From 824e4e2b871b5b0037f2f37124ae0edad8cb70e9 Mon Sep 17 00:00:00 2001 From: Heiko Reese Date: Wed, 4 Dec 2013 18:01:37 +0100 Subject: [PATCH 1/4] Added switch --xmpp-domain. --- sslscan.c | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/sslscan.c b/sslscan.c index 6ae6ec3..303d8ac 100644 --- a/sslscan.c +++ b/sslscan.c @@ -118,6 +118,7 @@ struct sslCheckOptions int starttls_pop3; int starttls_smtp; int starttls_xmpp; + char *xmpp_domain; int sslVersion; int targets; int pout; @@ -326,16 +327,16 @@ int tcpConnect(struct sslCheckOptions *options) /* This is so ghetto, you cannot release it! */ char xmpp_setup[1024]; // options->host is 512 bytes long - /* XXX: TODO - options->host isn't always the host you want to test - eg: - talk.google.com actually expects gmail.com, not talk.google.com - jabber.ccc.de expects jabber.ccc.de - - It may be useful to provide a commandline switch to provide the - expected hostname. - */ + char xmpp_to[512]; + // use hostname if not defined explicitly + if( options->xmpp_domain == 0) { + strncpy(xmpp_to, options->host, sizeof(xmpp_to)); + } else { + strncpy(xmpp_to, options->xmpp_domain, sizeof(xmpp_to)); + } + if (snprintf(xmpp_setup, sizeof(xmpp_setup), "\r\n" - "\r\n", options->host) >= sizeof(xmpp_setup)) { + "\r\n", xmpp_to) >= sizeof(xmpp_setup)) { printf("(internal error: xmpp_setup buffer too small)\n"); abort(); } @@ -1933,6 +1934,11 @@ int main(int argc, char *argv[]) options.sslVersion = tls_v1; options.starttls_xmpp = true; } + // XMPP... Domain + else if (strncmp("--xmpp-domain=", argv[argLoop], 14) == 0) + { + options.xmpp_domain = argv[argLoop] +14; + } // SSL v2 only... else if (strcmp("--ssl2", argv[argLoop]) == 0) @@ -2048,6 +2054,7 @@ int main(int argc, char *argv[]) printf(" %s--starttls-pop3%s STARTTLS setup for POP3\n", COL_GREEN, RESET); printf(" %s--starttls-smtp%s STARTTLS setup for SMTP\n", COL_GREEN, RESET); printf(" %s--starttls-xmpp%s STARTTLS setup for XMPP\n", COL_GREEN, RESET); + printf(" %s--xmpp-domain=%s Specify this if the XMPP domain is different from the hostname\n", COL_GREEN, RESET); printf(" %s--http%s Test a HTTP connection.\n", COL_GREEN, RESET); printf(" %s--bugs%s Enable SSL implementation bug work-\n", COL_GREEN, RESET); printf(" arounds.\n"); From e6fc0be6f12e75d03da3f7a51c240adb7bb06d78 Mon Sep 17 00:00:00 2001 From: Heiko Reese Date: Wed, 4 Dec 2013 18:05:30 +0100 Subject: [PATCH 2/4] Update README --- README | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README b/README index 80c41cd..9c38b37 100644 --- a/README +++ b/README @@ -1,5 +1,7 @@ This is a fork of sslscan.c to better support STARTTLS. +This is a fork of the fork that adds a switch to specify the XMPP-Domain. + The original home page of sslscan is: http://www.titania.co.uk From a6b0a19fbfaecbe54931d3bed5f63a775a47f499 Mon Sep 17 00:00:00 2001 From: Heiko Reese Date: Mon, 10 Mar 2014 18:37:19 +0100 Subject: [PATCH 3/4] Added option to set timeout on sockets. --- sslscan.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/sslscan.c b/sslscan.c index 303d8ac..f80598e 100644 --- a/sslscan.c +++ b/sslscan.c @@ -119,6 +119,7 @@ struct sslCheckOptions int starttls_smtp; int starttls_xmpp; char *xmpp_domain; + int socket_timeout; int sslVersion; int targets; int pout; @@ -271,6 +272,7 @@ int tcpConnect(struct sslCheckOptions *options) int tlsStarted = 0; char buffer[BUFFERSIZE]; int status; + struct timeval timeout; // Create Socket socketDescriptor = socket(AF_INET, SOCK_STREAM, 0); @@ -280,6 +282,19 @@ int tcpConnect(struct sslCheckOptions *options) return 0; } + // set socket timeout + if (options->socket_timeout > 0) { + timeout.tv_sec = options->socket_timeout; + timeout.tv_usec = 0; + + if (setsockopt (socketDescriptor, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout, sizeof(timeout)) < 0) { + printf("%s WARNING: Unable to set receive timeout.%s\n", COL_RED, RESET); + } + if (setsockopt (socketDescriptor, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout, sizeof(timeout)) < 0) { + printf("%s WARNING: Unable to set receive timeout.%s\n", COL_RED, RESET); + } + } + // Connect status = connect(socketDescriptor, (struct sockaddr *) &options->serverAddress, sizeof(options->serverAddress)); if(status < 0) @@ -1960,6 +1975,12 @@ int main(int argc, char *argv[]) else if (strcmp("--http", argv[argLoop]) == 0) options.http = 1; + // Socket Timeout + else if ((strncmp("--timeout=", argv[argLoop], 10) == 0) && (strlen(argv[argLoop]) > 10)) + { + options.socket_timeout = atoi(argv[argLoop] + 10); + } + // Host (maybe port too)... else if (argLoop + 1 == argc) { @@ -2059,6 +2080,7 @@ int main(int argc, char *argv[]) printf(" %s--bugs%s Enable SSL implementation bug work-\n", COL_GREEN, RESET); printf(" arounds.\n"); printf(" %s--xml=%s Output results to an XML file.\n", COL_GREEN, RESET); + printf(" %s--timeout=%s Set timeout in seconds.\n", COL_GREEN, RESET); printf(" %s--version%s Display the program version.\n", COL_GREEN, RESET); printf(" %s--verbose%s Display verbose output.\n", COL_GREEN, RESET); printf(" %s--help%s Display the help text you are now\n", COL_GREEN, RESET); From 85eb7e7f47d65019b75473d8833a6da4b8748731 Mon Sep 17 00:00:00 2001 From: Heiko Reese Date: Mon, 10 Mar 2014 18:38:29 +0100 Subject: [PATCH 4/4] Reverted README to original state. --- README | 2 -- 1 file changed, 2 deletions(-) diff --git a/README b/README index 9c38b37..80c41cd 100644 --- a/README +++ b/README @@ -1,7 +1,5 @@ This is a fork of sslscan.c to better support STARTTLS. -This is a fork of the fork that adds a switch to specify the XMPP-Domain. - The original home page of sslscan is: http://www.titania.co.uk