is an SSLv3/TLS network protocol analyzer.
| ChangeLog (ssldump-0.9b3) | : | ChangeLog (ssldump-1.3) |
|---|
|
| Wed Aug 21 10:48:45 2002 EKR <ekr@rtfm.com> | | Changelog |
| * Installed Greg Stark's new Win32 patches. | | ========= |
| | |
|
| * Added updated VLAN support (Jeffrey Hafey) | | v1.2 (2020-09-22) |
| | ----------------- |
| | |
|
| Fri Aug 16 16:56:23 2002 EKR <ekr@rtfm.com> | | Changes |
| * Cleaned up 56-bit ciphersuites in ciphersuites.c | | ~~~~~~~ |
| | - [cleanup] file cleanup (tab/ws mixed) [Alexandre Dulaunoy] |
| * Fixed memory errors in packet copying. | | - [doc] workflow badge added. [Alexandre Dulaunoy] |
| | - [workflow] config updated. [Alexandre Dulaunoy] |
| * Fixed bugs in processing of bogus SSLv2 messages. | | - [workflow] pcap. [Alexandre Dulaunoy] |
| | - [workflow] add required packages. [Alexandre Dulaunoy] |
| * Fixed bugs in TCP packet reassembly code. | | - [doc] clarification about ssldump repository + release v1.1. |
| | [Alexandre Dulaunoy] |
| Tue Aug 13 13:03:41 2002 EKR <ekr@rtfm.com> | | - [doc] release v1.1 - ChangeLog updated. [Alexandre Dulaunoy] |
| * Fixed EXPORT1024 DES cipher suites | | |
| | Other |
| Mon Aug 12 16:49:51 2002 EKR <ekr@rtfm.com> | | ~~~~~ |
| * Added support for VLAN networks (Jeffrey Hafey) | | - Merge pull request #34 from wllm-rbnt/build-sys. [Alexandre Dulaunoy] |
| | |
| * Fixed printing of data with embedded tabs (Pavel Curtis) | | Build system updates |
| | - Fix long line in README.md. [William Robinet] |
| * Added support for non-promiscuous mode (-P flag) | | - Update README.md with ./configure examples. [William Robinet] |
| (Bruce M Simpson) | | - Update README.md with ./configure options. [William Robinet] |
| | - Clean debug functions, remove duplicates. [William Robinet] |
| * Fixed potential small overrun in RSA decryption. | | - Define DEBUG when using --enable-debug. [William Robinet] |
| | - Add optional features to ./configure (ASAN, debug, optimization) |
| Fri Sep 28 15:54:47 2001 EKR <ekr@rtfm.com> | | [William Robinet] |
| * Fixed install so that we install in /usr/local/sbin | | - Reenable OpenSSL code compilation. [William Robinet] |
| with mode 755. Bug report ssldump/22. | | - Update .gitignore, rearrange CI workflows variable definition. |
| (Dave Jagoda) | | [William Robinet] |
| | - Remove -g from default CFLAGS and check for Clang explicitly. [William |
| * Fixed compilation warning about create_null_analyzer | | Robinet] |
| Bug report ssldump/23. | | - Remove deprecated define. [William Robinet] |
| | - Reorder checks in configure.ac. [William Robinet] |
| Wed Sep 26 14:49:06 2001 EKR <ekr@rtfm.com> | | - Prepare ASAN build. [William Robinet] |
| * Fixed SYN & SYN/ACK detection to that it works with ECN. | | - Force use of GCC in GCC CI. [William Robinet] |
| (Henrik Nordstrom) | | - Add Clang CI. [William Robinet] |
| | - Merge pull request #35 from mattslot/master. [Alexandre Dulaunoy] |
| * Added /usr/include/pcap to the PCAP search path | | |
| (Henrik Nordstrom) | | Add renegotiation_info extension |
| | - Add renegotiation_info extension. [Matt Slot] |
| Sat Sep 15 13:41:10 2001 EKR <ekr@rtfm.com> | | - Merge pull request #33 from wllm-rbnt/oob-reads. [Alexandre Dulaunoy] |
