diff --git a/scapy/layers/tls/automaton.py b/scapy/layers/tls/automaton.py
index b93f9afe14f4f388749c28328fdd10b1e5fcdf00..8bea21110e70c170077964cd91bfdcc82367612b 100644
--- a/scapy/layers/tls/automaton.py
+++ b/scapy/layers/tls/automaton.py
@@ -7,10 +7,10 @@
The _TLSAutomaton class provides methods common to both TLS client and server.
"""
-import logging
import struct
from scapy.automaton import Automaton
+from scapy.error import log_interactive
from scapy.packet import Raw
from scapy.layers.tls.basefields import _tls_type
from scapy.layers.tls.cert import Cert, PrivKey
@@ -219,5 +219,5 @@ class _TLSAutomaton(Automaton):
def vprint(self, s=""):
if self.verbose:
- logging.info("> %s" % s)
+ log_interactive.info("> %s" % s)
diff --git a/scapy/layers/tls/handshake.py b/scapy/layers/tls/handshake.py
index b6c4e21ec7a21c26536c32d9cb2f01e5b894f550..fb2a8adff2814697e012733c7527daaa90fed41d 100644
--- a/scapy/layers/tls/handshake.py
+++ b/scapy/layers/tls/handshake.py
@@ -11,10 +11,9 @@ mechanisms which are addressed with keyexchange.py.
"""
from __future__ import absolute_import
-import logging
import math
-from scapy.error import warning
+from scapy.error import log_runtime, warning
from scapy.fields import *
from scapy.packet import Packet, Raw, Padding
from scapy.utils import repr_hex
@@ -716,7 +715,7 @@ class TLSServerKeyExchange(_TLSHandshake):
"""
s = self.tls_session
if s.prcs and s.prcs.key_exchange.no_ske:
- logging.info("USELESS SERVER KEY EXCHANGE")
+ log_runtime.info("USELESS SERVER KEY EXCHANGE")
if (s.prcs and
not s.prcs.key_exchange.anonymous and
s.client_random and s.server_random and
@@ -724,7 +723,7 @@ class TLSServerKeyExchange(_TLSHandshake):
m = s.client_random + s.server_random + str(self.params)
sig_test = self.sig._verify_sig(m, s.server_certs[0])
if not sig_test:
- logging.info("INVALID SERVER KEY EXCHANGE SIGNATURE")
+ log_runtime.info("INVALID SERVER KEY EXCHANGE SIGNATURE")
###############################################################################
@@ -856,13 +855,13 @@ class TLSCertificateVerify(_TLSHandshake):
if s.client_certs and len(s.client_certs) > 0:
sig_test = self.sig._verify_sig(m, s.client_certs[0])
if not sig_test:
- logging.info("INVALID CERTIFICATE VERIFY SIGNATURE")
+ log_runtime.info("INVALID CERTIFICATE VERIFY SIGNATURE")
elif s.connection_end == "client":
# should be TLS 1.3 only
if s.server_certs and len(s.server_certs) > 0:
sig_test = self.sig._verify_sig(m, s.server_certs[0])
if not sig_test:
- logging.info("INVALID CERTIFICATE VERIFY SIGNATURE")
+ log_runtime.info("INVALID CERTIFICATE VERIFY SIGNATURE")
###############################################################################
@@ -965,12 +964,12 @@ class TLSFinished(_TLSHandshake):
verify_data = s.rcs.prf.compute_verify_data(con_end, "read",
handshake_msg, ms)
if self.vdata != verify_data:
- logging.info("INVALID TLS FINISHED RECEIVED")
+ log_runtime.info("INVALID TLS FINISHED RECEIVED")
elif s.tls_version >= 0x0304:
con_end = s.connection_end
verify_data = s.compute_tls13_verify_data(con_end, "read")
if self.vdata != verify_data:
- logging.info("INVALID TLS FINISHED RECEIVED")
+ log_runtime.info("INVALID TLS FINISHED RECEIVED")
def post_build_tls_session_update(self, msg_str):
self.tls_session_update(msg_str)
diff --git a/scapy/layers/tls/handshake_sslv2.py b/scapy/layers/tls/handshake_sslv2.py
index fd682593505d770d6e34b4a9c9a900a80aae785f..e9cb1354c02bd311951159fbac292de60aea74a6 100644
--- a/scapy/layers/tls/handshake_sslv2.py
+++ b/scapy/layers/tls/handshake_sslv2.py
@@ -6,10 +6,9 @@
SSLv2 handshake fields & logic.
