->tv_sec + 1); diff->tv_usec=1000000 - d; return(0); } int r_timeval_add(t1,t2,sum) struct timeval *t1; struct timeval *t2; struct timeval *sum; { long tv_sec,tv_usec,d; tv_sec=t1->tv_sec + t2->tv_sec; d=t1->tv_usec + t2->tv_usec; if(d>1000000){ tv_sec++; tv_usec=d-1000000; } else{ tv_usec=d; } sum->tv_sec=tv_sec; sum->tv_usec=tv_usec; return(0); } UINT8 r_timeval2int(tv) struct timeval *tv; { UINT8 r=0; r=(tv->tv_sec); r*=1000000; r+=tv->tv_usec; return r; } UINT8 r_gettimeint() { struct timeval tv; gettimeofday(&tv,0); return r_timeval2int(&tv); } ssldump-1.1/common/lib/targets.mk000066400000000000000000000000461354171271700171120ustar00rootroot00000000000000include $(COMMON_LIB_SRCDIR)local.mk ssldump-1.1/common/lib/threads/000077500000000000000000000000001354171271700165425ustar00rootroot00000000000000ssldump-1.1/common/lib/threads/null/000077500000000000000000000000001354171271700175145ustar00rootroot00000000000000ssldump-1.1/common/lib/threads/null/targets.mk000066400000000000000000000000001354171271700215040ustar00rootroot00000000000000ssldump-1.1/common/lib/threads/pthreads/000077500000000000000000000000001354171271700203545ustar00rootroot00000000000000ssldump-1.1/common/lib/threads/pthreads/pthread.c000066400000000000000000000046061354171271700221550ustar00rootroot00000000000000/** pthread.c Copyright (C) 1999, RTFM, Inc. All Rights Reserved. ekr@rtfm.com Tue Feb 23 15:08:03 1999 */ static char *RCSSTRING="$Id: pthread.c,v 1.1.1.1 2000/10/09 00:45:39 ekr Exp $"; #include #include #include static int thread_count=0; typedef struct { void (*func) PROTO_LIST((void *)); void *arg; } helper; static void *r_thread_real_create PROTO_LIST((void *arg)); static void *r_thread_real_create(arg) void *arg; { helper *h; h=(helper *)arg; thread_count++; h->func(h->arg); thread_count--; free(h); return(0); } int r_thread_fork(func,arg,id) void (*func) PROTO_LIST((void *)); void *arg; r_thread *id; { pthread_t thread; helper *h; int r,_status; h=(helper *)malloc(sizeof(helper)); h->func=func; h->arg=arg; if(r=pthread_create(&thread,0,r_thread_real_create,(void *)h)) ABORT(R_INTERNAL); _status=0; abort: return(_status); } int r_thread_yield() { pthread_yield(); } int r_thread_exit() { thread_count--; pthread_exit(0); return(0); } int r_thread_wait_last() { do { pthread_yield(); usleep(10000); DBG((0,"%d threads left",thread_count)); } while (thread_count); return(0); } int r_rwlock_create(lockp) r_rwlock **lockp; { pthread_rwlock_t *lock; int r; if(!(lock=(pthread_rwlock_t *)malloc(sizeof(pthread_rwlock_t)))) ERETURN(R_NO_MEMORY); if(r=pthread_rwlock_init(lock,0)) ERETURN(R_INTERNAL); *lockp=(void *)lock; return(0); } int r_rwlock_destroy(lock) r_rwlock **lock; { pthread_rwlock_t *plock; if(!lock || !*lock) return(0); plock=(pthread_rwlock_t *)(*lock); pthread_rwlock_destroy(plock); return(0); } int r_rwlock_lock(lock,action) r_rwlock *lock; int action; { pthread_rwlock_t *plock; int r,_status; plock=(pthread_rwlock_t *)lock; switch(action){ case R_RWLOCK_UNLOCK: if(r=pthread_rwlock_unlock(plock)) ABORT(R_INTERNAL); break; case R_RWLOCK_RLOCK: if(r=pthread_rwlock_rdlock(plock)) ABORT(R_INTERNAL); break; case R_RWLOCK_WLOCK: if(r=pthread_rwlock_wrlock(plock)) ABORT(R_INTERNAL); break; default: ABORT(R_BAD_ARGS); } _status=0; abort: return(_status); } ssldump-1.1/common/lib/threads/pthreads/targets.mk000066400000000000000000000161431354171271700223630ustar00rootroot00000000000000# # targets.mk # # $Source: /usr/local/CVS/ssldump/common/lib/threads/pthreads/targets.mk,v $ # $Revision: 1.1.1.1 $ # $Date: 2000/10/09 00:45:39 $ # $Name: $ # $Disclaimer$ # # Copyright (C) 1999, Terisa Systems, Inc. # All Rights Reserved. # # ekr@terisa.com # # # CONFIGURE USER-DEFINED MAKE ENVIRONMENT # # These fields are specified by the user. The remainder of # this file is generated from this user-specified information. # # THREADS_PTHREADS_DEFINES: # cpp defines, with the -D flag preceeding each # # THREADS_PTHREADS_INCLUDES: # cpp include directories, with the -I flag preceeding each # # THREADS_PTHREADS_INTERNAL: # headers files which are local to a specific module directory, # and should not be used by other parts of the toolkit or by # the user # # THREADS_PTHREADS_LIBNAME: # the library associated with this module directory, used in # most cases for debugging purposes # # THREADS_PTHREADS_LIBPATHS: # link-time directories to search for libraries, with the -L flag # preceeding each # # THREADS_PTHREADS_LIBRARIES: # link-time libraries, with the -l flag preceeding each # # THREADS_PTHREADS_LOCALFLAGS: # compile-time flags specific to compiling only the files in # this module directory--this variable should only be set in # extremely exceptional cases # # THREADS_PTHREADS_MAKEFILES: # the makefiles # # THREADS_PTHREADS_PREFIX: # defines the module name, which also serves as the # prefix for all the variable names defined in this file # # THREADS_PTHREADS_PRIVATE: # the private, for-toolkit-use-only API header files # # THREADS_PTHREADS_PROGRAMS: # programs to build # # THREADS_PTHREADS_PUBLIC: # the header files that define the public API for the toolkit # and any other 'public' files that should be copied to # the build directory # # THREADS_PTHREADS_SOURCES: # the source files to compile to object # THREADS_PTHREADS_DEFINES = THREADS_PTHREADS_INCLUDES = THREADS_PTHREADS_INTERNAL = THREADS_PTHREADS_LIBNAME = THREADS_PTHREADS_LIBPATHS = THREADS_PTHREADS_LIBRARIES = THREADS_PTHREADS_LOCALFLAGS = THREADS_PTHREADS_MAKEFILES = THREADS_PTHREADS_PREFIX = THREADS_PTHREADS THREADS_PTHREADS_PRIVATE = THREADS_PTHREADS_PROGRAMS = THREADS_PTHREADS_PUBLIC = THREADS_PTHREADS_SOURCES = pthread.c # # CONFIGURE AUTOMATICALLY-GENERATED MAKE ENVIRONMENT # # THREADS_PTHREADS_OBJECTS: # object files to build # # THREADS_PTHREADS_UNUSED: # obsolete files in the module directory that are not # used during the build process # # THREADS_PTHREADS_USED: # all files in the module directory that are used # during the build process # THREADS_PTHREADS_OBJECTS = pthread.$(OBJSUFFIX) THREADS_PTHREADS_UNUSED = targets.mk THREADS_PTHREADS_USED = $(THREADS_PTHREADS_INTERNAL:%=$(THREADS_PTHREADS_SRCDIR)%) \ $(THREADS_PTHREADS_MAKEFILES:%=$(THREADS_PTHREADS_SRCDIR)%) \ $(THREADS_PTHREADS_PRIVATE:%=$(THREADS_PTHREADS_SRCDIR)%) \ $(THREADS_PTHREADS_PUBLIC:%=$(THREADS_PTHREADS_SRCDIR)%) \ $(THREADS_PTHREADS_SOURCES:%=$(THREADS_PTHREADS_SRCDIR)%) # # NOTES # # The following variables may be used during the build process, # but are not defined in this file. If they are to be set # to something other than the default blank, then they must # be set by the calling make system. # # THREADS_PTHREADS_SRCDIR: # if the build target directory is different from the # module directory (the source directory), then this # variable contains the relative or full path of # the module directory # # LIBARS: # the library archive files (with fully-specified paths) that # executables built from this module directory depend upon # # LIBPATHS: # the paths to search for library archives (specified with # the -L) # # LIBRARIES: # the libraries to use while building executables from # this module directory (specified with the -l) # # # GLOBAL ENVIRONMENT # DEFINES += $(THREADS_PTHREADS_DEFINES) INCLUDES += $(THREADS_PTHREADS_INCLUDES) LIBPATHS += $(THREADS_PTHREADS_LIBPATHS) LIBRARIES += $(THREADS_PTHREADS_LIBRARIES) OBJECTS += $(THREADS_PTHREADS_OBJECTS) PUBLIC += $(THREADS_PTHREADS_PUBLIC) # # GENERIC DEPENDENCIES # # default: # default dependency, must be the first dependency in this makefile # # all: # build everything in this module directory # # build: # make only the toolkit build files of this module directory # # ci: # perform an RCS check-in of this module directory # # clean: # remove the compiled files # # clean_public: # remove the public header files that have been copied # to a public build directory # # objects: # build the object files (this dependency is used for # building the toolkit library) # # private: # build only the private API header files # # public: # build only the public API header files # default: $(THREADS_PTHREADS_LIBNAME) default: $(THREADS_PTHREADS_PROGRAMS) all: $(THREADS_PTHREADS_PUBLIC) all: $(THREADS_PTHREADS_OBJECTS) all: $(THREADS_PTHREADS_LIBNAME) all: $(THREADS_PTHREADS_PROGRAMS) build: $(THREADS_PTHREADS_PUBLIC) build: $(THREADS_PTHREADS_OBJECTS) ci: threads_pthreads_ci clean: threads_pthreads_clean clean_public: threads_pthreads_clean_public objects: $(THREADS_PTHREADS_OBJECTS) private: $(THREADS_PTHREADS_PRIVATE) public: $(THREADS_PTHREADS_PUBLIC) # # LOCAL UTILITY DEPENDENCIES # # utility dependencies are necessary because of some # make-isms having to do with dependencies # threads_pthreads_ci: $(CI) $(CIFLAGS) $(THREADS_PTHREADS_USED) threads_pthreads_clean: $(RM) $(RMFLAGS) $(THREADS_PTHREADS_OBJECTS) $(THREADS_PTHREADS_LIBNAME) $(THREADS_PTHREADS_PROGRAMS) threads_pthreads_clean_public: $(RM) $(RMFLAGS) $(THREADS_PTHREADS_PUBLIC) threads_pthreads_objects: $(THREADS_PTHREADS_OBJECTS) threads_pthreads_programs: $(THREADS_PTHREADS_PROGRAMS) threads_pthreads_public: $(THREADS_PTHREADS_PUBLIC) # # BUILD DEPENDENCIES # # build dependencies invoke the rule used to build each # class of file # $(THREADS_PTHREADS_LIBNAME): $(AR) $(ARFLAGS) $@ $? $(RANLIB) $@ $(THREADS_PTHREADS_OBJECTS): $(COMPILE.c) $(THREADS_PTHREADS_SRCDIR)$(@:%.$(OBJSUFFIX)=%.c) $(DEFINES) $(INCLUDES) $(THREADS_PTHREADS_LOCALFLAGS) $(THREADS_PTHREADS_PUBLIC): $(CP) $(CPFLAGS) $(THREADS_PTHREADS_SRCDIR)$@ $@ $(THREADS_PTHREADS_PROGRAMS): $(LINK.c) $@.$(OBJSUFFIX) $(LDLIBS) $(LIBS) $(LIBRARIES) $(LIBPATHS) #LIBS above is obsolete (use LIBARARIES instead) # # FILE DEPENDENCIES # # file dependencies state, for each file that is built, # which file(s) it depends upon # pthread.$(OBJSUFFIX): $(THREADS_PTHREADS_SRCDIR)pthread.c $(THREADS_PTHREADS_LIBNAME): $(THREADS_PTHREADS_OBJECTS) ssldump-1.1/common/lib/threads/targets.mk000066400000000000000000000002241354171271700205420ustar00rootroot00000000000000THREADS_SRCDIR=$(COMMON_LIB_SRCDIR)threads/ THREADS_PTHREADS_SRCDIR=$(THREADS_SRCDIR)pthreads/ include $(THREADS_SRCDIR)$(THREADS_TYPE)/targets.mk ssldump-1.1/config.guess000066400000000000000000001276371354171271700154070ustar00rootroot00000000000000#! /bin/sh # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, # 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 # Free Software Foundation, Inc. timestamp='2009-12-30' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA # 02110-1301, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # Originally written by Per Bothner. Please send patches (context # diff format) to and include a ChangeLog # entry. # # This script attempts to guess a canonical system name similar to # config.sub. If it succeeds, it prints the system name on stdout, and # exits with 0. Otherwise, it exits with 1. # # You can get the latest version of this script from: # http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD me=`echo "$0" | sed -e 's,.*/,,'` usage="\ Usage: $0 [OPTION] Output the configuration name of the system \`$me' is run on. Operation modes: -h, --help print this help, then exit -t, --time-stamp print date of last modification, then exit -v, --version print version number, then exit Report bugs and patches to ." version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." help=" Try \`$me --help' for more information." # Parse command line while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) echo "$timestamp" ; exit ;; --version | -v ) echo "$version" ; exit ;; --help | --h* | -h ) echo "$usage"; exit ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. break ;; -* ) echo "$me: invalid option $1$help" >&2 exit 1 ;; * ) break ;; esac done if test $# != 0; then echo "$me: too many arguments$help" >&2 exit 1 fi trap 'exit 1' 1 2 15 # CC_FOR_BUILD -- compiler used by this script. Note that the use of a # compiler to aid in system detection is discouraged as it requires # temporary files to be created and, as you can see below, it is a # headache to deal with in a portable fashion. # Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still # use `HOST_CC' if defined, but it is deprecated. # Portable tmp directory creation inspired by the Autoconf team. set_cc_for_build=' trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; : ${TMPDIR=/tmp} ; { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; dummy=$tmp/dummy ; tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; case $CC_FOR_BUILD,$HOST_CC,$CC in ,,) echo "int x;" > $dummy.c ; for c in cc gcc c89 c99 ; do if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then CC_FOR_BUILD="$c"; break ; fi ; done ; if test x"$CC_FOR_BUILD" = x ; then CC_FOR_BUILD=no_compiler_found ; fi ;; ,,*) CC_FOR_BUILD=$CC ;; ,*,*) CC_FOR_BUILD=$HOST_CC ;; esac ; set_cc_for_build= ;' # This is needed to find uname on a Pyramid OSx when run in the BSD universe. # (ghazi@noc.rutgers.edu 1994-08-24) if (test -f /.attbin/uname) >/dev/null 2>&1 ; then PATH=$PATH:/.attbin ; export PATH fi UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown # Note: order is significant - the case branches are not exclusive. case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in *:NetBSD:*:*) # NetBSD (nbsd) targets should (where applicable) match one or # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently # switched to ELF, *-*-netbsd* would select the old # object file format. This provides both forward # compatibility and a consistent mechanism for selecting the # object file format. # # Note: NetBSD doesn't particularly care about the vendor # portion of the name. We always set it to "unknown". sysctl="sysctl -n hw.machine_arch" UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ /usr/sbin/$sysctl 2>/dev/null || echo unknown)` case "${UNAME_MACHINE_ARCH}" in armeb) machine=armeb-unknown ;; arm*) machine=arm-unknown ;; sh3el) machine=shl-unknown ;; sh3eb) machine=sh-unknown ;; sh5el) machine=sh5le-unknown ;; *) machine=${UNAME_MACHINE_ARCH}-unknown ;; esac # The Operating System including object format, if it has switched # to ELF recently, or will in the future. case "${UNAME_MACHINE_ARCH}" in arm*|i386|m68k|ns32k|sh3*|sparc|vax) eval $set_cc_for_build if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ELF__ then # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). # Return netbsd for either. FIX? os=netbsd else os=netbsdelf fi ;; *) os=netbsd ;; esac # The OS release # Debian GNU/NetBSD machines have a different userland, and # thus, need a distinct triplet. However, they do not need # kernel version information, so it can be replaced with a # suitable tag, in the style of linux-gnu. case "${UNAME_VERSION}" in Debian*) release='-gnu' ;; *) release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` ;; esac # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: # contains redundant information, the shorter form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" exit ;; *:OpenBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} exit ;; *:ekkoBSD:*:*) echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} exit ;; *:SolidBSD:*:*) echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} exit ;; macppc:MirBSD:*:*) echo powerpc-unknown-mirbsd${UNAME_RELEASE} exit ;; *:MirBSD:*:*) echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} exit ;; alpha:OSF1:*:*) case $UNAME_RELEASE in *4.0) UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` ;; *5.*) UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` ;; esac # According to Compaq, /usr/sbin/psrinfo has been available on # OSF/1 and Tru64 systems produced since 1995. I hope that # covers most systems running today. This code pipes the CPU # types through head -n 1, so we only detect the type of CPU 0. ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` case "$ALPHA_CPU_TYPE" in "EV4 (21064)") UNAME_MACHINE="alpha" ;; "EV4.5 (21064)") UNAME_MACHINE="alpha" ;; "LCA4 (21066/21068)") UNAME_MACHINE="alpha" ;; "EV5 (21164)") UNAME_MACHINE="alphaev5" ;; "EV5.6 (21164A)") UNAME_MACHINE="alphaev56" ;; "EV5.6 (21164PC)") UNAME_MACHINE="alphapca56" ;; "EV5.7 (21164PC)") UNAME_MACHINE="alphapca57" ;; "EV6 (21264)") UNAME_MACHINE="alphaev6" ;; "EV6.7 (21264A)") UNAME_MACHINE="alphaev67" ;; "EV6.8CB (21264C)") UNAME_MACHINE="alphaev68" ;; "EV6.8AL (21264B)") UNAME_MACHINE="alphaev68" ;; "EV6.8CX (21264D)") UNAME_MACHINE="alphaev68" ;; "EV6.9A (21264/EV69A)") UNAME_MACHINE="alphaev69" ;; "EV7 (21364)") UNAME_MACHINE="alphaev7" ;; "EV7.9 (21364A)") UNAME_MACHINE="alphaev79" ;; esac # A Pn.n version is a patched version. # A Vn.n version is a released version. # A Tn.n version is a released field test version. # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` exit ;; Alpha\ *:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # Should we change UNAME_MACHINE based on the output of uname instead # of the specific Alpha model? echo alpha-pc-interix exit ;; 21064:Windows_NT:50:3) echo alpha-dec-winnt3.5 exit ;; Amiga*:UNIX_System_V:4.0:*) echo m68k-unknown-sysv4 exit ;; *:[Aa]miga[Oo][Ss]:*:*) echo ${UNAME_MACHINE}-unknown-amigaos exit ;; *:[Mm]orph[Oo][Ss]:*:*) echo ${UNAME_MACHINE}-unknown-morphos exit ;; *:OS/390:*:*) echo i370-ibm-openedition exit ;; *:z/VM:*:*) echo s390-ibm-zvmoe exit ;; *:OS400:*:*) echo powerpc-ibm-os400 exit ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} exit ;; arm:riscos:*:*|arm:RISCOS:*:*) echo arm-unknown-riscos exit ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) echo hppa1.1-hitachi-hiuxmpp exit ;; Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. if test "`(/bin/universe) 2>/dev/null`" = att ; then echo pyramid-pyramid-sysv3 else echo pyramid-pyramid-bsd fi exit ;; NILE*:*:*:dcosx) echo pyramid-pyramid-svr4 exit ;; DRS?6000:unix:4.0:6*) echo sparc-icl-nx6 exit ;; DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) case `/usr/bin/uname -p` in sparc) echo sparc-icl-nx7; exit ;; esac ;; s390x:SunOS:*:*) echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4H:SunOS:5.*:*) echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) echo i386-pc-auroraux${UNAME_RELEASE} exit ;; i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) eval $set_cc_for_build SUN_ARCH="i386" # If there is a compiler, see if it is configured for 64-bit objects. # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. # This test works for both compilers. if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ grep IS_64BIT_ARCH >/dev/null then SUN_ARCH="x86_64" fi fi echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize # SunOS6. Hard to guess exactly what SunOS6 will be like, but # it's likely to be more like Solaris than SunOS4. echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:*:*) case "`/usr/bin/arch -k`" in Series*|S4*) UNAME_RELEASE=`uname -v` ;; esac # Japanese Language versions have a version number like `4.1.3-JL'. echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` exit ;; sun3*:SunOS:*:*) echo m68k-sun-sunos${UNAME_RELEASE} exit ;; sun*:*:4.2BSD:*) UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 case "`/bin/arch`" in sun3) echo m68k-sun-sunos${UNAME_RELEASE} ;; sun4) echo sparc-sun-sunos${UNAME_RELEASE} ;; esac exit ;; aushp:SunOS:*:*) echo sparc-auspex-sunos${UNAME_RELEASE} exit ;; # The situation for MiNT is a little confusing. The machine name # can be virtually everything (everything which is not # "atarist" or "atariste" at least should have a processor # > m68000). The system name ranges from "MiNT" over "FreeMiNT" # to the lowercase version "mint" (or "freemint"). Finally # the system name "TOS" denotes a system which is actually not # MiNT. But MiNT is downward compatible to TOS, so this should # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) echo m68k-milan-mint${UNAME_RELEASE} exit ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) echo m68k-hades-mint${UNAME_RELEASE} exit ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) echo m68k-unknown-mint${UNAME_RELEASE} exit ;; m68k:machten:*:*) echo m68k-apple-machten${UNAME_RELEASE} exit ;; powerpc:machten:*:*) echo powerpc-apple-machten${UNAME_RELEASE} exit ;; RISC*:Mach:*:*) echo mips-dec-mach_bsd4.3 exit ;; RISC*:ULTRIX:*:*) echo mips-dec-ultrix${UNAME_RELEASE} exit ;; VAX*:ULTRIX*:*:*) echo vax-dec-ultrix${UNAME_RELEASE} exit ;; 2020:CLIX:*:* | 2430:CLIX:*:*) echo clipper-intergraph-clix${UNAME_RELEASE} exit ;; mips:*:*:UMIPS | mips:*:*:RISCos) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #ifdef __cplusplus #include /* for printf() prototype */ int main (int argc, char *argv[]) { #else int main (argc, argv) int argc; char *argv[]; { #endif #if defined (host_mips) && defined (MIPSEB) #if defined (SYSTYPE_SYSV) printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); #endif #if defined (SYSTYPE_SVR4) printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); #endif #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); #endif #endif exit (-1); } EOF $CC_FOR_BUILD -o $dummy $dummy.c && dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && SYSTEM_NAME=`$dummy $dummyarg` && { echo "$SYSTEM_NAME"; exit; } echo mips-mips-riscos${UNAME_RELEASE} exit ;; Motorola:PowerMAX_OS:*:*) echo powerpc-motorola-powermax exit ;; Motorola:*:4.3:PL8-*) echo powerpc-harris-powermax exit ;; Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) echo powerpc-harris-powermax exit ;; Night_Hawk:Power_UNIX:*:*) echo powerpc-harris-powerunix exit ;; m88k:CX/UX:7*:*) echo m88k-harris-cxux7 exit ;; m88k:*:4*:R4*) echo m88k-motorola-sysv4 exit ;; m88k:*:3*:R3*) echo m88k-motorola-sysv3 exit ;; AViiON:dgux:*:*) # DG/UX returns AViiON for all architectures UNAME_PROCESSOR=`/usr/bin/uname -p` if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] then if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ [ ${TARGET_BINARY_INTERFACE}x = x ] then echo m88k-dg-dgux${UNAME_RELEASE} else echo m88k-dg-dguxbcs${UNAME_RELEASE} fi else echo i586-dg-dgux${UNAME_RELEASE} fi exit ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) echo m88k-dolphin-sysv3 exit ;; M88*:*:R3*:*) # Delta 88k system running SVR3 echo m88k-motorola-sysv3 exit ;; XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) echo m88k-tektronix-sysv3 exit ;; Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) echo m68k-tektronix-bsd exit ;; *:IRIX*:*:*) echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` exit ;; ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' i*86:AIX:*:*) echo i386-ibm-aix exit ;; ia64:AIX:*:*) if [ -x /usr/bin/oslevel ] ; then IBM_REV=`/usr/bin/oslevel` else IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} fi echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} exit ;; *:AIX:2:3) if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #include main() { if (!__power_pc()) exit(1); puts("powerpc-ibm-aix3.2.5"); exit(0); } EOF if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` then echo "$SYSTEM_NAME" else echo rs6000-ibm-aix3.2.5 fi elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then echo rs6000-ibm-aix3.2.4 else echo rs6000-ibm-aix3.2 fi exit ;; *:AIX:*:[456]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then IBM_ARCH=rs6000 else IBM_ARCH=powerpc fi if [ -x /usr/bin/oslevel ] ; then IBM_REV=`/usr/bin/oslevel` else IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} fi echo ${IBM_ARCH}-ibm-aix${IBM_REV} exit ;; *:AIX:*:*) echo rs6000-ibm-aix exit ;; ibmrt:4.4BSD:*|romp-ibm:BSD:*) echo romp-ibm-bsd4.4 exit ;; ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to exit ;; # report: romp-ibm BSD 4.3 *:BOSX:*:*) echo rs6000-bull-bosx exit ;; DPX/2?00:B.O.S.:*:*) echo m68k-bull-sysv3 exit ;; 9000/[34]??:4.3bsd:1.*:*) echo m68k-hp-bsd exit ;; hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) echo m68k-hp-bsd4.4 exit ;; 9000/[34678]??:HP-UX:*:*) HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` case "${UNAME_MACHINE}" in 9000/31? ) HP_ARCH=m68000 ;; 9000/[34]?? ) HP_ARCH=m68k ;; 9000/[678][0-9][0-9]) if [ -x /usr/bin/getconf ]; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` case "${sc_cpu_version}" in 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 532) # CPU_PA_RISC2_0 case "${sc_kernel_bits}" in 32) HP_ARCH="hppa2.0n" ;; 64) HP_ARCH="hppa2.0w" ;; '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 esac ;; esac fi if [ "${HP_ARCH}" = "" ]; then eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #define _HPUX_SOURCE #include #include int main () { #if defined(_SC_KERNEL_BITS) long bits = sysconf(_SC_KERNEL_BITS); #endif long cpu = sysconf (_SC_CPU_VERSION); switch (cpu) { case CPU_PA_RISC1_0: puts ("hppa1.0"); break; case CPU_PA_RISC1_1: puts ("hppa1.1"); break; case CPU_PA_RISC2_0: #if defined(_SC_KERNEL_BITS) switch (bits) { case 64: puts ("hppa2.0w"); break; case 32: puts ("hppa2.0n"); break; default: puts ("hppa2.0"); break; } break; #else /* !defined(_SC_KERNEL_BITS) */ puts ("hppa2.0"); break; #endif default: puts ("hppa1.0"); break; } exit (0); } EOF (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` test -z "$HP_ARCH" && HP_ARCH=hppa fi ;; esac if [ ${HP_ARCH} = "hppa2.0w" ] then eval $set_cc_for_build # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler # generating 64-bit code. GNU and HP use different nomenclature: # # $ CC_FOR_BUILD=cc ./config.guess # => hppa2.0w-hp-hpux11.23 # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess # => hppa64-hp-hpux11.23 if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | grep -q __LP64__ then HP_ARCH="hppa2.0w" else HP_ARCH="hppa64" fi fi echo ${HP_ARCH}-hp-hpux${HPUX_REV} exit ;; ia64:HP-UX:*:*) HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` echo ia64-hp-hpux${HPUX_REV} exit ;; 3050*:HI-UX:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #include int main () { long cpu = sysconf (_SC_CPU_VERSION); /* The order matters, because CPU_IS_HP_MC68K erroneously returns true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct results, however. */ if (CPU_IS_PA_RISC (cpu)) { switch (cpu) { case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; default: puts ("hppa-hitachi-hiuxwe2"); break; } } else if (CPU_IS_HP_MC68K (cpu)) puts ("m68k-hitachi-hiuxwe2"); else puts ("unknown-hitachi-hiuxwe2"); exit (0); } EOF $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && { echo "$SYSTEM_NAME"; exit; } echo unknown-hitachi-hiuxwe2 exit ;; 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) echo hppa1.1-hp-bsd exit ;; 9000/8??:4.3bsd:*:*) echo hppa1.0-hp-bsd exit ;; *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) echo hppa1.0-hp-mpeix exit ;; hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) echo hppa1.1-hp-osf exit ;; hp8??:OSF1:*:*) echo hppa1.0-hp-osf exit ;; i*86:OSF1:*:*) if [ -x /usr/sbin/sysversion ] ; then echo ${UNAME_MACHINE}-unknown-osf1mk else echo ${UNAME_MACHINE}-unknown-osf1 fi exit ;; parisc*:Lites*:*:*) echo hppa1.1-hp-lites exit ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) echo c1-convex-bsd exit ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi exit ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) echo c34-convex-bsd exit ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) echo c38-convex-bsd exit ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) echo c4-convex-bsd exit ;; CRAY*Y-MP:*:*:*) echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; CRAY*[A-Z]90:*:*:*) echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ -e 's/\.[^.]*$/.X/' exit ;; CRAY*TS:*:*:*) echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; CRAY*T3E:*:*:*) echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; CRAY*SV1:*:*:*) echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; *:UNICOS/mp:*:*) echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit ;; 5000:UNIX_System_V:4.*:*) FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} exit ;; sparc*:BSD/OS:*:*) echo sparc-unknown-bsdi${UNAME_RELEASE} exit ;; *:BSD/OS:*:*) echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} exit ;; *:FreeBSD:*:*) case ${UNAME_MACHINE} in pc98) echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; amd64) echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; *) echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; esac exit ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit ;; *:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; i*:windows32*:*) # uname -m includes "-pc" on this system. echo ${UNAME_MACHINE}-mingw32 exit ;; i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 exit ;; *:Interix*:*) case ${UNAME_MACHINE} in x86) echo i586-pc-interix${UNAME_RELEASE} exit ;; authenticamd | genuineintel | EM64T) echo x86_64-unknown-interix${UNAME_RELEASE} exit ;; IA64) echo ia64-unknown-interix${UNAME_RELEASE} exit ;; esac ;; [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) echo i${UNAME_MACHINE}-pc-mks exit ;; 8664:Windows_NT:*) echo x86_64-pc-mks exit ;; i*:Windows_NT*:* | Pentium*:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we # UNAME_MACHINE based on the output of uname instead of i386? echo i586-pc-interix exit ;; i*:UWIN*:*) echo ${UNAME_MACHINE}-pc-uwin exit ;; amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) echo x86_64-unknown-cygwin exit ;; p*:CYGWIN*:*) echo powerpcle-unknown-cygwin exit ;; prep*:SunOS:5.*:*) echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; *:GNU:*:*) # the GNU system echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` exit ;; *:GNU/*:*:*) # other systems with GNU libc and userland echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu exit ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in EV5) UNAME_MACHINE=alphaev5 ;; EV56) UNAME_MACHINE=alphaev56 ;; PCA56) UNAME_MACHINE=alphapca56 ;; PCA57) UNAME_MACHINE=alphapca56 ;; EV6) UNAME_MACHINE=alphaev6 ;; EV67) UNAME_MACHINE=alphaev67 ;; EV68*) UNAME_MACHINE=alphaev68 ;; esac objdump --private-headers /bin/sh | grep -q ld.so.1 if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} exit ;; arm*:Linux:*:*) eval $set_cc_for_build if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_EABI__ then echo ${UNAME_MACHINE}-unknown-linux-gnu else echo ${UNAME_MACHINE}-unknown-linux-gnueabi fi exit ;; avr32*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; cris:Linux:*:*) echo cris-axis-linux-gnu exit ;; crisv32:Linux:*:*) echo crisv32-axis-linux-gnu exit ;; frv:Linux:*:*) echo frv-unknown-linux-gnu exit ;; i*86:Linux:*:*) LIBC=gnu eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #ifdef __dietlibc__ LIBC=dietlibc #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` echo "${UNAME_MACHINE}-pc-linux-${LIBC}" exit ;; ia64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; m32r*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; m68*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; mips:Linux:*:* | mips64:Linux:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #undef CPU #undef ${UNAME_MACHINE} #undef ${UNAME_MACHINE}el #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) CPU=${UNAME_MACHINE}el #else #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) CPU=${UNAME_MACHINE} #else CPU= #endif #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } ;; or32:Linux:*:*) echo or32-unknown-linux-gnu exit ;; padre:Linux:*:*) echo sparc-unknown-linux-gnu exit ;; parisc64:Linux:*:* | hppa64:Linux:*:*) echo hppa64-unknown-linux-gnu exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in PA7*) echo hppa1.1-unknown-linux-gnu ;; PA8*) echo hppa2.0-unknown-linux-gnu ;; *) echo hppa-unknown-linux-gnu ;; esac exit ;; ppc64:Linux:*:*) echo powerpc64-unknown-linux-gnu exit ;; ppc:Linux:*:*) echo powerpc-unknown-linux-gnu exit ;; s390:Linux:*:* | s390x:Linux:*:*) echo ${UNAME_MACHINE}-ibm-linux exit ;; sh64*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; sh*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; sparc:Linux:*:* | sparc64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; vax:Linux:*:*) echo ${UNAME_MACHINE}-dec-linux-gnu exit ;; x86_64:Linux:*:*) echo x86_64-unknown-linux-gnu exit ;; xtensa*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. # earlier versions are messed up and put the nodename in both # sysname and nodename. echo i386-sequent-sysv4 exit ;; i*86:UNIX_SV:4.2MP:2.*) # Unixware is an offshoot of SVR4, but it has its own version # number series starting with 2... # I am not positive that other SVR4 systems won't match this, # I just have to hope. -- rms. # Use sysv4.2uw... so that sysv4* matches it. echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} exit ;; i*86:OS/2:*:*) # If we were able to find `uname', then EMX Unix compatibility # is probably installed. echo ${UNAME_MACHINE}-pc-os2-emx exit ;; i*86:XTS-300:*:STOP) echo ${UNAME_MACHINE}-unknown-stop exit ;; i*86:atheos:*:*) echo ${UNAME_MACHINE}-unknown-atheos exit ;; i*86:syllable:*:*) echo ${UNAME_MACHINE}-pc-syllable exit ;; i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) echo i386-unknown-lynxos${UNAME_RELEASE} exit ;; i*86:*DOS:*:*) echo ${UNAME_MACHINE}-pc-msdosdjgpp exit ;; i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} else echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} fi exit ;; i*86:*:5:[678]*) # UnixWare 7.x, OpenUNIX and OpenServer 6. case `/bin/uname -X | grep "^Machine"` in *486*) UNAME_MACHINE=i486 ;; *Pentium) UNAME_MACHINE=i586 ;; *Pent*|*Celeron) UNAME_MACHINE=i686 ;; esac echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} exit ;; i*86:*:3.2:*) if test -f /usr/options/cb.name; then UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ && UNAME_MACHINE=i586 (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ && UNAME_MACHINE=i686 (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ && UNAME_MACHINE=i686 echo ${UNAME_MACHINE}-pc-sco$UNAME_REL else echo ${UNAME_MACHINE}-pc-sysv32 fi exit ;; pc:*:*:*) # Left here for compatibility: # uname -m prints for DJGPP always 'pc', but it prints nothing about # the processor, so we play safe by assuming i586. # Note: whatever this is, it MUST be the same as what config.sub # prints for the "djgpp" host, or else GDB configury will decide that # this is a cross-build. echo i586-pc-msdosdjgpp exit ;; Intel:Mach:3*:*) echo i386-pc-mach3 exit ;; paragon:*:*:*) echo i860-intel-osf1 exit ;; i860:*:4.*:*) # i860-SVR4 if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 else # Add other i860-SVR4 vendors below as they are discovered. echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 fi exit ;; mini*:CTIX:SYS*5:*) # "miniframe" echo m68010-convergent-sysv exit ;; mc68k:UNIX:SYSTEM5:3.51m) echo m68k-convergent-sysv exit ;; M680?0:D-NIX:5.3:*) echo m68k-diab-dnix exit ;; M68*:*:R3V[5678]*:*) test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) OS_REL='' test -r /etc/.relid \ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ && { echo i486-ncr-sysv4.3${OS_REL}; exit; } /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ && { echo i486-ncr-sysv4; exit; } ;; NCR*:*:4.2:* | MPRAS*:*:4.2:*) OS_REL='.3' test -r /etc/.relid \ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ && { echo i486-ncr-sysv4.3${OS_REL}; exit; } /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ && { echo i586-ncr-sysv4.3${OS_REL}; exit; } /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) echo m68k-unknown-lynxos${UNAME_RELEASE} exit ;; mc68030:UNIX_System_V:4.*:*) echo m68k-atari-sysv4 exit ;; TSUNAMI:LynxOS:2.*:*) echo sparc-unknown-lynxos${UNAME_RELEASE} exit ;; rs6000:LynxOS:2.*:*) echo rs6000-unknown-lynxos${UNAME_RELEASE} exit ;; PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) echo powerpc-unknown-lynxos${UNAME_RELEASE} exit ;; SM[BE]S:UNIX_SV:*:*) echo mips-dde-sysv${UNAME_RELEASE} exit ;; RM*:ReliantUNIX-*:*:*) echo mips-sni-sysv4 exit ;; RM*:SINIX-*:*:*) echo mips-sni-sysv4 exit ;; *:SINIX-*:*:*) if uname -p 2>/dev/null >/dev/null ; then UNAME_MACHINE=`(uname -p) 2>/dev/null` echo ${UNAME_MACHINE}-sni-sysv4 else echo ns32k-sni-sysv fi exit ;; PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort # says echo i586-unisys-sysv4 exit ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm echo hppa1.1-stratus-sysv4 exit ;; *:*:*:FTX*) # From seanf@swdc.stratus.com. echo i860-stratus-sysv4 exit ;; i*86:VOS:*:*) # From Paul.Green@stratus.com. echo ${UNAME_MACHINE}-stratus-vos exit ;; *:VOS:*:*) # From Paul.Green@stratus.com. echo hppa1.1-stratus-vos exit ;; mc68*:A/UX:*:*) echo m68k-apple-aux${UNAME_RELEASE} exit ;; news*:NEWS-OS:6*:*) echo mips-sony-newsos6 exit ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) if [ -d /usr/nec ]; then echo mips-nec-sysv${UNAME_RELEASE} else echo mips-unknown-sysv${UNAME_RELEASE} fi exit ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. echo powerpc-be-beos exit ;; BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. echo powerpc-apple-beos exit ;; BePC:BeOS:*:*) # BeOS running on Intel PC compatible. echo i586-pc-beos exit ;; BePC:Haiku:*:*) # Haiku running on Intel PC compatible. echo i586-pc-haiku exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit ;; SX-5:SUPER-UX:*:*) echo sx5-nec-superux${UNAME_RELEASE} exit ;; SX-6:SUPER-UX:*:*) echo sx6-nec-superux${UNAME_RELEASE} exit ;; SX-7:SUPER-UX:*:*) echo sx7-nec-superux${UNAME_RELEASE} exit ;; SX-8:SUPER-UX:*:*) echo sx8-nec-superux${UNAME_RELEASE} exit ;; SX-8R:SUPER-UX:*:*) echo sx8r-nec-superux${UNAME_RELEASE} exit ;; Power*:Rhapsody:*:*) echo powerpc-apple-rhapsody${UNAME_RELEASE} exit ;; *:Rhapsody:*:*) echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} exit ;; *:Darwin:*:*) UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown case $UNAME_PROCESSOR in i386) eval $set_cc_for_build if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ grep IS_64BIT_ARCH >/dev/null then UNAME_PROCESSOR="x86_64" fi fi ;; unknown) UNAME_PROCESSOR=powerpc ;; esac echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} exit ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) UNAME_PROCESSOR=`uname -p` if test "$UNAME_PROCESSOR" = "x86"; then UNAME_PROCESSOR=i386 UNAME_MACHINE=pc fi echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} exit ;; *:QNX:*:4*) echo i386-pc-qnx exit ;; NSE-?:NONSTOP_KERNEL:*:*) echo nse-tandem-nsk${UNAME_RELEASE} exit ;; NSR-?:NONSTOP_KERNEL:*:*) echo nsr-tandem-nsk${UNAME_RELEASE} exit ;; *:NonStop-UX:*:*) echo mips-compaq-nonstopux exit ;; BS2000:POSIX*:*:*) echo bs2000-siemens-sysv exit ;; DS/*:UNIX_System_V:*:*) echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} exit ;; *:Plan9:*:*) # "uname -m" is not consistent, so use $cputype instead. 386 # is converted to i386 for consistency with other x86 # operating systems. if test "$cputype" = "386"; then UNAME_MACHINE=i386 else UNAME_MACHINE="$cputype" fi echo ${UNAME_MACHINE}-unknown-plan9 exit ;; *:TOPS-10:*:*) echo pdp10-unknown-tops10 exit ;; *:TENEX:*:*) echo pdp10-unknown-tenex exit ;; KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) echo pdp10-dec-tops20 exit ;; XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) echo pdp10-xkl-tops20 exit ;; *:TOPS-20:*:*) echo pdp10-unknown-tops20 exit ;; *:ITS:*:*) echo pdp10-unknown-its exit ;; SEI:*:*:SEIUX) echo mips-sei-seiux${UNAME_RELEASE} exit ;; *:DragonFly:*:*) echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` exit ;; *:*VMS:*:*) UNAME_MACHINE=`(uname -p) 2>/dev/null` case "${UNAME_MACHINE}" in A*) echo alpha-dec-vms ; exit ;; I*) echo ia64-dec-vms ; exit ;; V*) echo vax-dec-vms ; exit ;; esac ;; *:XENIX:*:SysV) echo i386-pc-xenix exit ;; i*86:skyos:*:*) echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' exit ;; i*86:rdos:*:*) echo ${UNAME_MACHINE}-pc-rdos exit ;; i*86:AROS:*:*) echo ${UNAME_MACHINE}-pc-aros exit ;; esac #echo '(No uname command or uname output not recognized.)' 1>&2 #echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 eval $set_cc_for_build cat >$dummy.c < # include #endif main () { #if defined (sony) #if defined (MIPSEB) /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, I don't know.... */ printf ("mips-sony-bsd\n"); exit (0); #else #include printf ("m68k-sony-newsos%s\n", #ifdef NEWSOS4 "4" #else "" #endif ); exit (0); #endif #endif #if defined (__arm) && defined (__acorn) && defined (__unix) printf ("arm-acorn-riscix\n"); exit (0); #endif #if defined (hp300) && !defined (hpux) printf ("m68k-hp-bsd\n"); exit (0); #endif #if defined (NeXT) #if !defined (__ARCHITECTURE__) #define __ARCHITECTURE__ "m68k" #endif int version; version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; if (version < 4) printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); else printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); exit (0); #endif #if defined (MULTIMAX) || defined (n16) #if defined (UMAXV) printf ("ns32k-encore-sysv\n"); exit (0); #else #if defined (CMU) printf ("ns32k-encore-mach\n"); exit (0); #else printf ("ns32k-encore-bsd\n"); exit (0); #endif #endif #endif #if defined (__386BSD__) printf ("i386-pc-bsd\n"); exit (0); #endif #if defined (sequent) #if defined (i386) printf ("i386-sequent-dynix\n"); exit (0); #endif #if defined (ns32000) printf ("ns32k-sequent-dynix\n"); exit (0); #endif #endif #if defined (_SEQUENT_) struct utsname un; uname(&un); if (strncmp(un.version, "V2", 2) == 0) { printf ("i386-sequent-ptx2\n"); exit (0); } if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ printf ("i386-sequent-ptx1\n"); exit (0); } printf ("i386-sequent-ptx\n"); exit (0); #endif #if defined (vax) # if !defined (ultrix) # include # if defined (BSD) # if BSD == 43 printf ("vax-dec-bsd4.3\n"); exit (0); # else # if BSD == 199006 printf ("vax-dec-bsd4.3reno\n"); exit (0); # else printf ("vax-dec-bsd\n"); exit (0); # endif # endif # else printf ("vax-dec-bsd\n"); exit (0); # endif # else printf ("vax-dec-ultrix\n"); exit (0); # endif #endif #if defined (alliant) && defined (i860) printf ("i860-alliant-bsd\n"); exit (0); #endif exit (1); } EOF $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && { echo "$SYSTEM_NAME"; exit; } # Apollos put the system type in the environment. test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } # Convex versions that predate uname can use getsysinfo(1) if [ -x /usr/convex/getsysinfo ] then case `getsysinfo -f cpu_type` in c1*) echo c1-convex-bsd exit ;; c2*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi exit ;; c34*) echo c34-convex-bsd exit ;; c38*) echo c38-convex-bsd exit ;; c4*) echo c4-convex-bsd exit ;; esac fi cat >&2 < in order to provide the needed information to handle your system. config.guess timestamp = $timestamp uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` /bin/uname -X = `(/bin/uname -X) 2>/dev/null` hostinfo = `(hostinfo) 2>/dev/null` /bin/universe = `(/bin/universe) 2>/dev/null` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` /bin/arch = `(/bin/arch) 2>/dev/null` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` UNAME_MACHINE = ${UNAME_MACHINE} UNAME_RELEASE = ${UNAME_RELEASE} UNAME_SYSTEM = ${UNAME_SYSTEM} UNAME_VERSION = ${UNAME_VERSION} EOF exit 1 # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "timestamp='" # time-stamp-format: "%:y-%02m-%02d" # time-stamp-end: "'" # End: ssldump-1.1/config.sub000066400000000000000000001034451354171271700150410ustar00rootroot00000000000000#! /bin/sh # Configuration validation subroutine script. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, # 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 # Free Software Foundation, Inc. timestamp='2010-01-22' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software # can handle that machine. It does not imply ALL GNU software can. # # This file is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA # 02110-1301, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # Please send patches to . Submit a context # diff and a properly formatted GNU ChangeLog entry. # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. # If it is invalid, we print an error message on stderr and exit with code 1. # Otherwise, we print the canonical config type on stdout and succeed. # You can get the latest version of this script from: # http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD # This file is supposed to be the same for all GNU packages # and recognize all the CPU types, system types and aliases # that are meaningful with *any* GNU software. # Each package is responsible for reporting which valid configurations # it does not support. The user should be able to distinguish # a failure to support a valid configuration from a meaningless # configuration. # The goal of this file is to map all the various variations of a given # machine specification into a single specification in the form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM # or in some cases, the newer four-part form: # CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM # It is wrong to echo any other type of specification. me=`echo "$0" | sed -e 's,.*/,,'` usage="\ Usage: $0 [OPTION] CPU-MFR-OPSYS $0 [OPTION] ALIAS Canonicalize a configuration name. Operation modes: -h, --help print this help, then exit -t, --time-stamp print date of last modification, then exit -v, --version print version number, then exit Report bugs and patches to ." version="\ GNU config.sub ($timestamp) Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." help=" Try \`$me --help' for more information." # Parse command line while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) echo "$timestamp" ; exit ;; --version | -v ) echo "$version" ; exit ;; --help | --h* | -h ) echo "$usage"; exit ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. break ;; -* ) echo "$me: invalid option $1$help" exit 1 ;; *local*) # First pass through any local machine types. echo $1 exit ;; * ) break ;; esac done case $# in 0) echo "$me: missing argument$help" >&2 exit 1;; 1) ;; *) echo "$me: too many arguments$help" >&2 exit 1;; esac # Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). # Here we must recognize all the valid KERNEL-OS combinations. maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ kopensolaris*-gnu* | \ storm-chaos* | os2-emx* | rtmk-nova*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; *) basic_machine=`echo $1 | sed 's/-[^-]*$//'` if [ $basic_machine != $1 ] then os=`echo $1 | sed 's/.*-/-/'` else os=; fi ;; esac ### Let's recognize common machines as not being operating systems so ### that things like config.sub decstation-3100 work. We also ### recognize some manufacturers as not being operating systems, so we ### can provide default operating systems below. case $os in -sun*os*) # Prevent following clause from handling this invalid input. ;; -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ -apple | -axis | -knuth | -cray | -microblaze) os= basic_machine=$1 ;; -bluegene*) os=-cnk ;; -sim | -cisco | -oki | -wec | -winbond) os= basic_machine=$1 ;; -scout) ;; -wrs) os=-vxworks basic_machine=$1 ;; -chorusos*) os=-chorusos basic_machine=$1 ;; -chorusrdb) os=-chorusrdb basic_machine=$1 ;; -hiux*) os=-hiuxwe2 ;; -sco6) os=-sco5v6 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco5) os=-sco3.2v5 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco4) os=-sco3.2v4 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco3.2.[4-9]*) os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco3.2v[4-9]*) # Don't forget version if it is 3.2v4 or newer. basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco5v6*) # Don't forget version if it is 3.2v4 or newer. basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco*) os=-sco3.2v2 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -udk*) basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -isc) os=-isc2.2 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -clix*) basic_machine=clipper-intergraph ;; -isc*) basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -lynx*) os=-lynxos ;; -ptx*) basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` ;; -windowsnt*) os=`echo $os | sed -e 's/windowsnt/winnt/'` ;; -psos*) os=-psos ;; -mint | -mint[0-9]*) basic_machine=m68k-atari os=-mint ;; esac # Decode aliases for certain CPU-COMPANY combinations. case $basic_machine in # Recognize the basic CPU types without company name. # Some are omitted here because they have special meanings below. 1750a | 580 \ | a29k \ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | am33_2.0 \ | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ | bfin \ | c4x | clipper \ | d10v | d30v | dlx | dsp16xx \ | fido | fr30 | frv \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ | lm32 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ | maxq | mb | microblaze | mcore | mep | metag \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ | mips64octeon | mips64octeonel \ | mips64orion | mips64orionel \ | mips64r5900 | mips64r5900el \ | mips64vr | mips64vrel \ | mips64vr4100 | mips64vr4100el \ | mips64vr4300 | mips64vr4300el \ | mips64vr5000 | mips64vr5000el \ | mips64vr5900 | mips64vr5900el \ | mipsisa32 | mipsisa32el \ | mipsisa32r2 | mipsisa32r2el \ | mipsisa64 | mipsisa64el \ | mipsisa64r2 | mipsisa64r2el \ | mipsisa64sb1 | mipsisa64sb1el \ | mipsisa64sr71k | mipsisa64sr71kel \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ | moxie \ | mt \ | msp430 \ | nios | nios2 \ | ns16k | ns32k \ | or32 \ | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ | pyramid \ | rx \ | score \ | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ | sh64 | sh64le \ | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ | spu | strongarm \ | tahoe | thumb | tic4x | tic80 | tron \ | ubicom32 \ | v850 | v850e \ | we32k \ | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ | z8k | z80) basic_machine=$basic_machine-unknown ;; m6811 | m68hc11 | m6812 | m68hc12 | picochip) # Motorola 68HC11/12. basic_machine=$basic_machine-unknown os=-none ;; m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) ;; ms1) basic_machine=mt-unknown ;; # We use `pc' rather than `unknown' # because (1) that's what they normally are, and # (2) the word "unknown" tends to confuse beginning users. i*86 | x86_64) basic_machine=$basic_machine-pc ;; # Object if more than one company name word. *-*-*) echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 exit 1 ;; # Recognize the basic CPU types with company name. 580-* \ | a29k-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* | avr32-* \ | bfin-* | bs2000-* \ | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ | elxsi-* \ | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ | i*86-* | i860-* | i960-* | ia64-* \ | ip2k-* | iq2000-* \ | lm32-* \ | m32c-* | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ | mips16-* \ | mips64-* | mips64el-* \ | mips64octeon-* | mips64octeonel-* \ | mips64orion-* | mips64orionel-* \ | mips64r5900-* | mips64r5900el-* \ | mips64vr-* | mips64vrel-* \ | mips64vr4100-* | mips64vr4100el-* \ | mips64vr4300-* | mips64vr4300el-* \ | mips64vr5000-* | mips64vr5000el-* \ | mips64vr5900-* | mips64vr5900el-* \ | mipsisa32-* | mipsisa32el-* \ | mipsisa32r2-* | mipsisa32r2el-* \ | mipsisa64-* | mipsisa64el-* \ | mipsisa64r2-* | mipsisa64r2el-* \ | mipsisa64sb1-* | mipsisa64sb1el-* \ | mipsisa64sr71k-* | mipsisa64sr71kel-* \ | mipstx39-* | mipstx39el-* \ | mmix-* \ | mt-* \ | msp430-* \ | nios-* | nios2-* \ | none-* | np1-* | ns16k-* | ns32k-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ | pyramid-* \ | romp-* | rs6000-* | rx-* \ | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ | sparclite-* \ | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ | tahoe-* | thumb-* \ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ | tile-* | tilegx-* \ | tron-* \ | ubicom32-* \ | v850-* | v850e-* | vax-* \ | we32k-* \ | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ | xstormy16-* | xtensa*-* \ | ymp-* \ | z8k-* | z80-*) ;; # Recognize the basic CPU types without company name, with glob match. xtensa*) basic_machine=$basic_machine-unknown ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. 386bsd) basic_machine=i386-unknown os=-bsd ;; 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) basic_machine=m68000-att ;; 3b*) basic_machine=we32k-att ;; a29khif) basic_machine=a29k-amd os=-udi ;; abacus) basic_machine=abacus-unknown ;; adobe68k) basic_machine=m68010-adobe os=-scout ;; alliant | fx80) basic_machine=fx80-alliant ;; altos | altos3068) basic_machine=m68k-altos ;; am29k) basic_machine=a29k-none os=-bsd ;; amd64) basic_machine=x86_64-pc ;; amd64-*) basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` ;; amdahl) basic_machine=580-amdahl os=-sysv ;; amiga | amiga-*) basic_machine=m68k-unknown ;; amigaos | amigados) basic_machine=m68k-unknown os=-amigaos ;; amigaunix | amix) basic_machine=m68k-unknown os=-sysv4 ;; apollo68) basic_machine=m68k-apollo os=-sysv ;; apollo68bsd) basic_machine=m68k-apollo os=-bsd ;; aros) basic_machine=i386-pc os=-aros ;; aux) basic_machine=m68k-apple os=-aux ;; balance) basic_machine=ns32k-sequent os=-dynix ;; blackfin) basic_machine=bfin-unknown os=-linux ;; blackfin-*) basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'` os=-linux ;; bluegene*) basic_machine=powerpc-ibm os=-cnk ;; c90) basic_machine=c90-cray os=-unicos ;; cegcc) basic_machine=arm-unknown os=-cegcc ;; convex-c1) basic_machine=c1-convex os=-bsd ;; convex-c2) basic_machine=c2-convex os=-bsd ;; convex-c32) basic_machine=c32-convex os=-bsd ;; convex-c34) basic_machine=c34-convex os=-bsd ;; convex-c38) basic_machine=c38-convex os=-bsd ;; cray | j90) basic_machine=j90-cray os=-unicos ;; craynv) basic_machine=craynv-cray os=-unicosmp ;; cr16) basic_machine=cr16-unknown os=-elf ;; crds | unos) basic_machine=m68k-crds ;; crisv32 | crisv32-* | etraxfs*) basic_machine=crisv32-axis ;; cris | cris-* | etrax*) basic_machine=cris-axis ;; crx) basic_machine=crx-unknown os=-elf ;; da30 | da30-*) basic_machine=m68k-da30 ;; decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) basic_machine=mips-dec ;; decsystem10* | dec10*) basic_machine=pdp10-dec os=-tops10 ;; decsystem20* | dec20*) basic_machine=pdp10-dec os=-tops20 ;; delta | 3300 | motorola-3300 | motorola-delta \ | 3300-motorola | delta-motorola) basic_machine=m68k-motorola ;; delta88) basic_machine=m88k-motorola os=-sysv3 ;; dicos) basic_machine=i686-pc os=-dicos ;; djgpp) basic_machine=i586-pc os=-msdosdjgpp ;; dpx20 | dpx20-*) basic_machine=rs6000-bull os=-bosx ;; dpx2* | dpx2*-bull) basic_machine=m68k-bull os=-sysv3 ;; ebmon29k) basic_machine=a29k-amd os=-ebmon ;; elxsi) basic_machine=elxsi-elxsi os=-bsd ;; encore | umax | mmax) basic_machine=ns32k-encore ;; es1800 | OSE68k | ose68k | ose | OSE) basic_machine=m68k-ericsson os=-ose ;; fx2800) basic_machine=i860-alliant ;; genix) basic_machine=ns32k-ns ;; gmicro) basic_machine=tron-gmicro os=-sysv ;; go32) basic_machine=i386-pc os=-go32 ;; h3050r* | hiux*) basic_machine=hppa1.1-hitachi os=-hiuxwe2 ;; h8300hms) basic_machine=h8300-hitachi os=-hms ;; h8300xray) basic_machine=h8300-hitachi os=-xray ;; h8500hms) basic_machine=h8500-hitachi os=-hms ;; harris) basic_machine=m88k-harris os=-sysv3 ;; hp300-*) basic_machine=m68k-hp ;; hp300bsd) basic_machine=m68k-hp os=-bsd ;; hp300hpux) basic_machine=m68k-hp os=-hpux ;; hp3k9[0-9][0-9] | hp9[0-9][0-9]) basic_machine=hppa1.0-hp ;; hp9k2[0-9][0-9] | hp9k31[0-9]) basic_machine=m68000-hp ;; hp9k3[2-9][0-9]) basic_machine=m68k-hp ;; hp9k6[0-9][0-9] | hp6[0-9][0-9]) basic_machine=hppa1.0-hp ;; hp9k7[0-79][0-9] | hp7[0-79][0-9]) basic_machine=hppa1.1-hp ;; hp9k78[0-9] | hp78[0-9]) # FIXME: really hppa2.0-hp basic_machine=hppa1.1-hp ;; hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) # FIXME: really hppa2.0-hp basic_machine=hppa1.1-hp ;; hp9k8[0-9][13679] | hp8[0-9][13679]) basic_machine=hppa1.1-hp ;; hp9k8[0-9][0-9] | hp8[0-9][0-9]) basic_machine=hppa1.0-hp ;; hppa-next) os=-nextstep3 ;; hppaosf) basic_machine=hppa1.1-hp os=-osf ;; hppro) basic_machine=hppa1.1-hp os=-proelf ;; i370-ibm* | ibm*) basic_machine=i370-ibm ;; # I'm not sure what "Sysv32" means. Should this be sysv3.2? i*86v32) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv32 ;; i*86v4*) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv4 ;; i*86v) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv ;; i*86sol2) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-solaris2 ;; i386mach) basic_machine=i386-mach os=-mach ;; i386-vsta | vsta) basic_machine=i386-unknown os=-vsta ;; iris | iris4d) basic_machine=mips-sgi case $os in -irix*) ;; *) os=-irix4 ;; esac ;; isi68 | isi) basic_machine=m68k-isi os=-sysv ;; m68knommu) basic_machine=m68k-unknown os=-linux ;; m68knommu-*) basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'` os=-linux ;; m88k-omron*) basic_machine=m88k-omron ;; magnum | m3230) basic_machine=mips-mips os=-sysv ;; merlin) basic_machine=ns32k-utek os=-sysv ;; microblaze) basic_machine=microblaze-xilinx ;; mingw32) basic_machine=i386-pc os=-mingw32 ;; mingw32ce) basic_machine=arm-unknown os=-mingw32ce ;; miniframe) basic_machine=m68000-convergent ;; *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) basic_machine=m68k-atari os=-mint ;; mips3*-*) basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` ;; mips3*) basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown ;; monitor) basic_machine=m68k-rom68k os=-coff ;; morphos) basic_machine=powerpc-unknown os=-morphos ;; msdos) basic_machine=i386-pc os=-msdos ;; ms1-*) basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` ;; mvs) basic_machine=i370-ibm os=-mvs ;; ncr3000) basic_machine=i486-ncr os=-sysv4 ;; netbsd386) basic_machine=i386-unknown os=-netbsd ;; netwinder) basic_machine=armv4l-rebel os=-linux ;; news | news700 | news800 | news900) basic_machine=m68k-sony os=-newsos ;; news1000) basic_machine=m68030-sony os=-newsos ;; news-3600 | risc-news) basic_machine=mips-sony os=-newsos ;; necv70) basic_machine=v70-nec os=-sysv ;; next | m*-next ) basic_machine=m68k-next case $os in -nextstep* ) ;; -ns2*) os=-nextstep2 ;; *) os=-nextstep3 ;; esac ;; nh3000) basic_machine=m68k-harris os=-cxux ;; nh[45]000) basic_machine=m88k-harris os=-cxux ;; nindy960) basic_machine=i960-intel os=-nindy ;; mon960) basic_machine=i960-intel os=-mon960 ;; nonstopux) basic_machine=mips-compaq os=-nonstopux ;; np1) basic_machine=np1-gould ;; nsr-tandem) basic_machine=nsr-tandem ;; op50n-* | op60c-*) basic_machine=hppa1.1-oki os=-proelf ;; openrisc | openrisc-*) basic_machine=or32-unknown ;; os400) basic_machine=powerpc-ibm os=-os400 ;; OSE68000 | ose68000) basic_machine=m68000-ericsson os=-ose ;; os68k) basic_machine=m68k-none os=-os68k ;; pa-hitachi) basic_machine=hppa1.1-hitachi os=-hiuxwe2 ;; paragon) basic_machine=i860-intel os=-osf ;; parisc) basic_machine=hppa-unknown os=-linux ;; parisc-*) basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'` os=-linux ;; pbd) basic_machine=sparc-tti ;; pbb) basic_machine=m68k-tti ;; pc532 | pc532-*) basic_machine=ns32k-pc532 ;; pc98) basic_machine=i386-pc ;; pc98-*) basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentium | p5 | k5 | k6 | nexgen | viac3) basic_machine=i586-pc ;; pentiumpro | p6 | 6x86 | athlon | athlon_*) basic_machine=i686-pc ;; pentiumii | pentium2 | pentiumiii | pentium3) basic_machine=i686-pc ;; pentium4) basic_machine=i786-pc ;; pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentiumpro-* | p6-* | 6x86-* | athlon-*) basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentium4-*) basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pn) basic_machine=pn-gould ;; power) basic_machine=power-ibm ;; ppc) basic_machine=powerpc-unknown ;; ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppcle | powerpclittle | ppc-le | powerpc-little) basic_machine=powerpcle-unknown ;; ppcle-* | powerpclittle-*) basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppc64) basic_machine=powerpc64-unknown ;; ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppc64le | powerpc64little | ppc64-le | powerpc64-little) basic_machine=powerpc64le-unknown ;; ppc64le-* | powerpc64little-*) basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ps2) basic_machine=i386-ibm ;; pw32) basic_machine=i586-unknown os=-pw32 ;; rdos) basic_machine=i386-pc os=-rdos ;; rom68k) basic_machine=m68k-rom68k os=-coff ;; rm[46]00) basic_machine=mips-siemens ;; rtpc | rtpc-*) basic_machine=romp-ibm ;; s390 | s390-*) basic_machine=s390-ibm ;; s390x | s390x-*) basic_machine=s390x-ibm ;; sa29200) basic_machine=a29k-amd os=-udi ;; sb1) basic_machine=mipsisa64sb1-unknown ;; sb1el) basic_machine=mipsisa64sb1el-unknown ;; sde) basic_machine=mipsisa32-sde os=-elf ;; sei) basic_machine=mips-sei os=-seiux ;; sequent) basic_machine=i386-sequent ;; sh) basic_machine=sh-hitachi os=-hms ;; sh5el) basic_machine=sh5le-unknown ;; sh64) basic_machine=sh64-unknown ;; sparclite-wrs | simso-wrs) basic_machine=sparclite-wrs os=-vxworks ;; sps7) basic_machine=m68k-bull os=-sysv2 ;; spur) basic_machine=spur-unknown ;; st2000) basic_machine=m68k-tandem ;; stratus) basic_machine=i860-stratus os=-sysv4 ;; sun2) basic_machine=m68000-sun ;; sun2os3) basic_machine=m68000-sun os=-sunos3 ;; sun2os4) basic_machine=m68000-sun os=-sunos4 ;; sun3os3) basic_machine=m68k-sun os=-sunos3 ;; sun3os4) basic_machine=m68k-sun os=-sunos4 ;; sun4os3) basic_machine=sparc-sun os=-sunos3 ;; sun4os4) basic_machine=sparc-sun os=-sunos4 ;; sun4sol2) basic_machine=sparc-sun os=-solaris2 ;; sun3 | sun3-*) basic_machine=m68k-sun ;; sun4) basic_machine=sparc-sun ;; sun386 | sun386i | roadrunner) basic_machine=i386-sun ;; sv1) basic_machine=sv1-cray os=-unicos ;; symmetry) basic_machine=i386-sequent os=-dynix ;; t3e) basic_machine=alphaev5-cray os=-unicos ;; t90) basic_machine=t90-cray os=-unicos ;; tic54x | c54x*) basic_machine=tic54x-unknown os=-coff ;; tic55x | c55x*) basic_machine=tic55x-unknown os=-coff ;; tic6x | c6x*) basic_machine=tic6x-unknown os=-coff ;; # This must be matched before tile*. tilegx*) basic_machine=tilegx-unknown os=-linux-gnu ;; tile*) basic_machine=tile-unknown os=-linux-gnu ;; tx39) basic_machine=mipstx39-unknown ;; tx39el) basic_machine=mipstx39el-unknown ;; toad1) basic_machine=pdp10-xkl os=-tops20 ;; tower | tower-32) basic_machine=m68k-ncr ;; tpf) basic_machine=s390x-ibm os=-tpf ;; udi29k) basic_machine=a29k-amd os=-udi ;; ultra3) basic_machine=a29k-nyu os=-sym1 ;; v810 | necv810) basic_machine=v810-nec os=-none ;; vaxv) basic_machine=vax-dec os=-sysv ;; vms) basic_machine=vax-dec os=-vms ;; vpp*|vx|vx-*) basic_machine=f301-fujitsu ;; vxworks960) basic_machine=i960-wrs os=-vxworks ;; vxworks68) basic_machine=m68k-wrs os=-vxworks ;; vxworks29k) basic_machine=a29k-wrs os=-vxworks ;; w65*) basic_machine=w65-wdc os=-none ;; w89k-*) basic_machine=hppa1.1-winbond os=-proelf ;; xbox) basic_machine=i686-pc os=-mingw32 ;; xps | xps100) basic_machine=xps100-honeywell ;; ymp) basic_machine=ymp-cray os=-unicos ;; z8k-*-coff) basic_machine=z8k-unknown os=-sim ;; z80-*-coff) basic_machine=z80-unknown os=-sim ;; none) basic_machine=none-none os=-none ;; # Here we handle the default manufacturer of certain CPU types. It is in # some cases the only manufacturer, in others, it is the most popular. w89k) basic_machine=hppa1.1-winbond ;; op50n) basic_machine=hppa1.1-oki ;; op60c) basic_machine=hppa1.1-oki ;; romp) basic_machine=romp-ibm ;; mmix) basic_machine=mmix-knuth ;; rs6000) basic_machine=rs6000-ibm ;; vax) basic_machine=vax-dec ;; pdp10) # there are many clones, so DEC is not a safe bet basic_machine=pdp10-unknown ;; pdp11) basic_machine=pdp11-dec ;; we32k) basic_machine=we32k-att ;; sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) basic_machine=sh-unknown ;; sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) basic_machine=sparc-sun ;; cydra) basic_machine=cydra-cydrome ;; orion) basic_machine=orion-highlevel ;; orion105) basic_machine=clipper-highlevel ;; mac | mpw | mac-mpw) basic_machine=m68k-apple ;; pmac | pmac-mpw) basic_machine=powerpc-apple ;; *-unknown) # Make sure to match an already-canonicalized machine name. ;; *) echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 exit 1 ;; esac # Here we canonicalize certain aliases for manufacturers. case $basic_machine in *-digital*) basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` ;; *-commodore*) basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` ;; *) ;; esac # Decode manufacturer-specific aliases for certain operating systems. if [ x"$os" != x"" ] then case $os in # First match some system type aliases # that might get confused with valid system types. # -solaris* is a basic system type, with this one exception. -auroraux) os=-auroraux ;; -solaris1 | -solaris1.