/*
* Display the revision number for this program
*/
void version(void)
{
radlog(L_INFO, "%s: %s", progname, radiusd_version);
DEBUG3("Server was built with: ");
#ifdef WITH_ACCOUNTING
DEBUG3(" accounting");
#endif
DEBUG3(" authentication"); /* always enabled */
/* here are all the conditional feature flags */
#if defined(WITH_DHCP)
DEBUG3(" WITH_DHCP");
#endif
#if defined(WITH_VMPS)
DEBUG3(" WITH_VMPS");
#endif
#if defined(OSFC2)
DEBUG3(" OSFC2");
#endif
#if defined(WITHOUT_PROXY)
DEBUG3(" WITHOUT_PROXY");
#endif
#if defined(WITHOUT_DETAIL)
DEBUG3(" WITHOUT_DETAIL");
#endif
#if defined(WITHOUT_SESSION_MGMT)
DEBUG3(" WITHOUT_SESSION_MGMT");
#endif
#if defined(WITHOUT_UNLANG)
DEBUG3(" WITHOUT_UNLANG");
#endif
#if defined(WITHOUT_ACCOUNTING)
DEBUG3(" WITHOUT_ACCOUNTING");
#endif
#if defined(WITHOUT_DYNAMIC_CLIENTS)
DEBUG3(" WITHOUT_DYNAMIC_CLIENTS");
#endif
#if defined(WITHOUT_STATS)
DEBUG3(" WITHOUT_STATS");
#endif
#if defined(WITHOUT_COMMAND_SOCKET)
DEBUG3(" WITHOUT_COMMAND_SOCKET");
#endif
#if defined(WITHOUT_COA)
DEBUG3(" WITHOUT_COA");
#endif
DEBUG3("Server core libs:");
DEBUG3(" ssl: %s", ssl_version());
radlog(L_INFO, "Copyright (C) 1999-2013 The FreeRADIUS server project and contributors.");
radlog(L_INFO, "There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A");
radlog(L_INFO, "PARTICULAR PURPOSE.");
radlog(L_INFO, "You may redistribute copies of FreeRADIUS under the terms of the");
radlog(L_INFO, "GNU General Public License.");
radlog(L_INFO, "For more information about these matters, see the file named COPYRIGHT.");
fflush(NULL);
}
int main(int argc, char ** argv) {
void * libptr;
const char * (*ssl_version)(int t);
const char * version;
if (argc < 1) {
puts("report_openssl_version filename");
exit(1);
}
libptr = dlopen(argv[1], 0);
ssl_version = (const char * (*)(int))dlsym(libptr, "SSLeay_version");
if ((void *)ssl_version == NULL) {
ssl_version = (const char * (*)(int))dlsym(libptr, "ssleay_version");
if ((void *)ssl_version == NULL) {
ssl_version = (const char * (*)(int))dlsym(libptr, "SSLEAY_VERSION");
}
}
dlclose(libptr);
if ((void *)ssl_version == NULL) {
puts("Unable to lookup version of OpenSSL");
exit(1);
}
version = ssl_version(SSLEAY_VERSION);
puts(version);
/* Was a symbol argument given? */
if (argc > 1) {
int status;
struct dsc$descriptor_s symbol_dsc;
struct dsc$descriptor_s value_dsc;
const unsigned long table_type = LIB$K_CLI_LOCAL_SYM;
symbol_dsc.dsc$a_pointer = argv[2];
symbol_dsc.dsc$w_length = strlen(argv[2]);
symbol_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
symbol_dsc.dsc$b_class = DSC$K_CLASS_S;
value_dsc.dsc$a_pointer = (char *)version; /* Cast ok */
value_dsc.dsc$w_length = strlen(version);
value_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
value_dsc.dsc$b_class = DSC$K_CLASS_S;
status = LIB$SET_SYMBOL(&symbol_dsc, &value_dsc, &table_type);
if (!$VMS_STATUS_SUCCESS(status)) {
exit(status);
}
}
exit(0);
}
/**
* Main entry point. Doesn't do much except works out whether we are a client
* or a server.