| * Fix to ssldecode.c to remove error with empty | | |
| struct when compiling with VC++ and no OpenSSL | | Fix multiple segfaults on out-of-bounds read access |
| (Greg Stark) | | - Fix multiple segfault by OOB read because of wrong format string |
| | specifier. [William Robinet] |
| * Change to vcwin32.mak to print out that you're not | | - Fix segfault by OOB read on malformed packets (2) [William Robinet] |
| using OpenSSL (Greg Stark) | | - Fix segfault by OOB read on malformed packets. [William Robinet] |
| | - Merge pull request #31 from wllm-rbnt/autoconf2020. [Alexandre |
| * Automatic version changing courtesy of version-change.pl | | Dulaunoy] |
| | |
| Fri Sep 14 15:22:29 2001 EKR <ekr@rtfm.com> | | Autoconf2020 |
| * Fixed bug 4. Delete the MS after decrypting a PMS | | - Fix deprecation warning from libcap 1.9.1. [William Robinet] |
| to force new MS generation in the key generation phase. | | - Make FreeBSD (12.1) happy. [William Robinet] |
| This makes decryption of renegotiated connections work | | - Update CI workflow. [William Robinet] |
| correctly. This got broken when session resumption | | - Apply Replace-direct-struct-access-patterns-with-OpenSSL-1.1-ge.patch |
| was added. | | from Debian pkg. [William Robinet] |
| | | - Update readme. [William Robinet] |
| 2001-09-14 Eric Rescorla <ekr@rtfm.com> | | - Fix readme. [William Robinet] |
| | - Improve lib detection and .gitignore. [William Robinet] |
| * Imported Greg Stark's Win32 port | | - Remove generated file. [William Robinet] |
| | - Add man page to Makefile.am. [William Robinet] |
| Sun Sep 2 15:53:06 2001 EKR <ekr@rtfm.com> | | - Fix warning about type of arguments of pcap_handler. [William Robinet] |
| * Fixed the reassembler so it doesn't crash when | | - Fix warning about signal() arguments type. [William Robinet] |
| FIN/RST segments have data. | | - Fix build warnings for missing prototypes. [William Robinet] |
| | - Add build deps to readme. [William Robinet] |
| * closure/connection freeing now works, thus meaning less | | - Fix readme. [William Robinet] |
| memory leakage and less crashing. | | - Autoconf setup rewritten. [William Robinet] |
| | - Set theme jekyll-theme-minimal. [Alexandre Dulaunoy] |
| * A bunch of trivial makefile/configure fixes. | | - Merge pull request #27 from microolap-technologies/resumed_sessions. |
| | [Alexandre Dulaunoy] |
| Fri Jul 20 16:40:51 2001 EKR <ekr@rtfm.com> | | |
| * Removed loading of certificate file. This served | | add support to decrypt resumed sessions |
| no real purpose. Fix for bug 5. | | - Add support to decrypt resumed sessions. [Aleksey Ryabkov] |
| | - First test workflow. [Alexandre Dulaunoy] |
| Fri Jul 20 11:02:09 2001 EKR <ekr@rtfm.com> | | - Merge pull request #25 from microolap-technologies/sni_2_srv_name. |
| * Fixed initialization so that the key file is loaded | | [Alexandre Dulaunoy] |
| only once. | | |
| | use sni in server_name |
| Removed default keyfile and password. You now must | | - Use sni in server_name. [Aleksey Ryabkov] |
| specify them. You also get an error if you specify | | |
| a bad password or keyfile. | | v1.1 (2019-12-28) |
| | ----------------- |
| Fri Jul 20 10:17:36 2001 EKR <ekr@rtfm.com> | | |