*) os=`echo $os | sed -e 's|solaris1|sunos4|'` ;; -solaris) os=-solaris2 ;; -svr4*) os=-sysv4 ;; -unixware*) os=-sysv4.2uw ;; -gnu/linux*) os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` ;; # First accept the basic system types. # The portable systems comes first. # Each alternative MUST END IN A *, to match a version number. # -sysv* is not here because it comes later, after sysvr4. -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ | -sym* | -kopensolaris* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ | -aos* | -aros* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ | -openbsd* | -solidbsd* \ | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -chorusos* | -chorusrdb* | -cegcc* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ | -uxpv* | -beos* | -mpeix* | -udk* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) case $basic_machine in x86-* | i*86-*) ;; *) os=-nto$os ;; esac ;; -nto-qnx*) ;; -nto*) os=`echo $os | sed -e 's|nto|nto-qnx|'` ;; -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) ;; -mac*) os=`echo $os | sed -e 's|mac|macos|'` ;; -linux-dietlibc) os=-linux-dietlibc ;; -linux*) os=`echo $os | sed -e 's|linux|linux-gnu|'` ;; -sunos5*) os=`echo $os | sed -e 's|sunos5|solaris2|'` ;; -sunos6*) os=`echo $os | sed -e 's|sunos6|solaris3|'` ;; -opened*) os=-openedition ;; -os400*) os=-os400 ;; -wince*) os=-wince ;; -osfrose*) os=-osfrose ;; -osf*) os=-osf ;; -utek*) os=-bsd ;; -dynix*) os=-bsd ;; -acis*) os=-aos ;; -atheos*) os=-atheos ;; -syllable*) os=-syllable ;; -386bsd) os=-bsd ;; -ctix* | -uts*) os=-sysv ;; -nova*) os=-rtmk-nova ;; -ns2 ) os=-nextstep2 ;; -nsk*) os=-nsk ;; # Preserve the version number of sinix5. -sinix5.*) os=`echo $os | sed -e 's|sinix|sysv|'` ;; -sinix*) os=-sysv4 ;; -tpf*) os=-tpf ;; -triton*) os=-sysv3 ;; -oss*) os=-sysv3 ;; -svr4) os=-sysv4 ;; -svr3) os=-sysv3 ;; -sysvr4) os=-sysv4 ;; # This must come after -sysvr4. -sysv*) ;; -ose*) os=-ose ;; -es1800*) os=-ose ;; -xenix) os=-xenix ;; -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) os=-mint ;; -aros*) os=-aros ;; -kaos*) os=-kaos ;; -zvmoe) os=-zvmoe ;; -dicos*) os=-dicos ;; -nacl*) ;; -none) ;; *) # Get rid of the `-' at the beginning of $os. os=`echo $os | sed 's/[^-]*-//'` echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 exit 1 ;; esac else # Here we handle the default operating systems that come with various machines. # The value should be what the vendor currently ships out the door with their # machine or put another way, the most popular os provided with the machine. # Note that if you're going to try to match "-MANUFACTURER" here (say, # "-sun"), then you have to tell the case statement up towards the top # that MANUFACTURER isn't an operating system. Otherwise, code above # will signal an error saying that MANUFACTURER isn't an operating # system, and we'll never get to this point. case $basic_machine in score-*) os=-elf ;; spu-*) os=-elf ;; *-acorn) os=-riscix1.2 ;; arm*-rebel) os=-linux ;; arm*-semi) os=-aout ;; c4x-* | tic4x-*) os=-coff ;; # This must come before the *-dec entry. pdp10-*) os=-tops20 ;; pdp11-*) os=-none ;; *-dec | vax-*) os=-ultrix4.2 ;; m68*-apollo) os=-domain ;; i386-sun) os=-sunos4.0.2 ;; m68000-sun) os=-sunos3 # This also exists in the configure program, but was not the # default. # os=-sunos4 ;; m68*-cisco) os=-aout ;; mep-*) os=-elf ;; mips*-cisco) os=-elf ;; mips*-*) os=-elf ;; or32-*) os=-coff ;; *-tti) # must be before sparc entry or we get the wrong os. os=-sysv3 ;; sparc-* | *-sun) os=-sunos4.1.1 ;; *-be) os=-beos ;; *-haiku) os=-haiku ;; *-ibm) os=-aix ;; *-knuth) os=-mmixware ;; *-wec) os=-proelf ;; *-winbond) os=-proelf ;; *-oki) os=-proelf ;; *-hp) os=-hpux ;; *-hitachi) os=-hiux ;; i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) os=-sysv ;; *-cbm) os=-amigaos ;; *-dg) os=-dgux ;; *-dolphin) os=-sysv3 ;; m68k-ccur) os=-rtu ;; m88k-omron*) os=-luna ;; *-next ) os=-nextstep ;; *-sequent) os=-ptx ;; *-crds) os=-unos ;; *-ns) os=-genix ;; i370-*) os=-mvs ;; *-next) os=-nextstep3 ;; *-gould) os=-sysv ;; *-highlevel) os=-bsd ;; *-encore) os=-bsd ;; *-sgi) os=-irix ;; *-siemens) os=-sysv4 ;; *-masscomp) os=-rtu ;; f30[01]-fujitsu | f700-fujitsu) os=-uxpv ;; *-rom68k) os=-coff ;; *-*bug) os=-coff ;; *-apple) os=-macos ;; *-atari*) os=-mint ;; *) os=-none ;; esac fi # Here we handle the case where we know the os, and the CPU type, but not the # manufacturer. We pick the logical manufacturer. vendor=unknown case $basic_machine in *-unknown) case $os in -riscix*) vendor=acorn ;; -sunos*) vendor=sun ;; -cnk*|-aix*) vendor=ibm ;; -beos*) vendor=be ;; -hpux*) vendor=hp ;; -mpeix*) vendor=hp ;; -hiux*) vendor=hitachi ;; -unos*) vendor=crds ;; -dgux*) vendor=dg ;; -luna*) vendor=omron ;; -genix*) vendor=ns ;; -mvs* | -opened*) vendor=ibm ;; -os400*) vendor=ibm ;; -ptx*) vendor=sequent ;; -tpf*) vendor=ibm ;; -vxsim* | -vxworks* | -windiss*) vendor=wrs ;; -aux*) vendor=apple ;; -hms*) vendor=hitachi ;; -mpw* | -macos*) vendor=apple ;; -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) vendor=atari ;; -vos*) vendor=stratus ;; esac basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` ;; esac echo $basic_machine$os exit # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "timestamp='" # time-stamp-format: "%:y-%02m-%02d" # time-stamp-end: "'" # End: ssldump-1.1/configure000077500000000000000000005101501354171271700147630ustar00rootroot00000000000000#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69 for ssldump 1.0. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # Use a proper internal environment variable to ensure we don't fall # into an infinite loop, continuously re-executing ourselves. if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then _as_can_reexec=no; export _as_can_reexec; # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 as_fn_exit 255 fi # We don't want this to propagate to other subprocesses. { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which # is contrary to our usage. Disable this feature. alias -g '\${1+\"\$@\"}'='\"\$@\"' setopt NO_GLOB_SUBST else case \`(set -o) 2>/dev/null\` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi " as_required="as_fn_return () { (exit \$1); } as_fn_success () { as_fn_return 0; } as_fn_failure () { as_fn_return 1; } as_fn_ret_success () { return 0; } as_fn_ret_failure () { return 1; } exitcode=0 as_fn_success || { exitcode=1; echo as_fn_success failed.; } as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : else exitcode=1; echo positional parameters were not saved. fi test x\$exitcode = x0 || exit 1 test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 test \$(( 1 + 1 )) = 2 || exit 1" if (eval "$as_required") 2>/dev/null; then : as_have_required=yes else as_have_required=no fi if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR as_found=false for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. as_found=: case $as_dir in #( /*) for as_base in sh bash ksh sh5; do # Try only shells that exist, to save several forks. as_shell=$as_dir/$as_base if { test -f "$as_shell" || test -f "$as_shell.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : CONFIG_SHELL=$as_shell as_have_required=yes if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : break 2 fi fi done;; esac as_found=false done $as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : CONFIG_SHELL=$SHELL as_have_required=yes fi; } IFS=$as_save_IFS if test "x$CONFIG_SHELL" != x; then : export CONFIG_SHELL # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 exit 255 fi if test x$as_have_required = xno; then : $as_echo "$0: This script requires a shell more modern than all" $as_echo "$0: the shells that I found on your system." if test x${ZSH_VERSION+set} = xset ; then $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" $as_echo "$0: be upgraded to zsh 4.3.4 or later." else $as_echo "$0: Please tell bug-autoconf@gnu.org about your system, $0: including any error possibly output before this $0: message. Then install a modern shell, or manually run $0: the script under such a shell if you do have one." fi exit 1 fi fi fi SHELL=${CONFIG_SHELL-/bin/sh} export SHELL # Unset more variables known to interfere with behavior of common tools. CLICOLOR_FORCE= GREP_OPTIONS= unset CLICOLOR_FORCE GREP_OPTIONS ## --------------------- ## ## M4sh Shell Functions. ## ## --------------------- ## # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits as_lineno_1=$LINENO as_lineno_1a=$LINENO as_lineno_2=$LINENO as_lineno_2a=$LINENO eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) sed -n ' p /[$]LINENO/= ' <$as_myself | sed ' s/[$]LINENO.*/&-/ t lineno b :lineno N :loop s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ t loop s/-\n.*// ' >$as_me.lineno && chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } # If we had to re-execute with $CONFIG_SHELL, we're ensured to have # already done that, so ensure we don't try to do so again and fall # in an infinite loop. This has already happened in practice. _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). . "./$as_me.lineno" # Exit status is that of the last command. exit } ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" test -n "$DJDIR" || exec 7<&0 &1 # Name of the host. # hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, # so uname gets run too. ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` # # Initializations. # ac_default_prefix=/usr/local ac_clean_files= ac_config_libobj_dir=. LIBOBJS= cross_compiling=no subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME='ssldump' PACKAGE_TARNAME='ssldump' PACKAGE_VERSION='1.0' PACKAGE_STRING='ssldump 1.0' PACKAGE_BUGREPORT='' PACKAGE_URL='' # Factoring default headers for most tests. ac_includes_default="\ #include #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef HAVE_SYS_STAT_H # include #endif #ifdef STDC_HEADERS # include # include #else # ifdef HAVE_STDLIB_H # include # endif #endif #ifdef HAVE_STRING_H # if !defined STDC_HEADERS && defined HAVE_MEMORY_H # include # endif # include #endif #ifdef HAVE_STRINGS_H # include #endif #ifdef HAVE_INTTYPES_H # include #endif #ifdef HAVE_STDINT_H # include #endif #ifdef HAVE_UNISTD_H # include #endif" ac_subst_vars='LTLIBOBJS DEFINES INCLUDES RECORD_MOD LIBOBJS EGREP GREP CPP INSTALL_DATA INSTALL_SCRIPT INSTALL_PROGRAM RANLIB SET_MAKE OBJEXT EXEEXT ac_ct_CC CPPFLAGS LDFLAGS CFLAGS CC target_os target_vendor target_cpu target host_os host_vendor host_cpu host build_os build_vendor build_cpu build target_alias host_alias build_alias LIBS ECHO_T ECHO_N ECHO_C DEFS mandir localedir libdir psdir pdfdir dvidir htmldir infodir docdir oldincludedir includedir localstatedir sharedstatedir sysconfdir datadir datarootdir libexecdir sbindir bindir program_transform_name prefix exec_prefix PACKAGE_URL PACKAGE_BUGREPORT PACKAGE_STRING PACKAGE_VERSION PACKAGE_TARNAME PACKAGE_NAME PATH_SEPARATOR SHELL' ac_subst_files='' ac_user_opts=' enable_option_checking with_pcap with_pcap_inc with_pcap_lib with_openssl with_openssl_inc with_openssl_lib with_record ' ac_precious_vars='build_alias host_alias target_alias CC CFLAGS LDFLAGS LIBS CPPFLAGS CPP' # Initialize some variables set by options. ac_init_help= ac_init_version=false ac_unrecognized_opts= ac_unrecognized_sep= # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null exec_prefix=NONE no_create= no_recursion= prefix=NONE program_prefix=NONE program_suffix=NONE program_transform_name=s,x,x, silent= site= srcdir= verbose= x_includes=NONE x_libraries=NONE # Installation directory options. # These are left unexpanded so users can "make install exec_prefix=/foo" # and all the variables that are supposed to be based on exec_prefix # by default will actually change. # Use braces instead of parens because sh, perl, etc. also accept them. # (The list follows the same order as the GNU Coding Standards.) bindir='${exec_prefix}/bin' sbindir='${exec_prefix}/sbin' libexecdir='${exec_prefix}/libexec' datarootdir='${prefix}/share' datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' infodir='${datarootdir}/info' htmldir='${docdir}' dvidir='${docdir}' pdfdir='${docdir}' psdir='${docdir}' libdir='${exec_prefix}/lib' localedir='${datarootdir}/locale' mandir='${datarootdir}/man' ac_prev= ac_dashdash= for ac_option do # If the previous option needs an argument, assign it. if test -n "$ac_prev"; then eval $ac_prev=\$ac_option ac_prev= continue fi case $ac_option in *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; *=) ac_optarg= ;; *) ac_optarg=yes ;; esac # Accept the important Cygnus configure options, so we can diagnose typos. case $ac_dashdash$ac_option in --) ac_dashdash=yes ;; -bindir | --bindir | --bindi | --bind | --bin | --bi) ac_prev=bindir ;; -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) bindir=$ac_optarg ;; -build | --build | --buil | --bui | --bu) ac_prev=build_alias ;; -build=* | --build=* | --buil=* | --bui=* | --bu=*) build_alias=$ac_optarg ;; -cache-file | --cache-file | --cache-fil | --cache-fi \ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) ac_prev=cache_file ;; -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) cache_file=$ac_optarg ;; --config-cache | -C) cache_file=config.cache ;; -datadir | --datadir | --datadi | --datad) ac_prev=datadir ;; -datadir=* | --datadir=* | --datadi=* | --datad=*) datadir=$ac_optarg ;; -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ | --dataroo | --dataro | --datar) ac_prev=datarootdir ;; -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) datarootdir=$ac_optarg ;; -disable-* | --disable-*) ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=no ;; -docdir | --docdir | --docdi | --doc | --do) ac_prev=docdir ;; -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) docdir=$ac_optarg ;; -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) ac_prev=dvidir ;; -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) dvidir=$ac_optarg ;; -enable-* | --enable-*) ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=\$ac_optarg ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ | --exec | --exe | --ex) ac_prev=exec_prefix ;; -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ | --exec=* | --exe=* | --ex=*) exec_prefix=$ac_optarg ;; -gas | --gas | --ga | --g) # Obsolete; use --with-gas. with_gas=yes ;; -help | --help | --hel | --he | -h) ac_init_help=long ;; -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) ac_init_help=recursive ;; -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) ac_init_help=short ;; -host | --host | --hos | --ho) ac_prev=host_alias ;; -host=* | --host=* | --hos=* | --ho=*) host_alias=$ac_optarg ;; -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) ac_prev=htmldir ;; -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ | --ht=*) htmldir=$ac_optarg ;; -includedir | --includedir | --includedi | --included | --include \ | --includ | --inclu | --incl | --inc) ac_prev=includedir ;; -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ | --includ=* | --inclu=* | --incl=* | --inc=*) includedir=$ac_optarg ;; -infodir | --infodir | --infodi | --infod | --info | --inf) ac_prev=infodir ;; -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) infodir=$ac_optarg ;; -libdir | --libdir | --libdi | --libd) ac_prev=libdir ;; -libdir=* | --libdir=* | --libdi=* | --libd=*) libdir=$ac_optarg ;; -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ | --libexe | --libex | --libe) ac_prev=libexecdir ;; -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ | --libexe=* | --libex=* | --libe=*) libexecdir=$ac_optarg ;; -localedir | --localedir | --localedi | --localed | --locale) ac_prev=localedir ;; -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) localedir=$ac_optarg ;; -localstatedir | --localstatedir | --localstatedi | --localstated \ | --localstate | --localstat | --localsta | --localst | --locals) ac_prev=localstatedir ;; -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) localstatedir=$ac_optarg ;; -mandir | --mandir | --mandi | --mand | --man | --ma | --m) ac_prev=mandir ;; -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) mandir=$ac_optarg ;; -nfp | --nfp | --nf) # Obsolete; use --without-fp. with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c | -n) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) no_recursion=yes ;; -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ | --oldin | --oldi | --old | --ol | --o) ac_prev=oldincludedir ;; -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) oldincludedir=$ac_optarg ;; -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) ac_prev=prefix ;; -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) prefix=$ac_optarg ;; -program-prefix | --program-prefix | --program-prefi | --program-pref \ | --program-pre | --program-pr | --program-p) ac_prev=program_prefix ;; -program-prefix=* | --program-prefix=* | --program-prefi=* \ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) program_prefix=$ac_optarg ;; -program-suffix | --program-suffix | --program-suffi | --program-suff \ | --program-suf | --program-su | --program-s) ac_prev=program_suffix ;; -program-suffix=* | --program-suffix=* | --program-suffi=* \ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) program_suffix=$ac_optarg ;; -program-transform-name | --program-transform-name \ | --program-transform-nam | --program-transform-na \ | --program-transform-n | --program-transform- \ | --program-transform | --program-transfor \ | --program-transfo | --program-transf \ | --program-trans | --program-tran \ | --progr-tra | --program-tr | --program-t) ac_prev=program_transform_name ;; -program-transform-name=* | --program-transform-name=* \ | --program-transform-nam=* | --program-transform-na=* \ | --program-transform-n=* | --program-transform-=* \ | --program-transform=* | --program-transfor=* \ | --program-transfo=* | --program-transf=* \ | --program-trans=* | --program-tran=* \ | --progr-tra=* | --program-tr=* | --program-t=*) program_transform_name=$ac_optarg ;; -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) ac_prev=pdfdir ;; -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) pdfdir=$ac_optarg ;; -psdir | --psdir | --psdi | --psd | --ps) ac_prev=psdir ;; -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) psdir=$ac_optarg ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | --sbi=* | --sb=*) sbindir=$ac_optarg ;; -sharedstatedir | --sharedstatedir | --sharedstatedi \ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ | --sharedst | --shareds | --shared | --share | --shar \ | --sha | --sh) ac_prev=sharedstatedir ;; -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ | --sha=* | --sh=*) sharedstatedir=$ac_optarg ;; -site | --site | --sit) ac_prev=site ;; -site=* | --site=* | --sit=*) site=$ac_optarg ;; -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) ac_prev=srcdir ;; -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) srcdir=$ac_optarg ;; -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ | --syscon | --sysco | --sysc | --sys | --sy) ac_prev=sysconfdir ;; -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) sysconfdir=$ac_optarg ;; -target | --target | --targe | --targ | --tar | --ta | --t) ac_prev=target_alias ;; -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) target_alias=$ac_optarg ;; -v | -verbose | --verbose | --verbos | --verbo | --verb) verbose=yes ;; -version | --version | --versio | --versi | --vers | -V) ac_init_version=: ;; -with-* | --with-*) ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=\$ac_optarg ;; -without-* | --without-*) ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=no ;; --x) # Obsolete; use --with-x. with_x=yes ;; -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ | --x-incl | --x-inc | --x-in | --x-i) ac_prev=x_includes ;; -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) x_includes=$ac_optarg ;; -x-libraries | --x-libraries | --x-librarie | --x-librari \ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) ac_prev=x_libraries ;; -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; -*) as_fn_error $? "unrecognized option: \`$ac_option' Try \`$0 --help' for more information" ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. case $ac_envvar in #( '' | [0-9]* | *[!_$as_cr_alnum]* ) as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" ;; esac done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` as_fn_error $? "missing argument to $ac_option" fi if test -n "$ac_unrecognized_opts"; then case $enable_option_checking in no) ;; fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; esac fi # Check all directory arguments for consistency. for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ libdir localedir mandir do eval ac_val=\$$ac_var # Remove trailing slashes. case $ac_val in */ ) ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` eval $ac_var=\$ac_val;; esac # Be sure to have absolute directory names. case $ac_val in [\\/$]* | ?:[\\/]* ) continue;; NONE | '' ) case $ac_var in *prefix ) continue;; esac;; esac as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" done # There might be people who depend on the old broken behavior: `$host' # used to hold the argument of --host etc. # FIXME: To remove some day. build=$build_alias host=$host_alias target=$target_alias # FIXME: To remove some day. if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi fi ac_tool_prefix= test -n "$host_alias" && ac_tool_prefix=$host_alias- test "$silent" = yes && exec 6>/dev/null ac_pwd=`pwd` && test -n "$ac_pwd" && ac_ls_di=`ls -di .` && ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || as_fn_error $? "working directory cannot be determined" test "X$ac_ls_di" = "X$ac_pwd_ls_di" || as_fn_error $? "pwd does not report name of working directory" # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then the parent directory. ac_confdir=`$as_dirname -- "$as_myself" || $as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_myself" : 'X\(//\)[^/]' \| \ X"$as_myself" : 'X\(//\)$' \| \ X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_myself" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` srcdir=$ac_confdir if test ! -r "$srcdir/$ac_unique_file"; then srcdir=.. fi else ac_srcdir_defaulted=no fi if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" fi ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" ac_abs_confdir=`( cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" pwd)` # When building in place, set srcdir=. if test "$ac_abs_confdir" = "$ac_pwd"; then srcdir=. fi # Remove unnecessary trailing slashes from srcdir. # Double slashes in file names in object file debugging info # mess up M-x gdb in Emacs. case $srcdir in */) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; esac for ac_var in $ac_precious_vars; do eval ac_env_${ac_var}_set=\${${ac_var}+set} eval ac_env_${ac_var}_value=\$${ac_var} eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} eval ac_cv_env_${ac_var}_value=\$${ac_var} done # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures ssldump 1.0 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. Configuration: -h, --help display this help and exit --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit -q, --quiet, --silent do not print \`checking ...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for \`--cache-file=config.cache' -n, --no-create do not create output files --srcdir=DIR find the sources in DIR [configure dir or \`..'] Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify an installation prefix other than \`$ac_default_prefix' using \`--prefix', for instance \`--prefix=\$HOME'. For better control, use the options below. Fine tuning of the installation directories: --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --libexecdir=DIR program executables [EPREFIX/libexec] --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] --datadir=DIR read-only architecture-independent data [DATAROOTDIR] --infodir=DIR info documentation [DATAROOTDIR/info] --localedir=DIR locale-dependent data [DATAROOTDIR/locale] --mandir=DIR man documentation [DATAROOTDIR/man] --docdir=DIR documentation root [DATAROOTDIR/doc/ssldump] --htmldir=DIR html documentation [DOCDIR] --dvidir=DIR dvi documentation [DOCDIR] --pdfdir=DIR pdf documentation [DOCDIR] --psdir=DIR ps documentation [DOCDIR] _ACEOF cat <<\_ACEOF System types: --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] --target=TARGET configure for building compilers for TARGET [HOST] _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in short | recursive ) echo "Configuration of ssldump 1.0:";; esac cat <<\_ACEOF Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --with-pcap root location for pcap library --with-pcap-inc PCAP include files --with-pcap-lib PCAP library files --with-openssl root location for OpenSSL --with-openssl-inc OpenSSL include files --with-openssl-lib OpenSSL library files --with-record Compile with record module (EKR Use Only) Some influential environment variables: CC C compiler command CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory LIBS libraries to pass to the linker, e.g. -l CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory CPP C preprocessor Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. Report bugs to the package provider. _ACEOF ac_status=$? fi if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue test -d "$ac_dir" || { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || continue ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix cd "$ac_dir" || { ac_status=$?; continue; } # Check for guested configure. if test -f "$ac_srcdir/configure.gnu"; then echo && $SHELL "$ac_srcdir/configure.gnu" --help=recursive elif test -f "$ac_srcdir/configure"; then echo && $SHELL "$ac_srcdir/configure" --help=recursive else $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF ssldump configure 1.0 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit fi ## ------------------------ ## ## Autoconf initialization. ## ## ------------------------ ## # ac_fn_c_try_compile LINENO # -------------------------- # Try to compile conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest.$ac_objext; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_compile # ac_fn_c_try_link LINENO # ----------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_link () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext conftest$ac_exeext if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || test -x conftest$ac_exeext }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would # interfere with the next link command; also delete a directory that is # left behind by Apple's compiler. We do this before executing the actions. rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_link # ac_fn_c_try_cpp LINENO # ---------------------- # Try to preprocess conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_cpp () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_cpp conftest.$ac_ext" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } > conftest.i && { test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || test ! -s conftest.err }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_cpp # ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists, giving a warning if it cannot be compiled using # the include files in INCLUDES and setting the cache variable VAR # accordingly. ac_fn_c_check_header_mongrel () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if eval \${$3+:} false; then : { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } else # Is the header compilable? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 $as_echo_n "checking $2 usability... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_header_compiler=yes else ac_header_compiler=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 $as_echo "$ac_header_compiler" >&6; } # Is the header present? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 $as_echo_n "checking $2 presence... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include <$2> _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : ac_header_preproc=yes else ac_header_preproc=no fi rm -f conftest.err conftest.i conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 $as_echo "$ac_header_preproc" >&6; } # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( yes:no: ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 $as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ;; no:yes:* ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 $as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 $as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 $as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 $as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=\$ac_header_compiler" fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_mongrel # ac_fn_c_try_run LINENO # ---------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. Assumes # that executables *can* be run. ac_fn_c_try_run () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then : ac_retval=0 else $as_echo "$as_me: program exited with status $ac_status" >&5 $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=$ac_status fi rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_run # ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists and can be compiled using the include files in # INCLUDES, setting the cache variable VAR accordingly. ac_fn_c_check_header_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_compile # ac_fn_c_compute_int LINENO EXPR VAR INCLUDES # -------------------------------------------- # Tries to find the compile-time value of EXPR in a program that includes # INCLUDES, setting VAR accordingly. Returns whether the value could be # computed ac_fn_c_compute_int () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if test "$cross_compiling" = yes; then # Depending upon the size, compute the lo and hi bounds. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { static int test_array [1 - 2 * !(($2) >= 0)]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_lo=0 ac_mid=0 while :; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { static int test_array [1 - 2 * !(($2) <= $ac_mid)]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_hi=$ac_mid; break else as_fn_arith $ac_mid + 1 && ac_lo=$as_val if test $ac_lo -le $ac_mid; then ac_lo= ac_hi= break fi as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext done else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { static int test_array [1 - 2 * !(($2) < 0)]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_hi=-1 ac_mid=-1 while :; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { static int test_array [1 - 2 * !(($2) >= $ac_mid)]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_lo=$ac_mid; break else as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val if test $ac_mid -le $ac_hi; then ac_lo= ac_hi= break fi as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext done else ac_lo= ac_hi= fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext # Binary search between lo and hi bounds. while test "x$ac_lo" != "x$ac_hi"; do as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { static int test_array [1 - 2 * !(($2) <= $ac_mid)]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_hi=$ac_mid else as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext done case $ac_lo in #(( ?*) eval "$3=\$ac_lo"; ac_retval=0 ;; '') ac_retval=1 ;; esac else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 static long int longval () { return $2; } static unsigned long int ulongval () { return $2; } #include #include int main () { FILE *f = fopen ("conftest.val", "w"); if (! f) return 1; if (($2) < 0) { long int i = longval (); if (i != ($2)) return 1; fprintf (f, "%ld", i); } else { unsigned long int i = ulongval (); if (i != ($2)) return 1; fprintf (f, "%lu", i); } /* Do not output a trailing newline, as this causes \r\n confusion on some platforms. */ return ferror (f) || fclose (f) != 0; ; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : echo >>conftest.val; read $3 &5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Define $2 to an innocuous variant, in case declares $2. For example, HP-UX 11i declares gettimeofday. */ #define $2 innocuous_$2 /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $2 (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $2 /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char $2 (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined __stub_$2 || defined __stub___$2 choke me #endif int main () { return $2 (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_func cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by ssldump $as_me 1.0, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ _ACEOF exec 5>>config.log { cat <<_ASUNAME ## --------- ## ## Platform. ## ## --------- ## hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` /bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` /bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` /usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` /bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` /bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` _ASUNAME as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. $as_echo "PATH: $as_dir" done IFS=$as_save_IFS } >&5 cat >&5 <<_ACEOF ## ----------- ## ## Core tests. ## ## ----------- ## _ACEOF # Keep a trace of the command line. # Strip out --no-create and --no-recursion so they do not pile up. # Strip out --silent because we don't want to record it for future runs. # Also quote any args containing shell meta-characters. # Make two passes to allow for proper duplicate-argument suppression. ac_configure_args= ac_configure_args0= ac_configure_args1= ac_must_keep_next=false for ac_pass in 1 2 do for ac_arg do case $ac_arg in -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) continue ;; *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac case $ac_pass in 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; 2) as_fn_append ac_configure_args1 " '$ac_arg'" if test $ac_must_keep_next = true; then ac_must_keep_next=false # Got value, back to normal. else case $ac_arg in *=* | --config-cache | -C | -disable-* | --disable-* \ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ | -with-* | --with-* | -without-* | --without-* | --x) case "$ac_configure_args0 " in "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; esac ;; -* ) ac_must_keep_next=true ;; esac fi as_fn_append ac_configure_args " '$ac_arg'" ;; esac done done { ac_configure_args0=; unset ac_configure_args0;} { ac_configure_args1=; unset ac_configure_args1;} # When interrupted or exit'd, cleanup temporary files, and complete # config.log. We remove comments because anyway the quotes in there # would cause problems or look ugly. # WARNING: Use '\'' to represent an apostrophe within the trap. # WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. trap 'exit_status=$? # Save into config.log some information that might help in debugging. { echo $as_echo "## ---------------- ## ## Cache variables. ## ## ---------------- ##" echo # The following way of writing the cache mishandles newlines in values, ( for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( *${as_nl}ac_space=\ *) sed -n \ "s/'\''/'\''\\\\'\'''\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" ;; #( *) sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) echo $as_echo "## ----------------- ## ## Output variables. ## ## ----------------- ##" echo for ac_var in $ac_subst_vars do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo if test -n "$ac_subst_files"; then $as_echo "## ------------------- ## ## File substitutions. ## ## ------------------- ##" echo for ac_var in $ac_subst_files do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo fi if test -s confdefs.h; then $as_echo "## ----------- ## ## confdefs.h. ## ## ----------- ##" echo cat confdefs.h echo fi test "$ac_signal" != 0 && $as_echo "$as_me: caught signal $ac_signal" $as_echo "$as_me: exit $exit_status" } >&5 rm -f core *.core core.conftest.* && rm -f -r conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 for ac_signal in 1 2 13 15; do trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal done ac_signal=0 # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -f -r conftest* confdefs.h $as_echo "/* confdefs.h */" > confdefs.h # Predefined preprocessor variables. cat >>confdefs.h <<_ACEOF #define PACKAGE_NAME "$PACKAGE_NAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_TARNAME "$PACKAGE_TARNAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_VERSION "$PACKAGE_VERSION" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_STRING "$PACKAGE_STRING" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_URL "$PACKAGE_URL" _ACEOF # Let the site file select an alternate cache file if it wants to. # Prefer an explicitly selected file to automatically selected ones. ac_site_file1=NONE ac_site_file2=NONE if test -n "$CONFIG_SITE"; then # We do not want a PATH search for config.site. case $CONFIG_SITE in #(( -*) ac_site_file1=./$CONFIG_SITE;; */*) ac_site_file1=$CONFIG_SITE;; *) ac_site_file1=./$CONFIG_SITE;; esac elif test "x$prefix" != xNONE; then ac_site_file1=$prefix/share/config.site ac_site_file2=$prefix/etc/config.site else ac_site_file1=$ac_default_prefix/share/config.site ac_site_file2=$ac_default_prefix/etc/config.site fi for ac_site_file in "$ac_site_file1" "$ac_site_file2" do test "x$ac_site_file" = xNONE && continue if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 $as_echo "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" \ || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "failed to load site script $ac_site_file See \`config.log' for more details" "$LINENO" 5; } fi done if test -r "$cache_file"; then # Some versions of bash will fail to source /dev/null (special files # actually), so we avoid doing that. DJGPP emulates it as a regular file. if test /dev/null != "$cache_file" && test -f "$cache_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 $as_echo "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . "$cache_file";; *) . "./$cache_file";; esac fi else { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 $as_echo "$as_me: creating cache $cache_file" >&6;} >$cache_file fi # Check that the precious variables saved in the cache have kept the same # value. ac_cache_corrupted=false for ac_var in $ac_precious_vars; do eval ac_old_set=\$ac_cv_env_${ac_var}_set eval ac_new_set=\$ac_env_${ac_var}_set eval ac_old_val=\$ac_cv_env_${ac_var}_value eval ac_new_val=\$ac_env_${ac_var}_value case $ac_old_set,$ac_new_set in set,) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then # differences in whitespace do not lead to failure. ac_old_val_w=`echo x $ac_old_val` ac_new_val_w=`echo x $ac_new_val` if test "$ac_old_val_w" != "$ac_new_val_w"; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 $as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} ac_cache_corrupted=: else { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 $as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} eval $ac_var=\$ac_old_val fi { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 $as_echo "$as_me: former value: \`$ac_old_val'" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 $as_echo "$as_me: current value: \`$ac_new_val'" >&2;} fi;; esac # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; *) ac_arg=$ac_var=$ac_new_val ;; esac case " $ac_configure_args " in *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. *) as_fn_append ac_configure_args " '$ac_arg'" ;; esac fi done if $ac_cache_corrupted; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 $as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 fi ## -------------------- ## ## Main body of script. ## ## -------------------- ## ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_aux_dir= for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do if test -f "$ac_dir/install-sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install-sh -c" break elif test -f "$ac_dir/install.sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install.sh -c" break elif test -f "$ac_dir/shtool"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/shtool install -c" break fi done if test -z "$ac_aux_dir"; then as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 fi # These three variables are undocumented and unsupported, # and are intended to be withdrawn in a future Autoconf release. # They can cause serious problems if a builder's source tree is in a directory # whose full name contains unusual characters. ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. # Make sure we can run config.sub. $SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 { $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 $as_echo_n "checking build system type... " >&6; } if ${ac_cv_build+:} false; then : $as_echo_n "(cached) " >&6 else ac_build_alias=$build_alias test "x$ac_build_alias" = x && ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` test "x$ac_build_alias" = x && as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 $as_echo "$ac_cv_build" >&6; } case $ac_cv_build in *-*-*) ;; *) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;; esac build=$ac_cv_build ac_save_IFS=$IFS; IFS='-' set x $ac_cv_build shift build_cpu=$1 build_vendor=$2 shift; shift # Remember, the first character of IFS is used to create $*, # except with old shells: build_os=$* IFS=$ac_save_IFS case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 $as_echo_n "checking host system type... " >&6; } if ${ac_cv_host+:} false; then : $as_echo_n "(cached) " >&6 else if test "x$host_alias" = x; then ac_cv_host=$ac_cv_build else ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 $as_echo "$ac_cv_host" >&6; } case $ac_cv_host in *-*-*) ;; *) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;; esac host=$ac_cv_host ac_save_IFS=$IFS; IFS='-' set x $ac_cv_host shift host_cpu=$1 host_vendor=$2 shift; shift # Remember, the first character of IFS is used to create $*, # except with old shells: host_os=$* IFS=$ac_save_IFS case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking target system type" >&5 $as_echo_n "checking target system type... " >&6; } if ${ac_cv_target+:} false; then : $as_echo_n "(cached) " >&6 else if test "x$target_alias" = x; then ac_cv_target=$ac_cv_host else ac_cv_target=`$SHELL "$ac_aux_dir/config.sub" $target_alias` || as_fn_error $? "$SHELL $ac_aux_dir/config.sub $target_alias failed" "$LINENO" 5 fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_target" >&5 $as_echo "$ac_cv_target" >&6; } case $ac_cv_target in *-*-*) ;; *) as_fn_error $? "invalid value of canonical target" "$LINENO" 5;; esac target=$ac_cv_target ac_save_IFS=$IFS; IFS='-' set x $ac_cv_target shift target_cpu=$1 target_vendor=$2 shift; shift # Remember, the first character of IFS is used to create $*, # except with old shells: target_os=$* IFS=$ac_save_IFS case $target_os in *\ *) target_os=`echo "$target_os" | sed 's/ /-/g'`;; esac # The aliases save the names the user supplied, while $host etc. # will get canonicalized. test -n "$target_alias" && test "$program_prefix$program_suffix$program_transform_name" = \ NONENONEs,x,x, && program_prefix=${target_alias}- ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi else CC="$ac_cv_prog_CC" fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS if test $ac_prog_rejected = yes; then # We found a bogon in the path, so make sure we never use it. set dummy $ac_cv_prog_CC shift if test $# != 0; then # We chose a different compiler from the bogus one. # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" fi fi fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then for ac_prog in cl.exe do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$CC" && break done fi if test -z "$CC"; then ac_ct_CC=$CC for ac_prog in cl.exe do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$ac_ct_CC" && break done if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi fi fi test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH See \`config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 set X $ac_compile ac_compiler=$2 for ac_option in --version -v -V -qversion; do { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? if test -s conftest.err; then sed '10a\ ... rest of stderr output deleted ... 10q' conftest.err >conftest.er1 cat conftest.er1 >&5 fi rm -f conftest.er1 conftest.err $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } done cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 $as_echo_n "checking whether the C compiler works... " >&6; } ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` # The possible output files: ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" ac_rmfiles= for ac_file in $ac_files do case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; * ) ac_rmfiles="$ac_rmfiles $ac_file";; esac done rm -f $ac_rmfiles if { { ac_try="$ac_link_default" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link_default") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. # So ignore a value of `no', otherwise this would lead to `EXEEXT = no' # in a Makefile. We should not override ac_cv_exeext if it was cached, # so that the user can short-circuit this test for compilers unknown to # Autoconf. for ac_file in $ac_files '' do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; [ab].out ) # We found the default executable, but exeext='' is most # certainly right. break;; *.* ) if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; then :; else ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` fi # We set ac_cv_exeext here because the later test for it is not # safe: cross compilers may not add the suffix if given an `-o' # argument, so we may need to know it at that point already. # Even if this section looks crufty: it has the advantage of # actually working. break;; * ) break;; esac done test "$ac_cv_exeext" = no && ac_cv_exeext= else ac_file='' fi if test -z "$ac_file"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "C compiler cannot create executables See \`config.log' for more details" "$LINENO" 5; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 $as_echo_n "checking for C compiler default output file name... " >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 $as_echo "$ac_file" >&6; } ac_exeext=$ac_cv_exeext rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 $as_echo_n "checking for suffix of executables... " >&6; } if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # If both `conftest.exe' and `conftest' are `present' (well, observable) # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will # work properly (i.e., refer to `conftest.exe'), while it won't with # `rm'. for ac_file in conftest.exe conftest conftest.*; do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` break;; * ) break;; esac done else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of executables: cannot compile and link See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest conftest$ac_cv_exeext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 $as_echo "$ac_cv_exeext" >&6; } rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main () { FILE *f = fopen ("conftest.out", "w"); return ferror (f) || fclose (f) != 0; ; return 0; } _ACEOF ac_clean_files="$ac_clean_files conftest.out" # Check that the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 $as_echo_n "checking whether we are cross compiling... " >&6; } if test "$cross_compiling" != yes; then { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if { ac_try='./conftest$ac_cv_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then cross_compiling=no else if test "$cross_compiling" = maybe; then cross_compiling=yes else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run C compiled programs. If you meant to cross compile, use \`--host'. See \`config.log' for more details" "$LINENO" 5; } fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 $as_echo "$cross_compiling" >&6; } rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 $as_echo_n "checking for suffix of object files... " >&6; } if ${ac_cv_objext+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF rm -f conftest.o conftest.obj if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : for ac_file in conftest.o conftest.obj conftest.*; do test -f "$ac_file" || continue; case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` break;; esac done else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of object files: cannot compile See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 $as_echo "$ac_cv_objext" >&6; } OBJEXT=$ac_cv_objext ac_objext=$OBJEXT { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 $as_echo_n "checking whether we are using the GNU C compiler... " >&6; } if ${ac_cv_c_compiler_gnu+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { #ifndef __GNUC__ choke me #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_compiler_gnu=yes else ac_compiler_gnu=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 $as_echo "$ac_cv_c_compiler_gnu" >&6; } if test $ac_compiler_gnu = yes; then GCC=yes else GCC= fi ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 $as_echo_n "checking whether $CC accepts -g... " >&6; } if ${ac_cv_prog_cc_g+:} false; then : $as_echo_n "(cached) " >&6 else ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes else CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 $as_echo "$ac_cv_prog_cc_g" >&6; } if test "$ac_test_CFLAGS" = set; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then CFLAGS="-g -O2" else CFLAGS="-g" fi else if test "$GCC" = yes; then CFLAGS="-O2" else CFLAGS= fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 $as_echo_n "checking for $CC option to accept ISO C89... " >&6; } if ${ac_cv_prog_cc_c89+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); static char *e (p, i) char **p; int i; { return p[i]; } static char *f (char * (*g) (char **, int), char **p, ...) { char *s; va_list v; va_start (v,p); s = g (p, va_arg (v,int)); va_end (v); return s; } /* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has function prototypes and stuff, but not '\xHH' hex character constants. These don't provoke an error unfortunately, instead are silently treated as 'x'. The following induces an error, until -std is added to get proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an array size at least. It's necessary to write '\x00'==0 to get something that's true only with -std. */ int osf4_cc_array ['\x00' == 0 ? 1 : -1]; /* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters inside strings and character constants. */ #define FOO(x) 'x' int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; int test (int i, double x); struct s1 {int (*f) (int a);}; struct s2 {int (*f) (double a);}; int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); int argc; char **argv; int main () { return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; ; return 0; } _ACEOF for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_c89=$ac_arg fi rm -f core conftest.err conftest.$ac_objext test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC fi # AC_CACHE_VAL case "x$ac_cv_prog_cc_c89" in x) { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 $as_echo "none needed" >&6; } ;; xno) { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 $as_echo "unsupported" >&6; } ;; *) CC="$CC $ac_cv_prog_cc_c89" { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 $as_echo "$ac_cv_prog_cc_c89" >&6; } ;; esac if test "x$ac_cv_prog_cc_c89" != xno; then : fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 $as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : $as_echo_n "(cached) " >&6 else cat >conftest.make <<\_ACEOF SHELL = /bin/sh all: @echo '@@@%%%=$(MAKE)=@@@%%%' _ACEOF # GNU make sometimes prints "make[1]: Entering ...", which would confuse us. case `${MAKE-make} -f conftest.make 2>/dev/null` in *@@@%%%=?*=@@@%%%*) eval ac_cv_prog_make_${ac_make}_set=yes;; *) eval ac_cv_prog_make_${ac_make}_set=no;; esac rm -f conftest.make fi if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } SET_MAKE= else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } SET_MAKE="MAKE=${MAKE-make}" fi if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. set dummy ${ac_tool_prefix}ranlib; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_RANLIB+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi RANLIB=$ac_cv_prog_RANLIB if test -n "$RANLIB"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 $as_echo "$RANLIB" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_RANLIB"; then ac_ct_RANLIB=$RANLIB # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_RANLIB"; then ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB if test -n "$ac_ct_RANLIB"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 $as_echo "$ac_ct_RANLIB" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_RANLIB" = x; then RANLIB=":" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac RANLIB=$ac_ct_RANLIB fi else RANLIB="$ac_cv_prog_RANLIB" fi # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: # SysV /etc/install, /usr/sbin/install # SunOS /usr/etc/install # IRIX /sbin/install # AIX /bin/install # AmigaOS /C/install, which installs bootblocks on floppy discs # AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. # Reject install programs that cannot install multiple files. { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 $as_echo_n "checking for a BSD-compatible install... " >&6; } if test -z "$INSTALL"; then if ${ac_cv_path_install+:} false; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. # Account for people who put trailing slashes in PATH elements. case $as_dir/ in #(( ./ | .