*/
int main(int argc, char *argv[])
{
#ifdef WIN32
WSADATA wsaData;
WORD wVersionRequested = MAKEWORD(2, 2);
WSAStartup(wVersionRequested, &wsaData);
#elif !defined(CONFIG_PLATFORM_SOLARIS)
signal(SIGPIPE, SIG_IGN); /* ignore pipe errors */
#endif
if (argc == 2 && strcmp(argv[1], "version") == 0) {
printf("axssl %s %s\n", ssl_version(), __DATE__);
exit(0);
}
if (argc < 2 || (
strcmp(argv[1], "s_server") && strcmp(argv[1], "s_client")))
print_options(argc > 1 ? argv[1] : "");
strcmp(argv[1], "s_server") ?
do_client(argc, argv) : do_server(argc, argv);
return 0;
}
size_t Curl_axtls_version(char *buffer, size_t size)
{
return snprintf(buffer, size, "axTLS/%s", ssl_version());
}
static SQRESULT sq_axtls_version(HSQUIRRELVM v){
sq_pushstring(v,(const char*)ssl_version(), -1);
return 1;
}
/*
* dissect/print packet
*/
void
got_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet)
{
#ifdef LOG_COUNTER
static u_long count = 1; /* packet counter */
#endif
/* declare pointers to packet headers */
const struct sniff_ethernet *ethernet; /* The ethernet header [1] */
const struct sniff_ip *ip; /* The IP header */
const struct sniff_tcp *tcp; /* The TCP header */
const u_char *payload; /* Packet payload */
int size_ip;
int size_iptotal;
int size_tcp;
int size_payload;
#ifdef LOG_COUNTER
printf("%u\t", count);
count++;
#endif
/* define ethernet header */
ethernet = (struct sniff_ethernet*)(packet);
/* define/compute ip header offset */
ip = (struct sniff_ip*)(packet + SIZE_ETHERNET);
size_ip = IP_HL(ip)*4;
if (size_ip < 20) {
printf("Invalid IP header length: %u bytes\n", size_ip);
return;
}
#ifdef LOG_ADDRESSES
/* print source and destination IP addresses */
printf("%s\t", inet_ntoa(ip->ip_src));
printf("%s\t", inet_ntoa(ip->ip_dst));
#endif
/* determine protocol */
switch(ip->ip_p) {
case IPPROTO_TCP:
break;
case IPPROTO_UDP:
printf("UDP\n");
return;
case IPPROTO_ICMP:
printf("ICMP\n");
return;
case IPPROTO_IP:
printf("IP\n");
return;
default:
printf("Protocol: unknown\n");
return;
}
/*
* OK, this packet is TCP.
*/
/* define/compute tcp header offset */
tcp = (struct sniff_tcp*)(packet + SIZE_ETHERNET + size_ip);
size_tcp = TH_OFF(tcp)*4;
if (size_tcp < 20) {
printf("Invalid TCP header length: %u bytes\n", size_tcp);
return;
}
#ifdef LOG_PORTS
printf("%hu\t", ntohs(tcp->th_sport));
printf("%hu\t", ntohs(tcp->th_dport));
#endif
/* compute tcp payload (segment) size */
size_iptotal = ntohs(ip->ip_len);
if (size_iptotal == 0 || size_iptotal > header->caplen)
{
/* if TSO is used, ip_len is 0x0000 */
/* only process up to caplen bytes. */
size_iptotal = header->caplen;
}
size_payload = size_iptotal - (size_ip + size_tcp);
if (size_payload < OFFSET_CIPHER_LIST + 3) { // at least one cipher + compression
printf("TLS handshake header too short: %d bytes\n", size_payload);
return;
}
/* define/compute tcp payload (segment) offset */
payload = (u_char *)(packet + SIZE_ETHERNET + size_ip + size_tcp);
if (payload[0] != TLS_HANDSHAKE) {
