suricata
app-layer-ssl.c
Go to the documentation of this file.
1/* Copyright (C) 2007-2024 Open Information Security Foundation
2 *
3 * You can copy, redistribute or modify this Program under the terms of
4 * the GNU General Public License version 2 as published by the Free
5 * Software Foundation.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * version 2 along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15 * 02110-1301, USA.
16 */
17
18/**
19 * \file
20 *
21 * \author Anoop Saldanha <anoopsaldanha@gmail.com>
22 * \author Pierre Chifflier <pierre.chifflier@ssi.gouv.fr>
23 * \author Mats Klepsland <mats.klepsland@gmail.com>
24 *
25 */
26
27#include "suricata-common.h"
28#include "decode.h"
29
30#include "app-layer.h"
31#include "app-layer-detect-proto.h"
32#include "app-layer-protos.h"
33#include "app-layer-parser.h"
34#include "app-layer-frames.h"
35#include "app-layer-events.h"
36#include "app-layer-ssl.h"
37
38#include "conf.h"
39
40#include "feature.h"
41
42#include "util-debug.h"
43#include "util-ja3.h"
44#include "util-enum.h"
45#include "util-validate.h"
46
47static SCEnumCharMap tls_state_client_table[] = {
48 {
49 "client_in_progress",
50 TLS_STATE_CLIENT_IN_PROGRESS,
51 },
52 {
53 "client_hello_done",
54 TLS_STATE_CLIENT_HELLO_DONE,
55 },
56 {
57 "client_cert_done",
58 TLS_STATE_CLIENT_CERT_DONE,
59 },
60 {
61 "client_handshake_done",
62 TLS_STATE_CLIENT_HANDSHAKE_DONE,
63 },
64 {
65 "client_finished",
66 TLS_STATE_CLIENT_FINISHED,
67 },
68 { NULL, -1 },
69};
70
71static SCEnumCharMap tls_state_server_table[] = {
72 {
73 "server_in_progress",
74 TLS_STATE_SERVER_IN_PROGRESS,
75 },
76 {
77 "server_hello",
78 TLS_STATE_SERVER_HELLO,
79 },
80 {
81 "server_cert_done",
82 TLS_STATE_SERVER_CERT_DONE,
83 },
84 {
85 "server_hello_done",
86 TLS_STATE_SERVER_HELLO_DONE,
87 },
88 {
89 "server_handshake_done",
90 TLS_STATE_SERVER_HANDSHAKE_DONE,
91 },
92 {
93 "server_finished",
94 TLS_STATE_SERVER_FINISHED,
95 },
96 { NULL, -1 },
97};
98
99SCEnumCharMap tls_frame_table[] = {
100 {
101 "pdu",
102 TLS_FRAME_PDU,
103 },
104 {
105 "hdr",
106 TLS_FRAME_HDR,
107 },
108 {
109 "data",
110 TLS_FRAME_DATA,
111 },
112 {
113 "alert",
114 TLS_FRAME_ALERT_DATA,
115 },
116 {
117 "heartbeat",
118 TLS_FRAME_HB_DATA,
119 },
120 {
121 "ssl2.hdr",
122 TLS_FRAME_SSLV2_HDR,
123 },
124 {
125 "ssl2.pdu",
126 TLS_FRAME_SSLV2_PDU,
127 },
128 { NULL, -1 },
129};
130
131SCEnumCharMap tls_decoder_event_table[] = {
132 /* TLS protocol messages */
133 { "INVALID_SSLV2_HEADER", TLS_DECODER_EVENT_INVALID_SSLV2_HEADER },
134 { "INVALID_TLS_HEADER", TLS_DECODER_EVENT_INVALID_TLS_HEADER },
135 { "INVALID_RECORD_VERSION", TLS_DECODER_EVENT_INVALID_RECORD_VERSION },
136 { "INVALID_RECORD_TYPE", TLS_DECODER_EVENT_INVALID_RECORD_TYPE },
137 { "INVALID_RECORD_LENGTH", TLS_DECODER_EVENT_INVALID_RECORD_LENGTH },
138 { "INVALID_HANDSHAKE_MESSAGE", TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE },
139 { "HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_HEARTBEAT },
140 { "INVALID_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_INVALID_HEARTBEAT },
141 { "OVERFLOW_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT },
142 { "DATALEAK_HEARTBEAT_MISMATCH", TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH },
143 { "HANDSHAKE_INVALID_LENGTH", TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH },
144 { "MULTIPLE_SNI_EXTENSIONS", TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS },
145 { "INVALID_SNI_TYPE", TLS_DECODER_EVENT_INVALID_SNI_TYPE },
146 { "INVALID_SNI_LENGTH", TLS_DECODER_EVENT_INVALID_SNI_LENGTH },
147 { "TOO_MANY_RECORDS_IN_PACKET", TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET },
148 { "INVALID_ALERT_MESSAGE", TLS_DECODER_EVENT_INVALID_ALERT },
149 /* certificate decoding messages */
150 { "INVALID_CERTIFICATE", TLS_DECODER_EVENT_INVALID_CERTIFICATE },
151 { "CERTIFICATE_INVALID_LENGTH", TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH },
152 { "CERTIFICATE_INVALID_VERSION", TLS_DECODER_EVENT_CERTIFICATE_INVALID_VERSION },
153 { "CERTIFICATE_INVALID_SERIAL", TLS_DECODER_EVENT_CERTIFICATE_INVALID_SERIAL },
154 { "CERTIFICATE_INVALID_ALGORITHMIDENTIFIER",
155 TLS_DECODER_EVENT_CERTIFICATE_INVALID_ALGORITHMIDENTIFIER },
156 { "CERTIFICATE_INVALID_X509NAME", TLS_DECODER_EVENT_CERTIFICATE_INVALID_X509NAME },
157 { "CERTIFICATE_INVALID_DATE", TLS_DECODER_EVENT_CERTIFICATE_INVALID_DATE },
158 { "CERTIFICATE_INVALID_EXTENSIONS", TLS_DECODER_EVENT_CERTIFICATE_INVALID_EXTENSIONS },
159 { "CERTIFICATE_INVALID_DER", TLS_DECODER_EVENT_CERTIFICATE_INVALID_DER },
160 { "CERTIFICATE_INVALID_SUBJECT", TLS_DECODER_EVENT_CERTIFICATE_INVALID_SUBJECT },
161 { "CERTIFICATE_INVALID_ISSUER", TLS_DECODER_EVENT_CERTIFICATE_INVALID_ISSUER },
162 { "CERTIFICATE_INVALID_VALIDITY", TLS_DECODER_EVENT_CERTIFICATE_INVALID_VALIDITY },
163 { "ERROR_MESSAGE_ENCOUNTERED", TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED },
164 /* used as a generic error event */
165 { "INVALID_SSL_RECORD", TLS_DECODER_EVENT_INVALID_SSL_RECORD },
166 { NULL, -1 },
167};
168
169enum {
170 /* X.509 error codes, returned by decoder
171 * THESE CONSTANTS MUST MATCH rust/src/x509/mod.rs ! */
172 ERR_INVALID_CERTIFICATE=1,
173 ERR_INVALID_LENGTH,
174 ERR_INVALID_VERSION,
175 ERR_INVALID_SERIAL,
176 ERR_INVALID_ALGORITHMIDENTIFIER,
177 ERR_INVALID_X509NAME,
178 ERR_INVALID_DATE,
179 ERR_INVALID_EXTENSIONS,
180 ERR_INVALID_DER,
181
182 /* error getting data */
183 ERR_EXTRACT_SUBJECT,
184 ERR_EXTRACT_ISSUER,
185 ERR_EXTRACT_VALIDITY,
186};
187
188/* JA3 and JA4 fingerprints are disabled by default */
189#define SSL_CONFIG_DEFAULT_JA3 0
190#ifdef HAVE_JA4
191#define SSL_CONFIG_DEFAULT_JA4 0
192#endif
193
194enum SslConfigEncryptHandling {
195 SSL_CNF_ENC_HANDLE_TRACK_ONLY = 0, /**< disable raw content, continue tracking */
196 SSL_CNF_ENC_HANDLE_BYPASS = 1, /**< skip processing of flow, bypass if possible */
197 SSL_CNF_ENC_HANDLE_FULL = 2, /**< handle fully like any other proto */
198};
199
200typedef struct SslConfig_ {
201 enum SslConfigEncryptHandling encrypt_mode;
202 /** dynamic setting for ja3 and ja4: can be enabled on demand if not
203 * explicitly disabled. */
204 SC_ATOMIC_DECLARE(int, enable_ja3);
205 bool disable_ja3; /**< ja3 explicitly disabled. Don't enable on demand. */
206 SC_ATOMIC_DECLARE(int, enable_ja4);
207 bool disable_ja4; /**< ja4 explicitly disabled. Don't enable on demand. */
208} SslConfig;
209
210SslConfig ssl_config;
211
212/* SSLv3 record types */
213#define SSLV3_CHANGE_CIPHER_SPEC 20
214#define SSLV3_ALERT_PROTOCOL 21
215#define SSLV3_HANDSHAKE_PROTOCOL 22
216#define SSLV3_APPLICATION_PROTOCOL 23
217#define SSLV3_HEARTBEAT_PROTOCOL 24
218
219/* SSLv3 handshake protocol types */
220#define SSLV3_HS_HELLO_REQUEST 0
221#define SSLV3_HS_CLIENT_HELLO 1
222#define SSLV3_HS_SERVER_HELLO 2
223#define SSLV3_HS_NEW_SESSION_TICKET 4
224#define SSLV3_HS_CERTIFICATE 11
225#define SSLV3_HS_SERVER_KEY_EXCHANGE 12
226#define SSLV3_HS_CERTIFICATE_REQUEST 13
227#define SSLV3_HS_SERVER_HELLO_DONE 14
228#define SSLV3_HS_CERTIFICATE_VERIFY 15
229#define SSLV3_HS_CLIENT_KEY_EXCHANGE 16
230#define SSLV3_HS_FINISHED 20
231#define SSLV3_HS_CERTIFICATE_URL 21
232#define SSLV3_HS_CERTIFICATE_STATUS 22
233
234/* SSLv2 protocol message types */
235#define SSLV2_MT_ERROR 0
236#define SSLV2_MT_CLIENT_HELLO 1
237#define SSLV2_MT_CLIENT_MASTER_KEY 2
238#define SSLV2_MT_CLIENT_FINISHED 3
239#define SSLV2_MT_SERVER_HELLO 4
240#define SSLV2_MT_SERVER_VERIFY 5
241#define SSLV2_MT_SERVER_FINISHED 6
242#define SSLV2_MT_REQUEST_CERTIFICATE 7
243#define SSLV2_MT_CLIENT_CERTIFICATE 8
244
245#define SSLV3_RECORD_HDR_LEN 5
246/** max length according to RFC 5246 6.2.2 is 2^14 + 1024 */
247#define SSLV3_RECORD_MAX_LEN ((1 << 14) + 1024)
248
249#define SSLV3_CLIENT_HELLO_VERSION_LEN 2
250#define SSLV3_CLIENT_HELLO_RANDOM_LEN 32
251
252/* TLS heartbeat protocol types */
253#define TLS_HB_REQUEST 1
254#define TLS_HB_RESPONSE 2
255
256#define SSL_RECORD_MINIMUM_LENGTH 6
257
258#define SHA1_STRING_LENGTH 60
259
260#define HAS_SPACE(n) ((uint64_t)(input - initial_input) + (uint64_t)(n) <= (uint64_t)(input_len))
261
262struct SSLDecoderResult {
263 int retval; // nr bytes consumed from input, or < 0 on error
264 uint32_t needed; // more bytes needed
265};
266#define SSL_DECODER_ERROR(e) \
267 (struct SSLDecoderResult) \
268 { \
269 (e), 0 \
270 }
271#define SSL_DECODER_OK(c) \
272 (struct SSLDecoderResult) \
273 { \
274 (uint32_t)(c), 0 \
275 }
276#define SSL_DECODER_INCOMPLETE(c, n) \
277 (struct SSLDecoderResult) \
278 { \
279 (uint32_t)(c), (n) \
280 }
281
282static inline int SafeMemcpy(void *dst, size_t dst_offset, size_t dst_size,
283 const void *src, size_t src_offset, size_t src_size, size_t src_tocopy) WARN_UNUSED;
284
285static inline int SafeMemcpy(void *dst, size_t dst_offset, size_t dst_size,
286 const void *src, size_t src_offset, size_t src_size, size_t src_tocopy)
287{
288 DEBUG_VALIDATE_BUG_ON(dst_offset >= dst_size);
289 DEBUG_VALIDATE_BUG_ON(src_offset >= src_size);
290 DEBUG_VALIDATE_BUG_ON(src_tocopy > (src_size - src_offset));
291 DEBUG_VALIDATE_BUG_ON(src_tocopy > (dst_size - dst_offset));
292
293 if (dst_offset < dst_size && src_offset < src_size &&
294 src_tocopy <= (src_size - src_offset) &&
295 src_tocopy <= (dst_size - dst_offset)) {
296 memcpy(dst + dst_offset, src + src_offset, src_tocopy);
297 return 0;
298 }
299 return -1;
300}
301
302#ifdef DEBUG_VALIDATION
303#define ValidateRecordState(connp) \
304 do { \
305 DEBUG_VALIDATE_BUG_ON(((connp)->record_length + SSLV3_RECORD_HDR_LEN) < \
306 (connp)->bytes_processed); \
307 } while(0);
308#else
309#define ValidateRecordState(...)
310#endif
311
312#define SSLParserHSReset(connp) \
313 do { \
314 (connp)->handshake_type = 0; \
315 (connp)->message_length = 0; \
316 } while (0)
317
318#define SSLParserReset(state) \
319 do { \
320 SCLogDebug("resetting state"); \
321 (state)->curr_connp->bytes_processed = 0; \
322 SSLParserHSReset((state)->curr_connp); \
323 } while(0)
324
325#define SSLSetEvent(ssl_state, event) \
326 do { \
327 SCLogDebug("setting event %u", (event)); \
328 if ((ssl_state) == NULL) { \
329 SCLogDebug("could not set decoder event %u", event); \
330 } else { \
331 AppLayerDecoderEventsSetEventRaw(&(ssl_state)->tx_data.events, (event)); \
332 (ssl_state)->events++; \
333 } \
334 } while (0)
335
336static void SSLStateCertSANFree(SSLStateConnp *connp);
337
338static void *SSLGetTx(void *state, uint64_t tx_id)
339{
340 SSLState *ssl_state = (SSLState *)state;
341 return ssl_state;
342}
343
344static uint64_t SSLGetTxCnt(void *state)
345{
346 /* single tx */
347 return 1;
348}
349
350static void UpdateClientState(SSLState *ssl_state, enum TlsStateClient s)
351{
352#ifdef DEBUG
353 enum TlsStateClient old = ssl_state->client_state;
354#endif
355 ssl_state->client_state = s;
356#ifdef DEBUG
357 SCLogDebug("toserver: state updated to %u from %u", s, old);
358#endif
359}
360
361static void UpdateServerState(SSLState *ssl_state, enum TlsStateServer s)
362{
363#ifdef DEBUG
364 enum TlsStateServer old = ssl_state->server_state;
365#endif
366 ssl_state->server_state = s;
367#ifdef DEBUG
368 SCLogDebug("toclient: state updated to %u from %u", s, old);
369#endif
370}
371
372static int SSLGetAlstateProgress(void *tx, uint8_t direction)
373{
374 SSLState *ssl_state = (SSLState *)tx;
375 if (direction & STREAM_TOCLIENT) {
376 return ssl_state->server_state;
377 } else {
378 return ssl_state->client_state;
379 }
380}
381
382static AppLayerTxData *SSLGetTxData(void *vtx)
383{
384 SSLState *ssl_state = (SSLState *)vtx;
385 return &ssl_state->tx_data;
386}
387
388static AppLayerStateData *SSLGetStateData(void *vstate)
389{
390 SSLState *ssl_state = (SSLState *)vstate;
391 return &ssl_state->state_data;
392}
393
394static void TlsDecodeHSCertificateErrSetEvent(SSLState *ssl_state, uint32_t err)
395{
396 switch(err) {
397 case ERR_EXTRACT_VALIDITY:
398 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_CERTIFICATE_INVALID_VALIDITY);
399 break;
400 case ERR_EXTRACT_ISSUER:
401 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_CERTIFICATE_INVALID_ISSUER);
402 break;
403 case ERR_EXTRACT_SUBJECT:
404 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_CERTIFICATE_INVALID_SUBJECT);
405 break;
406 case ERR_INVALID_DER:
407 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_CERTIFICATE_INVALID_DER);
408 break;
409 case ERR_INVALID_EXTENSIONS:
410 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_CERTIFICATE_INVALID_EXTENSIONS);
411 break;
412 case ERR_INVALID_DATE:
413 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_CERTIFICATE_INVALID_DATE);
414 break;
415 case ERR_INVALID_X509NAME:
416 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_CERTIFICATE_INVALID_X509NAME);
417 break;
418 case ERR_INVALID_ALGORITHMIDENTIFIER:
419 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_CERTIFICATE_INVALID_ALGORITHMIDENTIFIER);
420 break;
421 case ERR_INVALID_SERIAL:
422 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_CERTIFICATE_INVALID_SERIAL);
423 break;
424 case ERR_INVALID_VERSION:
425 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_CERTIFICATE_INVALID_VERSION);
426 break;
427 case ERR_INVALID_LENGTH:
428 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH);
429 break;
430 case ERR_INVALID_CERTIFICATE:
431 default:
432 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_CERTIFICATE);
433 break;
434 }
435}
436
437static inline int TlsDecodeHSCertificateFingerprint(
438 SSLStateConnp *connp, const uint8_t *input, uint32_t cert_len)
439{
440 if (unlikely(connp->cert0_fingerprint != NULL))
441 return 0;
442
443 connp->cert0_fingerprint = SCCalloc(1, SHA1_STRING_LENGTH);
444 if (connp->cert0_fingerprint == NULL)
445 return -1;
446
447 uint8_t hash[SC_SHA1_LEN];
448 if (SCSha1HashBuffer(input, cert_len, hash, sizeof(hash)) == 1) {
449 SCToHex_sep(
450 (uint8_t *)connp->cert0_fingerprint, SHA1_STRING_LENGTH, ':', hash, SC_SHA1_LEN);
451 }
452 return 0;
453}
454
455static inline int TlsDecodeHSCertificateAddCertToChain(
456 SSLStateConnp *connp, const uint8_t *input, uint32_t cert_len)
457{
458 SSLCertsChain *cert = SCCalloc(1, sizeof(SSLCertsChain));
459 if (cert == NULL)
460 return -1;
461
462 cert->cert_data = (uint8_t *)input;
463 cert->cert_len = cert_len;
464 TAILQ_INSERT_TAIL(&connp->certs, cert, next);
465
466 return 0;
467}
468
469static int TlsDecodeHSCertificate(SSLState *ssl_state, SSLStateConnp *connp,
470 const uint8_t *const initial_input, const uint32_t input_len, const int certn)
471{
472 const uint8_t *input = (uint8_t *)initial_input;
473 uint32_t err_code = 0;
474 X509 *x509 = NULL;
475 int rc = 0;
476
477 if (!(HAS_SPACE(3)))
478 goto invalid_cert;
479
480 uint32_t cert_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
481 input += 3;
482
483 if (!(HAS_SPACE(cert_len)))
484 goto invalid_cert;
485
486 /* only store fields from the first certificate in the chain */
487 if (certn == 0 && connp->cert0_subject == NULL && connp->cert0_issuerdn == NULL &&
488 connp->cert0_serial == NULL) {
489 x509 = SCX509Decode(input, cert_len, &err_code);
490 if (x509 == NULL) {
491 TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
492 goto next;
493 }
494
495 char *str = SCX509GetSubject(x509);
496 if (str == NULL) {
497 err_code = ERR_EXTRACT_SUBJECT;
498 goto error;
499 }
500 connp->cert0_subject = str;
501
502 str = SCX509GetIssuer(x509);
503 if (str == NULL) {
504 err_code = ERR_EXTRACT_ISSUER;
505 goto error;
506 }
507 connp->cert0_issuerdn = str;
508
509 connp->cert0_sans_len = SCX509GetSubjectAltNameLen(x509);
510 char **sans = SCCalloc(connp->cert0_sans_len, sizeof(char *));
511 if (sans == NULL) {
512 goto error;
513 }
514 for (uint16_t i = 0; i < connp->cert0_sans_len; i++) {
515 sans[i] = SCX509GetSubjectAltNameAt(x509, i);
516 }
517 connp->cert0_sans = sans;
518 str = SCX509GetSerial(x509);
519 if (str == NULL) {
520 err_code = ERR_INVALID_SERIAL;
521 goto error;
522 }
523 connp->cert0_serial = str;
524
525 rc = SCX509GetValidity(x509, &connp->cert0_not_before, &connp->cert0_not_after);
526 if (rc != 0) {
527 err_code = ERR_EXTRACT_VALIDITY;
528 goto error;
529 }
530
531 SCX509Free(x509);
532 x509 = NULL;
533
534 rc = TlsDecodeHSCertificateFingerprint(connp, input, cert_len);
535 if (rc != 0) {
536 SCLogDebug("TlsDecodeHSCertificateFingerprint failed with %d", rc);
537 goto error;
538 }
539 }
540
541 rc = TlsDecodeHSCertificateAddCertToChain(connp, input, cert_len);
542 if (rc != 0) {
543 SCLogDebug("TlsDecodeHSCertificateAddCertToChain failed with %d", rc);
544 goto error;
545 }
546
547next:
548 input += cert_len;
549 return (int)(input - initial_input);
550
551error:
552 if (err_code != 0)
553 TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
554 if (x509 != NULL)
555 SCX509Free(x509);
556
557 SSLStateCertSANFree(connp);
558 return -1;
559
560invalid_cert:
561 SCLogDebug("TLS invalid certificate");
562 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_CERTIFICATE);
563 return -1;
564}
565
566/** \internal
567 * \brief parse cert data in a certificate handshake message
568 * will be called with all data.