"""
-import logging
import math
-from scapy.error import warning
+from scapy.error import log_runtime, warning
from scapy.fields import *
from scapy.packet import Packet, Raw, Padding
from scapy.layers.tls.cert import Cert, PrivKey, PubKey
@@ -401,7 +400,7 @@ class SSLv2ServerVerify(_SSLv2Handshake):
s = self.tls_session
if s.sslv2_challenge is not None:
if self.challenge != s.sslv2_challenge:
- logging.info("INVALID TLS SERVER VERIFY RECEIVED")
+ log_runtime.info("INVALID TLS SERVER VERIFY RECEIVED")
###############################################################################
@@ -477,7 +476,7 @@ class SSLv2ClientCertificate(_SSLv2Handshake):
s.server_certs[0].der)
sig_test = self.responsedata._verify_sig(m, s.client_certs[0])
if not sig_test:
- logging.info("INVALID CLIENT CERTIFICATE VERIFY SIGNATURE")
+ log_runtime.info("INVALID CLIENT CERTIFICATE VERIFY SIGNATURE")
def tls_session_update(self, msg_str):
super(SSLv2ClientCertificate, self).tls_session_update(msg_str)
@@ -508,7 +507,7 @@ class SSLv2ClientFinished(_SSLv2Handshake):
s = self.tls_session
if s.sslv2_connection_id is not None:
if self.connection_id != s.sslv2_connection_id:
- logging.info("INVALID TLS CLIENT FINISHED RECEIVED")
+ log_runtime.info("INVALID TLS CLIENT FINISHED RECEIVED")
class SSLv2ServerFinished(_SSLv2Handshake):
diff --git a/scapy/layers/tls/keyexchange_tls13.py b/scapy/layers/tls/keyexchange_tls13.py
index 27e790fe52d9b73f1d16e83def94bc729509ef2f..7b5c13a741ba53cee971aaedc82b88bedee7320a 100644
--- a/scapy/layers/tls/keyexchange_tls13.py
+++ b/scapy/layers/tls/keyexchange_tls13.py
@@ -6,11 +6,10 @@
TLS 1.3 key exchange logic.
"""
-import logging
import math
from scapy.config import conf, crypto_validator
-from scapy.error import warning
+from scapy.error import log_runtime, warning
from scapy.fields import *
from scapy.packet import Packet, Raw, Padding
from scapy.layers.tls.cert import PubKeyRSA, PrivKeyRSA
@@ -141,7 +140,7 @@ class TLS_Ext_KeyShare_CH(TLS_Ext_Unknown):
for kse in self.client_shares:
if kse.privkey:
if _tls_named_curves[kse.group] in privshares:
- logging.info("Group %s used twice in the same ClientHello!" % kse.group)
+ log_runtime.info("Group %s used twice in the same ClientHello!" % kse.group)
break
privshares[_tls_named_groups[kse.group]] = kse.privkey
return super(TLS_Ext_KeyShare_CH, self).post_build(pkt, pay)
@@ -152,7 +151,7 @@ class TLS_Ext_KeyShare_CH(TLS_Ext_Unknown):
if kse.pubkey:
pubshares = self.tls_session.tls13_client_pubshares
if _tls_named_curves[kse.group] in pubshares:
- logging.info("Group %s used twice in the same ClientHello!" % kse.group)
+ log_runtime.info("Group %s used twice in the same ClientHello!" % kse.group)
break
pubshares[_tls_named_curves[kse.group]] = kse.pubkey
return super(TLS_Ext_KeyShare_CH, self).post_dissection(r)
@@ -176,7 +175,7 @@ class TLS_Ext_KeyShare_SH(TLS_Ext_Unknown):
# if there is a privkey, we assume the crypto library is ok
privshare = self.tls_session.tls13_server_privshare
if len(privshare) > 0:
- logging.info("Server key share was already stored...?")