| * Added support for session resumption. | | Changes |
| | ~~~~~~~ |
| Fri Jul 20 10:17:16 2001 EKR <ekr@rtfm.com> | | - [doc] Changelog reflecting v1.0 release. [Alexandre Dulaunoy] |
| * Fixed SEQ_LT problems on Linux and other compilation | | |
| problems. | | Other |
| | ~~~~~ |
| Tue Mar 6 2001 EKR <ekr@rtfm.com> | | - Merge pull request #24 from mattslot/master. [Alexandre Dulaunoy] |
| * Removed statically allocated conn array. We can now | | |
| have an arbitrary number of | | Explicit parameter types for static prototypes |
| | - Explicit parameter types for static prototypes. [Matt Slot] |
| Thu Nov 9 12:14:15 2000 EKR <ekr@rtfm.com> | | - Merge pull request #22 from EaseTheWorld/handshake. [Alexandre |
| * Cleanups to the man page and cleaned up some cases | | Dulaunoy] |
| where printing didn't work quite right. | | |
| | Handle weird 3-way handshake(syn&ack -> syn -> ack) |
| Mon Nov 6 10:22:25 2000 EKR <ekr@rtfm.com> | | - Handle weird 3-way handshake(syn&ack -> syn -> ack) I have pcaps from |
| * Added the -X flag to force hex-only printing when | | Cisco2960 span port and found some tcp handshake has weird order 3-way |
| binary data is displayed as hex dumps. | | handshake. It seems first packet order between sessions is not |
| | guaranted for cisco span. maybe. Current state transition is |
| Fri Nov 3 09:23:35 2000 EKR <ekr@rtfm.com> | | INIT -- syn --> SYN1 -- syn&ack --> SYN2 -- ack --> ESTABLISHED New |
| * cleaned up the case where multiple handshake messages | | state transition starts with SYN1 or SYN2 and adds(revive actually) |
| are in the same SSL record. | | STATE_ACK to handle both cases. case1 : INIT -- syn --> SYN1 -- |
| | syn&ack -->ACK -- ack --> ESTABLISHED (normal) case2 : INIT -- syn&ack |
| Fri Nov 3 09:14:39 2000 EKR <ekr@rtfm.com> | | --> SYN2 -- syn -->ACK -- ack --> ESTABLISHED (weird) [EaseTheWorld] |
| * Modified printing so that when we're printing hex dumps | | |
| of application data traffic we also print the printable | | v1.0 (2019-05-26) |
| sections of the data itself in a column on the side. | | ----------------- |
| | |
| Thu Nov 2 14:14:21 2000 EKR <ekr@rtfm.com> | | Changes |
| * Modified cipher suite printing so that the names have | | ~~~~~~~ |
| SSL_ if we're doing SSLv3 and TLS_ if we're doing TLS. | | - [build] v1.0 released. [Alexandre Dulaunoy] |
| Suggestion by Eric Murray. | | - [changelog] v1.0 released. [Alexandre Dulaunoy] |
| | - [build] gitchangelogrc configuration added. [Alexandre Dulaunoy] |
| Thu Nov 2 13:07:09 2000 EKR <ekr@rtfm.com> | | |
| * Fixed an ABW in ssldecode.c that caused crashes | | Other |
| on Solaris. Also, fixed a bunch of memory leaks | | ~~~~~ |
| using Purify. | | - Merge pull request #21 from qha/repair-make-targets. [Alexandre |
| | Dulaunoy] |
| Thu Nov 2 08:45:42 2000 EKR <ekr@rtfm.com> | | |
| * Various Portability fixes | | Repair make targets and ssl/ssldecode.c, bump version |
| CC=gcc -> CC=@CC@ in Makefile | | - Rerun autoconf. [Ulrik Haugen] |
| Removed FLAGS in Makefile (it was a noop) | | - Bump version. [Ulrik Haugen] |
| in base/tcpconn.c, changed {} to {0} to appease HPUX's compiler | | - Repair ssl_key_log_file handling. [Ulrik Haugen] |
| made create_null_analyzer.c static as it should be. | | |
