suricata
util-lua-ssh.c
Go to the documentation of this file.
1/* Copyright (C) 2014 Open Information Security Foundation
2 *
3 * You can copy, redistribute or modify this Program under the terms of
4 * the GNU General Public License version 2 as published by the Free
5 * Software Foundation.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * version 2 along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15 * 02110-1301, USA.
16 */
17
18
19/**
20 * \file
21 *
22 * \author Mats Klepsland <mats.klepsland@gmail.com>
23 *
24 */
25
26#include "suricata-common.h"
27#include "util-lua-ssh.h"
28#include "util-lua.h"
29#include "util-lua-common.h"
30#include "rust.h"
31
32// #define SSH_MT "suricata:ssh:tx"
33static const char ssh_tx[] = "suricata:ssh:tx";
34
35struct LuaTx {
36 void *tx; // SSHTransaction
37};
38
39static int LuaSshGetTx(lua_State *L)
40{
41 if (!(LuaStateNeedProto(L, ALPROTO_SSH))) {
42 return LuaCallbackError(L, "error: protocol not ssh");
43 }
44 void *tx = LuaStateGetTX(L);
45 if (tx == NULL) {
46 return LuaCallbackError(L, "error: no tx available");
47 }
48 struct LuaTx *ltx = (struct LuaTx *)lua_newuserdata(L, sizeof(*ltx));
49 if (ltx == NULL) {
50 return LuaCallbackError(L, "error: fail to allocate user data");
51 }
52 ltx->tx = tx;
53
54 luaL_getmetatable(L, ssh_tx);
55 lua_setmetatable(L, -2);
56
57 return 1;
58}
59
60static int LuaSshTxGetProto(lua_State *L, uint8_t flags)
61{
62 const uint8_t *buf = NULL;
63 uint32_t b_len = 0;
64 struct LuaTx *ltx = luaL_testudata(L, 1, ssh_tx);
65 if (ltx == NULL) {
66 lua_pushnil(L);
67 return 1;
68 }
69 if (SCSshTxGetProtocol(ltx->tx, &buf, &b_len, flags) != 1) {
70 lua_pushnil(L);
71 return 1;
72 }
73 return LuaPushStringBuffer(L, buf, b_len);
74}
75
76static int LuaSshTxGetServerProto(lua_State *L)
77{
78 return LuaSshTxGetProto(L, STREAM_TOCLIENT);
79}
80
81static int LuaSshTxGetClientProto(lua_State *L)
82{
83 return LuaSshTxGetProto(L, STREAM_TOSERVER);
84}
85
86static int LuaSshTxGetSoftware(lua_State *L, uint8_t flags)
87{
88 const uint8_t *buf = NULL;
89 uint32_t b_len = 0;
90 struct LuaTx *ltx = luaL_testudata(L, 1, ssh_tx);
91 if (ltx == NULL) {
92 lua_pushnil(L);
93 return 1;
94 }
95 if (SCSshTxGetSoftware(ltx->tx, &buf, &b_len, flags) != 1) {
96 lua_pushnil(L);
97 return 1;
98 }
99 return LuaPushStringBuffer(L, buf, b_len);
100}
101
102static int LuaSshTxGetServerSoftware(lua_State *L)
103{
104 return LuaSshTxGetSoftware(L, STREAM_TOCLIENT);
105}
106
107static int LuaSshTxGetClientSoftware(lua_State *L)
108{
109 return LuaSshTxGetSoftware(L, STREAM_TOSERVER);
110}
111
112static int LuaSshTxGetHassh(lua_State *L, uint8_t flags)
113{
114 const uint8_t *buf = NULL;
115 uint32_t b_len = 0;
116 struct LuaTx *ltx = luaL_testudata(L, 1, ssh_tx);
117 if (ltx == NULL) {
118 lua_pushnil(L);
119 return 1;
120 }