// | /[cC]/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ /usr/ucb/* ) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. # Don't use installbsd from OSF since it installs stuff as root # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. : elif test $ac_prog = install && grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # program-specific install script used by HP pwplus--don't use. : else rm -rf conftest.one conftest.two conftest.dir echo one > conftest.one echo two > conftest.two mkdir conftest.dir if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && test -s conftest.one && test -s conftest.two && test -s conftest.dir/conftest.one && test -s conftest.dir/conftest.two then ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" break 3 fi fi fi done done ;; esac done IFS=$as_save_IFS rm -rf conftest.one conftest.two conftest.dir fi if test "${ac_cv_path_install+set}" = set; then INSTALL=$ac_cv_path_install else # As a last resort, use the slow shell script. Don't cache a # value for INSTALL within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the value is a relative name. INSTALL=$ac_install_sh fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 $as_echo "$INSTALL" >&6; } # Use test -z because SunOS4 sh mishandles braces in ${var-val}. # It thinks the first close brace ends the variable substitution. test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' { $as_echo "$as_me:${as_lineno-$LINENO}: result: configuring for $target_os" >&5 $as_echo "configuring for $target_os" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pow in -lm" >&5 $as_echo_n "checking for pow in -lm... " >&6; } if ${ac_cv_lib_m_pow+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lm $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char pow (); int main () { return pow (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_m_pow=yes else ac_cv_lib_m_pow=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_m_pow" >&5 $as_echo "$ac_cv_lib_m_pow" >&6; } if test "x$ac_cv_lib_m_pow" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBM 1 _ACEOF LIBS="-lm $LIBS" fi case "$target_os" in linux*) DEFINES="$DEFINES -D_BSD_SOURCE=1 -DLINUX" ;; solaris*) LIBS="$LIBS -lsocket -lnsl" ;; esac RECORD_MOD="dummy" ac_pcap_inc_dir="/usr/include /usr/include/pcap /usr/local/include" ac_pcap_lib_dir="/usr/local/lib64 /usr/local/lib /usr/lib64 /usr/lib" # Check whether --with-pcap was given. if test "${with_pcap+set}" = set; then : withval=$with_pcap; if test "$withval" = "no"; then as_fn_error $? "PCAP required for ssldump" "$LINENO" 5 else ac_pcap_inc_dir=$withval/include ac_pcap_lib_dir=$withval/lib fi fi # Check whether --with-pcap-inc was given. if test "${with_pcap_inc+set}" = set; then : withval=$with_pcap_inc; ac_pcap_inc_dir=$withval fi # Check whether --with-pcap-lib was given. if test "${with_pcap_lib+set}" = set; then : withval=$with_pcap_lib; ac_pcap_lib_dir=$withval fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for PCAP include files" >&5 $as_echo_n "checking for PCAP include files... " >&6; } ac_found_pcap_inc_dir="no" for dir in $ac_pcap_inc_dir; do if test -f $dir/pcap.h; then if test "$dir" != "/usr/include"; then INCLUDES="-I$dir $INCLUDES" fi ac_found_pcap_inc_dir=$dir echo "found in $dir" break; fi done if test "$ac_found_pcap_inc_dir" = "no"; then echo as_fn_error $? "Couldn't find PCAP includes: needed for ssldump" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for PCAP library" >&5 $as_echo_n "checking for PCAP library... " >&6; } ac_found_pcap_lib_dir="no" for dir in $ac_pcap_lib_dir; do if test -f $dir/libpcap.a -o -f $dir/libpcap.so; then save_LIBS=$LIBS save_LDFLAGS=$LDFLAGS LIBS="-lpcap $LIBS" if test "$dir" != "/usr/lib" -a "$dir" != "/usr/lib64"; then LDFLAGS="-L$dir $LDFLAGS" fi cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char pcap_open_live (); int main () { return pcap_open_live (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_linked_libpcap="true" else ac_linked_libpcap="false" fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext; if test "$ac_linked_libpcap" != "false"; then ac_found_pcap_lib_dir=$dir break fi LIBS=$save_LIBS LDFLAGS=$save_LDFLAGS fi done if test "$ac_found_pcap_lib_dir" = "no"; then echo as_fn_error $? "Couldn't find PCAP library: needed for ssldump" "$LINENO" 5 else echo "found in $ac_found_pcap_lib_dir" fi ac_use_openssl="true" ac_openssl_lib_dir="/usr/lib /usr/local /usr/local/ssl /usr/local/ssl/lib /usr/pkg" ac_openssl_inc_dir="/usr/include /usr/local /usr/local/ssl /usr/pkg /usr/local/ssl/include" # Check whether --with-openssl was given. if test "${with_openssl+set}" = set; then : withval=$with_openssl; if test "$withval" = "no"; then ac_use_openssl="false" else ac_openssl_lib_dir="$withval/lib $withval" ac_openssl_inc_dir=$withval/include fi fi # Check whether --with-openssl-inc was given. if test "${with_openssl_inc+set}" = set; then : withval=$with_openssl_inc; ac_openssl_inc_dir=$withval fi # Check whether --with-openssl-lib was given. if test "${with_openssl_lib+set}" = set; then : withval=$with_openssl_lib; ac_openssl_lib_dir=$withval fi if test "$ac_use_openssl" != "false"; then ac_found_openssl_inc_dir="no" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL include files" >&5 $as_echo_n "checking for OpenSSL include files... " >&6; } for dir in $ac_openssl_inc_dir; do if test -f $dir/openssl/ssl.h; then ac_found_openssl_inc_dir=$dir break fi done if test "$ac_found_openssl_inc_dir" != "no"; then echo "found in $ac_found_openssl_inc_dir" else echo "not found." ac_use_openssl="false" fi fi if test "$ac_use_openssl" != "false"; then ac_found_openssl_lib_dir="no" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL libraries" >&5 $as_echo_n "checking for OpenSSL libraries... " >&6; } for dir in $ac_openssl_lib_dir; do found_ssl="false" if test -f $dir/libssl.a -a -f $dir/libcrypto.a; then found_ssl="true" fi if test -f $dir/libssl.so -a -f $dir/libcrypto.so; then found_ssl="true" fi if $found_ssl != "false"; then save_LIBS=$LIBS save_LDFLAGS=$LDFLAGS LIBS="-lssl -lcrypto $LIBS" LDFLAGS="-L$dir $LDFLAGS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char SSL_load_error_strings (); int main () { return SSL_load_error_strings (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_linked_libssl="true" else ac_linked_libssl="false" fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext; cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char RC4_set_key (); int main () { return RC4_set_key (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_linked_libcrypto="true" else ac_linked_libcrypto="false" fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext; if test "$ac_linked_libssl" != "false" -a \ "$ac_linked_libcrypto" != "false"; then ac_found_openssl_lib_dir=$dir break fi LIBS=$save_LIBS LDFLAGS=$save_LDFLAGS fi done if test "$ac_found_openssl_lib_dir" != "no"; then echo "found in $ac_found_openssl_lib_dir" INCLUDES="-I$ac_found_openssl_inc_dir $INCLUDES" DEFINES="-DOPENSSL $DEFINES" else echo "not found." ac_use_openssl="false" fi fi if test "$ac_use_openssl" = "false"; then { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: compiling without OpenSSL" >&5 $as_echo "$as_me: WARNING: compiling without OpenSSL" >&2;} fi # Check whether --with-record was given. if test "${with_record+set}" = set; then : withval=$with_record; DEFINES="-DENABLE_RECORD $DEFINES" RECORD_MOD="record" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pcap_open in -lpcap" >&5 $as_echo_n "checking for pcap_open in -lpcap... " >&6; } if ${ac_cv_lib_pcap_pcap_open+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lpcap $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char pcap_open (); int main () { return pcap_open (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_pcap_pcap_open=yes else ac_cv_lib_pcap_pcap_open=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pcap_pcap_open" >&5 $as_echo "$ac_cv_lib_pcap_pcap_open" >&6; } if test "x$ac_cv_lib_pcap_pcap_open" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBPCAP 1 _ACEOF LIBS="-lpcap $LIBS" fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 $as_echo_n "checking how to run the C preprocessor... " >&6; } # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then if ${ac_cv_prog_CPP+:} false; then : $as_echo_n "(cached) " >&6 else # Double quotes because CPP needs to be expanded for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" do ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : break fi done ac_cv_prog_CPP=$CPP fi CPP=$ac_cv_prog_CPP else ac_cv_prog_CPP=$CPP fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 $as_echo "$CPP" >&6; } ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "C preprocessor \"$CPP\" fails sanity check See \`config.log' for more details" "$LINENO" 5; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 $as_echo_n "checking for grep that handles long lines and -e... " >&6; } if ${ac_cv_path_GREP+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$GREP"; then ac_path_GREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in *GNU*) ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'GREP' >> "conftest.nl" "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_GREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_GREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_GREP"; then as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_GREP=$GREP fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 $as_echo "$ac_cv_path_GREP" >&6; } GREP="$ac_cv_path_GREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 $as_echo_n "checking for egrep... " >&6; } if ${ac_cv_path_EGREP+:} false; then : $as_echo_n "(cached) " >&6 else if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 then ac_cv_path_EGREP="$GREP -E" else if test -z "$EGREP"; then ac_path_EGREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in *GNU*) ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'EGREP' >> "conftest.nl" "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_EGREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_EGREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_EGREP"; then as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_EGREP=$EGREP fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 $as_echo "$ac_cv_path_EGREP" >&6; } EGREP="$ac_cv_path_EGREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 $as_echo_n "checking for ANSI C header files... " >&6; } if ${ac_cv_header_stdc+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_stdc=yes else ac_cv_header_stdc=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "memchr" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "free" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. if test "$cross_compiling" = yes; then : : else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #if ((' ' & 0x0FF) == 0x020) # define ISLOWER(c) ('a' <= (c) && (c) <= 'z') # define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #else # define ISLOWER(c) \ (('a' <= (c) && (c) <= 'i') \ || ('j' <= (c) && (c) <= 'r') \ || ('s' <= (c) && (c) <= 'z')) # define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) #endif #define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) return 2; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : else ac_cv_header_stdc=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 $as_echo "$ac_cv_header_stdc" >&6; } if test $ac_cv_header_stdc = yes; then $as_echo "#define STDC_HEADERS 1" >>confdefs.h fi # On IRIX 5.3, sys/types and inttypes.h are conflicting. for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ inttypes.h stdint.h unistd.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default " if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in sys/time.h do : ac_fn_c_check_header_mongrel "$LINENO" "sys/time.h" "ac_cv_header_sys_time_h" "$ac_includes_default" if test "x$ac_cv_header_sys_time_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SYS_TIME_H 1 _ACEOF fi done { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 $as_echo_n "checking for ANSI C header files... " >&6; } if ${ac_cv_header_stdc+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_stdc=yes else ac_cv_header_stdc=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "memchr" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "free" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. if test "$cross_compiling" = yes; then : : else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #if ((' ' & 0x0FF) == 0x020) # define ISLOWER(c) ('a' <= (c) && (c) <= 'z') # define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #else # define ISLOWER(c) \ (('a' <= (c) && (c) <= 'i') \ || ('j' <= (c) && (c) <= 'r') \ || ('s' <= (c) && (c) <= 'z')) # define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) #endif #define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) return 2; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : else ac_cv_header_stdc=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 $as_echo "$ac_cv_header_stdc" >&6; } if test $ac_cv_header_stdc = yes; then $as_echo "#define STDC_HEADERS 1" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5 $as_echo_n "checking for an ANSI C-conforming const... " >&6; } if ${ac_cv_c_const+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { #ifndef __cplusplus /* Ultrix mips cc rejects this sort of thing. */ typedef int charset[2]; const charset cs = { 0, 0 }; /* SunOS 4.1.1 cc rejects this. */ char const *const *pcpcc; char **ppc; /* NEC SVR4.0.2 mips cc rejects this. */ struct point {int x, y;}; static struct point const zero = {0,0}; /* AIX XL C 1.02.0.0 rejects this. It does not let you subtract one const X* pointer from another in an arm of an if-expression whose if-part is not a constant expression */ const char *g = "string"; pcpcc = &g + (g ? g-g : 0); /* HPUX 7.0 cc rejects these. */ ++pcpcc; ppc = (char**) pcpcc; pcpcc = (char const *const *) ppc; { /* SCO 3.2v4 cc rejects this sort of thing. */ char tx; char *t = &tx; char const *s = 0 ? (char *) 0 : (char const *) 0; *t++ = 0; if (s) return 0; } { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ int x[] = {25, 17}; const int *foo = &x[0]; ++foo; } { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ typedef const int *iptr; iptr p = 0; ++p; } { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ struct s { int j; const int *ap[3]; } bx; struct s *b = &bx; b->j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; if (!foo) return 0; } return !cs[0] && !zero.x; #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_c_const=yes else ac_cv_c_const=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 $as_echo "$ac_cv_c_const" >&6; } if test $ac_cv_c_const = no; then $as_echo "#define const /**/" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether time.h and sys/time.h may both be included" >&5 $as_echo_n "checking whether time.h and sys/time.h may both be included... " >&6; } if ${ac_cv_header_time+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include int main () { if ((struct tm *) 0) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_time=yes else ac_cv_header_time=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_time" >&5 $as_echo "$ac_cv_header_time" >&6; } if test $ac_cv_header_time = yes; then $as_echo "#define TIME_WITH_SYS_TIME 1" >>confdefs.h fi # The cast to long int works around a bug in the HP C Compiler # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. # This bug is HP SR number 8606223364. { $as_echo "$as_me:${as_lineno-$LINENO}: checking size of unsigned short" >&5 $as_echo_n "checking size of unsigned short... " >&6; } if ${ac_cv_sizeof_unsigned_short+:} false; then : $as_echo_n "(cached) " >&6 else if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (unsigned short))" "ac_cv_sizeof_unsigned_short" "$ac_includes_default"; then : else if test "$ac_cv_type_unsigned_short" = yes; then { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "cannot compute sizeof (unsigned short) See \`config.log' for more details" "$LINENO" 5; } else ac_cv_sizeof_unsigned_short=0 fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_unsigned_short" >&5 $as_echo "$ac_cv_sizeof_unsigned_short" >&6; } cat >>confdefs.h <<_ACEOF #define SIZEOF_UNSIGNED_SHORT $ac_cv_sizeof_unsigned_short _ACEOF # The cast to long int works around a bug in the HP C Compiler # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. # This bug is HP SR number 8606223364. { $as_echo "$as_me:${as_lineno-$LINENO}: checking size of unsigned int" >&5 $as_echo_n "checking size of unsigned int... " >&6; } if ${ac_cv_sizeof_unsigned_int+:} false; then : $as_echo_n "(cached) " >&6 else if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (unsigned int))" "ac_cv_sizeof_unsigned_int" "$ac_includes_default"; then : else if test "$ac_cv_type_unsigned_int" = yes; then { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "cannot compute sizeof (unsigned int) See \`config.log' for more details" "$LINENO" 5; } else ac_cv_sizeof_unsigned_int=0 fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_unsigned_int" >&5 $as_echo "$ac_cv_sizeof_unsigned_int" >&6; } cat >>confdefs.h <<_ACEOF #define SIZEOF_UNSIGNED_INT $ac_cv_sizeof_unsigned_int _ACEOF # The cast to long int works around a bug in the HP C Compiler # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. # This bug is HP SR number 8606223364. { $as_echo "$as_me:${as_lineno-$LINENO}: checking size of unsigned long" >&5 $as_echo_n "checking size of unsigned long... " >&6; } if ${ac_cv_sizeof_unsigned_long+:} false; then : $as_echo_n "(cached) " >&6 else if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (unsigned long))" "ac_cv_sizeof_unsigned_long" "$ac_includes_default"; then : else if test "$ac_cv_type_unsigned_long" = yes; then { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "cannot compute sizeof (unsigned long) See \`config.log' for more details" "$LINENO" 5; } else ac_cv_sizeof_unsigned_long=0 fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_unsigned_long" >&5 $as_echo "$ac_cv_sizeof_unsigned_long" >&6; } cat >>confdefs.h <<_ACEOF #define SIZEOF_UNSIGNED_LONG $ac_cv_sizeof_unsigned_long _ACEOF # The cast to long int works around a bug in the HP C Compiler # version HP92453-01 B.11.11.23709.GP, which incorrectly rejects # declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. # This bug is HP SR number 8606223364. { $as_echo "$as_me:${as_lineno-$LINENO}: checking size of unsigned long long" >&5 $as_echo_n "checking size of unsigned long long... " >&6; } if ${ac_cv_sizeof_unsigned_long_long+:} false; then : $as_echo_n "(cached) " >&6 else if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (unsigned long long))" "ac_cv_sizeof_unsigned_long_long" "$ac_includes_default"; then : else if test "$ac_cv_type_unsigned_long_long" = yes; then { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "cannot compute sizeof (unsigned long long) See \`config.log' for more details" "$LINENO" 5; } else ac_cv_sizeof_unsigned_long_long=0 fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_unsigned_long_long" >&5 $as_echo "$ac_cv_sizeof_unsigned_long_long" >&6; } cat >>confdefs.h <<_ACEOF #define SIZEOF_UNSIGNED_LONG_LONG $ac_cv_sizeof_unsigned_long_long _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working memcmp" >&5 $as_echo_n "checking for working memcmp... " >&6; } if ${ac_cv_func_memcmp_working+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : ac_cv_func_memcmp_working=no else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default int main () { /* Some versions of memcmp are not 8-bit clean. */ char c0 = '\100', c1 = '\200', c2 = '\201'; if (memcmp(&c0, &c2, 1) >= 0 || memcmp(&c1, &c2, 1) >= 0) return 1; /* The Next x86 OpenStep bug shows up only when comparing 16 bytes or more and with at least one buffer not starting on a 4-byte boundary. William Lewis provided this test program. */ { char foo[21]; char bar[21]; int i; for (i = 0; i < 4; i++) { char *a = foo + i; char *b = bar + i; strcpy (a, "--------01111111"); strcpy (b, "--------10000000"); if (memcmp (a, b, 16) >= 0) return 1; } return 0; } ; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : ac_cv_func_memcmp_working=yes else ac_cv_func_memcmp_working=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_memcmp_working" >&5 $as_echo "$ac_cv_func_memcmp_working" >&6; } test $ac_cv_func_memcmp_working = no && case " $LIBOBJS " in *" memcmp.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS memcmp.$ac_objext" ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of signal handlers" >&5 $as_echo_n "checking return type of signal handlers... " >&6; } if ${ac_cv_type_signal+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include int main () { return *(signal (0, 0)) (0) == 1; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_signal=int else ac_cv_type_signal=void fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_signal" >&5 $as_echo "$ac_cv_type_signal" >&6; } cat >>confdefs.h <<_ACEOF #define RETSIGTYPE $ac_cv_type_signal _ACEOF for ac_func in vprintf do : ac_fn_c_check_func "$LINENO" "vprintf" "ac_cv_func_vprintf" if test "x$ac_cv_func_vprintf" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_VPRINTF 1 _ACEOF ac_fn_c_check_func "$LINENO" "_doprnt" "ac_cv_func__doprnt" if test "x$ac_cv_func__doprnt" = xyes; then : $as_echo "#define HAVE_DOPRNT 1" >>confdefs.h fi fi done for ac_func in strdup do : ac_fn_c_check_func "$LINENO" "strdup" "ac_cv_func_strdup" if test "x$ac_cv_func_strdup" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRDUP 1 _ACEOF fi done ac_config_files="$ac_config_files Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs, see configure's option --config-cache. # It is not useful on other systems. If it contains results you don't # want to keep, you may remove or edit it. # # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # # `ac_cv_env_foo' variables (set or unset) will be overridden when # loading this file, other *unset* `ac_cv_foo' will be assigned the # following values. _ACEOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, we kill variables containing newlines. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. ( for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) # `set' does not quote correctly, so add quotes: double-quote # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; #( *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) | sed ' /^ac_cv_env_/b end t clear :clear s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ t end s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then if test "x$cache_file" != "x/dev/null"; then { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} if test ! -f "$cache_file" || test -h "$cache_file"; then cat confcache >"$cache_file" else case $cache_file in #( */* | ?:*) mv -f confcache "$cache_file"$$ && mv -f "$cache_file"$$ "$cache_file" ;; #( *) mv -f confcache "$cache_file" ;; esac fi fi else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache test "x$prefix" = xNONE && prefix=$ac_default_prefix # Let make expand exec_prefix. test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' # Transform confdefs.h into DEFS. # Protect against shell expansion while executing Makefile rules. # Protect against Makefile macro expansion. # # If the first sed substitution is executed (which looks for macros that # take arguments), then branch to the quote section. Otherwise, # look for a macro that doesn't take arguments. ac_script=' :mline /\\$/{ N s,\\\n,, b mline } t clear :clear s/^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*([^)]*)\)[ ]*\(.*\)/-D\1=\2/g t quote s/^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)/-D\1=\2/g t quote b any :quote s/[ `~#$^&*(){}\\|;'\''"<>?]/\\&/g s/\[/\\&/g s/\]/\\&/g s/\$/$$/g H :any ${ g s/^\n// s/\n/ /g p } ' DEFS=`sed -n "$ac_script" confdefs.h` ac_libobjs= ac_ltlibobjs= U= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' ac_i=`$as_echo "$ac_i" | sed "$ac_script"` # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR # will be set to the directory where LIBOBJS objects are built. as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' done LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs : "${CONFIG_STATUS=./config.status}" ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 $as_echo "$as_me: creating $CONFIG_STATUS" >&6;} as_write_fail=0 cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. # Compiler output produced by configure, useful for debugging # configure, is in config.log if it exists. debug=false ac_cs_recheck=false ac_cs_silent=false SHELL=\${CONFIG_SHELL-$SHELL} export SHELL _ASEOF cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" exec 6>&1 ## ----------------------------------- ## ## Main body of $CONFIG_STATUS script. ## ## ----------------------------------- ## _ASEOF test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by ssldump $as_me 1.0, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ on `(hostname || uname -n) 2>/dev/null | sed 1q` " _ACEOF case $ac_config_files in *" "*) set x $ac_config_files; shift; ac_config_files=$*;; esac cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. config_files="$ac_config_files" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 ac_cs_usage="\ \`$as_me' instantiates files and other configuration actions from templates according to the current configuration. Unless the files and actions are specified as TAGs, all are instantiated by default. Usage: $0 [OPTION]... [TAG]... -h, --help print this help, then exit -V, --version print version number and configuration settings, then exit --config print configuration, then exit -q, --quiet, --silent do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions --file=FILE[:TEMPLATE] instantiate the configuration file FILE Configuration files: $config_files Report bugs to the package provider." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ ssldump config.status 1.0 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." ac_pwd='$ac_pwd' srcdir='$srcdir' INSTALL='$INSTALL' test -n "\$AWK" || AWK=awk _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # The default lists apply if the user does not specify any file. ac_need_defaults=: while test $# != 0 do case $1 in --*=?*) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` ac_shift=: ;; --*=) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg= ac_shift=: ;; *) ac_option=$1 ac_optarg=$2 ac_shift=shift ;; esac case $ac_option in # Handling of the options. -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) $as_echo "$ac_cs_version"; exit ;; --config | --confi | --conf | --con | --co | --c ) $as_echo "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; '') as_fn_error $? "missing file argument" ;; esac as_fn_append CONFIG_FILES " '$ac_optarg'" ac_need_defaults=false;; --he | --h | --help | --hel | -h ) $as_echo "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. -*) as_fn_error $? "unrecognized option: \`$1' Try \`$0 --help' for more information." ;; *) as_fn_append ac_config_targets " $1" ac_need_defaults=false ;; esac shift done ac_configure_extra_args= if $ac_cs_silent; then exec 6>/dev/null ac_configure_extra_args="$ac_configure_extra_args --silent" fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' export CONFIG_SHELL exec "\$@" fi _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX $as_echo "$ac_log" } >&5 _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Handling of arguments. for ac_config_target in $ac_config_targets do case $ac_config_target in "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; esac done # If the user did not use the arguments to specify the items to instantiate, # then the envvar interface is used. Set only those that are not. # We use the long form for the default assignment because of an extremely # bizarre bug on SunOS 4.1.3. if $ac_need_defaults; then test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files fi # Have a temporary directory for convenience. Make it in the build tree # simply because there is no reason against having it here, and in addition, # creating and moving files from /tmp can sometimes cause problems. # Hook for its removal unless debugging. # Note that there is a small window in which the directory will not be cleaned: # after its creation but before its name has been assigned to `$tmp'. $debug || { tmp= ac_tmp= trap 'exit_status=$? : "${ac_tmp:=$tmp}" { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status ' 0 trap 'as_fn_exit 1' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. { tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && test -d "$tmp" } || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") } || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 ac_tmp=$tmp # Set up the scripts for CONFIG_FILES section. # No need to generate them if there are no CONFIG_FILES. # This happens for instance with `./config.status config.h'. if test -n "$CONFIG_FILES"; then ac_cr=`echo X | tr X '\015'` # On cygwin, bash can eat \r inside `` if the user requested igncr. # But we know of no other shell where ac_cr would be empty at this # point, so we can use a bashism as a fallback. if test "x$ac_cr" = x; then eval ac_cr=\$\'\\r\' fi ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then ac_cs_awk_cr='\\r' else ac_cs_awk_cr=$ac_cr fi echo 'BEGIN {' >"$ac_tmp/subs1.awk" && _ACEOF { echo "cat >conf$$subs.awk <<_ACEOF" && echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && echo "_ACEOF" } >conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` ac_delim='%!_!# ' for ac_last_try in false false false false false :; do . ./conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` if test $ac_delim_n = $ac_delim_num; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done rm -f conf$$subs.sh cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && _ACEOF sed -n ' h s/^/S["/; s/!.*/"]=/ p g s/^[^!]*!// :repl t repl s/'"$ac_delim"'$// t delim :nl h s/\(.\{148\}\)..*/\1/ t more1 s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ p n b repl :more1 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t nl :delim h s/\(.\{148\}\)..*/\1/ t more2 s/["\\]/\\&/g; s/^/"/; s/$/"/ p b :more2 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t delim ' >$CONFIG_STATUS || ac_write_fail=1 rm -f conf$$subs.awk cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACAWK cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && for (key in S) S_is_set[key] = 1 FS = "" } { line = $ 0 nfields = split(line, field, "@") substed = 0 len = length(field[1]) for (i = 2; i < nfields; i++) { key = field[i] keylen = length(key) if (S_is_set[key]) { value = S[key] line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) len += length(value) + length(field[++i]) substed = 1 } else len += 1 + keylen } print line } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" else cat fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 _ACEOF # VPATH may cause trouble with some makes, so we remove sole $(srcdir), # ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ h s/// s/^/:/ s/[ ]*$/:/ s/:\$(srcdir):/:/g s/:\${srcdir}:/:/g s/:@srcdir@:/:/g s/^:*// s/:*$// x s/\(=[ ]*\).*/\1/ G s/\n// s/^[^=]*=[ ]*$// }' fi cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 fi # test -n "$CONFIG_FILES" eval set X " :F $CONFIG_FILES " shift for ac_tag do case $ac_tag in :[FHLC]) ac_mode=$ac_tag; continue;; esac case $ac_mode$ac_tag in :[FHL]*:*);; :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac ac_save_IFS=$IFS IFS=: set x $ac_tag IFS=$ac_save_IFS shift ac_file=$1 shift case $ac_mode in :L) ac_source=$1;; :[FH]) ac_file_inputs= for ac_f do case $ac_f in -) ac_f="$ac_tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, # because $ac_f cannot contain `:'. test -f "$ac_f" || case $ac_f in [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; esac case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" done # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ configure_input='Generated from '` $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' `' by configure.' if test x"$ac_file" != x-; then configure_input="$ac_file. $configure_input" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 $as_echo "$as_me: creating $ac_file" >&6;} fi # Neutralize special characters interpreted by sed in replacement strings. case $configure_input in #( *\&* | *\|* | *\\* ) ac_sed_conf_input=`$as_echo "$configure_input" | sed 's/[\\\\&|]/\\\\&/g'`;; #( *) ac_sed_conf_input=$configure_input;; esac case $ac_tag in *:-:* | *:-) cat >"$ac_tmp/stdin" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac ac_dir=`$as_dirname -- "$ac_file" || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` as_dir="$ac_dir"; as_fn_mkdir_p ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix case $ac_mode in :F) # # CONFIG_FILE # case $INSTALL in [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; esac _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # If the template does not know about datarootdir, expand it. # FIXME: This hack should be removed a few years after 2.60. ac_datarootdir_hack=; ac_datarootdir_seen= ac_sed_dataroot=' /datarootdir/ { p q } /@datadir@/p /@docdir@/p /@infodir@/p /@localedir@/p /@mandir@/p' case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in *datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 $as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_datarootdir_hack=' s&@datadir@&$datadir&g s&@docdir@&$docdir&g s&@infodir@&$infodir&g s&@localedir@&$localedir&g s&@mandir@&$mandir&g s&\\\${datarootdir}&$datarootdir&g' ;; esac _ACEOF # Neutralize VPATH when `$srcdir' = `.'. # Shell code in configure.ac might set extrasub. # FIXME: do we really want to maintain this feature? cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_sed_extra="$ac_vpsub $extrasub _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b s|@configure_input@|$ac_sed_conf_input|;t t s&@top_builddir@&$ac_top_builddir_sub&;t t s&@top_build_prefix@&$ac_top_build_prefix&;t t s&@srcdir@&$ac_srcdir&;t t s&@abs_srcdir@&$ac_abs_srcdir&;t t s&@top_srcdir@&$ac_top_srcdir&;t t s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t s&@builddir@&$ac_builddir&;t t s&@abs_builddir@&$ac_abs_builddir&;t t s&@abs_top_builddir@&$ac_abs_top_builddir&;t t s&@INSTALL@&$ac_INSTALL&;t t $ac_datarootdir_hack " eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ "$ac_tmp/out"`; test -z "$ac_out"; } && { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&5 $as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&2;} rm -f "$ac_tmp/stdin" case $ac_file in -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; esac \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac done # for ac_tag as_fn_exit 0 _ACEOF ac_clean_files=$ac_clean_files_save test $ac_write_fail = 0 || as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. # Unfortunately, on DOS this fails, as config.log is still kept open # by configure, so config.status won't be able to write to it; its # output is simply discarded. So we exec the FD to /dev/null, # effectively closing config.log, so it can be properly (re)opened and # appended to by config.status. When coming back to configure, we # need to make the FD available again. if test "$no_create" != yes; then ac_cs_success=: ac_config_status_args= test "$silent" = yes && ac_config_status_args="$ac_config_status_args --quiet" exec 5>/dev/null $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. $ac_cs_success || as_fn_exit 1 fi if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} fi ssldump-1.1/configure.in000066400000000000000000000163551354171271700153750ustar00rootroot00000000000000dnl Copyright (C) 1999-2000 RTFM, Inc. dnl All Rights Reserved dnl This package is a SSLv3/TLS protocol analyzer written by Eric dnl Rescorla and licensed by RTFM, Inc. dnl Redistribution and use in source and binary forms, with or without dnl modification, are permitted provided that the following conditions dnl are met: dnl 1. Redistributions of source code must retain the above copyright dnl notice, this list of conditions and the following disclaimer. dnl 2. Redistributions in binary form must reproduce the above dnl copyright notice, this list of conditions and the following dnl disclaimer in the documentation and/or other materials provided dnl with the distribution. dnl 3. All advertising materials mentioning features or use of this dnl software must display the following acknowledgement: dnl dnl This product includes software developed by Eric Rescorla for dnl RTFM, Inc. dnl dnl 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla dnl may be used to endorse or promote products derived from this dnl software without specific prior written permission. dnl dnl THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS dnl IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT dnl LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS dnl FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE dnl REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, dnl INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES dnl (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR dnl SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) dnl HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN dnl CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR dnl OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, dnl EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. dnl Process this file with autoconf to produce a configure script. AC_INIT(ssldump, 1.0) AC_CANONICAL_SYSTEM dnl Checks for programs. AC_PROG_CC AC_PROG_MAKE_SET AC_PROG_RANLIB AC_PROG_INSTALL AC_MSG_RESULT(configuring for $target_os) dnl Replace `main' with a function in -lm: AC_CHECK_LIB(m, pow) dnl System-specific stuff case "$target_os" in linux*) DEFINES="$DEFINES -D_BSD_SOURCE=1 -DLINUX" ;; solaris*) LIBS="$LIBS -lsocket -lnsl" ;; esac RECORD_MOD="dummy" dnl Look for PCAP dnl We absolutely need pcap ac_pcap_inc_dir="/usr/include /usr/include/pcap /usr/local/include" ac_pcap_lib_dir="/usr/local/lib64 /usr/local/lib /usr/lib64 /usr/lib" AC_ARG_WITH(pcap,[--with-pcap root location for pcap library], if test "$withval" = "no"; then AC_MSG_ERROR(PCAP required for ssldump) else ac_pcap_inc_dir=$withval/include ac_pcap_lib_dir=$withval/lib fi ) AC_ARG_WITH(pcap-inc,[--with-pcap-inc PCAP include files], ac_pcap_inc_dir=$withval ) AC_ARG_WITH(pcap-lib,[--with-pcap-lib PCAP library files], ac_pcap_lib_dir=$withval ) dnl Now look for it AC_MSG_CHECKING(for PCAP include files) ac_found_pcap_inc_dir="no" for dir in $ac_pcap_inc_dir; do if test -f $dir/pcap.h; then if test "$dir" != "/usr/include"; then INCLUDES="-I$dir $INCLUDES" fi ac_found_pcap_inc_dir=$dir echo "found in $dir" break; fi done if test "$ac_found_pcap_inc_dir" = "no"; then echo AC_MSG_ERROR(Couldn't find PCAP includes: needed for ssldump) fi AC_MSG_CHECKING(for PCAP library) ac_found_pcap_lib_dir="no" for dir in $ac_pcap_lib_dir; do if test -f $dir/libpcap.a -o -f $dir/libpcap.so; then dnl Ok, we think we've found them, but check that they dnl actually contain the right functions. save_LIBS=$LIBS save_LDFLAGS=$LDFLAGS LIBS="-lpcap $LIBS" if test "$dir" != "/usr/lib" -a "$dir" != "/usr/lib64"; then LDFLAGS="-L$dir $LDFLAGS" fi AC_TRY_LINK_FUNC(pcap_open_live,ac_linked_libpcap="true", ac_linked_libpcap="false"); if test "$ac_linked_libpcap" != "false"; then ac_found_pcap_lib_dir=$dir break fi LIBS=$save_LIBS LDFLAGS=$save_LDFLAGS fi done if test "$ac_found_pcap_lib_dir" = "no"; then echo AC_MSG_ERROR(Couldn't find PCAP library: needed for ssldump) else echo "found in $ac_found_pcap_lib_dir" fi dnl See if we can find OpenSSL dnl We can compile without OpenSSL if we have to ac_use_openssl="true" ac_openssl_lib_dir="/usr/lib /usr/local /usr/local/ssl /usr/local/ssl/lib /usr/pkg" ac_openssl_inc_dir="/usr/include /usr/local /usr/local/ssl /usr/pkg /usr/local/ssl/include" AC_ARG_WITH(openssl,[--with-openssl root location for OpenSSL], if test "$withval" = "no"; then ac_use_openssl="false" else ac_openssl_lib_dir="$withval/lib $withval" ac_openssl_inc_dir=$withval/include fi ) AC_ARG_WITH(openssl-inc,[--with-openssl-inc OpenSSL include files], ac_openssl_inc_dir=$withval ) AC_ARG_WITH(openssl-lib,[--with-openssl-lib OpenSSL library files], ac_openssl_lib_dir=$withval ) dnl Now look for OpenSSL if test "$ac_use_openssl" != "false"; then ac_found_openssl_inc_dir="no" AC_MSG_CHECKING(for OpenSSL include files) for dir in $ac_openssl_inc_dir; do if test -f $dir/openssl/ssl.h; then ac_found_openssl_inc_dir=$dir break fi done if test "$ac_found_openssl_inc_dir" != "no"; then echo "found in $ac_found_openssl_inc_dir" else echo "not found." ac_use_openssl="false" fi fi if test "$ac_use_openssl" != "false"; then ac_found_openssl_lib_dir="no" AC_MSG_CHECKING(for OpenSSL libraries) for dir in $ac_openssl_lib_dir; do found_ssl="false" if test -f $dir/libssl.a -a -f $dir/libcrypto.a; then found_ssl="true" fi if test -f $dir/libssl.so -a -f $dir/libcrypto.so; then found_ssl="true" fi if $found_ssl != "false"; then dnl Ok, we think we've found them, but check that they dnl actually contain the right functions. save_LIBS=$LIBS save_LDFLAGS=$LDFLAGS LIBS="-lssl -lcrypto $LIBS" LDFLAGS="-L$dir $LDFLAGS" AC_TRY_LINK_FUNC(SSL_load_error_strings,ac_linked_libssl="true", ac_linked_libssl="false"); AC_TRY_LINK_FUNC(RC4_set_key,ac_linked_libcrypto="true", ac_linked_libcrypto="false"); if test "$ac_linked_libssl" != "false" -a \ "$ac_linked_libcrypto" != "false"; then ac_found_openssl_lib_dir=$dir break fi LIBS=$save_LIBS LDFLAGS=$save_LDFLAGS fi done if test "$ac_found_openssl_lib_dir" != "no"; then echo "found in $ac_found_openssl_lib_dir" INCLUDES="-I$ac_found_openssl_inc_dir $INCLUDES" DEFINES="-DOPENSSL $DEFINES" else echo "not found." ac_use_openssl="false" fi fi if test "$ac_use_openssl" = "false"; then AC_MSG_WARN(compiling without OpenSSL) fi AC_ARG_WITH(record,[--with-record Compile with record module (EKR Use Only)], DEFINES="-DENABLE_RECORD $DEFINES" RECORD_MOD="record" ) dnl Replace `main' with a function in -lpcap: AC_CHECK_LIB(pcap, pcap_open) dnl Checks for header files. AC_CHECK_HEADERS(sys/time.h) AC_HEADER_STDC dnl Checks for typedefs, structures, and compiler characteristics. AC_C_CONST AC_HEADER_TIME dnl Find a 4-byte integer size AC_CHECK_SIZEOF(unsigned short) AC_CHECK_SIZEOF(unsigned int) AC_CHECK_SIZEOF(unsigned long) AC_CHECK_SIZEOF(unsigned long long) dnl Checks for library functions. AC_FUNC_MEMCMP AC_TYPE_SIGNAL AC_FUNC_VPRINTF AC_CHECK_FUNCS(strdup) AC_SUBST(RECORD_MOD) AC_SUBST(INCLUDES) AC_SUBST(DEFINES) AC_OUTPUT(Makefile) ssldump-1.1/dummy/000077500000000000000000000000001354171271700142055ustar00rootroot00000000000000ssldump-1.1/dummy/targets.mk000066400000000000000000000000001354171271700161750ustar00rootroot00000000000000ssldump-1.1/install-sh000077500000000000000000000127361354171271700150670ustar00rootroot00000000000000#!/bin/sh # # install - install a program, script, or datafile # This comes from X11R5 (mit/util/scripts/install.sh). # # Copyright 1991 by the Massachusetts Institute of Technology # # Permission to use, copy, modify, distribute, and sell this software and its # documentation for any purpose is hereby granted without fee, provided that # the above copyright notice appear in all copies and that both that # copyright notice and this permission notice appear in supporting # documentation, and that the name of M.I.T. not be used in advertising or # publicity pertaining to distribution of the software without specific, # written prior permission. M.I.T. makes no representations about the # suitability of this software for any purpose. It is provided "as is" # without express or implied warranty. # # Calling this script install-sh is preferred over install.sh, to prevent # `make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written # from scratch. It can only install one file at a time, a restriction # shared with many OS's install programs. # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. doit="${DOITPROG-}" # put in absolute paths if you don't have them in your path; or use env. vars. mvprog="${MVPROG-mv}" cpprog="${CPPROG-cp}" chmodprog="${CHMODPROG-chmod}" chownprog="${CHOWNPROG-chown}" chgrpprog="${CHGRPPROG-chgrp}" stripprog="${STRIPPROG-strip}" rmprog="${RMPROG-rm}" mkdirprog="${MKDIRPROG-mkdir}" transformbasename="" transform_arg="" instcmd="$mvprog" chmodcmd="$chmodprog 0755" chowncmd="" chgrpcmd="" stripcmd="" rmcmd="$rmprog -f" mvcmd="$mvprog" src="" dst="" dir_arg="" while [ x"$1" != x ]; do case $1 in -c) instcmd="$cpprog" shift continue;; -d) dir_arg=true shift continue;; -m) chmodcmd="$chmodprog $2" shift shift continue;; -o) chowncmd="$chownprog $2" shift shift continue;; -g) chgrpcmd="$chgrpprog $2" shift shift continue;; -s) stripcmd="$stripprog" shift continue;; -t=*) transformarg=`echo $1 | sed 's/-t=//'` shift continue;; -b=*) transformbasename=`echo $1 | sed 's/-b=//'` shift continue;; *) if [ x"$src" = x ] then src=$1 else # this colon is to work around a 386BSD /bin/sh bug : dst=$1 fi shift continue;; esac done if [ x"$src" = x ] then echo "install: no input file specified" exit 1 else true fi if [ x"$dir_arg" != x ]; then dst=$src src="" if [ -d $dst ]; then instcmd=: chmodcmd="" else instcmd=mkdir fi else # Waiting for this to be detected by the "$instcmd $src $dsttmp" command # might cause directories to be created, which would be especially bad # if $src (and thus $dsttmp) contains '*'. if [ -f $src -o -d $src ] then true else echo "install: $src does not exist" exit 1 fi if [ x"$dst" = x ] then echo "install: no destination specified" exit 1 else true fi # If destination is a directory, append the input filename; if your system # does not like double slashes in filenames, you may need to add some logic if [ -d $dst ] then dst="$dst"/`basename $src` else true fi fi ## this sed command emulates the dirname command dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` # Make sure that the destination directory exists. # this part is taken from Noah Friedman's mkinstalldirs script # Skip lots of stat calls in the usual case. if [ ! -d "$dstdir" ]; then defaultIFS=' ' IFS="${IFS-${defaultIFS}}" oIFS="${IFS}" # Some sh's can't handle IFS=/ for some reason. IFS='%' set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` IFS="${oIFS}" pathcomp='' while [ $# -ne 0 ] ; do pathcomp="${pathcomp}${1}" shift if [ ! -d "${pathcomp}" ] ; then $mkdirprog "${pathcomp}" else true fi pathcomp="${pathcomp}/" done fi if [ x"$dir_arg" != x ] then $doit $instcmd $dst && if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi else # If we're going to rename the final executable, determine the name now. if [ x"$transformarg" = x ] then dstfile=`basename $dst` else dstfile=`basename $dst $transformbasename | sed $transformarg`$transformbasename fi # don't allow the sed command to completely eliminate the filename if [ x"$dstfile" = x ] then dstfile=`basename $dst` else true fi # Make a temp file name in the proper directory. dsttmp=$dstdir/#inst.$$# # Move or copy the file name to the temp name $doit $instcmd $src $dsttmp && trap "rm -f ${dsttmp}" 0 && # and set any options; do chmod last to preserve setuid bits # If any of these fail, we abort the whole thing. If we want to # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $instcmd $src $dsttmp" command. if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && # Now rename the file to the real destination. $doit $rmcmd -f $dstdir/$dstfile && $doit $mvcmd $dsttmp $dstdir/$dstfile fi && exit 0 ssldump-1.1/null/000077500000000000000000000000001354171271700140245ustar00rootroot00000000000000ssldump-1.1/null/null_analyze.c000066400000000000000000000104131354171271700166640ustar00rootroot00000000000000/** null_analyze.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: null_analyze.c,v 1.6 2001/11/26 22:28:16 ekr Exp $ ekr@rtfm.com Thu Jan 7 22:58:27 1999 */ static char *RCSSTRING="$Id: null_analyze.c,v 1.6 2001/11/26 22:28:16 ekr Exp $"; #include #include "network.h" #include "proto_mod.h" #include "debug.h" typedef struct null_analyzer_ { int num; } null_analyzer; static int create_null_analyzer PROTO_LIST((void *handle, proto_ctx *ctx,tcp_conn *conn,proto_obj **objp, struct in_addr *i_addr,u_short i_port, struct in_addr *r_addr,u_short r_port, struct timeval *base_time)); static int create_null_analyzer(handle,ctx,conn,objp,i_addr,i_port,r_addr,r_port, base_time) void *handle; proto_ctx *ctx; tcp_conn *conn; proto_obj **objp; struct in_addr *i_addr; u_short i_port; struct in_addr *r_addr; u_short r_port; struct timeval *base_time; { null_analyzer *obj=0; static int ctr; if(!(obj=(null_analyzer *)calloc(1,sizeof(null_analyzer)))) ERETURN(R_NO_MEMORY); obj->num=ctr++; DBG((0,"Creating analyzer for connection %d\n",obj->num)); *objp=(proto_obj *)obj; return(0); } int destroy_null_analyzer(objp) proto_obj **objp; { null_analyzer *obj; if(!objp || !*objp) return(0); obj=(null_analyzer *)*objp; DBG((0,"Destroying analyzer for connection %d\n",obj->num)); free(*objp); *objp=0; return(0); } int data_null_analyzer(_obj,seg,direction) proto_obj *_obj; segment *seg; int direction; { #ifdef DEBUG null_analyzer *obj=(null_analyzer *)_obj; #endif DBG((0,"Processing data for connection %d dir %d\n",obj->num, direction)); for(;seg;seg=seg->next){ int i; for(i=0;ilen,20);i++){ if(!isascii(seg->data[i])) break; } if(i<20) xdump("NSEGMENT",seg->data,seg->len); else{ printf("NSEGMENT: "); fwrite(seg->data,1,seg->len,stdout); } printf("====\n"); } return(0); } int fin_null_analyzer(_obj,p,direction) proto_obj *_obj; packet *p; int direction; { #ifdef DEBUG null_analyzer *obj=(null_analyzer *)_obj; #endif DBG((0,"Received FIN on connection %d\n",obj->num)); return(0); } static struct proto_mod_vtbl_ null_vtbl ={ 0, 0, 0, create_null_analyzer, destroy_null_analyzer, data_null_analyzer, fin_null_analyzer, }; struct proto_mod_ null_mod = { 0, &null_vtbl }; ssldump-1.1/null/null_analyze.h000066400000000000000000000040471354171271700166770ustar00rootroot00000000000000/** null_analyze.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: null_analyze.h,v 1.2 2000/10/17 16:10:01 ekr Exp $ ekr@rtfm.com Fri Jan 8 11:23:10 1999 */ #ifndef _null_analyze_h #define _null_analyze_h extern proto_mod null_mod; #endif ssldump-1.1/null/targets.mk000066400000000000000000000156241354171271700160360ustar00rootroot00000000000000# # targets.mk # # $Source: /usr/local/CVS/ssldump/null/targets.mk,v $ # $Revision: 1.1.1.1 $ # $Date: 2000/10/09 00:45:39 $ # $Name: $ # $Disclaimer$ # # Copyright (C) 1999, Terisa Systems, Inc. # All Rights Reserved. # # ekr@terisa.com # # # CONFIGURE USER-DEFINED MAKE ENVIRONMENT # # These fields are specified by the user. The remainder of # this file is generated from this user-specified information. # # ANALYZE_NULL_DEFINES: # cpp defines, with the -D flag preceeding each # # ANALYZE_NULL_INCLUDES: # cpp include directories, with the -I flag preceeding each # # ANALYZE_NULL_INTERNAL: # headers files which are local to a specific module directory, # and should not be used by other parts of the toolkit or by # the user # # ANALYZE_NULL_LIBNAME: # the library associated with this module directory, used in # most cases for debugging purposes # # ANALYZE_NULL_LIBPATHS: # link-time directories to search for libraries, with the -L flag # preceeding each # # ANALYZE_NULL_LIBRARIES: # link-time libraries, with the -l flag preceeding each # # ANALYZE_NULL_LOCALFLAGS: # compile-time flags specific to compiling only the files in # this module directory--this variable should only be set in # extremely exceptional cases # # ANALYZE_NULL_MAKEFILES: # the makefiles # # ANALYZE_NULL_PREFIX: # defines the module name, which also serves as the # prefix for all the variable names defined in this file # # ANALYZE_NULL_PRIVATE: # the private, for-toolkit-use-only API header files # # ANALYZE_NULL_PROGRAMS: # programs to build # # ANALYZE_NULL_PUBLIC: # the header files that define the public API for the toolkit # and any other 'public' files that should be copied to # the build directory # # ANALYZE_NULL_SOURCES: # the source files to compile to object # ANALYZE_NULL_DEFINES = ANALYZE_NULL_INCLUDES = -I$(ANALYZE_NULL_SRCDIR) ANALYZE_NULL_INTERNAL = ANALYZE_NULL_LIBNAME = ANALYZE_NULL_LIBPATHS = ANALYZE_NULL_LIBRARIES = ANALYZE_NULL_LOCALFLAGS = ANALYZE_NULL_MAKEFILES = targets.mk ANALYZE_NULL_PREFIX = ANALYZE_NULL ANALYZE_NULL_PRIVATE = null_analyze.h ANALYZE_NULL_PROGRAMS = ANALYZE_NULL_PUBLIC = ANALYZE_NULL_SOURCES = null_analyze.c # # CONFIGURE AUTOMATICALLY-GENERATED MAKE ENVIRONMENT # # ANALYZE_NULL_OBJECTS: # object files to build # # ANALYZE_NULL_UNUSED: # obsolete files in the module directory that are not # used during the build process # # ANALYZE_NULL_USED: # all files in the module directory that are used # during the build process # ANALYZE_NULL_OBJECTS = null_analyze.$(OBJSUFFIX) ANALYZE_NULL_UNUSED = ANALYZE_NULL_USED = $(ANALYZE_NULL_INTERNAL:%=$(ANALYZE_NULL_SRCDIR)%) \ $(ANALYZE_NULL_MAKEFILES:%=$(ANALYZE_NULL_SRCDIR)%) \ $(ANALYZE_NULL_PRIVATE:%=$(ANALYZE_NULL_SRCDIR)%) \ $(ANALYZE_NULL_PUBLIC:%=$(ANALYZE_NULL_SRCDIR)%) \ $(ANALYZE_NULL_SOURCES:%=$(ANALYZE_NULL_SRCDIR)%) # # NOTES # # The following variables may be used during the build process, # but are not defined in this file. If they are to be set # to something other than the default blank, then they must # be set by the calling make system. # # ANALYZE_NULL_SRCDIR: # if the build target directory is different from the # module directory (the source directory), then this # variable contains the relative or full path of # the module directory # # LIBARS: # the library archive files (with fully-specified paths) that # executables built from this module directory depend upon # # LIBPATHS: # the paths to search for library archives (specified with # the -L) # # LIBRARIES: # the libraries to use while building executables from # this module directory (specified with the -l) # # # GLOBAL ENVIRONMENT # DEFINES += $(ANALYZE_NULL_DEFINES) INCLUDES += $(ANALYZE_NULL_INCLUDES) LIBPATHS += $(ANALYZE_NULL_LIBPATHS) LIBRARIES += $(ANALYZE_NULL_LIBRARIES) OBJECTS += $(ANALYZE_NULL_OBJECTS) PUBLIC += $(ANALYZE_NULL_PUBLIC) # # GENERIC DEPENDENCIES # # default: # default dependency, must be the first dependency in this makefile # # all: # build everything in this module directory # # build: # make only the toolkit build files of this module directory # # ci: # perform an RCS check-in of this module directory # # clean: # remove the compiled files # # clean_public: # remove the public header files that have been copied # to a public build directory # # objects: # build the object files (this dependency is used for # building the toolkit library) # # private: # build only the private API header files # # public: # build only the public API header files # default: $(ANALYZE_NULL_LIBNAME) default: $(ANALYZE_NULL_PROGRAMS) all: $(ANALYZE_NULL_PUBLIC) all: $(ANALYZE_NULL_OBJECTS) all: $(ANALYZE_NULL_LIBNAME) all: $(ANALYZE_NULL_PROGRAMS) build: $(ANALYZE_NULL_PUBLIC) build: $(ANALYZE_NULL_OBJECTS) ci: analyze_null_ci clean: analyze_null_clean clean_public: analyze_null_clean_public objects: $(ANALYZE_NULL_OBJECTS) private: $(ANALYZE_NULL_PRIVATE) public: $(ANALYZE_NULL_PUBLIC) # # LOCAL UTILITY DEPENDENCIES # # utility dependencies are necessary because of some # make-isms having to do with dependencies # analyze_null_ci: $(CI) $(CIFLAGS) $(ANALYZE_NULL_USED) analyze_null_clean: $(RM) $(RMFLAGS) $(ANALYZE_NULL_OBJECTS) $(ANALYZE_NULL_LIBNAME) $(ANALYZE_NULL_PROGRAMS) analyze_null_clean_public: $(RM) $(RMFLAGS) $(ANALYZE_NULL_PUBLIC) analyze_null_objects: $(ANALYZE_NULL_OBJECTS) analyze_null_programs: $(ANALYZE_NULL_PROGRAMS) analyze_null_public: $(ANALYZE_NULL_PUBLIC) # # BUILD DEPENDENCIES # # build dependencies invoke the rule used to build each # class of file # $(ANALYZE_NULL_LIBNAME): $(AR) $(ARFLAGS) $@ $? $(RANLIB) $@ $(ANALYZE_NULL_OBJECTS): $(COMPILE.c) $(ANALYZE_NULL_SRCDIR)$(@:%.o=%.c) $(DEFINES) $(INCLUDES) $(ANALYZE_NULL_LOCALFLAGS) $(ANALYZE_NULL_PUBLIC): $(CP) $(CPFLAGS) $(ANALYZE_NULL_SRCDIR)$@ $@ $(ANALYZE_NULL_PROGRAMS): $(LINK.c) $@.$(OBJSUFFIX) $(LDLIBS) $(LIBS) $(LIBRARIES) $(LIBPATHS) #LIBS above is obsolete (use LIBARARIES instead) # # FILE DEPENDENCIES # # file dependencies state, for each file that is built, # which file(s) it depends upon # null_analyze.$(OBJSUFFIX): $(ANALYZE_NULL_SRCDIR)null_analyze.h null_analyze.$(OBJSUFFIX): $(ANALYZE_NULL_SRCDIR)null_analyze.c $(ANALYZE_NULL_LIBNAME): $(ANALYZE_NULL_OBJECTS) ssldump-1.1/rules.mk000066400000000000000000000002761354171271700145420ustar00rootroot00000000000000OBJSUFFIX=o LIBSUFFIX=a RANLIB=ranlib COMPILE.c = $(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ LINK.c = $(CC) $(CFLAGS) $(LDFLAGS) -o $@ .c.$(OBJSUFFIX): $(COMPILE.c) $(OUTPUT_OPTION) $< ssldump-1.1/ssl/000077500000000000000000000000001354171271700136535ustar00rootroot00000000000000ssldump-1.1/ssl/ciphersuites.c000066400000000000000000000322761354171271700165400ustar00rootroot00000000000000/** ciphersuites.