| Removed the final (bogus) entry in null_vtbl. | | Set ssl_key_log_file to null in ssl_decode_ctx_create if no |
| made sslx__print_serial() static to match its prototype | | file name was supplied. |
| Rearranged library order for better linkage | | |
| Thanks to Lutze Jainecke for these fixes. | | Only seek ssl_key_log_file in ssl_read_key_log_file if it |
| | is non null. |
| Thu Nov 2 08:41:10 2000 EKR <ekr@rtfm.com> | | |
| * Added -r as a synonym for -f. -f will eventually | | Repair order of fseek parameters. |
| be removed and reused for some other option. | | - Take project name and version from configure define. [Ulrik Haugen] |
| This was done for option compatibility with tcpdump | | |
| and on the theory that someday I might add a -w. | | ... in print_version. |
| | - Enable compiling without std c99 when OPENSSL is defined. [Ulrik |
| * Renamed -h to -H and added it to the documentation. | | Haugen] |
| -h now triggers usage info. | | - Repair spelling in comments. [Ulrik Haugen] |
| | - Remove presumably extraneous files. [Ulrik Haugen] |
| Thu Nov 2 08:38:06 2000 EKR <ekr@rtfm.com> | | - Remove extraneous files. [Ulrik Haugen] |
| * Removed blank lines in the man page. This confuses some | | - Add .gitignore. [Ulrik Haugen] |
| man page formatters. (Thanks to Hugh Mandeville for pointing | | - Make install target install doc files. [Ulrik Haugen] |
| this one out) | | - Repair installdir variable names. [Ulrik Haugen] |
| | - Repair dist target. [Ulrik Haugen] |
| Thu Nov 2 08:37:59 2000 EKR <ekr@rtfm.com> | | |
| * Wired up -N (it was unwired) | | Mark phony targets as such. |
| | |
| Thu Nov 2 08:37:47 2000 EKR <ekr@rtfm.com> | | Cease use of unobtainable version-check.pl. |
| * Added -D_BSD_SOURCE=1 when you're compiling on Linux. | | |
| (Allowing it to compile) | | Take version from configure substituted variable. |
| | |
| | Adjust dist archive location. |
| | |
| | Prune more backup files. |
| | - Whitespace. [Ulrik Haugen] |
| | - Set package name in configure.in, move version there. [Ulrik Haugen] |
| | - Merge pull request #19 from 1div0/master. [Alexandre Dulaunoy] |
| | |
| | GREASE |
| | - GREASE. [Peter Kovář] |
| | - Merge pull request #18 from mathewmarcus/dh_aes_gcm_support. |
| | [Alexandre Dulaunoy] |
| | |
| | Dh aes gcm support |
| | - Use macro to check if cipher is AEAD. [mathewmarcus] |
| | - Update man page with -l sslkeylogfile option. [mathewmarcus] |
| | - Updated relevant ciphersuites with GCM enc. [mathewmarcus] |
| | - Added fix for AES256 GCM decryption. [mathewmarcus] |
| | - Added case insensitive string comparison macro. [mathewmarcus] |
| | - Added support for AES GCM decryption. [mathewmarcus] |
| | - Use sslkeylogfile to get MS if possible. [mathewmarcus] |
| | - Added function to extract MS from sslkeylogfile. [mathewmarcus] |
| | - Added GCM specific ciphersuite info. [mathewmarcus] |
| | - Added sslkeylogfile pointer to decode ctx. [mathewmarcus] |
| | - Fix decoding and printing of DiffieHellman Client params. |
| | [mathewmarcus] |
| | - Add l option for SSLKEYLOGFILE. [mathewmarcus] |
| | - Merge pull request #17 from mathewmarcus/fix_extension_bug. [Alexandre |
| | Dulaunoy] |
| | |
| | correctly handle case where server hello does not request extension s… |