121 if (SCSshTxGetHassh(ltx->tx, &buf, &b_len, flags) != 1) {
122 lua_pushnil(L);
123 return 1;
124 }
125 return LuaPushStringBuffer(L, buf, b_len);
126}
127
128static int LuaSshTxGetClientHassh(lua_State *L)
129{
130 return LuaSshTxGetHassh(L, STREAM_TOSERVER);
131}
132
133static int LuaSshTxGetServerHassh(lua_State *L)
134{
135 return LuaSshTxGetHassh(L, STREAM_TOCLIENT);
136}
137
138static int LuaSshTxGetHasshString(lua_State *L, uint8_t flags)
139{
140 const uint8_t *buf = NULL;
141 uint32_t b_len = 0;
142 struct LuaTx *ltx = luaL_testudata(L, 1, ssh_tx);
143 if (ltx == NULL) {
144 lua_pushnil(L);
145 return 1;
146 }
147 if (SCSshTxGetHasshString(ltx->tx, &buf, &b_len, flags) != 1) {
148 lua_pushnil(L);
149 return 1;
150 }
151 return LuaPushStringBuffer(L, buf, b_len);
152}
153
154static int LuaSshTxGetClientHasshString(lua_State *L)
155{
156 return LuaSshTxGetHasshString(L, STREAM_TOSERVER);
157}
158
159static int LuaSshTxGetServerHasshString(lua_State *L)
160{
161 return LuaSshTxGetHasshString(L, STREAM_TOCLIENT);
162}
163
164static const struct luaL_Reg txlib[] = {
165 // clang-format off
166 { "server_proto", LuaSshTxGetServerProto },
167 { "server_software", LuaSshTxGetServerSoftware },
168 { "client_proto", LuaSshTxGetClientProto },
169 { "client_software", LuaSshTxGetClientSoftware },
170 { "client_hassh", LuaSshTxGetClientHassh },
171 { "server_hassh", LuaSshTxGetServerHassh },
172 { "client_hassh_string", LuaSshTxGetClientHasshString },
173 { "server_hassh_string", LuaSshTxGetServerHasshString },
174 { NULL, NULL, }
175 // clang-format on
176};
177
178static int LuaSshEnableHassh(lua_State *L)
179{
180 SCSshEnableHassh();
181 return 1;
182}
183
184static const struct luaL_Reg sshlib[] = {
185 // clang-format off
186 { "get_tx", LuaSshGetTx },
187 { "enable_hassh", LuaSshEnableHassh },
188 { NULL, NULL,},
189 // clang-format on
190};
191
192int SCLuaLoadSshLib(lua_State *L)
193{
194 luaL_newmetatable(L, ssh_tx);
195 lua_pushvalue(L, -1);
196 lua_setfield(L, -2, "__index");
197 luaL_setfuncs(L, txlib, 0);
198
199 luaL_newlib(L, sshlib);
200 return 1;
201}
ALPROTO_SSH
@ ALPROTO_SSH
Definition app-layer-protos.h:40
flags
uint8_t flags
Definition decode-gre.h:0
LuaTx::tx
DNSTransaction * tx
Definition util-lua-dns.c:35
lua_State
struct lua_State lua_State
Definition suricata-common.h:523
LuaStateNeedProto
int LuaStateNeedProto(lua_State *luastate, AppProto alproto)
Definition util-lua-common.c:102
LuaCallbackError
int LuaCallbackError(lua_State *luastate, const char *msg)
Definition util-lua-common.c:39
SCLuaLoadSshLib
int SCLuaLoadSshLib(lua_State *L)
Definition util-lua-ssh.c:192
LuaPushStringBuffer
int LuaPushStringBuffer(lua_State *luastate, const uint8_t *input, size_t input_len)
Definition util-lua.c:319
LuaStateGetTX
void * LuaStateGetTX(lua_State *luastate)
get tx pointer from the lua state
Definition util-lua.c:134