569 * \retval consumed bytes consumed or -1 on error
570 */
571static int TlsDecodeHSCertificates(SSLState *ssl_state, SSLStateConnp *connp,
572 const uint8_t *const initial_input, const uint32_t input_len)
573{
574 const uint8_t *input = (uint8_t *)initial_input;
575
576 if (!(HAS_SPACE(3)))
577 return -1;
578
579 const uint32_t cert_chain_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
580 input += 3;
581
582 if (!(HAS_SPACE(cert_chain_len)))
583 return -1;
584
585 if (connp->certs_buffer != NULL) {
586 // TODO should we set an event here?
587 return -1;
588 }
589
590 connp->certs_buffer = SCCalloc(1, cert_chain_len);
591 if (connp->certs_buffer == NULL) {
592 return -1;
593 }
594 connp->certs_buffer_size = cert_chain_len;
595 memcpy(connp->certs_buffer, input, cert_chain_len);
596
597 int cert_cnt = 0;
598 uint32_t processed_len = 0;
599 /* coverity[tainted_data] */
600 while (processed_len < cert_chain_len) {
601 int rc = TlsDecodeHSCertificate(ssl_state, connp, connp->certs_buffer + processed_len,
602 connp->certs_buffer_size - processed_len, cert_cnt);
603 if (rc <= 0) { // 0 should be impossible, but lets be defensive
604 return -1;
605 }
606 DEBUG_VALIDATE_BUG_ON(processed_len + (uint32_t)rc > cert_chain_len);
607 if (processed_len + (uint32_t)rc > cert_chain_len) {
608 return -1;
609 }
610
611 processed_len += (uint32_t)rc;
612 }
613
614 return processed_len + 3;
615}
616
617/**
618 * \inline
619 * \brief Check if value is GREASE.
620 *
621 * http://tools.ietf.org/html/draft-davidben-tls-grease-00
622 *
623 * \param value Value to check.
624 *
625 * \retval 1 if is GREASE.
626 * \retval 0 if not is GREASE.
627 */
628static inline int TLSDecodeValueIsGREASE(const uint16_t value)
629{
630 switch (value)
631 {
632 case 0x0a0a:
633 case 0x1a1a:
634 case 0x2a2a:
635 case 0x3a3a:
636 case 0x4a4a:
637 case 0x5a5a:
638 case 0x6a6a:
639 case 0x7a7a:
640 case 0x8a8a:
641 case 0x9a9a:
642 case 0xaaaa:
643 case 0xbaba:
644 case 0xcaca:
645 case 0xdada:
646 case 0xeaea:
647 case 0xfafa:
648 return 1;
649 default:
650 return 0;
651 }
652}
653
654static inline int TLSDecodeHSHelloVersion(SSLState *ssl_state,
655 const uint8_t * const initial_input,
656 const uint32_t input_len)
657{
658 uint8_t *input = (uint8_t *)initial_input;
659
660 if (!(HAS_SPACE(SSLV3_CLIENT_HELLO_VERSION_LEN))) {
661 SCLogDebug("TLS handshake invalid length");
662 SSLSetEvent(ssl_state,
663 TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
664 return -1;
665 }
666
667 uint16_t version = (uint16_t)(*input << 8) | *(input + 1);
668 ssl_state->curr_connp->version = version;
669
670 if (ssl_state->current_flags &
671 (SSL_AL_FLAG_STATE_CLIENT_HELLO | SSL_AL_FLAG_STATE_SERVER_HELLO)) {
672 SCTLSHandshakeSetTLSVersion(ssl_state->curr_connp->hs, version);
673 }
674
675 /* TLSv1.3 draft1 to draft21 use the version field as earlier TLS
676 versions, instead of using the supported versions extension. */
677 if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) &&
678 ((ssl_state->curr_connp->version == TLS_VERSION_13) ||
679 (((ssl_state->curr_connp->version >> 8) & 0xff) == 0x7f))) {
680 ssl_state->flags |= SSL_AL_FLAG_LOG_WITHOUT_CERT;
681 }
682
683 /* Catch some early TLSv1.3 draft implementations that does not conform
684 to the draft version. */
685 if ((ssl_state->curr_connp->version >= 0x7f01) &&
686 (ssl_state->curr_connp->version < 0x7f10)) {
687 ssl_state->curr_connp->version = TLS_VERSION_13_PRE_DRAFT16;
688 }
689
690 /* TLSv1.3 drafts from draft1 to draft15 use 0x0304 (TLSv1.3) as the
691 version number, which makes it hard to accurately pinpoint the
692 exact draft version. */
693 else if (ssl_state->curr_connp->version == TLS_VERSION_13) {
694 ssl_state->curr_connp->version = TLS_VERSION_13_PRE_DRAFT16;
695 }
696
697 if (SC_ATOMIC_GET(ssl_config.enable_ja3) && ssl_state->curr_connp->ja3_str == NULL) {
698 ssl_state->curr_connp->ja3_str = Ja3BufferInit();
699 if (ssl_state->curr_connp->ja3_str == NULL)
700 return -1;
701
702 int rc = Ja3BufferAddValue(&ssl_state->curr_connp->ja3_str, version);
703 if (rc != 0)
704 return -1;
705 }
706
707 input += SSLV3_CLIENT_HELLO_VERSION_LEN;
708
709 return (int)(input - initial_input);
710}
711
712static inline int TLSDecodeHSHelloRandom(SSLState *ssl_state,
713 const uint8_t * const initial_input,
714 const uint32_t input_len)
715{
716 uint8_t *input = (uint8_t *)initial_input;
717
718 if (!(HAS_SPACE(SSLV3_CLIENT_HELLO_RANDOM_LEN))) {
719 SCLogDebug("TLS handshake invalid length");
720 SSLSetEvent(ssl_state,
721 TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
722 return -1;
723 }
724
725 if (ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) {
726 memcpy(ssl_state->server_connp.random, input, TLS_RANDOM_LEN);
727 ssl_state->flags |= TLS_TS_RANDOM_SET;
728 } else if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
729 memcpy(ssl_state->client_connp.random, input, TLS_RANDOM_LEN);
730 ssl_state->flags |= TLS_TC_RANDOM_SET;
731 }
732
733 /* Skip random */
734 input += SSLV3_CLIENT_HELLO_RANDOM_LEN;
735
736 return (int)(input - initial_input);
737}
738
739static inline int TLSDecodeHSHelloSessionID(SSLState *ssl_state,
740 const uint8_t * const initial_input,
741 const uint32_t input_len)
742{
743 uint8_t *input = (uint8_t *)initial_input;
744
745 if (!(HAS_SPACE(1)))
746 goto invalid_length;
747
748 uint8_t session_id_length = *input;
749 input += 1;
750
751 if (!(HAS_SPACE(session_id_length)))
752 goto invalid_length;
753
754 if (session_id_length != 0 && ssl_state->curr_connp->session_id == NULL) {
755 ssl_state->curr_connp->session_id = SCMalloc(session_id_length);
756
757 if (unlikely(ssl_state->curr_connp->session_id == NULL)) {
758 return -1;
759 }
760
761 if (SafeMemcpy(ssl_state->curr_connp->session_id, 0, session_id_length,
762 input, 0, input_len, session_id_length) != 0) {
763 return -1;
764 }
765 ssl_state->curr_connp->session_id_length = session_id_length;
766
767 if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) &&
768 ssl_state->client_connp.session_id != NULL &&
769 ssl_state->server_connp.session_id != NULL) {
770 if ((ssl_state->client_connp.session_id_length ==
771 ssl_state->server_connp.session_id_length) &&
772 (memcmp(ssl_state->server_connp.session_id,
773 ssl_state->client_connp.session_id, session_id_length) == 0)) {
774 ssl_state->flags |= SSL_AL_FLAG_SESSION_RESUMED;
775 }
776 }
777 }
778
779 input += session_id_length;
780
781 return (int)(input - initial_input);
782
783invalid_length:
784 SCLogDebug("TLS handshake invalid length");
785 SSLSetEvent(ssl_state,
786 TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
787 return -1;
788}
789
790static inline int TLSDecodeHSHelloCipherSuites(SSLState *ssl_state,
791 const uint8_t * const initial_input,
792 const uint32_t input_len)
793{
794 const uint8_t *input = initial_input;
795
796 if (!(HAS_SPACE(2)))
797 goto invalid_length;
798
799 uint16_t cipher_suites_length;
800
801 if (ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) {
802 cipher_suites_length = 2;
803 } else if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
804 cipher_suites_length = (uint16_t)(*input << 8) | *(input + 1);
805 input += 2;
806 } else {
807 return -1;
808 }
809
810 if (!(HAS_SPACE(cipher_suites_length)))
811 goto invalid_length;
812
813 /* Cipher suites length should always be divisible by 2 */
814 if ((cipher_suites_length % 2) != 0) {
815 goto invalid_length;
816 }
817
818 const bool enable_ja3 =
819 SC_ATOMIC_GET(ssl_config.enable_ja3) && ssl_state->curr_connp->ja3_hash == NULL;
820
821 JA3Buffer *ja3_cipher_suites = NULL;
822
823 if (enable_ja3) {
824 ja3_cipher_suites = Ja3BufferInit();
825 if (ja3_cipher_suites == NULL)
826 return -1;
827 }
828
829 uint16_t processed_len = 0;
830 /* coverity[tainted_data] */
831 while (processed_len < cipher_suites_length) {
832 if (!(HAS_SPACE(2))) {
833 if (enable_ja3) {
834 Ja3BufferFree(&ja3_cipher_suites);
835 }
836 goto invalid_length;
837 }
838
839 uint16_t cipher_suite = (uint16_t)(*input << 8) | *(input + 1);
840 input += 2;
841
842 if (TLSDecodeValueIsGREASE(cipher_suite) != 1) {
843 if (ssl_state->current_flags &
844 (SSL_AL_FLAG_STATE_CLIENT_HELLO | SSL_AL_FLAG_STATE_SERVER_HELLO)) {
845 SCTLSHandshakeAddCipher(ssl_state->curr_connp->hs, cipher_suite);
846 }
847 if (enable_ja3) {
848 int rc = Ja3BufferAddValue(&ja3_cipher_suites, cipher_suite);
849 if (rc != 0) {
850 return -1;
851 }
852 }
853 }
854 processed_len += 2;
855 }
856
857 if (enable_ja3) {
858 int rc = Ja3BufferAppendBuffer(&ssl_state->curr_connp->ja3_str, &ja3_cipher_suites);
859 if (rc == -1) {
860 return -1;
861 }
862 }
863
864 return (int)(input - initial_input);
865
866invalid_length:
867 SCLogDebug("TLS handshake invalid length");
868 SSLSetEvent(ssl_state,
869 TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
870 return -1;
871}
872
873static inline int TLSDecodeHSHelloCompressionMethods(SSLState *ssl_state,
874 const uint8_t * const initial_input,
875 const uint32_t input_len)
876{
877 const uint8_t *input = initial_input;
878
879 if (!(HAS_SPACE(1)))
880 goto invalid_length;
881
882 /* Skip compression methods */
883 if (ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) {
884 input += 1;
885 } else {
886 uint8_t compression_methods_length = *input;
887 input += 1;
888
889 if (!(HAS_SPACE(compression_methods_length)))
890 goto invalid_length;
891
892 input += compression_methods_length;
893 }
894
895 return (int)(input - initial_input);
896
897invalid_length:
898 SCLogDebug("TLS handshake invalid_length");
899 SSLSetEvent(ssl_state,
900 TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
901 return -1;
902}
903
904static inline int TLSDecodeHSHelloExtensionSni(SSLState *ssl_state,
905 const uint8_t * const initial_input,
906 const uint32_t input_len)
907{
908 uint8_t *input = (uint8_t *)initial_input;
909
910 /* Empty extension */
911 if (input_len == 0)
912 return 0;
913
914 if (!(HAS_SPACE(2)))
915 goto invalid_length;
916
917 /* Skip sni_list_length */
918 input += 2;
919
920 if (!(HAS_SPACE(1)))
921 goto invalid_length;
922
923 uint8_t sni_type = *input;
924 input += 1;
925
926 /* Currently the only type allowed is host_name
927 (RFC6066 section 3). */
928 if (sni_type != SSL_SNI_TYPE_HOST_NAME) {
929 SCLogDebug("Unknown SNI type");
930 SSLSetEvent(ssl_state,
931 TLS_DECODER_EVENT_INVALID_SNI_TYPE);
932 return -1;
933 }
934
935 if (!(HAS_SPACE(2)))
936 goto invalid_length;
937
938 uint16_t sni_len = (uint16_t)(*input << 8) | *(input + 1);
939 input += 2;
940
941 /* host_name contains the fully qualified domain name,
942 and should therefore be limited by the maximum domain
943 name length. */
944 if (!(HAS_SPACE(sni_len)) || sni_len > 255 || sni_len == 0) {
945 SSLSetEvent(ssl_state,
946 TLS_DECODER_EVENT_INVALID_SNI_LENGTH);
947 return -1;
948 }
949
950 /* There must not be more than one extension of the same
951 type (RFC5246 section 7.4.1.4). */
952 if (ssl_state->curr_connp->sni) {
953 SCLogDebug("Multiple SNI extensions");
954 SSLSetEvent(ssl_state,
955 TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS);
956 input += sni_len;
957 return (int)(input - initial_input);
958 }
959
960 const size_t sni_strlen = sni_len + 1;
961 ssl_state->curr_connp->sni = SCMalloc(sni_strlen);
962 if (unlikely(ssl_state->curr_connp->sni == NULL))
963 return -1;
964
965 const size_t consumed = input - initial_input;
966 if (SafeMemcpy(ssl_state->curr_connp->sni, 0, sni_strlen,
967 initial_input, consumed, input_len, sni_len) != 0) {
968 SCFree(ssl_state->curr_connp->sni);
969 ssl_state->curr_connp->sni = NULL;
970 return -1;
971 }
972 ssl_state->curr_connp->sni[sni_strlen-1] = 0;
973
974 input += sni_len;
975
976 return (int)(input - initial_input);
977
978invalid_length:
979 SCLogDebug("TLS handshake invalid length");
980 SSLSetEvent(ssl_state,
981 TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
982
983
984 return -1;
985}
986
987static inline int TLSDecodeHSHelloExtensionSupportedVersions(SSLState *ssl_state,
988 const uint8_t * const initial_input,
989 const uint32_t input_len)
990{
991 const uint8_t *input = initial_input;
992
993 /* Empty extension */
994 if (input_len == 0)
995 return 0;
996
997 if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
998 if (!(HAS_SPACE(1)))
999 goto invalid_length;
1000
1001 uint8_t supported_ver_len = *input;
1002 input += 1;
1003
1004 if (supported_ver_len < 2)
1005 goto invalid_length;
1006
1007 if (!(HAS_SPACE(supported_ver_len)))
1008 goto invalid_length;
1009
1010 /* Use the first (and preferred) valid version as client version,
1011 * skip over GREASE and other possible noise. */
1012 uint16_t i = 0;
1013 while (i + 1 < (uint16_t)supported_ver_len) {
1014 uint16_t ver = (uint16_t)(input[i] << 8) | input[i + 1];
1015 if (TLSVersionValid(ver)) {
1016 ssl_state->curr_connp->version = ver;
1017 SCTLSHandshakeSetTLSVersion(ssl_state->curr_connp->hs, ver);
1018 break;
1019 }
1020 i += 2;
1021 }
1022
1023 /* Set a flag to indicate that we have seen this extension */
1024 ssl_state->flags |= SSL_AL_FLAG_CH_VERSION_EXTENSION;
1025
1026 input += supported_ver_len;
1027 }
1028 else if (ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) {
1029 if (!(HAS_SPACE(2)))
1030 goto invalid_length;
1031
1032 uint16_t ver = (uint16_t)(*input << 8) | *(input + 1);
1033
1034 if ((ssl_state->flags & SSL_AL_FLAG_CH_VERSION_EXTENSION) &&
1035 (ver > TLS_VERSION_12)) {
1036 ssl_state->flags |= SSL_AL_FLAG_LOG_WITHOUT_CERT;
1037 }
1038
1039 ssl_state->curr_connp->version = ver;
1040 input += 2;
1041 }
1042
1043 return (int)(input - initial_input);
1044
1045invalid_length:
1046 SCLogDebug("TLS handshake invalid length");
1047 SSLSetEvent(ssl_state,
1048 TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
1049
1050 return -1;
1051}
1052
1053static inline int TLSDecodeHSHelloExtensionEllipticCurves(SSLState *ssl_state,
1054 const uint8_t * const initial_input,
1055 const uint32_t input_len,
1056 JA3Buffer *ja3_elliptic_curves)
1057{
1058 const uint8_t *input = initial_input;
1059
1060 /* Empty extension */
1061 if (input_len == 0)
1062 return 0;
1063
1064 if (!(HAS_SPACE(2)))
1065 goto invalid_length;
1066
1067 uint16_t elliptic_curves_len = (uint16_t)(*input << 8) | *(input + 1);
1068 input += 2;
1069
1070 if (!(HAS_SPACE(elliptic_curves_len)))
1071 goto invalid_length;
1072
1073 if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) && ja3_elliptic_curves) {
1074 uint16_t ec_processed_len = 0;
1075 /* coverity[tainted_data] */
1076 while (ec_processed_len < elliptic_curves_len)
1077 {
1078 if (!(HAS_SPACE(2)))
1079 goto invalid_length;
1080
1081 uint16_t elliptic_curve = (uint16_t)(*input << 8) | *(input + 1);
1082 input += 2;
1083
1084 if (TLSDecodeValueIsGREASE(elliptic_curve) != 1) {
1085 int rc = Ja3BufferAddValue(&ja3_elliptic_curves,
1086 elliptic_curve);
1087 if (rc != 0)
1088 return -1;
1089 }
1090
1091 ec_processed_len += 2;
1092 }
1093
1094 } else {
1095 /* Skip elliptic curves */
1096 input += elliptic_curves_len;
1097 }
1098
1099 return (int)(input - initial_input);
1100
1101invalid_length:
1102 SCLogDebug("TLS handshake invalid length");
1103 SSLSetEvent(ssl_state,
1104 TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
1105
1106 return -1;
1107}
1108
1109static inline int TLSDecodeHSHelloExtensionEllipticCurvePF(SSLState *ssl_state,
1110 const uint8_t * const initial_input,
1111 const uint32_t input_len,
1112 JA3Buffer *ja3_elliptic_curves_pf)
1113{
1114 const uint8_t *input = initial_input;
1115
1116 /* Empty extension */
1117 if (input_len == 0)
1118 return 0;
1119
1120 if (!(HAS_SPACE(1)))
1121 goto invalid_length;
1122
1123 uint8_t ec_pf_len = *input;
1124 input += 1;
1125
1126 if (!(HAS_SPACE(ec_pf_len)))
1127 goto invalid_length;
1128
1129 if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) && ja3_elliptic_curves_pf) {
1130 uint8_t ec_pf_processed_len = 0;
1131 /* coverity[tainted_data] */
1132 while (ec_pf_processed_len < ec_pf_len)
1133 {
1134 uint8_t elliptic_curve_pf = *input;
1135 input += 1;
1136
1137 if (TLSDecodeValueIsGREASE(elliptic_curve_pf) != 1) {
1138 int rc = Ja3BufferAddValue(&ja3_elliptic_curves_pf,
1139 elliptic_curve_pf);
1140 if (rc != 0)
1141 return -1;
1142 }
1143
1144 ec_pf_processed_len += 1;
1145 }
1146
1147 } else {
1148 /* Skip elliptic curve point formats */
1149 input += ec_pf_len;
1150 }
1151
1152 return (int)(input - initial_input);
1153
1154invalid_length:
1155 SCLogDebug("TLS handshake invalid length");
1156 SSLSetEvent(ssl_state,
1157 TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
1158
1159 return -1;
1160}
1161
1162static inline int TLSDecodeHSHelloExtensionSigAlgorithms(
1163 SSLState *ssl_state, const uint8_t *const initial_input, const uint32_t input_len)
1164{
1165 const uint8_t *input = initial_input;
1166
1167 /* Empty extension */
1168 if (input_len == 0)
1169 return 0;
1170
1171 if (!(HAS_SPACE(2)))
1172 goto invalid_length;
1173
1174 uint16_t sigalgo_len = (uint16_t)(*input << 8) | *(input + 1);
1175 input += 2;
1176
1177 /* Signature algorithms length should always be divisible by 2 */
1178 if ((sigalgo_len % 2) != 0) {
1179 goto invalid_length;
1180 }
1181
1182 if (!(HAS_SPACE(sigalgo_len)))
1183 goto invalid_length;
1184
1185 if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
1186 uint16_t sigalgo_processed_len = 0;
1187 while (sigalgo_processed_len < sigalgo_len) {
1188 uint16_t sigalgo = (uint16_t)(*input << 8) | *(input + 1);
1189 input += 2;
1190 sigalgo_processed_len += 2;
1191
1192 SCTLSHandshakeAddSigAlgo(ssl_state->curr_connp->hs, sigalgo);
1193 }
1194 } else {
1195 /* Skip signature algorithms */
1196 input += sigalgo_len;
1197 }
1198
1199 return (int)(input - initial_input);
1200
1201invalid_length:
1202 SCLogDebug("Signature algorithm list invalid length");
1203 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
1204
1205 return -1;
1206}
1207
1208static inline int TLSDecodeHSHelloExtensionALPN(
1209 SSLState *ssl_state, const uint8_t *const initial_input, const uint32_t input_len)
1210{
1211 const uint8_t *input = initial_input;
1212
1213 /* Empty extension */
1214 if (input_len == 0)
1215 return 0;
1216
1217 if (!(HAS_SPACE(2)))
1218 goto invalid_length;
1219
1220 uint16_t alpn_len = (uint16_t)(*input << 8) | *(input + 1);
1221 input += 2;
1222
1223 if (!(HAS_SPACE(alpn_len)))
1224 goto invalid_length;
1225
1226 /* We use 32 bits here to avoid potentially overflowing a value that
1227 needs to be compared to an unsigned 16-bit value. */
1228 uint32_t alpn_processed_len = 0;
1229 while (alpn_processed_len < alpn_len) {
1230 uint8_t protolen = *input;
1231 input += 1;
1232 alpn_processed_len += 1;
1233
1234 if (!(HAS_SPACE(protolen)))
1235 goto invalid_length;
1236
1237 /* Check if reading another protolen bytes would exceed the
1238 overall ALPN length; if so, skip and continue */
1239 if (alpn_processed_len + protolen > ((uint32_t)alpn_len)) {
1240 input += alpn_len - alpn_processed_len;
1241 break;
1242 }
1243 SCTLSHandshakeAddALPN(ssl_state->curr_connp->hs, (const char *)input, protolen);