+ log_runtime.info("Server key share was already stored...?")
group_name = _tls_named_groups[self.server_share.group]
privshare[group_name] = self.server_share.privkey
@@ -198,7 +197,7 @@ class TLS_Ext_KeyShare_SH(TLS_Ext_Unknown):
# if there is a pubkey, we assume the crypto library is ok
pubshare = self.tls_session.tls13_server_pubshare
if len(pubshare) > 0:
- logging.info("Server key share was already stored...?")
+ log_runtime.info("Server key share was already stored...?")
group_name = _tls_named_groups[self.server_share.group]
pubshare[group_name] = self.server_share.pubkey
diff --git a/scapy/layers/tls/record.py b/scapy/layers/tls/record.py
index 76c7f65633222a6ff4309777301f2c0739a69997..caec4764e574b5b89e5cb2735fac091feae1e575 100644
--- a/scapy/layers/tls/record.py
+++ b/scapy/layers/tls/record.py
@@ -12,10 +12,10 @@ ApplicationData submessages. For the Handshake type, see tls_handshake.py.
See the TLS class documentation for more information.
"""
-import logging
import struct
from scapy.config import conf
+from scapy.error import log_runtime
from scapy.fields import *
from scapy.compat import *
from scapy.packet import *
@@ -303,7 +303,7 @@ class TLS(_GenericTLSSessionInheritance):
except CipherError as e:
return e.args
except AEADTagError as e:
- logging.info("INTEGRITY CHECK FAILED")
+ log_runtime.info("INTEGRITY CHECK FAILED")
return e.args
def _tls_decrypt(self, s):
@@ -424,7 +424,7 @@ class TLS(_GenericTLSSessionInheritance):
chdr = hdr[:3] + struct.pack('!H', len(cfrag))
is_mac_ok = self._tls_hmac_verify(chdr, cfrag, mac)
if not is_mac_ok:
- logging.info("INTEGRITY CHECK FAILED")
+ log_runtime.info("INTEGRITY CHECK FAILED")
elif cipher_type == 'stream':
# Decrypt
@@ -448,7 +448,7 @@ class TLS(_GenericTLSSessionInheritance):
chdr = hdr[:3] + struct.pack('!H', len(cfrag))
is_mac_ok = self._tls_hmac_verify(chdr, cfrag, mac)
if not is_mac_ok:
- logging.info("INTEGRITY CHECK FAILED")
+ log_runtime.info("INTEGRITY CHECK FAILED")
elif cipher_type == 'aead':
# Authenticated encryption
diff --git a/scapy/layers/tls/record_sslv2.py b/scapy/layers/tls/record_sslv2.py
index a8085bfc252a2e488998613bddd1a27f055510c3..4ad4d19f048cc8a4901a4b105b56cf10190f39bd 100644
--- a/scapy/layers/tls/record_sslv2.py
+++ b/scapy/layers/tls/record_sslv2.py
@@ -6,10 +6,10 @@
SSLv2 Record.
"""
-import logging
import struct
from scapy.config import conf
+from scapy.error import log_runtime
from scapy.fields import *
from scapy.packet import *
from scapy.layers.tls.session import _GenericTLSSessionInheritance
@@ -140,7 +140,7 @@ class SSLv2(TLS):
# Verify integrity
is_mac_ok = self._sslv2_mac_verify(cfrag + pad, mac)
if not is_mac_ok:
- logging.info("INTEGRITY CHECK FAILED")
+ log_runtime.info("INTEGRITY CHECK FAILED")
reconstructed_body = mac + cfrag + pad
return hdr + reconstructed_body + r
diff --git a/scapy/layers/tls/record_tls13.py b/scapy/layers/tls/record_tls13.py
index 28432bb6950aebbef333e4af6f8656391c3c3bfe..783e2a835cdaae8df878c946ac9440ef7710753a 100644
--- a/scapy/layers/tls/record_tls13.py
+++ b/scapy/layers/tls/record_tls13.py
@@ -11,10 +11,10 @@ ApplicationData submessages. For the Handshake type, see tls_handshake.py.
