summaryrefslogtreecommitdiffstats
path: root/util
diff options
context:
space:
mode:
Diffstat (limited to 'util')
-rw-r--r--util/perl/TLSProxy/Certificate.pm4
-rw-r--r--util/perl/TLSProxy/CertificateRequest.pm4
-rw-r--r--util/perl/TLSProxy/CertificateVerify.pm4
-rw-r--r--util/perl/TLSProxy/ClientHello.pm4
-rw-r--r--util/perl/TLSProxy/EncryptedExtensions.pm4
-rw-r--r--util/perl/TLSProxy/HelloVerifyRequest.pm4
-rw-r--r--util/perl/TLSProxy/Message.pm70
-rw-r--r--util/perl/TLSProxy/NewSessionTicket.pm8
-rw-r--r--util/perl/TLSProxy/ServerHello.pm4
-rw-r--r--util/perl/TLSProxy/ServerKeyExchange.pm4
10 files changed, 61 insertions, 49 deletions
diff --git a/util/perl/TLSProxy/Certificate.pm b/util/perl/TLSProxy/Certificate.pm
index 4377169747..3b800d7369 100644
--- a/util/perl/TLSProxy/Certificate.pm
+++ b/util/perl/TLSProxy/Certificate.pm
@@ -18,7 +18,7 @@ sub new
my ($isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -30,7 +30,7 @@ sub new
$server,
TLSProxy::Message::MT_CERTIFICATE,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
diff --git a/util/perl/TLSProxy/CertificateRequest.pm b/util/perl/TLSProxy/CertificateRequest.pm
index 67943490bd..8b5dce7afb 100644
--- a/util/perl/TLSProxy/CertificateRequest.pm
+++ b/util/perl/TLSProxy/CertificateRequest.pm
@@ -18,7 +18,7 @@ sub new
my ($isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -30,7 +30,7 @@ sub new
$server,
TLSProxy::Message::MT_CERTIFICATE_REQUEST,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
diff --git a/util/perl/TLSProxy/CertificateVerify.pm b/util/perl/TLSProxy/CertificateVerify.pm
index 637298525d..cbaf095134 100644
--- a/util/perl/TLSProxy/CertificateVerify.pm
+++ b/util/perl/TLSProxy/CertificateVerify.pm
@@ -18,7 +18,7 @@ sub new
my ($isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -30,7 +30,7 @@ sub new
$server,
TLSProxy::Message::MT_CERTIFICATE_VERIFY,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
diff --git a/util/perl/TLSProxy/ClientHello.pm b/util/perl/TLSProxy/ClientHello.pm
index c24065f2b9..d638634963 100644
--- a/util/perl/TLSProxy/ClientHello.pm
+++ b/util/perl/TLSProxy/ClientHello.pm
@@ -20,7 +20,7 @@ sub new
my ($isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -32,7 +32,7 @@ sub new
$server,
TLSProxy::Message::MT_CLIENT_HELLO,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
diff --git a/util/perl/TLSProxy/EncryptedExtensions.pm b/util/perl/TLSProxy/EncryptedExtensions.pm
index 8b1e76afd5..c970420bda 100644
--- a/util/perl/TLSProxy/EncryptedExtensions.pm
+++ b/util/perl/TLSProxy/EncryptedExtensions.pm
@@ -18,7 +18,7 @@ sub new
my ($isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -30,7 +30,7 @@ sub new
$server,
TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
diff --git a/util/perl/TLSProxy/HelloVerifyRequest.pm b/util/perl/TLSProxy/HelloVerifyRequest.pm
index 6fa7f1ac61..9ca0bf5f90 100644
--- a/util/perl/TLSProxy/HelloVerifyRequest.pm
+++ b/util/perl/TLSProxy/HelloVerifyRequest.pm
@@ -21,7 +21,7 @@ sub new
my ($isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -33,7 +33,7 @@ sub new
$server,
TLSProxy::Message::MT_HELLO_VERIFY_REQUEST,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
diff --git a/util/perl/TLSProxy/Message.pm b/util/perl/TLSProxy/Message.pm
index 492946f3d7..0d8285cdbd 100644
--- a/util/perl/TLSProxy/Message.pm
+++ b/util/perl/TLSProxy/Message.pm
