Fix sniffer #7973
Merged
Fix sniffer #7973
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Assigning back to @bandi13. Failing one of the sniffer tests |
dgarske
requested changes
Sep 23, 2024
| } | ||
| else { | ||
| /* packet doesn't contain minimum ip/tcp header */ | ||
| continue; | ||
| } | ||
| int ptype = pcap_datalink(pcap); |
There was a problem hiding this comment.
Avoid mixed-declaration. Move int ptype up. Also please add comment documenting what Linux SLL is and what the 2 bytes are.
bandi13
force-pushed
the
fixSniffer
branch
2 times, most recently
from
cd14a7b
to
71d37bf
Compare
dgarske
requested changes
Sep 27, 2024
bandi13
force-pushed
the
fixSniffer
branch
2 times, most recently
from
e5ba8b3
to
aab5752
Compare
|
retest this please |
dgarske
requested changes
Oct 21, 2024
src/sniffer.c
Outdated
| for (i = 0; i < chainSz; i++) | ||
| for (i = 0; i < chainSz; i++) length += chain[i].iov_len; | ||
|
|
||
| tmpPacket = (byte*)XMALLOC(length, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
There was a problem hiding this comment.
I wonder if there is a better dynamic type like DYNAMIC_TYPE_SNIFFER_PB_BUFFER that could be used or maybe even a new DYNAMIC_TYPE_SNIFFER_CHAIN_BUFFER?
dgarske
requested changes
Oct 29, 2024
There was a problem hiding this comment.
Can you update the comment: "Please run directly from wolfSSL root dir".... It is no longer true.
Enter the port to scan [default: 11111, '0' for all]:
Enter the server key [default: ../../certs/statickeys/ecc-secp256r1.pem,../../certs/statickeys/dh-ffdhe2048.pem,../../certs/statickeys/x25519.pem]:
Enter alternate SNI [default: none]:
Failed loading private key ../../certs/statickeys/ecc-secp256r1.pem: ret -1
Please run directly from wolfSSL root dir
Failed loading private key ../../certs/statickeys/dh-ffdhe2048.pem: ret -1
Please run directly from wolfSSL root dir
Failed loading private key ../../certs/statickeys/x25519.pem: ret -1
Please run directly from wolfSSL root dir
davidgarske@Davids-MacBook-Pro-2 wolfssl % pwd
/Users/davidgarske/GitHub/wolfssl
Detect reading of packet errors --enable-all and --enable-sniffer exposed this issue Don't need variable Rework argument parsing Need a way to allow arguments to be supplied more granularly. Partucilarly, I needed a "-tracefile" argument without requiring the use of a PCAP file Fix error prints to STDERR Fix setting of port filtering Fix 80 char limit Not actually a bad packet when there are no more packets Fix strcat size Allow the sniffer to print the trace to STDOUT Fix indexing Take out superfluous error which is handled later Set default port to 11111 Single return point Combine chain to one contiguous memory block Fix return Add in error handling for XMALLOC Add in debugging output when --enable-debug It makes no sense to allocate a ton of small buffers to process chains Ultimately, the code is slower because of the several small memcpy instead of a single large contiguous memcpy Pass in a device name Fix unused variable Fix cast Addressing PR comments Add new flags to --help
Done, and squashed. |
dgarske
approved these changes
Oct 29, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Using Linux, there is a 'linux cooked capture' layer that is added on, and the packets seem to contain two extra bytes.
Also reworked the argument handling to be able to individually add in arguments without needing to pass in a PCAP file. Now we can sniff live packets and set filters. Additionally, we can now define the output of the trace file.
Testing
Able to read packet capture when using 'any' interface