Feature: add gtest case
This commit is contained in:
liuxueli
@@ -58,7 +58,9 @@ add_test(NAME RUN_BUG_TEST COMMAND ${TEST_MAIN} ${CMAKE_CURRENT_SOURCE_DIR}/case
|
||||
add_test(NAME RUN_MULTIPLE_HANDSHAKE_TEST COMMAND ${TEST_MAIN} ${CMAKE_CURRENT_SOURCE_DIR}/case/multiple_handshake/ssl_multiple_handshake_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/case/multiple_handshake/ -name '*.pcap' | sort -V" WORKING_DIRECTORY ${TEST_RUN_DIR})
|
||||
add_test(NAME RUN_CLOSE_CONTAINS_PAYLOAD_TEST COMMAND ${TEST_MAIN} ${CMAKE_CURRENT_SOURCE_DIR}/case/close_contains_payload/ssl_close_contains_payload_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/case/close_contains_payload/ -name '*.pcap' | sort -V" WORKING_DIRECTORY ${TEST_RUN_DIR})
|
||||
add_test(NAME RUN_EXTENSION_EXCEED_16 COMMAND ${TEST_MAIN} ${CMAKE_CURRENT_SOURCE_DIR}/case/extensions_exceed_16/extensions_exceed_16_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/case/extensions_exceed_16/ -name '*.pcap' | sort -V" WORKING_DIRECTORY ${TEST_RUN_DIR})
|
||||
add_test(NAME RUN_CLIENT_HELLO_FRAGMENT COMMAND ${TEST_MAIN} ${CMAKE_CURRENT_SOURCE_DIR}/case/client_hello_fragment/ssl_client_hello_fragment_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/case/client_hello_fragment/ -name '*.pcap' | sort -V" WORKING_DIRECTORY ${TEST_RUN_DIR})
|
||||
add_test(NAME RUN_CLIENT_HELLO_FRAGMENT1 COMMAND ${TEST_MAIN} ${CMAKE_CURRENT_SOURCE_DIR}/case/client_hello_fragment1/ssl_client_hello_fragment_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/case/client_hello_fragment1/ -name '*.pcap' | sort -V" WORKING_DIRECTORY ${TEST_RUN_DIR})
|
||||
add_test(NAME RUN_CLIENT_HELLO_FRAGMENT2 COMMAND ${TEST_MAIN} ${CMAKE_CURRENT_SOURCE_DIR}/case/client_hello_fragment2/ssl_client_hello_fragment_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/case/client_hello_fragment2/ -name '*.pcap' | sort -V" WORKING_DIRECTORY ${TEST_RUN_DIR})
|
||||
add_test(NAME RUN_CLIENT_HELLO_FRAGMENT3 COMMAND ${TEST_MAIN} ${CMAKE_CURRENT_SOURCE_DIR}/case/client_hello_fragment3/ssl_client_hello_fragment_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/case/client_hello_fragment3/ -name '*.pcap' | sort -V" WORKING_DIRECTORY ${TEST_RUN_DIR})
|
||||
add_test(NAME RUN_ACK_CONTAINS_PAYLOAD COMMAND ${TEST_MAIN} ${CMAKE_CURRENT_SOURCE_DIR}/case/tcp_ack_contians_payload/ssl_tcp_ack_contians_payload_result.json -f "find ${CMAKE_CURRENT_SOURCE_DIR}/case/tcp_ack_contians_payload/ -name '*.pcap' | sort -V" WORKING_DIRECTORY ${TEST_RUN_DIR})
|
||||
|
||||
set_tests_properties(RUN_SSL_TEST
|
||||
@@ -68,7 +70,9 @@ set_tests_properties(RUN_SSL_TEST
|
||||
RUN_MULTIPLE_HANDSHAKE_TEST
|
||||
RUN_CLOSE_CONTAINS_PAYLOAD_TEST
|
||||
RUN_EXTENSION_EXCEED_16
|
||||
RUN_CLIENT_HELLO_FRAGMENT
|
||||
RUN_CLIENT_HELLO_FRAGMENT1
|
||||
RUN_CLIENT_HELLO_FRAGMENT2
|
||||
RUN_CLIENT_HELLO_FRAGMENT3
|
||||
RUN_ACK_CONTAINS_PAYLOAD
|
||||
PROPERTIES FIXTURES_REQUIRED TestFixture
|
||||
)
|
||||
@@ -4,20 +4,23 @@
|
||||
"ssl_sni": "match.adsrvr.org",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "cd08e31494f9531f560d64c695473da9",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 0,
|
||||
"ssl_server_version": "TLS1.2",
|
||||
"ssl_ja3s_hash": "8d2a028aa94425f76ced7826b1f39039",
|
||||
"ssl_cert_version": "v3",
|
||||
"ssl_cert_Issuer": "GlobalSign GCC R3 DV TLS CA 2020;GlobalSign nv-sa;;;;;BE",
|
||||
"ssl_cert_IssuerCN": "GlobalSign GCC R3 DV TLS CA 2020",
|
||||
"ssl_cert_IssuerO": "GlobalSign nv-sa",
|
||||
"ssl_cert_IssuerC": "BE",
|
||||
"ssl_cert_Sub": "*.adsrvr.org;;;;;;",
|
||||
"ssl_cert_SubCN": "*.adsrvr.org",
|
||||
"ssl_cert_SubAltName": "*.adsrvr.org;adsrvr.org",
|
||||
"ssl_cert_SerialNum": "0x2ddaa6f359d4ce458fe983f1",
|
||||
"ssl_cert_AgID": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_From": "220331203750Z",
|
||||
"ssl_cert_To": "230502203749Z",
|
||||
"ssl_cert_SSLFPAg": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_issuer": "GlobalSign GCC R3 DV TLS CA 2020;GlobalSign nv-sa;;;;;BE",
|
||||
"ssl_cert_issuer_common": "GlobalSign GCC R3 DV TLS CA 2020",
|
||||
"ssl_cert_issuer_organization": "GlobalSign nv-sa",
|
||||
"ssl_cert_issuer_country": "BE",
|
||||
"ssl_cert_subject": "*.adsrvr.org;;;;;;",
|
||||
"ssl_cert_subject_common": "*.adsrvr.org",
|
||||
"ssl_cert_subject_alt_name": "*.adsrvr.org;adsrvr.org;",
|
||||
"ssl_cert_serial_number": "0x2ddaa6f359d4ce458fe983f1",
|
||||
"ssl_cert_signature_algorithm": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_validity_before": "220331203750Z",
|
||||
"ssl_cert_validity_after": "230502203749Z",
|
||||
"ssl_cert_algorithm_identifier": "1.2.840.113549.1.1.11",
|
||||
"name": "SSL_RESULT_1"
|
||||
}
|
||||
]
|
||||
@@ -1,58 +0,0 @@
|
||||
[
|
||||
{
|
||||
"Tuple4": "192.168.56.31.53868>74.118.186.107.443",