1244
1245 alpn_processed_len += protolen;
1246 input += protolen;
1247 }
1248
1249 return (int)(input - initial_input);
1250
1251invalid_length:
1252 SCLogDebug("ALPN list invalid length");
1253 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
1254
1255 return -1;
1256}
1257
1258static inline int TLSDecodeHSHelloExtensions(SSLState *ssl_state,
1259 const uint8_t * const initial_input,
1260 const uint32_t input_len)
1261{
1262 const uint8_t *input = initial_input;
1263
1264 int ret;
1265 int rc;
1266 // if ja3_hash is already computed, do not use new hello to augment ja3_str
1267 const bool ja3 =
1268 (SC_ATOMIC_GET(ssl_config.enable_ja3) == 1) && ssl_state->curr_connp->ja3_hash == NULL;
1269
1270 JA3Buffer *ja3_extensions = NULL;
1271 JA3Buffer *ja3_elliptic_curves = NULL;
1272 JA3Buffer *ja3_elliptic_curves_pf = NULL;
1273
1274 if (ja3) {
1275 ja3_extensions = Ja3BufferInit();
1276 if (ja3_extensions == NULL)
1277 goto error;
1278
1279 if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
1280 ja3_elliptic_curves = Ja3BufferInit();
1281 if (ja3_elliptic_curves == NULL)
1282 goto error;
1283
1284 ja3_elliptic_curves_pf = Ja3BufferInit();
1285 if (ja3_elliptic_curves_pf == NULL)
1286 goto error;
1287 }
1288 }
1289
1290 /* Extensions are optional (RFC5246 section 7.4.1.2) */
1291 if (!(HAS_SPACE(2)))
1292 goto end;
1293
1294 uint16_t extensions_len = (uint16_t)(*input << 8) | *(input + 1);
1295 input += 2;
1296
1297 if (!(HAS_SPACE(extensions_len)))
1298 goto invalid_length;
1299
1300 uint16_t processed_len = 0;
1301 /* coverity[tainted_data] */
1302 while (processed_len < extensions_len)
1303 {
1304 if (!(HAS_SPACE(2)))
1305 goto invalid_length;
1306
1307 uint16_t ext_type = (uint16_t)(*input << 8) | *(input + 1);
1308 input += 2;
1309
1310 if (!(HAS_SPACE(2)))
1311 goto invalid_length;
1312
1313 uint16_t ext_len = (uint16_t)(*input << 8) | *(input + 1);
1314 input += 2;
1315
1316 if (!(HAS_SPACE(ext_len)))
1317 goto invalid_length;
1318
1319 switch (ext_type) {
1320 case SSL_EXTENSION_SNI:
1321 {
1322 /* coverity[tainted_data] */
1323 ret = TLSDecodeHSHelloExtensionSni(ssl_state, input,
1324 ext_len);
1325 if (ret < 0)
1326 goto end;
1327
1328 input += ret;
1329
1330 break;
1331 }
1332
1333 case SSL_EXTENSION_ELLIPTIC_CURVES:
1334 {
1335 /* coverity[tainted_data] */
1336 ret = TLSDecodeHSHelloExtensionEllipticCurves(ssl_state, input,
1337 ext_len,
1338 ja3_elliptic_curves);
1339 if (ret < 0)
1340 goto end;
1341
1342 input += ret;
1343
1344 break;
1345 }
1346
1347 case SSL_EXTENSION_EC_POINT_FORMATS:
1348 {
1349 /* coverity[tainted_data] */
1350 ret = TLSDecodeHSHelloExtensionEllipticCurvePF(ssl_state, input,
1351 ext_len,
1352 ja3_elliptic_curves_pf);
1353 if (ret < 0)
1354 goto end;
1355
1356 input += ret;
1357
1358 break;
1359 }
1360
1361 case SSL_EXTENSION_SIGNATURE_ALGORITHMS: {
1362 /* coverity[tainted_data] */
1363 ret = TLSDecodeHSHelloExtensionSigAlgorithms(ssl_state, input, ext_len);
1364 if (ret < 0)
1365 goto end;
1366
1367 input += ret;
1368
1369 break;
1370 }
1371
1372 case SSL_EXTENSION_ALPN: {
1373 /* coverity[tainted_data] */
1374 ret = TLSDecodeHSHelloExtensionALPN(ssl_state, input, ext_len);
1375 if (ret < 0)
1376 goto end;
1377
1378 input += ext_len;
1379
1380 break;
1381 }
1382
1383 case SSL_EXTENSION_EARLY_DATA:
1384 {
1385 if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
1386 /* Used by 0-RTT to indicate that encrypted data will
1387 be sent right after the ClientHello record. */
1388 ssl_state->flags |= SSL_AL_FLAG_EARLY_DATA;
1389 }
1390
1391 input += ext_len;
1392
1393 break;
1394 }
1395
1396 case SSL_EXTENSION_SUPPORTED_VERSIONS:
1397 {
1398 ret = TLSDecodeHSHelloExtensionSupportedVersions(ssl_state, input,
1399 ext_len);
1400 if (ret < 0)
1401 goto end;
1402
1403 input += ret;
1404
1405 break;
1406 }
1407
1408 case SSL_EXTENSION_SESSION_TICKET:
1409 {
1410 if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
1411 /* This has to be verified later on by checking if a
1412 certificate record has been sent by the server. */
1413 ssl_state->flags |= SSL_AL_FLAG_SESSION_RESUMED;
1414 }
1415
1416 input += ext_len;
1417
1418 break;
1419 }
1420
1421 default:
1422 {
1423 input += ext_len;
1424 break;
1425 }
1426 }
1427
1428 if (ja3) {
1429 if (TLSDecodeValueIsGREASE(ext_type) != 1) {
1430 rc = Ja3BufferAddValue(&ja3_extensions, ext_type);
1431 if (rc != 0)
1432 goto error;
1433 }
1434 }
1435
1436 if (ssl_state->current_flags &
1437 (SSL_AL_FLAG_STATE_CLIENT_HELLO | SSL_AL_FLAG_STATE_SERVER_HELLO)) {
1438 if (TLSDecodeValueIsGREASE(ext_type) != 1) {
1439 SCTLSHandshakeAddExtension(ssl_state->curr_connp->hs, ext_type);
1440 }
1441 }
1442
1443 processed_len += ext_len + 4;
1444 }
1445
1446end:
1447 if (ja3) {
1448 rc = Ja3BufferAppendBuffer(&ssl_state->curr_connp->ja3_str,
1449 &ja3_extensions);
1450 if (rc == -1)
1451 goto error;
1452
1453 if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
1454 rc = Ja3BufferAppendBuffer(&ssl_state->curr_connp->ja3_str,
1455 &ja3_elliptic_curves);
1456 if (rc == -1)
1457 goto error;
1458
1459 rc = Ja3BufferAppendBuffer(&ssl_state->curr_connp->ja3_str,
1460 &ja3_elliptic_curves_pf);
1461 if (rc == -1)
1462 goto error;
1463 }
1464 }
1465
1466 return (int)(input - initial_input);
1467
1468invalid_length:
1469 SCLogDebug("TLS handshake invalid length");
1470 SSLSetEvent(ssl_state,
1471 TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH);
1472
1473error:
1474 if (ja3_extensions != NULL)
1475 Ja3BufferFree(&ja3_extensions);
1476 if (ja3_elliptic_curves != NULL)
1477 Ja3BufferFree(&ja3_elliptic_curves);
1478 if (ja3_elliptic_curves_pf != NULL)
1479 Ja3BufferFree(&ja3_elliptic_curves_pf);
1480
1481 return -1;
1482}
1483
1484static int TLSDecodeHandshakeHello(SSLState *ssl_state,
1485 const uint8_t * const input,
1486 const uint32_t input_len)
1487{
1488 int ret;
1489 uint32_t parsed = 0;
1490
1491 ret = TLSDecodeHSHelloVersion(ssl_state, input, input_len);
1492 if (ret < 0)
1493 goto end;
1494
1495 parsed += ret;
1496
1497 ret = TLSDecodeHSHelloRandom(ssl_state, input + parsed, input_len - parsed);
1498 if (ret < 0)
1499 goto end;
1500
1501 parsed += ret;
1502
1503 /* The session id field in the server hello record was removed in
1504 TLSv1.3 draft1, but was readded in draft22. */
1505 if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) ||
1506 ((ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) &&
1507 ((ssl_state->flags & SSL_AL_FLAG_LOG_WITHOUT_CERT) == 0))) {
1508 ret = TLSDecodeHSHelloSessionID(ssl_state, input + parsed,
1509 input_len - parsed);
1510 if (ret < 0)
1511 goto end;
1512
1513 parsed += ret;
1514 }
1515
1516 ret = TLSDecodeHSHelloCipherSuites(ssl_state, input + parsed,
1517 input_len - parsed);
1518 if (ret < 0)
1519 goto end;
1520
1521 parsed += ret;
1522
1523 /* The compression methods field in the server hello record was
1524 removed in TLSv1.3 draft1, but was readded in draft22. */
1525 if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) ||
1526 ((ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) &&
1527 ((ssl_state->flags & SSL_AL_FLAG_LOG_WITHOUT_CERT) == 0))) {
1528 ret = TLSDecodeHSHelloCompressionMethods(ssl_state, input + parsed,
1529 input_len - parsed);
1530 if (ret < 0)
1531 goto end;
1532
1533 parsed += ret;
1534 }
1535
1536 ret = TLSDecodeHSHelloExtensions(ssl_state, input + parsed,
1537 input_len - parsed);
1538 if (ret < 0)
1539 goto end;
1540
1541 if (SC_ATOMIC_GET(ssl_config.enable_ja3) && ssl_state->curr_connp->ja3_hash == NULL) {
1542 ssl_state->curr_connp->ja3_hash = Ja3GenerateHash(ssl_state->curr_connp->ja3_str);
1543 }
1544
1545 if (ssl_state->curr_connp == &ssl_state->client_connp) {
1546 UpdateClientState(ssl_state, TLS_STATE_CLIENT_HELLO_DONE);
1547 } else {
1548 UpdateServerState(ssl_state, TLS_STATE_SERVER_HELLO);
1549 }
1550end:
1551 return 0;
1552}
1553
1554#ifdef DEBUG_VALIDATION
1555static inline bool
1556RecordAlreadyProcessed(const SSLStateConnp *curr_connp)
1557{
1558 return ((curr_connp->record_length + SSLV3_RECORD_HDR_LEN) <
1559 curr_connp->bytes_processed);
1560}
1561#endif
1562
1563static inline int SSLv3ParseHandshakeTypeCertificate(SSLState *ssl_state, SSLStateConnp *connp,
1564 const uint8_t *const initial_input, const uint32_t input_len)
1565{
1566 int rc = TlsDecodeHSCertificates(ssl_state, connp, initial_input, input_len);
1567 SCLogDebug("rc %d", rc);
1568 if (rc > 0) {
1569 DEBUG_VALIDATE_BUG_ON(rc > (int)input_len);
1570 SSLParserHSReset(connp);
1571 } else if (rc < 0) {
1572 SCLogDebug("error parsing cert, reset state");
1573 SSLParserHSReset(connp);
1574 /* fall through to still consume the cert bytes */
1575 }
1576 if (connp == &ssl_state->client_connp) {
1577 UpdateClientState(ssl_state, TLS_STATE_CLIENT_CERT_DONE);
1578 } else {
1579 UpdateServerState(ssl_state, TLS_STATE_SERVER_CERT_DONE);
1580 }
1581 return input_len;
1582}
1583
1584static int SupportedHandshakeType(const uint8_t type)
1585{
1586 switch (type) {
1587 case SSLV3_HS_CLIENT_HELLO:
1588 case SSLV3_HS_SERVER_HELLO:
1589 case SSLV3_HS_SERVER_KEY_EXCHANGE:
1590 case SSLV3_HS_CLIENT_KEY_EXCHANGE:
1591 case SSLV3_HS_CERTIFICATE:
1592 case SSLV3_HS_HELLO_REQUEST:
1593 case SSLV3_HS_CERTIFICATE_REQUEST:
1594 case SSLV3_HS_CERTIFICATE_VERIFY:
1595 case SSLV3_HS_FINISHED:
1596 case SSLV3_HS_CERTIFICATE_URL:
1597 case SSLV3_HS_CERTIFICATE_STATUS:
1598 case SSLV3_HS_NEW_SESSION_TICKET:
1599 case SSLV3_HS_SERVER_HELLO_DONE:
1600 return true;
1601 break;
1602
1603 default:
1604 return false;
1605 break;
1606 }
1607}
1608
1609/**
1610 * \param input_len length of bytes after record header. Can be 0 (e.g. for server hello done).
1611 * \retval parsed number of consumed bytes
1612 * \retval < 0 error
1613 */
1614static int SSLv3ParseHandshakeType(SSLState *ssl_state, const uint8_t *input,
1615 uint32_t input_len, uint8_t direction)
1616{
1617 const uint8_t *initial_input = input;
1618 int rc;
1619
1620 DEBUG_VALIDATE_BUG_ON(RecordAlreadyProcessed(ssl_state->curr_connp));
1621
1622 switch (ssl_state->curr_connp->handshake_type) {
1623 case SSLV3_HS_CLIENT_HELLO:
1624 ssl_state->current_flags = SSL_AL_FLAG_STATE_CLIENT_HELLO;
1625
1626 rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
1627 if (rc < 0)
1628 return rc;
1629 break;
1630
1631 case SSLV3_HS_SERVER_HELLO:
1632 ssl_state->current_flags = SSL_AL_FLAG_STATE_SERVER_HELLO;
1633
1634 DEBUG_VALIDATE_BUG_ON(ssl_state->curr_connp->message_length != input_len);
1635 rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
1636 if (rc < 0)
1637 return rc;
1638 break;
1639
1640 case SSLV3_HS_SERVER_KEY_EXCHANGE:
1641 ssl_state->current_flags = SSL_AL_FLAG_STATE_SERVER_KEYX;
1642 break;
1643
1644 case SSLV3_HS_CLIENT_KEY_EXCHANGE:
1645 ssl_state->current_flags = SSL_AL_FLAG_STATE_CLIENT_KEYX;
1646 break;
1647
1648 case SSLV3_HS_CERTIFICATE:
1649 rc = SSLv3ParseHandshakeTypeCertificate(ssl_state,
1650 direction ? &ssl_state->server_connp : &ssl_state->client_connp, initial_input,
1651 input_len);
1652 if (rc < 0)
1653 return rc;
1654 break;
1655
1656 case SSLV3_HS_HELLO_REQUEST:
1657 break;
1658 case SSLV3_HS_CERTIFICATE_REQUEST:
1659 if (direction) {
1660 ssl_state->current_flags = SSL_AL_FLAG_NEED_CLIENT_CERT;
1661 }
1662 break;
1663 case SSLV3_HS_CERTIFICATE_VERIFY:
1664 case SSLV3_HS_FINISHED:
1665 case SSLV3_HS_CERTIFICATE_URL:
1666 case SSLV3_HS_CERTIFICATE_STATUS:
1667 break;
1668 case SSLV3_HS_NEW_SESSION_TICKET:
1669 SCLogDebug("new session ticket");
1670 break;
1671 case SSLV3_HS_SERVER_HELLO_DONE:
1672 if (direction) {
1673 UpdateServerState(ssl_state, TLS_STATE_SERVER_HELLO_DONE);
1674 }
1675 break;
1676 default:
1677 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD);
1678 return -1;
1679 }
1680
1681 ssl_state->flags |= ssl_state->current_flags;
1682
1683 SCLogDebug("message: length %u", ssl_state->curr_connp->message_length);
1684 SCLogDebug("input_len %u ssl_state->curr_connp->bytes_processed %u", input_len, ssl_state->curr_connp->bytes_processed);
1685
1686 return input_len;
1687}
1688
1689static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, const uint8_t *input,
1690 uint32_t input_len, uint8_t direction)
1691{
1692 const uint8_t *initial_input = input;
1693
1694 if (input_len == 0 || ssl_state->curr_connp->bytes_processed ==
1695 (ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN)) {
1696 SCReturnInt(0);
1697 }
1698
1699 while (input_len) {
1700 SCLogDebug("input_len %u", input_len);
1701
1702 if (ssl_state->curr_connp->hs_buffer != NULL) {
1703 SCLogDebug("partial handshake record in place");
1704 const uint32_t need = ssl_state->curr_connp->hs_buffer_message_size -
1705 ssl_state->curr_connp->hs_buffer_offset;
1706 const uint32_t add = MIN(need, input_len);
1707
1708 /* grow buffer to next multiple of 4k that fits all data we have */
1709 if (ssl_state->curr_connp->hs_buffer_offset + add >
1710 ssl_state->curr_connp->hs_buffer_size) {
1711 const uint32_t avail = ssl_state->curr_connp->hs_buffer_offset + add;
1712 const uint32_t new_size = avail + (4096 - (avail % 4096));
1713 SCLogDebug("new_size %u, avail %u", new_size, avail);
1714 void *ptr = SCRealloc(ssl_state->curr_connp->hs_buffer, new_size);
1715 if (ptr == NULL)
1716 return -1;
1717 ssl_state->curr_connp->hs_buffer = ptr;
1718 ssl_state->curr_connp->hs_buffer_size = new_size;
1719 }
1720
1721 SCLogDebug("ssl_state->curr_connp->hs_buffer_offset %u "
1722 "ssl_state->curr_connp->hs_buffer_size %u",
1723 ssl_state->curr_connp->hs_buffer_offset, ssl_state->curr_connp->hs_buffer_size);
1724 SCLogDebug("to add %u total %u", add, ssl_state->curr_connp->hs_buffer_offset + add);
1725
1726 if (SafeMemcpy(ssl_state->curr_connp->hs_buffer,
1727 ssl_state->curr_connp->hs_buffer_offset,
1728 ssl_state->curr_connp->hs_buffer_size, input, 0, add, add) != 0) {
1729 SCLogDebug("copy failed");
1730 return -1;
1731 }
1732 ssl_state->curr_connp->hs_buffer_offset += add;
1733
1734 if (ssl_state->curr_connp->hs_buffer_message_size <=
1735 ssl_state->curr_connp->hs_buffer_offset) {
1736 DEBUG_VALIDATE_BUG_ON(ssl_state->curr_connp->hs_buffer_message_size !=
1737 ssl_state->curr_connp->hs_buffer_offset);
1738
1739 ssl_state->curr_connp->handshake_type =
1740 ssl_state->curr_connp->hs_buffer_message_type;
1741 ssl_state->curr_connp->message_length =
1742 ssl_state->curr_connp->hs_buffer_message_size;
1743
1744 SCLogDebug("got all data now: handshake_type %u message_length %u",
1745 ssl_state->curr_connp->handshake_type,
1746 ssl_state->curr_connp->message_length);
1747
1748 int retval = SSLv3ParseHandshakeType(ssl_state, ssl_state->curr_connp->hs_buffer,
1749 ssl_state->curr_connp->hs_buffer_offset, direction);
1750 if (retval < 0) {
1751 SSLParserHSReset(ssl_state->curr_connp);
1752 return (retval);
1753 }
1754 SCLogDebug("retval %d", retval);
1755
1756 /* data processed, reset buffer */
1757 SCFree(ssl_state->curr_connp->hs_buffer);
1758 ssl_state->curr_connp->hs_buffer = NULL;
1759 ssl_state->curr_connp->hs_buffer_size = 0;
1760 ssl_state->curr_connp->hs_buffer_message_size = 0;
1761 ssl_state->curr_connp->hs_buffer_message_type = 0;
1762 ssl_state->curr_connp->hs_buffer_offset = 0;
1763 } else {
1764 SCLogDebug("partial data");
1765 }
1766
1767 input += add;
1768 input_len -= add;
1769 SCLogDebug("input_len %u", input_len);
1770 SSLParserHSReset(ssl_state->curr_connp);
1771 continue;
1772 }
1773
1774 SCLogDebug("bytes_processed %u", ssl_state->curr_connp->bytes_processed);
1775 SCLogDebug("input %p input_len %u", input, input_len);
1776
1777 if (input_len < 4) {
1778 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD);
1779 SCReturnInt(-1);
1780 }
1781
1782 ssl_state->curr_connp->handshake_type = input[0];
1783 ssl_state->curr_connp->message_length = input[1] << 16 | input[2] << 8 | input[3];
1784 SCLogDebug("handshake_type %u message len %u input %p input_len %u",
1785 ssl_state->curr_connp->handshake_type, ssl_state->curr_connp->message_length, input,
1786 input_len);
1787 input += 4;
1788 input_len -= 4;
1789
1790 const uint32_t record_len = ssl_state->curr_connp->message_length;
1791 /* see if we support this type. We check here to not use the fragment
1792 * handling on things we don't support. */
1793 const bool supported_type = SupportedHandshakeType(ssl_state->curr_connp->handshake_type);
1794 SCLogDebug("supported_type %s handshake_type %u/%02x", supported_type ? "true" : "false",
1795 ssl_state->curr_connp->handshake_type, ssl_state->curr_connp->handshake_type);
1796 if (!supported_type) {
1797 uint32_t avail_record_len = MIN(input_len, record_len);
1798 input += avail_record_len;
1799 input_len -= avail_record_len;
1800
1801 SSLParserHSReset(ssl_state->curr_connp);
1802
1803 if ((direction && (ssl_state->flags & SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC)) ||
1804 (!direction && (ssl_state->flags & SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC))) {
1805 // after Change Cipher Spec we get Encrypted Handshake Messages
1806 } else {
1807 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE);
1808 }
1809 continue;
1810 }
1811
1812 /* if the message length exceeds our input_len, we have a tls fragment. */
1813 if (record_len > input_len) {
1814 const uint32_t avail = input_len;
1815 const uint32_t size = avail + (4096 - (avail % 4096));
1816 SCLogDebug("initial buffer size %u, based on input %u", size, avail);
1817 ssl_state->curr_connp->hs_buffer = SCCalloc(1, size);
1818 if (ssl_state->curr_connp->hs_buffer == NULL) {
1819 return -1;
1820 }
1821 ssl_state->curr_connp->hs_buffer_size = size;
1822 ssl_state->curr_connp->hs_buffer_message_size = record_len;
1823 ssl_state->curr_connp->hs_buffer_message_type = ssl_state->curr_connp->handshake_type;
1824
1825 if (input_len > 0) {
1826 if (SafeMemcpy(ssl_state->curr_connp->hs_buffer, 0,
1827 ssl_state->curr_connp->hs_buffer_size, input, 0, input_len,
1828 input_len) != 0) {
1829 return -1;
1830 }
1831 ssl_state->curr_connp->hs_buffer_offset = input_len;
1832 }
1833 SCLogDebug("opened record buffer %p size %u offset %u type %u msg_size %u",
1834 ssl_state->curr_connp->hs_buffer, ssl_state->curr_connp->hs_buffer_size,
1835 ssl_state->curr_connp->hs_buffer_offset,
1836 ssl_state->curr_connp->hs_buffer_message_type,
1837 ssl_state->curr_connp->hs_buffer_message_size);
1838 input += input_len;
1839 SSLParserHSReset(ssl_state->curr_connp);
1840 return (int)(input - initial_input);
1841
1842 } else {
1843 /* full record, parse it now */
1844 int retval = SSLv3ParseHandshakeType(
1845 ssl_state, input, ssl_state->curr_connp->message_length, direction);
1846 if (retval < 0 || retval > (int)input_len) {
1847 DEBUG_VALIDATE_BUG_ON(retval > (int)input_len);
1848 return (retval);
1849 }
1850 SCLogDebug("retval %d input_len %u", retval, input_len);
1851 input += retval;
1852 input_len -= retval;
1853
1854 SSLParserHSReset(ssl_state->curr_connp);
1855 }
1856 SCLogDebug("input_len left %u", input_len);
1857 }
1858 return (int)(input - initial_input);
1859}
1860
1861/**
1862 * \internal
1863 * \brief TLS Alert parser
1864 *
1865 * \param sslstate Pointer to the SSL state.
