-
-
-
-
-diff -ruN ssldump-0.9b3.orig/ssl/ciphersuites.c ssl/ciphersuites.c
---- ssldump-0.9b3.orig/ssl/ciphersuites.c 2002-08-16 19:33:17.000000000 -0600
-+++ ssldump-0.9b3/ssl/ciphersuites.c 2003-04-25 11:30:44.000000000 -0600
-@@ -78,10 +78,25 @@
- {25,KEX_DH,SIG_NONE,ENC_DES,8,64,40,DIG_MD5,16,1},
- {26,KEX_DH,SIG_NONE,ENC_DES,8,64,64,DIG_MD5,16,0},
- {27,KEX_DH,SIG_NONE,ENC_3DES,8,192,192,DIG_MD5,16,0},
-+
-+ {47,KEX_RSA,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {48,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {49,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {50,KEX_DH,SIG_DSS,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {51,KEX_DH,SIG_RSA,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+ {52,KEX_DH,SIG_NONE,ENC_AES128,16,128,128,DIG_SHA,20,0},
-+
-+ {53,KEX_RSA,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {54,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {55,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {56,KEX_DH,SIG_DSS,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {57,KEX_DH,SIG_RSA,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+ {58,KEX_DH,SIG_NONE,ENC_AES256,16,256,256,DIG_SHA,20,0},
-+
- {96,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_MD5,16,1},
- {97,KEX_RSA,SIG_RSA,ENC_RC2,1,128,56,DIG_MD5,16,1},
- {98,KEX_RSA,SIG_RSA,ENC_DES,8,64,64,DIG_SHA,20,1},
-- {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,16,1},
-+ {99,KEX_DH,SIG_DSS,ENC_DES,8,64,64,DIG_SHA,20,1},
- {100,KEX_RSA,SIG_RSA,ENC_RC4,1,128,56,DIG_SHA,20,1},
- {101,KEX_DH,SIG_DSS,ENC_RC4,1,128,56,DIG_SHA,20,1},
- {102,KEX_DH,SIG_DSS,ENC_RC4,1,128,128,DIG_SHA,20,0},
-diff -ruN ssldump-0.9b3.orig/ssl/sslciphers.h ssldump-0.9b3/ssl/sslciphers.h
---- ssldump-0.9b3.orig/ssl/sslciphers.h 2002-08-16 19:33:17.000000000 -0600
-+++ ssldump-0.9b3/ssl/sslciphers.h 2003-04-25 11:30:46.000000000 -0600
-@@ -71,7 +71,9 @@
- #define ENC_RC4 0x32
- #define ENC_RC2 0x33
- #define ENC_IDEA 0x34
--#define ENC_NULL 0x35
-+#define ENC_AES128 0x35
-+#define ENC_AES256 0x36
-+#define ENC_NULL 0x37
-
- #define DIG_MD5 0x40
- #define DIG_SHA 0x41
-diff -ruN ssldump-0.9b3.orig/ssl/ssl.enums ssldump-0.9b3/ssl/ssl.enums
---- ssldump-0.9b3.orig/ssl/ssl.enums 2001-07-20 10:44:32.000000000 -0600
-+++ ssldump-0.9b3/ssl/ssl.enums 2003-04-25 11:30:45.000000000 -0600
-@@ -356,6 +356,18 @@
- CipherSuite TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = { 0x00,0x19 };
- CipherSuite TLS_DH_anon_WITH_DES_CBC_SHA = { 0x00,0x1A };
- CipherSuite TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = { 0x00,0x1B };
-+ CipherSuite TLS_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x2F };
-+ CipherSuite TLS_DH_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x30 };
-+ CipherSuite TLS_DH_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x31 };
-+ CipherSuite TLS_DHE_DSS_WITH_AES_128_CBC_SHA = { 0x00,0x32 };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_128_CBC_SHA = { 0x00,0x33 };
-+ CipherSuite TLS_DH_anon_WITH_AES_128_CBC_SHA = { 0x00,0x34 };
-+ CipherSuite TLS_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x35 };
-+ CipherSuite TLS_DH_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x36 };
-+ CipherSuite TLS_DH_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x37 };
-+ CipherSuite TLS_DHE_DSS_WITH_AES_256_CBC_SHA = { 0x00,0x38 };
-+ CipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA = { 0x00,0x39 };
-+ CipherSuite TLS_DH_anon_WITH_AES_256_CBC_SHA = { 0x00,0x3A };
- CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = { 0x00,0x60 };
- CipherSuite TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = { 0x00,0x61 };
- CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 };
-diff -ruN ssldump-0.9b3.orig/ssl/ssl.enums.c ssldump-0.9b3/ssl/ssl.enums.c
---- ssldump-0.9b3.orig/ssl/ssl.enums.c 2001-07-20 10:44:36.000000000 -0600
-+++ ssldump-0.9b3/ssl/ssl.enums.c 2003-04-25 11:30:45.000000000 -0600
-@@ -611,6 +611,54 @@
- "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA",
- 0 },
- {
-+ 47,
-+ "TLS_RSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 48,
-+ "TLS_DH_DSS_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 49,
-+ "TLS_DH_RSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 50,
-+ "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 51,
-+ "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 52,
-+ "TLS_DH_anon_WITH_AES_128_CBC_SHA",
-+ 0 },
-+ {
-+ 53,
-+ "TLS_RSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 54,
-+ "TLS_DH_DSS_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 55,
-+ "TLS_DH_RSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 56,
-+ "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 57,
-+ "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
-+ 58,
-+ "TLS_DH_anon_WITH_AES_256_CBC_SHA",
-+ 0 },
-+ {
- 96,
- "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5",
- 0 },
-diff -ruN ssldump-0.9b3.orig/ssl/ssl_rec.c ssldump-0.9b3/ssl/ssl_rec.c
---- ssldump-0.9b3.orig/ssl/ssl_rec.c 2000-11-02 23:38:06.000000000 -0700
-+++ ssldump-0.9b3/ssl/ssl_rec.c 2003-04-25 11:30:46.000000000 -0600
-@@ -78,7 +78,9 @@
- "DES3",
- "RC4",
- "RC2",
-- "IDEA"
-+ "IDEA",
-+ "AES128",
-+ "AES256"
- };
-
-
-@@ -101,6 +103,11 @@
- /* Find the SSLeay cipher */
- if(cs->enc!=ENC_NULL){
- ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]);
-+ if(!ciph)
-+ ABORT(R_INTERNAL);
-+ }
-+ else {
-+ ciph=EVP_enc_null();
- }
-
- if(!(dec=(ssl_rec_decoder *)calloc(sizeof(ssl_rec_decoder),1)))
-@@ -169,7 +176,7 @@
- *outl=inl;
-
- /* Now strip off the padding*/
-- if(d->cs->block!=1){
-+ if(d->cs->block>1){
- pad=out[inl-1];
- *outl-=(pad+1);
- }