]>
Commit | Line | Data |
---|---|---|
1212818e | 1 | # Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. |
a1accbb1 | 2 | # |
9059ab42 | 3 | # Licensed under the Apache License 2.0 (the "License"). You may not use |
ac3d0e13 RS |
4 | # this file except in compliance with the License. You can obtain a copy |
5 | # in the file LICENSE in the source distribution or at | |
6 | # https://www.openssl.org/source/license.html | |
a1accbb1 MC |
7 | |
8 | use strict; | |
9 | ||
10 | package TLSProxy::ServerHello; | |
11 | ||
180df315 RL |
12 | use vars '@ISA'; |
13 | push @ISA, 'TLSProxy::Message'; | |
a1accbb1 | 14 | |
be60b10a MC |
15 | my $hrrrandom = pack("C*", 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, |
16 | 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, | |
17 | 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09, | |
18 | 0xE2, 0xC8, 0xA8, 0x33, 0x9C); | |
19 | ||
a1accbb1 MC |
20 | sub new |
21 | { | |
22 | my $class = shift; | |
23 | my ($server, | |
24 | $data, | |
25 | $records, | |
26 | $startoffset, | |
27 | $message_frag_lens) = @_; | |
df443918 | 28 | |
a1accbb1 MC |
29 | my $self = $class->SUPER::new( |
30 | $server, | |
31 | TLSProxy::Message::MT_SERVER_HELLO, | |
32 | $data, | |
33 | $records, | |
34 | $startoffset, | |
35 | $message_frag_lens); | |
36 | ||
37 | $self->{server_version} = 0; | |
38 | $self->{random} = []; | |
39 | $self->{session_id_len} = 0; | |
40 | $self->{session} = ""; | |
41 | $self->{ciphersuite} = 0; | |
42 | $self->{comp_meth} = 0; | |
aa474d1f | 43 | $self->{extension_data} = ""; |
a1accbb1 MC |
44 | |
45 | return $self; | |
46 | } | |
47 | ||
48 | sub parse | |
49 | { | |
50 | my $self = shift; | |
51 | my $ptr = 2; | |
52 | my ($server_version) = unpack('n', $self->data); | |
426dfc9f | 53 | my $neg_version = $server_version; |
71728dd8 | 54 | |
a1accbb1 MC |
55 | my $random = substr($self->data, $ptr, 32); |
56 | $ptr += 32; | |
71728dd8 MC |
57 | my $session_id_len = 0; |
58 | my $session = ""; | |
88050dd1 MC |
59 | $session_id_len = unpack('C', substr($self->data, $ptr)); |
60 | $ptr++; | |
61 | $session = substr($self->data, $ptr, $session_id_len); | |
62 | $ptr += $session_id_len; | |
63 | ||
a1accbb1 MC |
64 | my $ciphersuite = unpack('n', substr($self->data, $ptr)); |
65 | $ptr += 2; | |
71728dd8 | 66 | my $comp_meth = 0; |
88050dd1 MC |
67 | $comp_meth = unpack('C', substr($self->data, $ptr)); |
68 | $ptr++; | |
69 | ||
a1accbb1 | 70 | my $extensions_len = unpack('n', substr($self->data, $ptr)); |
a2a0c86b MC |
71 | if (!defined $extensions_len) { |
72 | $extensions_len = 0; | |
73 | } else { | |
74 | $ptr += 2; | |
75 | } | |
a1accbb1 MC |
76 | #For now we just deal with this as a block of data. In the future we will |
77 | #want to parse this | |
a2a0c86b MC |
78 | my $extension_data; |
79 | if ($extensions_len != 0) { | |
80 | $extension_data = substr($self->data, $ptr); | |
df443918 | 81 | |
a2a0c86b MC |
82 | if (length($extension_data) != $extensions_len) { |
83 | die "Invalid extension length\n"; | |
84 | } | |
85 | } else { | |
86 | if (length($self->data) != $ptr) { | |
87 | die "Invalid extension length\n"; | |
88 | } | |
89 | $extension_data = ""; | |
a1accbb1 MC |
90 | } |
91 | my %extensions = (); | |
92 | while (length($extension_data) >= 4) { | |
93 | my ($type, $size) = unpack("nn", $extension_data); | |
94 | my $extdata = substr($extension_data, 4, $size); | |
95 | $extension_data = substr($extension_data, 4 + $size); | |
96 | $extensions{$type} = $extdata; | |
88050dd1 | 97 | if ($type == TLSProxy::Message::EXT_SUPPORTED_VERSIONS) { |
426dfc9f | 98 | $neg_version = unpack('n', $extdata); |
88050dd1 MC |
99 | } |
100 | } | |
101 | ||
be60b10a MC |
102 | if ($random eq $hrrrandom) { |
103 | TLSProxy::Proxy->is_tls13(1); | |
35e742ec | 104 | } elsif ($neg_version == TLSProxy::Record::VERS_TLS_1_3) { |
88050dd1 | 105 | TLSProxy::Proxy->is_tls13(1); |
be60b10a MC |
106 | |
107 | TLSProxy::Record->server_encrypting(1); | |
108 | TLSProxy::Record->client_encrypting(1); | |