1866 * \param input Pointer to the received input data.
1867 * \param input_len Length in bytes of the received data.
1868 * \param direction 1 toclient, 0 toserver
1869 *
1870 * \retval The number of bytes parsed on success, 0 if nothing parsed, -1 on failure.
1871 */
1872static int SSLv3ParseAlertProtocol(
1873 SSLState *ssl_state, const uint8_t *input, uint32_t input_len, uint8_t direction)
1874{
1875 if (input_len < 2) {
1876 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_ALERT);
1877 return -1;
1878 }
1879
1880 /* assume a record > 2 to be an encrypted alert record */
1881 if (input_len == 2) {
1882 uint8_t level = input[0];
1883 // uint8_t desc = input[1];
1884
1885 /* if level Fatal, we consider the tx finished */
1886 if (level == 2) {
1887 UpdateClientState(ssl_state, TLS_STATE_CLIENT_FINISHED);
1888 UpdateServerState(ssl_state, TLS_STATE_SERVER_FINISHED);
1889 }
1890 }
1891 return 0;
1892}
1893
1894/**
1895 * \internal
1896 * \brief TLS Heartbeat parser (see RFC 6520)
1897 *
1898 * \param sslstate Pointer to the SSL state.
1899 * \param input Pointer to the received input data.
1900 * \param input_len Length in bytes of the received data.
1901 * \param direction 1 toclient, 0 toserver
1902 *
1903 * \retval The number of bytes parsed on success, 0 if nothing parsed, -1 on failure.
1904 */
1905static int SSLv3ParseHeartbeatProtocol(SSLState *ssl_state, const uint8_t *input,
1906 uint32_t input_len, uint8_t direction)
1907{
1908 uint8_t hb_type;
1909 uint16_t payload_len;
1910 uint32_t padding_len;
1911
1912 /* expect at least 3 bytes: heartbeat type (1) + length (2) */
1913 if (input_len < 3) {
1914 return 0;
1915 }
1916
1917 hb_type = *input++;
1918
1919 if (!(ssl_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC)) {
1920 if (!(hb_type == TLS_HB_REQUEST || hb_type == TLS_HB_RESPONSE)) {
1921 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HEARTBEAT);
1922 return -1;
1923 }
1924 }
1925
1926 if ((ssl_state->flags & SSL_AL_FLAG_HB_INFLIGHT) == 0) {
1927 ssl_state->flags |= SSL_AL_FLAG_HB_INFLIGHT;
1928
1929 if (direction) {
1930 SCLogDebug("HeartBeat Record type sent in the toclient direction!");
1931 ssl_state->flags |= SSL_AL_FLAG_HB_SERVER_INIT;
1932 } else {
1933 SCLogDebug("HeartBeat Record type sent in the toserver direction!");
1934 ssl_state->flags |= SSL_AL_FLAG_HB_CLIENT_INIT;
1935 }
1936
1937 /* if we reach this point, then we can assume that the HB request
1938 is encrypted. If so, let's set the HB record length */
1939 if (ssl_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) {
1940 ssl_state->hb_record_len = ssl_state->curr_connp->record_length;
1941 SCLogDebug("Encrypted HeartBeat Request In-flight. Storing len %u",
1942 ssl_state->hb_record_len);
1943 return (ssl_state->curr_connp->record_length - 3);
1944 }
1945
1946 payload_len = (uint16_t)(*input << 8) | *(input + 1);
1947
1948 /* check that the requested payload length is really present in
1949 the record (CVE-2014-0160) */
1950 if ((uint32_t)(payload_len+3) > ssl_state->curr_connp->record_length) {
1951 SCLogDebug("We have a short record in HeartBeat Request");
1952 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT);
1953 return -1;
1954 }
1955
1956 /* check the padding length. It must be at least 16 bytes
1957 (RFC 6520, section 4) */
1958 padding_len = ssl_state->curr_connp->record_length - payload_len - 3;
1959 if (padding_len < 16) {
1960 SCLogDebug("We have a short record in HeartBeat Request");
1961 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HEARTBEAT);
1962 return -1;
1963 }
1964
1965 /* we don't have the payload */
1966 if (input_len < payload_len + padding_len) {
1967 return 0;
1968 }
1969
1970 /* OpenSSL still seems to discard multiple in-flight
1971 heartbeats although some tools send multiple at once */
1972 } else if (direction == 1 && (ssl_state->flags & SSL_AL_FLAG_HB_INFLIGHT) &&
1973 (ssl_state->flags & SSL_AL_FLAG_HB_SERVER_INIT)) {
1974 SCLogDebug("Multiple in-flight server initiated HeartBeats");
1975 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HEARTBEAT);
1976 return -1;
1977
1978 } else if (direction == 0 && (ssl_state->flags & SSL_AL_FLAG_HB_INFLIGHT) &&
1979 (ssl_state->flags & SSL_AL_FLAG_HB_CLIENT_INIT)) {
1980 SCLogDebug("Multiple in-flight client initiated HeartBeats");
1981 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HEARTBEAT);
1982 return -1;
1983
1984 } else {
1985 /* we have a HB record in the opposite direction of the request,
1986 let's reset our flags */
1987 ssl_state->flags &= ~SSL_AL_FLAG_HB_INFLIGHT;
1988 ssl_state->flags &= ~SSL_AL_FLAG_HB_SERVER_INIT;
1989 ssl_state->flags &= ~SSL_AL_FLAG_HB_CLIENT_INIT;
1990
1991 /* if we reach this point, then we can assume that the HB request
1992 is encrypted. If so, let's set the HB record length */
1993 if (ssl_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) {
1994 /* check to see if the encrypted response is longer than the
1995 encrypted request */
1996 if (ssl_state->hb_record_len > 0 && ssl_state->hb_record_len <
1997 ssl_state->curr_connp->record_length) {
1998 SCLogDebug("My heart is bleeding.. OpenSSL HeartBleed response (%u)",
1999 ssl_state->hb_record_len);
2000 SSLSetEvent(ssl_state,
2001 TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH);
2002 ssl_state->hb_record_len = 0;
2003 return -1;
2004 }
2005 }
2006
2007 /* reset the HB record length in case we have a legit HB followed
2008 by a bad one */
2009 ssl_state->hb_record_len = 0;
2010 }
2011
2012 /* skip the HeartBeat, 3 bytes were already parsed,
2013 e.g |18 03 02| for TLS 1.2 */
2014 return (ssl_state->curr_connp->record_length - 3);
2015}
2016
2017static int SSLv3ParseRecord(uint8_t direction, SSLState *ssl_state,
2018 const uint8_t *input, uint32_t input_len)
2019{
2020 const uint8_t *initial_input = input;
2021
2022 if (input_len == 0) {
2023 return 0;
2024 }
2025
2026 uint8_t skip_version = 0;
2027
2028 /* Only set SSL/TLS version here if it has not already been set in
2029 client/server hello. */
2030 if (direction == 0) {
2031 if ((ssl_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) &&
2032 (ssl_state->client_connp.version != TLS_VERSION_UNKNOWN)) {
2033 skip_version = 1;
2034 }
2035 } else {
2036 if ((ssl_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) &&
2037 (ssl_state->server_connp.version != TLS_VERSION_UNKNOWN)) {
2038 skip_version = 1;
2039 }
2040 }
2041
2042 switch (ssl_state->curr_connp->bytes_processed) {
2043 case 0:
2044 if (input_len >= 5) {
2045 ssl_state->curr_connp->content_type = input[0];
2046 if (!skip_version) {
2047 ssl_state->curr_connp->version = (uint16_t)(input[1] << 8) | input[2];
2048 }
2049 ssl_state->curr_connp->record_length = input[3] << 8;
2050 ssl_state->curr_connp->record_length |= input[4];
2051 ssl_state->curr_connp->bytes_processed += SSLV3_RECORD_HDR_LEN;
2052 return SSLV3_RECORD_HDR_LEN;
2053 } else {
2054 ssl_state->curr_connp->content_type = *(input++);
2055 if (--input_len == 0)
2056 break;
2057 }
2058
2059 /* fall through */
2060 case 1:
2061 if (!skip_version) {
2062 ssl_state->curr_connp->version = (uint16_t)(*(input++) << 8);
2063 } else {
2064 input++;
2065 }
2066 if (--input_len == 0)
2067 break;
2068
2069 /* fall through */
2070 case 2:
2071 if (!skip_version) {
2072 ssl_state->curr_connp->version |= *(input++);
2073 } else {
2074 input++;
2075 }
2076 if (--input_len == 0)
2077 break;
2078
2079 /* fall through */
2080 case 3:
2081 ssl_state->curr_connp->record_length = *(input++) << 8;
2082 if (--input_len == 0)
2083 break;
2084
2085 /* fall through */
2086 case 4:
2087 ssl_state->curr_connp->record_length |= *(input++);
2088 if (--input_len == 0)
2089 break;
2090
2091 /* fall through */
2092 }
2093
2094 ssl_state->curr_connp->bytes_processed += (input - initial_input);
2095
2096 return (int)(input - initial_input);
2097}
2098
2099static int SSLv2ParseRecord(uint8_t direction, SSLState *ssl_state,
2100 const uint8_t *input, uint32_t input_len)
2101{
2102 const uint8_t *initial_input = input;
2103
2104 if (input_len == 0) {
2105 return 0;
2106 }
2107
2108 if (ssl_state->curr_connp->record_lengths_length == 2) {
2109 switch (ssl_state->curr_connp->bytes_processed) {
2110 case 0:
2111 if (input_len >= ssl_state->curr_connp->record_lengths_length + 1) {
2112 ssl_state->curr_connp->record_length = (0x7f & input[0]) << 8 | input[1];
2113 ssl_state->curr_connp->content_type = input[2];
2114 ssl_state->curr_connp->version = SSL_VERSION_2;
2115 ssl_state->curr_connp->bytes_processed += 3;
2116 return 3;
2117 } else {
2118 ssl_state->curr_connp->record_length = (0x7f & *(input++)) << 8;
2119 if (--input_len == 0)
2120 break;
2121 }
2122
2123 /* fall through */
2124 case 1:
2125 ssl_state->curr_connp->record_length |= *(input++);
2126 if (--input_len == 0)
2127 break;
2128
2129 /* fall through */
2130 case 2:
2131 ssl_state->curr_connp->content_type = *(input++);
2132 ssl_state->curr_connp->version = SSL_VERSION_2;
2133 if (--input_len == 0)
2134 break;
2135
2136 /* fall through */
2137 }
2138
2139 } else {
2140 switch (ssl_state->curr_connp->bytes_processed) {
2141 case 0:
2142 if (input_len >= ssl_state->curr_connp->record_lengths_length + 1) {
2143 ssl_state->curr_connp->record_length = (0x3f & input[0]) << 8 | input[1];
2144 ssl_state->curr_connp->content_type = input[3];
2145 ssl_state->curr_connp->version = SSL_VERSION_2;
2146 ssl_state->curr_connp->bytes_processed += 4;
2147 return 4;
2148 } else {
2149 ssl_state->curr_connp->record_length = (0x3f & *(input++)) << 8;
2150 if (--input_len == 0)
2151 break;
2152 }
2153
2154 /* fall through */
2155 case 1:
2156 ssl_state->curr_connp->record_length |= *(input++);
2157 if (--input_len == 0)
2158 break;
2159
2160 /* fall through */
2161 case 2:
2162 /* padding */
2163 input++;
2164 if (--input_len == 0)
2165 break;
2166
2167 /* fall through */
2168 case 3:
2169 ssl_state->curr_connp->content_type = *(input++);
2170 ssl_state->curr_connp->version = SSL_VERSION_2;
2171 if (--input_len == 0)
2172 break;
2173
2174 /* fall through */
2175 }
2176 }
2177
2178 ssl_state->curr_connp->bytes_processed += (input - initial_input);
2179
2180 return (int)(input - initial_input);
2181}
2182
2183static struct SSLDecoderResult SSLv2Decode(uint8_t direction, SSLState *ssl_state,
2184 AppLayerParserState *pstate, const uint8_t *input, uint32_t input_len,
2185 const StreamSlice stream_slice)
2186{
2187 const uint8_t *initial_input = input;
2188
2189 if (ssl_state->curr_connp->bytes_processed == 0) {
2190 if (input[0] & 0x80) {
2191 ssl_state->curr_connp->record_lengths_length = 2;
2192 } else {
2193 ssl_state->curr_connp->record_lengths_length = 3;
2194 }
2195
2196 SCLogDebug("record start: ssl2.hdr frame");
2197 AppLayerFrameNewByPointer(ssl_state->f, &stream_slice, input,
2198 ssl_state->curr_connp->record_lengths_length + 1, direction, TLS_FRAME_SSLV2_HDR);
2199 }
2200
2201 SCLogDebug("direction %u ssl_state->curr_connp->record_lengths_length + 1 %u, "
2202 "ssl_state->curr_connp->bytes_processed %u",
2203 direction, ssl_state->curr_connp->record_lengths_length + 1,
2204 ssl_state->curr_connp->bytes_processed);
2205 /* the +1 is because we read one extra byte inside SSLv2ParseRecord
2206 to read the msg_type */
2207 if (ssl_state->curr_connp->bytes_processed <
2208 (ssl_state->curr_connp->record_lengths_length + 1)) {
2209 const int retval = SSLv2ParseRecord(direction, ssl_state, input, input_len);
2210 SCLogDebug("retval %d ssl_state->curr_connp->record_length %u", retval,
2211 ssl_state->curr_connp->record_length);
2212 if (retval < 0 || retval > (int)input_len) {
2213 DEBUG_VALIDATE_BUG_ON(retval > (int)input_len);
2214 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSLV2_HEADER);
2215 return SSL_DECODER_ERROR(-1);
2216 }
2217
2218 AppLayerFrameNewByPointer(ssl_state->f, &stream_slice, input,
2219 ssl_state->curr_connp->record_lengths_length + ssl_state->curr_connp->record_length,
2220 direction, TLS_FRAME_SSLV2_PDU);
2221 SCLogDebug("record start: ssl2.pdu frame");
2222
2223 input += retval;
2224 input_len -= retval;
2225 }
2226
2227 /* if we don't have the full record, we return incomplete */
2228 if (ssl_state->curr_connp->record_lengths_length + ssl_state->curr_connp->record_length >
2229 input_len + ssl_state->curr_connp->bytes_processed) {
2230 uint32_t needed = ssl_state->curr_connp->record_length;
2231 SCLogDebug("record len %u input_len %u parsed %u: need %u bytes more data",
2232 ssl_state->curr_connp->record_length, input_len, (uint32_t)(input - initial_input),
2233 needed);
2234 return SSL_DECODER_INCOMPLETE((input - initial_input), needed);
2235 }
2236
2237 if (input_len == 0) {
2238 return SSL_DECODER_OK((input - initial_input));
2239 }
2240
2241 /* record_length should never be zero */
2242 if (ssl_state->curr_connp->record_length == 0) {
2243 SCLogDebug("SSLv2 record length is zero");
2244 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSLV2_HEADER);
2245 return SSL_DECODER_ERROR(-1);
2246 }
2247
2248 /* record_lengths_length should never be zero */
2249 if (ssl_state->curr_connp->record_lengths_length == 0) {
2250 SCLogDebug("SSLv2 record lengths length is zero");
2251 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSLV2_HEADER);
2252 return SSL_DECODER_ERROR(-1);
2253 }
2254
2255 switch (ssl_state->curr_connp->content_type) {
2256 case SSLV2_MT_ERROR:
2257 SCLogDebug("SSLV2_MT_ERROR msg_type received. Error encountered "
2258 "in establishing the sslv2 session, may be version");
2259 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED);
2260
2261 break;
2262
2263 case SSLV2_MT_CLIENT_HELLO:
2264 if (input_len < 6) {
2265 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD);
2266 return SSL_DECODER_ERROR(-1);
2267 }
2268
2269 ssl_state->current_flags = SSL_AL_FLAG_STATE_CLIENT_HELLO;
2270 ssl_state->current_flags |= SSL_AL_FLAG_SSL_CLIENT_HS;
2271 UpdateClientState(ssl_state, TLS_STATE_CLIENT_HELLO_DONE);
2272
2273 const uint16_t version = (uint16_t)(input[0] << 8) | input[1];
2274 SCLogDebug("SSLv2: version %04x", version);
2275 ssl_state->curr_connp->version = version;
2276 uint16_t session_id_length = (input[5]) | (uint16_t)(input[4] << 8);
2277 input += 6;
2278 input_len -= 6;
2279 ssl_state->curr_connp->bytes_processed += 6;
2280 if (session_id_length == 0) {
2281 ssl_state->current_flags |= SSL_AL_FLAG_SSL_NO_SESSION_ID;
2282 }
2283 break;
2284
2285 case SSLV2_MT_CLIENT_MASTER_KEY:
2286 if (!(ssl_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS)) {
2287 SCLogDebug("Client hello is not seen before master key "
2288 "message!");
2289 }
2290 ssl_state->current_flags = SSL_AL_FLAG_SSL_CLIENT_MASTER_KEY;
2291
2292 break;
2293
2294 case SSLV2_MT_CLIENT_CERTIFICATE:
2295 if (direction == 1) {
2296 SCLogDebug("Incorrect SSL Record type sent in the toclient "
2297 "direction!");
2298 } else {
2299 ssl_state->current_flags = SSL_AL_FLAG_STATE_CLIENT_KEYX;
2300 }
2301 UpdateServerState(ssl_state, TLS_STATE_SERVER_CERT_DONE);
2302
2303 /* fall through */
2304 case SSLV2_MT_SERVER_VERIFY:
2305 case SSLV2_MT_SERVER_FINISHED:
2306 if (direction == 0 &&
2307 !(ssl_state->curr_connp->content_type &
2308 SSLV2_MT_CLIENT_CERTIFICATE)) {
2309 SCLogDebug("Incorrect SSL Record type sent in the toserver "
2310 "direction!");
2311 }
2312
2313 /* fall through */
2314 case SSLV2_MT_CLIENT_FINISHED:
2315 case SSLV2_MT_REQUEST_CERTIFICATE:
2316 /* both client hello and server hello must be seen */
2317 if ((ssl_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) &&
2318 (ssl_state->flags & SSL_AL_FLAG_SSL_SERVER_HS)) {
2319
2320 if (direction == 0) {
2321 if (ssl_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) {
2322 ssl_state->current_flags |= SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED;
2323 SCLogDebug("SSLv2 client side has started the encryption");
2324 } else if (ssl_state->flags & SSL_AL_FLAG_SSL_CLIENT_MASTER_KEY) {
2325 ssl_state->current_flags = SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED;
2326 SCLogDebug("SSLv2 client side has started the encryption");
2327 }
2328 } else {
2329 ssl_state->current_flags = SSL_AL_FLAG_SSL_SERVER_SSN_ENCRYPTED;
2330 SCLogDebug("SSLv2 Server side has started the encryption");
2331 }
2332
2333 if ((ssl_state->flags & SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED) &&
2334 (ssl_state->flags & SSL_AL_FLAG_SSL_SERVER_SSN_ENCRYPTED))
2335 {
2336 if (ssl_config.encrypt_mode != SSL_CNF_ENC_HANDLE_FULL) {
2337 SCAppLayerParserStateSetFlag(pstate, APP_LAYER_PARSER_NO_INSPECTION);
2338 }
2339
2340 if (ssl_config.encrypt_mode == SSL_CNF_ENC_HANDLE_BYPASS) {
2341 SCAppLayerParserStateSetFlag(pstate, APP_LAYER_PARSER_NO_REASSEMBLY);
2342 SCAppLayerParserStateSetFlag(pstate, APP_LAYER_PARSER_BYPASS_READY);
2343 }
2344 SCLogDebug("SSLv2 No reassembly & inspection has been set");
2345 }
2346 }
2347
2348 break;
2349
2350 case SSLV2_MT_SERVER_HELLO:
2351 ssl_state->current_flags = SSL_AL_FLAG_STATE_SERVER_HELLO;
2352 ssl_state->current_flags |= SSL_AL_FLAG_SSL_SERVER_HS;
2353 UpdateServerState(ssl_state, TLS_STATE_SERVER_HELLO);
2354
2355 break;
2356 }
2357
2358 ssl_state->flags |= ssl_state->current_flags;
2359
2360 if (input_len + ssl_state->curr_connp->bytes_processed >=
2361 (ssl_state->curr_connp->record_length +
2362 ssl_state->curr_connp->record_lengths_length)) {
2363
2364 /* looks like we have another record after this */
2365 uint32_t diff = ssl_state->curr_connp->record_length +
2366 ssl_state->curr_connp->record_lengths_length + -
2367 ssl_state->curr_connp->bytes_processed;
2368 input += diff;
2369 SSLParserReset(ssl_state);
2370
2371 /* we still don't have the entire record for the one we are
2372 currently parsing */
2373 } else {
2374 input += input_len;
2375 ssl_state->curr_connp->bytes_processed += input_len;
2376 }
2377 return SSL_DECODER_OK((input - initial_input));
2378}
2379
2380static struct SSLDecoderResult SSLv3Decode(uint8_t direction, SSLState *ssl_state,
2381 AppLayerParserState *pstate, const uint8_t *input, const uint32_t input_len,
2382 const StreamSlice stream_slice)
2383{
2384 uint32_t parsed = 0;