See the TLS class documentation for more information.
"""
-import logging
import struct
from scapy.config import conf
+from scapy.error import log_runtime
from scapy.fields import *
from scapy.packet import *
from scapy.layers.tls.session import _GenericTLSSessionInheritance
@@ -117,7 +117,7 @@ class TLS13(_GenericTLSSessionInheritance):
except CipherError as e:
return e.args
except AEADTagError as e:
- logging.info("INTEGRITY CHECK FAILED")
+ log_runtime.info("INTEGRITY CHECK FAILED")
return e.args
def pre_dissect(self, s):
diff --git a/scapy/layers/tls/session.py b/scapy/layers/tls/session.py
index de8d69f84289e0b7f78235523081ad5f59e76d4a..1156374140e91d9011fefc5f1cb7e967adeb315b 100644
--- a/scapy/layers/tls/session.py
+++ b/scapy/layers/tls/session.py
@@ -7,13 +7,12 @@
TLS session handler.
"""
-import logging
import random
import socket
import struct
from scapy.config import conf
-from scapy.error import warning
+from scapy.error import log_runtime, warning
from scapy.packet import Packet
from scapy.utils import repr_hex, strxor
from scapy.layers.tls.crypto.compression import Comp_NULL
@@ -109,7 +108,7 @@ class connState(object):
def debug_repr(self, name, secret):
if conf.debug_tls and secret:
- logging.debug("%s %s %s: %s" % (self.connection_end,
+ log_runtime.debug("%s %s %s: %s" % (self.connection_end,
self.row,
name,
repr_hex(secret)))
@@ -526,7 +525,7 @@ class tlsSession(object):
self.server_random)
self.master_secret = ms
if conf.debug_tls:
- logging.debug("master secret: %s" % repr_hex(ms))
+ log_runtime.debug("master secret: %s" % repr_hex(ms))
def compute_ms_and_derive_keys(self):
self.compute_master_secret()
@@ -554,8 +553,8 @@ class tlsSession(object):
2*self.pwcs.cipher.key_len)
self.sslv2_key_material = km
if conf.debug_tls:
- logging.debug("master secret: %s" % repr_hex(self.master_secret))
- logging.debug("key material: %s" % repr_hex(km))
+ log_runtime.debug("master secret: %s" % repr_hex(self.master_secret))
+ log_runtime.debug("key material: %s" % repr_hex(km))
def compute_sslv2_km_and_derive_keys(self):
self.compute_sslv2_key_material()
@@ -931,7 +930,7 @@ class _tls_sessions(object):
def add(self, session):
s = self.find(session)
if s:
- logging.info("TLS session already exists. Not adding...")
+ log_runtime.info("TLS session already exists. Not adding...")
return
h = session.hash()
@@ -943,7 +942,7 @@ class _tls_sessions(object):
def rem(self, session):
s = self.find(session)
if s:
- logging.info("TLS session does not exist. Not removing...")
+ log_runtime.info("TLS session does not exist. Not removing...")
return
h = session.hash()
@@ -955,10 +954,10 @@ class _tls_sessions(object):
for k in self.sessions[h]:
if k.eq(session):
if conf.tls_verbose:
- logging.info("Found Matching session %s" % k)
+ log_runtime.info("Found Matching session %s" % k)
return k
if conf.tls_verbose:
- logging.info("Did not find matching session %s" % session)
+ log_runtime.info("Did not find matching session %s" % session)
return None
def __repr__(self):