|
||||
"ssl_sni": "sync.targeting.unrulymedia.com",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "bc93a67ef4492974195865dc0262e65e",
|
||||
"ssl_ja3s_hash": "b898351eb5e266aefd3723d466935494",
|
||||
"ssl_cert_version": "v3",
|
||||
"ssl_cert_Issuer": "Sectigo RSA Domain Validation Secure Server CA;Sectigo Limited;;Salford;;Greater Manchester;GB",
|
||||
"ssl_cert_IssuerCN": "Sectigo RSA Domain Validation Secure Server CA",
|
||||
"ssl_cert_IssuerO": "Sectigo Limited",
|
||||
"ssl_cert_IssuerC": "GB",
|
||||
"ssl_cert_IssuerP": "Greater Manchester",
|
||||
"ssl_cert_IssuerL": "Salford",
|
||||
"ssl_cert_Sub": "*.targeting.unrulymedia.com;;;;;;",
|
||||
"ssl_cert_SubCN": "*.targeting.unrulymedia.com",
|
||||
"ssl_cert_SubAltName": "*.targeting.unrulymedia.com;targeting.unrulymedia.com",
|
||||
"ssl_cert_SerialNum": "0x888d5e51787e0f1f485dc542465d2034",
|
||||
"ssl_cert_AgID": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_From": "230510000000Z",
|
||||
"ssl_cert_To": "240510235959Z",
|
||||
"ssl_cert_SSLFPAg": "1.2.840.113549.1.1.11",
|
||||
"name": "SSL_RESULT_1"
|
||||
},
|
||||
{
|
||||
"Tuple4": "192.168.58.17.49218>23.216.55.29.443",
|
||||
"ssl_sni": "www.missionsports.org",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "a69708a64f853c3bcc214c2c5faf84f3",
|
||||
"ssl_ja3s_hash": "10a2ad147a870ef37af153dea9fe4dd3",
|
||||
"ssl_cert_version": "v3",
|
||||
"ssl_cert_Issuer": "DigiCert TLS RSA SHA256 2020 CA1;DigiCert Inc;;;;;US",
|
||||
"ssl_cert_IssuerCN": "DigiCert TLS RSA SHA256 2020 CA1",
|
||||
"ssl_cert_IssuerO": "DigiCert Inc",
|
||||
"ssl_cert_IssuerC": "US",
|
||||
"ssl_cert_Sub": "a248.e.akamai.net;Akamai Technologies, Inc.;;Cambridge;;Massachusetts;US",
|
||||
"ssl_cert_SubCN": "a248.e.akamai.net",
|
||||
"ssl_cert_SubO": "Akamai Technologies, Inc.",
|
||||
"ssl_cert_SubC": "US",
|
||||
"ssl_cert_SubP": "Massachusetts",
|
||||
"ssl_cert_SubL": "Cambridge",
|
||||
"ssl_cert_SubAltName": "a248.e.akamai.net;*.akamaized.net;*.akamaized-staging.net;*.akamaihd.net;*.akamaihd-staging.net",
|
||||
"ssl_cert_SerialNum": "0x0d61f7742d583251a2b8d5a26a1dda0b",
|
||||
"ssl_cert_AgID": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_From": "230516000000Z",
|
||||
"ssl_cert_To": "240515235959Z",
|
||||
"ssl_cert_SSLFPAg": "1.2.840.113549.1.1.11",
|
||||
"name": "SSL_RESULT_2"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39777>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "c3db97da3b30171e5cf9de314584b555",
|
||||
"name": "SSL_RESULT_3"
|
||||
}
|
||||
]
|
||||
@@ -0,0 +1,28 @@
|
||||
[
|
||||
{
|
||||
"Tuple4": "192.168.56.31.53868>74.118.186.107.443",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_sni": "sync.targeting.unrulymedia.com",
|
||||
"ssl_ja3_hash": "bc93a67ef4492974195865dc0262e65e",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 0,
|
||||
"ssl_server_version": "TLS1.2",
|
||||
"ssl_ja3s_hash": "b898351eb5e266aefd3723d466935494",
|
||||
"ssl_cert_version": "v3",
|
||||
"ssl_cert_issuer": "Sectigo RSA Domain Validation Secure Server CA;Sectigo Limited;;Salford;;Greater Manchester;GB",
|
||||
"ssl_cert_issuer_common": "Sectigo RSA Domain Validation Secure Server CA",
|
||||
"ssl_cert_issuer_organization": "Sectigo Limited",
|
||||
"ssl_cert_issuer_country": "GB",
|
||||
"ssl_cert_issuer_state_or_Province": "Greater Manchester",
|
||||
"ssl_cert_issuer_locality": "Salford",
|
||||
"ssl_cert_subject": "*.targeting.unrulymedia.com;;;;;;",
|
||||
"ssl_cert_subject_common": "*.targeting.unrulymedia.com",
|
||||
"ssl_cert_subject_alt_name": "*.targeting.unrulymedia.com;targeting.unrulymedia.com;",
|
||||
"ssl_cert_serial_number": "0x888d5e51787e0f1f485dc542465d2034",
|
||||
"ssl_cert_signature_algorithm": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_validity_before": "230510000000Z",
|
||||
"ssl_cert_validity_after": "240510235959Z",
|
||||
"ssl_cert_algorithm_identifier": "1.2.840.113549.1.1.11",
|
||||
"name": "SSL_RESULT_1"
|
||||
}
|
||||
]
|
||||
@@ -0,0 +1,30 @@
|
||||
[
|
||||
{
|
||||
"Tuple4": "192.168.58.17.49218>23.216.55.29.443",
|
||||
"ssl_sni": "www.missionsports.org",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 0,
|
||||
"ssl_ja3_hash": "a69708a64f853c3bcc214c2c5faf84f3",
|
||||
"ssl_server_version": "TLS1.2",
|
||||
"ssl_ja3s_hash": "10a2ad147a870ef37af153dea9fe4dd3",
|
||||
"ssl_cert_version": "v3",
|
||||
"ssl_cert_issuer": "DigiCert TLS RSA SHA256 2020 CA1;DigiCert Inc;;;;;US",
|
||||
"ssl_cert_issuer_common": "DigiCert TLS RSA SHA256 2020 CA1",
|
||||
"ssl_cert_issuer_organization": "DigiCert Inc",
|
||||
"ssl_cert_issuer_country": "US",
|
||||
"ssl_cert_subject": "a248.e.akamai.net;Akamai Technologies, Inc.;;Cambridge;;Massachusetts;US",
|
||||
"ssl_cert_subject_common": "a248.e.akamai.net",