2385 uint32_t record_len; /* slice of input_len for the current record */
2386 const bool first_call = (ssl_state->curr_connp->bytes_processed == 0);
2387
2388 if (ssl_state->curr_connp->bytes_processed < SSLV3_RECORD_HDR_LEN) {
2389 const uint16_t prev_version = ssl_state->curr_connp->version;
2390
2391 int retval = SSLv3ParseRecord(direction, ssl_state, input, input_len);
2392 if (retval < 0 || retval > (int)input_len) {
2393 DEBUG_VALIDATE_BUG_ON(retval > (int)input_len);
2394 SCLogDebug("SSLv3ParseRecord returned %d", retval);
2395 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_TLS_HEADER);
2396 return SSL_DECODER_ERROR(-1);
2397 }
2398 parsed = retval;
2399
2400 SCLogDebug("%s input %p record_length %u", (direction == 0) ? "toserver" : "toclient",
2401 input, ssl_state->curr_connp->record_length);
2402
2403 /* first the hdr frame at our first chance */
2404 if (first_call) {
2405 AppLayerFrameNewByPointer(ssl_state->f, &stream_slice, input, SSLV3_RECORD_HDR_LEN,
2406 direction, TLS_FRAME_HDR);
2407 }
2408
2409 /* parser is streaming for the initial header, then switches to incomplete
2410 * API: so if we don't have the hdr yet, return consumed bytes and wait
2411 * until we are called again with new data. */
2412 if (ssl_state->curr_connp->bytes_processed < SSLV3_RECORD_HDR_LEN) {
2413 SCLogDebug(
2414 "incomplete header, return %u bytes consumed and wait for more data", parsed);
2415 return SSL_DECODER_OK(parsed);
2416 }
2417
2418 /* pdu frame needs record length, so only create it when hdr fully parsed. */
2419 AppLayerFrameNewByPointer(ssl_state->f, &stream_slice, input,
2420 ssl_state->curr_connp->record_length + retval, direction, TLS_FRAME_PDU);
2421 record_len = MIN(input_len - parsed, ssl_state->curr_connp->record_length);
2422 SCLogDebug(
2423 "record_len %u (input_len %u, parsed %u, ssl_state->curr_connp->record_length %u)",
2424 record_len, input_len, parsed, ssl_state->curr_connp->record_length);
2425
2426 bool unknown_record = false;
2427 switch (ssl_state->curr_connp->content_type) {
2428 case SSLV3_CHANGE_CIPHER_SPEC:
2429 case SSLV3_ALERT_PROTOCOL:
2430 case SSLV3_HANDSHAKE_PROTOCOL:
2431 case SSLV3_APPLICATION_PROTOCOL:
2432 case SSLV3_HEARTBEAT_PROTOCOL:
2433 break;
2434 default:
2435 unknown_record = true;
2436 break;
2437 }
2438
2439 /* unknown record type. For TLS 1.0, 1.1 and 1.2 this is ok. For the rest it is fatal. Based
2440 * on Wireshark logic. */
2441 if (prev_version == TLS_VERSION_10 || prev_version == TLS_VERSION_11) {
2442 if (unknown_record) {
2443 SCLogDebug("unknown record, ignore it");
2444 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_TYPE);
2445
2446 ssl_state->curr_connp->bytes_processed = 0; // TODO review this reset logic
2447 ssl_state->curr_connp->content_type = 0;
2448 ssl_state->curr_connp->record_length = 0;
2449 // restore last good version
2450 ssl_state->curr_connp->version = prev_version;
2451 return SSL_DECODER_OK(input_len); // consume everything
2452 }
2453 } else {
2454 if (unknown_record) {
2455 SCLogDebug("unknown record, fatal");
2456 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_TYPE);
2457 return SSL_DECODER_ERROR(-1);
2458 }
2459 }
2460
2461 /* record_length should never be zero */
2462 if (ssl_state->curr_connp->record_length == 0) {
2463 SCLogDebug("SSLv3 Record length is 0");
2464 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_LENGTH);
2465 return SSL_DECODER_ERROR(-1);
2466 }
2467
2468 if (!TLSVersionValid(ssl_state->curr_connp->version)) {
2469 SCLogDebug("ssl_state->curr_connp->version %04x", ssl_state->curr_connp->version);
2470 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_VERSION);
2471 return SSL_DECODER_ERROR(-1);
2472 }
2473
2474 if (ssl_state->curr_connp->bytes_processed == SSLV3_RECORD_HDR_LEN &&
2475 ssl_state->curr_connp->record_length > SSLV3_RECORD_MAX_LEN) {
2476 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_LENGTH);
2477 return SSL_DECODER_ERROR(-1);
2478 }
2479 DEBUG_VALIDATE_BUG_ON(ssl_state->curr_connp->bytes_processed > SSLV3_RECORD_HDR_LEN);
2480 } else {
2481 ValidateRecordState(ssl_state->curr_connp);
2482
2483 record_len = (ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN)- ssl_state->curr_connp->bytes_processed;
2484 record_len = MIN(input_len, record_len);
2485 }
2486 SCLogDebug("record length %u processed %u got %u",
2487 ssl_state->curr_connp->record_length, ssl_state->curr_connp->bytes_processed, record_len);
2488
2489 /* if we don't have the full record, we return incomplete */
2490 if (ssl_state->curr_connp->record_length > input_len - parsed) {
2491 /* no need to use incomplete api buffering for application
2492 * records that we'll not use anyway. */
2493 if (ssl_state->curr_connp->content_type == SSLV3_APPLICATION_PROTOCOL) {
2494 SCLogDebug("application record");
2495 } else {
2496 uint32_t needed = ssl_state->curr_connp->record_length;
2497 SCLogDebug("record len %u input_len %u parsed %u: need %u bytes more data",
2498 ssl_state->curr_connp->record_length, input_len, parsed, needed);
2499 DEBUG_VALIDATE_BUG_ON(needed > SSLV3_RECORD_MAX_LEN);
2500 return SSL_DECODER_INCOMPLETE(parsed, needed);
2501 }
2502 }
2503
2504 if (record_len == 0) {
2505 return SSL_DECODER_OK(parsed);
2506 }
2507
2508 AppLayerFrameNewByPointer(ssl_state->f, &stream_slice, input + parsed,
2509 ssl_state->curr_connp->record_length, direction, TLS_FRAME_DATA);
2510
2511 switch (ssl_state->curr_connp->content_type) {
2512 /* we don't need any data from these types */
2513 case SSLV3_CHANGE_CIPHER_SPEC:
2514 ssl_state->flags |= SSL_AL_FLAG_CHANGE_CIPHER_SPEC;
2515
2516 if (direction) {
2517 ssl_state->flags |= SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC;
2518 } else {
2519 ssl_state->flags |= SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC;
2520
2521 // TODO TLS 1.3
2522 UpdateClientState(ssl_state, TLS_STATE_CLIENT_HANDSHAKE_DONE);
2523 }
2524 break;
2525
2526 case SSLV3_ALERT_PROTOCOL: {
2527 AppLayerFrameNewByPointer(ssl_state->f, &stream_slice, input + parsed,
2528 ssl_state->curr_connp->record_length, direction, TLS_FRAME_ALERT_DATA);
2529
2530 int retval = SSLv3ParseAlertProtocol(ssl_state, input + parsed, record_len, direction);
2531 if (retval < 0) {
2532 SCLogDebug("SSLv3ParseAlertProtocol returned %d", retval);
2533 return SSL_DECODER_ERROR(-1);
2534 }
2535 break;
2536 }
2537 case SSLV3_APPLICATION_PROTOCOL:
2538 /* In TLSv1.3 early data (0-RTT) could be sent before the
2539 handshake is complete (rfc8446, section 2.3). We should
2540 therefore not mark the handshake as done before we have
2541 seen the ServerHello record. */
2542 if ((ssl_state->flags & SSL_AL_FLAG_EARLY_DATA) &&
2543 ((ssl_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0))
2544 break;
2545
2546 /* if we see (encrypted) application data, then this means the
2547 handshake must be done */
2548 if (ssl_state->curr_connp == &ssl_state->client_connp) {
2549 UpdateClientState(ssl_state, TLS_STATE_CLIENT_HANDSHAKE_DONE);
2550 } else {
2551 UpdateServerState(ssl_state, TLS_STATE_SERVER_HANDSHAKE_DONE);
2552 }
2553
2554 if (ssl_config.encrypt_mode != SSL_CNF_ENC_HANDLE_FULL) {
2555 SCLogDebug("setting APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD");
2556 SCAppLayerParserStateSetFlag(pstate, APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD);
2557 }
2558
2559 /* Encrypted data, reassembly not asked, bypass asked, let's sacrifice
2560 * heartbeat lke inspection to be able to be able to bypass the flow */
2561 if (ssl_config.encrypt_mode == SSL_CNF_ENC_HANDLE_BYPASS) {
2562 SCLogDebug("setting APP_LAYER_PARSER_NO_REASSEMBLY");
2563 SCAppLayerParserStateSetFlag(pstate, APP_LAYER_PARSER_NO_REASSEMBLY);
2564 SCAppLayerParserStateSetFlag(pstate, APP_LAYER_PARSER_NO_INSPECTION);
2565 SCAppLayerParserStateSetFlag(pstate, APP_LAYER_PARSER_BYPASS_READY);
2566 }
2567 break;
2568
2569 case SSLV3_HANDSHAKE_PROTOCOL: {
2570 if (ssl_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) {
2571 /* In TLSv1.3, ChangeCipherSpec is only used for middlebox
2572 compatibility (rfc8446, appendix D.4). */
2573 // Client hello flags is needed to have a valid version
2574 if ((ssl_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) &&
2575 (ssl_state->client_connp.version > TLS_VERSION_12) &&
2576 ((ssl_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0)) {
2577 /* do nothing */
2578 } else {
2579 // if we started parsing this, we must stop
2580 break;
2581 }
2582 }
2583
2584 if (ssl_state->curr_connp->record_length < 4) {
2585 SSLParserReset(ssl_state);
2586 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD);
2587 SCLogDebug("record len < 4 => %u", ssl_state->curr_connp->record_length);
2588 return SSL_DECODER_ERROR(-1);
2589 }
2590
2591 int retval = SSLv3ParseHandshakeProtocol(ssl_state, input + parsed,
2592 record_len, direction);
2593 SCLogDebug("retval %d", retval);
2594 if (retval < 0 || retval > (int)record_len) {
2595 DEBUG_VALIDATE_BUG_ON(retval > (int)record_len);
2596 SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE);
2597 SCLogDebug("SSLv3ParseHandshakeProtocol returned %d", retval);
2598 return SSL_DECODER_ERROR(-1);
2599 }
2600 ValidateRecordState(ssl_state->curr_connp);
2601 break;
2602 }
2603 case SSLV3_HEARTBEAT_PROTOCOL: {
2604 AppLayerFrameNewByPointer(ssl_state->f, &stream_slice, input + parsed,
2605 ssl_state->curr_connp->record_length, direction, TLS_FRAME_HB_DATA);
2606 int retval = SSLv3ParseHeartbeatProtocol(ssl_state, input + parsed,
2607 record_len, direction);
2608 if (retval < 0) {
2609 SCLogDebug("SSLv3ParseHeartbeatProtocol returned %d", retval);
2610 return SSL_DECODER_ERROR(-1);
2611 }
2612 break;
2613 }
2614 default:
2615 // should be unreachable now that we check after header parsing
2616 DEBUG_VALIDATE_BUG_ON(1);
2617 SCLogDebug("unsupported record type");
2618 return SSL_DECODER_ERROR(-1);
2619 }
2620
2621 parsed += record_len;
2622 ssl_state->curr_connp->bytes_processed += record_len;
2623
2624 if (ssl_state->curr_connp->bytes_processed >=
2625 ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN) {
2626 SCLogDebug("record complete, trigger RAW");
2627 AppLayerParserTriggerRawStreamInspection(
2628 ssl_state->f, direction == 0 ? STREAM_TOSERVER : STREAM_TOCLIENT);
2629 SSLParserReset(ssl_state);
2630 ValidateRecordState(ssl_state->curr_connp);
2631 return SSL_DECODER_OK(parsed);
2632
2633 } else {
2634 /* we still don't have the entire record for the one we are
2635 currently parsing */
2636 ValidateRecordState(ssl_state->curr_connp);
2637 return SSL_DECODER_OK(parsed);
2638 }
2639}
2640
2641/**
2642 * \internal
2643 * \brief SSLv2, SSLv23, SSLv3, TLSv1.1, TLSv1.2, TLSv1.3 parser.
2644 *
2645 * On parsing error, this should be the only function that should reset
2646 * the parser state, to avoid multiple functions in the chain resetting
2647 * the parser state.
2648 *
2649 * \param direction 0 for toserver, 1 for toclient.
2650 * \param alstate Pointer to the state.
2651 * \param pstate Application layer parser state for this session.
2652 * \param output Pointer to the list of parsed output elements.
2653 *
2654 * \todo On reaching an inconsistent state, check if the input has
2655 * another new record, instead of just returning after the reset
2656 *
2657 * \retval >=0 On success.
2658 */
2659static AppLayerResult SSLDecode(Flow *f, uint8_t direction, void *alstate,
2660 AppLayerParserState *pstate, StreamSlice stream_slice)
2661{
2662 SSLState *ssl_state = (SSLState *)alstate;
2663 ssl_state->tx_data.updated_tc = true;
2664 ssl_state->tx_data.updated_ts = true;
2665 uint32_t counter = 0;
2666 ssl_state->f = f;
2667 const uint8_t *input = StreamSliceGetData(&stream_slice);
2668 const uint8_t *init_input = input;
2669 int32_t input_len = (int32_t)StreamSliceGetDataLen(&stream_slice);
2670
2671 if ((input == NULL || input_len == 0) &&
2672 ((direction == 0 && SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) ||
2673 (direction == 1 &&
2674 SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)))) {
2675 /* flag session as finished if APP_LAYER_PARSER_EOF is set */
2676 if (direction == 0)
2677 UpdateClientState(ssl_state, TLS_STATE_CLIENT_FINISHED);
2678 else
2679 UpdateServerState(ssl_state, TLS_STATE_SERVER_FINISHED);
2680 SCReturnStruct(APP_LAYER_OK);
2681 } else if (input == NULL || input_len == 0) {
2682 SCReturnStruct(APP_LAYER_ERROR);
2683 }
2684
2685 if (direction == 0)
2686 ssl_state->curr_connp = &ssl_state->client_connp;
2687 else
2688 ssl_state->curr_connp = &ssl_state->server_connp;
2689
2690 /* If entering on a new record, reset the current flags. */
2691 if (ssl_state->curr_connp->bytes_processed == 0) {
2692 ssl_state->current_flags = 0;
2693 }
2694
2695 /* if we have more than one record */
2696 uint32_t max_records = MAX((input_len / SSL_RECORD_MINIMUM_LENGTH),1);
2697 while (input_len > 0) {
2698 if (counter > max_records) {
2699 SCLogDebug("Looks like we have looped quite a bit. Reset state "
2700 "and get out of here");
2701 SSLParserReset(ssl_state);
2702 SSLSetEvent(ssl_state,
2703 TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET);
2704 return APP_LAYER_ERROR;
2705 }
2706
2707 /* ssl_state->bytes_processed is zero for a fresh record or
2708 positive to indicate a record currently being parsed */
2709
2710 if (ssl_state->curr_connp->bytes_processed == 0) {
2711 if ((input[0] & 0x80) || (input[0] & 0x40)) {
2712 /* only SSLv2, has one of the top 2 bits set */
2713 ssl_state->curr_connp->version = SSL_VERSION_2;
2714 SCLogDebug("SSLv2 detected");
2715 } else if (ssl_state->curr_connp->version == SSL_VERSION_2) {
2716 ssl_state->curr_connp->version = TLS_VERSION_UNKNOWN;
2717 SCLogDebug("SSL/TLS version reset");
2718 }
2719 }
2720 SCLogDebug("record %u: bytes_processed %u, version %02X, input_len %u", counter,
2721 ssl_state->curr_connp->bytes_processed, ssl_state->curr_connp->version, input_len);
2722
2723 if (ssl_state->curr_connp->version == SSL_VERSION_2) {
2724 if (ssl_state->curr_connp->bytes_processed == 0) {
2725 SCLogDebug("New SSLv2 record parsing");
2726 } else {
2727 SCLogDebug("Continuing parsing SSLv2 record");
2728 }
2729 struct SSLDecoderResult r =
2730 SSLv2Decode(direction, ssl_state, pstate, input, input_len, stream_slice);
2731 if (r.retval < 0 || r.retval > input_len) {
2732 DEBUG_VALIDATE_BUG_ON(r.retval > input_len);
2733 SCLogDebug("Error parsing SSLv2. Resetting parser "
2734 "state. Let's get outta here");
2735 SSLParserReset(ssl_state);
2736 SSLSetEvent(ssl_state,
2737 TLS_DECODER_EVENT_INVALID_SSL_RECORD);
2738 return APP_LAYER_ERROR;
2739 } else if (r.needed) {
2740 input += r.retval;
2741 SCLogDebug("returning consumed %" PRIuMAX " needed %u",
2742 (uintmax_t)(input - init_input), r.needed);
2743 SCReturnStruct(APP_LAYER_INCOMPLETE((uint32_t)(input - init_input), r.needed));
2744 }
2745 input_len -= r.retval;
2746 input += r.retval;
2747 SCLogDebug("SSLv2 decoder consumed %d bytes: %u left", r.retval, input_len);
2748 } else {
2749 if (ssl_state->curr_connp->bytes_processed == 0) {
2750 SCLogDebug("New TLS record: record_length %u",
2751 ssl_state->curr_connp->record_length);
2752 } else {
2753 SCLogDebug("Continuing parsing TLS record: record_length %u, bytes_processed %u",
2754 ssl_state->curr_connp->record_length, ssl_state->curr_connp->bytes_processed);
2755 }
2756 struct SSLDecoderResult r =
2757 SSLv3Decode(direction, ssl_state, pstate, input, input_len, stream_slice);
2758 if (r.retval < 0 || r.retval > input_len) {
2759 DEBUG_VALIDATE_BUG_ON(r.retval > input_len);
2760 SCLogDebug("Error parsing TLS. Resetting parser "
2761 "state. Let's get outta here");
2762 SSLParserReset(ssl_state);
2763 return APP_LAYER_ERROR;
2764 } else if (r.needed) {
2765 input += r.retval;
2766 SCLogDebug("returning consumed %" PRIuMAX " needed %u",
2767 (uintmax_t)(input - init_input), r.needed);
2768 SCReturnStruct(APP_LAYER_INCOMPLETE((uint32_t)(input - init_input), r.needed));
2769 }
2770 input_len -= r.retval;
2771 input += r.retval;
2772 SCLogDebug("TLS decoder consumed %d bytes: %u left", r.retval, input_len);
2773
2774 if (ssl_state->curr_connp->bytes_processed == SSLV3_RECORD_HDR_LEN
2775 && ssl_state->curr_connp->record_length == 0) {
2776 SCLogDebug("TLS empty record");
2777 /* empty record */
2778 SSLParserReset(ssl_state);
2779 }
2780 }
2781 counter++;
2782 } /* while (input_len) */
2783
2784 /* mark handshake as done if we have subject and issuer */
2785 if ((ssl_state->flags & SSL_AL_FLAG_NEED_CLIENT_CERT) &&
2786 ssl_state->client_connp.cert0_subject && ssl_state->client_connp.cert0_issuerdn) {
2787 /* update both sides to keep existing behavior */
2788 UpdateClientState(ssl_state, TLS_STATE_CLIENT_HANDSHAKE_DONE);
2789 UpdateServerState(ssl_state, TLS_STATE_SERVER_HANDSHAKE_DONE);
2790 } else if ((ssl_state->flags & SSL_AL_FLAG_NEED_CLIENT_CERT) == 0 &&
2791 ssl_state->server_connp.cert0_subject && ssl_state->server_connp.cert0_issuerdn) {
2792 /* update both sides to keep existing behavior */
2793 UpdateClientState(ssl_state, TLS_STATE_CLIENT_HANDSHAKE_DONE);
2794 UpdateServerState(ssl_state, TLS_STATE_SERVER_HANDSHAKE_DONE);
2795 }
2796
2797 /* flag session as finished if APP_LAYER_PARSER_EOF is set */
2798 if (SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) &&
2799 SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)) {
2800 /* update both sides to keep existing behavior */
2801 UpdateClientState(ssl_state, TLS_STATE_CLIENT_FINISHED);
2802 UpdateServerState(ssl_state, TLS_STATE_SERVER_FINISHED);
2803 }
2804
2805 return APP_LAYER_OK;
2806}
2807
2808static AppLayerResult SSLParseClientRecord(Flow *f, void *alstate, AppLayerParserState *pstate,
2809 StreamSlice stream_slice, void *local_data)
2810{
2811 return SSLDecode(f, 0 /* toserver */, alstate, pstate, stream_slice);
2812}
2813
2814static AppLayerResult SSLParseServerRecord(Flow *f, void *alstate, AppLayerParserState *pstate,
2815 StreamSlice stream_slice, void *local_data)
2816{
2817 return SSLDecode(f, 1 /* toclient */, alstate, pstate, stream_slice);
2818}
2819
2820/**
2821 * \internal
2822 * \brief Function to allocate the SSL state memory.
