def parse_args(self, server="127.0.0.1", sport=4433,
mycert=None, mykey=None,
preferred_ciphersuite=None, **kargs):
Automaton.parse_args(self, **kargs)
self.mycert = Cert(mycert)
self.mykey = PrivKey(mykey)
try:
if ':' in server:
socket.inet_pton(socket.AF_INET6, server)
else:
socket.inet_pton(socket.AF_INET, server)
tmp = socket.getaddrinfo(server, sport)
except:
tmp = socket.getaddrinfo(socket.getfqdn(server), sport)
self.ip_family = tmp[0][0]
self.local_ip = tmp[0][4][0]
self.local_port = sport
self.remote_ip = None
self.remote_port = None
self.cur_pkt = None
self.cur_session = None
self.msg_list = []
self.remain = ""
self.socket = None
self.cert_req = None
self.preferred_ciphersuite = preferred_ciphersuite
def getfield(self, pkt, s):
l = 0
if self.length_from is not None:
l = self.length_from(pkt)
try:
certdata = Cert(s[:l])
except:
certdata = s[:l]
return s[l:], certdata
def getfield(self, pkt, s):
tmp_len = 0
if self.length_from is not None:
tmp_len = self.length_from(pkt)
try:
certdata = Cert(s[:tmp_len])
except Exception:
certdata = s[:tmp_len]
return s[tmp_len:], certdata
def getfield(self, pkt, s):
tmp_len = 0
if self.length_from is not None:
tmp_len = self.length_from(pkt)
try:
certdata = Cert(s[:tmp_len])
except Exception:
if conf.debug_dissector:
raise
certdata = s[:tmp_len]
return s[tmp_len:], certdata
def getfield(self, pkt, s):
tmp_len = 0
if self.length_from is not None:
tmp_len = self.length_from(pkt)
try:
certdata = Cert(s[:tmp_len])
except Exception:
# Packets are sometimes wrongly interpreted as SSLv2
# (see record.py). We ignore failures silently
certdata = s[:tmp_len]
return s[tmp_len:], certdata
def getfield(self, pkt, s):
l = None
if self.length_from is not None:
l = self.length_from(pkt)
ret = ""
m = s
if l is not None:
m, ret = s[:l], s[l:]
clen = struct.unpack("!I", '\x00' + m[:3])[0]
len_cert = (clen, Cert(m[3:3 + clen]))
m = m[3 + clen:]
return m + ret, len_cert
def parse_args(self,
server="127.0.0.1",
dport=4433,
server_name=None,
mycert=None,
mykey=None,
client_hello=None,
data=None,
**kargs):
Automaton.parse_args(self, **kargs)
tmp = socket.getaddrinfo(server, dport)
self.remote_name = None
try:
if ':' in server:
socket.inet_pton(socket.AF_INET6, server)
else:
socket.inet_pton(socket.AF_INET, server)
except:
self.remote_name = socket.getfqdn(server)
if self.remote_name != server:
tmp = socket.getaddrinfo(self.remote_name, dport)
if server_name:
self.remote_name = server_name
self.remote_family = tmp[0][0]
self.remote_ip = tmp[0][4][0]
self.remote_port = dport
self.local_ip = None
self.local_port = None
self.cur_pkt = None
self.cur_session = None
self.msg_list = []
self.remain = ""
self.socket = None
self.cert_req = None
self.client_hello = client_hello
self.data = data
if mycert and mykey:
self.mycert = Cert(mycert)
self.mykey = PrivKey(mykey)
else:
self.mycert = None
self.mykey = None
def getfield(self, pkt, s):
"""
Extract Certs in a loop.
XXX We should provide safeguards when trying to parse a Cert.
"""
l = None
if self.length_from is not None:
l = self.length_from(pkt)
lst = []
ret = ""
m = s
if l is not None:
m, ret = s[:l], s[l:]
while m:
clen = struct.unpack("!I", b'\x00' + m[:3])[0]
lst.append((clen, Cert(m[3:3 + clen])))
m = m[3 + clen:]
return m + ret, lst
def parse_args(self, mycert=None, mykey=None, **kargs):
super(_TLSAutomaton, self).parse_args(**kargs)
self.socket = None
self.remain_in = b""
self.buffer_in = [] # these are 'fragments' inside records
self.buffer_out = [] # these are records
self.cur_session = None
self.cur_pkt = None # this is usually the latest parsed packet
if mycert:
self.mycert = Cert(mycert)
else:
self.mycert = None
if mykey:
self.mykey = PrivKey(mykey)
else:
self.mykey = None
self.verbose = kargs.get("verbose", True)
