WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Sniffer IPv6 

1. Sorted out IPv6 configuration for sniff test.
2. Tests the sniffer using an IPv6 file.
pull/2499/head
John Safranek 2019-09-09 11:55:56 -07:00
parent ebd435ae46
commit 89ff909d73
3 changed files with 60 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/sniffer-testsuite.test
View File

@ -8,6 +8,12 @@ echo -e "\nStaring snifftest on testsuite.pcap...\n"
RESULT=$? RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\nsnifftest failed\n" && exit 1 [ $RESULT -ne 0 ] && echo -e "\nsnifftest failed\n" && exit 1
echo -e "\nStaring snifftest on sniffer-ipv6.pcap...\n"
./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-ipv6.pcap ./certs/server-key.pem ::1 11111
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\nsnifftest (ipv6) failed\n" && exit 1
echo -e "\nSuccess!\n" echo -e "\nSuccess!\n"
exit 0 exit 0

2
src/sniffer.c
View File

@ -1525,8 +1525,6 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port,
if (serverIp.ip4 == INADDR_NONE) { if (serverIp.ip4 == INADDR_NONE) {
if (inet_pton(AF_INET6, address, serverIp.ip6) == 1) { if (inet_pton(AF_INET6, address, serverIp.ip6) == 1) {
serverIp.version = IPV6; serverIp.version = IPV6;
serverIp.ip6[0] = 0;
serverIp.ip6[1] = 0;
} }
} }
sniffer = ServerList; sniffer = ServerList;

102
sslSniffer/sslSnifferTest/snifftest.c
View File

@ -179,10 +179,10 @@ static void err_sys(const char* msg)
#endif #endif
static char* iptos(unsigned int addr) static char* iptos(const struct in_addr* addr)
{ {
static char output[32]; static char output[32];
byte *p = (byte*)&addr; byte *p = (byte*)&addr->s_addr;
snprintf(output, sizeof(output), "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); snprintf(output, sizeof(output), "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
@ -190,19 +190,10 @@ static char* iptos(unsigned int addr)
} }
static char* ip6tos(const unsigned char* addr) static const char* ip6tos(const struct in6_addr* addr)
{ {
static char output[42]; static char output[42];
return inet_ntop(AF_INET6, addr, output, 42);
snprintf(output, sizeof(output),
"%02x%02x:%02x%02x:%02x%02x:%02x%02x:"
"%02x%02x:%02x%02x:%02x%02x:%02x%02x",
addr[0], addr[1], addr[2], addr[3],
addr[4], addr[5], addr[6], addr[7],
addr[8], addr[9], addr[10], addr[11],
addr[12], addr[13], addr[14], addr[15]);
return output;
} }
@ -363,21 +354,21 @@ int main(int argc, char** argv)
if (pcap == NULL) printf("pcap_create failed %s\n", err); if (pcap == NULL) printf("pcap_create failed %s\n", err);
/* get an IPv4 or IPv6 address */ /* print out addresses for selected interface */
for (a = d->addresses; a; a = a->next) { for (a = d->addresses; a; a = a->next) {
if (a->addr->sa_family == AF_INET) if (a->addr->sa_family == AF_INET) {
server = server =
iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr); iptos(&((struct sockaddr_in *)a->addr)->sin_addr);
else if (a->addr->sa_family == AF_INET6) printf("server = %s\n", server);
}
else if (a->addr->sa_family == AF_INET6) {
server = server =
ip6tos(((struct sockaddr_in6 *)a->addr)->sin6_addr.s6_addr); ip6tos(&((struct sockaddr_in6 *)a->addr)->sin6_addr);
else printf("server = %s\n", server);
server = NULL; }
} }
if (server == NULL) if (server == NULL)
err_sys("Unable to get device IPv4 or IPv6 address"); err_sys("Unable to get device IPv4 or IPv6 address");
else
printf("server = %s\n", server);
ret = pcap_set_snaplen(pcap, 65536); ret = pcap_set_snaplen(pcap, 65536);
if (ret != 0) printf("pcap_set_snaplen failed %s\n", pcap_geterr(pcap)); if (ret != 0) printf("pcap_set_snaplen failed %s\n", pcap_geterr(pcap));
@ -409,33 +400,48 @@ int main(int argc, char** argv)
ret = pcap_setfilter(pcap, &fp); ret = pcap_setfilter(pcap, &fp);
if (ret != 0) printf("pcap_setfilter failed %s\n", pcap_geterr(pcap)); if (ret != 0) printf("pcap_setfilter failed %s\n", pcap_geterr(pcap));
#ifndef WOLFSSL_SNIFFER_WATCH /* get IPv4 or IPv6 addresses for selected interface */
server = "::1"; for (a = d->addresses; a; a = a->next) {
ret = ssl_SetPrivateKey(server, port, "../../certs/server-key.pem", server = NULL;
FILETYPE_PEM, NULL, err); if (a->addr->sa_family == AF_INET) {
if (ret != 0) { server =
printf("Please run directly from sslSniffer/sslSnifferTest dir\n"); iptos(&((struct sockaddr_in *)a->addr)->sin_addr);
}
#ifdef HAVE_SNI
{
char altName[128];
printf("Enter alternate SNI: ");
ret = scanf("%s", altName);
if (strnlen(altName, 128) > 0) {
ret = ssl_SetNamedPrivateKey(altName,
server, port, "../../certs/server-key.pem",
FILETYPE_PEM, NULL, err);
if (ret != 0) {
printf("Please run directly from "
"sslSniffer/sslSnifferTest dir\n");
}
} }
} else if (a->addr->sa_family == AF_INET6) {
#endif server =
#endif ip6tos(&((struct sockaddr_in6 *)a->addr)->sin6_addr);
}
if (server) {
#ifndef WOLFSSL_SNIFFER_WATCH
ret = ssl_SetPrivateKey(server, port,
"../../certs/server-key.pem",
FILETYPE_PEM, NULL, err);
if (ret != 0) {
printf("Please run directly from sslSniffer/sslSnifferTest"
"dir\n");
}
#ifdef HAVE_SNI
{
char altName[128];
printf("Enter alternate SNI: ");
ret = scanf("%s", altName);
if (strnlen(altName, 128) > 0) {
ret = ssl_SetNamedPrivateKey(altName,
server, port, "../../certs/server-key.pem",
FILETYPE_PEM, NULL, err);
if (ret != 0) {
printf("Please run directly from "
"sslSniffer/sslSnifferTest dir\n");
}
}
}
#endif
#endif
}
}
} }
else if (argc >= 3) { else if (argc >= 3) {
saveFile = 1; saveFile = 1;