|
||||
"ssl_cert_subject_organization": "Akamai Technologies, Inc.",
|
||||
"ssl_cert_subject_country": "US",
|
||||
"ssl_cert_subject_state_or_Province": "Massachusetts",
|
||||
"ssl_cert_subject_locality": "Cambridge",
|
||||
"ssl_cert_subject_alt_name": "a248.e.akamai.net;*.akamaized.net;*.akamaized-staging.net;*.akamaihd.net;*.akamaihd-staging.net;",
|
||||
"ssl_cert_serial_number": "0x0d61f7742d583251a2b8d5a26a1dda0b",
|
||||
"ssl_cert_signature_algorithm": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_validity_before": "230516000000Z",
|
||||
"ssl_cert_validity_after": "240515235959Z",
|
||||
"ssl_cert_algorithm_identifier": "1.2.840.113549.1.1.11",
|
||||
"name": "SSL_RESULT_1"
|
||||
}
|
||||
]
|
||||
@@ -0,0 +1,11 @@
|
||||
[
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39777>143.92.57.79.443",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ja3_hash": "c3db97da3b30171e5cf9de314584b555",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"name": "SSL_RESULT_1"
|
||||
}
|
||||
]
|
||||
@@ -4,25 +4,28 @@
|
||||
"ssl_sni": "www.firefox.com",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "45b1a0eca9605cd8789cd7e1a5ccd9b0",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 0,
|
||||
"ssl_server_version": "TLS1.2",
|
||||
"ssl_ja3s_hash": "9a1de6823a92d66172ce93d309e73e4e",
|
||||
"ssl_cert_version": "v3",
|
||||
"ssl_cert_Issuer": "DigiCert SHA2 Secure Server CA;DigiCert Inc;;;;;US",
|
||||
"ssl_cert_IssuerCN": "DigiCert SHA2 Secure Server CA",
|
||||
"ssl_cert_IssuerO": "DigiCert Inc",
|
||||
"ssl_cert_IssuerC": "US",
|
||||
"ssl_cert_Sub": "redirect-san.mozilla.org;Mozilla Corporation;WebOps;Mountain View;;California;US",
|
||||
"ssl_cert_SubCN": "redirect-san.mozilla.org",
|
||||
"ssl_cert_SubO": "Mozilla Corporation",
|
||||
"ssl_cert_SubC": "US",
|
||||
"ssl_cert_SubP": "California",
|
||||
"ssl_cert_SubL": "Mountain View",
|
||||
"ssl_cert_SubU": "WebOps",
|
||||
"ssl_cert_SubAltName": "leandatapractices.org;leandatapractices.com;mozilla-podcasts.org;mozilla.com;gv.dev;getfirefox.com;geckoview.dev;firefoxquantum.com;firefox.com;taskcluster.net;contributejson.org;www.firefox.com;masterfirefoxos.mozilla.org;mobilepartners.mozilla.org;www.leandatapractices.org;www.leandatapractices.com;www.getfirefox.com;mozilla.org.uk;webwewant.mozilla.org;thehub.mozilla.com;nightly.mozilla.org;pontoon.mozillalabs.com;videos.mozilla.org;videos-cdn.mozilla.net;treestatus.mozilla.org;techspeakers.mozilla.org;redirect-san.mozilla.org;input.mozilla.com;join.mozilla.org;content.mozilla.org;activations.mozilla.org;addons.mozilla.com;airmo.mozilla.org;ask.mozilla.org;aurora.mozilla.org;beta.mozilla.org;careers.mozilla.com;designlanguage.mozilla.org;input.mozilla.org;dnt.mozilla.org;events.mozilla.org;forums.mozilla.org;friends.mozilla.org;git.mozilla.org;hub.mozilla.com;hub.mozilla.org;activations.mozilla.com;www.mozilla.com",
|
||||
"ssl_cert_SerialNum": "0x019d2b994ec99445c735d2a6d739e43a",
|
||||
"ssl_cert_AgID": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_From": "200406000000Z",
|
||||
"ssl_cert_To": "210414120000Z",
|
||||
"ssl_cert_SSLFPAg": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_version": "v3",
|
||||
"ssl_cert_issuer": "DigiCert SHA2 Secure Server CA;DigiCert Inc;;;;;US",
|
||||
"ssl_cert_issuer_common": "DigiCert SHA2 Secure Server CA",
|
||||
"ssl_cert_issuer_organization": "DigiCert Inc",
|
||||
"ssl_cert_issuer_country": "US",
|
||||
"ssl_cert_subject": "redirect-san.mozilla.org;Mozilla Corporation;WebOps;Mountain View;;California;US",
|
||||
"ssl_cert_subject_common": "redirect-san.mozilla.org",
|
||||
"ssl_cert_subject_organization": "Mozilla Corporation",
|
||||
"ssl_cert_subject_country": "US",
|
||||
"ssl_cert_subject_state_or_Province": "California",
|
||||
"ssl_cert_subject_locality": "Mountain View",
|
||||
"ssl_cert_subject_organizational_unit": "WebOps",
|
||||
"ssl_cert_subject_alt_name": "leandatapractices.org;leandatapractices.com;mozilla-podcasts.org;mozilla.com;gv.dev;getfirefox.com;geckoview.dev;firefoxquantum.com;firefox.com;taskcluster.net;contributejson.org;www.firefox.com;masterfirefoxos.mozilla.org;mobilepartners.mozilla.org;www.leandatapractices.org;www.leandatapractices.com;www.getfirefox.com;mozilla.org.uk;webwewant.mozilla.org;thehub.mozilla.com;nightly.mozilla.org;pontoon.mozillalabs.com;videos.mozilla.org;videos-cdn.mozilla.net;treestatus.mozilla.org;techspeakers.mozilla.org;redirect-san.mozilla.org;input.mozilla.com;join.mozilla.org;content.mozilla.org;activations.mozilla.org;addons.mozilla.com;airmo.mozilla.org;ask.mozilla.org;aurora.mozilla.org;beta.mozilla.org;careers.mozilla.com;designlanguage.mozilla.org;input.mozilla.org;dnt.mozilla.org;events.mozilla.org;forums.mozilla.org;friends.mozilla.org;git.mozilla.org;hub.mozilla.com;hub.mozilla.org;activations.mozilla.com;www.mozilla.com;",
