diff --git a/sslscan.c b/sslscan.c index 6ae6ec3..f80598e 100644 --- a/sslscan.c +++ b/sslscan.c @@ -118,6 +118,8 @@ struct sslCheckOptions int starttls_pop3; int starttls_smtp; int starttls_xmpp; + char *xmpp_domain; + int socket_timeout; int sslVersion; int targets; int pout; @@ -270,6 +272,7 @@ int tcpConnect(struct sslCheckOptions *options) int tlsStarted = 0; char buffer[BUFFERSIZE]; int status; + struct timeval timeout; // Create Socket socketDescriptor = socket(AF_INET, SOCK_STREAM, 0); @@ -279,6 +282,19 @@ int tcpConnect(struct sslCheckOptions *options) return 0; } + // set socket timeout + if (options->socket_timeout > 0) { + timeout.tv_sec = options->socket_timeout; + timeout.tv_usec = 0; + + if (setsockopt (socketDescriptor, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout, sizeof(timeout)) < 0) { + printf("%s WARNING: Unable to set receive timeout.%s\n", COL_RED, RESET); + } + if (setsockopt (socketDescriptor, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout, sizeof(timeout)) < 0) { + printf("%s WARNING: Unable to set receive timeout.%s\n", COL_RED, RESET); + } + } + // Connect status = connect(socketDescriptor, (struct sockaddr *) &options->serverAddress, sizeof(options->serverAddress)); if(status < 0) @@ -326,16 +342,16 @@ int tcpConnect(struct sslCheckOptions *options) /* This is so ghetto, you cannot release it! */ char xmpp_setup[1024]; // options->host is 512 bytes long - /* XXX: TODO - options->host isn't always the host you want to test - eg: - talk.google.com actually expects gmail.com, not talk.google.com - jabber.ccc.de expects jabber.ccc.de - - It may be useful to provide a commandline switch to provide the - expected hostname. - */ + char xmpp_to[512]; + // use hostname if not defined explicitly + if( options->xmpp_domain == 0) { + strncpy(xmpp_to, options->host, sizeof(xmpp_to)); + } else { + strncpy(xmpp_to, options->xmpp_domain, sizeof(xmpp_to)); + } + if (snprintf(xmpp_setup, sizeof(xmpp_setup), "\r\n" - "\r\n", options->host) >= sizeof(xmpp_setup)) { + "\r\n", xmpp_to) >= sizeof(xmpp_setup)) { printf("(internal error: xmpp_setup buffer too small)\n"); abort(); } @@ -1933,6 +1949,11 @@ int main(int argc, char *argv[]) options.sslVersion = tls_v1; options.starttls_xmpp = true; } + // XMPP... Domain + else if (strncmp("--xmpp-domain=", argv[argLoop], 14) == 0) + { + options.xmpp_domain = argv[argLoop] +14; + } // SSL v2 only... else if (strcmp("--ssl2", argv[argLoop]) == 0) @@ -1954,6 +1975,12 @@ int main(int argc, char *argv[]) else if (strcmp("--http", argv[argLoop]) == 0) options.http = 1; + // Socket Timeout + else if ((strncmp("--timeout=", argv[argLoop], 10) == 0) && (strlen(argv[argLoop]) > 10)) + { + options.socket_timeout = atoi(argv[argLoop] + 10); + } + // Host (maybe port too)... else if (argLoop + 1 == argc) { @@ -2048,10 +2075,12 @@ int main(int argc, char *argv[]) printf(" %s--starttls-pop3%s STARTTLS setup for POP3\n", COL_GREEN, RESET); printf(" %s--starttls-smtp%s STARTTLS setup for SMTP\n", COL_GREEN, RESET); printf(" %s--starttls-xmpp%s STARTTLS setup for XMPP\n", COL_GREEN, RESET); + printf(" %s--xmpp-domain=%s Specify this if the XMPP domain is different from the hostname\n", COL_GREEN, RESET); printf(" %s--http%s Test a HTTP connection.\n", COL_GREEN, RESET); printf(" %s--bugs%s Enable SSL implementation bug work-\n", COL_GREEN, RESET); printf(" arounds.\n"); printf(" %s--xml=%s Output results to an XML file.\n", COL_GREEN, RESET); + printf(" %s--timeout=%s Set timeout in seconds.\n", COL_GREEN, RESET); printf(" %s--version%s Display the program version.\n", COL_GREEN, RESET); printf(" %s--verbose%s Display verbose output.\n", COL_GREEN, RESET); printf(" %s--help%s Display the help text you are now\n", COL_GREEN, RESET);