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: ciphersuites.c,v 1.3 2002/08/17 01:33:17 ekr Exp $ ekr@rtfm.com Tue Mar 30 17:19:56 1999 */ static char *RCSSTRING="$Id: ciphersuites.c,v 1.3 2002/08/17 01:33:17 ekr Exp $"; #include #include "sslciphers.h" static SSL_CipherSuite CipherSuites[]={ {1,KEX_RSA,SIG_RSA,ENC_NULL,0,0,0,DIG_MD5,16,0}, {2,KEX_RSA,SIG_RSA,ENC_NULL,0,0,0,DIG_SHA,20,0}, {3,KEX_RSA,SIG_RSA,ENC_RC4,1,128,40,DIG_MD5,16,1}, {4,KEX_RSA,SIG_RSA,ENC_RC4,1,128,128,DIG_MD5,16,0}, {5,KEX_RSA,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA,20,0}, {6,KEX_RSA,SIG_RSA,ENC_RC2,8,128,40,DIG_SHA,20,1}, {7,KEX_RSA,SIG_RSA,ENC_IDEA,8,128,128,DIG_SHA,20,0}, {8,KEX_RSA,SIG_RSA,ENC_DES,8,64,40,DIG_SHA,20,1}, {9,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,0}, {10,KEX_RSA,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0}, {11,KEX_DH,SIG_DSS,ENC_DES,8,64,40,DIG_SHA,20,1}, {12,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,0}, {13,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0}, {14,KEX_DH,SIG_RSA,ENC_DES,8,64,40,DIG_SHA,20,1}, {15,KEX_DH,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,0}, {16,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0}, {17,KEX_DH,SIG_DSS,ENC_DES,8,64,40,DIG_SHA,20,1}, {18,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,0}, {19,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0}, {20,KEX_DH,SIG_RSA,ENC_DES,8,64,40,DIG_SHA,20,1}, {21,KEX_DH,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,0}, {22,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0}, {23,KEX_DH,SIG_NONE,ENC_RC4,1,128,40,DIG_MD5,16,1}, {24,KEX_DH,SIG_NONE,ENC_RC4,1,128,128,DIG_MD5,16,0}, {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1}, {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0}, {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0}, // Missing: 44-46 {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0}, {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, {50,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0}, {51,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, {52,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0}, {53,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, {54,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0}, {55,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0}, {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0}, {59,KEX_RSA,SIG_RSA,ENC_NULL,0,0,0,DIG_SHA256,32,0}, {60,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0}, {61,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256,32,0}, {62,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0}, {63,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0}, {64,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0}, {65,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, {66,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, {67,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, {68,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, {69,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, {70,KEX_DH,SIG_NONE,ENC_CAMELLIA128,16,128,128,DIG_SHA,20,0}, {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1}, {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1}, {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1}, {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1}, {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1}, {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1}, {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0}, {103,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0}, {104,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA256,32,0}, {105,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256,32,0}, {106,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA256,32,0}, {107,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA256,32,0}, {108,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA256,32,0}, {109,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA256,32,0}, {132,KEX_RSA,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, {133,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, {134,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, {135,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, {136,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, {137,KEX_DH,SIG_NONE,ENC_CAMELLIA256,16,256,256,DIG_SHA,20,0}, // Missing: 138-149 {150,KEX_RSA,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0}, {151,KEX_DH,SIG_DSS,ENC_SEED,16,128,128,DIG_SHA,20,0}, {152,KEX_DH,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0}, {153,KEX_DH,SIG_DSS,ENC_SEED,16,128,128,DIG_SHA,20,0}, {154,KEX_DH,SIG_RSA,ENC_SEED,16,128,128,DIG_SHA,20,0}, {155,KEX_DH,SIG_NONE,ENC_SEED,16,128,128,DIG_SHA,20,0}, {156,KEX_RSA,SIG_RSA,ENC_AES128_GCM,4,128,128,DIG_SHA256,32,0}, {157,KEX_RSA,SIG_RSA,ENC_AES256_GCM,4,256,256,DIG_SHA384,48,0}, {158,KEX_DH,SIG_RSA,ENC_AES128_GCM,4,128,128,DIG_SHA256,32,0}, {159,KEX_DH,SIG_RSA,ENC_AES256_GCM,4,256,256,DIG_SHA384,48,0}, {160,KEX_DH,SIG_RSA,ENC_AES128_GCM,4,128,128,DIG_SHA256,32,0}, {161,KEX_DH,SIG_RSA,ENC_AES256_GCM,4,256,256,DIG_SHA384,48,0}, {162,KEX_DH,SIG_DSS,ENC_AES128_GCM,4,128,128,DIG_SHA256,32,0}, {163,KEX_DH,SIG_DSS,ENC_AES256_GCM,4,256,256,DIG_SHA384,48,0}, {164,KEX_DH,SIG_DSS,ENC_AES128_GCM,4,128,128,DIG_SHA256,32,0}, {165,KEX_DH,SIG_DSS,ENC_AES256_GCM,4,256,256,DIG_SHA384,48,0}, {166,KEX_DH,SIG_NONE,ENC_AES128_GCM,4,128,128,DIG_SHA256,32,0}, {167,KEX_DH,SIG_NONE,ENC_AES256_GCM,4,256,256,DIG_SHA384,48,0}, // Missing: 168-185 {186,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, {187,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, {188,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, {189,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, {190,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, {191,KEX_DH,SIG_NONE,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, {192,KEX_RSA,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, {193,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, {194,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, {195,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, {196,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, {197,KEX_DH,SIG_NONE,ENC_CAMELLIA256,16,256,256,DIG_SHA256,32,0}, {49153,KEX_DH,SIG_DSS,ENC_NULL,0,0,0,DIG_SHA,20,0}, {49154,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0}, {49155,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0}, {49156,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0}, {49157,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0}, {49158,KEX_DH,SIG_DSS,ENC_NULL,0,0,0,DIG_SHA,20,0}, {49159,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0}, {49160,KEX_DH,SIG_DSS,ENC_3DES,8,192,192,DIG_SHA,20,0}, {49161,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0}, {49162,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0}, {49163,KEX_DH,SIG_RSA,ENC_NULL,0,0,0,DIG_SHA,20,0}, {49164,KEX_DH,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA,20,0}, {49165,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0}, {49166,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, {49167,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, {49168,KEX_DH,SIG_RSA,ENC_NULL,0,0,0,DIG_SHA,20,0}, {49169,KEX_DH,SIG_RSA,ENC_RC4,1,128,128,DIG_SHA,20,0}, {49170,KEX_DH,SIG_RSA,ENC_3DES,8,192,192,DIG_SHA,20,0}, {49171,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0}, {49172,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0}, {49173,KEX_DH,SIG_NONE,ENC_NULL,0,0,0,DIG_SHA,20,0}, {49174,KEX_DH,SIG_NONE,ENC_RC4,1,128,128,DIG_SHA,20,0}, {49175,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_SHA,20,0}, {49176,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0}, {49177,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0}, {49187,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0}, {49188,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384,48,0}, {49189,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA256,32,0}, {49190,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA384,48,0}, {49191,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0}, {49192,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0}, {49193,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA256,32,0}, {49194,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA384,48,0}, {49195,KEX_DH,SIG_DSS,ENC_AES128_GCM,4,128,128,DIG_SHA256,32,0}, {49196,KEX_DH,SIG_DSS,ENC_AES256_GCM,4,256,256,DIG_SHA384,48,0}, {49197,KEX_DH,SIG_DSS,ENC_AES128_GCM,4,128,128,DIG_SHA256,32,0}, {49198,KEX_DH,SIG_DSS,ENC_AES256_GCM,4,256,256,DIG_SHA384,48,0}, {49199,KEX_DH,SIG_RSA,ENC_AES128_GCM,4,128,128,DIG_SHA256,32,0}, {49200,KEX_DH,SIG_RSA,ENC_AES256_GCM,4,256,256,DIG_SHA384,48,0}, {49201,KEX_DH,SIG_RSA,ENC_AES128_GCM,4,128,128,DIG_SHA256,32,0}, {49202,KEX_DH,SIG_RSA,ENC_AES256_GCM,4,256,256,DIG_SHA384,48,0}, // Missing: 49203-49211 {49266,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, {49267,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0}, {49268,KEX_DH,SIG_DSS,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, {49269,KEX_DH,SIG_DSS,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0}, {49270,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, {49271,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0}, {49272,KEX_DH,SIG_RSA,ENC_CAMELLIA128,16,128,128,DIG_SHA256,32,0}, {49273,KEX_DH,SIG_RSA,ENC_CAMELLIA256,16,256,256,DIG_SHA256,48,0}, {49274,KEX_RSA,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, {49275,KEX_RSA,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, {49276,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, {49277,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, {49278,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, {49279,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, {49280,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, {49281,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, {49282,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, {49283,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, {49284,KEX_DH,SIG_NONE,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, {49285,KEX_DH,SIG_NONE,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, {49286,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, {49287,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, {49288,KEX_DH,SIG_DSS,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, {49289,KEX_DH,SIG_DSS,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, {49290,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, {49291,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, {49292,KEX_DH,SIG_RSA,ENC_CAMELLIA128,4,128,128,DIG_SHA256,32,0}, {49293,KEX_DH,SIG_RSA,ENC_CAMELLIA256,4,256,256,DIG_SHA384,48,0}, // Missing: 49294-49307 {-1} }; int ssl_find_cipher(num,cs) int num; SSL_CipherSuite **cs; { SSL_CipherSuite *c; for(c=CipherSuites;c->number!=-1;c++){ if(c->number==num){ *cs=c; return(0); } } ERETURN(R_NOT_FOUND); } ssldump-1.1/ssl/ciphersuites.h000066400000000000000000000041131354171271700165320ustar00rootroot00000000000000/** ciphersuites.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: ciphersuites.h,v 1.2 2000/10/17 16:10:01 ekr Exp $ ekr@rtfm.com Sat Sep 23 18:01:27 2000 */ #ifndef _ciphersuites_h #define _ciphersuites_h int ssl_find_cipher PROTO_LIST((int num,SSL_CipherSuite **cs)); #endif ssldump-1.1/ssl/lex.yy.c000066400000000000000000001257411354171271700152610ustar00rootroot00000000000000/* A lexical scanner generated by flex */ /* Scanner skeleton version: * $Header: /usr/local/CVS/ssldump/ssl/lex.yy.c,v 1.2 2002/04/15 16:53:59 ekr Exp $ * $FreeBSD: src/usr.bin/lex/flex.skl,v 1.4 1999/10/27 07:56:44 obrien Exp $ */ #define FLEX_SCANNER #define YY_FLEX_MAJOR_VERSION 2 #define YY_FLEX_MINOR_VERSION 5 #include /* cfront 1.2 defines "c_plusplus" instead of "__cplusplus" */ #ifdef c_plusplus #ifndef __cplusplus #define __cplusplus #endif #endif #ifdef __cplusplus #include #include /* Use prototypes in function declarations. */ #define YY_USE_PROTOS /* The "const" storage-class-modifier is valid. */ #define YY_USE_CONST #else /* ! __cplusplus */ #if __STDC__ #define YY_USE_PROTOS #define YY_USE_CONST #endif /* __STDC__ */ #endif /* ! __cplusplus */ #ifdef __TURBOC__ #pragma warn -rch #pragma warn -use #include #include #define YY_USE_CONST #define YY_USE_PROTOS #endif #ifdef YY_USE_CONST #define yyconst const #else #define yyconst #endif #ifdef YY_USE_PROTOS #define YY_PROTO(proto) proto #else #define YY_PROTO(proto) () #endif /* Returned upon end-of-file. */ #define YY_NULL 0 /* Promotes a possibly negative, possibly signed char to an unsigned * integer for use as an array index. If the signed char is negative, * we want to instead treat it as an 8-bit unsigned char, hence the * double cast. */ #define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c) /* Enter a start condition. This macro really ought to take a parameter, * but we do it the disgusting crufty way forced on us by the ()-less * definition of BEGIN. */ #define BEGIN yy_start = 1 + 2 * /* Translate the current start state into a value that can be later handed * to BEGIN to return to the state. The YYSTATE alias is for lex * compatibility. */ #define YY_START ((yy_start - 1) / 2) #define YYSTATE YY_START /* Action number for EOF rule of a given start state. */ #define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1) /* Special action meaning "start processing a new file". */ #define YY_NEW_FILE yyrestart( yyin ) #define YY_END_OF_BUFFER_CHAR 0 /* Size of default input buffer. */ #define YY_BUF_SIZE 16384 typedef struct yy_buffer_state *YY_BUFFER_STATE; extern int yyleng; extern FILE *yyin, *yyout; #define EOB_ACT_CONTINUE_SCAN 0 #define EOB_ACT_END_OF_FILE 1 #define EOB_ACT_LAST_MATCH 2 /* The funky do-while in the following #define is used to turn the definition * int a single C statement (which needs a semi-colon terminator). This * avoids problems with code like: * * if ( condition_holds ) * yyless( 5 ); * else * do_something_else(); * * Prior to using the do-while the compiler would get upset at the * "else" because it interpreted the "if" statement as being all * done when it reached the ';' after the yyless() call. */ /* Return all but the first 'n' matched characters back to the input stream. */ #define yyless(n) \ do \ { \ /* Undo effects of setting up yytext. */ \ *yy_cp = yy_hold_char; \ YY_RESTORE_YY_MORE_OFFSET \ yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \ YY_DO_BEFORE_ACTION; /* set up yytext again */ \ } \ while ( 0 ) #define unput(c) yyunput( c, yytext_ptr ) /* The following is because we cannot portably get our hands on size_t * (without autoconf's help, which isn't available because we want * flex-generated scanners to compile on their own). */ typedef unsigned int yy_size_t; struct yy_buffer_state { FILE *yy_input_file; char *yy_ch_buf; /* input buffer */ char *yy_buf_pos; /* current position in input buffer */ /* Size of input buffer in bytes, not including room for EOB * characters. */ yy_size_t yy_buf_size; /* Number of characters read into yy_ch_buf, not including EOB * characters. */ int yy_n_chars; /* Whether we "own" the buffer - i.e., we know we created it, * and can realloc() it to grow it, and should free() it to * delete it. */ int yy_is_our_buffer; /* Whether this is an "interactive" input source; if so, and * if we're using stdio for input, then we want to use getc() * instead of fread(), to make sure we stop fetching input after * each newline. */ int yy_is_interactive; /* Whether we're considered to be at the beginning of a line. * If so, '^' rules will be active on the next match, otherwise * not. */ int yy_at_bol; /* Whether to try to fill the input buffer when we reach the * end of it. */ int yy_fill_buffer; int yy_buffer_status; #define YY_BUFFER_NEW 0 #define YY_BUFFER_NORMAL 1 /* When an EOF's been seen but there's still some text to process * then we mark the buffer as YY_EOF_PENDING, to indicate that we * shouldn't try reading from the input source any more. We might * still have a bunch of tokens to match, though, because of * possible backing-up. * * When we actually see the EOF, we change the status to "new" * (via yyrestart()), so that the user can continue scanning by * just pointing yyin at a new input file. */ #define YY_BUFFER_EOF_PENDING 2 }; static YY_BUFFER_STATE yy_current_buffer = 0; /* We provide macros for accessing buffer states in case in the * future we want to put the buffer states in a more general * "scanner state". */ #define YY_CURRENT_BUFFER yy_current_buffer /* yy_hold_char holds the character lost when yytext is formed. */ static char yy_hold_char; static int yy_n_chars; /* number of characters read into yy_ch_buf */ int yyleng; /* Points to current character in buffer. */ static char *yy_c_buf_p = (char *) 0; static int yy_init = 1; /* whether we need to initialize */ static int yy_start = 0; /* start state number */ /* Flag which is used to allow yywrap()'s to do buffer switches * instead of setting up a fresh yyin. A bit of a hack ... */ static int yy_did_buffer_switch_on_eof; void yyrestart YY_PROTO(( FILE *input_file )); void yy_switch_to_buffer YY_PROTO(( YY_BUFFER_STATE new_buffer )); void yy_load_buffer_state YY_PROTO(( void )); YY_BUFFER_STATE yy_create_buffer YY_PROTO(( FILE *file, int size )); void yy_delete_buffer YY_PROTO(( YY_BUFFER_STATE b )); void yy_init_buffer YY_PROTO(( YY_BUFFER_STATE b, FILE *file )); void yy_flush_buffer YY_PROTO(( YY_BUFFER_STATE b )); #define YY_FLUSH_BUFFER yy_flush_buffer( yy_current_buffer ) YY_BUFFER_STATE yy_scan_buffer YY_PROTO(( char *base, yy_size_t size )); YY_BUFFER_STATE yy_scan_string YY_PROTO(( yyconst char *yy_str )); YY_BUFFER_STATE yy_scan_bytes YY_PROTO(( yyconst char *bytes, int len )); static void *yy_flex_alloc YY_PROTO(( yy_size_t )); static void *yy_flex_realloc YY_PROTO(( void *, yy_size_t )); static void yy_flex_free YY_PROTO(( void * )); #define yy_new_buffer yy_create_buffer #define yy_set_interactive(is_interactive) \ { \ if ( ! yy_current_buffer ) \ yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \ yy_current_buffer->yy_is_interactive = is_interactive; \ } #define yy_set_bol(at_bol) \ { \ if ( ! yy_current_buffer ) \ yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \ yy_current_buffer->yy_at_bol = at_bol; \ } #define YY_AT_BOL() (yy_current_buffer->yy_at_bol) #define YY_USES_REJECT typedef unsigned char YY_CHAR; FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0; typedef int yy_state_type; extern int yylineno; int yylineno = 1; extern char *yytext; #define yytext_ptr yytext static yy_state_type yy_get_previous_state YY_PROTO(( void )); static yy_state_type yy_try_NUL_trans YY_PROTO(( yy_state_type current_state )); static int yy_get_next_buffer YY_PROTO(( void )); static void yy_fatal_error YY_PROTO(( yyconst char msg[] )); /* Done after the current pattern has been matched and before the * corresponding action - sets up yytext. */ #define YY_DO_BEFORE_ACTION \ yytext_ptr = yy_bp; \ yyleng = (int) (yy_cp - yy_bp); \ yy_hold_char = *yy_cp; \ *yy_cp = '\0'; \ yy_c_buf_p = yy_cp; #define YY_NUM_RULES 32 #define YY_END_OF_BUFFER 33 static yyconst short int yy_acclist[153] = { 0, 33, 31, 32, 12, 31, 32, 12, 32, 18, 31, 32, 19, 31, 32, 26, 31, 32, 29, 31, 32, 27, 31, 32, 31, 32, 14, 31, 32, 14, 31, 32, 25, 31, 32, 24, 31, 32, 22, 31, 32, 30, 31, 32, 23, 31, 32, 31, 32, 20, 31, 32, 21, 31, 32, 28, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 31, 32, 16, 31, 32, 17, 31, 32, 12, 1, 14, 13, 13, 13, 13, 13, 13, 13, 13, 13, 15, 13, 13, 13, 13, 13, 13, 13, 13, 10, 9, 13, 13, 13, 2, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 11, 13, 13, 4, 13, 13, 5, 13, 3, 13, 13, 13, 13, 6, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 7, 13, 13, 13, 13, 13, 8, 13 } ; static yyconst short int yy_accept[110] = { 0, 1, 1, 1, 2, 4, 7, 9, 12, 15, 18, 21, 24, 26, 29, 32, 35, 38, 41, 44, 47, 49, 52, 55, 58, 60, 62, 64, 66, 68, 70, 73, 76, 77, 78, 78, 79, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 88, 88, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 97, 98, 100, 101, 102, 104, 105, 106, 107, 108, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 119, 120, 122, 124, 125, 126, 127, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 147, 148, 149, 150, 151, 153, 153 } ; static yyconst int yy_ec[256] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, 1, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 2, 1, 1, 1, 1, 1, 1, 1, 4, 5, 6, 1, 7, 8, 9, 10, 11, 12, 12, 12, 12, 12, 12, 12, 12, 12, 13, 14, 15, 16, 17, 1, 18, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 19, 20, 1, 21, 22, 23, 1, 24, 25, 26, 27, 28, 19, 29, 19, 30, 19, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 19, 19, 42, 43, 19, 44, 1, 45, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 } ; static yyconst int yy_meta[46] = { 0, 1, 1, 1, 1, 1, 1, 1, 2, 2, 3, 4, 4, 1, 1, 1, 1, 1, 5, 4, 1, 1, 1, 2, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 1, 1 } ; static yyconst short int yy_base[113] = { 0, 0, 0, 141, 142, 44, 46, 142, 142, 142, 142, 131, 133, 39, 41, 142, 142, 142, 142, 142, 0, 142, 142, 142, 30, 108, 103, 100, 94, 27, 116, 142, 54, 142, 127, 47, 0, 0, 93, 97, 101, 88, 104, 102, 94, 87, 0, 118, 54, 0, 95, 83, 91, 87, 82, 86, 89, 75, 97, 142, 0, 74, 73, 0, 71, 81, 84, 83, 63, 83, 82, 77, 78, 63, 62, 142, 67, 68, 0, 91, 0, 0, 58, 65, 65, 0, 52, 66, 79, 40, 41, 71, 48, 49, 47, 41, 40, 47, 44, 33, 43, 26, 0, 32, 26, 35, 35, 0, 142, 80, 84, 57, 89 } ; static yyconst short int yy_def[113] = { 0, 108, 1, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 109, 108, 108, 108, 109, 109, 109, 109, 109, 109, 108, 108, 108, 108, 110, 108, 111, 109, 109, 109, 109, 109, 109, 109, 109, 109, 112, 110, 110, 111, 109, 109, 109, 109, 109, 109, 109, 109, 112, 108, 109, 109, 109, 109, 109, 109, 109, 109, 108, 109, 109, 109, 109, 109, 109, 108, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 109, 0, 108, 108, 108, 108 } ; static yyconst short int yy_nxt[188] = { 0, 4, 5, 6, 7, 8, 4, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 4, 20, 21, 22, 23, 4, 20, 20, 24, 25, 26, 20, 20, 20, 20, 20, 20, 27, 28, 20, 20, 29, 20, 20, 20, 20, 30, 31, 32, 32, 32, 32, 35, 35, 35, 35, 38, 44, 32, 32, 35, 35, 48, 49, 107, 106, 59, 39, 105, 45, 104, 103, 102, 101, 100, 99, 98, 97, 96, 95, 94, 93, 92, 36, 37, 91, 37, 47, 47, 90, 47, 47, 58, 58, 58, 58, 89, 88, 87, 86, 85, 84, 83, 82, 81, 80, 79, 78, 77, 76, 75, 74, 73, 72, 71, 70, 69, 68, 67, 66, 65, 64, 63, 62, 61, 60, 48, 57, 56, 55, 54, 53, 52, 51, 50, 48, 46, 43, 42, 41, 40, 34, 33, 108, 3, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108 } ; static yyconst short int yy_chk[188] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 5, 5, 6, 6, 13, 13, 14, 14, 24, 29, 32, 32, 35, 35, 48, 111, 106, 105, 48, 24, 104, 29, 103, 101, 100, 99, 98, 97, 96, 95, 94, 93, 92, 91, 90, 13, 109, 89, 109, 110, 110, 88, 110, 110, 112, 112, 112, 112, 87, 86, 84, 83, 82, 79, 77, 76, 74, 73, 72, 71, 70, 69, 68, 67, 66, 65, 64, 62, 61, 58, 57, 56, 55, 54, 53, 52, 51, 50, 47, 45, 44, 43, 42, 41, 40, 39, 38, 34, 30, 28, 27, 26, 25, 12, 11, 3, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108, 108 } ; static yy_state_type yy_state_buf[YY_BUF_SIZE + 2], *yy_state_ptr; static char *yy_full_match; static int yy_lp; #define REJECT \ { \ *yy_cp = yy_hold_char; /* undo effects of setting up yytext */ \ yy_cp = yy_full_match; /* restore poss. backed-over text */ \ ++yy_lp; \ goto find_rule; \ } #define yymore() yymore_used_but_not_detected #define YY_MORE_ADJ 0 #define YY_RESTORE_YY_MORE_OFFSET char *yytext; #line 1 "ssl.l" #define INITIAL 0 #line 4 "ssl.l" #include "y.tab.h" #if 0 #define RETURN(x) printf("TOK:%s\n",#x); return(x) #else #define RETURN return #endif long strtol(); #line 479 "lex.yy.c" /* Macros after this point can all be overridden by user definitions in * section 1. */ #ifndef YY_SKIP_YYWRAP #ifdef __cplusplus extern "C" int yywrap YY_PROTO(( void )); #else extern int yywrap YY_PROTO(( void )); #endif #endif #ifndef YY_NO_UNPUT static void yyunput YY_PROTO(( int c, char *buf_ptr )); #endif #ifndef yytext_ptr static void yy_flex_strncpy YY_PROTO(( char *, yyconst char *, int )); #endif #ifdef YY_NEED_STRLEN static int yy_flex_strlen YY_PROTO(( yyconst char * )); #endif #ifndef YY_NO_INPUT #ifdef __cplusplus static int yyinput YY_PROTO(( void )); #else static int input YY_PROTO(( void )); #endif #endif #if YY_STACK_USED static int yy_start_stack_ptr = 0; static int yy_start_stack_depth = 0; static int *yy_start_stack = 0; #ifndef YY_NO_PUSH_STATE static void yy_push_state YY_PROTO(( int new_state )); #endif #ifndef YY_NO_POP_STATE static void yy_pop_state YY_PROTO(( void )); #endif #ifndef YY_NO_TOP_STATE static int yy_top_state YY_PROTO(( void )); #endif #else #define YY_NO_PUSH_STATE 1 #define YY_NO_POP_STATE 1 #define YY_NO_TOP_STATE 1 #endif #ifdef YY_MALLOC_DECL YY_MALLOC_DECL #else #if __STDC__ #ifndef __cplusplus #include #endif #else /* Just try to get by without declaring the routines. This will fail * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int) * or sizeof(void*) != sizeof(int). */ #endif #endif /* Amount of stuff to slurp up with each read. */ #ifndef YY_READ_BUF_SIZE #define YY_READ_BUF_SIZE 8192 #endif /* Copy whatever the last rule matched to the standard output. */ #ifndef ECHO /* This used to be an fputs(), but since the string might contain NUL's, * we now use fwrite(). */ #define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) #endif /* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, * is returned in "result". */ #ifndef YY_INPUT #define YY_INPUT(buf,result,max_size) \ if ( yy_current_buffer->yy_is_interactive ) \ { \ int c = '*', n; \ for ( n = 0; n < max_size && \ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ buf[n] = (char) c; \ if ( c == '\n' ) \ buf[n++] = (char) c; \ if ( c == EOF && ferror( yyin ) ) \ YY_FATAL_ERROR( "input in flex scanner failed" ); \ result = n; \ } \ else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \ && ferror( yyin ) ) \ YY_FATAL_ERROR( "input in flex scanner failed" ); #endif /* No semi-colon after return; correct usage is to write "yyterminate();" - * we don't want an extra ';' after the "return" because that will cause * some compilers to complain about unreachable statements. */ #ifndef yyterminate #define yyterminate() return YY_NULL #endif /* Number of entries by which start-condition stack grows. */ #ifndef YY_START_STACK_INCR #define YY_START_STACK_INCR 25 #endif /* Report a fatal error. */ #ifndef YY_FATAL_ERROR #define YY_FATAL_ERROR(msg) yy_fatal_error( msg ) #endif /* Default declaration of generated scanner - a define so the user can * easily add parameters. */ #ifndef YY_DECL #define YY_DECL int yylex YY_PROTO(( void )) #endif /* Code executed at the beginning of each rule, after yytext and yyleng * have been set up. */ #ifndef YY_USER_ACTION #define YY_USER_ACTION #endif /* Code executed at the end of each rule. */ #ifndef YY_BREAK #define YY_BREAK break; #endif #define YY_RULE_SETUP \ YY_USER_ACTION YY_DECL { register yy_state_type yy_current_state; register char *yy_cp, *yy_bp; register int yy_act; #line 23 "ssl.l" #line 633 "lex.yy.c" if ( yy_init ) { yy_init = 0; #ifdef YY_USER_INIT YY_USER_INIT; #endif if ( ! yy_start ) yy_start = 1; /* first start state */ if ( ! yyin ) yyin = stdin; if ( ! yyout ) yyout = stdout; if ( ! yy_current_buffer ) yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); yy_load_buffer_state(); } while ( 1 ) /* loops until end-of-file is reached */ { yy_cp = yy_c_buf_p; /* Support of yytext. */ *yy_cp = yy_hold_char; /* yy_bp points to the position in yy_ch_buf of the start of * the current run. */ yy_bp = yy_cp; yy_current_state = yy_start; yy_state_ptr = yy_state_buf; *yy_state_ptr++ = yy_current_state; yy_match: do { register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)]; while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; if ( yy_current_state >= 109 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; *yy_state_ptr++ = yy_current_state; ++yy_cp; } while ( yy_base[yy_current_state] != 142 ); yy_find_action: yy_current_state = *--yy_state_ptr; yy_lp = yy_accept[yy_current_state]; find_rule: /* we branch to this label when backing up */ for ( ; ; ) /* until we find what rule we matched */ { if ( yy_lp && yy_lp < yy_accept[yy_current_state + 1] ) { yy_act = yy_acclist[yy_lp]; { yy_full_match = yy_cp; break; } } --yy_cp; yy_current_state = *--yy_state_ptr; yy_lp = yy_accept[yy_current_state]; } YY_DO_BEFORE_ACTION; if ( yy_act != YY_END_OF_BUFFER ) { int yyl; for ( yyl = 0; yyl < yyleng; ++yyl ) if ( yytext[yyl] == '\n' ) ++yylineno; } do_action: /* This label is used only to access EOF actions. */ switch ( yy_act ) { /* beginning of action switch */ case 1: YY_RULE_SETUP #line 25 "ssl.l" {RETURN(DOT_DOT_);} YY_BREAK case 2: YY_RULE_SETUP #line 26 "ssl.l" {RETURN(ENUM_);} YY_BREAK case 3: YY_RULE_SETUP #line 27 "ssl.l" {RETURN(STRUCT_);} YY_BREAK case 4: YY_RULE_SETUP #line 28 "ssl.l" {mkname();RETURN(OPAQUE_);} YY_BREAK case 5: YY_RULE_SETUP #line 29 "ssl.l" {RETURN(SELECT_);} YY_BREAK case 6: YY_RULE_SETUP #line 30 "ssl.l" {RETURN(CONSTANT_);} YY_BREAK case 7: YY_RULE_SETUP #line 31 "ssl.l" {/* Do nothing*/} YY_BREAK case 8: YY_RULE_SETUP #line 32 "ssl.l" {/* Do nothing*/} YY_BREAK case 9: YY_RULE_SETUP #line 33 "ssl.l" {RETURN(CASE_);} YY_BREAK case 10: YY_RULE_SETUP #line 34 "ssl.l" { /*Do nothing*/} YY_BREAK case 11: YY_RULE_SETUP #line 35 "ssl.l" { strcpy(yylval.str,yytext); RETURN(CODE_);} YY_BREAK case 12: YY_RULE_SETUP #line 37 "ssl.l" {/*do nothing*/} YY_BREAK case 13: YY_RULE_SETUP #line 38 "ssl.l" {mkname();RETURN(NAME_);} YY_BREAK case 14: YY_RULE_SETUP #line 39 "ssl.l" {yylval.val=atoi(yytext); RETURN(NUM_);} YY_BREAK case 15: YY_RULE_SETUP #line 40 "ssl.l" {yylval.val=strtol(yytext,0,16); RETURN(NUM_);} YY_BREAK case 16: YY_RULE_SETUP #line 41 "ssl.l" { RETURN('{'); } YY_BREAK case 17: YY_RULE_SETUP #line 42 "ssl.l" { RETURN('}'); } YY_BREAK case 18: YY_RULE_SETUP #line 43 "ssl.l" { RETURN('('); } YY_BREAK case 19: YY_RULE_SETUP #line 44 "ssl.l" { RETURN(')'); } YY_BREAK case 20: YY_RULE_SETUP #line 45 "ssl.l" { RETURN('['); } YY_BREAK case 21: YY_RULE_SETUP #line 46 "ssl.l" { RETURN(']'); } YY_BREAK case 22: YY_RULE_SETUP #line 47 "ssl.l" { RETURN('<'); } YY_BREAK case 23: YY_RULE_SETUP #line 48 "ssl.l" { RETURN('>'); } YY_BREAK case 24: YY_RULE_SETUP #line 49 "ssl.l" { RETURN(';'); } YY_BREAK case 25: YY_RULE_SETUP #line 50 "ssl.l" { RETURN(':'); } YY_BREAK case 26: YY_RULE_SETUP #line 51 "ssl.l" { RETURN(','); } YY_BREAK case 27: YY_RULE_SETUP #line 52 "ssl.l" { RETURN('.'); } YY_BREAK case 28: YY_RULE_SETUP #line 53 "ssl.l" { RETURN('^'); } YY_BREAK case 29: YY_RULE_SETUP #line 54 "ssl.l" { RETURN('-'); } YY_BREAK case 30: YY_RULE_SETUP #line 55 "ssl.l" { RETURN('='); } YY_BREAK case 31: YY_RULE_SETUP #line 56 "ssl.l" { fprintf(stderr,"Invalid input token: %s at %d!!!\n",yytext,yylineno); exit(1); } YY_BREAK case 32: YY_RULE_SETUP #line 60 "ssl.l" ECHO; YY_BREAK #line 886 "lex.yy.c" case YY_STATE_EOF(INITIAL): yyterminate(); case YY_END_OF_BUFFER: { /* Amount of text matched not including the EOB char. */ int yy_amount_of_matched_text = (int) (yy_cp - yytext_ptr) - 1; /* Undo the effects of YY_DO_BEFORE_ACTION. */ *yy_cp = yy_hold_char; YY_RESTORE_YY_MORE_OFFSET if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_NEW ) { /* We're scanning a new file or input source. It's * possible that this happened because the user * just pointed yyin at a new source and called * yylex(). If so, then we have to assure * consistency between yy_current_buffer and our * globals. Here is the right place to do so, because * this is the first action (other than possibly a * back-up) that will match for the new input source. */ yy_n_chars = yy_current_buffer->yy_n_chars; yy_current_buffer->yy_input_file = yyin; yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL; } /* Note that here we test for yy_c_buf_p "<=" to the position * of the first EOB in the buffer, since yy_c_buf_p will * already have been incremented past the NUL character * (since all states make transitions on EOB to the * end-of-buffer state). Contrast this with the test * in input(). */ if ( yy_c_buf_p <= &yy_current_buffer->yy_ch_buf[yy_n_chars] ) { /* This was really a NUL. */ yy_state_type yy_next_state; yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text; yy_current_state = yy_get_previous_state(); /* Okay, we're now positioned to make the NUL * transition. We couldn't have * yy_get_previous_state() go ahead and do it * for us because it doesn't know how to deal * with the possibility of jamming (and we don't * want to build jamming into it because then it * will run more slowly). */ yy_next_state = yy_try_NUL_trans( yy_current_state ); yy_bp = yytext_ptr + YY_MORE_ADJ; if ( yy_next_state ) { /* Consume the NUL. */ yy_cp = ++yy_c_buf_p; yy_current_state = yy_next_state; goto yy_match; } else { yy_cp = yy_c_buf_p; goto yy_find_action; } } else switch ( yy_get_next_buffer() ) { case EOB_ACT_END_OF_FILE: { yy_did_buffer_switch_on_eof = 0; if ( yywrap() ) { /* Note: because we've taken care in * yy_get_next_buffer() to have set up * yytext, we can now set up * yy_c_buf_p so that if some total * hoser (like flex itself) wants to * call the scanner after we return the * YY_NULL, it'll still work - another * YY_NULL will get returned. */ yy_c_buf_p = yytext_ptr + YY_MORE_ADJ; yy_act = YY_STATE_EOF(YY_START); goto do_action; } else { if ( ! yy_did_buffer_switch_on_eof ) YY_NEW_FILE; } break; } case EOB_ACT_CONTINUE_SCAN: yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text; yy_current_state = yy_get_previous_state(); yy_cp = yy_c_buf_p; yy_bp = yytext_ptr + YY_MORE_ADJ; goto yy_match; case EOB_ACT_LAST_MATCH: yy_c_buf_p = &yy_current_buffer->yy_ch_buf[yy_n_chars]; yy_current_state = yy_get_previous_state(); yy_cp = yy_c_buf_p; yy_bp = yytext_ptr + YY_MORE_ADJ; goto yy_find_action; } break; } default: YY_FATAL_ERROR( "fatal flex scanner internal error--no action found" ); } /* end of action switch */ } /* end of scanning one token */ } /* end of yylex */ /* yy_get_next_buffer - try to read in a new buffer * * Returns a code representing an action: * EOB_ACT_LAST_MATCH - * EOB_ACT_CONTINUE_SCAN - continue scanning from current position * EOB_ACT_END_OF_FILE - end of file */ static int yy_get_next_buffer() { register char *dest = yy_current_buffer->yy_ch_buf; register char *source = yytext_ptr; register int number_to_move, i; int ret_val; if ( yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1] ) YY_FATAL_ERROR( "fatal flex scanner internal error--end of buffer missed" ); if ( yy_current_buffer->yy_fill_buffer == 0 ) { /* Don't try to fill the buffer, so this is an EOF. */ if ( yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1 ) { /* We matched a single character, the EOB, so * treat this as a final EOF. */ return EOB_ACT_END_OF_FILE; } else { /* We matched some text prior to the EOB, first * process it. */ return EOB_ACT_LAST_MATCH; } } /* Try to read more data. */ /* First move last chars to start of buffer. */ number_to_move = (int) (yy_c_buf_p - yytext_ptr) - 1; for ( i = 0; i < number_to_move; ++i ) *(dest++) = *(source++); if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING ) /* don't do the read, it's not guaranteed to return an EOF, * just force an EOF */ yy_current_buffer->yy_n_chars = yy_n_chars = 0; else { int num_to_read = yy_current_buffer->yy_buf_size - number_to_move - 1; while ( num_to_read <= 0 ) { /* Not enough room in the buffer - grow it. */ #ifdef YY_USES_REJECT YY_FATAL_ERROR( "input buffer overflow, can't enlarge buffer because scanner uses REJECT" ); #else /* just a shorter name for the current buffer */ YY_BUFFER_STATE b = yy_current_buffer; int yy_c_buf_p_offset = (int) (yy_c_buf_p - b->yy_ch_buf); if ( b->yy_is_our_buffer ) { int new_size = b->yy_buf_size * 2; if ( new_size <= 0 ) b->yy_buf_size += b->yy_buf_size / 8; else b->yy_buf_size *= 2; b->yy_ch_buf = (char *) /* Include room in for 2 EOB chars. */ yy_flex_realloc( (void *) b->yy_ch_buf, b->yy_buf_size + 2 ); } else /* Can't grow it, we don't own it. */ b->yy_ch_buf = 0; if ( ! b->yy_ch_buf ) YY_FATAL_ERROR( "fatal error - scanner input buffer overflow" ); yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset]; num_to_read = yy_current_buffer->yy_buf_size - number_to_move - 1; #endif } if ( num_to_read > YY_READ_BUF_SIZE ) num_to_read = YY_READ_BUF_SIZE; /* Read in more data. */ YY_INPUT( (&yy_current_buffer->yy_ch_buf[number_to_move]), yy_n_chars, num_to_read ); yy_current_buffer->yy_n_chars = yy_n_chars; } if ( yy_n_chars == 0 ) { if ( number_to_move == YY_MORE_ADJ ) { ret_val = EOB_ACT_END_OF_FILE; yyrestart( yyin ); } else { ret_val = EOB_ACT_LAST_MATCH; yy_current_buffer->yy_buffer_status = YY_BUFFER_EOF_PENDING; } } else ret_val = EOB_ACT_CONTINUE_SCAN; yy_n_chars += number_to_move; yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR; yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR; yytext_ptr = &yy_current_buffer->yy_ch_buf[0]; return ret_val; } /* yy_get_previous_state - get the state just before the EOB char was reached */ static yy_state_type yy_get_previous_state() { register yy_state_type yy_current_state; register char *yy_cp; yy_current_state = yy_start; yy_state_ptr = yy_state_buf; *yy_state_ptr++ = yy_current_state; for ( yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp ) { register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; if ( yy_current_state >= 109 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; *yy_state_ptr++ = yy_current_state; } return yy_current_state; } /* yy_try_NUL_trans - try to make a transition on the NUL character * * synopsis * next_state = yy_try_NUL_trans( current_state ); */ #ifdef YY_USE_PROTOS static yy_state_type yy_try_NUL_trans( yy_state_type yy_current_state ) #else static yy_state_type yy_try_NUL_trans( yy_current_state ) yy_state_type yy_current_state; #endif { register int yy_is_jam; register YY_CHAR yy_c = 1; while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; if ( yy_current_state >= 109 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; yy_is_jam = (yy_current_state == 108); if ( ! yy_is_jam ) *yy_state_ptr++ = yy_current_state; return yy_is_jam ? 0 : yy_current_state; } #ifndef YY_NO_UNPUT #ifdef YY_USE_PROTOS static void yyunput( int c, register char *yy_bp ) #else static void yyunput( c, yy_bp ) int c; register char *yy_bp; #endif { register char *yy_cp = yy_c_buf_p; /* undo effects of setting up yytext */ *yy_cp = yy_hold_char; if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 ) { /* need to shift things up to make room */ /* +2 for EOB chars. */ register int number_to_move = yy_n_chars + 2; register char *dest = &yy_current_buffer->yy_ch_buf[ yy_current_buffer->yy_buf_size + 2]; register char *source = &yy_current_buffer->yy_ch_buf[number_to_move]; while ( source > yy_current_buffer->yy_ch_buf ) *--dest = *--source; yy_cp += (int) (dest - source); yy_bp += (int) (dest - source); yy_current_buffer->yy_n_chars = yy_n_chars = yy_current_buffer->yy_buf_size; if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 ) YY_FATAL_ERROR( "flex scanner push-back overflow" ); } *--yy_cp = (char) c; if ( c == '\n' ) --yylineno; yytext_ptr = yy_bp; yy_hold_char = *yy_cp; yy_c_buf_p = yy_cp; } #endif /* ifndef YY_NO_UNPUT */ #ifdef __cplusplus static int yyinput() #else static int input() #endif { int c; *yy_c_buf_p = yy_hold_char; if ( *yy_c_buf_p == YY_END_OF_BUFFER_CHAR ) { /* yy_c_buf_p now points to the character we want to return. * If this occurs *before* the EOB characters, then it's a * valid NUL; if not, then we've hit the end of the buffer. */ if ( yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars] ) /* This was really a NUL. */ *yy_c_buf_p = '\0'; else { /* need more input */ int offset = yy_c_buf_p - yytext_ptr; ++yy_c_buf_p; switch ( yy_get_next_buffer() ) { case EOB_ACT_LAST_MATCH: /* This happens because yy_g_n_b() * sees that we've accumulated a * token and flags that we need to * try matching the token before * proceeding. But for input(), * there's no matching to consider. * So convert the EOB_ACT_LAST_MATCH * to EOB_ACT_END_OF_FILE. */ /* Reset buffer status. */ yyrestart( yyin ); /* fall through */ case EOB_ACT_END_OF_FILE: { if ( yywrap() ) return EOF; if ( ! yy_did_buffer_switch_on_eof ) YY_NEW_FILE; #ifdef __cplusplus return yyinput(); #else return input(); #endif } case EOB_ACT_CONTINUE_SCAN: yy_c_buf_p = yytext_ptr + offset; break; } } } c = *(unsigned char *) yy_c_buf_p; /* cast for 8-bit char's */ *yy_c_buf_p = '\0'; /* preserve yytext */ yy_hold_char = *++yy_c_buf_p; if ( c == '\n' ) ++yylineno; return c; } #ifdef YY_USE_PROTOS void yyrestart( FILE *input_file ) #else void yyrestart( input_file ) FILE *input_file; #endif { if ( ! yy_current_buffer ) yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); yy_init_buffer( yy_current_buffer, input_file ); yy_load_buffer_state(); } #ifdef YY_USE_PROTOS void yy_switch_to_buffer( YY_BUFFER_STATE new_buffer ) #else void yy_switch_to_buffer( new_buffer ) YY_BUFFER_STATE new_buffer; #endif { if ( yy_current_buffer == new_buffer ) return; if ( yy_current_buffer ) { /* Flush out information for old buffer. */ *yy_c_buf_p = yy_hold_char; yy_current_buffer->yy_buf_pos = yy_c_buf_p; yy_current_buffer->yy_n_chars = yy_n_chars; } yy_current_buffer = new_buffer; yy_load_buffer_state(); /* We don't actually know whether we did this switch during * EOF (yywrap()) processing, but the only time this flag * is looked at is after yywrap() is called, so it's safe * to go ahead and always set it. */ yy_did_buffer_switch_on_eof = 1; } #ifdef YY_USE_PROTOS void yy_load_buffer_state( void ) #else void yy_load_buffer_state() #endif { yy_n_chars = yy_current_buffer->yy_n_chars; yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos; yyin = yy_current_buffer->yy_input_file; yy_hold_char = *yy_c_buf_p; } #ifdef YY_USE_PROTOS YY_BUFFER_STATE yy_create_buffer( FILE *file, int size ) #else YY_BUFFER_STATE yy_create_buffer( file, size ) FILE *file; int size; #endif { YY_BUFFER_STATE b; b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) ); if ( ! b ) YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); b->yy_buf_size = size; /* yy_ch_buf has to be 2 characters longer than the size given because * we need to put in 2 end-of-buffer characters. */ b->yy_ch_buf = (char *) yy_flex_alloc( b->yy_buf_size + 2 ); if ( ! b->yy_ch_buf ) YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); b->yy_is_our_buffer = 1; yy_init_buffer( b, file ); return b; } #ifdef YY_USE_PROTOS void yy_delete_buffer( YY_BUFFER_STATE b ) #else void yy_delete_buffer( b ) YY_BUFFER_STATE b; #endif { if ( ! b ) return; if ( b == yy_current_buffer ) yy_current_buffer = (YY_BUFFER_STATE) 0; if ( b->yy_is_our_buffer ) yy_flex_free( (void *) b->yy_ch_buf ); yy_flex_free( (void *) b ); } #ifndef YY_ALWAYS_INTERACTIVE #ifndef YY_NEVER_INTERACTIVE extern int isatty YY_PROTO(( int )); #endif #endif #ifdef YY_USE_PROTOS void yy_init_buffer( YY_BUFFER_STATE b, FILE *file ) #else void yy_init_buffer( b, file ) YY_BUFFER_STATE b; FILE *file; #endif { yy_flush_buffer( b ); b->yy_input_file = file; b->yy_fill_buffer = 1; #if YY_ALWAYS_INTERACTIVE b->yy_is_interactive = 1; #else #if YY_NEVER_INTERACTIVE b->yy_is_interactive = 0; #else b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0; #endif #endif } #ifdef YY_USE_PROTOS void yy_flush_buffer( YY_BUFFER_STATE b ) #else void yy_flush_buffer( b ) YY_BUFFER_STATE b; #endif { if ( ! b ) return; b->yy_n_chars = 0; /* We always need two end-of-buffer characters. The first causes * a transition to the end-of-buffer state. The second causes * a jam in that state. */ b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR; b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR; b->yy_buf_pos = &b->yy_ch_buf[0]; b->yy_at_bol = 1; b->yy_buffer_status = YY_BUFFER_NEW; if ( b == yy_current_buffer ) yy_load_buffer_state(); } #ifndef YY_NO_SCAN_BUFFER #ifdef YY_USE_PROTOS YY_BUFFER_STATE yy_scan_buffer( char *base, yy_size_t size ) #else YY_BUFFER_STATE yy_scan_buffer( base, size ) char *base; yy_size_t size; #endif { YY_BUFFER_STATE b; if ( size < 2 || base[size-2] != YY_END_OF_BUFFER_CHAR || base[size-1] != YY_END_OF_BUFFER_CHAR ) /* They forgot to leave room for the EOB's. */ return 0; b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) ); if ( ! b ) YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" ); b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */ b->yy_buf_pos = b->yy_ch_buf = base; b->yy_is_our_buffer = 0; b->yy_input_file = 0; b->yy_n_chars = b->yy_buf_size; b->yy_is_interactive = 0; b->yy_at_bol = 1; b->yy_fill_buffer = 0; b->yy_buffer_status = YY_BUFFER_NEW; yy_switch_to_buffer( b ); return b; } #endif #ifndef YY_NO_SCAN_STRING #ifdef YY_USE_PROTOS YY_BUFFER_STATE yy_scan_string( yyconst char *yy_str ) #else YY_BUFFER_STATE yy_scan_string( yy_str ) yyconst char *yy_str; #endif { int len; for ( len = 0; yy_str[len]; ++len ) ; return yy_scan_bytes( yy_str, len ); } #endif #ifndef YY_NO_SCAN_BYTES #ifdef YY_USE_PROTOS YY_BUFFER_STATE yy_scan_bytes( yyconst char *bytes, int len ) #else YY_BUFFER_STATE yy_scan_bytes( bytes, len ) yyconst char *bytes; int len; #endif { YY_BUFFER_STATE b; char *buf; yy_size_t n; int i; /* Get memory for full buffer, including space for trailing EOB's. */ n = len + 2; buf = (char *) yy_flex_alloc( n ); if ( ! buf ) YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" ); for ( i = 0; i < len; ++i ) buf[i] = bytes[i]; buf[len] = buf[len+1] = YY_END_OF_BUFFER_CHAR; b = yy_scan_buffer( buf, n ); if ( ! b ) YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" ); /* It's okay to grow etc. this buffer, and we should throw it * away when we're done. */ b->yy_is_our_buffer = 1; return b; } #endif #ifndef YY_NO_PUSH_STATE #ifdef YY_USE_PROTOS static void yy_push_state( int new_state ) #else static void yy_push_state( new_state ) int new_state; #endif { if ( yy_start_stack_ptr >= yy_start_stack_depth ) { yy_size_t new_size; yy_start_stack_depth += YY_START_STACK_INCR; new_size = yy_start_stack_depth * sizeof( int ); if ( ! yy_start_stack ) yy_start_stack = (int *) yy_flex_alloc( new_size ); else yy_start_stack = (int *) yy_flex_realloc( (void *) yy_start_stack, new_size ); if ( ! yy_start_stack ) YY_FATAL_ERROR( "out of memory expanding start-condition stack" ); } yy_start_stack[yy_start_stack_ptr++] = YY_START; BEGIN(new_state); } #endif #ifndef YY_NO_POP_STATE static void yy_pop_state() { if ( --yy_start_stack_ptr < 0 ) YY_FATAL_ERROR( "start-condition stack underflow" ); BEGIN(yy_start_stack[yy_start_stack_ptr]); } #endif #ifndef YY_NO_TOP_STATE static int yy_top_state() { return yy_start_stack[yy_start_stack_ptr - 1]; } #endif #ifndef YY_EXIT_FAILURE #define YY_EXIT_FAILURE 2 #endif #ifdef YY_USE_PROTOS static void yy_fatal_error( yyconst char msg[] ) #else static void yy_fatal_error( msg ) char msg[]; #endif { (void) fprintf( stderr, "%s\n", msg ); exit( YY_EXIT_FAILURE ); } /* Redefine yyless() so it works in section 3 code. */ #undef yyless #define yyless(n) \ do \ { \ /* Undo effects of setting up yytext. */ \ yytext[yyleng] = yy_hold_char; \ yy_c_buf_p = yytext + n; \ yy_hold_char = *yy_c_buf_p; \ *yy_c_buf_p = '\0'; \ yyleng = n; \ } \ while ( 0 ) /* Internal utility routines. */ #ifndef yytext_ptr #ifdef YY_USE_PROTOS static void yy_flex_strncpy( char *s1, yyconst char *s2, int n ) #else static void yy_flex_strncpy( s1, s2, n ) char *s1; yyconst char *s2; int n; #endif { register int i; for ( i = 0; i < n; ++i ) s1[i] = s2[i]; } #endif #ifdef YY_NEED_STRLEN #ifdef YY_USE_PROTOS static int yy_flex_strlen( yyconst char *s ) #else static int yy_flex_strlen( s ) yyconst char *s; #endif { register int n; for ( n = 0; s[n]; ++n ) ; return n; } #endif #ifdef YY_USE_PROTOS static void *yy_flex_alloc( yy_size_t size ) #else static void *yy_flex_alloc( size ) yy_size_t size; #endif { return (void *) malloc( size ); } #ifdef YY_USE_PROTOS static void *yy_flex_realloc( void *ptr, yy_size_t size ) #else static void *yy_flex_realloc( ptr, size ) void *ptr; yy_size_t size; #endif { /* The cast to (char *) in the following accommodates both * implementations that use char* generic pointers, and those * that use void* generic pointers. It works with the latter * because both ANSI C and C++ allow castless assignment from * any pointer type to void*, and deal with argument conversions * as though doing an assignment. */ return (void *) realloc( (char *) ptr, size ); } #ifdef YY_USE_PROTOS static void yy_flex_free( void *ptr ) #else static void yy_flex_free( ptr ) void *ptr; #endif { free( ptr ); } #if YY_MAIN int main() { yylex(); return 0; } #endif #line 60 "ssl.l" int mkname() { #if 0 printf("%s\n",yytext); #endif strcpy(yylval.str,yytext); } ssldump-1.1/ssl/main.c000066400000000000000000000056201354171271700147460ustar00rootroot00000000000000/** main.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: main.c,v 1.2 2000/10/17 16:10:01 ekr Exp $ ekr@rtfm.com Mon Jan 18 16:28:43 1999 */ static char *RCSSTRING="$Id: main.c,v 1.2 2000/10/17 16:10:01 ekr Exp $"; #include #include extern int yydebug; FILE *doth,*dotc; int verr_exit(char *fmt,...) { va_list ap; va_start(ap,fmt); vfprintf(stderr,fmt,ap); exit(1); } int main(argc,argv) int argc; char **argv; { char name[100]; FILE *in; if(!(in=freopen(argv[1],"r",stdin))) verr_exit("Couldn't open input file %s\n",argv[1]); sprintf(name,"%s.c",argv[1]); dotc=fopen(name,"w"); sprintf(name,"%s.h",argv[1]); doth=fopen(name,"w"); fprintf(dotc,"#include \"network.h\"\n#include \"ssl_h.h\"\n#include \"sslprint.h\"\n#include \"sslxprint.h\"\n#ifdef OPENSSL\n#include \n#endif\n"); fprintf(dotc,"#include \"%s\"\n",name); yyparse(); } extern int yylineno; int yywrap() { ;} int yyerror(s) char *s; { printf("Parse error %s at line %d\n",s,yylineno); exit(1); } ssldump-1.1/ssl/ssl.enums000066400000000000000000001125271354171271700155350ustar00rootroot00000000000000 select { ChangeCipherSpec(20) {@ ssl_process_change_cipher_spec(ssl,ssl->decoder,dir); if(dir==DIR_I2R){ ssl->i_state=SSL_ST_SENT_CHANGE_CIPHER_SPEC; } else{ ssl->r_state=SSL_ST_SENT_CHANGE_CIPHER_SPEC; } printf("\n"); return(0); @} , Alert(21) {@ int r; if(ssl->record_encryption==REC_CIPHERTEXT){ printf("\n"); return(0); } if(data->len!=2){ fprintf(stderr,"Wrong length for alert message: %d\n", data->len); ERETURN(R_EOD); } P_(P_HL){ printf("\n"); SSL_DECODE_ENUM(ssl,"level",1,AlertLevel_decoder,P_HL,data,0); printf("\n"); SSL_DECODE_ENUM(ssl,"value",1,AlertDescription_decoder,P_HL,data,0); printf("\n"); } else { SSL_DECODE_ENUM(ssl,0,1,AlertLevel_decoder,SSL_PRINT_ALL,data,0); SSL_DECODE_ENUM(ssl,0,1,AlertDescription_decoder,SSL_PRINT_ALL,data,0); printf("\n"); } return(0); @}, Handshake(22) {@ extern decoder HandshakeType_decoder[]; int r; UINT4 t,l; int rs=0; Data d; if(ssl->record_encryption==REC_CIPHERTEXT){ printf("\n"); return(0); } while(data->len>0){ SSL_DECODE_UINT8(ssl,0,0,data,&t); SSL_DECODE_UINT24(ssl,0,0,data,&l); if(data->lenlen); ERETURN(R_EOD); } d.data=data->data; d.len=l; data->len-=l; data->data+=l; P_(P_HL){ if(!rs){ printf("\n"); rs=1; } } ssl_decode_switch(ssl,HandshakeType_decoder,t,dir,seg,&d); } return(0); @}, application_data(23) {@ int r; Data d; SSL_DECODE_OPAQUE_ARRAY(ssl,"data",data->len,0,data,&d); P_(P_AD){ print_data(ssl,&d); } else { printf("\n"); } return(0); @} , (255) } ContentType; select { HelloRequest(0) {@ printf("\n"); @}, ClientHello(1) {@ UINT4 vj,vn,cs,cslen,complen,comp; Data session_id,random; int r; extern decoder cipher_suite_decoder[]; extern decoder compression_method_decoder[]; printf("\n"); SSL_DECODE_UINT8(ssl,0,0,data,&vj); SSL_DECODE_UINT8(ssl,0,0,data,&vn); P_(P_HL) {explain(ssl,"Version %d.%d ",vj,vn); printf("\n"); } SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&random); ssl_set_client_random(ssl->decoder,random.data,random.len); SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,0,data,&session_id); ssl_set_client_session_id(ssl->decoder,session_id.data,session_id.len); P_(P_HL){ if(session_id.len) exdump(ssl,"resume ",&session_id); } P_(P_HL){ SSL_DECODE_UINT16(ssl,"cipher Suites len",0,data,&cslen); explain(ssl,"cipher suites\n"); for(;cslen;cslen-=2){ ssl_decode_enum(ssl,0,2,cipher_suite_decoder, 0,data,&cs); ssl_print_cipher_suite(ssl,(vj<<8)|vn,P_HL,cs); printf("\n"); } } SSL_DECODE_UINT8(ssl,"compressionMethod len",0,data,&complen); if(complen){ explain(ssl,"compression methods\n"); for(;complen;complen--){ SSL_DECODE_ENUM(ssl,0,1,compression_method_decoder,P_HL,data,&comp); printf("\n"); } } return(0); @}, ServerHello(2) {@ int r; Data rnd,session_id; UINT4 vj,vn; printf("\n"); SSL_DECODE_UINT8(ssl,0,0,data,&vj); SSL_DECODE_UINT8(ssl,0,0,data,&vn); ssl->version=vj*256+vn; P_(P_HL) {explain(ssl,"Version %d.%d ",vj,vn); printf("\n"); } SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&rnd); ssl_set_server_random(ssl->decoder,rnd.data,rnd.len); SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,P_HL,data,&session_id); SSL_DECODE_ENUM(ssl,"cipherSuite",2,cipher_suite_decoder, 0,data,&ssl->cipher_suite); P_(P_HL){ explain(ssl,"cipherSuite "); ssl_print_cipher_suite(ssl,ssl->version,P_HL,ssl->cipher_suite); } ssl_find_cipher(ssl->cipher_suite,&ssl->cs); ssl_process_server_session_id(ssl,ssl->decoder,session_id.data, session_id.len); P_(P_HL) printf("\n"); SSL_DECODE_ENUM(ssl,"compressionMethod",1,compression_method_decoder,P_HL,data,0); P_(P_HL) printf("\n"); return(0); @}, Certificate(11) {@ UINT4 len; Data cert; int r; printf("\n"); SSL_DECODE_UINT24(ssl,"certificates len",0,data,&len); while(len){ SSL_DECODE_OPAQUE_ARRAY(ssl,"certificate",-((1<<23)-1), 0,data,&cert); sslx_print_certificate(ssl,&cert,P_ND); len-=(cert.len + 3); } return(0); @}, ServerKeyExchange (12) {@ int r; printf("\n"); if(ssl->cs){ P_(P_ND){ explain(ssl,"params\n"); } INDENT_INCR; switch(ssl->cs->kex){ case KEX_DH: SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_p",-((1<<15)-1),P_ND,data,0); SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_g",-((1<<15)-1),P_ND,data,0); SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_Ys",-((1<<15)-1),P_ND,data,0); break; case KEX_RSA: SSL_DECODE_OPAQUE_ARRAY(ssl,"RSA_modulus",-((1<<15)-1),P_ND,data,0); SSL_DECODE_OPAQUE_ARRAY(ssl,"RSA_exponent",-((1<<15)-1),P_ND,data,0); break; } INDENT_POP; SSL_DECODE_OPAQUE_ARRAY(ssl,"signature",-((1<<15)-1),P_ND,data,0); } return(0); @} , CertificateRequest(13) {@ UINT4 len; Data ca; int r; printf("\n"); SSL_DECODE_UINT8(ssl,"certificate_types len",0,data,&len); for(;len;len--){ SSL_DECODE_ENUM(ssl,"certificate_types",1, client_certificate_type_decoder, P_HL,data,0); P_(P_HL){ printf("\n"); } }; SSL_DECODE_UINT16(ssl,"certificate_authorities len",0,data,&len); while(len){ SSL_DECODE_OPAQUE_ARRAY(ssl,"certificate_authorities", -((1<<15)-1),0,data,&ca); explain(ssl,"certificate_authority\n"); INDENT_INCR; sslx_print_dn(ssl,&ca,P_HL); INDENT_POP; len-=(ca.len + 2); } return(0); @} , ServerHelloDone(14) {@ printf("\n"); @}, CertificateVerify(15) {@ int r; printf("\n"); SSL_DECODE_OPAQUE_ARRAY(ssl,"Signature",-(1<<15-1),P_HL,data,0); return(0); @} , ClientKeyExchange(16) {@ int r; Data pms; printf("\n"); if(ssl->cs){ switch(ssl->cs->kex){ case KEX_RSA: if(ssl->version > 768) { SSL_DECODE_OPAQUE_ARRAY(ssl,"EncryptedPreMasterSecret",-(1<<15-1), P_ND,data,&pms); } else { SSL_DECODE_OPAQUE_ARRAY(ssl,"EncryptedPreMasterSecret",data->len,P_ND,data,&pms); } ssl_process_client_key_exchange(ssl, ssl->decoder,pms.data,pms.len); break; case KEX_DH: SSL_DECODE_OPAQUE_ARRAY(ssl,"DiffieHellmanClientPublicValue", -(1<<15-1),P_HL,data,0); } } return(0); @} , Finished(20) {@ int r; printf("\n"); switch(ssl->version){ case 0x300: SSL_DECODE_OPAQUE_ARRAY(ssl,"md5_hash",16,P_ND,data,0); SSL_DECODE_OPAQUE_ARRAY(ssl,"sha_hash",20,P_ND,data,0); break; case 0x301: SSL_DECODE_OPAQUE_ARRAY(ssl,"verify_data",12,P_ND,data,0); P_(P_ND) printf("\n"); break; } return (0); @} , (255) } HandshakeType; constant { // https://www.iana.org/assignments/tls-parameters/tls-parameters.txt CipherSuite TLS_NULL_WITH_NULL_NULL = { 0x00,0x00 }; CipherSuite TLS_RSA_WITH_NULL_MD5 = { 0x00,0x01 }; CipherSuite TLS_RSA_WITH_NULL_SHA = { 0x00,0x02 }; CipherSuite TLS_RSA_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x03 }; CipherSuite TLS_RSA_WITH_RC4_128_MD5 = { 0x00,0x04 }; CipherSuite TLS_RSA_WITH_RC4_128_SHA = { 0x00,0x05 }; CipherSuite TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = { 0x00,0x06 }; CipherSuite TLS_RSA_WITH_IDEA_CBC_SHA = { 0x00,0x07 }; CipherSuite TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x08 }; CipherSuite TLS_RSA_WITH_DES_CBC_SHA = { 0x00,0x09 }; CipherSuite TLS_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0A }; CipherSuite TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0B }; CipherSuite TLS_DH_DSS_WITH_DES_CBC_SHA = { 0x00,0x0C }; CipherSuite TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x0D }; CipherSuite TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x0E }; CipherSuite TLS_DH_RSA_WITH_DES_CBC_SHA = { 0x00,0x0F }; CipherSuite TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x10 }; CipherSuite TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x11 }; CipherSuite TLS_DHE_DSS_WITH_DES_CBC_SHA = { 0x00,0x12 }; CipherSuite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = { 0x00,0x13 }; CipherSuite TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x14 }; CipherSuite TLS_DHE_RSA_WITH_DES_CBC_SHA = { 0x00,0x15 }; CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x16 }; CipherSuite TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x17 }; CipherSuite TLS_DH_anon_WITH_RC4_128_MD5 = { 0x00,0x18 }; CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 }; CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A }; CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B }; CipherSuite TLS_KRB5_WITH_DES_CBC_SHA = { 0x00,0x1E }; CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1F }; CipherSuite TLS_KRB5_WITH_RC4_128_SHA = { 0x00,0x20 }; CipherSuite TLS_KRB5_WITH_IDEA_CBC_SHA = { 0x00,0x21 }; CipherSuite TLS_KRB5_WITH_DES_CBC_MD5 = { 0x00,0x22 }; CipherSuite TLS_KRB5_WITH_3DES_EDE_CBC_MD5 = { 0x00,0x23 }; CipherSuite TLS_KRB5_WITH_RC4_128_MD5 = { 0x00,0x24 }; CipherSuite TLS_KRB5_WITH_IDEA_CBC_MD5 = { 0x00,0x25 }; CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA = { 0x00,0x26 }; CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA = { 0x00,0x27 }; CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_SHA = { 0x00,0x28 }; CipherSuite TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 = { 0x00,0x29 }; CipherSuite TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 = { 0x00,0x2A }; CipherSuite TLS_KRB5_EXPORT_WITH_RC4_40_MD5 = { 0x00,0x2B }; CipherSuite TLS_PSK_WITH_NULL_SHA = { 0x00,0x2C }; CipherSuite TLS_DHE_PSK_WITH_NULL_SHA = { 0x00,0x2D }; CipherSuite TLS_RSA_PSK_WITH_NULL_SHA = { 0x00,0x2E }; CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x2F }; CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x30 }; CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x31 }; CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x32 }; CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x33 }; CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA = { 0x00,0x34 }; CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x35 }; CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x36 }; CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x37 }; CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x38 }; CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x39 }; CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA = { 0x00,0x3A }; CipherSuite TLS_RSA_WITH_NULL_SHA256 = { 0x00,0x3B }; CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x3C }; CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x3D }; CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = { 0x00,0x3E }; CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x3F }; CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = { 0x00,0x40 }; CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x41 }; CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x42 }; CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x43 }; CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x44 }; CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x45 }; CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = { 0x00,0x46 }; CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = { 0x00,0x67 }; CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = { 0x00,0x68 }; CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x69 }; CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = { 0x00,0x6A }; CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = { 0x00,0x6B }; CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA256 = { 0x00,0x6C }; CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA256 = { 0x00,0x6D }; CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x84 }; CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x85 }; CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x86 }; CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x87 }; CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x88 }; CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = { 0x00,0x89 }; CipherSuite TLS_PSK_WITH_RC4_128_SHA = { 0x00,0x8A }; CipherSuite TLS_PSK_WITH_3DES_EDE_CBC_SHA = { 0x00,0x8B }; CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA = { 0x00,0x8C }; CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA = { 0x00,0x8D }; CipherSuite TLS_DHE_PSK_WITH_RC4_128_SHA = { 0x00,0x8E }; CipherSuite TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = { 0x00,0x8F }; CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA = { 0x00,0x90 }; CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA = { 0x00,0x91 }; CipherSuite TLS_RSA_PSK_WITH_RC4_128_SHA = { 0x00,0x92 }; CipherSuite TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = { 0x00,0x93 }; CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA = { 0x00,0x94 }; CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA = { 0x00,0x95 }; CipherSuite TLS_RSA_WITH_SEED_CBC_SHA = { 0x00,0x96 }; CipherSuite TLS_DH_DSS_WITH_SEED_CBC_SHA = { 0x00,0x97 }; CipherSuite TLS_DH_RSA_WITH_SEED_CBC_SHA = { 0x00,0x98 }; CipherSuite TLS_DHE_DSS_WITH_SEED_CBC_SHA = { 0x00,0x99 }; CipherSuite TLS_DHE_RSA_WITH_SEED_CBC_SHA = { 0x00,0x9A }; CipherSuite TLS_DH_anon_WITH_SEED_CBC_SHA = { 0x00,0x9B }; CipherSuite TLS_RSA_WITH_AES_128_GCM_SHA256 = { 0x00,0x9C }; CipherSuite TLS_RSA_WITH_AES_256_GCM_SHA384 = { 0x00,0x9D }; CipherSuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = { 0x00,0x9E }; CipherSuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = { 0x00,0x9F }; CipherSuite TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = { 0x00,0xA0 }; CipherSuite TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = { 0x00,0xA1 }; CipherSuite TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = { 0x00,0xA2 }; CipherSuite TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = { 0x00,0xA3 }; CipherSuite TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = { 0x00,0xA4 }; CipherSuite TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = { 0x00,0xA5 }; CipherSuite TLS_DH_anon_WITH_AES_128_GCM_SHA256 = { 0x00,0xA6 }; CipherSuite TLS_DH_anon_WITH_AES_256_GCM_SHA384 = { 0x00,0xA7 }; CipherSuite TLS_PSK_WITH_AES_128_GCM_SHA256 = { 0x00,0xA8 }; CipherSuite TLS_PSK_WITH_AES_256_GCM_SHA384 = { 0x00,0xA9 }; CipherSuite TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = { 0x00,0xAA }; CipherSuite TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = { 0x00,0xAB }; CipherSuite TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = { 0x00,0xAC }; CipherSuite TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = { 0x00,0xAD }; CipherSuite TLS_PSK_WITH_AES_128_CBC_SHA256 = { 0x00,0xAE }; CipherSuite TLS_PSK_WITH_AES_256_CBC_SHA384 = { 0x00,0xAF }; CipherSuite TLS_PSK_WITH_NULL_SHA256 = { 0x00,0xB0 }; CipherSuite TLS_PSK_WITH_NULL_SHA384 = { 0x00,0xB1 }; CipherSuite TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = { 0x00,0xB2 }; CipherSuite TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = { 0x00,0xB3 }; CipherSuite TLS_DHE_PSK_WITH_NULL_SHA256 = { 0x00,0xB4 }; CipherSuite TLS_DHE_PSK_WITH_NULL_SHA384 = { 0x00,0xB5 }; CipherSuite TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = { 0x00,0xB6 }; CipherSuite TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = { 0x00,0xB7 }; CipherSuite TLS_RSA_PSK_WITH_NULL_SHA256 = { 0x00,0xB8 }; CipherSuite TLS_RSA_PSK_WITH_NULL_SHA384 = { 0x00,0xB9 }; CipherSuite TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBA }; CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBB }; CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBC }; CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBD }; CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBE }; CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = { 0x00,0xBF }; CipherSuite TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC0 }; CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC1 }; CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC2 }; CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC3 }; CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC4 }; CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = { 0x00,0xC5 }; CipherSuite TLS_EMPTY_RENEGOTIATION_INFO_SCSV = { 0x00,0xFF }; CipherSuite TLS_ECDH_ECDSA_WITH_NULL_SHA = { 0xC0,0x01 }; CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA = { 0xC0,0x02 }; CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x03 }; CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = { 0xC0,0x04 }; CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = { 0xC0,0x05 }; CipherSuite TLS_ECDHE_ECDSA_WITH_NULL_SHA = { 0xC0,0x06 }; CipherSuite TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = { 0xC0,0x07 }; CipherSuite TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x08 }; CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = { 0xC0,0x09 }; CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = { 0xC0,0x0A }; CipherSuite TLS_ECDH_RSA_WITH_NULL_SHA = { 0xC0,0x0B }; CipherSuite TLS_ECDH_RSA_WITH_RC4_128_SHA = { 0xC0,0x0C }; CipherSuite TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x0D }; CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = { 0xC0,0x0E }; CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = { 0xC0,0x0F }; CipherSuite TLS_ECDHE_RSA_WITH_NULL_SHA = { 0xC0,0x10 }; CipherSuite TLS_ECDHE_RSA_WITH_RC4_128_SHA = { 0xC0,0x11 }; CipherSuite TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x12 }; CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = { 0xC0,0x13 }; CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = { 0xC0,0x14 }; CipherSuite TLS_ECDH_anon_WITH_NULL_SHA = { 0xC0,0x15 }; CipherSuite TLS_ECDH_anon_WITH_RC4_128_SHA = { 0xC0,0x16 }; CipherSuite TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x17 }; CipherSuite TLS_ECDH_anon_WITH_AES_128_CBC_SHA = { 0xC0,0x18 }; CipherSuite TLS_ECDH_anon_WITH_AES_256_CBC_SHA = { 0xC0,0x19 }; CipherSuite TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x1A }; CipherSuite TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x1B }; CipherSuite TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x1C }; CipherSuite TLS_SRP_SHA_WITH_AES_128_CBC_SHA = { 0xC0,0x1D }; CipherSuite TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = { 0xC0,0x1E }; CipherSuite TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = { 0xC0,0x1F }; CipherSuite TLS_SRP_SHA_WITH_AES_256_CBC_SHA = { 0xC0,0x20 }; CipherSuite TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = { 0xC0,0x21 }; CipherSuite TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = { 0xC0,0x22 }; CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x23 }; CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x24 }; CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x25 }; CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x26 }; CipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x27 }; CipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x28 }; CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = { 0xC0,0x29 }; CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = { 0xC0,0x2A }; CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x2B }; CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x2C }; CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x2D }; CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x2E }; CipherSuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x2F }; CipherSuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x30 }; CipherSuite TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = { 0xC0,0x31 }; CipherSuite TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = { 0xC0,0x32 }; CipherSuite TLS_ECDHE_PSK_WITH_RC4_128_SHA = { 0xC0,0x33 }; CipherSuite TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = { 0xC0,0x34 }; CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = { 0xC0,0x35 }; CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = { 0xC0,0x36 }; CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = { 0xC0,0x37 }; CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = { 0xC0,0x38 }; CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA = { 0xC0,0x39 }; CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA256 = { 0xC0,0x3A }; CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA384 = { 0xC0,0x3B }; CipherSuite TLS_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x3C }; CipherSuite TLS_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x3D }; CipherSuite TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x3E }; CipherSuite TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x3F }; CipherSuite TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x40 }; CipherSuite TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x41 }; CipherSuite TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x42 }; CipherSuite TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x43 }; CipherSuite TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x44 }; CipherSuite TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x45 }; CipherSuite TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x46 }; CipherSuite TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x47 }; CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x48 }; CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x49 }; CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x4A }; CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x4B }; CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x4C }; CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x4D }; CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x4E }; CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x4F }; CipherSuite TLS_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x50 }; CipherSuite TLS_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x51 }; CipherSuite TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x52 }; CipherSuite TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x53 }; CipherSuite TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x54 }; CipherSuite TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x55 }; CipherSuite TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x56 }; CipherSuite TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x57 }; CipherSuite TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x58 }; CipherSuite TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x59 }; CipherSuite TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x5A }; CipherSuite TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x5B }; CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x5C }; CipherSuite TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x5D }; CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x5E }; CipherSuite TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x5F }; CipherSuite TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x60 }; CipherSuite TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x61 }; CipherSuite TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x62 }; CipherSuite TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x63 }; CipherSuite TLS_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x64 }; CipherSuite TLS_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x65 }; CipherSuite TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x66 }; CipherSuite TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x67 }; CipherSuite TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x68 }; CipherSuite TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x69 }; CipherSuite TLS_PSK_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x6A }; CipherSuite TLS_PSK_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x6B }; CipherSuite TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x6C }; CipherSuite TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x6D }; CipherSuite TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = { 0xC0,0x6E }; CipherSuite TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = { 0xC0,0x6F }; CipherSuite TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 = { 0xC0,0x70 }; CipherSuite TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 = { 0xC0,0x71 }; CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x72 }; CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x73 }; CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x74 }; CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x75 }; CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x76 }; CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x77 }; CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x78 }; CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x79 }; CipherSuite TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x7A }; CipherSuite TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x7B }; CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x7C }; CipherSuite TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x7D }; CipherSuite TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x7E }; CipherSuite TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x7F }; CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x80 }; CipherSuite TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x81 }; CipherSuite TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x82 }; CipherSuite TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x83 }; CipherSuite TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x84 }; CipherSuite TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x85 }; CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x86 }; CipherSuite TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x87 }; CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x88 }; CipherSuite TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x89 }; CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x8A }; CipherSuite TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x8B }; CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x8C }; CipherSuite TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x8D }; CipherSuite TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x8E }; CipherSuite TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x8F }; CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x90 }; CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x91 }; CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 = { 0xC0,0x92 }; CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 = { 0xC0,0x93 }; CipherSuite TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x94 }; CipherSuite TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x95 }; CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x96 }; CipherSuite TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x97 }; CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x98 }; CipherSuite TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x99 }; CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = { 0xC0,0x9A }; CipherSuite TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = { 0xC0,0x9B }; CipherSuite TLS_RSA_WITH_AES_128_CCM = { 0xC0,0x9C }; CipherSuite TLS_RSA_WITH_AES_256_CCM = { 0xC0,0x9D }; CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM = { 0xC0,0x9E }; CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM = { 0xC0,0x9F }; CipherSuite TLS_RSA_WITH_AES_128_CCM_8 = { 0xC0,0xA0 }; CipherSuite TLS_RSA_WITH_AES_256_CCM_8 = { 0xC0,0xA1 }; CipherSuite TLS_DHE_RSA_WITH_AES_128_CCM_8 = { 0xC0,0xA2 }; CipherSuite TLS_DHE_RSA_WITH_AES_256_CCM_8 = { 0xC0,0xA3 }; CipherSuite TLS_PSK_WITH_AES_128_CCM = { 0xC0,0xA4 }; CipherSuite TLS_PSK_WITH_AES_256_CCM = { 0xC0,0xA5 }; CipherSuite TLS_DHE_PSK_WITH_AES_128_CCM = { 0xC0,0xA6 }; CipherSuite TLS_DHE_PSK_WITH_AES_256_CCM = { 0xC0,0xA7 }; CipherSuite TLS_PSK_WITH_AES_128_CCM_8 = { 0xC0,0xA8 }; CipherSuite TLS_PSK_WITH_AES_256_CCM_8 = { 0xC0,0xA9 }; CipherSuite TLS_PSK_DHE_WITH_AES_128_CCM_8 = { 0xC0,0xAA }; CipherSuite TLS_PSK_DHE_WITH_AES_256_CCM_8 = { 0xC0,0xAB }; CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM = { 0xC0,0xAC }; CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM = { 0xC0,0xAD }; CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = { 0xC0,0xAE }; CipherSuite TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = { 0xC0,0xAF }; CipherSuite TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = { 0xCC,0xA8 }; CipherSuite TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = { 0xCC,0xA9 }; CipherSuite TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = { 0xCC,0xAA }; CipherSuite TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 = { 0xCC,0xAB }; CipherSuite TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = { 0xCC,0xAC }; CipherSuite TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = { 0xCC,0xAD }; CipherSuite TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 = { 0xCC,0xAE }; CipherSuite TLS_FALLBACK_SCSV = { 0x56,0x00 }; // New PSK ciphers introduced by TLS 1.3 // https://tlswg.github.io/tls13-spec/#rfc.appendix.A.4 CipherSuite TLS_AES_128_GCM_SHA256 = { 0x13,0x01 }; CipherSuite TLS_AES_256_GCM_SHA384 = { 0x13,0x02 }; CipherSuite TLS_CHACHA20_POLY1305_SHA256 = { 0x13,0x03 }; CipherSuite TLS_AES_128_CCM_SHA256 = { 0x13,0x04 }; CipherSuite TLS_AES_128_CCM_8_SHA256 = { 0x13,0x05 }; // DRAFT-IETF-TLS-ECC CipherSuite TLS_ECDH_ECDSA_WITH_NULL_SHA = { 0x00,0x47 }; CipherSuite TLS_ECDH_ECDSA_WITH_RC4_128_SHA = { 0x00,0x48 }; CipherSuite TLS_ECDH_ECDSA_WITH_DES_CBC_SHA = { 0x00,0x49 }; CipherSuite TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x4A }; CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = { 0x00,0x4B }; CipherSuite TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = { 0x00,0x4C }; CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA = { 0x00,0x4B }; CipherSuite TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA = { 0x00,0x4C }; CipherSuite TLS_ECDH_RSA_WITH_NULL_SHA = { 0x00,0x4D }; CipherSuite TLS_ECDH_RSA_WITH_RC4_128_SHA = { 0x00,0x4E }; CipherSuite TLS_ECDH_RSA_WITH_DES_CBC_SHA = { 0x00,0x4F }; CipherSuite TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x50 }; CipherSuite TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x51 }; CipherSuite TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x52 }; CipherSuite TLS_ECDH_RSA_EXPORT_WITH_RC4_40_SHA = { 0x00,0x53 }; CipherSuite TLS_ECDH_RSA_EXPORT_WITH_RC4_56_SHA = { 0x00,0x54 }; CipherSuite TLS_ECDH_anon_NULL_WITH_SHA = { 0x00,0x55 }; CipherSuite TLS_ECDH_anon_WITH_RC4_128_SHA = { 0x00,0x56 }; CipherSuite TLS_ECDH_anon_WITH_DES_CBC_SHA = { 0x00,0x57 }; CipherSuite TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x58 }; CipherSuite TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x59 }; CipherSuite TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA = { 0x00,0x5A }; // DRAFT-IETF-TLS-56-BIT-CIPHERSUITES CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 }; CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 }; CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 }; CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x63 }; CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x64 }; CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x65 }; CipherSuite TLS_DHE_DSS_WITH_RC4_128_SHA = { 0x00,0x66 }; // FIPS SSL (Netscape) CipherSuite SSL_RSA_FIPS_WITH_DES_CBC_SHA = { 0xFE,0xFE }; CipherSuite SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = { 0xFE,0xFF }; // SSL 2.0 CipherSuite SSL2_RC4_128_WITH_MD5 = { 0x01,0x00,0x80 }; CipherSuite SSL2_RC4_128_EXPORT40_WITH_MD5 = { 0x02,0x00,0x80 }; CipherSuite SSL2_RC2_CBC_128_CBC_WITH_MD5 = { 0x03,0x00,0x80 }; CipherSuite SSL2_RC2_128_CBC_EXPORT40_WITH_MD5 = { 0x04,0x00,0x80 }; CipherSuite SSL2_IDEA_128_CBC_WITH_MD5 = { 0x05,0x00,0x80 }; CipherSuite SSL2_DES_64_CBC_WITH_MD5 = { 0x06,0x00,0x40 }; CipherSuite SSL2_DES_64_CBC_WITH_SHA = { 0x06,0x01,0x40 }; CipherSuite SSL2_DES_192_EDE3_CBC_WITH_MD5 = { 0x07,0x00,0xc0 }; CipherSuite SSL2_DES_192_EDE3_CBC_WITH_SHA = { 0x07,0x01,0xc0 }; CipherSuite SSL2_RC4_64_WITH_MD5 = { 0x08,0x00,0x80 }; } cipher_suite; select { warning(1), fatal(2), (255) } AlertLevel; select { close_notify(0), unexpected_message(10), bad_record_mac(20), decryption_failed(21), record_overflow(22), decompression_failure(30), handshake_failure(40), bad_certificate(42), unsupported_certificate(43), certificate_revoked(44), certificate_expired(45), certificate_unknown(46), illegal_parameter(47), unknown_ca(48), access_denied(49), decode_error(50), decrypt_error(51), export_restriction(60), protocol_version(70), insufficient_security(71), internal_error(80), user_canceled(90), no_renegotiation(100), (255) } AlertDescription; constant { CompressionMethod NULL={0}; } compression_method; select { rsa_sign(1), dss_sign(2), rsa_fixed_dh(3), dss_fixed_dh(4), (255) } client_certificate_type; ssldump-1.1/ssl/ssl.enums.c000066400000000000000000001252371354171271700157600ustar00rootroot00000000000000#include "network.h" #include "ssl_h.h" #include "sslprint.h" #include "sslxprint.h" #ifdef OPENSSL #include #endif #include "ssl.enums.h" static int decode_extension(ssl_obj *ssl, int dir, segment *seg, Data *data); static int decode_server_name(ssl_obj *ssl, int dir, segment *seg, Data *data); static int decode_ContentType_ChangeCipherSpec(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { ssl_process_change_cipher_spec(ssl,ssl->decoder,dir); if(dir==DIR_I2R){ ssl->i_state=SSL_ST_SENT_CHANGE_CIPHER_SPEC; } else{ ssl->r_state=SSL_ST_SENT_CHANGE_CIPHER_SPEC; } printf("\n"); return(0); } static int decode_ContentType_Alert(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int r; if(ssl->record_encryption==REC_CIPHERTEXT){ printf("\n"); return(0); } if(data->len!=2){ fprintf(stderr,"Wrong length for alert message: %d\n", data->len); ERETURN(R_EOD); } P_(P_HL){ printf("\n"); SSL_DECODE_ENUM(ssl,"level",1,AlertLevel_decoder,P_HL,data,0); printf("\n"); SSL_DECODE_ENUM(ssl,"value",1,AlertDescription_decoder,P_HL,data,0); printf("\n"); } else { SSL_DECODE_ENUM(ssl,0,1,AlertLevel_decoder,SSL_PRINT_ALL,data,0); SSL_DECODE_ENUM(ssl,0,1,AlertDescription_decoder,SSL_PRINT_ALL,data,0); printf("\n"); } return(0); } static int decode_ContentType_Handshake(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { extern decoder HandshakeType_decoder[]; int r; UINT4 t,l; int rs=0; Data d; if(ssl->record_encryption==REC_CIPHERTEXT){ printf("\n"); return(0); } while(data->len>0){ SSL_DECODE_UINT8(ssl,0,0,data,&t); SSL_DECODE_UINT24(ssl,0,0,data,&l); if(data->lenlen); ERETURN(R_EOD); } d.data=data->data; d.len=l; data->len-=l; data->data+=l; P_(P_HL){ if(!rs){ printf("\n"); rs=1; } } ssl_decode_switch(ssl,HandshakeType_decoder,t,dir,seg,&d); } return(0); } static int decode_ContentType_application_data(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int r; Data d; SSL_DECODE_OPAQUE_ARRAY(ssl,"data",data->len,0,data,&d); P_(P_AD){ print_data(ssl,&d); } else { printf("\n"); } return(0); } decoder ContentType_decoder[]={ { 20, "ChangeCipherSpec", decode_ContentType_ChangeCipherSpec }, { 21, "Alert", decode_ContentType_Alert }, { 22, "Handshake", decode_ContentType_Handshake }, { 23, "application_data", decode_ContentType_application_data }, {-1} }; static int decode_HandshakeType_HelloRequest(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { printf("\n"); return(0); } static int decode_HandshakeType_ClientHello(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { UINT4 vj,vn,cs,cslen,complen,comp,odd,exlen,ex; Data session_id,random; int r; extern decoder cipher_suite_decoder[]; extern decoder compression_method_decoder[]; extern decoder extension_decoder[]; printf("\n"); ssl_update_handshake_messages(ssl,data); SSL_DECODE_UINT8(ssl,0,0,data,&vj); SSL_DECODE_UINT8(ssl,0,0,data,&vn); P_(P_HL) {explain(ssl,"Version %d.%d ",vj,vn); printf("\n"); } SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&random); ssl_set_client_random(ssl->decoder,random.data,random.len); SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,0,data,&session_id); ssl_set_client_session_id(ssl->decoder,session_id.data,session_id.len); P_(P_HL){ if(session_id.len) exdump(ssl,"resume ",&session_id); } P_(P_HL){ SSL_DECODE_UINT16(ssl,"cipher Suites len",0,data,&cslen); explain(ssl,"cipher suites\n"); odd = cslen % 2; if(odd) { printf("Wrong cipher suites length, fixing ...\n"); cslen -= odd; } for(;cslen;cslen-=2){ ssl_decode_enum(ssl,0,2,cipher_suite_decoder, 0,data,&cs); ssl_print_cipher_suite(ssl,(vj<<8)|vn,P_HL,cs); printf("\n"); } } SSL_DECODE_UINT8(ssl,"compressionMethod len",0,data,&complen); if(complen){ explain(ssl,"compression methods\n"); for(;complen;complen--){ SSL_DECODE_ENUM(ssl,0,1,compression_method_decoder,P_HL,data,&comp); printf("\n"); } } SSL_DECODE_UINT16(ssl,"extensions len",0,data,&exlen); if (exlen) { explain(ssl , "extensions\n"); while(data->len) { SSL_DECODE_UINT16(ssl, "extension type", 0, data, &ex); if (ssl_decode_switch(ssl,extension_decoder,ex,dir,seg,data) == R_NOT_FOUND) { decode_extension(ssl,dir,seg,data); P_(P_RH){ explain(ssl, "Extension type: %s not yet implemented in ssldump", ex); } continue; } printf("\n"); } } return(0); } static int decode_HandshakeType_ServerHello(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int r; Data rnd,session_id; UINT4 vj,vn,exlen,ex; extern decoder extension_decoder[]; printf("\n"); ssl_update_handshake_messages(ssl,data); SSL_DECODE_UINT8(ssl,0,0,data,&vj); SSL_DECODE_UINT8(ssl,0,0,data,&vn); ssl->version=vj*256+vn; P_(P_HL) {explain(ssl,"Version %d.%d ",vj,vn); printf("\n"); } SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&rnd); ssl_set_server_random(ssl->decoder,rnd.data,rnd.len); SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,P_HL,data,&session_id); SSL_DECODE_ENUM(ssl,"cipherSuite",2,cipher_suite_decoder, 0,data,&ssl->cipher_suite); P_(P_HL){ explain(ssl,"cipherSuite "); ssl_print_cipher_suite(ssl,ssl->version,P_HL,ssl->cipher_suite); } ssl_find_cipher(ssl->cipher_suite,&ssl->cs); ssl_process_server_session_id(ssl,ssl->decoder,session_id.data, session_id.len); P_(P_HL) printf("\n"); SSL_DECODE_ENUM(ssl,"compressionMethod",1,compression_method_decoder,P_HL,data,0); P_(P_HL) printf("\n"); SSL_DECODE_UINT16(ssl,"extensions len",0,data,&exlen); if (exlen) { explain(ssl , "extensions\n"); while(data->len) { SSL_DECODE_UINT16(ssl, "extension type", 0, data, &ex); if (ssl_decode_switch(ssl,extension_decoder,ex,dir,seg,data) == R_NOT_FOUND) { decode_extension(ssl,dir,seg,data); P_(P_RH){ explain(ssl, "Extension type: %s not yet implemented in ssldump", ex); } continue; } printf("\n"); } } return(0); } static int decode_HandshakeType_Certificate(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { UINT4 len; Data cert; int r; printf("\n"); ssl_update_handshake_messages(ssl,data); SSL_DECODE_UINT24(ssl,"certificates len",0,data,&len); while(len){ SSL_DECODE_OPAQUE_ARRAY(ssl,"certificate",-((1<<23)-1), 0,data,&cert); sslx_print_certificate(ssl,&cert,P_ND); len-=(cert.len + 3); } return(0); } static int decode_HandshakeType_ServerKeyExchange(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int r; printf("\n"); ssl_update_handshake_messages(ssl,data); if(ssl->cs){ P_(P_ND){ explain(ssl,"params\n"); } INDENT_INCR; switch(ssl->cs->kex){ case KEX_DH: SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_p",-((1<<15)-1),P_ND,data,0); SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_g",-((1<<15)-1),P_ND,data,0); SSL_DECODE_OPAQUE_ARRAY(ssl,"DH_Ys",-((1<<15)-1),P_ND,data,0); break; case KEX_RSA: SSL_DECODE_OPAQUE_ARRAY(ssl,"RSA_modulus",-((1<<15)-1),P_ND,data,0); SSL_DECODE_OPAQUE_ARRAY(ssl,"RSA_exponent",-((1<<15)-1),P_ND,data,0); break; } INDENT_POP; SSL_DECODE_OPAQUE_ARRAY(ssl,"signature",-((1<<15)-1),P_ND,data,0); } return(0); } static int decode_HandshakeType_CertificateRequest(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { UINT4 len; Data ca; int r; printf("\n"); ssl_update_handshake_messages(ssl,data); SSL_DECODE_UINT8(ssl,"certificate_types len",0,data,&len); for(;len;len--){ SSL_DECODE_ENUM(ssl,"certificate_types",1, client_certificate_type_decoder, P_HL,data,0); P_(P_HL){ printf("\n"); } }; SSL_DECODE_UINT16(ssl,"certificate_authorities len",0,data,&len); while(len){ SSL_DECODE_OPAQUE_ARRAY(ssl,"certificate_authorities", -((1<<15)-1),0,data,&ca); explain(ssl,"certificate_authority\n"); INDENT_INCR; sslx_print_dn(ssl,&ca,P_HL); INDENT_POP; len-=(ca.len + 2); } return(0); } static int decode_HandshakeType_ServerHelloDone(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { printf("\n"); ssl_update_handshake_messages(ssl,data); return(0); } static int decode_HandshakeType_CertificateVerify(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int r; printf("\n"); ssl_update_handshake_messages(ssl,data); SSL_DECODE_OPAQUE_ARRAY(ssl,"Signature",-(1<<15-1),P_HL,data,0); return(0); } static int decode_HandshakeType_ClientKeyExchange(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int r; Data pms; printf("\n"); ssl_update_handshake_messages(ssl,data); if(ssl->cs){ switch(ssl->cs->kex){ case KEX_RSA: if(ssl->version > 768) { SSL_DECODE_OPAQUE_ARRAY(ssl,"EncryptedPreMasterSecret",-(1<<15-1), P_ND,data,&pms); } else { SSL_DECODE_OPAQUE_ARRAY(ssl,"EncryptedPreMasterSecret",data->len,P_ND,data,&pms); } ssl_process_client_key_exchange(ssl, ssl->decoder,pms.data,pms.len); break; case KEX_DH: SSL_DECODE_OPAQUE_ARRAY(ssl,"DiffieHellmanClientPublicValue", -((1<<7)-1),P_HL,data,0); ssl_process_client_key_exchange(ssl, ssl->decoder,NULL,0); } } return(0); } static int decode_HandshakeType_Finished(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int r; printf("\n"); switch(ssl->version){ case 0x300: SSL_DECODE_OPAQUE_ARRAY(ssl,"md5_hash",16,P_ND,data,0); SSL_DECODE_OPAQUE_ARRAY(ssl,"sha_hash",20,P_ND,data,0); break; case 0x301: SSL_DECODE_OPAQUE_ARRAY(ssl,"verify_data",12,P_ND,data,0); P_(P_ND) printf("\n"); break; } return (0); } decoder HandshakeType_decoder[]={ { 0, "HelloRequest", decode_HandshakeType_HelloRequest }, { 1, "ClientHello", decode_HandshakeType_ClientHello }, { 2, "ServerHello", decode_HandshakeType_ServerHello }, { 11, "Certificate", decode_HandshakeType_Certificate }, { 12, "ServerKeyExchange", decode_HandshakeType_ServerKeyExchange }, { 13, "CertificateRequest", decode_HandshakeType_CertificateRequest }, { 14, "ServerHelloDone", decode_HandshakeType_ServerHelloDone }, { 15, "CertificateVerify", decode_HandshakeType_CertificateVerify }, { 16, "ClientKeyExchange", decode_HandshakeType_ClientKeyExchange }, { 20, "Finished", decode_HandshakeType_Finished }, {-1} }; decoder cipher_suite_decoder[]={ // https://www.iana.org/assignments/tls-parameters/tls-parameters.txt { 0, "TLS_NULL_WITH_NULL_NULL", 0 }, { 1, "TLS_RSA_WITH_NULL_MD5", 0 }, { 2, "TLS_RSA_WITH_NULL_SHA", 0 }, { 3, "TLS_RSA_EXPORT_WITH_RC4_40_MD5", 0 }, { 4, "TLS_RSA_WITH_RC4_128_MD5", 0 }, { 5, "TLS_RSA_WITH_RC4_128_SHA", 0 }, { 6, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", 0 }, { 7, "TLS_RSA_WITH_IDEA_CBC_SHA", 0 }, { 8, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 9, "TLS_RSA_WITH_DES_CBC_SHA", 0 }, { 10, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 11, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 12, "TLS_DH_DSS_WITH_DES_CBC_SHA", 0 }, { 13, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", 0 }, { 14, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 15, "TLS_DH_RSA_WITH_DES_CBC_SHA", 0 }, { 16, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 17, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 18, "TLS_DHE_DSS_WITH_DES_CBC_SHA", 0 }, { 19, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 0 }, { 20, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 21, "TLS_DHE_RSA_WITH_DES_CBC_SHA", 0 }, { 22, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 23, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", 0 }, { 24, "TLS_DH_anon_WITH_RC4_128_MD5", 0 }, { 25, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 26, "TLS_DH_anon_WITH_DES_CBC_SHA", 0 }, { 27, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", 0 }, { 30, "TLS_KRB5_WITH_DES_CBC_SHA", 0 }, { 31, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA", 0 }, { 32, "TLS_KRB5_WITH_RC4_128_SHA", 0 }, { 33, "TLS_KRB5_WITH_IDEA_CBC_SHA", 0 }, { 34, "TLS_KRB5_WITH_DES_CBC_MD5", 0 }, { 35, "TLS_KRB5_WITH_3DES_EDE_CBC_MD5", 0 }, { 36, "TLS_KRB5_WITH_RC4_128_MD5", 0 }, { 37, "TLS_KRB5_WITH_IDEA_CBC_MD5", 0 }, { 38, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA", 0 }, { 39, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA", 0 }, { 40, "TLS_KRB5_EXPORT_WITH_RC4_40_SHA", 0 }, { 41, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5", 0 }, { 42, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5", 0 }, { 43, "TLS_KRB5_EXPORT_WITH_RC4_40_MD5", 0 }, { 44, "TLS_PSK_WITH_NULL_SHA", 0 }, { 45, "TLS_DHE_PSK_WITH_NULL_SHA", 0 }, { 46, "TLS_RSA_PSK_WITH_NULL_SHA", 0 }, { 47, "TLS_RSA_WITH_AES_128_CBC_SHA", 0 }, { 48, "TLS_DH_DSS_WITH_AES_128_CBC_SHA", 0 }, { 49, "TLS_DH_RSA_WITH_AES_128_CBC_SHA", 0 }, { 50, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", 0 }, { 51, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", 0 }, { 52, "TLS_DH_anon_WITH_AES_128_CBC_SHA", 0 }, { 53, "TLS_RSA_WITH_AES_256_CBC_SHA", 0 }, { 54, "TLS_DH_DSS_WITH_AES_256_CBC_SHA", 0 }, { 55, "TLS_DH_RSA_WITH_AES_256_CBC_SHA", 0 }, { 56, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", 0 }, { 57, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", 0 }, { 58, "TLS_DH_anon_WITH_AES_256_CBC_SHA", 0 }, { 59, "TLS_RSA_WITH_NULL_SHA256", 0 }, { 60, "TLS_RSA_WITH_AES_128_CBC_SHA256", 0 }, { 61, "TLS_RSA_WITH_AES_256_CBC_SHA256", 0 }, { 62, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256", 0 }, { 63, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256", 0 }, { 64, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", 0 }, { 65, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", 0 }, { 66, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA", 0 }, { 67, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA", 0 }, { 68, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", 0 }, { 69, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", 0 }, { 70, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", 0 }, { 103, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", 0 }, { 104, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256", 0 }, { 105, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256", 0 }, { 106, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", 0 }, { 107, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", 0 }, { 108, "TLS_DH_anon_WITH_AES_128_CBC_SHA256", 0 }, { 109, "TLS_DH_anon_WITH_AES_256_CBC_SHA256", 0 }, { 132, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", 0 }, { 133, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA", 0 }, { 134, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA", 0 }, { 135, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", 0 }, { 136, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", 0 }, { 137, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", 0 }, { 138, "TLS_PSK_WITH_RC4_128_SHA", 0 }, { 139, "TLS_PSK_WITH_3DES_EDE_CBC_SHA", 0 }, { 140, "TLS_PSK_WITH_AES_128_CBC_SHA", 0 }, { 141, "TLS_PSK_WITH_AES_256_CBC_SHA", 0 }, { 142, "TLS_DHE_PSK_WITH_RC4_128_SHA", 0 }, { 143, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA", 0 }, { 144, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA", 0 }, { 145, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA", 0 }, { 146, "TLS_RSA_PSK_WITH_RC4_128_SHA", 0 }, { 147, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA", 0 }, { 148, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA", 0 }, { 149, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA", 0 }, { 150, "TLS_RSA_WITH_SEED_CBC_SHA", 0 }, { 151, "TLS_DH_DSS_WITH_SEED_CBC_SHA", 0 }, { 152, "TLS_DH_RSA_WITH_SEED_CBC_SHA", 0 }, { 153, "TLS_DHE_DSS_WITH_SEED_CBC_SHA", 0 }, { 154, "TLS_DHE_RSA_WITH_SEED_CBC_SHA", 0 }, { 155, "TLS_DH_anon_WITH_SEED_CBC_SHA", 0 }, { 156, "TLS_RSA_WITH_AES_128_GCM_SHA256", 0 }, { 157, "TLS_RSA_WITH_AES_256_GCM_SHA384", 0 }, { 158, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", 0 }, { 159, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", 0 }, { 160, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256", 0 }, { 161, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384", 0 }, { 162, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", 0 }, { 163, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", 0 }, { 164, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256", 0 }, { 165, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384", 0 }, { 166, "TLS_DH_anon_WITH_AES_128_GCM_SHA256", 0 }, { 167, "TLS_DH_anon_WITH_AES_256_GCM_SHA384", 0 }, { 168, "TLS_PSK_WITH_AES_128_GCM_SHA256", 0 }, { 169, "TLS_PSK_WITH_AES_256_GCM_SHA384", 0 }, { 170, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256", 0 }, { 171, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384", 0 }, { 172, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256", 0 }, { 173, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384", 0 }, { 174, "TLS_PSK_WITH_AES_128_CBC_SHA256", 0 }, { 175, "TLS_PSK_WITH_AES_256_CBC_SHA384", 0 }, { 176, "TLS_PSK_WITH_NULL_SHA256", 0 }, { 177, "TLS_PSK_WITH_NULL_SHA384", 0 }, { 178, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256", 0 }, { 179, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384", 0 }, { 180, "TLS_DHE_PSK_WITH_NULL_SHA256", 0 }, { 181, "TLS_DHE_PSK_WITH_NULL_SHA384", 0 }, { 182, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256", 0 }, { 183, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384", 0 }, { 184, "TLS_RSA_PSK_WITH_NULL_SHA256", 0 }, { 185, "TLS_RSA_PSK_WITH_NULL_SHA384", 0 }, { 186, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 187, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 188, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 189, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 190, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 191, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 192, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256", 0 }, { 193, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256", 0 }, { 194, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256", 0 }, { 195, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256", 0 }, { 196, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256", 0 }, { 197, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256", 0 }, { 255, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", 0 }, { 4865, "TLS_AES_128_GCM_SHA256", 0 }, { 4866, "TLS_AES_256_GCM_SHA384", 0 }, { 4867, "TLS_CHACHA20_POLY1305_SHA256", 0 }, { 4868, "TLS_AES_128_CCM_SHA256", 0 }, { 4869, "TLS_AES_128_CCM_8_SHA256", 0 }, { 22016, "TLS_FALLBACK_SCSV", 0 }, { 49153, "TLS_ECDH_ECDSA_WITH_NULL_SHA", 0 }, { 49154, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 0 }, { 49155, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 49156, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", 0 }, { 49157, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", 0 }, { 49158, "TLS_ECDHE_ECDSA_WITH_NULL_SHA", 0 }, { 49159, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", 0 }, { 49160, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 49161, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 0 }, { 49162, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 0 }, { 49163, "TLS_ECDH_RSA_WITH_NULL_SHA", 0 }, { 49164, "TLS_ECDH_RSA_WITH_RC4_128_SHA", 0 }, { 49165, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 49166, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", 0 }, { 49167, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", 0 }, { 49168, "TLS_ECDHE_RSA_WITH_NULL_SHA", 0 }, { 49169, "TLS_ECDHE_RSA_WITH_RC4_128_SHA", 0 }, { 49170, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 49171, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 0 }, { 49172, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 0 }, { 49173, "TLS_ECDH_anon_WITH_NULL_SHA", 0 }, { 49174, "TLS_ECDH_anon_WITH_RC4_128_SHA", 0 }, { 49175, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", 0 }, { 49176, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", 0 }, { 49177, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA", 0 }, { 49178, "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA", 0 }, { 49179, "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 49180, "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA", 0 }, { 49181, "TLS_SRP_SHA_WITH_AES_128_CBC_SHA", 0 }, { 49182, "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA", 0 }, { 49183, "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA", 0 }, { 49184, "TLS_SRP_SHA_WITH_AES_256_CBC_SHA", 0 }, { 49185, "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA", 0 }, { 49186, "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA", 0 }, { 49187, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", 0 }, { 49188, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", 0 }, { 49189, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", 0 }, { 49190, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", 0 }, { 49191, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", 0 }, { 49192, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", 0 }, { 49193, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", 0 }, { 49194, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", 0 }, { 49195, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", 0 }, { 49196, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", 0 }, { 49197, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", 0 }, { 49198, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", 0 }, { 49199, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 0 }, { 49200, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", 0 }, { 49201, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", 0 }, { 49202, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", 0 }, { 49203, "TLS_ECDHE_PSK_WITH_RC4_128_SHA", 0 }, { 49204, "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA", 0 }, { 49205, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA", 0 }, { 49206, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA", 0 }, { 49207, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256", 0 }, { 49208, "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384", 0 }, { 49209, "TLS_ECDHE_PSK_WITH_NULL_SHA", 0 }, { 49210, "TLS_ECDHE_PSK_WITH_NULL_SHA256", 0 }, { 49211, "TLS_ECDHE_PSK_WITH_NULL_SHA384", 0 }, { 49212, "TLS_RSA_WITH_ARIA_128_CBC_SHA256", 0 }, { 49213, "TLS_RSA_WITH_ARIA_256_CBC_SHA384", 0 }, { 49214, "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256", 0 }, { 49215, "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384", 0 }, { 49216, "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256", 0 }, { 49217, "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384", 0 }, { 49218, "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256", 0 }, { 49219, "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384", 0 }, { 49220, "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256", 0 }, { 49221, "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384", 0 }, { 49222, "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256", 0 }, { 49223, "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384", 0 }, { 49224, "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256", 0 }, { 49225, "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384", 0 }, { 49226, "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256", 0 }, { 49227, "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384", 0 }, { 49228, "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256", 0 }, { 49229, "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384", 0 }, { 49230, "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256", 0 }, { 49231, "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384", 0 }, { 49232, "TLS_RSA_WITH_ARIA_128_GCM_SHA256", 0 }, { 49233, "TLS_RSA_WITH_ARIA_256_GCM_SHA384", 0 }, { 49234, "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256", 0 }, { 49235, "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384", 0 }, { 49236, "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256", 0 }, { 49237, "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384", 0 }, { 49238, "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256", 0 }, { 49239, "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384", 0 }, { 49240, "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256", 0 }, { 49241, "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384", 0 }, { 49242, "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256", 0 }, { 49243, "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384", 0 }, { 49244, "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256", 0 }, { 49245, "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384", 0 }, { 49246, "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256", 0 }, { 49247, "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384", 0 }, { 49248, "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256", 0 }, { 49249, "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384", 0 }, { 49250, "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256", 0 }, { 49251, "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384", 0 }, { 49252, "TLS_PSK_WITH_ARIA_128_CBC_SHA256", 0 }, { 49253, "TLS_PSK_WITH_ARIA_256_CBC_SHA384", 0 }, { 49254, "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256", 0 }, { 49255, "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384", 0 }, { 49256, "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256", 0 }, { 49257, "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384", 0 }, { 49258, "TLS_PSK_WITH_ARIA_128_GCM_SHA256", 0 }, { 49259, "TLS_PSK_WITH_ARIA_256_GCM_SHA384", 0 }, { 49260, "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256", 0 }, { 49261, "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384", 0 }, { 49262, "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256", 0 }, { 49263, "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384", 0 }, { 49264, "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256", 0 }, { 49265, "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384", 0 }, { 49266, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 49267, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", 0 }, { 49268, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 49269, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384", 0 }, { 49270, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 49271, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384", 0 }, { 49272, "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 49273, "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384", 0 }, { 49274, "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49275, "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49276, "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49277, "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49278, "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49279, "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49280, "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49281, "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49282, "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49283, "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49284, "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49285, "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49286, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49287, "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49288, "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49289, "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49290, "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49291, "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49292, "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49293, "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49294, "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49295, "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49296, "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49297, "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49298, "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256", 0 }, { 49299, "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384", 0 }, { 49300, "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 49301, "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384", 0 }, { 49302, "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 49303, "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", 0 }, { 49304, "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 49305, "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384", 0 }, { 49306, "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256", 0 }, { 49307, "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384", 0 }, { 49308, "TLS_RSA_WITH_AES_128_CCM", 0 }, { 49309, "TLS_RSA_WITH_AES_256_CCM", 0 }, { 49310, "TLS_DHE_RSA_WITH_AES_128_CCM", 0 }, { 49311, "TLS_DHE_RSA_WITH_AES_256_CCM", 0 }, { 49312, "TLS_RSA_WITH_AES_128_CCM_8", 0 }, { 49313, "TLS_RSA_WITH_AES_256_CCM_8", 0 }, { 49314, "TLS_DHE_RSA_WITH_AES_128_CCM_8", 0 }, { 49315, "TLS_DHE_RSA_WITH_AES_256_CCM_8", 0 }, { 49316, "TLS_PSK_WITH_AES_128_CCM", 0 }, { 49317, "TLS_PSK_WITH_AES_256_CCM", 0 }, { 49318, "TLS_DHE_PSK_WITH_AES_128_CCM", 0 }, { 49319, "TLS_DHE_PSK_WITH_AES_256_CCM", 0 }, { 49320, "TLS_PSK_WITH_AES_128_CCM_8", 0 }, { 49321, "TLS_PSK_WITH_AES_256_CCM_8", 0 }, { 49322, "TLS_PSK_DHE_WITH_AES_128_CCM_8", 0 }, { 49323, "TLS_PSK_DHE_WITH_AES_256_CCM_8", 0 }, { 49324, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM", 0 }, { 49325, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM", 0 }, { 49326, "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8", 0 }, { 49327, "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8", 0 }, { 52392, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", 0 }, { 52393, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", 0 }, { 52394, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", 0 }, { 52395, "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256", 0 }, { 52396, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256", 0 }, { 52397, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256", 0 }, { 52398, "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256", 0 }, // DRAFT-IETF-TLS-ECC { 71, "TLS_ECDH_ECDSA_WITH_NULL_SHA", 0 }, { 72, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", 0 }, { 73, "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA", 0 }, { 74, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 75, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", 0 }, { 76, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", 0 }, { 75, "TLS_ECDH_ECDSA_EXPORT_WITH_RC4_40_SHA", 0 }, { 76, "TLS_ECDH_ECDSA_EXPORT_WITH_RC4_56_SHA", 0 }, { 77, "TLS_ECDH_RSA_WITH_NULL_SHA", 0 }, { 78, "TLS_ECDH_RSA_WITH_RC4_128_SHA", 0 }, { 79, "TLS_ECDH_RSA_WITH_DES_CBC_SHA", 0 }, { 80, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 81, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", 0 }, { 82, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", 0 }, { 83, "TLS_ECDH_RSA_EXPORT_WITH_RC4_40_SHA", 0 }, { 84, "TLS_ECDH_RSA_EXPORT_WITH_RC4_56_SHA", 0 }, { 85, "TLS_ECDH_anon_NULL_WITH_SHA", 0 }, { 86, "TLS_ECDH_anon_WITH_RC4_128_SHA", 0 }, { 87, "TLS_ECDH_anon_WITH_DES_CBC_SHA", 0 }, { 88, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", 0 }, { 89, "TLS_ECDH_anon_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 90, "TLS_ECDH_anon_EXPORT_WITH_RC4_40_SHA", 0 }, // DRAFT-IETF-TLS-56-BIT-CIPHERSUITES { 96, "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5", 0 }, { 97, "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5", 0 }, { 98, "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA", 0 }, { 99, "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", 0 }, { 100, "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA", 0 }, { 101, "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA", 0 }, { 102, "TLS_DHE_DSS_WITH_RC4_128_SHA", 0 }, // FIPS SSL (Netscape) { 65278, "SSL_RSA_FIPS_WITH_DES_CBC_SHA", 0 }, { 65279, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA", 0 }, // SSL 2.0 { 65664, "SSL2_RC4_128_WITH_MD5", 0 }, { 131200, "SSL2_RC4_128_EXPORT40_WITH_MD5", 0 }, { 196736, "SSL2_RC2_CBC_128_CBC_WITH_MD5", 0 }, { 262272, "SSL2_RC2_128_CBC_EXPORT40_WITH_MD5", 0 }, { 327808, "SSL2_IDEA_128_CBC_WITH_MD5", 0 }, { 393280, "SSL2_DES_64_CBC_WITH_MD5", 0 }, { 393536, "SSL2_DES_64_CBC_WITH_SHA", 0 }, { 458944, "SSL2_DES_192_EDE3_CBC_WITH_MD5", 0 }, { 459200, "SSL2_DES_192_EDE3_CBC_WITH_SHA", 0 }, { 524416, "SSL2_RC4_64_WITH_MD5", 0 }, { 2570, "GREASE 0x0A0A", 0 }, { 6682, "GREASE 0x1A1A", 0 }, { 10794, "GREASE 0x2A2A", 0 }, { 14906, "GREASE 0x3A3A", 0 }, { 19018, "GREASE 0x4A4A", 0 }, { 23130, "GREASE 0x5A5A", 0 }, { 27242, "GREASE 0x6A6A", 0 }, { 31354, "GREASE 0x7A7A", 0 }, { 35466, "GREASE 0x8A8A", 0 }, { 39578, "GREASE 0x9A9A", 0 }, { 43690, "GREASE 0xAAAA", 0 }, { 47802, "GREASE 0xBABA", 0 }, { 51914, "GREASE 0xCACA", 0 }, { 56026, "GREASE 0xDADA", 0 }, { 60138, "GREASE 0xEAEA", 0 }, { 64250, "GREASE 0xFAFA", 0 }, {-1} }; static int decode_AlertLevel_warning(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertLevel_fatal(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } decoder AlertLevel_decoder[]={ { 1, "warning", decode_AlertLevel_warning }, { 2, "fatal", decode_AlertLevel_fatal }, {-1} }; static int decode_AlertDescription_close_notify(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_unexpected_message(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_bad_record_mac(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_decryption_failed(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_record_overflow(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_decompression_failure(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_handshake_failure(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_bad_certificate(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_unsupported_certificate(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_certificate_revoked(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_certificate_expired(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_certificate_unknown(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_illegal_parameter(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_unknown_ca(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_access_denied(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_decode_error(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_decrypt_error(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_export_restriction(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_protocol_version(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_insufficient_security(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_internal_error(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_user_canceled(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_AlertDescription_no_renegotiation(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } decoder AlertDescription_decoder[]={ { 0, "close_notify", decode_AlertDescription_close_notify }, { 10, "unexpected_message", decode_AlertDescription_unexpected_message }, { 20, "bad_record_mac", decode_AlertDescription_bad_record_mac }, { 21, "decryption_failed", decode_AlertDescription_decryption_failed }, { 22, "record_overflow", decode_AlertDescription_record_overflow }, { 30, "decompression_failure", decode_AlertDescription_decompression_failure }, { 40, "handshake_failure", decode_AlertDescription_handshake_failure }, { 42, "bad_certificate", decode_AlertDescription_bad_certificate }, { 43, "unsupported_certificate", decode_AlertDescription_unsupported_certificate }, { 44, "certificate_revoked", decode_AlertDescription_certificate_revoked }, { 45, "certificate_expired", decode_AlertDescription_certificate_expired }, { 46, "certificate_unknown", decode_AlertDescription_certificate_unknown }, { 47, "illegal_parameter", decode_AlertDescription_illegal_parameter }, { 48, "unknown_ca", decode_AlertDescription_unknown_ca }, { 49, "access_denied", decode_AlertDescription_access_denied }, { 50, "decode_error", decode_AlertDescription_decode_error }, { 51, "decrypt_error", decode_AlertDescription_decrypt_error }, { 60, "export_restriction", decode_AlertDescription_export_restriction }, { 70, "protocol_version", decode_AlertDescription_protocol_version }, { 71, "insufficient_security", decode_AlertDescription_insufficient_security }, { 80, "internal_error", decode_AlertDescription_internal_error }, { 90, "user_canceled", decode_AlertDescription_user_canceled }, { 100, "no_renegotiation", decode_AlertDescription_no_renegotiation }, {-1} }; decoder compression_method_decoder[]={ { 0, "NULL", 0 }, {-1} }; static int decode_client_certificate_type_rsa_sign(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_client_certificate_type_dss_sign(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_client_certificate_type_rsa_fixed_dh(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_client_certificate_type_dss_fixed_dh(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } decoder client_certificate_type_decoder[]={ { 1, "rsa_sign", decode_client_certificate_type_rsa_sign }, { 2, "dss_sign", decode_client_certificate_type_dss_sign }, { 3, "rsa_fixed_dh", decode_client_certificate_type_rsa_fixed_dh }, { 4, "dss_fixed_dh", decode_client_certificate_type_dss_fixed_dh }, {-1} }; static int decode_extension_server_name(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { UINT4 t; int l,r,p; extern decoder server_name_type_decoder[]; SSL_DECODE_UINT16(ssl,"extension length",0,data,&l); if(dir==DIR_I2R){ SSL_DECODE_UINT16(ssl,"server name list length",0,data,&l); printf("\n"); while(l) { p=data->len; SSL_DECODE_UINT8(ssl, "server name type", 0, data, &t); if (ssl_decode_switch(ssl,server_name_type_decoder,t,dir,seg,data) == R_NOT_FOUND) { decode_server_name(ssl,dir,seg,data); P_(P_RH){ explain(ssl, "Server Name type: %s not yet implemented in ssldump", t); } continue; } l-=(p-data->len); } } else{ data->len-=l; data->data+=l; } return(0); } static int decode_extension_encrypt_then_mac(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int l,r,*etm; etm=&ssl->extensions->encrypt_then_mac; SSL_DECODE_UINT16(ssl,"extension length",0,data,&l); data->len-=l; data->data+=l; dir==DIR_I2R?*etm=1:++*etm; return(0); } static int decode_extension_extended_master_secret(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int l,r,*ems; ems=&ssl->extensions->extended_master_secret; SSL_DECODE_UINT16(ssl,"extension length",0,data,&l); data->len-=l; data->data+=l; dir==DIR_I2R?*ems=1:++*ems; return(0); } static int decode_extension(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int l,r; SSL_DECODE_UINT16(ssl,"extension length",0,data,&l); data->len-=l; data->data+=l; return(0); } decoder extension_decoder[] = { { 0, "server_name", decode_extension_server_name, }, { 1, "max_fragment_length", decode_extension }, { 2, "client_certificate_url", decode_extension }, { 3, "trusted_ca_keys", decode_extension }, { 4, "truncated_hmac", decode_extension }, { 5, "status_request", decode_extension }, { 13, "signature_algorithms", decode_extension }, { 16, "application_layer_protocol_negotiation", decode_extension }, { 22, "encrypt_then_mac", decode_extension_encrypt_then_mac }, { 23, "extended_master_secret", decode_extension_extended_master_secret }, { 13172, "next_protocol_negotiation", decode_extension }, {-1} }; static int decode_server_name_type_host_name(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int l,r; SSL_DECODE_UINT16(ssl,"server name length",0,data,&l); printf(": %.*s",l,data->data); /* Possibly use data->data to set/modify ssl->server_name */ data->len-=l; data->data+=l; return(0); } static int decode_server_name(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int l,r; SSL_DECODE_UINT16(ssl,"server name length",0,data,&l); data->len-=l; data->data+=l; return(0); } decoder server_name_type_decoder[]={ { 0, "host_name", decode_server_name_type_host_name }, {-1} }; ssldump-1.1/ssl/ssl.enums.h000066400000000000000000000004441354171271700157550ustar00rootroot00000000000000extern decoder ContentType_decoder[]; extern decoder HandshakeType_decoder[]; extern decoder cipher_suite_decoder[]; extern decoder AlertLevel_decoder[]; extern decoder AlertDescription_decoder[]; extern decoder compression_method_decoder[]; extern decoder client_certificate_type_decoder[]; ssldump-1.1/ssl/ssl.l000066400000000000000000000031161354171271700146320ustar00rootroot00000000000000%option yylineno %{ #include "y.tab.h" #if 0 #define RETURN(x) printf("TOK:%s\n",#x); return(x) #else #define RETURN return #endif long strtol(); %} IDCHAR [a-zA-Z0-9_\-\.] NUMCHAR [0-9] S [ \t\n\r\f]+ NAME [a-zA-Z]{IDCHAR}+ NUM {NUMCHAR}+ HEXNUM "0x"[0-9A-Za-z]+ COMMENT "/*"("*"?