2823 */
2824static void *SSLStateAlloc(void *orig_state, AppProto proto_orig)
2825{
2826 SSLState *ssl_state = SCCalloc(1, sizeof(SSLState));
2827 if (unlikely(ssl_state == NULL))
2828 return NULL;
2829 ssl_state->client_connp.cert_log_flag = 0;
2830 ssl_state->server_connp.cert_log_flag = 0;
2831 memset(ssl_state->client_connp.random, 0, TLS_RANDOM_LEN);
2832 memset(ssl_state->server_connp.random, 0, TLS_RANDOM_LEN);
2833 ssl_state->client_connp.hs = SCTLSHandshakeNew();
2834 ssl_state->server_connp.hs = SCTLSHandshakeNew();
2835 TAILQ_INIT(&ssl_state->server_connp.certs);
2836 TAILQ_INIT(&ssl_state->client_connp.certs);
2837
2838 return (void *)ssl_state;
2839}
2840
2841static void SSLStateCertSANFree(SSLStateConnp *connp)
2842{
2843 if (connp->cert0_sans) {
2844 for (uint16_t i = 0; i < connp->cert0_sans_len; i++) {
2845 SCRustCStringFree(connp->cert0_sans[i]);
2846 }
2847 SCFree(connp->cert0_sans);
2848 }
2849}
2850
2851/**
2852 * \internal
2853 * \brief Function to free the SSL state memory.
2854 */
2855static void SSLStateFree(void *p)
2856{
2857 SSLState *ssl_state = (SSLState *)p;
2858 SSLCertsChain *item;
2859
2860 if (ssl_state->client_connp.cert0_subject)
2861 SCRustCStringFree(ssl_state->client_connp.cert0_subject);
2862 if (ssl_state->client_connp.cert0_issuerdn)
2863 SCRustCStringFree(ssl_state->client_connp.cert0_issuerdn);
2864 if (ssl_state->client_connp.cert0_serial)
2865 SCRustCStringFree(ssl_state->client_connp.cert0_serial);
2866 if (ssl_state->client_connp.cert0_fingerprint)
2867 SCFree(ssl_state->client_connp.cert0_fingerprint);
2868 if (ssl_state->client_connp.sni)
2869 SCFree(ssl_state->client_connp.sni);
2870 if (ssl_state->client_connp.session_id)
2871 SCFree(ssl_state->client_connp.session_id);
2872 if (ssl_state->client_connp.hs_buffer)
2873 SCFree(ssl_state->client_connp.hs_buffer);
2874
2875 if (ssl_state->server_connp.cert0_subject)
2876 SCRustCStringFree(ssl_state->server_connp.cert0_subject);
2877 if (ssl_state->server_connp.cert0_issuerdn)
2878 SCRustCStringFree(ssl_state->server_connp.cert0_issuerdn);
2879 if (ssl_state->server_connp.cert0_serial)
2880 SCRustCStringFree(ssl_state->server_connp.cert0_serial);
2881 if (ssl_state->server_connp.cert0_fingerprint)
2882 SCFree(ssl_state->server_connp.cert0_fingerprint);
2883 if (ssl_state->server_connp.sni)
2884 SCFree(ssl_state->server_connp.sni);
2885 if (ssl_state->server_connp.session_id)
2886 SCFree(ssl_state->server_connp.session_id);
2887
2888 if (ssl_state->client_connp.hs)
2889 SCTLSHandshakeFree(ssl_state->client_connp.hs);
2890 if (ssl_state->client_connp.ja3_str)
2891 Ja3BufferFree(&ssl_state->client_connp.ja3_str);
2892 if (ssl_state->client_connp.ja3_hash)
2893 SCFree(ssl_state->client_connp.ja3_hash);
2894 if (ssl_state->server_connp.hs)
2895 SCTLSHandshakeFree(ssl_state->server_connp.hs);
2896 if (ssl_state->server_connp.ja3_str)
2897 Ja3BufferFree(&ssl_state->server_connp.ja3_str);
2898 if (ssl_state->server_connp.ja3_hash)
2899 SCFree(ssl_state->server_connp.ja3_hash);
2900 if (ssl_state->server_connp.hs_buffer)
2901 SCFree(ssl_state->server_connp.hs_buffer);
2902
2903 SSLStateCertSANFree(&ssl_state->server_connp);
2904 SSLStateCertSANFree(&ssl_state->client_connp);
2905
2906 SCAppLayerTxDataCleanup(&ssl_state->tx_data);
2907
2908 /* Free certificate chain */
2909 if (ssl_state->server_connp.certs_buffer)
2910 SCFree(ssl_state->server_connp.certs_buffer);
2911 while ((item = TAILQ_FIRST(&ssl_state->server_connp.certs))) {
2912 TAILQ_REMOVE(&ssl_state->server_connp.certs, item, next);
2913 SCFree(item);
2914 }
2915 TAILQ_INIT(&ssl_state->server_connp.certs);
2916 /* Free certificate chain */
2917 if (ssl_state->client_connp.certs_buffer)
2918 SCFree(ssl_state->client_connp.certs_buffer);
2919 while ((item = TAILQ_FIRST(&ssl_state->client_connp.certs))) {
2920 TAILQ_REMOVE(&ssl_state->client_connp.certs, item, next);
2921 SCFree(item);
2922 }
2923 TAILQ_INIT(&ssl_state->client_connp.certs);
2924
2925 SCFree(ssl_state);
2926}
2927
2928static void SSLStateTransactionFree(void *state, uint64_t tx_id)
2929{
2930 /* do nothing */
2931}
2932
2933static AppProto SSLProbingParser(
2934 const Flow *f, uint8_t direction, const uint8_t *input, uint32_t ilen, uint8_t *rdir)
2935{
2936 /* probably a rst/fin sending an eof */
2937 if (ilen < 3)
2938 return ALPROTO_UNKNOWN;
2939
2940 /* for now just the 3 byte header ones */
2941 /* \todo Detect the 2 byte ones */
2942 if ((input[0] & 0x80) && (input[2] == 0x01)) {
2943 return ALPROTO_TLS;
2944 }
2945
2946 return ALPROTO_FAILED;
2947}
2948
2949static int SSLStateGetStateIdByName(const char *name, const uint8_t direction)
2950{
2951 SCEnumCharMap *map =
2952 direction == STREAM_TOSERVER ? tls_state_client_table : tls_state_server_table;
2953
2954 int id = SCMapEnumNameToValue(name, map);
2955 if (id < 0) {
2956 return -1;
2957 }
2958 return id;
2959}
2960
2961static const char *SSLStateGetStateNameById(const int id, const uint8_t direction)
2962{
2963 SCEnumCharMap *map =
2964 direction == STREAM_TOSERVER ? tls_state_client_table : tls_state_server_table;
2965 const char *name = SCMapEnumValueToName(id, map);
2966 return name;
2967}
2968
2969static int SSLStateGetFrameIdByName(const char *frame_name)
2970{
2971 int id = SCMapEnumNameToValue(frame_name, tls_frame_table);
2972 if (id < 0) {
2973 return -1;
2974 }
2975 return id;
2976}
2977
2978static const char *SSLStateGetFrameNameById(const uint8_t frame_id)
2979{
2980 const char *name = SCMapEnumValueToName(frame_id, tls_frame_table);
2981 return name;
2982}
2983
2984static int SSLStateGetEventInfo(
2985 const char *event_name, uint8_t *event_id, AppLayerEventType *event_type)
2986{
2987 if (SCAppLayerGetEventIdByName(event_name, tls_decoder_event_table, event_id) == 0) {
2988 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
2989 return 0;
2990 }
2991 return -1;
2992}
2993
2994static int SSLStateGetEventInfoById(
2995 uint8_t event_id, const char **event_name, AppLayerEventType *event_type)
2996{
2997 *event_name = SCMapEnumValueToName(event_id, tls_decoder_event_table);
2998 if (*event_name == NULL) {
2999 SCLogError("event \"%d\" not present in "
3000 "ssl's enum map table.",
3001 event_id);
3002 /* yes this is fatal */
3003 return -1;
3004 }
3005
3006 *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
3007
3008 return 0;
3009}
3010
3011static int SSLRegisterPatternsForProtocolDetection(void)
3012{
3013 if (SCAppLayerProtoDetectPMRegisterPatternCSwPP(IPPROTO_TCP, ALPROTO_TLS, "|01 00 02|", 5, 2,
3014 STREAM_TOSERVER, SSLProbingParser, 0, 3) < 0) {
3015 return -1;
3016 }
3017
3018 /** SSLv3 */
3019 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3020 IPPROTO_TCP, ALPROTO_TLS, "|01 03 00|", 3, 0, STREAM_TOSERVER) < 0) {
3021 return -1;
3022 }
3023 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3024 IPPROTO_TCP, ALPROTO_TLS, "|16 03 00|", 3, 0, STREAM_TOSERVER) < 0) {
3025 return -1;
3026 }
3027
3028 /** TLSv1 */
3029 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3030 IPPROTO_TCP, ALPROTO_TLS, "|01 03 01|", 3, 0, STREAM_TOSERVER) < 0) {
3031 return -1;
3032 }
3033 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3034 IPPROTO_TCP, ALPROTO_TLS, "|16 03 01|", 3, 0, STREAM_TOSERVER) < 0) {
3035 return -1;
3036 }
3037
3038 /** TLSv1.1 */
3039 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3040 IPPROTO_TCP, ALPROTO_TLS, "|01 03 02|", 3, 0, STREAM_TOSERVER) < 0) {
3041 return -1;
3042 }
3043 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3044 IPPROTO_TCP, ALPROTO_TLS, "|16 03 02|", 3, 0, STREAM_TOSERVER) < 0) {
3045 return -1;
3046 }
3047
3048 /** TLSv1.2 */
3049 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3050 IPPROTO_TCP, ALPROTO_TLS, "|01 03 03|", 3, 0, STREAM_TOSERVER) < 0) {
3051 return -1;
3052 }
3053 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3054 IPPROTO_TCP, ALPROTO_TLS, "|16 03 03|", 3, 0, STREAM_TOSERVER) < 0) {
3055 return -1;
3056 }
3057
3058 /***** toclient direction *****/
3059
3060 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3061 IPPROTO_TCP, ALPROTO_TLS, "|15 03 00|", 3, 0, STREAM_TOCLIENT) < 0) {
3062 return -1;
3063 }
3064 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3065 IPPROTO_TCP, ALPROTO_TLS, "|16 03 00|", 3, 0, STREAM_TOCLIENT) < 0) {
3066 return -1;
3067 }
3068 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3069 IPPROTO_TCP, ALPROTO_TLS, "|17 03 00|", 3, 0, STREAM_TOCLIENT) < 0) {
3070 return -1;
3071 }
3072
3073 /** TLSv1 */
3074 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3075 IPPROTO_TCP, ALPROTO_TLS, "|15 03 01|", 3, 0, STREAM_TOCLIENT) < 0) {
3076 return -1;
3077 }
3078 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3079 IPPROTO_TCP, ALPROTO_TLS, "|16 03 01|", 3, 0, STREAM_TOCLIENT) < 0) {
3080 return -1;
3081 }
3082 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3083 IPPROTO_TCP, ALPROTO_TLS, "|17 03 01|", 3, 0, STREAM_TOCLIENT) < 0) {
3084 return -1;
3085 }
3086
3087 /** TLSv1.1 */
3088 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3089 IPPROTO_TCP, ALPROTO_TLS, "|15 03 02|", 3, 0, STREAM_TOCLIENT) < 0) {
3090 return -1;
3091 }
3092 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3093 IPPROTO_TCP, ALPROTO_TLS, "|16 03 02|", 3, 0, STREAM_TOCLIENT) < 0) {
3094 return -1;
3095 }
3096 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3097 IPPROTO_TCP, ALPROTO_TLS, "|17 03 02|", 3, 0, STREAM_TOCLIENT) < 0) {
3098 return -1;
3099 }
3100
3101 /** TLSv1.2 */
3102 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3103 IPPROTO_TCP, ALPROTO_TLS, "|15 03 03|", 3, 0, STREAM_TOCLIENT) < 0) {
3104 return -1;
3105 }
3106 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3107 IPPROTO_TCP, ALPROTO_TLS, "|16 03 03|", 3, 0, STREAM_TOCLIENT) < 0) {
3108 return -1;
3109 }
3110 if (SCAppLayerProtoDetectPMRegisterPatternCS(
3111 IPPROTO_TCP, ALPROTO_TLS, "|17 03 03|", 3, 0, STREAM_TOCLIENT) < 0) {
3112 return -1;
3113 }
3114
3115 /* Subsection - SSLv2 style record by client, but informing the server
3116 * the max version it supports.
3117 * Updated by Anoop Saldanha. Disabled it for now. We'll get back to
3118 * it after some tests */
3119#if 0
3120 if (SCAppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_TLS,
3121 "|01 03 00|", 5, 2, STREAM_TOSERVER) < 0)
3122 {
3123 return -1;
3124 }
3125 if (SCAppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_TLS,
3126 "|00 02|", 7, 5, STREAM_TOCLIENT) < 0)
3127 {
3128 return -1;
3129 }
3130#endif
3131
3132 return 0;
3133}
3134
3135#ifdef HAVE_JA3
3136static void CheckJA3Enabled(void)
3137{
3138 const char *strval = NULL;
3139 /* Check if we should generate JA3 fingerprints */
3140 int enable_ja3 = SSL_CONFIG_DEFAULT_JA3;
3141 if (SCConfGet("app-layer.protocols.tls.ja3-fingerprints", &strval) != 1) {
3142 enable_ja3 = SSL_CONFIG_DEFAULT_JA3;
3143 } else if (strcmp(strval, "auto") == 0) {
3144 enable_ja3 = SSL_CONFIG_DEFAULT_JA3;
3145 } else if (SCConfValIsFalse(strval)) {
3146 enable_ja3 = 0;
3147 ssl_config.disable_ja3 = true;
3148 } else if (SCConfValIsTrue(strval)) {
3149 enable_ja3 = true;
3150 }
3151 SC_ATOMIC_SET(ssl_config.enable_ja3, enable_ja3);
3152 if (!ssl_config.disable_ja3 && !g_disable_hashing) {
3153 /* The feature is available, i.e. _could_ be activated by a rule or
3154 even is enabled in the configuration. */
3155 ProvidesFeature(FEATURE_JA3);
3156 }
3157}
3158#endif /* HAVE_JA3 */
3159
3160#ifdef HAVE_JA4
3161static void CheckJA4Enabled(void)
3162{
3163 const char *strval = NULL;
3164 /* Check if we should generate JA4 fingerprints */
3165 int enable_ja4 = SSL_CONFIG_DEFAULT_JA4;
3166 if (SCConfGet("app-layer.protocols.tls.ja4-fingerprints", &strval) != 1) {
3167 enable_ja4 = SSL_CONFIG_DEFAULT_JA4;
3168 } else if (strcmp(strval, "auto") == 0) {
3169 enable_ja4 = SSL_CONFIG_DEFAULT_JA4;
3170 } else if (SCConfValIsFalse(strval)) {
3171 enable_ja4 = 0;
3172 ssl_config.disable_ja4 = true;
3173 } else if (SCConfValIsTrue(strval)) {
3174 enable_ja4 = true;
3175 }
3176 SC_ATOMIC_SET(ssl_config.enable_ja4, enable_ja4);
3177 if (!ssl_config.disable_ja4 && !g_disable_hashing) {
3178 /* The feature is available, i.e. _could_ be activated by a rule or
3179 even is enabled in the configuration. */
3180 ProvidesFeature(FEATURE_JA4);
3181 }
3182}
3183#endif /* HAVE_JA4 */
3184
3185/**
3186 * \brief Function to register the SSL protocol parser and other functions
3187 */
3188void RegisterSSLParsers(void)
3189{
3190 const char *proto_name = "tls";
3191
3192 SC_ATOMIC_INIT(ssl_config.enable_ja3);
3193
3194 /** SSLv2 and SSLv23*/
3195 if (SCAppLayerProtoDetectConfProtoDetectionEnabled("tcp", proto_name)) {
3196 AppLayerProtoDetectRegisterProtocol(ALPROTO_TLS, proto_name);
3197
3198 if (SSLRegisterPatternsForProtocolDetection() < 0)
3199 return;
3200
3201 if (RunmodeIsUnittests()) {
3202 SCAppLayerProtoDetectPPRegister(
3203 IPPROTO_TCP, "443", ALPROTO_TLS, 0, 3, STREAM_TOSERVER, SSLProbingParser, NULL);
3204 } else {
3205 if (SCAppLayerProtoDetectPPParseConfPorts("tcp", IPPROTO_TCP, proto_name, ALPROTO_TLS,
3206 0, 3, SSLProbingParser, NULL) == 0) {
3207 SCLogConfig("no TLS config found, "
3208 "enabling TLS detection on port 443.");
3209 SCAppLayerProtoDetectPPRegister(IPPROTO_TCP, "443", ALPROTO_TLS, 0, 3,
3210 STREAM_TOSERVER, SSLProbingParser, NULL);
3211 }
3212 }
3213 } else {
3214 SCLogConfig("Protocol detection and parser disabled for %s protocol",
3215 proto_name);
3216 return;
3217 }
3218
3219 if (SCAppLayerParserConfParserEnabled("tcp", proto_name)) {
3220 AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_TLS, STREAM_TOSERVER,
3221 SSLParseClientRecord);
3222
3223 AppLayerParserRegisterParser(IPPROTO_TCP, ALPROTO_TLS, STREAM_TOCLIENT,
3224 SSLParseServerRecord);
3225 AppLayerParserRegisterGetStateFuncs(
3226 IPPROTO_TCP, ALPROTO_TLS, SSLStateGetStateIdByName, SSLStateGetStateNameById);
3227 AppLayerParserRegisterGetFrameFuncs(
3228 IPPROTO_TCP, ALPROTO_TLS, SSLStateGetFrameIdByName, SSLStateGetFrameNameById);
3229 AppLayerParserRegisterGetEventInfo(IPPROTO_TCP, ALPROTO_TLS, SSLStateGetEventInfo);
3230 AppLayerParserRegisterGetEventInfoById(IPPROTO_TCP, ALPROTO_TLS, SSLStateGetEventInfoById);
3231
3232 AppLayerParserRegisterStateFuncs(IPPROTO_TCP, ALPROTO_TLS, SSLStateAlloc, SSLStateFree);
3233
3234 SCAppLayerParserRegisterParserAcceptableDataDirection(
3235 IPPROTO_TCP, ALPROTO_TLS, STREAM_TOSERVER);
3236
3237 AppLayerParserRegisterTxFreeFunc(IPPROTO_TCP, ALPROTO_TLS, SSLStateTransactionFree);
3238
3239 AppLayerParserRegisterGetTx(IPPROTO_TCP, ALPROTO_TLS, SSLGetTx);
3240 AppLayerParserRegisterTxDataFunc(IPPROTO_TCP, ALPROTO_TLS, SSLGetTxData);
3241 AppLayerParserRegisterStateDataFunc(IPPROTO_TCP, ALPROTO_TLS, SSLGetStateData);
3242
3243 AppLayerParserRegisterGetTxCnt(IPPROTO_TCP, ALPROTO_TLS, SSLGetTxCnt);
3244
3245 AppLayerParserRegisterGetStateProgressFunc(IPPROTO_TCP, ALPROTO_TLS, SSLGetAlstateProgress);
3246
3247 AppLayerParserRegisterStateProgressCompletionStatus(
3248 ALPROTO_TLS, TLS_STATE_CLIENT_FINISHED, TLS_STATE_SERVER_FINISHED);
3249
3250 SCConfNode *enc_handle = SCConfGetNode("app-layer.protocols.tls.encryption-handling");
3251 if (enc_handle != NULL && enc_handle->val != NULL) {
3252 SCLogDebug("have app-layer.protocols.tls.encryption-handling = %s", enc_handle->val);
3253 if (strcmp(enc_handle->val, "full") == 0) {
3254 ssl_config.encrypt_mode = SSL_CNF_ENC_HANDLE_FULL;
3255 } else if (strcmp(enc_handle->val, "bypass") == 0) {
3256 ssl_config.encrypt_mode = SSL_CNF_ENC_HANDLE_BYPASS;
3257 } else if (strcmp(enc_handle->val, "track-only") == 0) {
3258 ssl_config.encrypt_mode = SSL_CNF_ENC_HANDLE_TRACK_ONLY;
3259 } else if (strcmp(enc_handle->val, "default") == 0) {
3260 SCLogWarning("app-layer.protocols.tls.encryption-handling = default is deprecated "
3261 "and will be removed in Suricata 9, use \"track-only\" instead, "
3262 "(see ticket #7642)");
3263 ssl_config.encrypt_mode = SSL_CNF_ENC_HANDLE_TRACK_ONLY;
3264 } else {
3265 ssl_config.encrypt_mode = SSL_CNF_ENC_HANDLE_TRACK_ONLY;
3266 }
3267 } else {
3268 /* Get the value of no reassembly option from the config file */
3269 if (SCConfGetNode("app-layer.protocols.tls.no-reassemble") == NULL) {
3270 int value = 0;
3271 if (SCConfGetBool("tls.no-reassemble", &value) == 1 && value == 1)
3272 ssl_config.encrypt_mode = SSL_CNF_ENC_HANDLE_BYPASS;
3273 } else {
3274 int value = 0;
3275 if (SCConfGetBool("app-layer.protocols.tls.no-reassemble", &value) == 1 &&
3276 value == 1)
3277 ssl_config.encrypt_mode = SSL_CNF_ENC_HANDLE_BYPASS;
3278 }
3279 }
3280 SCLogDebug("ssl_config.encrypt_mode %u", ssl_config.encrypt_mode);
3281
3282#ifdef HAVE_JA3
3283 CheckJA3Enabled();
3284#endif /* HAVE_JA3 */
3285#ifdef HAVE_JA4
3286 CheckJA4Enabled();
3287#endif /* HAVE_JA4 */
3288
3289 if (g_disable_hashing) {
3290 if (SC_ATOMIC_GET(ssl_config.enable_ja3)) {
3291 SCLogWarning("MD5 calculation has been disabled, disabling JA3");
3292 SC_ATOMIC_SET(ssl_config.enable_ja3, 0);
3293 }
3294 if (SC_ATOMIC_GET(ssl_config.enable_ja4)) {
3295 SCLogWarning("Hashing has been disabled, disabling JA4");
3296 SC_ATOMIC_SET(ssl_config.enable_ja4, 0);
3297 }
3298 } else {
3299 if (RunmodeIsUnittests()) {
3300#ifdef HAVE_JA3
3301 SC_ATOMIC_SET(ssl_config.enable_ja3, 1);
3302#endif /* HAVE_JA3 */
3303#ifdef HAVE_JA4
3304 SC_ATOMIC_SET(ssl_config.enable_ja4, 1);
3305#endif /* HAVE_JA4 */
3306 }
3307 }
3308 } else {
3309 SCLogConfig("Parser disabled for %s protocol. Protocol detection still on.", proto_name);
3310 }
3311}
3312
3313/**
3314 * \brief if not explicitly disabled in config, enable ja3 support
3315 *
3316 * Implemented using atomic to allow rule reloads to do this at
3317 * runtime.