| | - Improve syntax. [mathewmarcus] |
| | - Correctly handle case where server hello does not request extension |
| | specified by client. [mathewmarcus] |
| | - Merge pull request #16 from mathewmarcus/tls_extensions. [Alexandre |
| | Dulaunoy] |
| | |
| | Tls extensions |
| | - Code cleanup. [mathewmarcus] |
| | - Added support for SNI. [mathewmarcus] |
| | - Added support for encrypt-then-mac. [mathewmarcus] |
| | - Finished support for extended master secret. [mathewmarcus] |
| | - Calculate session hash. [mathewmarcus] |
| | - Added struct to store extensions. [mathewmarcus] |
| | - Added struct to store extensions. [mathewmarcus] |
| | - Revert "moved struct ssl_decoder_ definition into header file because |
| | we need it in ssl.enums.c" [Mathew Marcus] |
| | |
| | This reverts commit 193c6001086920c0623593aba373f948aa275f8d. |
| | - Moved struct ssl_decoder_ definition into header file because we need |
| | it in ssl.enums.c. [mathewmarcus] |
| | - Added handler for extended master secret extension. [mathewmarcus] |
| | - Rename functions. [mathewmarcus] |
| | - Record handshake messages for session hash. [Mathew Marcus] |
| | - Include extensions in output. [mathewmarcus] |
| | - Merge pull request #15 from Whissi/update-ciphers. [Alexandre |
| | Dulaunoy] |
| | |
| | Update ciphers |
| | - Adjust cipher suite formation. [Thomas Deutschmann] |
| | - Add TLS 1.3 cipher suites. [Thomas Deutschmann] |
| | - Add fallback signaling cipher suite. [Thomas Deutschmann] |
| | - Add CHACHA20_POLY1305 cipher suite. [Thomas Deutschmann] |
| | - Merge pull request #14 from davidkretch/fix-typo. [Alexandre Dulaunoy] |
| | |
| | Fix a typo in the man page |
| | - Fix a typo in the man page. [David Kretch] |
| | |
| | Delete the extra "to" in "To decrypt traffic to to host" under the examples se |
| | ction. |
| | - Merge pull request #13 from alperakcan/master. [Alexandre Dulaunoy] |
| | |
| | fix ssl record queue data read |
| | - - fix mis calculation of read_left if queue already has some data, |
| | which might not be bigger than ssl_header_size - update q->ptr only if |
| | q->data is changed. [Alper Akcan] |
| | - Merge pull request #1 from adulau/master. [Alper Akcan] |
| | |
| | Merge pull request #12 from alperakcan/master |
| | - Merge pull request #12 from alperakcan/master. [Alexandre Dulaunoy] |
| | |
| | Fix packet length calculation if IP length is 0, due to TSO |
| | - Fix packet length calculation if IP length is 0, due to TSO. [Alper |
| | Akcan] |
| | - Typo fixed. [Alexandre Dulaunoy] |
| | - Explanation added in a new README. [Alexandre Dulaunoy] |
| | - Merge pull request #9 from PequalsNP-team/master. [Alexandre Dulaunoy] |
| | |
| | updated configure for new libpcap location on most linux distro |
| | - Updated configure for new libpcap location on most linux distro. |
| | [thez3ro] |
| | - Merge pull request #7 from knowtoto/master. [Alexandre Dulaunoy] |
| | |
| | Fix a null pointer dereference bug |
| | - Fix a null pointer dereference bug of tls12_prf be caused by invalid |
| | extern declaration for digests variable. [hyunkyu.oh] |
| | - Merge pull request #5 from wllm-rbnt/master. [Alexandre Dulaunoy] |
| | |
| | More code cleaning |