[^/]+)*("*/") CODE "{@"[^@]+"@}" %% ".." {RETURN(DOT_DOT_);} "enum" {RETURN(ENUM_);} "struct" {RETURN(STRUCT_);} "opaque" {mkname();RETURN(OPAQUE_);} "select" {RETURN(SELECT_);} "constant" {RETURN(CONSTANT_);} "digitally-signed" {/* Do nothing*/} "public-key-encrypted" {/* Do nothing*/} "case" {RETURN(CASE_);} {COMMENT} { /*Do nothing*/} {CODE} { strcpy(yylval.str,yytext); RETURN(CODE_);} {S} {/*do nothing*/} {NAME} {mkname();RETURN(NAME_);} {NUM} {yylval.val=atoi(yytext); RETURN(NUM_);} {HEXNUM} {yylval.val=strtol(yytext,0,16); RETURN(NUM_);} "{" { RETURN('{'); } "}" { RETURN('}'); } "(" { RETURN('('); } ")" { RETURN(')'); } "[" { RETURN('['); } "]" { RETURN(']'); } "<" { RETURN('<'); } ">" { RETURN('>'); } ";" { RETURN(';'); } ":" { RETURN(':'); } "," { RETURN(','); } "." { RETURN('.'); } "^" { RETURN('^'); } "-" { RETURN('-'); } "=" { RETURN('='); } . { fprintf(stderr,"Invalid input token: %s at %d!!!\n",yytext,yylineno); exit(1); } %% int mkname() { #if 0 printf("%s\n",yytext); #endif strcpy(yylval.str,yytext); } ssldump-1.1/ssl/ssl.y000066400000000000000000000077711354171271700146620ustar00rootroot00000000000000/** ssl.y Copyright (C) 1998, RTFM, Inc. All Rights Reserved. ekr@rtfm.com Fri Dec 25 20:33:47 1998 */ %{ typedef struct select_st_ { char *name; char *code; int val; struct select_st_ *next; } select_st; select_st *select_base; select_st *select_ptr; select_st *constant_base; select_st *constant_ptr; #include extern FILE *dotc; extern FILE *doth; %} %union { int val; unsigned char str[8192]; } /*These tokens have attributes*/ %token NAME_ %token NUM_ /*Tokens*/ %token DOT_DOT_ %token STRUCT_ %token SELECT_ %token OPAQUE_ %token SELECT_ %token ENUM_ %token DIGITALLY_SIGNED_ %token COMMENT_START_ %token CODE_ %token COMMENT_END_ %token CASE_ %token CONSTANT_ /*Types for nonterminals*/ %type module %type typelist %type definition %type selecttype %type constant_type %type selecterateds %type selectmax %type constval /*%type selecterated*/ %% module: typelist typelist: {$$=1}; | definition typelist { $$=1; } ; definition: selecttype | constant_type ; selecttype: SELECT_ '{' selecterateds ',' selectmax '}' NAME_ ';' { select_st *en; char filename[100]; for(en=select_base;en;en=en->next){ fprintf(dotc,"static int decode_%s_%s(ssl,dir,seg,data)\n", $7,en->name); fprintf(dotc," ssl_obj *ssl;\n"); fprintf(dotc," int dir;\n"); fprintf(dotc," segment *seg;\n"); fprintf(dotc," Data *data;\n"); fprintf(dotc," {\n"); if(en->code){ en->code+=2; en->code[strlen(en->code)-2]=0; fprintf(dotc,"\n%s\n",en->code); } else{ /* fprintf(dotc," fprintf(dotc,\"Decoding %s...%cn\");\n",en->name,'\\');*/ fprintf(dotc," return(0);\n"); } fprintf(dotc," }\n"); } fprintf(dotc,"decoder %s_decoder[]={\n",$7); fprintf(doth,"extern decoder %s_decoder[];\n",$7); for(en=select_base;en;en=en->next){ fprintf(dotc," {\n"); fprintf(dotc," %d,\n",en->val); fprintf(dotc," \"%s\",\n",en->name); fprintf(dotc," decode_%s_%s\n",$7,en->name); fprintf(dotc," },\n"); } fprintf(dotc,"{-1}\n"); fprintf(dotc,"};\n\n"); select_base=0; } ; selecterateds: selecterateds ',' selecterated | selecterated {; } ; selectmax: '(' NUM_ ')' {$$=1;}; selecterated: selecterated_no_code | selecterated_code ; selecterated_code: NAME_ '(' NUM_ ')' CODE_ { select_st *en; en=malloc(sizeof(select_st)); en->next=0; en->val=$3; en->name=strdup($1); en->code=strdup($5); if(!select_base){ select_base=en; select_ptr=en; } else{ select_ptr->next=en; select_ptr=en; } }; selecterated_no_code: NAME_ '(' NUM_ ')' { select_st *en; en=malloc(sizeof(select_st)); en->next=0; en->val=$3; en->name=strdup($1); en->code=0; if(!select_base){ select_base=en; select_ptr=en; } else{ select_ptr->next=en; select_ptr=en; } }; constant_type: CONSTANT_ '{' constants '}' NAME_ ';' { select_st *en; fprintf(dotc,"decoder %s_decoder[]={\n",$5); fprintf(doth,"extern decoder %s_decoder[];\n",$5); for(en=constant_base;en;en=en->next){ fprintf(dotc," {\n"); fprintf(dotc," %d,\n",en->val); fprintf(dotc," \"%s\",\n",en->name); fprintf(dotc," 0"); fprintf(dotc," },\n"); } fprintf(dotc,"{-1}\n"); fprintf(dotc,"};\n\n"); constant_ptr=0; constant_base=0; } constants: constants constant | constant {; } ; constant: NAME_ NAME_ '=' '{' constval '}' ';' { select_st *en; en=malloc(sizeof(select_st)); en->next=0; en->val=$5; en->name=strdup($2); if(!constant_base){ constant_base=en; constant_ptr=en; } else{ constant_ptr->next=en; constant_ptr=en; } }; constval: NUM_ ',' NUM_ ',' NUM_ { $$=($1 << 16) | ($3 << 8) | $5; } | NUM_ ',' NUM_ { $$=($1 << 8) | $3; } | NUM_ { $$=$1; } ; ssldump-1.1/ssl/ssl_analyze.c000066400000000000000000000330071354171271700163460ustar00rootroot00000000000000/** ssl_analyze.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: ssl_analyze.c,v 1.8 2002/01/21 18:46:13 ekr Exp $ ekr@rtfm.com Fri Jan 8 14:07:05 1999 */ static char *RCSSTRING="$Id: ssl_analyze.c,v 1.8 2002/01/21 18:46:13 ekr Exp $"; #include "network.h" #include "debug.h" #include "sslprint.h" #include "ssl_h.h" #include "ssl_analyze.h" /*UINT4 SSL_print_flags=P_HL| P_ND;*/ UINT4 SSL_print_flags = 1 | P_HT | P_HL; static int parse_ssl_flags PROTO_LIST((char *str)); static int create_ssl_ctx PROTO_LIST((void *handle,proto_ctx **ctxp)); static int create_ssl_analyzer PROTO_LIST((void *handle, proto_ctx *ctx,tcp_conn *conn,proto_obj **objp, struct in_addr *i_addr,u_short i_port, struct in_addr *r_addr,u_short r_port, struct timeval *base_time)); static int destroy_ssl_analyzer PROTO_LIST((proto_obj **objp)); static int read_ssl_record PROTO_LIST((ssl_obj *obj,r_queue *q,segment *seg, int offset,segment **lastp,int *offsetp)); static int read_data PROTO_LIST((r_queue *q,segment *seg,int offset, segment **lastp,int *offsetp)); static int data_ssl_analyzer PROTO_LIST((proto_obj *_obj,segment *seg, int direction)); int close_ssl_analyzer PROTO_LIST((proto_obj *_obj,packet *p,int direction)); static int create_r_queue PROTO_LIST((r_queue **qp)); static int free_r_queue PROTO_LIST((r_queue *q)); static int print_ssl_record PROTO_LIST((ssl_obj *obj,int direction, segment *q,UCHAR *data,int len)); char *SSL_keyfile=0; char *SSL_password=0; char *SSL_keylogfile=0; #define NEGATE 0x800000 typedef struct { int ch; char *name; UINT4 flag; } flag_struct; flag_struct flags[]={ { 't', "ts", SSL_PRINT_TIMESTAMP, }, { 'e', "tsa", SSL_PRINT_TIMESTAMP|SSL_PRINT_TIMESTAMP_ABSOLUTE }, { 'x', "x", SSL_PRINT_HEXDUMP }, { 'X', "X", SSL_PRINT_HEX_ONLY }, { 'r', "rh", SSL_PRINT_RECORD_HEADER }, { 0, "ht", SSL_PRINT_HANDSHAKE_TYPE }, { 0, "H", SSL_PRINT_HIGHLIGHTS }, { 'A', "all", SSL_PRINT_ALL_FIELDS }, { 0, "d", SSL_PRINT_DECODE }, { 'y', "nroff", SSL_PRINT_NROFF }, { 'N', "asn", SSL_PRINT_DECODE_ASN1 }, { 0, "crypto", SSL_PRINT_CRYPTO }, { 'd', "appdata", SSL_PRINT_APP_DATA }, { 'q', "quiet", P_HL | NEGATE }, {0} }; int parse_ssl_flag(flag) int flag; { flag_struct *fl; for(fl=flags;fl->name;fl++){ if(fl->ch==flag){ if(fl->flag & NEGATE){ SSL_print_flags &= ~(fl->flag); } else SSL_print_flags |= fl->flag; break; } } return(0); } static int parse_ssl_flags(str) char *str; { char *x,*y; flag_struct *fl; int bang; y=str; while(x=strtok(y,",")){ y=0; if(*x=='!'){ bang=1; x++; } else bang=0; for(fl=flags;fl->name;fl++){ if(!strcmp(x,fl->name)){ if(!bang) SSL_print_flags |= fl->flag; else SSL_print_flags &= ~fl->flag; break; } } if(!fl->name){ fprintf(stderr,"SSL: Bad flag %s\n",x); } } return(0); } static int create_ssl_ctx(handle,ctxp) void *handle; proto_ctx **ctxp; { ssl_decode_ctx *ctx=0; int r,_status; if(r=ssl_decode_ctx_create(&ctx,SSL_keyfile,SSL_password,SSL_keylogfile)) ABORT(r); *ctxp=(proto_ctx *)ctx; _status=0; abort: return(_status); } static int create_ssl_analyzer(handle,ctx,conn,objp,i_addr,i_port,r_addr,r_port,base_time) void *handle; proto_ctx *ctx; tcp_conn *conn; proto_obj **objp; struct in_addr *i_addr; u_short i_port; struct in_addr *r_addr; u_short r_port; struct timeval *base_time; { int r,_status; ssl_obj *obj=0; if(!(obj=(ssl_obj *)calloc(1,sizeof(ssl_obj)))) ABORT(R_NO_MEMORY); obj->ssl_ctx=(ssl_decode_ctx *)ctx; obj->conn=conn; if(r=create_r_queue(&obj->r2i_queue)) ABORT(r); if(r=create_r_queue(&obj->i2r_queue)) ABORT(r); lookuphostname(i_addr,&obj->client_name); obj->client_port=i_port; lookuphostname(r_addr,&obj->server_name); obj->server_port=r_port; obj->i_state=SSL_ST_SENT_NOTHING; obj->r_state=SSL_ST_HANDSHAKE; memcpy(&obj->time_start,base_time,sizeof(struct timeval)); memcpy(&obj->time_last,base_time,sizeof(struct timeval)); if(r=ssl_decoder_create(&obj->decoder,obj->ssl_ctx)) ABORT(r); if (!(obj->extensions=malloc(sizeof(ssl_extensions)))) ABORT(R_NO_MEMORY); *objp=(proto_obj *)obj; _status=0; abort: if(_status){ destroy_ssl_analyzer((proto_obj **)&obj); } return(_status); } static int destroy_ssl_analyzer(objp) proto_obj **objp; { ssl_obj *obj; if(!objp || !*objp) return(0); obj=(ssl_obj *)*objp; DBG((0,"Destroying SSL analyzer")); free_r_queue(obj->i2r_queue); free_r_queue(obj->r2i_queue); ssl_decoder_destroy(&obj->decoder); free(obj->client_name); free(obj->server_name); free(obj->extensions); free(*objp); *objp=0; return(0); } static int free_r_queue(q) r_queue *q; { FREE(q->data); if(q->q) free_tcp_segment_queue(q->q); free(q); return(0); } static int create_r_queue(qp) r_queue **qp; { r_queue *q=0; int _status; if(!(q=(r_queue *)calloc(1,sizeof(r_queue)))) ABORT(R_NO_MEMORY); if(!(q->data=(UCHAR *)malloc(SSL_HEADER_SIZE))) ABORT(R_NO_MEMORY); q->ptr=q->data; q->_allocated=SSL_HEADER_SIZE; q->len=0; q->state=SSL_READ_NONE; *qp=q; _status=0; abort: if(_status){ free_r_queue(q); } return(_status); } static int read_ssl_record(obj,q,seg,offset,lastp,offsetp) ssl_obj *obj; r_queue *q; segment *seg; int offset; segment **lastp; int *offsetp; { segment *last=seg; int rec_len,r,_status; switch(q->state){ case SSL_READ_NONE: if (SSL_HEADER_SIZElen) ABORT(-1); q->read_left=SSL_HEADER_SIZE-q->len; if(r=read_data(q,seg,offset,&last,&offset)) ABORT(r); q->state=SSL_READ_HEADER; switch(q->data[0]){ case 20: case 21: case 22: case 23: break; default: DBG((0,"Unknown SSL content type %d for segment %u:%u(%u)", q->data[0] & 255,seg->s_seq,seg->s_seq+seg->len,seg->len)); } rec_len=COMBINE(q->data[3],q->data[4]); /* SSL v3.0 spec says a record may not exceed 2**14 + 2048 == 18432 */ if(rec_len > 18432) ABORT(R_INTERNAL); /*Expand the buffer*/ if(q->_allocated<(rec_len+SSL_HEADER_SIZE)){ if(!(q->data=realloc(q->data,rec_len+5))) ABORT(R_NO_MEMORY); q->_allocated=rec_len+SSL_HEADER_SIZE; q->ptr=q->data+SSL_HEADER_SIZE; }; q->read_left=rec_len; case SSL_READ_HEADER: if(r=read_data(q,last,offset,&last,&offset)) ABORT(r); break; default: ABORT(R_INTERNAL); } q->state=SSL_READ_NONE; /*Whew. If we get here, we've managed to read a whole record*/ *lastp=last; *offsetp=offset; _status=0; abort: return(_status); } static int read_data(q,seg,offset,lastp,offsetp) r_queue *q; segment *seg; int offset; segment **lastp; int *offsetp; { int tocpy=0,r,_status; #ifdef DEBUG int bread=0; #endif DBG((0,"read_data %d bytes requested",q->read_left)); for(;seg;seg=seg->next,offset=0){ int left; left=seg->len-offset; tocpy=MIN(q->read_left,left); memcpy(q->ptr,seg->data+offset,tocpy); q->read_left-=tocpy; q->ptr+=tocpy; q->len+=tocpy; #ifdef DEBUG bread+=tocpy; #endif if(!q->read_left) break; }; if(q->read_left){ if(r=copy_tcp_segment_queue(&q->q,seg)) ABORT(r); return(SSL_NO_DATA); } if(seg && tocpy==(seg->len - offset)){ *lastp=0; *offsetp=0; } else{ *lastp=seg; if(seg) *offsetp=tocpy+offset; } if(q->read_left<0) abort(); DBG((0,"read_data %d bytes read",bread)); _status=0; abort: return(_status); } static int data_ssl_analyzer(_obj,seg,direction) proto_obj *_obj; segment *seg; int direction; { int _status,r; r_queue *q; segment *last,*q_next,*assembled; ssl_obj *ssl=(ssl_obj *)_obj; int offset=0; q=direction==DIR_R2I?ssl->r2i_queue:ssl->i2r_queue; /* Handle SSLv2 backwards compat client hello This is sloppy because we'll assume that it's all in one TCP segment -- an assumption we make nowhere else in the code */ if(direction==DIR_I2R && ssl->i_state==SSL_ST_SENT_NOTHING){ r=process_v2_hello(ssl,seg); if(r==SSL_NO_DATA) return(0); if(r==0) return(0); } if(ssl->i_state==SSL_ST_SENT_NOTHING){ r=process_beginning_plaintext(ssl,seg,direction); if(r==SSL_NO_DATA) return(0); if(r==0) return(0); } while(!(r=read_ssl_record(ssl,q,seg,offset,&last,&offset))){ if(ssl->i_state==SSL_ST_SENT_NOTHING) ssl->i_state=SSL_ST_HANDSHAKE; if(last){ q_next=last->next; last->next=0; } if(q->q_last){ q->q_last->next=seg; assembled=q->q; } else assembled=seg; ssl->direction=direction; if(r=print_ssl_record(ssl,direction,assembled,q->data,q->len)) ABORT(r); /*Now reset things, so we can read another record*/ if(q){ if(q->q_last) q->q_last->next=0; if(last) last->next=q_next; free_tcp_segment_queue(q->q); q->q=0;q->q_last=0;q->offset=0;q->len=0;q->ptr=q->data; q->state=SSL_READ_NONE; } seg=last; } if(r!=SSL_NO_DATA) ABORT(r); _status=0; abort: return(_status); } static int print_ssl_header(obj,direction,q,data,len) ssl_obj *obj; int direction; segment *q; UCHAR *data; int len; { int ct=0; int r; segment *s; struct timeval dt; ssl_print_record_num(obj); if(SSL_print_flags & SSL_PRINT_TIMESTAMP){ for(s=q;s;s=s->next) ct++; for(s=q;s;s=s->next){ ssl_print_timestamp(obj,&s->p->ts); if(s->next) printf(", "); } } ssl_print_direction_indicator(obj,direction); return(0); } static int print_ssl_record(obj,direction,q,data,len) ssl_obj *obj; int direction; segment *q; UCHAR *data; int len; { int r; if(r=print_ssl_header(obj,direction,q,data,len)) ERETURN(r); ssl_expand_record(obj,q,direction,data,len); if(SSL_print_flags & SSL_PRINT_HEXDUMP){ Data d; INIT_DATA(d,data,len); exdump(obj,"Packet data",&d); printf("\n\n"); } return(0); } int close_ssl_analyzer(_obj,p,dir) proto_obj *_obj; packet *p; int dir; { ssl_obj *ssl=(ssl_obj *)_obj; char *what; if(p->tcp->th_flags & TH_RST) what="RST"; else what="FIN"; explain(ssl,"%d ",ssl->conn->conn_number); ssl_print_timestamp(ssl,&p->ts); ssl_print_direction_indicator(ssl,dir); explain(ssl," TCP %s",what); printf("\n"); return(0); } static struct proto_mod_vtbl_ ssl_vtbl ={ parse_ssl_flags, parse_ssl_flag, create_ssl_ctx, create_ssl_analyzer, destroy_ssl_analyzer, data_ssl_analyzer, close_ssl_analyzer, }; struct proto_mod_ ssl_mod = { 0, &ssl_vtbl }; ssldump-1.1/ssl/ssl_analyze.h000066400000000000000000000063071354171271700163560ustar00rootroot00000000000000/** ssl_analyze.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: ssl_analyze.h,v 1.3 2000/11/09 18:52:24 ekr Exp $ ekr@rtfm.com Tue Jan 12 08:45:44 1999 */ #ifndef _ssl_analyze_h #define _ssl_analyze_h extern proto_mod ssl_mod; /*The type of data this is*/ #define P_RH (1<<3) #define P_HT (1<<4) #define P_HL (1<<5) #define P_ND (1<<6) #define P_DC (1<<7) #define P_NR (1<<8) #define P_ASN (1<<9) #define P_CR (1<<10) #define P_AD (1<<11) #define P_TSA (1<<12) #define P_QT (1<<13) #define P_HO (1<<14) #define SSL_PRINT_TIMESTAMP (1) /*Timestamp records*/ #define SSL_PRINT_HEXDUMP (1<<2) /*Print the whole record in hex*/ #define SSL_PRINT_RECORD_HEADER P_RH /*Print the record header*/ #define SSL_PRINT_HANDSHAKE_TYPE P_HT /*Print the handshake type*/ #define SSL_PRINT_HIGHLIGHTS (P_HT | P_HL) #define SSL_PRINT_ALL_FIELDS (P_RH | P_HT | P_HL | P_ND) #define SSL_PRINT_DECODE (P_DC) /*Print fields as decoded*/ #define SSL_PRINT_NROFF (P_NR) #define SSL_PRINT_DECODE_ASN1 (P_ASN) #define SSL_PRINT_CRYPTO (P_CR) #define SSL_PRINT_APP_DATA (P_AD) #define SSL_PRINT_TIMESTAMP_ABSOLUTE (P_TSA) #define SSL_PRINT_QUIET (P_QT) #define SSL_PRINT_HEX_ONLY (P_HO) #define SSL_PRINT_ALL 0xfffffff extern UINT4 SSL_print_flags; extern char *SSL_keyfile; extern char *SSL_password; extern char *SSL_keylogfile; #endif ssldump-1.1/ssl/ssl_enum.c000066400000000000000000000145121354171271700156470ustar00rootroot00000000000000#include "network.h" #include "ssl.h" #include "sslprint.h" static int decode_ContentType_change_cipher_spec(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_ContentType_alert(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_ContentType_handshake(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { extern decoder HandshakeType_decoder[]; int r; UINT4 t,l; SSL_DECODE_UINT8(ssl,0,0,data,&t); SSL_DECODE_UINT24(ssl,0,0,data,&l); if(data->len!=l){ fprintf(stderr,"Error: short handshake length: expected %d got %d\n", l,data->len); ERETURN(R_EOD); } ssl_decode_switch(ssl,HandshakeType_decoder,t,dir,seg,data); } static int decode_ContentType_application_data(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } decoder ContentType_decoder[]={ { 20, "change_cipher_spec", decode_ContentType_change_cipher_spec }, { 21, "alert", decode_ContentType_alert }, { 22, "handshake", decode_ContentType_handshake }, { 23, "application_data", decode_ContentType_application_data }, {-1} }; static int decode_HandshakeType_hello_request(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_HandshakeType_client_hello(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { UINT4 vj,vn,cs,cslen,complen,comp; Data session_id,random; int r; extern decoder cipher_suite_decoder[]; extern decoder compression_method_decoder[]; SSL_DECODE_UINT8(ssl,0,0,data,&vj); SSL_DECODE_UINT8(ssl,0,0,data,&vn); P_(P_ND) {explain(ssl,"Client version %d.%d ",vj,vn);} printf("\n"); SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,&random); SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",-32,0,data,&session_id); if(session_id.len) exdump(ssl,"resume ",&session_id); SSL_DECODE_UINT16(ssl,"cipher Suites len",0,data,&cslen); explain(ssl,"cipher suites\n"); for(;cslen;cslen-=2){ SSL_DECODE_ENUM(ssl,0,2,cipher_suite_decoder, P_HL,data,&cs); printf("\n"); } SSL_DECODE_UINT8(ssl,"compressionMethod len",0,data,&complen); if(complen){ explain(ssl,"compression methods\n"); for(;complen;complen--){ SSL_DECODE_ENUM(ssl,0,1,compression_method_decoder,P_HL,data,&comp); printf("\n"); } } return(0); } static int decode_HandshakeType_server_hello(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { int r; UINT4 vj,vn; SSL_DECODE_UINT8(ssl,0,0,data,&vj); SSL_DECODE_UINT8(ssl,0,0,data,&vn); P_(P_ND) {explain(ssl,"SSL version %d.%d ",vj,vn);} SSL_DECODE_OPAQUE_ARRAY(ssl,"random",32,P_ND,data,0); SSL_DECODE_OPAQUE_ARRAY(ssl,"session_id",32,P_ND,data,0); SSL_DECODE_ENUM(ssl,0,2,cipher_suite_decoder, P_HL,data,0); SSL_DECODE_ENUM(ssl,0,1,compression_method_decoder,P_HL,data,0); return(0); } static int decode_HandshakeType_certificate(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_HandshakeType_server_key_exchange(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_HandshakeType_certificate_request(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_HandshakeType_server_hello_done(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_HandshakeType_certificate_verify(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_HandshakeType_client_key_exchange(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } static int decode_HandshakeType_finished(ssl,dir,seg,data) ssl_obj *ssl; int dir; segment *seg; Data *data; { return(0); } decoder HandshakeType_decoder[]={ { 0, "hello_request", decode_HandshakeType_hello_request }, { 1, "client_hello", decode_HandshakeType_client_hello }, { 2, "server_hello", decode_HandshakeType_server_hello }, { 11, "certificate", decode_HandshakeType_certificate }, { 12, "server_key_exchange", decode_HandshakeType_server_key_exchange }, { 13, "certificate_request", decode_HandshakeType_certificate_request }, { 14, "server_hello_done", decode_HandshakeType_server_hello_done }, { 15, "certificate_verify", decode_HandshakeType_certificate_verify }, { 16, "client_key_exchange", decode_HandshakeType_client_key_exchange }, { 20, "finished", decode_HandshakeType_finished }, {-1} }; decoder cipher_suite_decoder[]={ { 1, "TLS_RSA_WITH_NULL_MD5", 0 }, { 2, "TLS_RSA_WITH_NULL_SHA", 0 }, { 3, "TLS_RSA_EXPORT_WITH_RC4_40_MD5", 0 }, { 4, "TLS_RSA_WITH_RC4_128_MD5", 0 }, { 5, "TLS_RSA_WITH_RC4_128_SHA", 0 }, { 6, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", 0 }, { 7, "TLS_RSA_WITH_IDEA_CBC_SHA", 0 }, { 8, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 9, "TLS_RSA_WITH_DES_CBC_SHA", 0 }, { 10, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 11, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 12, "TLS_DH_DSS_WITH_DES_CBC_SHA", 0 }, { 13, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", 0 }, { 14, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 15, "TLS_DH_RSA_WITH_DES_CBC_SHA", 0 }, { 16, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 17, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 18, "TLS_DHE_DSS_WITH_DES_CBC_SHA", 0 }, { 19, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", 0 }, { 20, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 21, "TLS_DHE_RSA_WITH_DES_CBC_SHA", 0 }, { 22, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 0 }, { 23, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", 0 }, { 24, "TLS_DH_anon_WITH_RC4_128_MD5", 0 }, { 25, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 0 }, { 26, "TLS_DH_anon_WITH_DES_CBC_SHA", 0 }, { 27, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", 0 }, {-1} }; decoder compression_method_decoder[]={ { 7, "NULL", 0 }, {-1} }; ssldump-1.1/ssl/ssl_h.h000066400000000000000000000105051354171271700151350ustar00rootroot00000000000000/** ssl.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: ssl_h.h,v 1.6 2002/08/17 01:33:17 ekr Exp $ ekr@rtfm.com Fri Jan 8 14:09:37 1999 */ #ifndef _ssl_h #define _ssl_h #include "sslciphers.h" typedef struct ssl_decode_ctx_ ssl_decode_ctx; typedef struct ssl_decoder_ ssl_decoder; typedef struct d_queue_ { short state; /*What state we're in*/ #define SSL_READ_NONE 1 #define SSL_READ_HEADER 2 int read_left; /*How many more bytes to read in this state*/ int len; /*The length of the total record, including header*/ UCHAR *data; /*The data for this record*/ UCHAR *ptr; /*The data ptr*/ int _allocated; /*The number of data bytes allocated for this record*/ segment *q; /*The segments that match this record*/ segment *q_last; /*The last segment*/ int offset; /*How far into the first segment this record starts*/ } r_queue; typedef struct ssl_extensions_ { int encrypt_then_mac; int extended_master_secret; } ssl_extensions; typedef struct ssl_obj_ { tcp_conn *conn; int r_state; int i_state; int version; int cipher_suite; char *client_name; int client_port; char *server_name; int server_port; struct SSL_CipherSuite_ *cs; r_queue *i2r_queue; r_queue *r2i_queue; struct timeval time_start; struct timeval time_last; ssl_decode_ctx *ssl_ctx; ssl_decoder *decoder; ssl_extensions *extensions; int process_ciphertext; /*Printing bookkeeping*/ #define REC_PLAINTEXT 1 #define REC_DECRYPTED_CIPHERTEXT 2 #define REC_CIPHERTEXT 3 int record_encryption; int direction; /* The direction we're currently working in*/ int record_count; int indent_depth; int indent_name_len; } ssl_obj; typedef struct decoder_ { int type; char *name; int (*print) PROTO_LIST((ssl_obj *,int direction,segment *seg,Data *data)); } decoder; #define SSL_NO_DATA 1 #define SSL_BAD_CONTENT_TYPE 2 #define SSL_BAD_PMS 3 #define SSL_CANT_DO_CIPHER 4 #define SSL_NO_DECRYPT 5 #define SSL_BAD_MAC 6 #define SSL_BAD_DATA 7 /*SSL defines*/ #define COMBINE(a,b) ((a<<8) | b) #define SSL_HEADER_SIZE 5 #define SSLV3_VERSION 0x300 #define TLSV1_VERSION 0x301 #define TLSV11_VERSION 0x302 #define TLSV12_VERSION 0x303 /*State defines*/ #define SSL_ST_SENT_NOTHING 0 #define SSL_ST_HANDSHAKE 1 #define SSL_ST_SENT_CHANGE_CIPHER_SPEC 2 #include "ssldecode.h" #endif ssldump-1.1/ssl/ssl_rec.c000066400000000000000000000245751354171271700154660ustar00rootroot00000000000000/** ssl_rec.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: ssl_rec.c,v 1.3 2000/11/03 06:38:06 ekr Exp $ ekr@rtfm.com Wed Aug 18 15:46:57 1999 */ static char *RCSSTRING="$Id: ssl_rec.c,v 1.3 2000/11/03 06:38:06 ekr Exp $"; #include "network.h" #include "ssl_h.h" #include "sslprint.h" #include "ssl.enums.h" #ifdef OPENSSL #include #include #include #endif #include "ssldecode.h" #include "ssl_rec.h" struct ssl_rec_decoder_ { SSL_CipherSuite *cs; Data *mac_key; Data *implicit_iv; /* for AEAD ciphers */ Data *write_key; /* for AEAD ciphers */ #ifdef OPENSSL EVP_CIPHER_CTX *evp; #endif UINT4 seq; }; char *digests[]={ "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", NULL }; char *ciphers[]={ "DES", "3DES", "RC4", "RC2", "IDEA", "AES128", "AES256", "CAMELLIA128", "CAMELLIA256", "SEED", NULL, "aes-128-gcm", "aes-256-gcm" }; static int tls_check_mac PROTO_LIST((ssl_rec_decoder *d,int ct, int ver,UCHAR *data,UINT4 datalen,UCHAR *iv,UINT4 ivlen,UCHAR *mac)); static int fmt_seq PROTO_LIST((UINT4 num,UCHAR *buf)); int ssl_create_rec_decoder(dp,cs,mk,sk,iv) ssl_rec_decoder **dp; SSL_CipherSuite *cs; UCHAR *mk; UCHAR *sk; UCHAR *iv; { int r,_status; ssl_rec_decoder *dec=0; #ifdef OPENSSL const EVP_CIPHER *ciph=0; /* Find the SSLeay cipher */ if(cs->enc!=ENC_NULL){ ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]); if(!ciph) ABORT(R_INTERNAL); } else { ciph=EVP_enc_null(); } if(!(dec=(ssl_rec_decoder *)calloc(1,sizeof(ssl_rec_decoder)))) ABORT(R_NO_MEMORY); dec->cs=cs; if(r=r_data_alloc(&dec->mac_key,cs->dig_len)) ABORT(r); if(r=r_data_alloc(&dec->implicit_iv,cs->block)) ABORT(r); memcpy(dec->implicit_iv->data,iv,cs->block); if(r=r_data_create(&dec->write_key,sk,cs->eff_bits/8)) ABORT(r); /* This is necessary for AEAD ciphers, because we must wait to fully initialize the cipher in order to include the implicit IV */ if(IS_AEAD_CIPHER(cs)){ sk=NULL; iv=NULL; } else memcpy(dec->mac_key->data,mk,cs->dig_len); if(!(dec->evp=(EVP_CIPHER_CTX *)malloc(sizeof(EVP_CIPHER_CTX)))) ABORT(R_NO_MEMORY); EVP_CIPHER_CTX_init(dec->evp); EVP_CipherInit(dec->evp,ciph,sk,iv,0); #endif *dp=dec; _status=0; abort: if(_status){ ssl_destroy_rec_decoder(&dec); } return(_status); } int ssl_destroy_rec_decoder(dp) ssl_rec_decoder **dp; { ssl_rec_decoder *d; if(!dp || !*dp) return(0); d=*dp; r_data_destroy(&d->mac_key); r_data_destroy(&d->implicit_iv); r_data_destroy(&d->write_key); #ifdef OPENSSL if(d->evp){ EVP_CIPHER_CTX_cleanup(d->evp); free(d->evp); } free(*dp); #endif *dp=0; return(0); } #define MSB(a) ((a>>8)&0xff) #define LSB(a) (a&0xff) int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,outl) ssl_obj *ssl; ssl_rec_decoder *d; int ct; int version; UCHAR *in; int inl; UCHAR *out; int *outl; { #ifdef OPENSSL int pad; int r,encpadl,x; UCHAR *mac,*iv,aead_tag[13],aead_nonce[12]; CRDUMP("Ciphertext",in,inl); if(IS_AEAD_CIPHER(d->cs)){ memcpy(aead_nonce,d->implicit_iv->data,d->implicit_iv->len); memcpy(aead_nonce+d->implicit_iv->len,in,12-d->implicit_iv->len); in+=12-d->implicit_iv->len; inl-=12-d->implicit_iv->len; EVP_DecryptInit(d->evp, NULL, d->write_key->data, aead_nonce); /* Then tag is always 16 bytes, as per: https://tools.ietf.org/html/rfc5116#section-5.2 */ EVP_CIPHER_CTX_ctrl(d->evp,EVP_CTRL_GCM_SET_TAG,16,in+(inl-16)); inl-=16; fmt_seq(d->seq,aead_tag); d->seq++; aead_tag[8]=ct; aead_tag[9]=MSB(version); aead_tag[10]=LSB(version); aead_tag[11]=MSB(inl); aead_tag[12]=LSB(inl); EVP_DecryptUpdate(d->evp,NULL,outl,aead_tag,13); EVP_DecryptUpdate(d->evp,out,outl,in,inl); if (!(x=EVP_DecryptFinal(d->evp,NULL,&x))) ERETURN(SSL_BAD_MAC); } /* Encrypt-then-MAC is not used with AEAD ciphers, as per: https://tools.ietf.org/html/rfc7366#section-3 */ else if(ssl->extensions->encrypt_then_mac==2){ *outl=inl; /* First strip off the MAC */ *outl-=d->cs->dig_len; mac=in+(*outl); encpadl=*outl; /* Now decrypt */ EVP_Cipher(d->evp,out,in,*outl); CRDUMP("Plaintext",out,*outl); /* And then strip off the padding*/ if(d->cs->block>1){ pad=out[*outl-1]; *outl-=(pad+1); } /* TLS 1.1 and beyond: remove explicit IV, only used with * non-stream ciphers. */ if (ssl->version>=0x0302 && ssl->cs->block > 1) { UINT4 blk = ssl->cs->block; if (blk <= *outl) { *outl-=blk; memmove(out, out+blk, *outl); } else { DBG((0,"Block size greater than Plaintext!")); ERETURN(SSL_BAD_MAC); } if(r=tls_check_mac(d,ct,version,in+blk,encpadl,in,blk,mac)) ERETURN(r); } else if(r=tls_check_mac(d,ct,version,in,encpadl,NULL,0,mac)) ERETURN(r); } else { /* First decrypt*/ EVP_Cipher(d->evp,out,in,inl); CRDUMP("Plaintext",out,inl); *outl=inl; /* Now strip off the padding*/ if(d->cs->block>1){ pad=out[inl-1]; *outl-=(pad+1); } /* And the MAC */ *outl-=d->cs->dig_len; mac=out+(*outl); CRDUMP("Record data",out,*outl); /* Now check the MAC */ if(ssl->version==0x300){ if(r=ssl3_check_mac(d,ct,version,out,*outl,mac)) ERETURN(r); } else{ /* TLS 1.1 and beyond: remove explicit IV, only used with * non-stream ciphers. */ if (ssl->version>=0x0302 && ssl->cs->block > 1) { UINT4 blk = ssl->cs->block; if (blk <= *outl) { *outl-=blk; memmove(out, out+blk, *outl); } else { DBG((0,"Block size greater than Plaintext!")); ERETURN(SSL_BAD_MAC); } } if(r=tls_check_mac(d,ct,version,out,*outl,NULL,0,mac)) ERETURN(r); } } #endif return(0); } #ifdef OPENSSL /* This should go to 2^128, but we're never really going to see more than 2^64, so we cheat*/ static int fmt_seq(num,buf) UINT4 num; UCHAR *buf; { UINT4 netnum; memset(buf,0,8); netnum=htonl(num); memcpy(buf+4,&netnum,4); return(0); } static int tls_check_mac(d,ct,ver,data,datalen,iv,ivlen,mac) ssl_rec_decoder *d; int ct; int ver; UCHAR *data; UINT4 datalen; UCHAR *iv; UINT4 ivlen; UCHAR *mac; { HMAC_CTX hm; const EVP_MD *md; UINT4 l; UCHAR buf[128]; md=EVP_get_digestbyname(digests[d->cs->dig-0x40]); HMAC_Init(&hm,d->mac_key->data,d->mac_key->len,md); fmt_seq(d->seq,buf); d->seq++; HMAC_Update(&hm,buf,8); buf[0]=ct; HMAC_Update(&hm,buf,1); buf[0]=MSB(ver); buf[1]=LSB(ver); HMAC_Update(&hm,buf,2); buf[0]=MSB(datalen); buf[1]=LSB(datalen); HMAC_Update(&hm,buf,2); /* for encrypt-then-mac with an explicit IV */ if(ivlen && iv){ HMAC_Update(&hm,iv,ivlen); HMAC_Update(&hm,data,datalen-ivlen); } else HMAC_Update(&hm,data,datalen); HMAC_Final(&hm,buf,&l); if(memcmp(mac,buf,l)) ERETURN(SSL_BAD_MAC); HMAC_cleanup(&hm); return(0); } int ssl3_check_mac(d,ct,ver,data,datalen,mac) ssl_rec_decoder *d; int ct; int ver; UCHAR *data; UINT4 datalen; UCHAR *mac; { EVP_MD_CTX mc; const EVP_MD *md; UINT4 l; UCHAR buf[64],dgst[20]; int pad_ct; pad_ct=(d->cs->dig==DIG_SHA)?40:48; md=EVP_get_digestbyname(digests[d->cs->dig-0x40]); EVP_DigestInit(&mc,md); EVP_DigestUpdate(&mc,d->mac_key->data,d->mac_key->len); memset(buf,0x36,pad_ct); EVP_DigestUpdate(&mc,buf,pad_ct); fmt_seq(d->seq,buf); d->seq++; EVP_DigestUpdate(&mc,buf,8); buf[0]=ct; EVP_DigestUpdate(&mc,buf,1); buf[0]=MSB(datalen); buf[1]=LSB(datalen); EVP_DigestUpdate(&mc,buf,2); EVP_DigestUpdate(&mc,data,datalen); EVP_DigestFinal(&mc,dgst,&l); EVP_DigestInit(&mc,md); EVP_DigestUpdate(&mc,d->mac_key->data,d->mac_key->len); memset(buf,0x5c,pad_ct); EVP_DigestUpdate(&mc,buf,pad_ct); EVP_DigestUpdate(&mc,dgst,l); EVP_DigestFinal(&mc,dgst,&l); if(memcmp(mac,dgst,l)) ERETURN(SSL_BAD_MAC); return(0); } #endif ssldump-1.1/ssl/ssl_rec.h000066400000000000000000000046341354171271700154650ustar00rootroot00000000000000/** ssl_rec.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: ssl_rec.h,v 1.2 2000/10/17 16:10:02 ekr Exp $ ekr@rtfm.com Wed Aug 18 16:16:23 1999 */ #ifndef _ssl_rec_h #define _ssl_rec_h typedef struct ssl_rec_decoder_ ssl_rec_decoder; int ssl_destroy_rec_decoder PROTO_LIST((ssl_rec_decoder **dp)); int ssl_create_rec_decoder PROTO_LIST((ssl_rec_decoder **dp, SSL_CipherSuite *cs,UCHAR *mk,UCHAR *sk,UCHAR *iv)); int ssl_decode_rec_data PROTO_LIST((ssl_obj *ssl,ssl_rec_decoder *d, int ct,int version,UCHAR *in,int inl,UCHAR *out,int *outl)); #define IS_AEAD_CIPHER(cs) (cs->enc==0x3b||cs->enc==0x3c) #endif ssldump-1.1/ssl/sslciphers.h000066400000000000000000000056631354171271700162150ustar00rootroot00000000000000/** sslciphers.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: sslciphers.h,v 1.3 2002/08/17 01:33:17 ekr Exp $ ekr@rtfm.com Tue Mar 30 18:11:55 1999 */ #ifndef _sslciphers_h #define _sslciphers_h typedef struct SSL_CipherSuite_ { int number; int kex; int sig; int enc; int block; int bits; int eff_bits; int dig; int dig_len; int export; } SSL_CipherSuite; #define KEX_RSA 0x10 #define KEX_DH 0x11 #define SIG_RSA 0x20 #define SIG_DSS 0x21 #define SIG_NONE 0x22 #define ENC_DES 0x30 #define ENC_3DES 0x31 #define ENC_RC4 0x32 #define ENC_RC2 0x33 #define ENC_IDEA 0x34 #define ENC_AES128 0x35 #define ENC_AES256 0x36 #define ENC_CAMELLIA128 0x37 #define ENC_CAMELLIA256 0x38 #define ENC_SEED 0x39 #define ENC_NULL 0x3a #define ENC_AES128_GCM 0x3b #define ENC_AES256_GCM 0x3c #define DIG_MD5 0x40 #define DIG_SHA 0x41 #define DIG_SHA224 0x42 /* Not sure why EKR didn't follow RFC for */ #define DIG_SHA256 0x43 /* these values, but whatever, just adding on */ #define DIG_SHA384 0x44 #define DIG_SHA512 0x45 int ssl_find_cipher PROTO_LIST((int num,SSL_CipherSuite **cs)); #endif ssldump-1.1/ssl/ssldecode.c000066400000000000000000000644461354171271700160020ustar00rootroot00000000000000/** ssldecode.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: ssldecode.c,v 1.9 2002/08/17 01:33:17 ekr Exp $ ekr@rtfm.com Thu Apr 1 09:54:53 1999 */ #include "network.h" #include "ssl_h.h" #include "sslprint.h" #include "ssl.enums.h" #ifdef OPENSSL #include #include #include #include #include #endif #include "ssldecode.h" #include "ssl_rec.h" #include "r_assoc.h" static char *RCSSTRING="$Id: ssldecode.c,v 1.9 2002/08/17 01:33:17 ekr Exp $"; #define PRF(ssl,secret,usage,rnd1,rnd2,out) (ssl->version==SSLV3_VERSION)? \ ssl3_prf(ssl,secret,usage,rnd1,rnd2,out): \ ((ssl->version == TLSV12_VERSION) ? \ tls12_prf(ssl,secret,usage,rnd1,rnd2,out): \ tls_prf(ssl,secret,usage,rnd1,rnd2,out)) static char *ssl_password; extern char *digests[]; extern UINT4 SSL_print_flags; struct ssl_decode_ctx_ { #ifdef OPENSSL SSL_CTX *ssl_ctx; SSL *ssl; r_assoc *session_cache; FILE *ssl_key_log_file; #else char dummy; /* Some compilers (Win32) don't like empty structs */ #endif }; struct ssl_decoder_ { ssl_decode_ctx *ctx; Data *session_id; SSL_CipherSuite *cs; Data *client_random; Data *server_random; int ephemeral_rsa; Data *PMS; Data *MS; Data *handshake_messages; Data *session_hash; ssl_rec_decoder *c_to_s; ssl_rec_decoder *s_to_c; ssl_rec_decoder *c_to_s_n; ssl_rec_decoder *s_to_c_n; }; #ifdef OPENSSL static int tls_P_hash PROTO_LIST((ssl_obj *ssl,Data *secret,Data *seed, const EVP_MD *md,Data *out)); static int tls12_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage, Data *rnd1,Data *rnd2,Data *out)); static int tls_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage, Data *rnd1,Data *rnd2,Data *out)); static int ssl3_prf PROTO_LIST((ssl_obj *ssl,Data *secret,char *usage, Data *rnd1,Data *rnd2,Data *out)); static int ssl3_generate_export_iv PROTO_LIST((ssl_obj *ssl, Data *rnd1,Data *rnd2,Data *out)); static int ssl_generate_keying_material PROTO_LIST((ssl_obj *ssl, ssl_decoder *d)); static int ssl_generate_session_hash PROTO_LIST((ssl_obj *ssl, ssl_decoder *d)); static int ssl_read_key_log_file PROTO_LIST((ssl_decoder *d)); #endif static int ssl_create_session_lookup_key PROTO_LIST((ssl_obj *ssl, UCHAR *id,UINT4 idlen,UCHAR **keyp,UINT4 *keyl)); int ssl_save_session PROTO_LIST((ssl_obj *ssl,ssl_decoder *d)); int ssl_restore_session PROTO_LIST((ssl_obj *ssl,ssl_decoder *d)); /*The password code is not thread safe*/ static int password_cb(char *buf,int num,int rwflag,void *userdata) { if(numssl_ctx=SSL_CTX_new(SSLv23_server_method()))) ABORT(R_NO_MEMORY); if(keyfile){ if(pass){ ssl_password=pass; SSL_CTX_set_default_passwd_cb(d->ssl_ctx,password_cb); } #if 0 if(SSL_CTX_use_certificate_file(d->ssl_ctx,keyfile,SSL_FILETYPE_PEM)!=1){ fprintf(stderr,"Problem loading certificate file\n"); ABORT(R_INTERNAL); } #endif if(SSL_CTX_use_PrivateKey_file(d->ssl_ctx,keyfile,SSL_FILETYPE_PEM)!=1){ fprintf(stderr,"Problem loading private key\n"); ABORT(R_INTERNAL); } } if(!(d->ssl=SSL_new(d->ssl_ctx))) ABORT(R_NO_MEMORY); if(r_assoc_create(&d->session_cache)) ABORT(R_NO_MEMORY); if (keylogfile) { if(!(d->ssl_key_log_file=fopen(keylogfile, "r"))){ fprintf(stderr,"Failed to open ssl key log file"); ABORT(R_INTERNAL); } } else { d->ssl_key_log_file = NULL; } X509V3_add_standard_extensions(); *dp=d; _status=0; abort: return(_status); #else return(0); #endif } int ssl_decoder_create(dp,ctx) ssl_decoder **dp; ssl_decode_ctx *ctx; { int _status; ssl_decoder *d=0; #ifdef OPENSSL if(!(d=(ssl_decoder *)calloc(1,sizeof(ssl_decoder)))) ABORT(R_NO_MEMORY); d->ctx=ctx; *dp=d; _status=0; abort: if(_status) ssl_decoder_destroy(&d); return(_status); #else return 0; #endif } int ssl_decoder_destroy(dp) ssl_decoder **dp; { #ifdef OPENSSL ssl_decoder *d; if(!dp || !*dp) return(0); d=*dp; r_data_destroy(&d->client_random); r_data_destroy(&d->server_random); r_data_destroy(&d->session_id); r_data_destroy(&d->PMS); r_data_destroy(&d->MS); r_data_destroy(&d->handshake_messages); r_data_destroy(&d->session_hash); ssl_destroy_rec_decoder(&d->c_to_s); ssl_destroy_rec_decoder(&d->c_to_s_n); ssl_destroy_rec_decoder(&d->s_to_c); ssl_destroy_rec_decoder(&d->s_to_c_n); free(d); *dp=0; #endif return(0); } int ssl_set_client_random(d,msg,len) ssl_decoder *d; UCHAR *msg; int len; { #ifdef OPENSSL int r; if(r=r_data_create(&d->client_random,msg,len)) ERETURN(r); #endif return(0); } int ssl_set_server_random(d,msg,len) ssl_decoder *d; UCHAR *msg; int len; { #ifdef OPENSSL int r; if(r=r_data_create(&d->server_random,msg,len)) ERETURN(r); #endif return(0); } int ssl_set_client_session_id(d,msg,len) ssl_decoder *d; UCHAR *msg; int len; { #ifdef OPENSSL int r; if(len>0) if(r=r_data_create(&d->session_id,msg,len)) ERETURN(r); #endif return(0); } int ssl_process_server_session_id(ssl,d,msg,len) ssl_obj *ssl; ssl_decoder *d; UCHAR *msg; int len; { #ifdef OPENSSL int r,_status; Data idd; int restored=0; INIT_DATA(idd,msg,len); /* First check to see if the client tried to restore */ if(d->session_id){ /* Now check to see if we restored */ if(r_data_compare(&idd,d->session_id)) goto abort; /* Now try to look up the session. We may not be able to find it if, for instance, the original session was initiated with something other than static RSA */ if(r=ssl_restore_session(ssl,d)) ABORT(r); restored=1; } _status=0; abort: if(!restored){ /* Copy over the session ID */ r_data_zfree(d->session_id); r_data_create(&d->session_id,msg,len); } return(_status); #else return(0); #endif } int ssl_process_change_cipher_spec(ssl,d,direction) ssl_obj *ssl; ssl_decoder *d; int direction; { #ifdef OPENSSL if(direction==DIR_I2R){ d->c_to_s=d->c_to_s_n; d->c_to_s_n=0; if(d->c_to_s) ssl->process_ciphertext |= direction; } else{ d->s_to_c=d->s_to_c_n; d->s_to_c_n=0; if(d->s_to_c) ssl->process_ciphertext |= direction; } #endif return(0); } int ssl_decode_record(ssl,dec,direction,ct,version,d) ssl_obj *ssl; ssl_decoder *dec; int direction; int ct; int version; Data *d; { ssl_rec_decoder *rd; UCHAR *out; int outl; int r,_status; UINT4 state; if(dec) rd=(direction==DIR_I2R)?dec->c_to_s:dec->s_to_c; else rd=0; state=(direction==DIR_I2R)?ssl->i_state:ssl->r_state; if(!rd){ if(state & SSL_ST_SENT_CHANGE_CIPHER_SPEC){ ssl->record_encryption=REC_CIPHERTEXT; return(SSL_NO_DECRYPT); } else { ssl->record_encryption=REC_PLAINTEXT; return(0); } } ssl->record_encryption=REC_CIPHERTEXT; #ifdef OPENSSL if(!(out=(UCHAR *)malloc(d->len))) ABORT(R_NO_MEMORY); if(r=ssl_decode_rec_data(ssl,rd,ct,version,d->data,d->len,out,&outl)){ ABORT(r); } memcpy(d->data,out,outl); d->len=outl; ssl->record_encryption=REC_DECRYPTED_CIPHERTEXT; _status=0; abort: FREE(out); return(_status); #else return(0); #endif } int ssl_update_handshake_messages(ssl,data) ssl_obj *ssl; Data *data; { #ifdef OPENSSL Data *hms; UCHAR *d; int l,r; hms = ssl->decoder->handshake_messages; d = data->data-4; l = data->len+4; if(hms){ if(!(hms->data = realloc(hms->data,l+hms->len))) ERETURN(R_NO_MEMORY); memcpy(hms->data+hms->len,d,l); hms->len+=l; } else{ if(r=r_data_create(&hms,d,l)) ERETURN(r); ssl->decoder->handshake_messages=hms; } #endif return(0); } static int ssl_create_session_lookup_key(ssl,id,idlen,keyp,keyl) ssl_obj *ssl; UCHAR *id; UINT4 idlen; UCHAR **keyp; UINT4 *keyl; { UCHAR *key=0; UINT4 l; int r,_status; l=idlen+strlen(ssl->server_name)+idlen+15; /* HOST + PORT + id */ if(!(key=(UCHAR *)malloc(l))) ABORT(R_NO_MEMORY); *keyp=key; memcpy(key,id,idlen); *keyl=idlen; key+=idlen; sprintf(key,"%s:%d",ssl->server_name,ssl->server_port); *keyl+=strlen(key); _status=0; abort: return(_status); } /* Look up the session id in the session cache and generate the appropriate keying material */ int ssl_restore_session(ssl,d) ssl_obj *ssl; ssl_decoder *d; { UCHAR *lookup_key=0; void *msv; Data *msd; int lookup_key_len; int r,_status; #ifdef OPENSSL if(r=ssl_create_session_lookup_key(ssl, d->session_id->data,d->session_id->len,&lookup_key, &lookup_key_len)) ABORT(r); if(r=r_assoc_fetch(d->ctx->session_cache,lookup_key,lookup_key_len, &msv)) ABORT(r); msd=(Data *)msv; if(r=r_data_create(&d->MS,msd->data,msd->len)) ABORT(r); CRDUMPD("Restored MS",d->MS); switch(ssl->version){ case SSLV3_VERSION: case TLSV1_VERSION: case TLSV11_VERSION: case TLSV12_VERSION: if(r=ssl_generate_keying_material(ssl,d)) ABORT(r); break; default: ABORT(SSL_CANT_DO_CIPHER); } _status=0; abort: FREE(lookup_key); return(_status); #else return(0); #endif } /* Look up the session id in the session cache and generate the appropriate keying material */ int ssl_save_session(ssl,d) ssl_obj *ssl; ssl_decoder *d; { #ifdef OPENSSL UCHAR *lookup_key=0; void *msv; Data *msd=0; int lookup_key_len; int r,_status; if(r=ssl_create_session_lookup_key(ssl,d->session_id->data, d->session_id->len,&lookup_key, &lookup_key_len)) ABORT(r); if(r=r_data_create(&msd,d->MS->data,d->MS->len)) ABORT(r); if(r=r_assoc_insert(d->ctx->session_cache,lookup_key,lookup_key_len, (void *)msd,0,(int (*)(void *))r_data_zfree, R_ASSOC_NEW | R_ASSOC_REPLACE)) ABORT(r); _status=0; abort: if(_status){ r_data_zfree(msd); } FREE(lookup_key); return(_status); #else return(0); #endif } /* This only works with RSA because the other cipher suites offer PFS. Yuck. */ int ssl_process_client_key_exchange(ssl,d,msg,len) ssl_obj *ssl; ssl_decoder *d; UCHAR *msg; int len; { #ifdef OPENSSL int r,_status; int i; EVP_PKEY *pk; /* Remove the master secret if it was there to force keying material regeneration in case we're renegotiating */ r_data_destroy(&d->MS); if(!d->ctx->ssl_key_log_file || ssl_read_key_log_file(d) || !d->MS){ if(ssl->cs->kex!=KEX_RSA) return(-1); if(d->ephemeral_rsa) return(-1); pk=SSL_get_privatekey(d->ctx->ssl); if(!pk) return(-1); if(pk->type!=EVP_PKEY_RSA) return(-1); if(r=r_data_alloc(&d->PMS,BN_num_bytes(pk->pkey.rsa->n))) ABORT(r); i=RSA_private_decrypt(len,msg,d->PMS->data, pk->pkey.rsa,RSA_PKCS1_PADDING); if(i!=48) ABORT(SSL_BAD_PMS); d->PMS->len=48; CRDUMPD("PMS",d->PMS); } switch(ssl->version){ case SSLV3_VERSION: case TLSV1_VERSION: case TLSV11_VERSION: case TLSV12_VERSION: if(r=ssl_generate_keying_material(ssl,d)) ABORT(r); break; default: ABORT(SSL_CANT_DO_CIPHER); } /* Now store the data in the session cache */ if(r=ssl_save_session(ssl,d)) ABORT(r); _status=0; abort: return(_status); #else return 0; #endif } #ifdef OPENSSL static int tls_P_hash(ssl,secret,seed,md,out) ssl_obj *ssl; Data *secret; Data *seed; const EVP_MD *md; Data *out; { UCHAR *ptr=out->data; int left=out->len; int tocpy; UCHAR *A; UCHAR _A[128],tmp[128]; unsigned int A_l,tmp_l; HMAC_CTX hm; CRDUMPD("P_hash secret",secret); CRDUMPD("P_hash seed",seed); A=seed->data; A_l=seed->len; while(left){ HMAC_Init(&hm,secret->data,secret->len,md); HMAC_Update(&hm,A,A_l); HMAC_Final(&hm,_A,&A_l); HMAC_cleanup(&hm); A=_A; HMAC_Init(&hm,secret->data,secret->len,md); HMAC_Update(&hm,A,A_l); HMAC_Update(&hm,seed->data,seed->len); HMAC_Final(&hm,tmp,&tmp_l); HMAC_cleanup(&hm); tocpy=MIN(left,tmp_l); memcpy(ptr,tmp,tocpy); ptr+=tocpy; left-=tocpy; } CRDUMPD("P_hash out",out); return (0); } static int tls_prf(ssl,secret,usage,rnd1,rnd2,out) ssl_obj *ssl; Data *secret; char *usage; Data *rnd1; Data *rnd2; Data *out; { int r,_status; Data *md5_out=0,*sha_out=0; Data *seed; UCHAR *ptr; Data *S1=0,*S2=0; int i,S_l; if(r=r_data_alloc(&md5_out,MAX(out->len,16))) ABORT(r); if(r=r_data_alloc(&sha_out,MAX(out->len,20))) ABORT(r); if(r=r_data_alloc(&seed,strlen(usage)+rnd1->len+rnd2->len)) ABORT(r); ptr=seed->data; memcpy(ptr,usage,strlen(usage)); ptr+=strlen(usage); memcpy(ptr,rnd1->data,rnd1->len); ptr+=rnd1->len; memcpy(ptr,rnd2->data,rnd2->len); ptr+=rnd2->len; S_l=secret->len/2 + secret->len%2; if(r=r_data_alloc(&S1,S_l)) ABORT(r); if(r=r_data_alloc(&S2,S_l)) ABORT(r); memcpy(S1->data,secret->data,S_l); memcpy(S2->data,secret->data + (secret->len - S_l),S_l); if(r=tls_P_hash (ssl,S1,seed,EVP_get_digestbyname("MD5"),md5_out)) ABORT(r); if(r=tls_P_hash(ssl,S2,seed,EVP_get_digestbyname("SHA1"),sha_out)) ABORT(r); for(i=0;ilen;i++) out->data[i]=md5_out->data[i] ^ sha_out->data[i]; CRDUMPD("PRF out",out); _status=0; abort: r_data_destroy(&md5_out); r_data_destroy(&sha_out); r_data_destroy(&seed); r_data_destroy(&S1); r_data_destroy(&S2); return(_status); } static int tls12_prf(ssl,secret,usage,rnd1,rnd2,out) ssl_obj *ssl; Data *secret; char *usage; Data *rnd1; Data *rnd2; Data *out; { const EVP_MD *md; int r,_status; Data *sha_out=0; Data *seed; UCHAR *ptr; int i, dgi; if(r=r_data_alloc(&sha_out,MAX(out->len,64))) /* assume max SHA512 */ ABORT(r); if(r=r_data_alloc(&seed,strlen(usage)+rnd1->len+rnd2->len)) ABORT(r); ptr=seed->data; memcpy(ptr,usage,strlen(usage)); ptr+=strlen(usage); memcpy(ptr,rnd1->data,rnd1->len); ptr+=rnd1->len; memcpy(ptr,rnd2->data,rnd2->len); ptr+=rnd2->len; /* Earlier versions of openssl didn't have SHA256 of course... */ dgi = MAX(DIG_SHA256, ssl->cs->dig); dgi-=0x40; if ((md=EVP_get_digestbyname(digests[dgi])) == NULL) { DBG((0,"Cannot get EVP for digest %s, openssl library current?", digests[dgi])); ERETURN(SSL_BAD_MAC); } if(r=tls_P_hash(ssl,secret,seed,md,sha_out)) ABORT(r); for(i=0;ilen;i++) out->data[i]=sha_out->data[i]; CRDUMPD("PRF out",out); _status=0; abort: r_data_destroy(&sha_out); r_data_destroy(&seed); return(_status); } static int ssl3_generate_export_iv(ssl,r1,r2,out) ssl_obj *ssl; Data *r1; Data *r2; Data *out; { MD5_CTX md5; UCHAR tmp[16]; MD5_Init(&md5); MD5_Update(&md5,r1->data,r1->len); MD5_Update(&md5,r2->data,r2->len); MD5_Final(tmp,&md5); memcpy(out->data,tmp,out->len); return(0); } static int ssl3_prf(ssl,secret,usage,r1,r2,out) ssl_obj *ssl; Data *secret; char *usage; Data *r1; Data *r2; Data *out; { MD5_CTX md5; SHA_CTX sha; Data *rnd1,*rnd2; int off; int i=0,j; UCHAR buf[20]; rnd1=r1; rnd2=r2; CRDUMPD("Secret",secret); CRDUMPD("RND1",rnd1); CRDUMPD("RND2",rnd2); MD5_Init(&md5); memset(&sha,0,sizeof(sha)); SHA1_Init(&sha); for(off=0;offlen;off+=16){ char outbuf[16]; int tocpy; i++; /* A, BB, CCC, ... */ for(j=0;jdata,secret->len); CRDUMPD("secret",secret); if(!strcmp(usage,"client write key") || !strcmp(usage,"server write key")){ SHA1_Update(&sha,rnd2->data,rnd2->len); CRDUMPD("rnd2",rnd2); SHA1_Update(&sha,rnd1->data,rnd1->len); CRDUMPD("rnd1",rnd1); } else{ SHA1_Update(&sha,rnd1->data,rnd1->len); CRDUMPD("rnd1",rnd1); SHA1_Update(&sha,rnd2->data,rnd2->len); CRDUMPD("rnd2",rnd2); } SHA1_Final(buf,&sha); CRDUMP("SHA out",buf,20); SHA1_Init(&sha); MD5_Update(&md5,secret->data,secret->len); MD5_Update(&md5,buf,20); MD5_Final(outbuf,&md5); tocpy=MIN(out->len-off,16); memcpy(out->data+off,outbuf,tocpy); CRDUMP("MD5 out",outbuf,16); MD5_Init(&md5); } return(0); } static int ssl_generate_keying_material(ssl,d) ssl_obj *ssl; ssl_decoder *d; { Data *key_block=0,temp; UCHAR _iv_c[8],_iv_s[8]; UCHAR _key_c[16],_key_s[16]; int needed; int r,_status; UCHAR *ptr,*c_wk,*s_wk,*c_mk,*s_mk,*c_iv,*s_iv; if(!d->MS){ if(r=r_data_alloc(&d->MS,48)) ABORT(r); if (ssl->extensions->extended_master_secret==2) { if(r=ssl_generate_session_hash(ssl,d)) ABORT(r); temp.len=0; if(r=PRF(ssl,d->PMS,"extended master secret",d->session_hash,&temp, d->MS)) ABORT(r); } else if(r=PRF(ssl,d->PMS,"master secret",d->client_random,d->server_random, d->MS)) ABORT(r); CRDUMPD("MS",d->MS); } /* Compute the key block. First figure out how much data we need*/ /* Ideally find a cleaner way to check for AEAD cipher */ needed=!IS_AEAD_CIPHER(ssl->cs)?ssl->cs->dig_len*2:0; needed+=ssl->cs->bits / 4; if(ssl->cs->block>1) needed+=ssl->cs->block*2; if(r=r_data_alloc(&key_block,needed)) ABORT(r); if(r=PRF(ssl,d->MS,"key expansion",d->server_random,d->client_random, key_block)) ABORT(r); ptr=key_block->data; /* Ideally find a cleaner way to check for AEAD cipher */ if(!IS_AEAD_CIPHER(ssl->cs)){ c_mk=ptr; ptr+=ssl->cs->dig_len; s_mk=ptr; ptr+=ssl->cs->dig_len; } c_wk=ptr; ptr+=ssl->cs->eff_bits/8; s_wk=ptr; ptr+=ssl->cs->eff_bits/8; if(ssl->cs->block>1){ c_iv=ptr; ptr+=ssl->cs->block; s_iv=ptr; ptr+=ssl->cs->block; } if(ssl->cs->export){ Data iv_c,iv_s; Data c_iv_d,s_iv_d; Data key_c,key_s; Data k; if(ssl->cs->block>1){ ATTACH_DATA(iv_c,_iv_c); ATTACH_DATA(iv_s,_iv_s); if(ssl->version==SSLV3_VERSION){ if(r=ssl3_generate_export_iv(ssl,d->client_random, d->server_random,&iv_c)) ABORT(r); if(r=ssl3_generate_export_iv(ssl,d->server_random, d->client_random,&iv_s)) ABORT(r); } else{ UCHAR _iv_block[16]; Data iv_block; Data key_null; UCHAR _key_null; INIT_DATA(key_null,&_key_null,0); /* We only have room for 8 bit IVs, but that's all we should need. This is a sanity check */ if(ssl->cs->block>8) ABORT(R_INTERNAL); ATTACH_DATA(iv_block,_iv_block); if(r=PRF(ssl,&key_null,"IV block",d->client_random, d->server_random,&iv_block)) ABORT(r); memcpy(_iv_c,iv_block.data,8); memcpy(_iv_s,iv_block.data+8,8); } c_iv=_iv_c; s_iv=_iv_s; } if(ssl->version==SSLV3_VERSION){ MD5_CTX md5; MD5_Init(&md5); MD5_Update(&md5,c_wk,ssl->cs->eff_bits/8); MD5_Update(&md5,d->client_random->data,d->client_random->len); MD5_Update(&md5,d->server_random->data,d->server_random->len); MD5_Final(_key_c,&md5); c_wk=_key_c; MD5_Init(&md5); MD5_Update(&md5,s_wk,ssl->cs->eff_bits/8); MD5_Update(&md5,d->server_random->data,d->server_random->len); MD5_Update(&md5,d->client_random->data,d->client_random->len); MD5_Final(_key_s,&md5); s_wk=_key_s; } else{ ATTACH_DATA(key_c,_key_c); ATTACH_DATA(key_s,_key_s); INIT_DATA(k,c_wk,ssl->cs->eff_bits/8); if(r=PRF(ssl,&k,"client write key",d->client_random,d->server_random, &key_c)) ABORT(r); c_wk=_key_c; INIT_DATA(k,s_wk,ssl->cs->eff_bits/8); if(r=PRF(ssl,&k,"server write key",d->client_random,d->server_random, &key_s)) ABORT(r); s_wk=_key_s; } } CRDUMP("Client MAC key",c_mk,ssl->cs->dig_len); CRDUMP("Server MAC key",s_mk,ssl->cs->dig_len); CRDUMP("Client Write key",c_wk,ssl->cs->bits/8); CRDUMP("Server Write key",s_wk,ssl->cs->bits/8); if(ssl->cs->block>1){ CRDUMP("Client Write IV",c_iv,ssl->cs->block); CRDUMP("Server Write IV",s_iv,ssl->cs->block); } if(r=ssl_create_rec_decoder(&d->c_to_s_n, ssl->cs,c_mk,c_wk,c_iv)) ABORT(r); if(r=ssl_create_rec_decoder(&d->s_to_c_n, ssl->cs,s_mk,s_wk,s_iv)) ABORT(r); _status=0; abort: if(key_block){ r_data_zfree(key_block); free(key_block); } return(_status); } static int ssl_generate_session_hash(ssl,d) ssl_obj *ssl; ssl_decoder *d; { int r,_status,dgi; unsigned int len; const EVP_MD *md; EVP_MD_CTX dgictx; if(r=r_data_alloc(&d->session_hash,EVP_MAX_MD_SIZE)) ABORT(r); switch(ssl->version){ case TLSV12_VERSION: dgi = MAX(DIG_SHA256,ssl->cs->dig)-0x40; if ((md=EVP_get_digestbyname(digests[dgi])) == NULL) { DBG((0,"Cannot get EVP for digest %s, openssl library current?", digests[dgi])); ERETURN(SSL_BAD_MAC); } EVP_DigestInit(&dgictx,md); EVP_DigestUpdate(&dgictx,d->handshake_messages->data,d->handshake_messages->len); EVP_DigestFinal(&dgictx,d->session_hash->data,&d->session_hash->len); break; case SSLV3_VERSION: case TLSV1_VERSION: case TLSV11_VERSION: EVP_DigestInit(&dgictx,EVP_get_digestbyname("MD5")); EVP_DigestUpdate(&dgictx,d->handshake_messages->data,d->handshake_messages->len); EVP_DigestFinal_ex(&dgictx,d->session_hash->data,&d->session_hash->len); EVP_DigestInit(&dgictx,EVP_get_digestbyname("SHA1")); EVP_DigestUpdate(&dgictx,d->handshake_messages->data,d->handshake_messages->len); EVP_DigestFinal(&dgictx,d->session_hash->data+d->session_hash->len,&len); d->session_hash->len+=len; break; default: ABORT(SSL_CANT_DO_CIPHER); } _status=0; abort: return(_status); } static int ssl_read_key_log_file(d) ssl_decoder *d; { int r,_status,dgi,n,i; unsigned int t; size_t l=0; char *line,*label_data; while ((n=getline(&line,&l,d->ctx->ssl_key_log_file))!=-1) { if(n==(d->client_random->len*2)+112 && !strncmp(line,"CLIENT_RANDOM",13)) { if(!(label_data=malloc((d->client_random->len*2)+1))) ABORT(r); for(i=0;iclient_random->len;i++) if(snprintf(label_data+(i*2),3,"%02x",d->client_random->data[i])!=2) ABORT(r); if(STRNICMP(line+14,label_data,64)) continue; if(r=r_data_alloc(&d->MS,48)) ABORT(r); for(i=0; i < d->MS->len; i++) { if(sscanf(line+14+65+(i*2),"%2x",&t)!=1) ABORT(r); *(d->MS->data+i)=(char)t; } } /* Eventually add support for other labels defined here: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format */ } _status=0; abort: if (d->ctx->ssl_key_log_file != NULL) fseek(d->ctx->ssl_key_log_file, 0, SEEK_SET); return(_status); } #endif ssldump-1.1/ssl/ssldecode.h000066400000000000000000000061471354171271700160010ustar00rootroot00000000000000/** ssldecode.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: ssldecode.h,v 1.3 2001/07/20 23:33:16 ekr Exp $ ekr@rtfm.com Thu Apr 1 15:02:02 1999 */ #ifndef _ssldecode_h #define _ssldecode_h #define CRDUMP(a,b,c) P_(P_CR) {Data d; d.data=b; d.len=c; exdump(ssl,a,&d); printf("\n");} #define CRDUMPD(a,b) P_(P_CR) {exdump(ssl,a,b);printf("\n");} int ssl_decode_ctx_create PROTO_LIST((ssl_decode_ctx **ctx, char *keyfile,char *password,char *keylogfile)); int ssl_decoder_destroy PROTO_LIST((ssl_decoder **dp)); int ssl_decoder_create PROTO_LIST((ssl_decoder **dp,ssl_decode_ctx *ctx)); int ssl_set_client_random PROTO_LIST((ssl_decoder *dp, UCHAR *msg,int len)); int ssl_set_server_random PROTO_LIST((ssl_decoder *dp, UCHAR *msg,int len)); int ssl_set_client_session_id PROTO_LIST((ssl_decoder *dp, UCHAR *msg,int len)); int ssl_process_server_session_id PROTO_LIST((ssl_obj *obj,ssl_decoder *dp, UCHAR *msg,int len)); int ssl_process_client_key_exchange PROTO_LIST((struct ssl_obj_ *, ssl_decoder *d,UCHAR *msg,int len)); int ssl_process_change_cipher_spec PROTO_LIST((ssl_obj *ssl, ssl_decoder *d,int direction)); int ssl_update_handshake_messages PROTO_LIST((ssl_obj *ssl, Data *data)); int ssl_decode_record PROTO_LIST((ssl_obj *ssl,ssl_decoder *dec,int direction, int ct,int version,Data *d)); #endif ssldump-1.1/ssl/sslprint.c000066400000000000000000000350631354171271700157040ustar00rootroot00000000000000/** sslprint.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: sslprint.c,v 1.8 2002/08/17 01:33:17 ekr Exp $ ekr@rtfm.com Tue Jan 12 18:06:39 1999 */ static char *RCSSTRING="$Id: sslprint.c,v 1.8 2002/08/17 01:33:17 ekr Exp $"; #include #include #include "network.h" #include "ssl_h.h" #include "sslprint.h" #include "ssl.enums.h" #include "ssldecode.h" extern decoder ContentType_decoder[]; extern decoder HandshakeType_decoder[]; #define BYTES_NEEDED(x) (x<=255)?1:((x<=(1<<16))?2:(x<=(1<<24)?3:4)) int process_beginning_plaintext(ssl,seg,direction) ssl_obj *ssl; segment *seg; int direction; { Data d; int r; struct timeval dt; if(seg->len==0) return(SSL_NO_DATA); d.data=seg->data; d.len=seg->len; /* this looks like SSL data. Ignore it*/ if(d.data[0]==0x16) return(SSL_BAD_CONTENT_TYPE); P_(P_AD){ ssl_print_timestamp(ssl,&seg->p->ts); ssl_print_direction_indicator(ssl,direction); print_data(ssl,&d); printf("\n"); } return(0); } int process_v2_hello(ssl,seg) ssl_obj *ssl; segment *seg; { int r; int rec_len; int cs_len; int sid_len; int chall_len; int ver; Data d; Data chall; char random[32]; struct timeval dt; if(seg->len==0) return(SSL_NO_DATA); d.data=seg->data; d.len=seg->len; /* First check the message length. */ if(d.len<4) return(SSL_BAD_CONTENT_TYPE); rec_len=((d.data[0] & 0x7f)<<8) | (d.data[1]); d.data+=2; d.len-=2; if(d.len!=rec_len) /* Whatever this is it isn't valid SSLv2*/ return(SSL_BAD_CONTENT_TYPE); /* If msg_type==1 then we've got a v2 message (or trash)*/ if(*d.data++!=1) return(SSL_BAD_CONTENT_TYPE); d.len--; SSL_DECODE_UINT16(ssl,"Version number",P_DC,&d,&ver); /* We can't handle real v2 clients*/ if(ver<=2){ explain(ssl,"Version 2 Client.\n"); return(SSL_BAD_DATA); } ssl_print_record_num(ssl); ssl_print_timestamp(ssl,&seg->p->ts); ssl_print_direction_indicator(ssl,DIR_I2R); explain(ssl," SSLv2 compatible client hello\n"); INDENT_INCR; P_(P_HL) { explain(ssl,"Version %d.%d ",(ver>>8)&0xff, ver&0xff); printf("\n"); } SSL_DECODE_UINT16(ssl,"cipher_spec_length",P_DC,&d,&cs_len); SSL_DECODE_UINT16(ssl,"session_id_length",P_DC,&d,&sid_len); SSL_DECODE_UINT16(ssl,"challenge_length",P_DC,&d,&chall_len); if(cs_len%3){ fprintf(stderr,"Bad cipher spec length %d\n",cs_len); return(SSL_BAD_DATA); } P_(P_HL){ explain(ssl,"cipher suites\n"); } for(;cs_len;cs_len-=3){ UINT4 val; char *str; SSL_DECODE_UINT24(ssl,0,0,&d,&val); ssl_print_cipher_suite(ssl,ver,P_HL,val); P_(P_HL){ explain(ssl,"\n"); } } if(sid_len!=0){ fprintf(stderr,"Session ID field should be zero length\n"); return(SSL_BAD_DATA); } if(chall_len<16 || chall_len>32){ fprintf(stderr,"Invalid challenge length %d\n",chall_len); return(SSL_BAD_DATA); } SSL_DECODE_OPAQUE_ARRAY(ssl,0,chall_len, 0,&d,&chall); P_(P_DC){ exdump(ssl,"Challenge",&chall); } memset(random,0,32); memcpy(random+(32-chall_len),chall.data,chall_len); ssl_set_client_random(ssl->decoder,random,32); ssl->i_state=SSL_ST_HANDSHAKE; P_(SSL_PRINT_HEXDUMP){ Data d; INIT_DATA(d,seg->data,seg->len); exdump(ssl,"Packet data",&d); printf("\n\n"); } INDENT_POP; return(0); } int ssl_decode_switch(ssl,dtable,value,dir,seg,data) ssl_obj *ssl; decoder *dtable; int value; int dir; segment *seg; Data *data; { while(dtable && dtable->type!=-1 && dtable->name!=NULL){ if(dtable->type == value){ INDENT_INCR; explain(ssl,"%s",dtable->name); if(dtable->print) { INDENT_INCR; dtable->print(ssl,dir,seg,data); INDENT_POP; } INDENT_POP; return(0); } dtable++; } ERETURN(R_NOT_FOUND); } int ssl_expand_record(ssl,q,direction,data,len) ssl_obj *ssl; segment *q; int direction; UCHAR *data; int len; { int r; Data d; UINT4 ct,vermaj,vermin,length; int version; d.data=data; d.len=len; /*This should be mapped to an enum*/ SSL_DECODE_UINT8(ssl,0,0,&d,&ct); SSL_DECODE_UINT8(ssl,0,0,&d,&vermaj); SSL_DECODE_UINT8(ssl,0,0,&d,&vermin); SSL_DECODE_UINT16(ssl,0,0,&d,&length); if(d.len!=length){ explain(ssl," Short record: %u bytes available (expecting: %u)\n",length,d.len); return(0); } P_(P_RH){ explain(ssl," V%d.%d(%d)",vermaj,vermin,length); } version=vermaj*256+vermin; r=ssl_decode_record(ssl,ssl->decoder,direction,ct,version,&d); if(r==SSL_BAD_MAC){ explain(ssl," bad MAC\n"); return(0); } if(r){ if(r=ssl_print_enum(ssl,0,ContentType_decoder,ct)) { printf(" unknown record type: %d\n", ct); ERETURN(r); } printf("\n"); } else{ if(r=ssl_decode_switch(ssl,ContentType_decoder,data[0],direction,q, &d)) { printf(" unknown record type: %d\n", ct); ERETURN(r); } } return(0); } int ssl_decode_uintX(ssl,name,size,p,data,x) ssl_obj *ssl; char *name; int size; UINT4 p; Data *data; UINT4 *x; { UINT4 v=0; UINT4 _x; if(!x) x=&_x; if(size>data->len){ fprintf(stderr,"Short read: %d bytes available (expecting %d)\n", data->len,size); ERETURN(R_EOD); } while(size--){ v<<=8; v|=*(data->data)++; data->len--; } P_(p){ explain(ssl,"%s = %d\n",name,*x); } *x=v; return(0); } int ssl_decode_opaque_array(ssl,name,size,p,data,x) ssl_obj *ssl; char *name; int size; UINT4 p; Data *data; Data *x; { UINT4 len; char n[1000]; int r; Data _x; if(!x) x=&_x; sprintf(n,"%s (length)",name?name:""); if(size<0){ size*=-1; if(r=ssl_decode_uintX(ssl,n,BYTES_NEEDED(size),P_DC,data,&len)) ERETURN(r); } else{ len=size; } if(len>data->len){ fprintf(stderr,"Not enough data. Found %d bytes (expecting %d)\n", data->len,size); ERETURN(R_EOD); } x->data=data->data; x->len=len; data->data+=len; data->len-=len; P_(p){ exdump(ssl,name,x); } return(0); } int ssl_lookup_enum(ssl,dtable,val,ptr) ssl_obj *ssl; decoder *dtable; UINT4 val; char **ptr; { while(dtable && dtable->type!