Hi Alexay,
On 10/16/18 2:17 PM, Alexey Elymanov wrote:
> I would like to propose a little patch, based on current ssl_capture
> (ssl_sock.c) scheme.
> Purpose is to be able to sample/fetch TLS extensions, it could be useful for
> debugging or fingerprinting purposes (for example, cURL and Firefox provide
> different sets of extensions in ClientHello message).
>
> it provides two hooks, which should be enough for further Lua
> processing/request forwarding/analysis: smp_fetch_ssl_fc_exts_bin,
> smp_fetch_ssl_fc_exts_hex
>
>
I would have the opinion of Thierry on this. I don't know why he did those
fetches like this, perhaps converters are not yet available in LUA, in this
case it's a point to address
because we won't duplicate all fetches just for LUA.
Anyway i have some notes about your patch:
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -271,6 +271,8 @@ struct ssl_capture {
unsigned long long int xxh64;
unsigned char ciphersuite_len;
char ciphersuite[0];
+ unsigned char extensions_len;
+ char extensions[0];
};
Here setting a ciphersuite, you will scratch extensions_len with unpredictable
value resulting in buffer out of bound reading the extensions (take care of
[0]).
It also disallow to use ciphersuite and extensions capture at same time.
I also notice a lot of indent issue in your patch.
R,
Emeric
PS: CCing Thierry for his opinion.