printf("Not a TLS handshake: 0x%02hhx\n", payload[0]);
return;
}
u_short proto_version = payload[1]*256 + payload[2];
printf("%s ", ssl_version(proto_version));
u_short hello_version = payload[OFFSET_HELLO_VERSION]*256 + payload[OFFSET_HELLO_VERSION+1];
if (proto_version < SSL_MIN_GOOD_VERSION || proto_version >= SSL_MAX_GOOD_VERSION ||
hello_version < SSL_MIN_GOOD_VERSION || hello_version >= SSL_MAX_GOOD_VERSION) {
printf("%s bad version(s)\n", ssl_version(hello_version));
return;
}
// skip session ID
const u_char *cipher_data = &payload[OFFSET_SESSION_LENGTH];
#ifdef LOG_SESSIONID
if (cipher_data[0] != 0) {
printf("SID[%hhu] ", cipher_data[0]);
}
#endif
if (size_payload < OFFSET_SESSION_LENGTH + cipher_data[0] + 3) {
printf("SessionID too long: %hhu bytes\n", cipher_data[0]);
return;
}
cipher_data += 1 + cipher_data[0];
switch (payload[5]) {
case TLS_CLIENT_HELLO:
printf("ClientHello %s ", ssl_version(hello_version));
u_short cs_len = cipher_data[0]*256 + cipher_data[1];
cipher_data += 2; // skip cipher suites length
// FIXME: check for buffer overruns
int cs_id;
for (cs_id = 0; cs_id < cs_len/2; cs_id++)
printf(":%02hhX%02hhX", cipher_data[2*cs_id], cipher_data[2*cs_id + 1]);
printf(":\n");
break;
case TLS_SERVER_HELLO:
printf("ServerHello %s ", ssl_version(hello_version));
printf("cipher %02hhX%02hhX\n", cipher_data[0], cipher_data[1]);
break;
default:
printf("Not a Hello\n");
return;
}
}
/*
* Display the revision number for this program
*/
void version(void)
{
INFO("%s: %s", progname, radiusd_version);
DEBUG3("Server was built with: ");
#ifdef WITH_ACCOUNTING
DEBUG3(" accounting");
#endif
DEBUG3(" authentication"); /* always enabled */
#ifdef WITH_ASCEND_BINARY
DEBUG3(" ascend binary attributes");
#endif
#ifdef WITH_COA
DEBUG3(" coa");
#endif
#ifdef WITH_COMMAND_SOCKET
DEBUG3(" control-socket");
#endif
#ifdef WITH_DETAIL
DEBUG3(" detail");
#endif
#ifdef WITH_DHCP
DEBUG3(" dhcp");
#endif
#ifdef WITH_DYNAMIC_CLIENTS
DEBUG3(" dynamic clients");
#endif
#ifdef OSFC2
DEBUG3(" OSFC2");
#endif
#ifdef WITH_PROXY
DEBUG3(" proxy");
#endif
#ifdef HAVE_PCREPOSIX_H
DEBUG3(" regex-pcre");
#else
#ifdef HAVE_REGEX_H
DEBUG3(" regex-posix");
#endif
#endif
#ifdef WITH_SESSION_MGMT
DEBUG3(" session-management");
#endif
#ifdef WITH_STATS
DEBUG3(" stats");
#endif
#ifdef WITH_TCP
DEBUG3(" tcp");
#endif
#ifdef WITH_THREADS
DEBUG3(" threads");
#endif
#ifdef WITH_TLS
DEBUG3(" tls");
#endif
#ifdef WITH_UNLANG
DEBUG3(" unlang");
#endif
#ifdef WITH_VMPS
DEBUG3(" vmps");
#endif
DEBUG3("Server core libs:");
DEBUG3(" talloc : %i.%i.*", talloc_version_major(),
talloc_version_minor());
DEBUG3(" ssl : %s", ssl_version());
INFO("Copyright (C) 1999-2013 The FreeRADIUS server project and contributors");
INFO("There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A");
INFO("PARTICULAR PURPOSE");
INFO("You may redistribute copies of FreeRADIUS under the terms of the");
INFO("GNU General Public License");
INFO("For more information about these matters, see the file named COPYRIGHT");
fflush(NULL);
}