|
||||
"ssl_cert_serial_number": "0x019d2b994ec99445c735d2a6d739e43a",
|
||||
"ssl_cert_signature_algorithm": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_validity_before": "200406000000Z",
|
||||
"ssl_cert_validity_after": "210414120000Z",
|
||||
"ssl_cert_algorithm_identifier": "1.2.840.113549.1.1.11",
|
||||
"name": "SSL_RESULT_1"
|
||||
}
|
||||
]
|
||||
File diff suppressed because it is too large
Load Diff
@@ -1,10 +1,11 @@
|
||||
[
|
||||
{
|
||||
"Tuple4": "192.168.64.8.53466>185.63.190.2.443",
|
||||
"ssl_sni": "fermer.ru",
|
||||
"ssl_ech": "1",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_sni": "fermer.ru",
|
||||
"ssl_ja3_hash": "afa0d02228072fc4b02a7772a668c64a",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"name": "SSL_RESULT_1"
|
||||
}
|
||||
]
|
||||
@@ -4,20 +4,23 @@
|
||||
"ssl_sni": "cn.bing.com",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "cd08e31494f9531f560d64c695473da9",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 0,
|
||||
"ssl_server_version": "TLS1.2",
|
||||
"ssl_ja3s_hash": "67bfe5d15ae567fb35fd7837f0116eec",
|
||||
"ssl_cert_version": "v3",
|
||||
"ssl_cert_Issuer": "Microsoft RSA TLS CA 02;Microsoft Corporation;;;;;US",
|
||||
"ssl_cert_IssuerCN": "Microsoft RSA TLS CA 02",
|
||||
"ssl_cert_IssuerO": "Microsoft Corporation",
|
||||
"ssl_cert_IssuerC": "US",
|
||||
"ssl_cert_Sub": "www.bing.com;;;;;;",
|
||||
"ssl_cert_SubCN": "www.bing.com",
|
||||
"ssl_cert_SubAltName": "www.bing.com;dict.bing.com.cn;*.platform.bing.com;*.bing.com;bing.com;ieonline.microsoft.com;*.windowssearch.com;cn.ieonline.microsoft.com;*.origin.bing.com;*.mm.bing.net;*.api.bing.com;ecn.dev.virtualearth.net;*.cn.bing.net;*.cn.bing.com;ssl-api.bing.com;ssl-api.bing.net;*.api.bing.net;*.bingapis.com;bingsandbox.com;feedback.microsoft.com;insertmedia.bing.office.net;r.bat.bing.com;*.r.bat.bing.com;*.dict.bing.com.cn;*.dict.bing.com;*.ssl.bing.com;*.appex.bing.com;*.platform.cn.bing.com;wp.m.bing.com;*.m.bing.com;global.bing.com;windowssearch.com;search.msn.com;*.bingsandbox.com;*.api.tiles.ditu.live.com;*.ditu.live.com;*.t0.tiles.ditu.live.com;*.t1.tiles.ditu.live.com;*.t2.tiles.ditu.live.com;*.t3.tiles.ditu.live.com;*.tiles.ditu.live.com;3d.live.com;api.search.live.com;beta.search.live.com;cnweb.search.live.com;dev.live.com;ditu.live.com;farecast.live.com;image.live.com;images.live.com;local.live.com.au;localsearch.live.com;ls4d.search.live.com;mail.live.com;mapindia.live.com;local.live.com;maps.live.com;maps.live.com.au;mindia.live.com;news.live.com;origin.cnweb.search.live.com;preview.local.live.com;search.live.com;test.maps.live.com;video.live.com;videos.live.com;virtualearth.live.com;wap.live.com;webmaster.live.com;webmasters.live.com;www.local.live.com.au;www.maps.live.com.au",
|
||||
"ssl_cert_SerialNum": "0x7f0012e261129541195fac1a6000000012e261",
|
||||
"ssl_cert_AgID": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_From": "210706015313Z",
|
||||
"ssl_cert_To": "220106015313Z",
|
||||
"ssl_cert_SSLFPAg": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_issuer": "Microsoft RSA TLS CA 02;Microsoft Corporation;;;;;US",
|
||||
"ssl_cert_issuer_common": "Microsoft RSA TLS CA 02",
|
||||
"ssl_cert_issuer_organization": "Microsoft Corporation",
|
||||
"ssl_cert_issuer_country": "US",
|
||||
"ssl_cert_subject": "www.bing.com;;;;;;",
|
||||
"ssl_cert_subject_common": "www.bing.com",
|
||||
"ssl_cert_subject_alt_name": "www.bing.com;dict.bing.com.cn;*.platform.bing.com;*.bing.com;bing.com;ieonline.microsoft.com;*.windowssearch.com;cn.ieonline.microsoft.com;*.origin.bing.com;*.mm.bing.net;*.api.bing.com;ecn.dev.virtualearth.net;*.cn.bing.net;*.cn.bing.com;ssl-api.bing.com;ssl-api.bing.net;*.api.bing.net;*.bingapis.com;bingsandbox.com;feedback.microsoft.com;insertmedia.bing.office.net;r.bat.bing.com;*.r.bat.bing.com;*.dict.bing.com.cn;*.dict.bing.com;*.ssl.bing.com;*.appex.bing.com;*.platform.cn.bing.com;wp.m.bing.com;*.m.bing.com;global.bing.com;windowssearch.com;search.msn.com;*.bingsandbox.com;*.api.tiles.ditu.live.com;*.ditu.live.com;*.t0.tiles.ditu.live.com;*.t1.tiles.ditu.live.com;*.t2.tiles.ditu.live.com;*.t3.tiles.ditu.live.com;*.tiles.ditu.live.com;3d.live.com;api.search.live.com;beta.search.live.com;cnweb.search.live.com;dev.live.com;ditu.live.com;farecast.live.com;image.live.com;images.live.com;local.live.com.au;localsearch.live.com;ls4d.search.live.com;mail.live.com;mapindia.live.com;local.live.com;maps.live.com;maps.live.com.au;mindia.live.com;news.live.com;origin.cnweb.search.live.com;preview.local.live.com;search.live.com;test.maps.live.com;video.live.com;videos.live.com;virtualearth.live.com;wap.live.com;webmaster.live.com;webmasters.live.com;www.local.live.com.au;www.maps.live.com.au;",