| | - Include string.h (remove warnings about memcpy) [William Robinet] |
| | - Fix order of arguments in calls to calloc. [William Robinet] |
| | - "Each invocation of va_start() must be matched by a corresponding |
| | invocation of va_end()" [William Robinet] |
| | - Remove dead code. [William Robinet] |
| | - Do not use uninitialized variable. [William Robinet] |
| | - Make valgrind/memcheck happy. [William Robinet] |
| | - Add missing comma (introduced by |
| | 2d067c26503ace1466d132e7efd9f0ff7885295a) [William Robinet] |
| | - Merge pull request #4 from wllm-rbnt/master. [Alexandre Dulaunoy] |
| | |
| | Fix cleanup loop |
| | - Avoid auto-vivisection during connection clean-up ... [William |
| | Robinet] |
| | - Fix inactive connection removal. [William Robinet] |
| | - Merge pull request #3 from wllm-rbnt/master. [Alexandre Dulaunoy] |
| | |
| | [bugfix] Initialize initial reference timeval |
| | - Initialize initial reference timeval Avoids wrong cleaning of first |
| | connection(s) [William Robinet] |
| | - Merge pull request #2 from wllm-rbnt/master. [Alexandre Dulaunoy] |
| | |
| | Fixes for 2 memory leaks and in flight structure cleaning |
| | - Fix memory leak if SSL session id is not present. [William Robinet] |
| | - In flight connection pool cleaning. [William Robinet] |
| | - Fix memory leak at connection closing. [William Robinet] |
| | - Merge pull request #1 from wllm-rbnt/csloop. [Alexandre Dulaunoy] |
| | |
| | Fix for infinite loop in Ciphers Suite decoding |
| | - Fix for infinite loop in Ciphers Suite decoding. [William Robinet] |
| | - Dtable bug fixed: list overrun (from NetBSD tree) [Alexandre Dulaunoy] |
| | - Memory leak per TLS session removed. Call cleanup after each |
| | finalization. [Alexandre Dulaunoy] |
| | - Free also the packet structure. [Alexandre Dulaunoy] |
| | - Snaplen increased to the default jumbo frame size. [Alexandre |
| | Dulaunoy] |
| | |
| | If the snaplen is lower than the total frame length announced, |
| | ssldump won't be able to reassemble the payload. "Length mismatch" |
| | error. Tested on Ethernet uplinks supporting jumbo frame. |
| | - Continue even if no IP address is assigned on the interface. |
| | [Alexandre Dulaunoy] |
| | |
| | ssldump in a production environment can be used on a capture |
| | interface where no IP addresses are assigned. Print a warning instead |
| | of exiting. |
| | - Modern config.guess/sub from Ubuntu ssldump package. [Alexandre |
| | Dulaunoy] |
| | - Ssldump-0.9-ciphersuites.patch. [Alexandre Dulaunoy] |
| | - Ssldump-0.9-ssl-enums.patch. [Alexandre Dulaunoy] |
| | - Ssldump-0.9-tlsv12.patch. [Alexandre Dulaunoy] |
| | - Ssldump-0.9-pcap-vlan.patch. [Alexandre Dulaunoy] |
| | - Ssldump-0.9-link_layer.patch. [Alexandre Dulaunoy] |
| | - Ssldump-0.9-table-stops.patch. [Alexandre Dulaunoy] |
| | - Sldump-0.9-cvs-20060619.patch. [Alexandre Dulaunoy] |
| | - Sldump-0.9-aes.patch. [Alexandre Dulaunoy] |
| | - Sldump-0.9-libpcap.patch. [Alexandre Dulaunoy] |
| | - Ssldump-0.9-openssl.patch. [Alexandre Dulaunoy] |
| | - Ssldump_0.9b3.orig.tar.gz Import. [Alexandre Dulaunoy] |
| | | |
| End of changes. 3 change blocks. |
|---|
| 3 lines changed or deleted | | 4 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 