=-1){ if(dtable->type == val){ *ptr=dtable->name; return(0); } dtable++; } return(R_NOT_FOUND); } int ssl_decode_enum(ssl,name,size,dtable,p,data,x) ssl_obj *ssl; char *name; int size; decoder *dtable; UINT4 p; Data *data; UINT4 *x; { int r; UINT4 _x; if(!x) x=&_x; if(r=ssl_decode_uintX(ssl,name,size,0,data,x)) ERETURN(r); P_(p){ if(r=ssl_print_enum(ssl,name,dtable,*x)) ERETURN(r); } return(0); } int ssl_print_enum(ssl,name,dtable,value) ssl_obj *ssl; char *name; decoder *dtable; UINT4 value; { if(name) explain(ssl,"%s ",name); INDENT; while(dtable && dtable->type!=-1){ if(dtable->type == value){ INDENT_INCR; explain(ssl,"%s",dtable->name); INDENT_POP; return(0); } dtable++; } return(R_NOT_FOUND); } int explain(ssl_obj *ssl,char *format,...) { va_list ap; va_start(ap,format); P_(P_NR){ if(ssl->record_encryption==REC_DECRYPTED_CIPHERTEXT) printf("\\f(CI"); else printf("\\fC"); } INDENT; vprintf(format,ap); va_end(ap); return(0); } int exdump(ssl,name,data) ssl_obj *ssl; char *name; Data *data; { int i; if(name){ explain(ssl,"%s[%d]=\n",name,data->len); INDENT_INCR; } P_(P_NR){ printf("\\f(CB"); } for(i=0;ilen;i++){ if(!i) INDENT; if((data->len>8) && i && !(i%16)){ printf("\n"); INDENT; } printf("%.2x ",data->data[i]&255); } P_(P_NR){ printf("\\fR"); } if(name) INDENT_POP; printf("\n"); return(0); } int combodump(ssl,name,data) ssl_obj *ssl; char *name; Data *data; { char *ptr=data->data; int len=data->len; if(name){ explain(ssl,"%s[%d]=\n",name,data->len); INDENT_INCR; } while(len){ int i; int bytes=MIN(len,16); INDENT; P_(P_NR){ if(ssl->record_encryption==REC_DECRYPTED_CIPHERTEXT) printf("\\f[CBI]"); else printf("\\f(CB"); } for(i=0;irecord_encryption==REC_DECRYPTED_CIPHERTEXT) printf("\\f[CI]"); else printf("\\f(C"); } for(i=0;ilen;i++){ if(d->data[i] == 0 || (!isprint(d->data[i]) && !strchr("\r\n\t",d->data[i]))){ bit8=1; break; } } if(bit8){ INDENT; printf("---------------------------------------------------------------\n"); P_(P_HO){ exdump(ssl,0,d); } else{ combodump(ssl,0,d); } INDENT; printf("---------------------------------------------------------------\n"); } else{ int nl=1; INDENT; printf("---------------------------------------------------------------\n"); if(SSL_print_flags & SSL_PRINT_NROFF){ if(ssl->process_ciphertext & ssl->direction) printf("\\f[CI]"); else printf("\\f(C"); } INDENT; for(i=0;ilen;i++){ /* Escape leading . */ if(nl==1 && (SSL_print_flags & SSL_PRINT_NROFF) && (d->data[i]=='.')) printf("\\&"); nl=0; putchar(d->data[i]); if(d->data[i]=='\n') {nl=1;INDENT;} } printf("---------------------------------------------------------------\n"); if(SSL_print_flags & SSL_PRINT_NROFF){ printf("\\f(R"); } } return(0); } int ssl_print_direction_indicator(ssl,dir) ssl_obj *ssl; int dir; { #if 0 if(dir==DIR_I2R){ explain(ssl,"%s(%d) > %s>%d", ssl->client_name,ssl->client_port,ssl->server_name,ssl->server_port); } else{ explain(ssl,"%s(%d) > %s>%d", ssl->client_name,ssl->client_port,ssl->server_name,ssl->server_port); } #else if(dir==DIR_I2R){ explain(ssl,"C>S"); } else{ explain(ssl,"S>C"); } #endif return(0); } int ssl_print_timestamp(ssl,ts) ssl_obj *ssl; struct timeval *ts; { struct timeval dt; int r; if(SSL_print_flags & SSL_PRINT_TIMESTAMP_ABSOLUTE) { explain(ssl,"%d%c%4.4d ",ts->tv_sec,'.',ts->tv_usec/100); } else{ if(r=timestamp_diff(ts,&ssl->time_start,&dt)) ERETURN(r); explain(ssl,"%d%c%4.4d ",dt.tv_sec,'.',dt.tv_usec/100); } if(r=timestamp_diff(ts,&ssl->time_last,&dt)){ ERETURN(r); } explain(ssl,"(%d%c%4.4d) ",dt.tv_sec,'.',dt.tv_usec/100); memcpy(&ssl->time_last,ts,sizeof(struct timeval)); return(0); } int ssl_print_record_num(ssl) ssl_obj *ssl; { ssl->record_count++; if(SSL_print_flags & SSL_PRINT_NROFF){ printf("\\fI%d %d\\fR %s", ssl->conn->conn_number, ssl->record_count,ssl->record_count<10?" ":""); } else{ printf("%d %d %s",ssl->conn->conn_number, ssl->record_count,ssl->record_count<10?" ":""); } return(0); } int ssl_print_cipher_suite(ssl,version,p,val) ssl_obj *ssl; int version; int p; UINT4 val; { char *str; char *prefix=version<=0x300?"SSL_":"TLS_"; int r; P_(p){ if(r=ssl_lookup_enum(ssl,cipher_suite_decoder,val,&str)){ explain(ssl,"Unknown value 0x%x",val); return(0); } /* Now the tricky bit. If the cipher suite begins with TLS_ and the version is SSLv3 then we replace it with SSL_*/ if(!strncmp(str,"TLS_",4)){ explain(ssl,"%s%s",prefix,str+4); } else{ explain(ssl,"%s",str); } } return(0); } ssldump-1.1/ssl/sslprint.h000066400000000000000000000105241354171271700157040ustar00rootroot00000000000000/** sslprint.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: sslprint.h,v 1.3 2000/11/03 06:38:06 ekr Exp $ ekr@rtfm.com Wed Feb 10 15:34:14 1999 */ #ifndef _sslprint_h #define _sslprint_h #include "ssl_analyze.h" #include "ssl_h.h" int ssl_expand_record PROTO_LIST((ssl_obj *ssl, segment *q,int direction,UCHAR *data,int len)); int ssl_decode_switch PROTO_LIST((ssl_obj *ssl, decoder *dtable,int value,int dir,segment *seg,Data *data)); int ssl_decode_uintX PROTO_LIST((ssl_obj *ssl,char *name,int size, UINT4 print,Data *data,UINT4 *x)); int ssl_decode_opaque_array PROTO_LIST((ssl_obj *ssl,char *name,int size, UINT4 print,Data *data,Data *x)); int ssl_decode_enum PROTO_LIST((ssl_obj *ssl,char *name, int size,decoder *decode,UINT4 p,Data *data, UINT4 *x)); int ssl_lookup_enum PROTO_LIST((ssl_obj *ssl,decoder *dtable, UINT4 val,char **ptr)); int ssl_print_enum PROTO_LIST((ssl_obj *obj,char *name, decoder *decode,UINT4 value)); int print_data PROTO_LIST((ssl_obj *ssl,Data *d)); int process_v2_hello PROTO_LIST((ssl_obj *ssl,segment *seg)); int process_beginning_plaintext PROTO_LIST((ssl_obj *ssl, segment *seg,int direction)); int ssl_print_direction_indicator PROTO_LIST((ssl_obj *ssl,int dir)); int ssl_print_timestamp PROTO_LIST((ssl_obj *ssl,struct timeval *ts)); int ssl_print_record_num PROTO_LIST((ssl_obj *ssl)); int ssl_print_cipher_suite PROTO_LIST((ssl_obj *ssl,int version,int p, UINT4 val)); int explain PROTO_LIST((ssl_obj *ssl,char *format,...)); int exdump PROTO_LIST((ssl_obj *ssl,char *name,Data *data)); #define SSL_DECODE_UINT8(a,n,b,c,d) if(r=ssl_decode_uintX(a,n,1,b,c,d)) ERETURN(r) #define SSL_DECODE_UINT16(a,n,b,c,d) if(r=ssl_decode_uintX(a,n,2,b,c,d)) ERETURN(r) #define SSL_DECODE_UINT24(a,n,b,c,d) if(r=ssl_decode_uintX(a,n,3,b,c,d)) ERETURN(r) #define SSL_DECODE_UINT32(a,n,b,c,d) if(r=ssl_decode_uintX(a,n,4,b,c,d)) ERETURN(r) #define SSL_DECODE_OPAQUE_ARRAY(a,n,b,c,d,e) if(r=ssl_decode_opaque_array(a,n,b,c,d,e)) ERETURN(r) #define SSL_DECODE_ENUM(a,b,c,d,e,f,g) if(r=ssl_decode_enum(a,b,c,d,e,f,g)) ERETURN(r) #define P_(p) if((p==SSL_PRINT_ALL) || (p & SSL_print_flags)) #define INDENT do {int i; for(i=0;i<(ssl->indent_depth + ssl->indent_name_len);i++) printf("%s",SSL_print_flags & SSL_PRINT_NROFF?" ":" ");} while(0) #define INDENT_INCR ssl->indent_depth+=2 #define INDENT_POP ssl->indent_depth-=2 #define INDENT_NAME(x) ssl->indent_name_len += strlen(x) #define INDENT_NAME_POP ssl->indent_name_len=0 #define LINE_LEFT (80-(ssl->indent_name_len + ssl->indent_depth) #define LF printf("\n") #endif ssldump-1.1/ssl/sslxprint.c000066400000000000000000000127521354171271700160740ustar00rootroot00000000000000/** sslxprint.c Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: sslxprint.c,v 1.3 2000/11/03 06:38:06 ekr Exp $ ekr@rtfm.com Thu Mar 25 21:17:16 1999 */ static char *RCSSTRING="$Id: sslxprint.c,v 1.3 2000/11/03 06:38:06 ekr Exp $"; #include "network.h" #include "ssl_h.h" #include "sslprint.h" #include "ssl.enums.h" #ifdef OPENSSL #include #include #include #endif #define BUFSIZE 1024 static int sslx__print_dn PROTO_LIST((ssl_obj *ssl,char *x)); #ifdef OPENSSL static int sslx__print_serial PROTO_LIST((ssl_obj *ssl,ASN1_INTEGER *a)); #endif int sslx_print_certificate(ssl,data,pf) ssl_obj *ssl; Data *data; int pf; { #ifdef OPENSSL X509 *x=0; ASN1_INTEGER *a; #endif UCHAR *d; int _status; #ifdef OPENSSL P_(P_ASN){ char buf[BUFSIZE]; int ext; d=data->data; if(!(x=d2i_X509(0,&d,data->len))){ explain(ssl,"Bad certificate"); ABORT(R_BAD_DATA); } X509_NAME_oneline(X509_get_subject_name(x),buf, BUFSIZE); explain(ssl,"Subject\n"); INDENT_INCR; sslx__print_dn(ssl,buf); INDENT_POP; X509_NAME_oneline(X509_get_issuer_name(x),buf, BUFSIZE); explain(ssl,"Issuer\n"); INDENT_INCR; sslx__print_dn(ssl,buf); INDENT_POP; a=X509_get_serialNumber(x); explain(ssl,"Serial "); sslx__print_serial(ssl,a); ext=X509_get_ext_count(x); if(ext>0){ int i,j; UCHAR buf[1024]; explain(ssl,"Extensions\n"); INDENT_INCR; for(i=0;iprocess_ciphertext&ssl->direction) printf("\\f(CI"); else printf("\\fC"); INDENT_INCR; INDENT; if(!X509V3_EXT_print_fp(stdout,ex,0,0)){ printf("Hex value"); } INDENT_POP; explain(ssl,"\n"); } } INDENT_POP; } else{ #endif P_(pf){ exdump(ssl,"certificate",data); } #ifdef OPENSSL } } #endif _status=0; abort: #ifdef OPENSSL if(x) X509_free(x); #endif return(_status); } int sslx_print_dn(ssl,data,pf) ssl_obj *ssl; Data *data; int pf; { UCHAR buf[BUFSIZE]; int _status; UCHAR *d=data->data; #ifdef OPENSSL X509_NAME *n=0; #endif P_(pf){ #ifdef OPENSSL P_(P_ASN){ if(!(n=d2i_X509_NAME(0,&d,data->len))) ABORT(R_BAD_DATA); X509_NAME_oneline(n,buf,BUFSIZE); sslx__print_dn(ssl,buf); } else{ #endif exdump(ssl,0,data); #ifdef OPENSSL } #endif } _status=0; abort: #ifdef OPENSSL if(n) X509_NAME_free(n); #endif return(_status); } static int sslx__print_dn(ssl,x) ssl_obj *ssl; char *x; { char *slash; if(*x=='/') x++; while (x){ if(slash=strchr(x,'/')){ *slash=0; } explain(ssl,"%s\n",x); x=slash?slash+1:0; }; return(0); } #ifdef OPENSSL static int sslx__print_serial(ssl,a) ssl_obj *ssl; ASN1_INTEGER *a; { Data d; if(a->length==0) printf("0"); INIT_DATA(d,a->data,a->length); exdump(ssl,0,&d); return(0); } #endif ssldump-1.1/ssl/sslxprint.h000066400000000000000000000042111354171271700160700ustar00rootroot00000000000000/** sslxprint.h Copyright (C) 1999-2000 RTFM, Inc. All Rights Reserved This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla and licensed by RTFM, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Eric Rescorla for RTFM, Inc. 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. $Id: sslxprint.h,v 1.2 2000/10/17 16:10:02 ekr Exp $ ekr@rtfm.com Thu Mar 25 21:23:34 1999 */ #ifndef _sslxprint_h #define _sslxprint_h int sslx_print_certificate PROTO_LIST((ssl_obj *ssl,Data *data,int pf)); int sslx_print_dn PROTO_LIST((ssl_obj *ssl,Data *data,int pf)); #endif ssldump-1.1/ssl/targets.mk000066400000000000000000000175731354171271700156720ustar00rootroot00000000000000# # targets.mk # # $Source: /usr/local/CVS/ssldump/ssl/targets.mk,v $ # $Revision: 1.2 $ # $Date: 2001/12/08 14:57:51 $ # $Name: $ # $Disclaimer$ # # Copyright (C) 1999, Terisa Systems, Inc. # All Rights Reserved. # # ekr@terisa.com # # # CONFIGURE USER-DEFINED MAKE ENVIRONMENT # # These fields are specified by the user. The remainder of # this file is generated from this user-specified information. # # ANALYZE_SSL_DEFINES: # cpp defines, with the -D flag preceeding each # # ANALYZE_SSL_INCLUDES: # cpp include directories, with the -I flag preceeding each # # ANALYZE_SSL_INTERNAL: # headers files which are local to a specific module directory, # and should not be used by other parts of the toolkit or by # the user # # ANALYZE_SSL_LIBNAME: # the library associated with this module directory, used in # most cases for debugging purposes # # ANALYZE_SSL_LIBPATHS: # link-time directories to search for libraries, with the -L flag # preceeding each # # ANALYZE_SSL_LIBRARIES: # link-time libraries, with the -l flag preceeding each # # ANALYZE_SSL_LOCALFLAGS: # compile-time flags specific to compiling only the files in # this module directory--this variable should only be set in # extremely exceptional cases # # ANALYZE_SSL_MAKEFILES: # the makefiles # # ANALYZE_SSL_PREFIX: # defines the module name, which also serves as the # prefix for all the variable names defined in this file # # ANALYZE_SSL_PRIVATE: # the private, for-toolkit-use-only API header files # # ANALYZE_SSL_PROGRAMS: # programs to build # # ANALYZE_SSL_PUBLIC: # the header files that define the public API for the toolkit # and any other 'public' files that should be copied to # the build directory # # ANALYZE_SSL_SOURCES: # the source files to compile to object # ANALYZE_SSL_DEFINES = ANALYZE_SSL_INCLUDES = -I$(ANALYZE_SSL_SRCDIR) ANALYZE_SSL_INTERNAL = ANALYZE_SSL_LIBNAME = ANALYZE_SSL_LIBPATHS = ANALYZE_SSL_LIBRARIES = ANALYZE_SSL_LOCALFLAGS = ANALYZE_SSL_MAKEFILES = ANALYZE_SSL_PREFIX = ANALYZE_SSL ANALYZE_SSL_PRIVATE = ssl_analyze.h ANALYZE_SSL_PROGRAMS = ANALYZE_SSL_PUBLIC = ANALYZE_SSL_SOURCES = ciphersuites.c ssl.enums.c ssl_analyze.c \ ssl_rec.c ssldecode.c sslprint.c sslxprint.c # # CONFIGURE AUTOMATICALLY-GENERATED MAKE ENVIRONMENT # # ANALYZE_SSL_OBJECTS: # object files to build # # ANALYZE_SSL_UNUSED: # obsolete files in the module directory that are not # used during the build process # # ANALYZE_SSL_USED: # all files in the module directory that are used # during the build process # ANALYZE_SSL_OBJECTS = ciphersuites.$(OBJSUFFIX) ssl.enums.$(OBJSUFFIX) \ ssl_analyze.$(OBJSUFFIX) ssl_rec.$(OBJSUFFIX) \ ssldecode.$(OBJSUFFIX) sslprint.$(OBJSUFFIX) \ sslxprint.$(OBJSUFFIX) ANALYZE_SSL_UNUSED = Makefile lex.yy.c main.c ssl.enums.h ssl_enum.c \ ssl_h.h sslciphers.h ssldecode.h sslprint.h \ sslxprint.h targets.mk y.tab.c y.tab.h ANALYZE_SSL_USED = $(ANALYZE_SSL_INTERNAL:%=$(ANALYZE_SSL_SRCDIR)%) \ $(ANALYZE_SSL_MAKEFILES:%=$(ANALYZE_SSL_SRCDIR)%) \ $(ANALYZE_SSL_PRIVATE:%=$(ANALYZE_SSL_SRCDIR)%) \ $(ANALYZE_SSL_PUBLIC:%=$(ANALYZE_SSL_SRCDIR)%) \ $(ANALYZE_SSL_SOURCES:%=$(ANALYZE_SSL_SRCDIR)%) # # NOTES # # The following variables may be used during the build process, # but are not defined in this file. If they are to be set # to something other than the default blank, then they must # be set by the calling make system. # # ANALYZE_SSL_SRCDIR: # if the build target directory is different from the # module directory (the source directory), then this # variable contains the relative or full path of # the module directory # # LIBARS: # the library archive files (with fully-specified paths) that # executables built from this module directory depend upon # # LIBPATHS: # the paths to search for library archives (specified with # the -L) # # LIBRARIES: # the libraries to use while building executables from # this module directory (specified with the -l) # # # GLOBAL ENVIRONMENT # DEFINES += $(ANALYZE_SSL_DEFINES) INCLUDES += $(ANALYZE_SSL_INCLUDES) LIBPATHS += $(ANALYZE_SSL_LIBPATHS) LIBRARIES += $(ANALYZE_SSL_LIBRARIES) OBJECTS += $(ANALYZE_SSL_OBJECTS) PUBLIC += $(ANALYZE_SSL_PUBLIC) # # GENERIC DEPENDENCIES # # default: # default dependency, must be the first dependency in this makefile # # all: # build everything in this module directory # # build: # make only the toolkit build files of this module directory # # ci: # perform an RCS check-in of this module directory # # clean: # remove the compiled files # # clean_public: # remove the public header files that have been copied # to a public build directory # # objects: # build the object files (this dependency is used for # building the toolkit library) # # private: # build only the private API header files # # public: # build only the public API header files # default: $(ANALYZE_SSL_LIBNAME) default: $(ANALYZE_SSL_PROGRAMS) all: $(ANALYZE_SSL_PUBLIC) all: $(ANALYZE_SSL_OBJECTS) all: $(ANALYZE_SSL_LIBNAME) all: $(ANALYZE_SSL_PROGRAMS) build: $(ANALYZE_SSL_PUBLIC) build: $(ANALYZE_SSL_OBJECTS) ci: analyze_ssl_ci clean: analyze_ssl_clean clean_public: analyze_ssl_clean_public objects: $(ANALYZE_SSL_OBJECTS) private: $(ANALYZE_SSL_PRIVATE) public: $(ANALYZE_SSL_PUBLIC) # # LOCAL UTILITY DEPENDENCIES # # utility dependencies are necessary because of some # make-isms having to do with dependencies # analyze_ssl_ci: $(CI) $(CIFLAGS) $(ANALYZE_SSL_USED) analyze_ssl_clean: $(RM) $(RMFLAGS) $(ANALYZE_SSL_OBJECTS) $(ANALYZE_SSL_LIBNAME) $(ANALYZE_SSL_PROGRAMS) analyze_ssl_clean_public: $(RM) $(RMFLAGS) $(ANALYZE_SSL_PUBLIC) analyze_ssl_objects: $(ANALYZE_SSL_OBJECTS) analyze_ssl_programs: $(ANALYZE_SSL_PROGRAMS) analyze_ssl_public: $(ANALYZE_SSL_PUBLIC) # # BUILD DEPENDENCIES # # build dependencies invoke the rule used to build each # class of file # $(ANALYZE_SSL_LIBNAME): $(AR) $(ARFLAGS) $@ $? $(RANLIB) $@ $(ANALYZE_SSL_OBJECTS): $(COMPILE.c) $(ANALYZE_SSL_SRCDIR)$(@:%.o=%.c) $(DEFINES) $(INCLUDES) $(ANALYZE_SSL_LOCALFLAGS) $(ANALYZE_SSL_PUBLIC): $(CP) $(CPFLAGS) $(ANALYZE_SSL_SRCDIR)$@ $@ $(ANALYZE_SSL_PROGRAMS): $(LINK.c) $@.$(OBJSUFFIX) $(LDLIBS) $(LIBS) $(LIBRARIES) $(LIBPATHS) #LIBS above is obsolete (use LIBARARIES instead) # # FILE DEPENDENCIES # # file dependencies state, for each file that is built, # which file(s) it depends upon # ciphersuites.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ciphersuites.c ssl.enums.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssl.enums.h ssl.enums.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssl.enums.c ssl_analyze.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssl_analyze.h ssl_analyze.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssl_analyze.c ssl_rec.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssl_rec.c ssldecode.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssldecode.h ssldecode.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)ssldecode.c sslprint.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)sslprint.h sslprint.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)sslprint.c sslxprint.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)sslxprint.h sslxprint.$(OBJSUFFIX): $(ANALYZE_SSL_SRCDIR)sslxprint.c $(ANALYZE_SSL_LIBNAME): $(ANALYZE_SSL_OBJECTS) ssldump-1.1/ssl/y.tab.c000066400000000000000000000703271354171271700150450ustar00rootroot00000000000000 /* A Bison parser, made from ssl.y by GNU Bison version 1.28 */ #define YYBISON 1 /* Identify Bison output. */ #define NAME_ 257 #define NUM_ 258 #define DOT_DOT_ 259 #define STRUCT_ 260 #define SELECT_ 261 #define OPAQUE_ 262 #define ENUM_ 263 #define DIGITALLY_SIGNED_ 264 #define COMMENT_START_ 265 #define CODE_ 266 #define COMMENT_END_ 267 #define CASE_ 268 #define CONSTANT_ 269 #line 11 "ssl.y" typedef struct select_st_ { char *name; char *code; int val; struct select_st_ *next; } select_st; select_st *select_base; select_st *select_ptr; select_st *constant_base; select_st *constant_ptr; #include extern FILE *dotc; extern FILE *doth; #line 33 "ssl.y" typedef union { int val; unsigned char str[8192]; } YYSTYPE; #include #ifndef __cplusplus #ifndef __STDC__ #define const #endif #endif #define YYFINAL 48 #define YYFLAG -32768 #define YYNTBASE 23 #define YYTRANSLATE(x) ((unsigned)(x) <= 269 ? yytranslate[x] : 36) static const char yytranslate[] = { 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 20, 21, 2, 2, 17, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 19, 2, 22, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 16, 2, 18, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }; #if YYDEBUG != 0 static const short yyprhs[] = { 0, 0, 2, 3, 6, 8, 10, 19, 23, 25, 29, 31, 33, 39, 44, 51, 54, 56, 64, 70, 74 }; static const short yyrhs[] = { 24, 0, 0, 25, 24, 0, 26, 0, 32, 0, 7, 16, 27, 17, 28, 18, 3, 19, 0, 27, 17, 29, 0, 29, 0, 20, 4, 21, 0, 31, 0, 30, 0, 3, 20, 4, 21, 12, 0, 3, 20, 4, 21, 0, 15, 16, 33, 18, 3, 19, 0, 33, 34, 0, 34, 0, 3, 3, 22, 16, 35, 18, 19, 0, 4, 17, 4, 17, 4, 0, 4, 17, 4, 0, 4, 0 }; #endif #if YYDEBUG != 0 static const short yyrline[] = { 0, 67, 69, 70, 76, 77, 80, 124, 125, 130, 133, 134, 138, 160, 181, 202, 203, 208, 228, 232, 236 }; #endif #if YYDEBUG != 0 || defined (YYERROR_VERBOSE) static const char * const yytname[] = { "$","error","$undefined.","NAME_", "NUM_","DOT_DOT_","STRUCT_","SELECT_","OPAQUE_","ENUM_","DIGITALLY_SIGNED_", "COMMENT_START_","CODE_","COMMENT_END_","CASE_","CONSTANT_","'{'","','","'}'", "';'","'('","')'","'='","module","typelist","definition","selecttype","selecterateds", "selectmax","selecterated","selecterated_code","selecterated_no_code","constant_type", "constants","constant","constval", NULL }; #endif static const short yyr1[] = { 0, 23, 24, 24, 25, 25, 26, 27, 27, 28, 29, 29, 30, 31, 32, 33, 33, 34, 35, 35, 35 }; static const short yyr2[] = { 0, 1, 0, 2, 1, 1, 8, 3, 1, 3, 1, 1, 5, 4, 6, 2, 1, 7, 5, 3, 1 }; static const short yydefact[] = { 2, 0, 0, 1, 2, 4, 5, 0, 0, 3, 0, 0, 8, 11, 10, 0, 0, 16, 0, 0, 0, 0, 15, 0, 0, 0, 7, 0, 0, 13, 0, 0, 0, 14, 12, 9, 0, 20, 0, 6, 0, 0, 19, 17, 0, 18, 0, 0, 0 }; static const short yydefgoto[] = { 46, 3, 4, 5, 11, 25, 12, 13, 14, 6, 16, 17, 38 }; static const short yypact[] = { -5, -13, -12,-32768, -5,-32768,-32768, 2, 3,-32768, -11, -10,-32768,-32768,-32768, 5, -2,-32768, 7, -3, -9, 9,-32768, -7, 11, 0,-32768, 4, 6, 10, 8, 16, 17,-32768,-32768,-32768, 12, 13, 14,-32768, 19, 15, 18,-32768, 20,-32768, 26, 27,-32768 }; static const short yypgoto[] = {-32768, 24,-32768,-32768,-32768,-32768, 21,-32768,-32768,-32768,-32768, 22,-32768 }; #define YYLAST 40 static const short yytable[] = { 10, 15, 1, 7, 8, 10, 15, 19, 20, 18, 2, 23, 28, 27, 29, 30, 21, 24, 31, 36, 32, 37, 34, 42, 45, 33, 47, 48, 9, 35, 40, 39, 41, 0, 43, 44, 0, 0, 22, 0, 26 }; static const short yycheck[] = { 3, 3, 7, 16, 16, 3, 3, 17, 3, 20, 15, 4, 3, 22, 21, 4, 18, 20, 18, 3, 16, 4, 12, 4, 4, 19, 0, 0, 4, 21, 17, 19, 18, -1, 19, 17, -1, -1, 16, -1, 19 }; /* -*-C-*- Note some compilers choke on comments on `#line' lines. */ #line 3 "/usr/local/share/bison.simple" /* This file comes from bison-1.28. */ /* Skeleton output parser for bison, Copyright (C) 1984, 1989, 1990 Free Software Foundation, Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* As a special exception, when this file is copied by Bison into a Bison output file, you may use that output file without restriction. This special exception was added by the Free Software Foundation in version 1.24 of Bison. */ /* This is the parser code that is written into each bison parser when the %semantic_parser declaration is not specified in the grammar. It was written by Richard Stallman by simplifying the hairy parser used when %semantic_parser is specified. */ #ifndef YYSTACK_USE_ALLOCA #ifdef alloca #define YYSTACK_USE_ALLOCA #else /* alloca not defined */ #ifdef __GNUC__ #define YYSTACK_USE_ALLOCA #define alloca __builtin_alloca #else /* not GNU C. */ #if (!defined (__STDC__) && defined (sparc)) || defined (__sparc__) || defined (__sparc) || defined (__sgi) || (defined (__sun) && defined (__i386)) #define YYSTACK_USE_ALLOCA #include #else /* not sparc */ /* We think this test detects Watcom and Microsoft C. */ /* This used to test MSDOS, but that is a bad idea since that symbol is in the user namespace. */ #if (defined (_MSDOS) || defined (_MSDOS_)) && !defined (__TURBOC__) #if 0 /* No need for malloc.h, which pollutes the namespace; instead, just don't use alloca. */ #include #endif #else /* not MSDOS, or __TURBOC__ */ #if defined(_AIX) /* I don't know what this was needed for, but it pollutes the namespace. So I turned it off. rms, 2 May 1997. */ /* #include */ #pragma alloca #define YYSTACK_USE_ALLOCA #else /* not MSDOS, or __TURBOC__, or _AIX */ #if 0 #ifdef __hpux /* haible@ilog.fr says this works for HPUX 9.05 and up, and on HPUX 10. Eventually we can turn this on. */ #define YYSTACK_USE_ALLOCA #define alloca __builtin_alloca #endif /* __hpux */ #endif #endif /* not _AIX */ #endif /* not MSDOS, or __TURBOC__ */ #endif /* not sparc */ #endif /* not GNU C */ #endif /* alloca not defined */ #endif /* YYSTACK_USE_ALLOCA not defined */ #ifdef YYSTACK_USE_ALLOCA #define YYSTACK_ALLOC alloca #else #define YYSTACK_ALLOC malloc #endif /* Note: there must be only one dollar sign in this file. It is replaced by the list of actions, each action as one case of the switch. */ #define yyerrok (yyerrstatus = 0) #define yyclearin (yychar = YYEMPTY) #define YYEMPTY -2 #define YYEOF 0 #define YYACCEPT goto yyacceptlab #define YYABORT goto yyabortlab #define YYERROR goto yyerrlab1 /* Like YYERROR except do call yyerror. This remains here temporarily to ease the transition to the new meaning of YYERROR, for GCC. Once GCC version 2 has supplanted version 1, this can go. */ #define YYFAIL goto yyerrlab #define YYRECOVERING() (!!yyerrstatus) #define YYBACKUP(token, value) \ do \ if (yychar == YYEMPTY && yylen == 1) \ { yychar = (token), yylval = (value); \ yychar1 = YYTRANSLATE (yychar); \ YYPOPSTACK; \ goto yybackup; \ } \ else \ { yyerror ("syntax error: cannot back up"); YYERROR; } \ while (0) #define YYTERROR 1 #define YYERRCODE 256 #ifndef YYPURE #define YYLEX yylex() #endif #ifdef YYPURE #ifdef YYLSP_NEEDED #ifdef YYLEX_PARAM #define YYLEX yylex(&yylval, &yylloc, YYLEX_PARAM) #else #define YYLEX yylex(&yylval, &yylloc) #endif #else /* not YYLSP_NEEDED */ #ifdef YYLEX_PARAM #define YYLEX yylex(&yylval, YYLEX_PARAM) #else #define YYLEX yylex(&yylval) #endif #endif /* not YYLSP_NEEDED */ #endif /* If nonreentrant, generate the variables here */ #ifndef YYPURE int yychar; /* the lookahead symbol */ YYSTYPE yylval; /* the semantic value of the */ /* lookahead symbol */ #ifdef YYLSP_NEEDED YYLTYPE yylloc; /* location data for the lookahead */ /* symbol */ #endif int yynerrs; /* number of parse errors so far */ #endif /* not YYPURE */ #if YYDEBUG != 0 int yydebug; /* nonzero means print parse trace */ /* Since this is uninitialized, it does not stop multiple parsers from coexisting. */ #endif /* YYINITDEPTH indicates the initial size of the parser's stacks */ #ifndef YYINITDEPTH #define YYINITDEPTH 200 #endif /* YYMAXDEPTH is the maximum size the stacks can grow to (effective only if the built-in stack extension method is used). */ #if YYMAXDEPTH == 0 #undef YYMAXDEPTH #endif #ifndef YYMAXDEPTH #define YYMAXDEPTH 10000 #endif /* Define __yy_memcpy. Note that the size argument should be passed with type unsigned int, because that is what the non-GCC definitions require. With GCC, __builtin_memcpy takes an arg of type size_t, but it can handle unsigned int. */ #if __GNUC__ > 1 /* GNU C and GNU C++ define this. */ #define __yy_memcpy(TO,FROM,COUNT) __builtin_memcpy(TO,FROM,COUNT) #else /* not GNU C or C++ */ #ifndef __cplusplus /* This is the most reliable way to avoid incompatibilities in available built-in functions on various systems. */ static void __yy_memcpy (to, from, count) char *to; char *from; unsigned int count; { register char *f = from; register char *t = to; register int i = count; while (i-- > 0) *t++ = *f++; } #else /* __cplusplus */ /* This is the most reliable way to avoid incompatibilities in available built-in functions on various systems. */ static void __yy_memcpy (char *to, char *from, unsigned int count) { register char *t = to; register char *f = from; register int i = count; while (i-- > 0) *t++ = *f++; } #endif #endif #line 217 "/usr/local/share/bison.simple" /* The user can define YYPARSE_PARAM as the name of an argument to be passed into yyparse. The argument should have type void *. It should actually point to an object. Grammar actions can access the variable by casting it to the proper pointer type. */ #ifdef YYPARSE_PARAM #ifdef __cplusplus #define YYPARSE_PARAM_ARG void *YYPARSE_PARAM #define YYPARSE_PARAM_DECL #else /* not __cplusplus */ #define YYPARSE_PARAM_ARG YYPARSE_PARAM #define YYPARSE_PARAM_DECL void *YYPARSE_PARAM; #endif /* not __cplusplus */ #else /* not YYPARSE_PARAM */ #define YYPARSE_PARAM_ARG #define YYPARSE_PARAM_DECL #endif /* not YYPARSE_PARAM */ /* Prevent warning if -Wstrict-prototypes. */ #ifdef __GNUC__ #ifdef YYPARSE_PARAM int yyparse (void *); #else int yyparse (void); #endif #endif int yyparse(YYPARSE_PARAM_ARG) YYPARSE_PARAM_DECL { register int yystate; register int yyn; register short *yyssp; register YYSTYPE *yyvsp; int yyerrstatus; /* number of tokens to shift before error messages enabled */ int yychar1 = 0; /* lookahead token as an internal (translated) token number */ short yyssa[YYINITDEPTH]; /* the state stack */ YYSTYPE yyvsa[YYINITDEPTH]; /* the semantic value stack */ short *yyss = yyssa; /* refer to the stacks thru separate pointers */ YYSTYPE *yyvs = yyvsa; /* to allow yyoverflow to reallocate them elsewhere */ #ifdef YYLSP_NEEDED YYLTYPE yylsa[YYINITDEPTH]; /* the location stack */ YYLTYPE *yyls = yylsa; YYLTYPE *yylsp; #define YYPOPSTACK (yyvsp--, yyssp--, yylsp--) #else #define YYPOPSTACK (yyvsp--, yyssp--) #endif int yystacksize = YYINITDEPTH; int yyfree_stacks = 0; #ifdef YYPURE int yychar; YYSTYPE yylval; int yynerrs; #ifdef YYLSP_NEEDED YYLTYPE yylloc; #endif #endif YYSTYPE yyval; /* the variable used to return */ /* semantic values from the action */ /* routines */ int yylen; #if YYDEBUG != 0 if (yydebug) fprintf(stderr, "Starting parse\n"); #endif yystate = 0; yyerrstatus = 0; yynerrs = 0; yychar = YYEMPTY; /* Cause a token to be read. */ /* Initialize stack pointers. Waste one element of value and location stack so that they stay on the same level as the state stack. The wasted elements are never initialized. */ yyssp = yyss - 1; yyvsp = yyvs; #ifdef YYLSP_NEEDED yylsp = yyls; #endif /* Push a new state, which is found in yystate . */ /* In all cases, when you get here, the value and location stacks have just been pushed. so pushing a state here evens the stacks. */ yynewstate: *++yyssp = yystate; if (yyssp >= yyss + yystacksize - 1) { /* Give user a chance to reallocate the stack */ /* Use copies of these so that the &'s don't force the real ones into memory. */ YYSTYPE *yyvs1 = yyvs; short *yyss1 = yyss; #ifdef YYLSP_NEEDED YYLTYPE *yyls1 = yyls; #endif /* Get the current used size of the three stacks, in elements. */ int size = yyssp - yyss + 1; #ifdef yyoverflow /* Each stack pointer address is followed by the size of the data in use in that stack, in bytes. */ #ifdef YYLSP_NEEDED /* This used to be a conditional around just the two extra args, but that might be undefined if yyoverflow is a macro. */ yyoverflow("parser stack overflow", &yyss1, size * sizeof (*yyssp), &yyvs1, size * sizeof (*yyvsp), &yyls1, size * sizeof (*yylsp), &yystacksize); #else yyoverflow("parser stack overflow", &yyss1, size * sizeof (*yyssp), &yyvs1, size * sizeof (*yyvsp), &yystacksize); #endif yyss = yyss1; yyvs = yyvs1; #ifdef YYLSP_NEEDED yyls = yyls1; #endif #else /* no yyoverflow */ /* Extend the stack our own way. */ if (yystacksize >= YYMAXDEPTH) { yyerror("parser stack overflow"); if (yyfree_stacks) { free (yyss); free (yyvs); #ifdef YYLSP_NEEDED free (yyls); #endif } return 2; } yystacksize *= 2; if (yystacksize > YYMAXDEPTH) yystacksize = YYMAXDEPTH; #ifndef YYSTACK_USE_ALLOCA yyfree_stacks = 1; #endif yyss = (short *) YYSTACK_ALLOC (yystacksize * sizeof (*yyssp)); __yy_memcpy ((char *)yyss, (char *)yyss1, size * (unsigned int) sizeof (*yyssp)); yyvs = (YYSTYPE *) YYSTACK_ALLOC (yystacksize * sizeof (*yyvsp)); __yy_memcpy ((char *)yyvs, (char *)yyvs1, size * (unsigned int) sizeof (*yyvsp)); #ifdef YYLSP_NEEDED yyls = (YYLTYPE *) YYSTACK_ALLOC (yystacksize * sizeof (*yylsp)); __yy_memcpy ((char *)yyls, (char *)yyls1, size * (unsigned int) sizeof (*yylsp)); #endif #endif /* no yyoverflow */ yyssp = yyss + size - 1; yyvsp = yyvs + size - 1; #ifdef YYLSP_NEEDED yylsp = yyls + size - 1; #endif #if YYDEBUG != 0 if (yydebug) fprintf(stderr, "Stack size increased to %d\n", yystacksize); #endif if (yyssp >= yyss + yystacksize - 1) YYABORT; } #if YYDEBUG != 0 if (yydebug) fprintf(stderr, "Entering state %d\n", yystate); #endif goto yybackup; yybackup: /* Do appropriate processing given the current state. */ /* Read a lookahead token if we need one and don't already have one. */ /* yyresume: */ /* First try to decide what to do without reference to lookahead token. */ yyn = yypact[yystate]; if (yyn == YYFLAG) goto yydefault; /* Not known => get a lookahead token if don't already have one. */ /* yychar is either YYEMPTY or YYEOF or a valid token in external form. */ if (yychar == YYEMPTY) { #if YYDEBUG != 0 if (yydebug) fprintf(stderr, "Reading a token: "); #endif yychar = YYLEX; } /* Convert token to internal form (in yychar1) for indexing tables with */ if (yychar <= 0) /* This means end of input. */ { yychar1 = 0; yychar = YYEOF; /* Don't call YYLEX any more */ #if YYDEBUG != 0 if (yydebug) fprintf(stderr, "Now at end of input.\n"); #endif } else { yychar1 = YYTRANSLATE(yychar); #if YYDEBUG != 0 if (yydebug) { fprintf (stderr, "Next token is %d (%s", yychar, yytname[yychar1]); /* Give the individual parser a way to print the precise meaning of a token, for further debugging info. */ #ifdef YYPRINT YYPRINT (stderr, yychar, yylval); #endif fprintf (stderr, ")\n"); } #endif } yyn += yychar1; if (yyn < 0 || yyn > YYLAST || yycheck[yyn] != yychar1) goto yydefault; yyn = yytable[yyn]; /* yyn is what to do for this token type in this state. Negative => reduce, -yyn is rule number. Positive => shift, yyn is new state. New state is final state => don't bother to shift, just return success. 0, or most negative number => error. */ if (yyn < 0) { if (yyn == YYFLAG) goto yyerrlab; yyn = -yyn; goto yyreduce; } else if (yyn == 0) goto yyerrlab; if (yyn == YYFINAL) YYACCEPT; /* Shift the lookahead token. */ #if YYDEBUG != 0 if (yydebug) fprintf(stderr, "Shifting token %d (%s), ", yychar, yytname[yychar1]); #endif /* Discard the token being shifted unless it is eof. */ if (yychar != YYEOF) yychar = YYEMPTY; *++yyvsp = yylval; #ifdef YYLSP_NEEDED *++yylsp = yylloc; #endif /* count tokens shifted since error; after three, turn off error status. */ if (yyerrstatus) yyerrstatus--; yystate = yyn; goto yynewstate; /* Do the default action for the current state. */ yydefault: yyn = yydefact[yystate]; if (yyn == 0) goto yyerrlab; /* Do a reduction. yyn is the number of a rule to reduce with. */ yyreduce: yylen = yyr2[yyn]; if (yylen > 0) yyval = yyvsp[1-yylen]; /* implement default value of the action */ #if YYDEBUG != 0 if (yydebug) { int i; fprintf (stderr, "Reducing via rule %d (line %d), ", yyn, yyrline[yyn]); /* Print the symbols being reduced, and their result. */ for (i = yyprhs[yyn]; yyrhs[i] > 0; i++) fprintf (stderr, "%s ", yytname[yyrhs[i]]); fprintf (stderr, " -> %s\n", yytname[yyr1[yyn]]); } #endif switch (yyn) { case 2: #line 69 "ssl.y" {yyval.val=1; break;} case 3: #line 71 "ssl.y" { yyval.val=1; ; break;} case 6: #line 81 "ssl.y" { select_st *en; char filename[100]; for(en=select_base;en;en=en->next){ fprintf(dotc,"static int decode_%s_%s(ssl,dir,seg,data)\n", yyvsp[-1].str,en->name); fprintf(dotc," ssl_obj *ssl;\n"); fprintf(dotc," int dir;\n"); fprintf(dotc," segment *seg;\n"); fprintf(dotc," Data *data;\n"); fprintf(dotc," {\n"); if(en->code){ en->code+=2; en->code[strlen(en->code)-2]=0; fprintf(dotc,"\n%s\n",en->code); } else{ /* fprintf(dotc," fprintf(dotc,\"Decoding %s...%cn\");\n",en->name,'\\');*/ fprintf(dotc," return(0);\n"); } fprintf(dotc," }\n"); } fprintf(dotc,"decoder %s_decoder[]={\n",yyvsp[-1].str); fprintf(doth,"extern decoder %s_decoder[];\n",yyvsp[-1].str); for(en=select_base;en;en=en->next){ fprintf(dotc," {\n"); fprintf(dotc," %d,\n",en->val); fprintf(dotc," \"%s\",\n",en->name); fprintf(dotc," decode_%s_%s\n",yyvsp[-1].str,en->name); fprintf(dotc," },\n"); } fprintf(dotc,"{-1}\n"); fprintf(dotc,"};\n\n"); select_base=0; ; break;} case 8: #line 126 "ssl.y" {; ; break;} case 9: #line 131 "ssl.y" {yyval.val=1;; break;} case 12: #line 139 "ssl.y" { select_st *en; en=malloc(sizeof(select_st)); en->next=0; en->val=yyvsp[-2].val; en->name=strdup(yyvsp[-4].str); en->code=strdup(yyvsp[0].str); if(!select_base){ select_base=en; select_ptr=en; } else{ select_ptr->next=en; select_ptr=en; } ; break;} case 13: #line 161 "ssl.y" { select_st *en; en=malloc(sizeof(select_st)); en->next=0; en->val=yyvsp[-1].val; en->name=strdup(yyvsp[-3].str); en->code=0; if(!select_base){ select_base=en; select_ptr=en; } else{ select_ptr->next=en; select_ptr=en; } ; break;} case 14: #line 182 "ssl.y" { select_st *en; fprintf(dotc,"decoder %s_decoder[]={\n",yyvsp[-1].str); fprintf(doth,"extern decoder %s_decoder[];\n",yyvsp[-1].str); for(en=constant_base;en;en=en->next){ fprintf(dotc," {\n"); fprintf(dotc," %d,\n",en->val); fprintf(dotc," \"%s\",\n",en->name); fprintf(dotc," 0"); fprintf(dotc," },\n"); } fprintf(dotc,"{-1}\n"); fprintf(dotc,"};\n\n"); constant_ptr=0; constant_base=0; ; break;} case 16: #line 204 "ssl.y" {; ; break;} case 17: #line 209 "ssl.y" { select_st *en; en=malloc(sizeof(select_st)); en->next=0; en->val=yyvsp[-2].val; en->name=strdup(yyvsp[-5].str); if(!constant_base){ constant_base=en; constant_ptr=en; } else{ constant_ptr->next=en; constant_ptr=en; } ; break;} case 18: #line 229 "ssl.y" { yyval.val=(yyvsp[-4].val << 16) | (yyvsp[-2].val << 8) | yyvsp[0].val; ; break;} case 19: #line 233 "ssl.y" { yyval.val=(yyvsp[-2].val << 8) | yyvsp[0].val; ; break;} case 20: #line 237 "ssl.y" { yyval.val=yyvsp[0].val; ; break;} } /* the action file gets copied in in place of this dollarsign */ #line 543 "/usr/local/share/bison.simple" yyvsp -= yylen; yyssp -= yylen; #ifdef YYLSP_NEEDED yylsp -= yylen; #endif #if YYDEBUG != 0 if (yydebug) { short *ssp1 = yyss - 1; fprintf (stderr, "state stack now"); while (ssp1 != yyssp) fprintf (stderr, " %d", *++ssp1); fprintf (stderr, "\n"); } #endif *++yyvsp = yyval; #ifdef YYLSP_NEEDED yylsp++; if (yylen == 0) { yylsp->first_line = yylloc.first_line; yylsp->first_column = yylloc.first_column; yylsp->last_line = (yylsp-1)->last_line; yylsp->last_column = (yylsp-1)->last_column; yylsp->text = 0; } else { yylsp->last_line = (yylsp+yylen-1)->last_line; yylsp->last_column = (yylsp+yylen-1)->last_column; } #endif /* Now "shift" the result of the reduction. Determine what state that goes to, based on the state we popped back to and the rule number reduced by. */ yyn = yyr1[yyn]; yystate = yypgoto[yyn - YYNTBASE] + *yyssp; if (yystate >= 0 && yystate <= YYLAST && yycheck[yystate] == *yyssp) yystate = yytable[yystate]; else yystate = yydefgoto[yyn - YYNTBASE]; goto yynewstate; yyerrlab: /* here on detecting error */ if (! yyerrstatus) /* If not already recovering from an error, report this error. */ { ++yynerrs; #ifdef YYERROR_VERBOSE yyn = yypact[yystate]; if (yyn > YYFLAG && yyn < YYLAST) { int size = 0; char *msg; int x, count; count = 0; /* Start X at -yyn if nec to avoid negative indexes in yycheck. */ for (x = (yyn < 0 ? -yyn : 0); x < (sizeof(yytname) / sizeof(char *)); x++) if (yycheck[x + yyn] == x) size += strlen(yytname[x]) + 15, count++; msg = (char *) malloc(size + 15); if (msg != 0) { strcpy(msg, "parse error"); if (count < 5) { count = 0; for (x = (yyn < 0 ? -yyn : 0); x < (sizeof(yytname) / sizeof(char *)); x++) if (yycheck[x + yyn] == x) { strcat(msg, count == 0 ? ", expecting `" : " or `"); strcat(msg, yytname[x]); strcat(msg, "'"); count++; } } yyerror(msg); free(msg); } else yyerror ("parse error; also virtual memory exceeded"); } else #endif /* YYERROR_VERBOSE */ yyerror("parse error"); } goto yyerrlab1; yyerrlab1: /* here on error raised explicitly by an action */ if (yyerrstatus == 3) { /* if just tried and failed to reuse lookahead token after an error, discard it. */ /* return failure if at end of input */ if (yychar == YYEOF) YYABORT; #if YYDEBUG != 0 if (yydebug) fprintf(stderr, "Discarding token %d (%s).\n", yychar, yytname[yychar1]); #endif yychar = YYEMPTY; } /* Else will try to reuse lookahead token after shifting the error token. */ yyerrstatus = 3; /* Each real token shifted decrements this */ goto yyerrhandle; yyerrdefault: /* current state does not do anything special for the error token. */ #if 0 /* This is wrong; only states that explicitly want error tokens should shift them. */ yyn = yydefact[yystate]; /* If its default is to accept any token, ok. Otherwise pop it.*/ if (yyn) goto yydefault; #endif yyerrpop: /* pop the current state because it cannot handle the error token */ if (yyssp == yyss) YYABORT; yyvsp--; yystate = *--yyssp; #ifdef YYLSP_NEEDED yylsp--; #endif #if YYDEBUG != 0 if (yydebug) { short *ssp1 = yyss - 1; fprintf (stderr, "Error: state stack now"); while (ssp1 != yyssp) fprintf (stderr, " %d", *++ssp1); fprintf (stderr, "\n"); } #endif yyerrhandle: yyn = yypact[yystate]; if (yyn == YYFLAG) goto yyerrdefault; yyn += YYTERROR; if (yyn < 0 || yyn > YYLAST || yycheck[yyn] != YYTERROR) goto yyerrdefault; yyn = yytable[yyn]; if (yyn < 0) { if (yyn == YYFLAG) goto yyerrpop; yyn = -yyn; goto yyreduce; } else if (yyn == 0) goto yyerrpop; if (yyn == YYFINAL) YYACCEPT; #if YYDEBUG != 0 if (yydebug) fprintf(stderr, "Shifting error token, "); #endif *++yyvsp = yylval; #ifdef YYLSP_NEEDED *++yylsp = yylloc; #endif yystate = yyn; goto yynewstate; yyacceptlab: /* YYACCEPT comes here. */ if (yyfree_stacks) { free (yyss); free (yyvs); #ifdef YYLSP_NEEDED free (yyls); #endif } return 0; yyabortlab: /* YYABORT comes here. */ if (yyfree_stacks) { free (yyss); free (yyvs); #ifdef YYLSP_NEEDED free (yyls); #endif } return 1; } #line 242 "ssl.y" ssldump-1.1/ssl/y.tab.h000066400000000000000000000005621354171271700150440ustar00rootroot00000000000000typedef union { int val; unsigned char str[8192]; } YYSTYPE; #define NAME_ 257 #define NUM_ 258 #define DOT_DOT_ 259 #define STRUCT_ 260 #define SELECT_ 261 #define OPAQUE_ 262 #define ENUM_ 263 #define DIGITALLY_SIGNED_ 264 #define COMMENT_START_ 265 #define CODE_ 266 #define COMMENT_END_ 267 #define CASE_ 268 #define CONSTANT_ 269 extern YYSTYPE yylval; ssldump-1.1/ssldump.1000066400000000000000000000450711354171271700146320ustar00rootroot00000000000000.\" This file contains sections of the tcpdump man page, to which the .\" following copyright applies --EKR .\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997 .\" The Regents of the University of California. All rights reserved. .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that: (1) source code distributions .\" retain the above copyright notice and this paragraph in its entirety, (2) .\" distributions including binary code include the above copyright notice and .\" this paragraph in its entirety in the documentation or other materials .\" provided with the distribution, and (3) all advertising materials mentioning .\" features or use of this software display the following acknowledgement: .\" ``This product includes software developed by the University of California, .\" Lawrence Berkeley Laboratory and its contributors.'' Neither the name of .\" the University nor the names of its contributors may be used to endorse .\" or promote products derived from this software without specific prior .\" written permission. .\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED .\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF .\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. .\" .\" Copyright (C) 1999-2000 RTFM, Inc. .\" All Rights Reserved .\" .\" This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla .\" and licensed by RTFM, Inc. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. All advertising materials mentioning features or use of this software .\" must display the following acknowledgement: .\" .\" This product includes software developed by Eric Rescorla for .\" RTFM, Inc. .\" .\" 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be .\" used to endorse or promote products derived from this .\" software without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. .TH SSLDUMP 1 "28 September 2001" .SH NAME ssldump \- dump SSL traffic on a network .SH SYNOPSIS .na .B ssldump [ .B \-vTshVq .B \-aAdeHnNqTxXvy ] [ .B \-i .I interface ] .br .ti +8 [ .B \-k .I keyfile ] [ .B \-l .I sslkeylogfile ] [ .B \-p .I password ] [ .B \-r .I dumpfile ] .br .ti +8 [ .B \-S .RI [\| crypto \||\| d \||\| ht \||\| H \||\| nroff \|] ] [ .I expression ] .br .ad .SH DESCRIPTION .LP \fIssldump\fP is an SSL/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSL/TLS traffic. When it identifies SSL/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic. .LP ssldump has been tested on FreeBSD, Linux, Solaris, and HP/UX. Since it's based on PCAP, it should work on most platforms. However, unlike tcpdump, ssldump needs to be able to see both sides of the data transmission so you may have trouble using it with network taps such as SunOS nit that don't permit you to see transmitted data. .B Under SunOS with nit or bpf: To run .I tcpdump you must have read access to .I /dev/nit or .IR /dev/bpf* . .B Under Solaris with dlpi: You must have read access to the network pseudo device, e.g. .IR /dev/le . .B Under HP-UX with dlpi: You must be root or it must be installed setuid to root. .B Under IRIX with snoop: You must be root or it must be installed setuid to root. .B Under Linux: You must be root or it must be installed setuid to root. .B Under Ultrix and Digital UNIX: Once the super-user has enabled promiscuous-mode operation using .IR pfconfig (8), any user may run .BR ssldump .B Under BSD: You must have read access to .IR /dev/bpf* . .SH OPTIONS .TP .B \-a Print bare TCP ACKs (useful for observing Nagle behavior) .TP .B \-A Print all record fields (by default ssldump chooses the most interesting fields) .TP .B \-d Display the application data traffic. This usually means decrypting it, but when -d is used ssldump will also decode application data traffic \fIbefore\fP the SSL session initiates. This allows you to see HTTPS CONNECT behavior as well as SMTP STARTTLS. As a side effect, since ssldump can't tell whether plaintext is traffic before the initiation of an SSL connection or just a regular TCP connection, this allows you to use ssldump to sniff any TCP connection. ssldump will automatically detect ASCII data and display it directly to the screen. non-ASCII data is displayed as hex dumps. See also -X. .TP .B \-e Print absolute timestamps instead of relative timestamps .TP .B \-H Print the full SSL packet header. .TP .B \-n Don't try to resolve host names from IP addresses .TP .B \-N Attempt to parse ASN.1 when it appears, such as in certificates and DNs. .TP .B \-p Use \fIpassword\fP as the SSL keyfile password. .TP .B \-P Don't put the interface into promiscuous mode. .TP .B \-q Don't decode any record fields beyond a single summary line. (quiet mode). .TP .B \-T Print the TCP headers. .TP .B \-v Display version and copyright information. .TP .B \-t Specify the TTL for inactive connections referenced in the connection pool (in seconds, default: 100). .TP .B \-F Specify the number of packets after which a connection pool cleaning is performed (in packets, default: 100). .TP .B \-x Print each record in hex, as well as decoding it. .TP .B \-X When the -d option is used, binary data is automatically printed in two columns with a hex dump on the left and the printable characters on the right. -X suppresses the display of the printable characters, thus making it easier to cut and paste the hex data into some other program. .TP .B \-y Decorate the output for processing with nroff/troff. Not very useful for the average user. .TP .BI \-i " interface" Use \fIinterface\fP as the network interface on which to sniff SSL/TLS traffic. .TP .BI \-k " keyfile" Use \fIkeyfile\fP as the location of the SSL keyfile (OpenSSL format) Previous versions of ssldump automatically looked in ./server.pem. Now you must specify your keyfile every time. .TP .BI \-l " sslkeylogfile" Use \fIsslkeylogfile\fP as the location of the SSLKEYLOGFILE (https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format) .TP .BI \-p " password" Use \fIpassword\fP as the SSL keyfile password. .TP .BI \-r " file" Read data from \fIfile\fP instead of from the network. The old -f option still works but is deprecated and will probably be removed with the next version. .TP .BI \-S " [ " crypto " | " d " | " ht " | " H " ]" Specify SSL flags to ssldump. These flags include: .RS .TP .I crypto Print cryptographic information. .TP .I d Print fields as decoded. .TP .I ht Print the handshake type. .TP .I H Print handshake type and highlights. .RE .TP \fIexpression\fP .RS Selects what packets ssldump will examine. Technically speaking, ssldump supports the full expression syntax from PCAP and tcpdump. In fact, the description here is cribbed from the tcpdump man page. However, since ssldump needs to examine full TCP streams, most of the tcpdump expressions will select traffic mixes that ssldump will simply ignore. Only the expressions which don't result in incomplete TCP streams are listed here. .LP The \fIexpression\fP consists of one or more .IR primitives . Primitives usually consist of an .I id (name or number) preceded by one or more qualifiers. There are three different kinds of qualifier: .IP \fItype\fP qualifiers say what kind of thing the id name or number refers to. Possible types are .BR host , .B net and .BR port . E.g., `host foo', `net 128.3', `port 20'. If there is no type qualifier, .B host is assumed. .IP \fIdir\fP qualifiers specify a particular transfer direction to and/or from .I id. Possible directions are .BR src , .BR dst , .B "src or dst" and .B "src and" .BR dst . E.g., `src foo', `dst net 128.3', `src or dst port ftp-data'. If there is no dir qualifier, .B "src or dst" is assumed. For `null' link layers (i.e. point to point protocols such as slip) the .B inbound and .B outbound qualifiers can be used to specify a desired direction. .LP More complex filter expressions are built up by using the words .BR and , .B or and .B not to combine primitives. E.g., `host foo and not port ftp and not port ftp-data'. To save typing, identical qualifier lists can be omitted. E.g., `tcp dst port ftp or ftp-data or domain' is exactly the same as `tcp dst port ftp or tcp dst port ftp-data or tcp dst port domain'. .LP Allowable primitives are: .IP "\fBdst host \fIhost\fR" True if the IPv4/v6 destination field of the packet is \fIhost\fP, which may be either an address or a name. .IP "\fBsrc host \fIhost\fR" True if the IPv4/v6 source field of the packet is \fIhost\fP. .IP "\fBhost \fIhost\fP True if either the IPv4/v6 source or destination of the packet is \fIhost\fP. Any of the above host expressions can be prepended with the keywords, \fBip\fP, \fBarp\fP, \fBrarp\fP, or \fBip6\fP as in: .in +.5i .nf \fBip host \fIhost\fR .fi .in -.5i which is equivalent to: .in +.5i .nf \fBether proto \fI\\ip\fB and host \fIhost\fR .fi .in -.5i If \fIhost\fR is a name with multiple IP addresses, each address will be checked for a match. .IP "\fBether dst \fIehost\fP True if the ethernet destination address is \fIehost\fP. \fIEhost\fP may be either a name from /etc/ethers or a number (see .IR ethers (3N) for numeric format). .IP "\fBether src \fIehost\fP True if the ethernet source address is \fIehost\fP. .IP "\fBether host \fIehost\fP True if either the ethernet source or destination address is \fIehost\fP. .IP "\fBgateway\fP \fIhost\fP True if the packet used \fIhost\fP as a gateway. I.e., the ethernet source or destination address was \fIhost\fP but neither the IP source nor the IP destination was \fIhost\fP. \fIHost\fP must be a name and must be found in both /etc/hosts and /etc/ethers. (An equivalent expression is .in +.5i .nf \fBether host \fIehost \fBand not host \fIhost\fR .fi .in -.5i which can be used with either names or numbers for \fIhost / ehost\fP.) This syntax does not work in IPv6-enabled configuration at this moment. .IP "\fBdst net \fInet\fR" True if the IPv4/v6 destination address of the packet has a network number of \fInet\fP. \fINet\fP may be either a name from /etc/networks or a network number (see \fInetworks(4)\fP for details). .IP "\fBsrc net \fInet\fR" True if the IPv4/v6 source address of the packet has a network number of \fInet\fP. .IP "\fBnet \fInet\fR" True if either the IPv4/v6 source or destination address of the packet has a network number of \fInet\fP. .IP "\fBnet \fInet\fR \fBmask \fImask\fR" True if the IP address matches \fInet\fR with the specific netmask. May be qualified with \fBsrc\fR or \fBdst\fR. Note that this syntax is not valid for IPv6 \fInet\fR. .IP "\fBnet \fInet\fR/\fIlen\fR" True if the IPv4/v6 address matches \fInet\fR a netmask \fIlen\fR bits wide. May be qualified with \fBsrc\fR or \fBdst\fR. .IP "\fBdst port \fIport\fR" True if the packet is ip/tcp, ip/udp, ip6/tcp or ip6/udp and has a destination port value of \fIport\fP. The \fIport\fP can be a number or a name used in /etc/services (see .IR tcp (4P) and .IR udp (4P)). If a name is used, both the port number and protocol are checked. If a number or ambiguous name is used, only the port number is checked (e.g., \fBdst port 513\fR will print both tcp/login traffic and udp/who traffic, and \fBport domain\fR will print both tcp/domain and udp/domain traffic). .IP "\fBsrc port \fIport\fR" True if the packet has a source port value of \fIport\fP. .IP "\fBport \fIport\fR" True if either the source or destination port of the packet is \fIport\fP. Any of the above port expressions can be prepended with the keywords, \fBtcp\fP or \fBudp\fP, as in: .in +.5i .nf \fBtcp src port \fIport\fR .fi .in -.5i which matches only tcp packets whose source port is \fIport\fP. .LP Primitives may be combined using: .IP A parenthesized group of primitives and operators (parentheses are special to the Shell and must be escaped). .IP Negation (`\fB!\fP' or `\fBnot\fP'). .IP Concatenation (`\fB&&\fP' or `\fBand\fP'). .IP Alternation (`\fB||\fP' or `\fBor\fP'). .LP Negation has highest precedence. Alternation and concatenation have equal precedence and associate left to right. Note that explicit \fBand\fR tokens, not juxtaposition, are now required for concatenation. .LP If an identifier is given without a keyword, the most recent keyword is assumed. For example, .in +.5i .nf \fBnot host vs and ace\fR .fi .in -.5i is short for .in +.5i .nf \fBnot host vs and host ace\fR .fi .in -.5i which should not be confused with .in +.5i .nf \fBnot ( host vs or ace )\fR .fi .in -.5i .LP Expression arguments can be passed to ssldump as either a single argument or as multiple arguments, whichever is more convenient. Generally, if the expression contains Shell metacharacters, it is easier to pass it as a single, quoted argument. Multiple arguments are concatenated with spaces before being parsed. .SH EXAMPLES .LP To listen to traffic on interface \fIle0\fP port \fI443\fP .RS .nf \fBssldump -i le0 port 443\fP .fi .RE .LP To listen to traffic to the server \fIromeo\fP on port \fI443\fP. .RS .nf \fBssldump -i le0 port 443 and host romeo\fP .fi .RE .LP To decrypt traffic to host \fIromeo\fR \fIserver.pem\fR and the password \fIfoobar\fR .RS .nf \fBssldump -Ad -k ~/server.pem -p foobar -i le0 host romeo .fi .RE .SH OUTPUT FORMAT .LP All output is printed to standard out. .LP ssldump prints an indication of every new TCP connection using a line like the following .nf .LP \fBNew TCP connection #2: iromeo.rtfm.com(2302) <-> sr1.rtfm.com(4433)\fP .LP .fi The host which send the first SYN is printed on the left and the host which responded is printed on the right. Ordinarily, this means that the SSL client will be printed on the left with the SSL server on the right. In this case we have a connection from \fIiromeo.rtfm.com\fR (port \fI2303\fR) to \fIsr1.rtfm.com\fR (port \fI4433\fR). To allow the user to disentangle traffic from different connections, each connection is numbered. This is connection \fI2\fR. .LP The printout of each SSL record begins with a record line. This line contains the connection and record number, a timestamp, and the record type, as in the following: .LP .nf \fB2 3 0.2001 (0.0749) S>C Handshake Certificate\fR .fi .LP This is record \fI3\fR on connection \fI2\fR. The first timestamp is the time since the beginning of the connection. The second is the time since the previous record. Both are in seconds. .LP The next field in the record line is the direction that the record was going. \fIC>S\fR indicates records transmitted from client to server and \fIS>C\fR indicates records transmitted from server to client. ssldump assumes that the host to transmit the first SYN is the SSL client (this is nearly always correct). .LP The next field is the record type, one of \fIHandshake\fR, \fIIAlert\fR, \fIChangeCipherSpec\fR, or \fIapplication_data\fR. Finally, ssldump may print record-specific data on the rest of the line. For \fIHandshake\fR records, it prints the handshake message. Thus, this record is a \fICertificate\fR message. .LP ssldump chooses certain record types for further decoding. These are the ones that have proven to be most useful for debugging: .LP .nf \fIClientHello\fR \- version, offered cipher suites, session id if provided) \fIServerHello\fR \- version, session_id, chosen cipher suite, compression method \fIAlert\fR \- type and level (if obtainable) .fi .LP Fuller decoding of the various records can be obtained by using the .B \-A , .B \-d , .B \-k and .B \-p flags. .LP .SH DECRYPTION .LP ssldump can decrypt traffic between two hosts if the following two conditions are met: .RS .nf 1. ssldump has the keys. 2. Static RSA was used. .fi .RE In any other case, once encryption starts, ssldump will only be able to determine the record type. Consider the following section of a trace. .LP .nf \fB1 5 0.4129 (0.1983) C>S Handshake ClientKeyExchange 1 6 0.4129 (0.0000) C>S ChangeCipherSpec 1 7 0.4129 (0.0000) C>S Handshake 1 8 0.5585 (0.1456) S>C ChangeCipherSpec 1 9 0.6135 (0.0550) S>C Handshake 1 10 2.3121 (1.6986) C>S application_data 1 11 2.5336 (0.2214) C>S application_data 1 12 2.5545 (0.0209) S>C application_data 1 13 2.5592 (0.0046) S>C application_data 1 14 2.5592 (0.0000) S>C Alert\fP .fi .LP Note that the \fIClientKeyExchange\fR message type is printed but the rest of the \fIHandshake\fR messages do not have types. These are the \fIFinished\fR messages, but because they are encrypted ssldump only knows that they are of type \fIHandshake\fR. Similarly, had the \fIAlert\fR in record 14 happened during the handshake, it's type and level would have been printed. However, since it is encrypted we can only tell that it is an alert. .LP .SH BUGS .LP Please send bug reports to ssldump@rtfm.com. .LP The TCP reassembler is not perfect. No attempt is made to reassemble IP fragments and the 3-way handshake and close handshake are imperfectly implemented. In practice, this turns out not to be much of a problem. .LP Support is provided for only for Ethernet and loopback interfaces because that's all that I have. If you have another kind of network you will need to modify pcap_cb in base/pcap-snoop.c. If you have direct experience with ssldump on other networks, please send me patches. .LP ssldump doesn't implement session caching and therefore can't decrypt resumed sessions. .LP .SH SEE ALSO .LP .BR tcpdump (1) .LP .SH AUTHOR .LP ssldump was written by Eric Rescorla . ssldump-1.1/win32/000077500000000000000000000000001354171271700140145ustar00rootroot00000000000000ssldump-1.1/win32/Ssldump.html000066400000000000000000000467211354171271700163430ustar00rootroot00000000000000 