|
||||
"ssl_cert_serial_number": "0x7f0012e261129541195fac1a6000000012e261",
|
||||
"ssl_cert_signature_algorithm": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_validity_before": "210706015313Z",
|
||||
"ssl_cert_validity_after": "220106015313Z",
|
||||
"ssl_cert_algorithm_identifier": "1.2.840.113549.1.1.11",
|
||||
"name": "SSL_RESULT_1"
|
||||
}
|
||||
]
|
||||
@@ -1,53 +1,62 @@
|
||||
[
|
||||
{
|
||||
"Tuple4": "192.168.50.38.52391>104.16.123.96.443",
|
||||
"ssl_sni": "ESNI",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "62a4a00de930bd0a5bee0309cc8362ed",
|
||||
"ssl_ja3s_hash": "eb1d94daa7e0344597e756a1fb6e7054",
|
||||
"name": "SSL_RESULT_1"
|
||||
},
|
||||
{
|
||||
"Tuple4": "192.168.2.102.56768>34.138.246.121.443",
|
||||
"ssl_sni": "public.tls-ech.dev",
|
||||
"ssl_ech": "1",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "a195b9c006fcb23ab9a2343b0871e362",
|
||||
"ssl_ja3s_hash": "2b0648ab686ee45e0e7c35fcfb0eea7e",
|
||||
"name": "SSL_RESULT_2"
|
||||
},
|
||||
{
|
||||
"Tuple4": "90.143.182.94.55835>93.186.227.131.443",
|
||||
"ssl_sni": "sun9-20.userapi.com",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "6f5e62edfa5933b1332ddf8b9fb3ef9d",
|
||||
"ssl_ja3s_hash": "2d1eb5817ece335c24904f516ad5da12",
|
||||
"ssl_cert_version": "v3",
|
||||
"ssl_cert_Issuer": "GlobalSign Organization Validation CA - SHA256 - G2;GlobalSign nv-sa;;;;;BE",
|
||||
"ssl_cert_IssuerCN": "GlobalSign Organization Validation CA - SHA256 - G2",
|
||||
"ssl_cert_IssuerO": "GlobalSign nv-sa",
|
||||
"ssl_cert_IssuerC": "BE",
|
||||
"ssl_cert_Sub": "*.userapi.com;V Kontakte LLC;;Saint-Petersburg;;Saint-Petersburg;RU",
|
||||
"ssl_cert_SubCN": "*.userapi.com",
|
||||
"ssl_cert_SubO": "V Kontakte LLC",
|
||||
"ssl_cert_SubC": "RU",
|
||||
"ssl_cert_SubP": "Saint-Petersburg",
|
||||
"ssl_cert_SubL": "Saint-Petersburg",
|
||||
"ssl_cert_SubAltName": "*.userapi.com;vk.me;*.vk-cdn.net;*.vkuserlive.com;*.vkuserlive.net;*.vkuseraudio.net;*.vkuseraudio.com;*.vkuservideo.net;*.vkuservideo.com;*.vk.me;userapi.com",
|
||||
"ssl_cert_SerialNum": "0x5afa3a189e6a5c11e1e18b0f",
|
||||
"ssl_cert_AgID": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_From": "180717083809Z",
|
||||
"ssl_cert_To": "190714162604Z",
|
||||
"ssl_cert_SSLFPAg": "1.2.840.113549.1.1.11",
|
||||
"name": "SSL_RESULT_3"
|
||||
},
|
||||
{
|
||||
"Tuple4": "192.168.2.102.56776>34.138.246.121.443",
|
||||
"ssl_sni": "public.tls-ech.dev",
|
||||
"ssl_ech": "1",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "a195b9c006fcb23ab9a2343b0871e362",
|
||||
"ssl_ja3s_hash": "2b0648ab686ee45e0e7c35fcfb0eea7e",
|
||||
"name": "SSL_RESULT_4"
|
||||
}
|
||||
{
|
||||
"Tuple4": "90.143.182.94.55835>93.186.227.131.443",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_sni": "sun9-20.userapi.com",
|
||||
"ssl_ja3_hash": "6f5e62edfa5933b1332ddf8b9fb3ef9d",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 0,
|
||||
"ssl_server_version": "TLS1.2",
|
||||
"ssl_ja3s_hash": "2d1eb5817ece335c24904f516ad5da12",
|
||||
"ssl_cert_version": "v3",
|
||||
"ssl_cert_issuer": "GlobalSign Organization Validation CA - SHA256 - G2;GlobalSign nv-sa;;;;;BE",
|
||||
"ssl_cert_issuer_common": "GlobalSign Organization Validation CA - SHA256 - G2",
|
||||
"ssl_cert_issuer_organization": "GlobalSign nv-sa",
|
||||
"ssl_cert_issuer_country": "BE",
|
||||
"ssl_cert_subject": "*.userapi.com;V Kontakte LLC;;Saint-Petersburg;;Saint-Petersburg;RU",
|
||||
"ssl_cert_subject_common": "*.userapi.com",
|
||||
"ssl_cert_subject_organization": "V Kontakte LLC",
|
||||
"ssl_cert_subject_country": "RU",
|
||||
"ssl_cert_subject_state_or_Province": "Saint-Petersburg",
|
||||
"ssl_cert_subject_locality": "Saint-Petersburg",
|
||||
"ssl_cert_subject_alt_name": "*.userapi.com;vk.me;*.vk-cdn.net;*.vkuserlive.com;*.vkuserlive.net;*.vkuseraudio.net;*.vkuseraudio.com;*.vkuservideo.net;*.vkuservideo.com;*.vk.me;userapi.com;",
|
||||
"ssl_cert_serial_number": "0x5afa3a189e6a5c11e1e18b0f",
|
||||
"ssl_cert_signature_algorithm": "1.2.840.113549.1.1.11",
|
||||
"ssl_cert_validity_before": "180717083809Z",
|
||||
"ssl_cert_validity_after": "190714162604Z",
|
||||
"ssl_cert_algorithm_identifier": "1.2.840.113549.1.1.11",
|
||||
"name": "SSL_RESULT_1"
|
||||
},
|
||||
{
|
||||
"Tuple4": "192.168.2.102.56776>34.138.246.121.443",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_sni": "public.tls-ech.dev",
|
||||
"ssl_ja3_hash": "a195b9c006fcb23ab9a2343b0871e362",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_server_version": "TLS1.2",
|
||||
"ssl_ja3s_hash": "2b0648ab686ee45e0e7c35fcfb0eea7e",
|
||||
"name": "SSL_RESULT_2"
|
||||
},
|
||||
{
|
||||