a1accbb1 MC |
109 | } |
110 | ||
111 | $self->server_version($server_version); | |
112 | $self->random($random); | |
113 | $self->session_id_len($session_id_len); | |
114 | $self->session($session); | |
115 | $self->ciphersuite($ciphersuite); | |
397f4f78 | 116 | TLSProxy::Proxy->ciphersuite($ciphersuite); |
a1accbb1 | 117 | $self->comp_meth($comp_meth); |
a1accbb1 MC |
118 | $self->extension_data(\%extensions); |
119 | ||
120 | $self->process_data(); | |
121 | ||
9970290e | 122 | |
a1accbb1 MC |
123 | print " Server Version:".$server_version."\n"; |
124 | print " Session ID Len:".$session_id_len."\n"; | |
125 | print " Ciphersuite:".$ciphersuite."\n"; | |
126 | print " Compression Method:".$comp_meth."\n"; | |
127 | print " Extensions Len:".$extensions_len."\n"; | |
128 | } | |
129 | ||
130 | #Perform any actions necessary based on the data we've seen | |
131 | sub process_data | |
132 | { | |
133 | my $self = shift; | |
134 | ||
135 | TLSProxy::Message->ciphersuite($self->ciphersuite); | |
136 | } | |
137 | ||
138 | #Reconstruct the on-the-wire message data following changes | |
139 | sub set_message_contents | |
140 | { | |
141 | my $self = shift; | |
142 | my $data; | |
cf7f8592 | 143 | my $extensions = ""; |
a1accbb1 MC |
144 | |
145 | $data = pack('n', $self->server_version); | |
146 | $data .= $self->random; | |
88050dd1 MC |
147 | $data .= pack('C', $self->session_id_len); |
148 | $data .= $self->session; | |
a1accbb1 | 149 | $data .= pack('n', $self->ciphersuite); |
88050dd1 | 150 | $data .= pack('C', $self->comp_meth); |
cf7f8592 | 151 | |
a1accbb1 MC |
152 | foreach my $key (keys %{$self->extension_data}) { |
153 | my $extdata = ${$self->extension_data}{$key}; | |
cf7f8592 EK |
154 | $extensions .= pack("n", $key); |
155 | $extensions .= pack("n", length($extdata)); | |
156 | $extensions .= $extdata; | |
9effc496 | 157 | if ($key == $self->dupext) { |
aa474d1f EK |
158 | $extensions .= pack("n", $key); |
159 | $extensions .= pack("n", length($extdata)); | |
160 | $extensions .= $extdata; | |
161 | } | |
a1accbb1 MC |
162 | } |
163 | ||
cf7f8592 EK |
164 | $data .= pack('n', length($extensions)); |
165 | $data .= $extensions; | |
a1accbb1 MC |
166 | $self->data($data); |
167 | } | |
168 | ||
169 | #Read/write accessors | |
170 | sub server_version | |
171 | { | |
172 | my $self = shift; | |
173 | if (@_) { | |
71728dd8 | 174 | $self->{server_version} = shift; |
a1accbb1 | 175 | } |
71728dd8 | 176 | return $self->{server_version}; |
a1accbb1 MC |
177 | } |
178 | sub random | |
179 | { | |
180 | my $self = shift; | |
181 | if (@_) { | |
182 | $self->{random} = shift; | |
183 | } | |
184 | return $self->{random}; | |
185 | } | |
186 | sub session_id_len | |
187 | { | |
188 | my $self = shift; | |
189 | if (@_) { | |
190 | $self->{session_id_len} = shift; | |
191 | } | |
192 | return $self->{session_id_len}; | |
193 | } | |
194 | sub session | |
195 | { | |
196 | my $self = shift; | |
197 | if (@_) { | |
198 | $self->{session} = shift; | |
199 | } | |
200 | return $self->{session}; | |
201 | } | |
202 | sub ciphersuite | |
203 | { | |
204 | my $self = shift; | |
205 | if (@_) { | |
206 | $self->{ciphersuite} = shift; | |
207 | } | |
208 | return $self->{ciphersuite}; | |
209 | } | |
210 | sub comp_meth | |
211 | { | |
212 | my $self = shift; | |
213 | if (@_) { | |
214 | $self->{comp_meth} = shift; | |
215 | } | |
216 | return $self->{comp_meth}; | |
217 | } | |
a1accbb1 MC |
218 | sub extension_data |
219 | { | |
220 | my $self = shift; | |
221 | if (@_) { | |
222 | $self->{extension_data} = shift; | |
223 | } | |
224 | return $self->{extension_data}; | |
225 | } | |
cf7f8592 EK |
226 | sub set_extension |
227 | { | |
228 | my ($self, $ext_type, $ext_data) = @_; | |
229 | $self->{extension_data}{$ext_type} = $ext_data; | |
230 | } | |
040c8783 DSH |
231 | sub delete_extension |
232 | { | |
233 | my ($self, $ext_type) = @_; | |
234 | delete $self->{extension_data}{$ext_type}; | |
235 | } | |
a1accbb1 | 236 | 1; |