       ssldump - dump SSL traffic on a network

SYNOPSIS

       ssldump [ -vtaTnsAxXhHVNdq ] [ -r dumpfile ] 
       [ -i interface ] [ -k keyfile ] [ -p password ] [ expression ]

DESCRIPTION

       ssldump is an SSL/TLS network protocol analyzer. It  iden-
       tifies TCP connections on the chosen network interface and
       attempts to interpret them as  SSL/TLS  traffic.  When  it
       identifies  SSL/TLS  traffic,  it  decodes the records and
       displays them in a textual form  to  stdout.  If  provided
       with the appropriate keying material, it will also decrypt
       the connections and display the application data  traffic.

       ssldump  has  been  tested on FreeBSD, Linux, Solaris, and
       HP/UX.  Since it's based on PCAP, it should work  on  most
       platforms.  However,  unlike  tcpdump, ssldump needs to be
       able to see both sides of the data transmission so you may
       have  trouble using it with network taps such as SunOS nit
       that don't permit you  to  see  transmitted  data.   Under
       SunOS  with  nit or bpf: To run tcpdump you must have read
       access to /dev/nit or /dev/bpf*.  Under Solaris with dlpi:
       You  must  have  read access to the network pseudo device,
       e.g.  /dev/le.  Under HP-UX with dlpi: You must be root or
       it  must  be  installed  setuid  to root.  Under IRIX with
       snoop: You must be root or it must be installed setuid  to
       root.   Under  Linux:  You  must  be  root  or  it must be
       installed setuid to root.  Under Ultrix and Digital  UNIX:
       Once the super-user has enabled promiscuous-mode operation
       using pfconfig(8), any user may run ssldump Under BSD: You
       must have read access to /dev/bpf*.

OPTIONS

       -a     Print bare TCP ACKs (useful for observing Nagle behav-
              ior)

       -A     Print all record fields (by default ssldump chooses
              the most interesting fields)

       -d     Display  the application data traffic. This usually
              means decrypting it, but when -d  is  used  ssldump
              will  also decode application data traffic _before_
              the SSL session initiates.  This allows you to  see
              HTTPS CONNECT behavior as well as SMTP STARTTLS. As
              a side effect, since  ssldump  can't  tell  whether
              plaintext  is  traffic  before the initiation of an
              SSL connection or just a  regular  TCP  connection,
              this  allows  you  to  use ssldump to sniff any TCP
              connection.   ssldump  will  automatically   detect
              ASCII  data  and display it directly to the screen.

       -e     Print   absolute  timestamps  instead  of  relative
              timestamps

       -r     Read data from file instead of  from  the  network.
              The old -f option still works but is deprecated and
              will probably be removed with the next version.
              
       -H
              Print the full SSL packet header.

       -k     Use  keyfile  as  the  location  of the SSL keyfile
              (OpenSSL format)  ssldump  automatically  looks  in
              ./server.pem.

       -n     Don't try to resolve host names from IP addresses

       -N     Attempt  to parse ASN.1 when it appears, such as in
              certificates and DNs.

       -p     Use password as the SSL keyfile password default is
              "password".

       -q     Don't decode any record fields beyond a single sum-
              mary line. (quiet mode).

       -x     Print each record in hex, as well as decoding it.

       -X     When the -d option is used, binary data is automat-
              ically  printed  in  two columns with a hex dump on
              the left and the printable characters on the right.
              -X  suppresses the display of the printable charac-
              ters, thus making it easier to cut  and  paste  the
              hext data into some other program.  -y Decorate the
              output for processing with troff. Not  very  useful
              for the average user.


        expression
              Selects  what packets ssldump will examine. Techni-
              cally speaking, ssldump supports the  full  expres-
              sion  syntax  from  PCAP and tcpdump.  In fact, the
              description here is cribbed from  the  tcpdump  man
              page.  However, since ssldump needs to examine full
              TCP streams, most of the tcpdump  expressions  will
              select  traffic  mixes  that  ssldump  will  simply
              ignore. Only the expressions which don't result  in
              incomplete TCP streams are listed here.

              The  expression consists of one or more primitives.
              Primitives usually consist of an id (name  or  num-
              ber) preceded by one or more qualifiers.  There are
              three different kinds of qualifier:

                     are host, net and port.  E.g.,  `host  foo',
                     `net 128.3', `port 20'.  If there is no type
                     qualifier, host is assumed.

              dir    qualifiers  specify  a  particular  transfer
                     direction   to  and/or  from  id.   Possible
                     directions are src, dst, src or dst and  src
                     and  dst.  E.g., `src foo', `dst net 128.3',
                     `src or dst port ftp-data'.  If there is  no
                     dir  qualifier,  src or dst is assumed.  For
                     `null' link layers (i.e. point to point pro-
                     tocols  such  as  slip) the inbound and out-
                     bound qualifiers can be used  to  specify  a
                     desired direction.

              More  complex  filter  expressions  are built up by
              using the words and, or and not to  combine  primi-
              tives.   E.g.,  `host  foo and not port ftp and not
              port ftp-data'.  To save typing,  identical  quali-
              fier lists can be omitted.  E.g., `tcp dst port ftp
              or ftp-data or domain' is exactly the same as  `tcp
              dst  port  ftp  or tcp dst port ftp-data or tcp dst
              port domain'.

              Allowable primitives are:

              dst host host
                     True if the IPv4/v6 destination field of the
                     packet  is  host,  which  may  be  either an
                     address or a name.

              src host host
                     True if the  IPv4/v6  source  field  of  the
                     packet is host.

              host host
                     True  if either the IPv4/v6 source or desti-
                     nation of the packet is host.   Any  of  the
                     above host expressions can be prepended with
                     the keywords, ip, arp, rarp, or ip6 as in:
                          ip host host
                     which is equivalent to:
                          ether proto \ip and host host
                     If  host  is  a  name   with   multiple   IP
                     addresses,  each address will be checked for
                     a match.

              ether dst ehost
                     True if the ethernet destination address  is
                     ehost.   Ehost  may  be  either  a name from
                     /etc/ethers or a number (see ethers(3N)  for
                     numeric format).
                     True  if  the  ethernet  source  address  is
                     ehost.

              ether host ehost
                     True if either the ethernet source or desti-
                     nation address is ehost.

              gateway host
                     True  if  the packet used host as a gateway.
                     I.e., the  ethernet  source  or  destination
                     address  was  host but neither the IP source
                     nor the IP destination was host.  Host  must
                     be   a  name  and  must  be  found  in  both
                     /etc/hosts and /etc/ethers.  (An  equivalent
                     expression is
                          ether host ehost and not host host
                     which  can be used with either names or num-
                     bers for host / ehost.)   This  syntax  does
                     not  work  in  IPv6-enabled configuration at
                     this moment.

              dst net net
                     True if the IPv4/v6 destination  address  of
                     the  packet has a network number of net. Net
                     may be either a name from /etc/networks or a
                     network    number   (see   networks(4)   for
                     details).

              src net net
                     True if the IPv4/v6 source  address  of  the
                     packet has a network number of net.

              net net
                     True  if either the IPv4/v6 source or desti-
                     nation address of the packet has  a  network
                     number of net.

              net net mask mask
                     True  if the IP address matches net with the
                     specific netmask.  May be qualified with src
                     or  dst.  Note that this syntax is not valid
                     for IPv6 net.

              net net/len
                     True if the IPv4/v6 address  matches  net  a
                     netmask  len  bits  wide.   May be qualified
                     with src or dst.

              dst port port
                     True  if  the  packet  is  ip/tcp,   ip/udp,
                     ip6/tcp  or  ip6/udp  and  has a destination
                     port value of port.  The port can be a  num-
                     both   the  port  number  and  protocol  are
                     checked.  If a number or ambiguous  name  is
                     used, only the port number is checked (e.g.,
                     dst port 513 will print both tcp/login traf-
                     fic  and  udp/who  traffic,  and port domain
                     will print both  tcp/domain  and  udp/domain
                     traffic).

              src port port
                     True  if  the packet has a source port value
                     of port.

              port port
                     True if either  the  source  or  destination
                     port  of  the  packet  is  port.  Any of the
                     above port expressions can be prepended with
                     the keywords, tcp or udp, as in:
                          tcp src port port
                     which  matches only tcp packets whose source
                     port is port.

              Primitives may be combined using:

                     A  parenthesized  group  of  primitives  and
                     operators  (parentheses  are  special to the
                     Shell and must be escaped).

                     Negation (`!' or `not').

                     Concatenation (`&&' or `and').

                     Alternation (`||' or `or').

              Negation has highest precedence.   Alternation  and
              concatenation  have  equal precedence and associate
              left to right.  Note that explicit and tokens,  not
              juxtaposition,  are now required for concatenation.

              If an identifier is given without  a  keyword,  the
              most recent keyword is assumed.  For example,
                   not host vs and ace
              is short for
                   not host vs and host ace
              which should not be confused with
                   not ( host vs or ace )

              Expression  arguments  can  be passed to ssldump as
              either a single argument or as multiple  arguments,
              whichever  is  more  convenient.  Generally, if the
              expression contains  Shell  metacharacters,  it  is
              easier  to  pass  it  as a single, quoted argument.
              Multiple arguments  are  concatenated  with  spaces

       To listen to traffic on interface le0 port 443
              ssldump -i le0 port 443

       To listen to traffic to the server romeo on port 443.
              ssldump -i le0 port 443 and host romeo

       To  decrypt  traffic  to  to host romeo server.pem and the
       password foobar
              ssldump -Ad -k ~/server.pem -p foobar -i le0 host romeo

OUTPUT FORMAT

       All output is printed to standard out.

       ssldump prints an indication of every new  TCP  connection
       using a line like the following

       New TCP connection #2: iromeo.rtfm.com(2302) <-> sr1.rtfm.com(4433)

       The  host  which send the first SYN is printed on the left
       and the host which responded  is  printed  on  the  right.
       Ordinarily, this means that the SSL client will be printed
       on the left with the SSL server on the right. In this case
       we  have  a connection from iromeo.rtfm.com (port 2303) to
       sr1.rtfm.com (port 4433). To allow the user to disentangle
       traffic  from  different  connections,  each connection is
       numbered. This is connection 2.

       The printout of each SSL record begins with a record line.
       This  line  contains  the  connection and record number, a
       timestamp, and the record type, as in the following:

       2 3  0.2001 (0.0749)  S>C  Handshake      Certificate

       This is record 3 on connection 2. The first  timestamp  is
       the time since the beginning of the connection. The second
       is the time since the previous record. Both  are  in  sec-
       onds.

       The  next  field  in the record line is the direction that
       the record was going. C>S  indicates  records  transmitted
       from  client to server and S>C indicates records transmit-
       ted from server to client.  ssldump assumes that the  host
       to  transmit  the  first  SYN  is  the SSL client (this is
       nearly always correct).

       The next field is  the  record  type,  one  of  Handshake,
       IAlert,  ChangeCipherSpec,  or  application_data. Finally,
       ssldump may print record-specific data on the rest of  the
       line.  For Handshake records, it prints the handshake mes-
       sage. Thus, this record is a Certificate message.

       ssldump chooses certain record types for further decoding.

       ClientHello - version, offered cipher suites, session id
                            if provided)
       ServerHello - version, session_id, chosen cipher suite,
                      compression method
       Alert - type and level (if obtainable)

       Fuller decoding of the various records can be obtained  by
       using the -A , -d , -k and -p flags.

DECRYPTION

       ssldump  can decrypt traffic between two hosts if the fol-
       lowing two conditions are met:
              1. ssldump has the keys.
              2. Static RSA was used.
       In any other case, once encryption  starts,  ssldump  will
       only  be  able  to determine the record type. Consider the
       following section of a trace.

       1 5  0.4129 (0.1983)  C>S  Handshake      ClientKeyExchange
       1 6  0.4129 (0.0000)  C>S  ChangeCipherSpec
       1 7  0.4129 (0.0000)  C>S  Handshake
       1 8  0.5585 (0.1456)  S>C  ChangeCipherSpec
       1 9  0.6135 (0.0550)  S>C  Handshake
       1 10 2.3121 (1.6986)  C>S  application_data
       1 11 2.5336 (0.2214)  C>S  application_data
       1 12 2.5545 (0.0209)  S>C  application_data
       1 13 2.5592 (0.0046)  S>C  application_data
       1 14 2.5592 (0.0000)  S>C  Alert

       Note that the ClientKeyExchange message  type  is  printed
       but  the rest of the Handshake messages do not have types.
       These are the Finished  messages,  but  because  they  are
       encrypted  ssldump  only knows that they are of type Hand-
       shake.  Similarly, had the Alert  in  record  14  happened
       during  the handshake, it's type and level would have been
       printed. However, since it is encrypted we can  only  tell
       that it is an alert.

BUGS

       Please send bug reports to ssldump@rtfm.com.

       The  TCP reassembler is not perfect. No attempt is made to
       reassemble IP fragments and the 3-way handshake and  close
       handshake  are  imperfectly implemented. In practice, this
       turns out not to be much of a problem.

       Support is provided for only  for  Ethernet  and  loopback
       interfaces  because  that's  all  that I have. If you have
       another kind of network you will need to modify pcap_cb in
       base/pcap-snoop.c. If you have direct experience with ssldump
       on other networks, please send me patches.

       ssldump doesn't implement session  caching  and  therefore
       can't decrypt resumed sessions.
Man(1) output converted with man2html
ssldump-1.1/win32/vcwin32.mak000066400000000000000000000235361354171271700160120ustar00rootroot00000000000000# Copyright (C) 1999-2000 RTFM, Inc. # All Rights Reserved # This package is a SSLv3/TLS protocol analyzer written by Eric Rescorla # and licensed by RTFM, Inc. # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # 3. All advertising materials mentioning features or use of this software # must display the following acknowledgement: # # This product includes software developed by Eric Rescorla for # RTFM, Inc. # 4. Neither the name of RTFM, Inc. nor the name of Eric Rescorla may be # used to endorse or promote products derived from this # software without specific prior written permission. # THIS SOFTWARE IS PROVIDED BY ERIC RESCORLA AND RTFM, INC. ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY SUCH DAMAGE. !IF "$(CFG)" == "" CFG=release !MESSAGE No configuration specified. Defaulting to release. !ENDIF !IF "$(CFG)" != "release" && "$(CFG)" != "debug" !MESSAGE Invalid configuration "$(CFG)" specified. !MESSAGE You can specify a configuration when running NMAKE !MESSAGE by defining the macro CFG on the command line. For example: !MESSAGE !MESSAGE NMAKE /f "vcwin32.mak" CFG="debug" !MESSAGE !MESSAGE Possible choices for configuration are: !MESSAGE !MESSAGE "release" !MESSAGE "debug" !MESSAGE !ERROR An invalid configuration is specified. !ENDIF !IF "$(OS)" == "Windows_NT" NULL= !ELSE NULL=nul !ENDIF # Directories, relative to this one ROOT=. ANALYZE_SRCDIR=$(ROOT)\base COMMONDIR=$(ROOT)\common COMMON_LIB_SRCDIR=$(COMMONDIR)\lib ANALYZE_NULL_SRCDIR=$(ROOT)\null ANALYZE_SSL_SRCDIR=$(ROOT)\ssl WIN32_DIR=$(ROOT)\win32 OBJ_DIR=$(ROOT)\out32 WINPCAP_DEV_DIR=$(WIN32_DIR)\WPdpack WINPCAP_SRC_DIR=$(WIN32_DIR)\winpcap WINPCAP_INCLUDES=-I$(WINPCAP_DEV_DIR)\include -I$(WINPCAP_DEV_DIR)\include\net \ -I$(WINPCAP_SRC_DIR)\wpcap\libpcap\win32\include # # OpenSSL-specific stuff # !IF "$(OPENSSL)" == "" OPENSSL=no !MESSAGE OpenSSL support defaulting to "no". !ENDIF !IF "$(OPENSSL)" == "yes" # # Customize the next 3 macros match your openssl development setup # OPENSSL_DIR=$(ROOT)\..\openssl\openssl-0.9.6g OPENSSL_RELEASE=$(OPENSSL_DIR)\out32 OPENSSL_DEBUG=$(OPENSSL_DIR)\out32.dbg OPENSSL_DEFINES=/D OPENSSL OPENSSL_RELEASE_LIBS=$(OPENSSL_RELEASE)\libeay32.lib $(OPENSSL_RELEASE)\ssleay32.lib OPENSSL_DEBUG_LIBS=$(OPENSSL_DEBUG)\libeay32.lib $(OPENSSL_DEBUG)\ssleay32.lib OPENSSL_INCLUDES=-I$(OPENSSL_DIR)\inc32 !ELSE # no OpenSSL OPENSSL_DEFINES= OPENSSL_DIR= OPENSSL_RELEASE= OPENSSL_RELEASE_LIBS= OPENSSL_DEBUG= OPENSSL_DEBUG_LIBS= OPENSSL_INCLUDES= !ENDIF PLATFORM=VC-WIN32 CC=cl.exe LINK=link.exe # # Getting the C run-time flag correct is critical and difficult, sadly # The same C run-time should be used by all the object code that comprises # the process. This means all DLL's and static libs we link to must use the # same C run-time, and we must match it with our flag. # # the wpcap.dll is linked to the static C run-time lib, so we will also # C_RUNTIME_FLAG=/MT COMMON_INCLUDES=-I$(ANALYZE_SRCDIR) -I$(COMMONDIR)\include -I$(COMMON_LIB_SRCDIR) -I$(ANALYZE_NULL_SRCDIR) \ -I$(ANALYZE_SSL_SRCDIR) -I$(WIN32_DIR) $(WINPCAP_INCLUDES) $(OPENSSL_INCLUDES) COMMON_DEFINES=/D STDC /D WIN32 /D _CONSOLE \ $(OPENSSL_DEFINES) /D STDC_HEADERS /D SIZEOF_UNSIGNED_SHORT=2 /D SIZEOF_UNSIGNED_LONG=4 \ /D RETSIGTYPE=void /D SIZEOF_CHAR=1 /D SIZEOF_SHORT=2 /D SIZEOF_INT=4 COMMON_CFLAGS=/nologo /W3 $(COMMON_INCLUDES) $(COMMON_DEFINES) /Fp"$(OBJ_DIR)\ssldump.pch" /YX /Fd"$(OBJ_DIR)\\" /FD /c COMMON_LIBS=gdi32.lib Wsock32.lib $(WINPCAP_DEV_DIR)\lib\wpcap.lib COMMON_LFLAGS=/nologo /subsystem:console /machine:I386 /opt:ref /incremental:no # Set build-specific (i.e., release vs. debug) options !IF "$(CFG)" == "release" BUILD_SPECIFIC_INCLUDES= BUILD_SPECIFIC_DEFINES=/D NDEBUG BUILD_SPECIFIC_CFLAGS=$(C_RUNTIME_FLAG) /O2 $(BUILD_SPECIFIC_INCLUDES) $(BUILD_SPECIFIC_DEFINES) BUILD_SPECIFIC_LIBS=$(OPENSSL_RELEASE_LIBS) BUILD_SPECIFIC_LFLAGS= !ELSE # =="debug" BUILD_SPECIFIC_INCLUDES= BUILD_SPECIFIC_DEFINES=/D _DEBUG BUILD_SPECIFIC_CFLAGS=$(C_RUNTIME_FLAG)d /ZI /Od /GZ $(BUILD_SPECIFIC_INCLUDES) $(BUILD_SPECIFIC_DEFINES) BUILD_SPECIFIC_LIBS=$(OPENSSL_DEBUG_LIBS) BUILD_SPECIFIC_LFLAGS= !ENDIF CFLAGS=$(COMMON_CFLAGS) $(BUILD_SPECIFIC_CFLAGS) LFLAGS=$(COMMON_LFLAGS) $(BUILD_SPECIFIC_LFLAGS) $(COMMON_LIBS) $(BUILD_SPECIFIC_LIBS) ALL : $(OBJ_DIR) "$(OBJ_DIR)\ssldump.exe" "$(OBJ_DIR)" : if not exist "$(OBJ_DIR)/$(NULL)" mkdir "$(OBJ_DIR)" CLEAN : -@erase "$(OBJ_DIR)\debug.obj" -@erase "$(OBJ_DIR)\r_assoc.obj" -@erase "$(OBJ_DIR)\r_data.obj" -@erase "$(OBJ_DIR)\r_errors.obj" -@erase "$(OBJ_DIR)\r_list.obj" -@erase "$(OBJ_DIR)\r_replace.obj" -@erase "$(OBJ_DIR)\r_time.obj" -@erase "$(OBJ_DIR)\network.obj" -@erase "$(OBJ_DIR)\pcap-snoop.obj" -@erase "$(OBJ_DIR)\proto_mod.obj" -@erase "$(OBJ_DIR)\tcpconn.obj" -@erase "$(OBJ_DIR)\tcppack.obj" -@erase "$(OBJ_DIR)\null_analyze.obj" -@erase "$(OBJ_DIR)\ciphersuites.obj" -@erase "$(OBJ_DIR)\ssl.enums.obj" -@erase "$(OBJ_DIR)\ssl_analyze.obj" -@erase "$(OBJ_DIR)\ssl_rec.obj" -@erase "$(OBJ_DIR)\ssldecode.obj" -@erase "$(OBJ_DIR)\sslprint.obj" -@erase "$(OBJ_DIR)\sslxprint.obj" -@erase "$(OBJ_DIR)\ssldump.exe" LINK_OBJS= \ "$(OBJ_DIR)\debug.obj" \ "$(OBJ_DIR)\r_assoc.obj" \ "$(OBJ_DIR)\r_data.obj" \ "$(OBJ_DIR)\r_errors.obj" \ "$(OBJ_DIR)\r_list.obj" \ "$(OBJ_DIR)\r_replace.obj" \ "$(OBJ_DIR)\r_time.obj" \ "$(OBJ_DIR)\network.obj" \ "$(OBJ_DIR)\pcap-snoop.obj" \ "$(OBJ_DIR)\proto_mod.obj" \ "$(OBJ_DIR)\tcpconn.obj" \ "$(OBJ_DIR)\tcppack.obj" \ "$(OBJ_DIR)\null_analyze.obj" \ "$(OBJ_DIR)\ciphersuites.obj" \ "$(OBJ_DIR)\ssl.enums.obj" \ "$(OBJ_DIR)\ssl_analyze.obj" \ "$(OBJ_DIR)\ssl_rec.obj" \ "$(OBJ_DIR)\ssldecode.obj" \ "$(OBJ_DIR)\sslprint.obj" \ "$(OBJ_DIR)\sslxprint.obj" "$(OBJ_DIR)\ssldump.exe": "$(OBJ_DIR)" $(LINK_OBJS) $(LINK) @<< /OUT:$@ $(LFLAGS) $(LINK_OBJS) << # # FILE DEPENDENCIES # # file dependencies state, for each file that is built, # which file(s) it depends upon # $(OBJ_DIR)\debug.obj: $(COMMON_LIB_SRCDIR)\debug.h $(OBJ_DIR)\debug.obj: $(COMMON_LIB_SRCDIR)\debug.c $(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\debug.c $(OBJ_DIR)\r_assoc.obj: $(COMMON_LIB_SRCDIR)\r_assoc.c $(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_assoc.c $(OBJ_DIR)\r_data.obj: $(COMMON_LIB_SRCDIR)\r_data.h $(OBJ_DIR)\r_data.obj: $(COMMON_LIB_SRCDIR)\r_data.c $(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_data.c $(OBJ_DIR)\r_errors.obj: $(COMMON_LIB_SRCDIR)\r_errors.c $(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_errors.c $(OBJ_DIR)\r_list.obj: $(COMMON_LIB_SRCDIR)\r_list.c $(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_list.c $(OBJ_DIR)\r_replace.obj: $(COMMON_LIB_SRCDIR)\r_replace.c $(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_replace.c $(OBJ_DIR)\r_time.obj: $(COMMON_LIB_SRCDIR)\r_time.c $(CC) $(CFLAGS) /Fo$@ $(COMMON_LIB_SRCDIR)\r_time.c $(OBJ_DIR)\network.obj: $(ANALYZE_SRCDIR)\network.h $(OBJ_DIR)\network.obj: $(ANALYZE_SRCDIR)\network.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SRCDIR)\network.c $(OBJ_DIR)\pcap-snoop.obj: $(ANALYZE_SRCDIR)\pcap-snoop.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SRCDIR)\pcap-snoop.c $(OBJ_DIR)\proto_mod.obj: $(ANALYZE_SRCDIR)\proto_mod.h $(OBJ_DIR)\proto_mod.obj: $(ANALYZE_SRCDIR)\proto_mod.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SRCDIR)\proto_mod.c $(OBJ_DIR)\tcpconn.obj: $(ANALYZE_SRCDIR)\tcpconn.h $(OBJ_DIR)\tcpconn.obj: $(ANALYZE_SRCDIR)\tcpconn.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SRCDIR)\tcpconn.c $(OBJ_DIR)\tcppack.obj: $(ANALYZE_SRCDIR)\tcppack.h $(OBJ_DIR)\tcppack.obj: $(ANALYZE_SRCDIR)\tcppack.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SRCDIR)\tcppack.c $(OBJ_DIR)\null_analyze.obj: $(ANALYZE_NULL_SRCDIR)\null_analyze.h $(OBJ_DIR)\null_analyze.obj: $(ANALYZE_NULL_SRCDIR)\null_analyze.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_NULL_SRCDIR)\null_analyze.c $(OBJ_DIR)\ciphersuites.obj: $(ANALYZE_SSL_SRCDIR)\ciphersuites.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\ciphersuites.c $(OBJ_DIR)\ssl.enums.obj: $(ANALYZE_SSL_SRCDIR)\ssl.enums.h $(OBJ_DIR)\ssl.enums.obj: $(ANALYZE_SSL_SRCDIR)\ssl.enums.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\ssl.enums.c $(OBJ_DIR)\ssl_analyze.obj: $(ANALYZE_SSL_SRCDIR)\ssl_analyze.h $(OBJ_DIR)\ssl_analyze.obj: $(ANALYZE_SSL_SRCDIR)\ssl_analyze.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\ssl_analyze.c $(OBJ_DIR)\ssl_rec.obj: $(ANALYZE_SSL_SRCDIR)\ssl_rec.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\ssl_rec.c $(OBJ_DIR)\ssldecode.obj: $(ANALYZE_SSL_SRCDIR)\ssldecode.h $(OBJ_DIR)\ssldecode.obj: $(ANALYZE_SSL_SRCDIR)\ssldecode.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\ssldecode.c $(OBJ_DIR)\sslprint.obj: $(ANALYZE_SSL_SRCDIR)\sslprint.h $(OBJ_DIR)\sslprint.obj: $(ANALYZE_SSL_SRCDIR)\sslprint.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\sslprint.c $(OBJ_DIR)\sslxprint.obj: $(ANALYZE_SSL_SRCDIR)\sslxprint.h $(OBJ_DIR)\sslxprint.obj: $(ANALYZE_SSL_SRCDIR)\sslxprint.c $(CC) $(CFLAGS) /Fo$@ $(ANALYZE_SSL_SRCDIR)\sslxprint.c