"Tuple4": "192.168.50.38.52391>104.16.123.96.443",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "62a4a00de930bd0a5bee0309cc8362ed",
|
||||
"ssl_esni": 1,
|
||||
"ssl_ech": 0,
|
||||
"ssl_server_version": "TLS1.2",
|
||||
"ssl_ja3s_hash": "eb1d94daa7e0344597e756a1fb6e7054",
|
||||
"name": "SSL_RESULT_3"
|
||||
},
|
||||
{
|
||||
"Tuple4": "192.168.2.102.56768>34.138.246.121.443",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_sni": "public.tls-ech.dev",
|
||||
"ssl_ja3_hash": "a195b9c006fcb23ab9a2343b0871e362",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_server_version": "TLS1.2",
|
||||
"ssl_ja3s_hash": "2b0648ab686ee45e0e7c35fcfb0eea7e",
|
||||
"name": "SSL_RESULT_4"
|
||||
}
|
||||
]
|
||||
@@ -1,24 +1,27 @@
|
||||
[
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39018>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "6f7971785f5cbbcb21819b6639f0e8f7",
|
||||
"name": "SSL_RESULT_1"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39025>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "0ac1d260c0b1f0e3bf645d6580ea6343",
|
||||
"name": "SSL_RESULT_1"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39018>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "6f7971785f5cbbcb21819b6639f0e8f7",
|
||||
"name": "SSL_RESULT_2"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39112>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "ca54aeeb513ecacf4d7bc22c5d8f0b75",
|
||||
"name": "SSL_RESULT_3"
|
||||
@@ -26,7 +29,8 @@
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39423>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "9e41793e6f0a1696bedc0876465e1f42",
|
||||
"name": "SSL_RESULT_4"
|
||||
@@ -34,81 +38,91 @@
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39680>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "47c3fabcf1bc65a32a9d3fb8e70ab79d",
|
||||
"name": "SSL_RESULT_5"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39809>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "04331a57b3e122e689c373712edf42c0",
|
||||
"name": "SSL_RESULT_6"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39816>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "34c3efe4e6565e8eef2eaaeb7c12a1a6",
|
||||
"name": "SSL_RESULT_7"
|
||||
"name": "SSL_RESULT_6"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39820>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "cc97290a5bb4651489fe7a88e93ace90",
|
||||
"name": "SSL_RESULT_8"
|
||||
"name": "SSL_RESULT_7"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39825>143.92.57.79.443",
|
||||
"Tuple4": "36.251.161.167.39809>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "4e6ae21ce8b876dc7cad2f5ca9a60b23",
|
||||
"name": "SSL_RESULT_9"
|
||||
"ssl_ja3_hash": "04331a57b3e122e689c373712edf42c0",
|
||||
"name": "SSL_RESULT_8"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39832>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "89cb560e9ee2d33728756a2d4d7b2900",
|
||||
"name": "SSL_RESULT_10"
|
||||
"name": "SSL_RESULT_9"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39850>143.92.57.79.443",
|
||||
"Tuple4": "36.251.161.167.39825>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "7324d30178b21f4c3a60550ef43d5ab0",
|
||||
"name": "SSL_RESULT_11"
|
||||
"ssl_ja3_hash": "4e6ae21ce8b876dc7cad2f5ca9a60b23",
|
||||
"name": "SSL_RESULT_10"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39867>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "53fed08198669268c271fc320627c0c4",
|
||||
"name": "SSL_RESULT_12"
|
||||
"name": "SSL_RESULT_11"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39777>143.92.57.79.443",
|
||||
"Tuple4": "36.251.161.167.39850>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "c3db97da3b30171e5cf9de314584b555",
|
||||
"name": "SSL_RESULT_13"
|
||||
"ssl_ja3_hash": "7324d30178b21f4c3a60550ef43d5ab0",
|
||||
"name": "SSL_RESULT_12"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39810>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_ech": "1",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "ff194650bab04e7b4cd55e66fd91c010",
|
||||
"name": "SSL_RESULT_13"
|
||||
},
|
||||
{
|
||||
"Tuple4": "36.251.161.167.39777>143.92.57.79.443",
|
||||
"ssl_sni": "a.ywgyuv.cn",
|
||||
"ssl_esni": 0,
|
||||
"ssl_ech": 1,
|
||||
"ssl_client_version": "TLS1.2",
|
||||
"ssl_ja3_hash": "c3db97da3b30171e5cf9de314584b555",
|
||||
"name": "SSL_RESULT_14"
|
||||
}
|
||||
]
|
||||
File diff suppressed because it is too large
Load Diff
BIN
test/env/sapp-4.3.63.ea64461-1.el8.x86_64.rpm
vendored
Normal file
BIN
test/env/sapp-4.3.63.ea64461-1.el8.x86_64.rpm
vendored
Normal file
Binary file not shown.
BIN
test/env/stellar-on-sapp-2.1.7.4e4f933-1.el8.x86_64.rpm
vendored
Normal file
BIN
test/env/stellar-on-sapp-2.1.7.4e4f933-1.el8.x86_64.rpm
vendored
Normal file
Binary file not shown.