@@ -47,6 +47,7 @@ use constant {
AL_DESC_BAD_RECORD_MAC => 20,
AL_DESC_ILLEGAL_PARAMETER => 47,
AL_DESC_PROTOCOL_VERSION => 70,
+ AL_DESC_INAPPROPRIATE_FALLBACK => 86,
AL_DESC_NO_RENEGOTIATION => 100
};
@@ -223,11 +224,11 @@ sub get_messages
$payload .= substr($record->decrypt_data, 0, $recoffset);
push @message_frag_lens, $recoffset;
if ($isdtls) {
- # We must set $msgseq, $msgfrag, $msgfragoffs
+ # We must set $msgseq, $msgfraglen, $msgfragoffs
die "Internal error: cannot handle partial dtls messages\n"
}
$message = create_message($server, $mt,
- #$msgseq, $msgfrag, $msgfragoffs,
+ #$msgseq, $msgfraglen, $msgfragoffs,
0, 0, 0,
$payload, $startoffset, $isdtls);
push @messages, $message;
@@ -254,16 +255,16 @@ sub get_messages
my $lenhi;
my $lenlo;
my $msgseq;
- my $msgfrag;
+ my $msgfraglen;
my $msgfragoffs;
if ($isdtls) {
- my $msgfraghi;
- my $msgfraglo;
+ my $msgfraglenhi;
+ my $msgfraglenlo;
my $msgfragoffshi;
my $msgfragoffslo;
- ($mt, $lenhi, $lenlo, $msgseq, $msgfraghi, $msgfraglo, $msgfragoffshi, $msgfragoffslo) =
+ ($mt, $lenhi, $lenlo, $msgseq, $msgfragoffshi, $msgfragoffslo, $msgfraglenhi, $msgfraglenlo) =
unpack('CnCnnCnC', substr($record->decrypt_data, $recoffset));
- $msgfrag = ($msgfraghi << 8) | $msgfraglo;
+ $msgfraglen = ($msgfraglenhi << 8) | $msgfraglenlo;
$msgfragoffs = ($msgfragoffshi << 8) | $msgfragoffslo;
} else {
($mt, $lenhi, $lenlo) =
@@ -272,6 +273,10 @@ sub get_messages
$messlen = ($lenhi << 8) | $lenlo;
print " Message type: $message_type{$mt}($mt)\n";
print " Message Length: $messlen\n";
+ if ($isdtls) {
+ print " Message fragment length: $msgfraglen\n";
+ print " Message fragment offset: $msgfragoffs\n";
+ }
$startoffset = $recoffset;
$recoffset += $msgheaderlen;
$payload = "";
@@ -285,7 +290,7 @@ sub get_messages
$recoffset += $messlen;
push @message_frag_lens, $messlen;
$message = create_message($server, $mt, $msgseq,
- $msgfrag, $msgfragoffs,
+ $msgfraglen, $msgfragoffs,
$payload, $startoffset, $isdtls);
push @messages, $message;
@@ -335,7 +340,7 @@ sub get_messages
#construct it
sub create_message
{
- my ($server, $mt, $msgseq, $msgfrag, $msgfragoffs, $data, $startoffset, $isdtls) = @_;
+ my ($server, $mt, $msgseq, $msgfraglen, $msgfragoffs, $data, $startoffset, $isdtls) = @_;
my $message;
if ($mt == MT_CLIENT_HELLO) {
@@ -343,7 +348,7 @@ sub create_message
$isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
[@message_rec_list],
@@ -356,7 +361,7 @@ sub create_message
$isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
[@message_rec_list],
@@ -369,7 +374,7 @@ sub create_message
$isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
[@message_rec_list],
@@ -382,7 +387,7 @@ sub create_message
$isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
[@message_rec_list],
@@ -395,7 +400,7 @@ sub create_message
$isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
[@message_rec_list],
@@ -408,7 +413,7 @@ sub create_message
$isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
[@message_rec_list],
@@ -421,7 +426,7 @@ sub create_message
$isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
[@message_rec_list],
@@ -434,7 +439,7 @@ sub create_message
$isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
[@message_rec_list],
@@ -447,7 +452,7 @@ sub create_message
$message = TLSProxy::NewSessionTicket->new_dtls(
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
