def parse_args(self, server="127.0.0.1", sport=4433, mycert=None, mykey=None, preferred_ciphersuite=None, **kargs): Automaton.parse_args(self, **kargs) self.mycert = Cert(mycert) self.mykey = PrivKey(mykey) try: if ':' in server: socket.inet_pton(socket.AF_INET6, server) else: socket.inet_pton(socket.AF_INET, server) tmp = socket.getaddrinfo(server, sport) except: tmp = socket.getaddrinfo(socket.getfqdn(server), sport) self.ip_family = tmp[0][0] self.local_ip = tmp[0][4][0] self.local_port = sport self.remote_ip = None self.remote_port = None self.cur_pkt = None self.cur_session = None self.msg_list = [] self.remain = "" self.socket = None self.cert_req = None self.preferred_ciphersuite = preferred_ciphersuite
def getfield(self, pkt, s): l = 0 if self.length_from is not None: l = self.length_from(pkt) try: certdata = Cert(s[:l]) except: certdata = s[:l] return s[l:], certdata
def getfield(self, pkt, s): tmp_len = 0 if self.length_from is not None: tmp_len = self.length_from(pkt) try: certdata = Cert(s[:tmp_len]) except Exception: certdata = s[:tmp_len] return s[tmp_len:], certdata
def getfield(self, pkt, s): tmp_len = 0 if self.length_from is not None: tmp_len = self.length_from(pkt) try: certdata = Cert(s[:tmp_len]) except Exception: if conf.debug_dissector: raise certdata = s[:tmp_len] return s[tmp_len:], certdata
def getfield(self, pkt, s): tmp_len = 0 if self.length_from is not None: tmp_len = self.length_from(pkt) try: certdata = Cert(s[:tmp_len]) except Exception: # Packets are sometimes wrongly interpreted as SSLv2 # (see record.py). We ignore failures silently certdata = s[:tmp_len] return s[tmp_len:], certdata
def getfield(self, pkt, s): l = None if self.length_from is not None: l = self.length_from(pkt) ret = "" m = s if l is not None: m, ret = s[:l], s[l:] clen = struct.unpack("!I", '\x00' + m[:3])[0] len_cert = (clen, Cert(m[3:3 + clen])) m = m[3 + clen:] return m + ret, len_cert
def parse_args(self, server="127.0.0.1", dport=4433, server_name=None, mycert=None, mykey=None, client_hello=None, data=None, **kargs): Automaton.parse_args(self, **kargs) tmp = socket.getaddrinfo(server, dport) self.remote_name = None try: if ':' in server: socket.inet_pton(socket.AF_INET6, server) else: socket.inet_pton(socket.AF_INET, server) except: self.remote_name = socket.getfqdn(server) if self.remote_name != server: tmp = socket.getaddrinfo(self.remote_name, dport) if server_name: self.remote_name = server_name self.remote_family = tmp[0][0] self.remote_ip = tmp[0][4][0] self.remote_port = dport self.local_ip = None self.local_port = None self.cur_pkt = None self.cur_session = None self.msg_list = [] self.remain = "" self.socket = None self.cert_req = None self.client_hello = client_hello self.data = data if mycert and mykey: self.mycert = Cert(mycert) self.mykey = PrivKey(mykey) else: self.mycert = None self.mykey = None
def getfield(self, pkt, s): """ Extract Certs in a loop. XXX We should provide safeguards when trying to parse a Cert. """ l = None if self.length_from is not None: l = self.length_from(pkt) lst = [] ret = "" m = s if l is not None: m, ret = s[:l], s[l:] while m: clen = struct.unpack("!I", b'\x00' + m[:3])[0] lst.append((clen, Cert(m[3:3 + clen]))) m = m[3 + clen:] return m + ret, lst
def parse_args(self, mycert=None, mykey=None, **kargs): super(_TLSAutomaton, self).parse_args(**kargs) self.socket = None self.remain_in = b"" self.buffer_in = [] # these are 'fragments' inside records self.buffer_out = [] # these are records self.cur_session = None self.cur_pkt = None # this is usually the latest parsed packet if mycert: self.mycert = Cert(mycert) else: self.mycert = None if mykey: self.mykey = PrivKey(mykey) else: self.mykey = None self.verbose = kargs.get("verbose", True)