Skip to content

Commit bc4d051

Browse files
sfan5sfan5
committed
Add ECDHE suites to TLS handshake
1 parent 7afa981 commit bc4d051

1 file changed

Lines changed: 28 additions & 10 deletions

File tree

src/banner.c

Lines changed: 28 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -166,29 +166,47 @@ static const char *get_query_tcp(int port, unsigned int *len)
166166
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
167167
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
168168
;
169-
// This handshake claims support for DHE + AES-128 and AES-256 either in CBC
170-
// or GCM mode, as well as SHA256 and SHA1 for signatures so it should work
171-
// with modern as well as older server configs.
169+
// This handshake claims support for (EC-)DHE + AES-128 or AES-256 + CBC
170+
// or GCM mode, and SHA256 or SHA1 for signatures, as well as some extensions
171+
// expected by modern server implementations. So it should work with both modern
172+
// and older server configs.
172173
static const char tls[] =
173174
"\x16" // Handshake (22)
174175
"\x03\x03" // TLS 1.2
175-
"\x00\x3f" // Length
176+
"\x00\x6c" // Length
176177
"\x01" // Client Hello (1)
177-
"\x00\x00\x3b" // Length
178+
"\x00\x00\x68" // Length
178179
"\x03\x03" // TLS 1.2
179180

180181
// Random
181182
"\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa"
182183
"\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa"
183184

184185
"\x00" // Session ID length
185-
"\x00\x08" // Cipher Suites length (= 8)
186-
"\x00\x9e\x00\x9f\x00\x33\x00\x39"
186+
"\x00\x18" // Cipher Suites length (= 24)
187+
"\xc0\x2b\xc0\x2c\xc0\x09\xc0\x0a" // ECDHE+ECDSA
188+
"\xc0\x2f\xc0\x30\xc0\x13\xc0\x14" // ECDHE+RSA
189+
"\x00\x9e\x00\x9f\x00\x33\x00\x39" // DHE+RSA
187190
"\x01\x00" // Null Compression
188-
"\x00\x0a" // Extensions length (= 10)
191+
"\x00\x1e" // Extensions length (= 30)
189192

190-
// Signature Algorithms
191-
"\x00\x0d\x00\x06\x00\x04\x04\x01\x02\x01"
193+
"\xff\x01" // Extension: renegotiation_info
194+
"\x00\x01\x00"
195+
196+
"\x00\x0a" // Extension: supported_groups
197+
"\x00\x06\x00\x04" // Length fields
198+
"\x00\x19\x00\x17"
199+
200+
"\x00\x0b" // Extension: ec_point_formats
201+
"\x00\x02\x01" // Length fields
202+
"\x00"
203+
204+
"\x00\x0d" // Extension: signature_algorithms
205+
"\x00\x0a\x00\x08" // Length fields
206+
"\x04\x01\x02\x01\x04\x03\x06\x03"
207+
208+
"\x00\x17" // Extension: extended_master_secret
209+
"\x00\x00"
192210
;
193211

194212
switch(port) {

0 commit comments

Comments
 (0)