@@ -42,6 +42,11 @@ struct ssl_decoder_test_plugin_env
|
||||
|
||||
extern "C" int commit_test_result_json(cJSON *node, const char *name);
|
||||
|
||||
int get_current_worker_thread_id()
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
void ssl_real_result_write_file(char *result_str)
|
||||
{
|
||||
FILE *fp=fopen("ssl_real_result.json", "a+");
|
||||
@@ -67,17 +72,17 @@ void ssl_decoder_test_message_cb(struct session *ss, int topic_id, const void *m
|
||||
{
|
||||
case SSL_MESSAGE_CLIENT_HELLO:
|
||||
{
|
||||
yyjson_mut_obj_add_str(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_client_version", ssl_message_readable_version_get0(ssl_msg));
|
||||
yyjson_mut_obj_add_strcpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_client_version", ssl_message_readable_version_get0(ssl_msg));
|
||||
|
||||
char *sni=NULL;
|
||||
size_t sni_sz=0;
|
||||
ssl_message_sni_get0(ssl_msg, &sni, &sni_sz);
|
||||
yyjson_mut_obj_add_strn(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_sni", sni, sni_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_sni", sni, sni_sz);
|
||||
|
||||
char *ja3=NULL;
|
||||
size_t ja3_sz=0;
|
||||
ssl_message_ja3hash_get0(ssl_msg, &ja3, &ja3_sz);
|
||||
yyjson_mut_obj_add_strn(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_ja3_hash", ja3, ja3_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_ja3_hash", ja3, ja3_sz);
|
||||
|
||||
int32_t esni_flag=ssl_message_esni_is_true(ssl_msg);
|
||||
yyjson_mut_obj_add_int(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_esni", esni_flag);
|
||||
@@ -88,17 +93,172 @@ void ssl_decoder_test_message_cb(struct session *ss, int topic_id, const void *m
|
||||
break;
|
||||
case SSL_MESSAGE_SERVER_HELLO:
|
||||
{
|
||||
yyjson_mut_obj_add_str(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_server_version", ssl_message_readable_version_get0(ssl_msg));
|
||||
yyjson_mut_obj_add_strcpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_server_version", ssl_message_readable_version_get0(ssl_msg));
|
||||
|
||||
char *ja3s=NULL;
|
||||
size_t ja3s_sz=0;
|
||||
ssl_message_ja3shash_get0(ssl_msg, &ja3s, &ja3s_sz);
|
||||
yyjson_mut_obj_add_strn(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_ja3s_hash", ja3s, ja3s_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_ja3s_hash", ja3s, ja3s_sz);
|
||||
}
|
||||
break;
|
||||
case SSL_MESSAGE_CERTIFICATE:
|
||||
{
|
||||
enum ssl_certificate_type type=ssl_certificate_type_get(ssl_msg);
|
||||
if(type!=SSL_CERTIFICATE_TYPE_INDIVIDUAL)
|
||||
{
|
||||
break;
|
||||
}
|
||||
|
||||
yyjson_mut_obj_add_strcpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_version", ssl_message_readable_version_get0(ssl_msg));
|
||||
|
||||
struct ssl_rdn_sequence *issuer=ssl_message_issuer_rdn_sequence_get0(ssl_msg);
|
||||
if(issuer!=NULL)
|
||||
{
|
||||
size_t rdn_sequence_list_sz=0;
|
||||
char *rdn_sequence_list=NULL;
|
||||
ssl_rdn_sequence_list_get0(issuer, &rdn_sequence_list, &rdn_sequence_list_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_issuer", rdn_sequence_list, rdn_sequence_list_sz);
|
||||
|
||||
size_t common_sz=0;
|
||||
char *common=NULL;
|
||||
ssl_rdn_sequence_common_get0(issuer, &common, &common_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_issuer_common", common, common_sz);
|
||||
|
||||
size_t organization_sz=0;
|
||||
char *organization=NULL;
|
||||
ssl_rdn_sequence_organization_get0(issuer, &organization, &organization_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_issuer_organization", organization, organization_sz);
|
||||
|
||||
size_t country_sz=0;
|
||||
char *country=NULL;
|
||||
ssl_rdn_sequence_country_get0(issuer, &country, &country_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_issuer_country", country, country_sz);
|
||||
|
||||
size_t state_or_Province_sz=0;
|
||||
char *state_or_Province=NULL;
|
||||
ssl_rdn_sequence_state_or_province_get0(issuer, &state_or_Province, &state_or_Province_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_issuer_state_or_Province", state_or_Province, state_or_Province_sz);
|
||||
|
||||
size_t locality_sz=0;
|
||||
char *locality=NULL;
|
||||
ssl_rdn_sequence_locality_get0(issuer, &locality, &locality_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_issuer_locality", locality, locality_sz);
|
||||
|
||||
size_t street_address_sz=0;
|
||||
char *street_address=NULL;
|
||||
ssl_rdn_sequence_street_address_get0(issuer, &street_address, &street_address_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_issuer_street_address", street_address, street_address_sz);
|
||||
|
||||
size_t organizational_unit_sz=0;
|
||||
char *organizational_unit=NULL;
|
||||
ssl_rdn_sequence_organizational_unit_get0(issuer, &organizational_unit, &organizational_unit_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_issuer_organizational_unit", organizational_unit, organizational_unit_sz);
|
||||
}
|
||||
|
||||
struct ssl_rdn_sequence *subject=ssl_message_subject_rdn_sequence_get0(ssl_msg);
|
||||
if(subject!=NULL)
|
||||
{
|
||||
size_t rdn_sequence_list_sz=0;
|
||||
char *rdn_sequence_list=NULL;
|
||||
ssl_rdn_sequence_list_get0(subject, &rdn_sequence_list, &rdn_sequence_list_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_subject", rdn_sequence_list, rdn_sequence_list_sz);
|
||||
|
||||
size_t common_sz=0;
|
||||
char *common=NULL;
|
||||
ssl_rdn_sequence_common_get0(subject, &common, &common_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_subject_common", common, common_sz);
|
||||
|
||||
size_t organization_sz=0;
|
||||
char *organization=NULL;
|
||||