[@message_rec_list],
@@ -469,7 +474,7 @@ sub create_message
$isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
[@message_rec_list],
@@ -484,7 +489,7 @@ sub create_message
$server,
$mt,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
[@message_rec_list],
@@ -524,7 +529,7 @@ sub new
$server,
$mt,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -538,7 +543,7 @@ sub new
records => $records,
mt => $mt,
msgseq => $msgseq,
- msgfrag => $msgfrag,
+ msgfraglen => $msgfraglen,
msgfragoffs => $msgfragoffs,
startoffset => $startoffset,
message_frag_lens => $message_frag_lens,
@@ -572,14 +577,21 @@ sub repack
my $lenhi = length($self->data) >> 8;
if ($self->{isdtls}) {
- my $msgfraghi = $self->msgfrag >> 8;
- my $msgfraglo = $self->msgfrag & 0xff;
+ my $msgfraglenhi = $self->msgfraglen >> 8;
+ my $msgfraglenlo = $self->msgfraglen & 0xff;
my $msgfragoffshi = $self->msgfragoffs >> 8;
my $msgfragoffslo = $self->msgfragoffs & 0xff;
+ if (length($self->data) != $self->msgfraglen) {
+ # TLSProxy does not support message fragmentation hence we can just
+ # overwrite the fragment lengths
+ $msgfraglenhi = $lenhi;
+ $msgfraglenlo = $lenlo;
+ print "DTLS Message Fragment Length overwritten with actual message size.\n"
+ }
$msgdata = pack('CnCnnCnC', $self->mt, $lenhi, $lenlo, $self->msgseq,
- $msgfraghi, $msgfraglo,
- $msgfragoffshi, $msgfragoffslo).$self->data;
+ $msgfragoffshi, $msgfragoffslo,
+ $msgfraglenhi, $msgfraglenlo).$self->data;
} else {
$msgdata = pack('CnC', $self->mt, $lenhi, $lenlo).$self->data;
}
@@ -701,13 +713,13 @@ sub msgseq
}
return $self->{msgseq};
}
-sub msgfrag
+sub msgfraglen
{
my $self = shift;
if (@_) {
- $self->{msgfrag} = shift;
+ $self->{msgfraglen} = shift;
}
- return $self->{msgfrag};
+ return $self->{msgfraglen};
}
sub msgfragoffs
{
diff --git a/util/perl/TLSProxy/NewSessionTicket.pm b/util/perl/TLSProxy/NewSessionTicket.pm
index 26dcc17bb0..d60ea8d78f 100644
--- a/util/perl/TLSProxy/NewSessionTicket.pm
+++ b/util/perl/TLSProxy/NewSessionTicket.pm
@@ -18,7 +18,7 @@ sub new_dtls
my ($server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -29,7 +29,7 @@ sub new_dtls
1,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -66,7 +66,7 @@ sub init{
my ($isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -78,7 +78,7 @@ sub init{
$server,
TLSProxy::Message::MT_NEW_SESSION_TICKET,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
diff --git a/util/perl/TLSProxy/ServerHello.pm b/util/perl/TLSProxy/ServerHello.pm
index 3741898a3e..92643701ab 100644
--- a/util/perl/TLSProxy/ServerHello.pm
+++ b/util/perl/TLSProxy/ServerHello.pm
@@ -25,7 +25,7 @@ sub new
my ($isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -37,7 +37,7 @@ sub new
$server,
TLSProxy::Message::MT_SERVER_HELLO,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
diff --git a/util/perl/TLSProxy/ServerKeyExchange.pm b/util/perl/TLSProxy/ServerKeyExchange.pm
index 160ff36688..2e9b006ea8 100644
--- a/util/perl/TLSProxy/ServerKeyExchange.pm
+++ b/util/perl/TLSProxy/ServerKeyExchange.pm
@@ -18,7 +18,7 @@ sub new
my ($isdtls,
$server,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
@@ -30,7 +30,7 @@ sub new
$server,
TLSProxy::Message::MT_SERVER_KEY_EXCHANGE,
$msgseq,
- $msgfrag,
+ $msgfraglen,
$msgfragoffs,
$data,
$records,
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-10 15:46:06 +0000