3318 */
3319void SSLEnableJA3(void)
3320{
3321 if (g_disable_hashing || ssl_config.disable_ja3) {
3322 return;
3323 }
3324 if (SC_ATOMIC_GET(ssl_config.enable_ja3)) {
3325 return;
3326 }
3327 SC_ATOMIC_SET(ssl_config.enable_ja3, 1);
3328}
3329
3330/**
3331 * \brief if not explicitly disabled in config, enable ja4 support
3332 *
3333 * Implemented using atomic to allow rule reloads to do this at
3334 * runtime.
3335 */
3336void SSLEnableJA4(void)
3337{
3338 // only caller has #ifdef HAVE_JA4
3339 if (g_disable_hashing || ssl_config.disable_ja4) {
3340 return;
3341 }
3342 if (SC_ATOMIC_GET(ssl_config.enable_ja4)) {
3343 return;
3344 }
3345 SC_ATOMIC_SET(ssl_config.enable_ja4, 1);
3346}
3347
3348/**
3349 * \brief return whether ja3 is effectively enabled
3350 *
3351 * This means that it either has been enabled explicitly or has been
3352 * enabled by having loaded a rule while not being explicitly disabled.
3353 *
3354 * \retval true if enabled, false otherwise
3355 */
3356bool SSLJA3IsEnabled(void)
3357{
3358 return SC_ATOMIC_GET(ssl_config.enable_ja3);
3359}
3360
3361/**
3362 * \brief return whether ja4 is effectively enabled
3363 *
3364 * This means that it either has been enabled explicitly or has been
3365 * enabled by having loaded a rule while not being explicitly disabled.
3366 *
3367 * \retval true if enabled, false otherwise
3368 */
3369bool SSLJA4IsEnabled(void)
3370{
3371 return SC_ATOMIC_GET(ssl_config.enable_ja4);
3372}
AppLayerProtoDetectRegisterProtocol
void AppLayerProtoDetectRegisterProtocol(AppProto alproto, const char *alproto_name)
Registers a protocol for protocol detection phase.
Definition app-layer-detect-proto.c:1742
SCAppLayerProtoDetectPPParseConfPorts
int SCAppLayerProtoDetectPPParseConfPorts(const char *ipproto_name, uint8_t ipproto, const char *alproto_name, AppProto alproto, uint16_t min_depth, uint16_t max_depth, ProbingParserFPtr ProbingParserTs, ProbingParserFPtr ProbingParserTc)
Definition app-layer-detect-proto.c:1563
SCAppLayerProtoDetectPPRegister
void SCAppLayerProtoDetectPPRegister(uint8_t ipproto, const char *portstr, AppProto alproto, uint16_t min_depth, uint16_t max_depth, uint8_t direction, ProbingParserFPtr ProbingParser1, ProbingParserFPtr ProbingParser2)
register parser at a port
Definition app-layer-detect-proto.c:1527
SCAppLayerProtoDetectPMRegisterPatternCSwPP
int SCAppLayerProtoDetectPMRegisterPatternCSwPP(uint8_t ipproto, AppProto alproto, const char *pattern, uint16_t depth, uint16_t offset, uint8_t direction, ProbingParserFPtr PPFunc, uint16_t pp_min_depth, uint16_t pp_max_depth)
Definition app-layer-detect-proto.c:1637
SCAppLayerProtoDetectConfProtoDetectionEnabled
int SCAppLayerProtoDetectConfProtoDetectionEnabled(const char *ipproto, const char *alproto)
Given a protocol name, checks if proto detection is enabled in the conf file.
Definition app-layer-detect-proto.c:1942
SCAppLayerProtoDetectPMRegisterPatternCS
int SCAppLayerProtoDetectPMRegisterPatternCS(uint8_t ipproto, AppProto alproto, const char *pattern, uint16_t depth, uint16_t offset, uint8_t direction)
Registers a case-sensitive pattern for protocol detection.
Definition app-layer-detect-proto.c:1626
dst
uint16_t dst
Definition app-layer-dnp3.h:4
src
uint16_t src
Definition app-layer-dnp3.h:5
SCAppLayerGetEventIdByName
int SCAppLayerGetEventIdByName(const char *event_name, SCEnumCharMap *table, uint8_t *event_id)
Definition app-layer-events.c:28
AppLayerFrameNewByPointer
Frame * AppLayerFrameNewByPointer(Flow *f, const StreamSlice *stream_slice, const uint8_t *frame_start, const int64_t len, int dir, uint8_t frame_type)
create new frame using a pointer to start of the frame
Definition app-layer-frames.c:463
next
struct HtpBodyChunk_ * next
Definition app-layer-htp.h:0
AppLayerParserRegisterGetTxCnt
void AppLayerParserRegisterGetTxCnt(uint8_t ipproto, AppProto alproto, uint64_t(*StateGetTxCnt)(void *alstate))
Definition app-layer-parser.c:520
AppLayerParserRegisterTxFreeFunc
void AppLayerParserRegisterTxFreeFunc(uint8_t ipproto, AppProto alproto, void(*StateTransactionFree)(void *, uint64_t))
Definition app-layer-parser.c:510
SCAppLayerParserStateIssetFlag
uint16_t SCAppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint16_t flag)
Definition app-layer-parser.c:1829
AppLayerParserRegisterTxDataFunc
void AppLayerParserRegisterTxDataFunc(uint8_t ipproto, AppProto alproto, AppLayerTxData *(*GetTxData)(void *tx))
Definition app-layer-parser.c:606
AppLayerParserTriggerRawStreamInspection
void AppLayerParserTriggerRawStreamInspection(Flow *f, int direction)
Definition app-layer-parser.c:1557
AppLayerParserRegisterStateProgressCompletionStatus
void AppLayerParserRegisterStateProgressCompletionStatus(AppProto alproto, const int ts, const int tc)
Definition app-layer-parser.c:548
SCAppLayerParserStateSetFlag
void SCAppLayerParserStateSetFlag(AppLayerParserState *pstate, uint16_t flag)
Definition app-layer-parser.c:1821
AppLayerParserRegisterStateDataFunc
void AppLayerParserRegisterStateDataFunc(uint8_t ipproto, AppProto alproto, AppLayerStateData *(*GetStateData)(void *state))
Definition app-layer-parser.c:616
AppLayerParserRegisterParser
int AppLayerParserRegisterParser(uint8_t ipproto, AppProto alproto, uint8_t direction, AppLayerParserFPtr Parser)
Register app layer parser for the protocol.
Definition app-layer-parser.c:402
AppLayerParserRegisterGetTx
void AppLayerParserRegisterGetTx(uint8_t ipproto, AppProto alproto, void *(StateGetTx)(void *alstate, uint64_t tx_id))
Definition app-layer-parser.c:530
AppLayerParserRegisterGetEventInfo
void AppLayerParserRegisterGetEventInfo(uint8_t ipproto, AppProto alproto, int(*StateGetEventInfo)(const char *event_name, uint8_t *event_id, AppLayerEventType *event_type))
Definition app-layer-parser.c:595
AppLayerParserRegisterGetStateProgressFunc
void AppLayerParserRegisterGetStateProgressFunc(uint8_t ipproto, AppProto alproto, int(*StateGetProgress)(void *alstate, uint8_t direction))
Definition app-layer-parser.c:500
SCAppLayerParserRegisterParserAcceptableDataDirection
void SCAppLayerParserRegisterParserAcceptableDataDirection(uint8_t ipproto, AppProto alproto, uint8_t direction)
Definition app-layer-parser.c:414
SCAppLayerParserConfParserEnabled
int SCAppLayerParserConfParserEnabled(const char *ipproto, const char *alproto_name)
check if a parser is enabled in the config Returns enabled always if: were running unittests
Definition app-layer-parser.c:345
AppLayerParserRegisterStateFuncs
void AppLayerParserRegisterStateFuncs(uint8_t ipproto, AppProto alproto, void *(*StateAlloc)(void *, AppProto), void(*StateFree)(void *))
Definition app-layer-parser.c:435
AppLayerParserRegisterGetEventInfoById
void AppLayerParserRegisterGetEventInfoById(uint8_t ipproto, AppProto alproto, int(*StateGetEventInfoById)(uint8_t event_id, const char **event_name, AppLayerEventType *event_type))
Definition app-layer-parser.c:563
AppLayerParserRegisterGetStateFuncs
void AppLayerParserRegisterGetStateFuncs(uint8_t ipproto, AppProto alproto, AppLayerParserGetStateIdByNameFn GetIdByNameFunc, AppLayerParserGetStateNameByIdFn GetNameByIdFunc)
Definition app-layer-parser.c:575
AppLayerParserRegisterGetFrameFuncs
void AppLayerParserRegisterGetFrameFuncs(uint8_t ipproto, AppProto alproto, AppLayerParserGetFrameIdByNameFn GetIdByNameFunc, AppLayerParserGetFrameNameByIdFn GetNameByIdFunc)
Definition app-layer-parser.c:585
APP_LAYER_PARSER_NO_REASSEMBLY
#define APP_LAYER_PARSER_NO_REASSEMBLY
Definition app-layer-parser.h:50
APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD
#define APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD
Definition app-layer-parser.h:51
APP_LAYER_PARSER_NO_INSPECTION
#define APP_LAYER_PARSER_NO_INSPECTION
Definition app-layer-parser.h:49
APP_LAYER_PARSER_BYPASS_READY
#define APP_LAYER_PARSER_BYPASS_READY
Definition app-layer-parser.h:52
AppLayerTxData
struct AppLayerTxData AppLayerTxData
Definition app-layer-parser.h:42
APP_LAYER_PARSER_EOF_TC
#define APP_LAYER_PARSER_EOF_TC
Definition app-layer-parser.h:54
APP_LAYER_OK
#define APP_LAYER_OK
Definition app-layer-parser.h:77
APP_LAYER_INCOMPLETE
#define APP_LAYER_INCOMPLETE(c, n)
Definition app-layer-parser.h:89
AppLayerResult
struct AppLayerResult AppLayerResult
Definition app-layer-parser.h:39
APP_LAYER_PARSER_EOF_TS
#define APP_LAYER_PARSER_EOF_TS
Definition app-layer-parser.h:53
APP_LAYER_ERROR
#define APP_LAYER_ERROR
Definition app-layer-parser.h:81
StreamSlice
struct StreamSlice StreamSlice
Definition app-layer-parser.h:38
AppLayerStateData
struct AppLayerStateData AppLayerStateData
Definition app-layer-parser.h:44
AppLayerEventType
enum AppLayerEventType AppLayerEventType
Definition app-layer-parser.h:43
AppProto
uint16_t AppProto
Definition app-layer-protos.h:86
ALPROTO_TLS
@ ALPROTO_TLS
Definition app-layer-protos.h:39
ALPROTO_FAILED
@ ALPROTO_FAILED
Definition app-layer-protos.h:33
ALPROTO_UNKNOWN
@ ALPROTO_UNKNOWN
Definition app-layer-protos.h:29
SSLV3_HS_CERTIFICATE_REQUEST
#define SSLV3_HS_CERTIFICATE_REQUEST
Definition app-layer-ssl.c:226
SSLV3_HS_CERTIFICATE_VERIFY
#define SSLV3_HS_CERTIFICATE_VERIFY
Definition app-layer-ssl.c:228
SSLV3_HS_SERVER_HELLO_DONE
#define SSLV3_HS_SERVER_HELLO_DONE
Definition app-layer-ssl.c:227
SSL_RECORD_MINIMUM_LENGTH
#define SSL_RECORD_MINIMUM_LENGTH
Definition app-layer-ssl.c:256
SSLV3_HS_CERTIFICATE_URL
#define SSLV3_HS_CERTIFICATE_URL
Definition app-layer-ssl.c:231
TLS_HB_RESPONSE
#define TLS_HB_RESPONSE
Definition app-layer-ssl.c:254
SSLV2_MT_SERVER_VERIFY
#define SSLV2_MT_SERVER_VERIFY
Definition app-layer-ssl.c:240
SSLV3_APPLICATION_PROTOCOL
#define SSLV3_APPLICATION_PROTOCOL
Definition app-layer-ssl.c:216
SSLEnableJA3
void SSLEnableJA3(void)
if not explicitly disabled in config, enable ja3 support
Definition app-layer-ssl.c:3319
tls_decoder_event_table
SCEnumCharMap tls_decoder_event_table[]
Definition app-layer-ssl.c:131
SSLV3_ALERT_PROTOCOL
#define SSLV3_ALERT_PROTOCOL
Definition app-layer-ssl.c:214
ValidateRecordState
#define ValidateRecordState(...)
Definition app-layer-ssl.c:309
tls_frame_table
SCEnumCharMap tls_frame_table[]
Definition app-layer-ssl.c:99
SSLV2_MT_CLIENT_MASTER_KEY
#define SSLV2_MT_CLIENT_MASTER_KEY
Definition app-layer-ssl.c:237
SSLV3_HS_FINISHED
#define SSLV3_HS_FINISHED
Definition app-layer-ssl.c:230
SSLV3_HS_SERVER_KEY_EXCHANGE
#define SSLV3_HS_SERVER_KEY_EXCHANGE
Definition app-layer-ssl.c:225
SSLV3_CLIENT_HELLO_RANDOM_LEN
#define SSLV3_CLIENT_HELLO_RANDOM_LEN
Definition app-layer-ssl.c:250
SSL_CONFIG_DEFAULT_JA3
#define SSL_CONFIG_DEFAULT_JA3
Definition app-layer-ssl.c:189
SslConfigEncryptHandling
SslConfigEncryptHandling
Definition app-layer-ssl.c:194
SSL_CNF_ENC_HANDLE_BYPASS
@ SSL_CNF_ENC_HANDLE_BYPASS
Definition app-layer-ssl.c:196
SSL_CNF_ENC_HANDLE_FULL
@ SSL_CNF_ENC_HANDLE_FULL
Definition app-layer-ssl.c:197
SSL_CNF_ENC_HANDLE_TRACK_ONLY
@ SSL_CNF_ENC_HANDLE_TRACK_ONLY
Definition app-layer-ssl.c:195
ssl_config
SslConfig ssl_config
Definition app-layer-ssl.c:210
SSLV3_HS_SERVER_HELLO
#define SSLV3_HS_SERVER_HELLO
Definition app-layer-ssl.c:222
HAS_SPACE
#define HAS_SPACE(n)
Definition app-layer-ssl.c:260
SSLV3_HS_CLIENT_HELLO
#define SSLV3_HS_CLIENT_HELLO
Definition app-layer-ssl.c:221
SSLParserReset
#define SSLParserReset(state)
Definition app-layer-ssl.c:318
SSLJA3IsEnabled
bool SSLJA3IsEnabled(void)
return whether ja3 is effectively enabled
Definition app-layer-ssl.c:3356
SSL_DECODER_ERROR
#define SSL_DECODER_ERROR(e)
Definition app-layer-ssl.c:266
SSL_DECODER_INCOMPLETE
#define SSL_DECODER_INCOMPLETE(c, n)
Definition app-layer-ssl.c:276
SSLEnableJA4
void SSLEnableJA4(void)
if not explicitly disabled in config, enable ja4 support
Definition app-layer-ssl.c:3336
SSLV3_HS_CERTIFICATE
#define SSLV3_HS_CERTIFICATE
Definition app-layer-ssl.c:224
SSLJA4IsEnabled
bool SSLJA4IsEnabled(void)
return whether ja4 is effectively enabled
Definition app-layer-ssl.c:3369
SSLV2_MT_SERVER_FINISHED
#define SSLV2_MT_SERVER_FINISHED
Definition app-layer-ssl.c:241
SSLV2_MT_CLIENT_HELLO
#define SSLV2_MT_CLIENT_HELLO
Definition app-layer-ssl.c:236
SSLV3_CLIENT_HELLO_VERSION_LEN
#define SSLV3_CLIENT_HELLO_VERSION_LEN
Definition app-layer-ssl.c:249
SSLV3_CHANGE_CIPHER_SPEC
#define SSLV3_CHANGE_CIPHER_SPEC
Definition app-layer-ssl.c:213
ERR_INVALID_CERTIFICATE
@ ERR_INVALID_CERTIFICATE
Definition app-layer-ssl.c:172
ERR_INVALID_LENGTH
@ ERR_INVALID_LENGTH
Definition app-layer-ssl.c:173
ERR_EXTRACT_ISSUER
@ ERR_EXTRACT_ISSUER
Definition app-layer-ssl.c:184
ERR_INVALID_ALGORITHMIDENTIFIER
@ ERR_INVALID_ALGORITHMIDENTIFIER
Definition app-layer-ssl.c:176
ERR_EXTRACT_SUBJECT
@ ERR_EXTRACT_SUBJECT
Definition app-layer-ssl.c:183
ERR_INVALID_EXTENSIONS
@ ERR_INVALID_EXTENSIONS
Definition app-layer-ssl.c:179
ERR_INVALID_X509NAME
@ ERR_INVALID_X509NAME
Definition app-layer-ssl.c:177
ERR_INVALID_DER
@ ERR_INVALID_DER
Definition app-layer-ssl.c:180
ERR_INVALID_VERSION
@ ERR_INVALID_VERSION
Definition app-layer-ssl.c:174
ERR_INVALID_DATE
@ ERR_INVALID_DATE
Definition app-layer-ssl.c:178
ERR_EXTRACT_VALIDITY
@ ERR_EXTRACT_VALIDITY
Definition app-layer-ssl.c:185
ERR_INVALID_SERIAL
@ ERR_INVALID_SERIAL
Definition app-layer-ssl.c:175
SSLV2_MT_CLIENT_FINISHED
#define SSLV2_MT_CLIENT_FINISHED
Definition app-layer-ssl.c:238
SSLV2_MT_REQUEST_CERTIFICATE
#define SSLV2_MT_REQUEST_CERTIFICATE
Definition app-layer-ssl.c:242
SSLV3_HS_CERTIFICATE_STATUS
#define SSLV3_HS_CERTIFICATE_STATUS
Definition app-layer-ssl.c:232
TLS_HB_REQUEST
#define TLS_HB_REQUEST
Definition app-layer-ssl.c:253
SSLV3_HANDSHAKE_PROTOCOL
#define SSLV3_HANDSHAKE_PROTOCOL
Definition app-layer-ssl.c:215
RegisterSSLParsers
void RegisterSSLParsers(void)
Function to register the SSL protocol parser and other functions.