ssl_rdn_sequence_organization_get0(subject, &organization, &organization_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_subject_organization", organization, organization_sz);
|
||||
|
||||
size_t country_sz=0;
|
||||
char *country=NULL;
|
||||
ssl_rdn_sequence_country_get0(subject, &country, &country_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_subject_country", country, country_sz);
|
||||
|
||||
size_t state_or_Province_sz=0;
|
||||
char *state_or_Province=NULL;
|
||||
ssl_rdn_sequence_state_or_province_get0(subject, &state_or_Province, &state_or_Province_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_subject_state_or_Province", state_or_Province, state_or_Province_sz);
|
||||
|
||||
size_t locality_sz=0;
|
||||
char *locality=NULL;
|
||||
ssl_rdn_sequence_locality_get0(subject, &locality, &locality_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_subject_locality", locality, locality_sz);
|
||||
|
||||
size_t street_address_sz=0;
|
||||
char *street_address=NULL;
|
||||
ssl_rdn_sequence_street_address_get0(subject, &street_address, &street_address_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_subject_street_address", street_address, street_address_sz);
|
||||
|
||||
size_t organizational_unit_sz=0;
|
||||
char *organizational_unit=NULL;
|
||||
ssl_rdn_sequence_organizational_unit_get0(subject, &organizational_unit, &organizational_unit_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_subject_organizational_unit", organizational_unit, organizational_unit_sz);
|
||||
}
|
||||
|
||||
size_t subject_alt_name_sz=0;
|
||||
char *subject_alt_name=NULL;
|
||||
while(1)
|
||||
{
|
||||
size_t name_sz=0;
|
||||
char *name=NULL;
|
||||
ssl_message_subject_alter_next(ssl_msg, &name, &name_sz);
|
||||
if(name_sz==0)
|
||||
{
|
||||
break;
|
||||
}
|
||||
|
||||
subject_alt_name=((subject_alt_name==NULL)) ? (char *)calloc(1, name_sz+1) : (char *)realloc(subject_alt_name, subject_alt_name_sz+name_sz+1);
|
||||
memcpy(subject_alt_name+subject_alt_name_sz, name, name_sz);
|
||||
subject_alt_name[subject_alt_name_sz+name_sz]=';';
|
||||
subject_alt_name_sz+=name_sz+1;
|
||||
}
|
||||
|
||||
ssl_message_reset_subject_alter_iter(ssl_msg);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_subject_alt_name", subject_alt_name, subject_alt_name_sz);
|
||||
|
||||
size_t serial_number_sz=0;
|
||||
char *serial_number=NULL;
|
||||
ssl_message_issuer_serial_number_get0(ssl_msg, &serial_number, &serial_number_sz);
|
||||
if(serial_number_sz>0)
|
||||
{
|
||||
char *serialBuf=(char *)calloc(1, serial_number_sz*2+1+2);
|
||||
size_t offset=snprintf(serialBuf, 3, "0x");
|
||||
for(size_t i=0; i<serial_number_sz; i++)
|
||||
{
|
||||
offset+=snprintf(serialBuf+offset, serial_number_sz*2+1+2-offset, "%02hhx", (unsigned char )(serial_number[i]));
|
||||
}
|
||||
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_serial_number", serialBuf, offset);
|
||||
free(serialBuf);
|
||||
serialBuf=NULL;
|
||||
}
|
||||
|
||||
size_t signature_algorithm_sz=0;
|
||||
char *signature_algorithm=NULL;
|
||||
ssl_message_signature_algorithm_id_get0(ssl_msg, &signature_algorithm, &signature_algorithm_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_signature_algorithm", signature_algorithm, signature_algorithm_sz);
|
||||
|
||||
size_t validity_before_sz=0;
|
||||
char *validity_before=NULL;
|
||||
ssl_message_validity_before_get0(ssl_msg, &validity_before, &validity_before_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_validity_before", validity_before, validity_before_sz);
|
||||
|
||||
size_t validity_after_sz=0;
|
||||
char *validity_after=NULL;
|
||||
ssl_message_validity_after_get0(ssl_msg, &validity_after, &validity_after_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_validity_after", validity_after, validity_after_sz);
|
||||
|
||||
size_t algorithm_identifier_sz=0;
|
||||
char *algorithm_identifier=NULL;
|
||||
ssl_message_algorithm_identifier_get0(ssl_msg, &algorithm_identifier, &algorithm_identifier_sz);
|
||||
yyjson_mut_obj_add_strncpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "ssl_cert_algorithm_identifier", algorithm_identifier, algorithm_identifier_sz);
|
||||
}
|
||||
break;
|
||||
case SSL_PROTECTED_PAYLOAD:
|
||||
case SSL_MESSAGE_ENCRYPTED_APPLICATION:
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
@@ -111,6 +271,9 @@ void *ssl_decoder_test_per_session_context_new(struct session *ss, void *plugin_
|
||||
per_ss_ctx->doc=yyjson_mut_doc_new(0);
|
||||
per_ss_ctx->ssl_object=yyjson_mut_obj(per_ss_ctx->doc);
|
||||
|
||||
// add Tuple
|
||||
yyjson_mut_obj_add_strcpy(per_ss_ctx->doc ,per_ss_ctx->ssl_object, "Tuple4", session_get0_readable_addr(ss));
|
||||
|
||||
return (void *)per_ss_ctx;
|
||||
}
|
||||
|
||||
@@ -127,10 +290,18 @@ void ssl_decoder_test_per_session_context_free(struct session *ss, void *per_ses
|
||||
char *json_str=yyjson_mut_write(per_ss_ctx->doc, 0, 0);
|
||||
yyjson_mut_doc_free(per_ss_ctx->doc);
|
||||
|
||||
char result_name[16]="";
|
||||
sprintf(result_name, "SSL_RESULT_%d", plugin_env->result_index++);
|
||||
cJSON *real_result=cJSON_Parse(json_str);
|
||||
commit_test_result_json(real_result, result_name);
|
||||
if(plugin_env->commit_result_enable==1)
|
||||
{
|
||||
char result_name[16]="";
|
||||
sprintf(result_name, "SSL_RESULT_%d", plugin_env->result_index++);
|
||||
cJSON *real_result=cJSON_Parse(json_str);
|
||||
|
||||
commit_test_result_json(real_result, result_name);
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("%s\n", json_str);
|
||||
}
|
||||
|
||||
free(json_str);
|
||||
free(per_ss_ctx);
|
||||
|
||||
Reference in New Issue
Block a user