Definition app-layer-ssl.c:3188
SSLV3_HS_HELLO_REQUEST
#define SSLV3_HS_HELLO_REQUEST
Definition app-layer-ssl.c:220
SSLV2_MT_ERROR
#define SSLV2_MT_ERROR
Definition app-layer-ssl.c:235
SSLV3_HS_NEW_SESSION_TICKET
#define SSLV3_HS_NEW_SESSION_TICKET
Definition app-layer-ssl.c:223
SSLV3_HEARTBEAT_PROTOCOL
#define SSLV3_HEARTBEAT_PROTOCOL
Definition app-layer-ssl.c:217
SSLV3_HS_CLIENT_KEY_EXCHANGE
#define SSLV3_HS_CLIENT_KEY_EXCHANGE
Definition app-layer-ssl.c:229
SslConfig
struct SslConfig_ SslConfig
SSLV3_RECORD_MAX_LEN
#define SSLV3_RECORD_MAX_LEN
Definition app-layer-ssl.c:247
SSLSetEvent
#define SSLSetEvent(ssl_state, event)
Definition app-layer-ssl.c:325
SSLV2_MT_SERVER_HELLO
#define SSLV2_MT_SERVER_HELLO
Definition app-layer-ssl.c:239
SHA1_STRING_LENGTH
#define SHA1_STRING_LENGTH
Definition app-layer-ssl.c:258
SSLV3_RECORD_HDR_LEN
#define SSLV3_RECORD_HDR_LEN
Definition app-layer-ssl.c:245
SSLParserHSReset
#define SSLParserHSReset(connp)
Definition app-layer-ssl.c:312
SSL_DECODER_OK
#define SSL_DECODER_OK(c)
Definition app-layer-ssl.c:271
SSLV2_MT_CLIENT_CERTIFICATE
#define SSLV2_MT_CLIENT_CERTIFICATE
Definition app-layer-ssl.c:243
SSL_SNI_TYPE_HOST_NAME
#define SSL_SNI_TYPE_HOST_NAME
Definition app-layer-ssl.h:156
SSL_AL_FLAG_STATE_SERVER_HELLO
#define SSL_AL_FLAG_STATE_SERVER_HELLO
Definition app-layer-ssl.h:110
SSL_AL_FLAG_STATE_SERVER_KEYX
#define SSL_AL_FLAG_STATE_SERVER_KEYX
Definition app-layer-ssl.h:112
SSL_AL_FLAG_CH_VERSION_EXTENSION
#define SSL_AL_FLAG_CH_VERSION_EXTENSION
Definition app-layer-ssl.h:124
SSL_AL_FLAG_HB_INFLIGHT
#define SSL_AL_FLAG_HB_INFLIGHT
Definition app-layer-ssl.h:116
SSL_AL_FLAG_CHANGE_CIPHER_SPEC
#define SSL_AL_FLAG_CHANGE_CIPHER_SPEC
Definition app-layer-ssl.h:98
SSL_EXTENSION_EARLY_DATA
#define SSL_EXTENSION_EARLY_DATA
Definition app-layer-ssl.h:152
SSL_AL_FLAG_STATE_CLIENT_KEYX
#define SSL_AL_FLAG_STATE_CLIENT_KEYX
Definition app-layer-ssl.h:111
SSL_AL_FLAG_SSL_CLIENT_MASTER_KEY
#define SSL_AL_FLAG_SSL_CLIENT_MASTER_KEY
Definition app-layer-ssl.h:103
TLS_DECODER_EVENT_INVALID_SSLV2_HEADER
@ TLS_DECODER_EVENT_INVALID_SSLV2_HEADER
Definition app-layer-ssl.h:44
TLS_DECODER_EVENT_INVALID_TLS_HEADER
@ TLS_DECODER_EVENT_INVALID_TLS_HEADER
Definition app-layer-ssl.h:45
TLS_DECODER_EVENT_INVALID_SNI_TYPE
@ TLS_DECODER_EVENT_INVALID_SNI_TYPE
Definition app-layer-ssl.h:56
TLS_DECODER_EVENT_CERTIFICATE_INVALID_DER
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_DER
Definition app-layer-ssl.h:69
TLS_DECODER_EVENT_CERTIFICATE_INVALID_SERIAL
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_SERIAL
Definition app-layer-ssl.h:64
TLS_DECODER_EVENT_INVALID_SNI_LENGTH
@ TLS_DECODER_EVENT_INVALID_SNI_LENGTH
Definition app-layer-ssl.h:57
TLS_DECODER_EVENT_CERTIFICATE_INVALID_EXTENSIONS
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_EXTENSIONS
Definition app-layer-ssl.h:68
TLS_DECODER_EVENT_CERTIFICATE_INVALID_VERSION
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_VERSION
Definition app-layer-ssl.h:63
TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET
@ TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET
Definition app-layer-ssl.h:58
TLS_DECODER_EVENT_INVALID_ALERT
@ TLS_DECODER_EVENT_INVALID_ALERT
Definition app-layer-ssl.h:59
TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE
@ TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE
Definition app-layer-ssl.h:49
TLS_DECODER_EVENT_INVALID_RECORD_TYPE
@ TLS_DECODER_EVENT_INVALID_RECORD_TYPE
Definition app-layer-ssl.h:47
TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT
@ TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT
Definition app-layer-ssl.h:52
TLS_DECODER_EVENT_INVALID_SSL_RECORD
@ TLS_DECODER_EVENT_INVALID_SSL_RECORD
Definition app-layer-ssl.h:74
TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS
@ TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS
Definition app-layer-ssl.h:55
TLS_DECODER_EVENT_INVALID_RECORD_VERSION
@ TLS_DECODER_EVENT_INVALID_RECORD_VERSION
Definition app-layer-ssl.h:46
TLS_DECODER_EVENT_HEARTBEAT
@ TLS_DECODER_EVENT_HEARTBEAT
Definition app-layer-ssl.h:50
TLS_DECODER_EVENT_CERTIFICATE_INVALID_DATE
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_DATE
Definition app-layer-ssl.h:67
TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH
@ TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH
Definition app-layer-ssl.h:54
TLS_DECODER_EVENT_CERTIFICATE_INVALID_VALIDITY
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_VALIDITY
Definition app-layer-ssl.h:72
TLS_DECODER_EVENT_INVALID_HEARTBEAT
@ TLS_DECODER_EVENT_INVALID_HEARTBEAT
Definition app-layer-ssl.h:51
TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH
Definition app-layer-ssl.h:62
TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH
@ TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH
Definition app-layer-ssl.h:53
TLS_DECODER_EVENT_CERTIFICATE_INVALID_X509NAME
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_X509NAME
Definition app-layer-ssl.h:66
TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED
@ TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED
Definition app-layer-ssl.h:73
TLS_DECODER_EVENT_INVALID_RECORD_LENGTH
@ TLS_DECODER_EVENT_INVALID_RECORD_LENGTH
Definition app-layer-ssl.h:48
TLS_DECODER_EVENT_INVALID_CERTIFICATE
@ TLS_DECODER_EVENT_INVALID_CERTIFICATE
Definition app-layer-ssl.h:61
TLS_DECODER_EVENT_CERTIFICATE_INVALID_ALGORITHMIDENTIFIER
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_ALGORITHMIDENTIFIER
Definition app-layer-ssl.h:65
TLS_DECODER_EVENT_CERTIFICATE_INVALID_SUBJECT
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_SUBJECT
Definition app-layer-ssl.h:70
TLS_DECODER_EVENT_CERTIFICATE_INVALID_ISSUER
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_ISSUER
Definition app-layer-ssl.h:71
SSL_AL_FLAG_LOG_WITHOUT_CERT
#define SSL_AL_FLAG_LOG_WITHOUT_CERT
Definition app-layer-ssl.h:128
TLS_TS_RANDOM_SET
#define TLS_TS_RANDOM_SET
Definition app-layer-ssl.h:135
SSL_AL_FLAG_HB_CLIENT_INIT
#define SSL_AL_FLAG_HB_CLIENT_INIT
Definition app-layer-ssl.h:117
SSL_AL_FLAG_SESSION_RESUMED
#define SSL_AL_FLAG_SESSION_RESUMED
Definition app-layer-ssl.h:121
SSL_AL_FLAG_HB_SERVER_INIT
#define SSL_AL_FLAG_HB_SERVER_INIT
Definition app-layer-ssl.h:118
SSL_AL_FLAG_NEED_CLIENT_CERT
#define SSL_AL_FLAG_NEED_CLIENT_CERT
Definition app-layer-ssl.h:140
SSL_EXTENSION_SUPPORTED_VERSIONS
#define SSL_EXTENSION_SUPPORTED_VERSIONS
Definition app-layer-ssl.h:153
SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED
#define SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED
Definition app-layer-ssl.h:104
TLS_TC_RANDOM_SET
#define TLS_TC_RANDOM_SET
Definition app-layer-ssl.h:138
TlsStateClient
TlsStateClient
Definition app-layer-ssl.h:77
TLS_STATE_CLIENT_HELLO_DONE
@ TLS_STATE_CLIENT_HELLO_DONE
Definition app-layer-ssl.h:79
TLS_STATE_CLIENT_FINISHED
@ TLS_STATE_CLIENT_FINISHED
Definition app-layer-ssl.h:82
TLS_STATE_CLIENT_HANDSHAKE_DONE
@ TLS_STATE_CLIENT_HANDSHAKE_DONE
Definition app-layer-ssl.h:81
TLS_STATE_CLIENT_IN_PROGRESS
@ TLS_STATE_CLIENT_IN_PROGRESS
Definition app-layer-ssl.h:78
TLS_STATE_CLIENT_CERT_DONE
@ TLS_STATE_CLIENT_CERT_DONE
Definition app-layer-ssl.h:80
SSL_AL_FLAG_EARLY_DATA
#define SSL_AL_FLAG_EARLY_DATA
Definition app-layer-ssl.h:132
SSL_EXTENSION_SNI
#define SSL_EXTENSION_SNI
Definition app-layer-ssl.h:146
SSL_EXTENSION_ELLIPTIC_CURVES
#define SSL_EXTENSION_ELLIPTIC_CURVES
Definition app-layer-ssl.h:147
TlsStateServer
TlsStateServer
Definition app-layer-ssl.h:85
TLS_STATE_SERVER_IN_PROGRESS
@ TLS_STATE_SERVER_IN_PROGRESS
Definition app-layer-ssl.h:86
TLS_STATE_SERVER_HANDSHAKE_DONE
@ TLS_STATE_SERVER_HANDSHAKE_DONE
Definition app-layer-ssl.h:90
TLS_STATE_SERVER_FINISHED
@ TLS_STATE_SERVER_FINISHED
Definition app-layer-ssl.h:91
TLS_STATE_SERVER_HELLO
@ TLS_STATE_SERVER_HELLO
Definition app-layer-ssl.h:87
TLS_STATE_SERVER_CERT_DONE
@ TLS_STATE_SERVER_CERT_DONE
Definition app-layer-ssl.h:88
TLS_STATE_SERVER_HELLO_DONE
@ TLS_STATE_SERVER_HELLO_DONE
Definition app-layer-ssl.h:89
SSL_EXTENSION_ALPN
#define SSL_EXTENSION_ALPN
Definition app-layer-ssl.h:150
TLS_RANDOM_LEN
#define TLS_RANDOM_LEN
Definition app-layer-ssl.h:159
SSL_AL_FLAG_SSL_CLIENT_HS
#define SSL_AL_FLAG_SSL_CLIENT_HS
Definition app-layer-ssl.h:101
SSL_AL_FLAG_SSL_SERVER_HS
#define SSL_AL_FLAG_SSL_SERVER_HS
Definition app-layer-ssl.h:102
TLS_FRAME_HDR
@ TLS_FRAME_HDR
Definition app-layer-ssl.h:34
TLS_FRAME_DATA
@ TLS_FRAME_DATA
Definition app-layer-ssl.h:35
TLS_FRAME_ALERT_DATA
@ TLS_FRAME_ALERT_DATA
Definition app-layer-ssl.h:36
TLS_FRAME_SSLV2_PDU
@ TLS_FRAME_SSLV2_PDU
Definition app-layer-ssl.h:39
TLS_FRAME_HB_DATA
@ TLS_FRAME_HB_DATA
Definition app-layer-ssl.h:37
TLS_FRAME_PDU
@ TLS_FRAME_PDU
Definition app-layer-ssl.h:33
TLS_FRAME_SSLV2_HDR
@ TLS_FRAME_SSLV2_HDR
Definition app-layer-ssl.h:38
SSL_AL_FLAG_STATE_CLIENT_HELLO
#define SSL_AL_FLAG_STATE_CLIENT_HELLO
Definition app-layer-ssl.h:109
SSL_EXTENSION_SIGNATURE_ALGORITHMS
#define SSL_EXTENSION_SIGNATURE_ALGORITHMS
Definition app-layer-ssl.h:149
SSL_AL_FLAG_SSL_NO_SESSION_ID
#define SSL_AL_FLAG_SSL_NO_SESSION_ID
Definition app-layer-ssl.h:106
SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC
#define SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC
Definition app-layer-ssl.h:97
SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC
#define SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC
Definition app-layer-ssl.h:95
SSL_EXTENSION_EC_POINT_FORMATS
#define SSL_EXTENSION_EC_POINT_FORMATS
Definition app-layer-ssl.h:148
SSL_EXTENSION_SESSION_TICKET
#define SSL_EXTENSION_SESSION_TICKET
Definition app-layer-ssl.h:151
SSL_AL_FLAG_SSL_SERVER_SSN_ENCRYPTED
#define SSL_AL_FLAG_SSL_SERVER_SSN_ENCRYPTED
Definition app-layer-ssl.h:105
WARN_UNUSED
#define WARN_UNUSED
Definition bindgen.h:32
SCConfGetNode
SCConfNode * SCConfGetNode(const char *name)
Get a SCConfNode by name.
Definition conf.c:181
SCConfValIsTrue
int SCConfValIsTrue(const char *val)
Check if a value is true.
Definition conf.c:551
SCConfGetBool
int SCConfGetBool(const char *name, int *val)
Retrieve a configuration value as a boolean.
Definition conf.c:497
SCConfValIsFalse
int SCConfValIsFalse(const char *val)
Check if a value is false.
Definition conf.c:576
SCConfGet
int SCConfGet(const char *name, const char **vptr)
Retrieve the value of a configuration node.
Definition conf.c:350
version
uint8_t version
Definition decode-gre.h:1
type
uint16_t type
Definition decode-vlan.c:106
id
uint32_t id
Definition detect-flowbits.c:938
ProvidesFeature
void ProvidesFeature(const char *feature_name)
Definition feature.c:111
FEATURE_JA3
#define FEATURE_JA3
Definition feature.h:29
FEATURE_JA4
#define FEATURE_JA4
Definition feature.h:30
TAILQ_INIT
#define TAILQ_INIT(head)
Definition queue.h:262
TAILQ_INSERT_TAIL
#define TAILQ_INSERT_TAIL(head, elm, field)
Definition queue.h:294
TAILQ_FIRST
#define TAILQ_FIRST(head)
Definition queue.h:250
TAILQ_REMOVE
#define TAILQ_REMOVE(head, elm, field)
Definition queue.h:312
payload_len
uint16_t payload_len
Definition stream-tcp-private.h:1
AppLayerParserState_
Definition app-layer-parser.c:135
Flow_
Flow data structure.
Definition flow.h:356
JA3Buffer_
Definition util-ja3.h:31
SCConfNode_
Definition conf.h:37
SCConfNode_::val
char * val
Definition conf.h:39
SCEnumCharMap_
Definition util-enum.h:27
SSLCertsChain_
Definition app-layer-ssl.h:161
SSLCertsChain_::cert_data
uint8_t * cert_data
Definition app-layer-ssl.h:162
SSLCertsChain_::cert_len
uint32_t cert_len
Definition app-layer-ssl.h:163
SSLStateConnp_
Definition app-layer-ssl.h:167
SSLStateConnp_::cert_log_flag
uint32_t cert_log_flag
Definition app-layer-ssl.h:206
SSLStateConnp_::session_id
char * session_id
Definition app-layer-ssl.h:199
SSLStateConnp_::cert0_fingerprint
char * cert0_fingerprint
Definition app-layer-ssl.h:192
SSLStateConnp_::cert0_issuerdn
char * cert0_issuerdn
Definition app-layer-ssl.h:188
SSLStateConnp_::version
uint16_t version
Definition app-layer-ssl.h:176
SSLStateConnp_::hs_buffer_size
uint32_t hs_buffer_size
Definition app-layer-ssl.h:218
SSLStateConnp_::handshake_type
uint8_t handshake_type
Definition app-layer-ssl.h:179
SSLStateConnp_::hs_buffer_message_size
uint32_t hs_buffer_message_size
Definition app-layer-ssl.h:217
SSLStateConnp_::cert0_serial
char * cert0_serial
Definition app-layer-ssl.h:189
SSLStateConnp_::cert0_subject
char * cert0_subject
Definition app-layer-ssl.h:187
SSLStateConnp_::cert0_sans_len
uint16_t cert0_sans_len
Definition app-layer-ssl.h:195
SSLStateConnp_::certs_buffer
uint8_t * certs_buffer
Definition app-layer-ssl.h:203
SSLStateConnp_::cert0_not_after
int64_t cert0_not_after
Definition app-layer-ssl.h:191
SSLStateConnp_::content_type
uint8_t content_type
Definition app-layer-ssl.h:177
SSLStateConnp_::ja3_hash
char * ja3_hash
Definition app-layer-ssl.h:209
SSLStateConnp_::bytes_processed
uint32_t bytes_processed
Definition app-layer-ssl.h:182
SSLStateConnp_::hs_buffer
uint8_t * hs_buffer
Definition app-layer-ssl.h:215
SSLStateConnp_::random
uint8_t random[TLS_RANDOM_LEN]
Definition app-layer-ssl.h:186
SSLStateConnp_::hs_buffer_message_type
uint8_t hs_buffer_message_type
Definition app-layer-ssl.h:216
SSLStateConnp_::record_length
uint32_t record_length
Definition app-layer-ssl.h:169
SSLStateConnp_::session_id_length
uint16_t session_id_length
Definition app-layer-ssl.h:184
SSLStateConnp_::cert0_sans
char ** cert0_sans
Definition app-layer-ssl.h:194
SSLStateConnp_::certs_buffer_size
uint32_t certs_buffer_size
Definition app-layer-ssl.h:204
SSLStateConnp_::record_lengths_length
uint32_t record_lengths_length
Definition app-layer-ssl.h:171
SSLStateConnp_::ja3_str
JA3Buffer * ja3_str
Definition app-layer-ssl.h:208
SSLStateConnp_::cert0_not_before
int64_t cert0_not_before
Definition app-layer-ssl.h:190
SSLStateConnp_::hs
HandshakeParams * hs
Definition app-layer-ssl.h:211
SSLStateConnp_::sni
char * sni
Definition app-layer-ssl.h:197
SSLStateConnp_::hs_buffer_offset
uint32_t hs_buffer_offset
Definition app-layer-ssl.h:219
SSLStateConnp_::message_length
uint32_t message_length
Definition app-layer-ssl.h:174
SSLState_
SSLv[2.0|3.[0|1|2|3]] state structure.
Definition app-layer-ssl.h:227
SSLState_::hb_record_len
uint32_t hb_record_len
Definition app-layer-ssl.h:237
SSLState_::server_connp
SSLStateConnp server_connp
Definition app-layer-ssl.h:249
SSLState_::curr_connp
SSLStateConnp * curr_connp
Definition app-layer-ssl.h:243
SSLState_::f
Flow * f
Definition app-layer-ssl.h:228
SSLState_::client_connp
SSLStateConnp client_connp
Definition app-layer-ssl.h:248
SSLState_::current_flags
uint32_t current_flags
Definition app-layer-ssl.h:241
SSLState_::server_state
enum TlsStateServer server_state
Definition app-layer-ssl.h:246
SSLState_::tx_data
AppLayerTxData tx_data
Definition app-layer-ssl.h:231
SSLState_::state_data
AppLayerStateData state_data
Definition app-layer-ssl.h:230
SSLState_::client_state
enum TlsStateClient client_state
Definition app-layer-ssl.h:245
SSLState_::flags
uint32_t flags
Definition app-layer-ssl.h:234
SslConfig_
Definition app-layer-ssl.c:200
SslConfig_::SC_ATOMIC_DECLARE
SC_ATOMIC_DECLARE(int, enable_ja4)
SslConfig_::disable_ja3
bool disable_ja3
Definition app-layer-ssl.c:205
SslConfig_::encrypt_mode
enum SslConfigEncryptHandling encrypt_mode
Definition app-layer-ssl.c:201
SslConfig_::disable_ja4
bool disable_ja4
Definition app-layer-ssl.c:207
SslConfig_::SC_ATOMIC_DECLARE
SC_ATOMIC_DECLARE(int, enable_ja3)
MIN
#define MIN(x, y)
Definition suricata-common.h:408
MAX
#define MAX(x, y)
Definition suricata-common.h:412
str
#define str(s)
Definition suricata-common.h:308
g_disable_hashing
bool g_disable_hashing
Definition suricata.c:214
RunmodeIsUnittests
int RunmodeIsUnittests(void)
Definition suricata.c:270
name
const char * name
Definition tm-threads.c:2163
SC_ATOMIC_INIT
#define SC_ATOMIC_INIT(name)
wrapper for initializing an atomic variable.
Definition util-atomic.h:314
SC_ATOMIC_GET
#define SC_ATOMIC_GET(name)
Get the value from the atomic variable.
Definition util-atomic.h:375
SC_ATOMIC_SET
#define SC_ATOMIC_SET(name, val)
Set the value for the atomic variable.
Definition util-atomic.h:386
SCLogDebug
#define SCLogDebug(...)
Definition util-debug.h:275
SCReturnInt
#define SCReturnInt(x)
Definition util-debug.h:281
SCLogWarning
#define SCLogWarning(...)
Macro used to log WARNING messages.
Definition util-debug.h:255
SCReturnStruct
#define SCReturnStruct(x)
Definition util-debug.h:297
SCLogError
#define SCLogError(...)
Macro used to log ERROR messages.
Definition util-debug.h:267
SCLogConfig
#define SCLogConfig(...)
Definition util-debug.h:229
SCMapEnumNameToValue
int SCMapEnumNameToValue(const char *enum_name, SCEnumCharMap *table)
Maps a string name to an enum value from the supplied table. Please specify the last element of any m...
Definition util-enum.c:40
SCMapEnumValueToName
const char * SCMapEnumValueToName(int enum_value, SCEnumCharMap *table)
Maps an enum value to a string name, from the supplied table.
Definition util-enum.c:68
SC_SHA1_LEN
#define SC_SHA1_LEN
Definition util-file.h:40
Ja3BufferInit
JA3Buffer * Ja3BufferInit(void)
Allocate new buffer.
Definition util-ja3.c:39
Ja3BufferAddValue
int Ja3BufferAddValue(JA3Buffer **buffer, uint32_t value)
Definition util-ja3.c:314
Ja3BufferAppendBuffer
int Ja3BufferAppendBuffer(JA3Buffer **buffer1, JA3Buffer **buffer2)
Definition util-ja3.c:309
Ja3GenerateHash
char * Ja3GenerateHash(JA3Buffer *buffer)
Definition util-ja3.c:319
Ja3BufferFree
void Ja3BufferFree(JA3Buffer **buffer)
Free allocated buffer.
Definition util-ja3.c:54
SCMalloc
#define SCMalloc(sz)
Definition util-mem.h:47
SCFree
#define SCFree(p)
Definition util-mem.h:61
SCRealloc
#define SCRealloc(ptr, sz)
Definition util-mem.h:50
SCCalloc
#define SCCalloc(nm, sz)
Definition util-mem.h:53
unlikely
#define unlikely(expr)
Definition util-optimize.h:35
DEBUG_VALIDATE_BUG_ON
#define DEBUG_VALIDATE_BUG_ON(exp)
Definition util-validate.h:102