57 #define SSH_CONFIG_DEFAULT_HASSH false
59 #define SSH_CONFIG_DEFAULT_ENCRYPTION_BYPASS SSH_HANDLE_ENCRYPTION_TRACK_ONLY
61 static int SSHRegisterPatternsForProtocolDetection(
void)
64 "SSH-", 4, 0, STREAM_TOSERVER) < 0)
69 "SSH-", 4, 0, STREAM_TOCLIENT) < 0)
78 return SCSshTxGetLogCondition(tx);
85 const char *proto_name =
"ssh";
89 if (SSHRegisterPatternsForProtocolDetection() < 0)
94 const char *strval = NULL;
95 if (
SCConfGet(
"app-layer.protocols.ssh.hassh", &strval) != 1) {
97 }
else if (strcmp(strval,
"auto") == 0) {
111 if (encryption_node != NULL && encryption_node->
val != NULL) {
112 if (strcmp(encryption_node->
val,
"full") == 0) {
113 encryption_bypass = SSH_HANDLE_ENCRYPTION_FULL;
114 }
else if (strcmp(encryption_node->
val,
"track-only") == 0) {
115 encryption_bypass = SSH_HANDLE_ENCRYPTION_TRACK_ONLY;
116 }
else if (strcmp(encryption_node->
val,
"bypass") == 0) {
117 encryption_bypass = SSH_HANDLE_ENCRYPTION_BYPASS;
123 if (encryption_bypass) {
124 SCLogConfig(
"ssh: bypass on the start of encryption enabled");
125 SCSshEnableBypass(encryption_bypass);
130 SCRegisterSshParser();
143 static int SSHParserTestUtilCheck(
const char *protoexp,
const char *softexp,
void *tx, uint8_t
flags) {
146 const uint8_t *software = NULL;
150 printf(
"Version string not parsed correctly return: ");
154 printf(
"Version string not parsed correctly NULL: ");
158 if (p_len != strlen(protoexp)) {
159 printf(
"Version string not parsed correctly length: ");
162 if (memcmp(
protocol, protoexp, strlen(protoexp)) != 0) {
163 printf(
"Version string not parsed correctly: ");
167 if (softexp != NULL) {
168 if (SCSshTxGetSoftware(tx, &software, &s_len,
flags) != 1)
170 if (software == NULL)
172 if (s_len != strlen(softexp)) {
173 printf(
"Software string not parsed correctly length: ");
176 if (memcmp(software, softexp, strlen(softexp)) != 0) {
177 printf(
"Software string not parsed correctly: ");
185 static int SSHParserTest01(
void)
189 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1\n";
190 uint32_t sshlen =
sizeof(sshbuf) - 1;
194 memset(&f, 0,
sizeof(f));
195 memset(&ssn, 0,
sizeof(ssn));
203 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
205 printf(
"toclient chunk 1 returned %" PRId32
", expected 0: ", r);
210 if (ssh_state == NULL) {
211 printf(
"no ssh state: ");
215 void *tx = SCSshStateGetTx(ssh_state, 0);
216 if (SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone) {
217 printf(
"Client version string not parsed: ");
221 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
236 static int SSHParserTest02(
void)
240 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1 some comments...\n";
241 uint32_t sshlen =
sizeof(sshbuf) - 1;
245 memset(&f, 0,
sizeof(f));
246 memset(&ssn, 0,
sizeof(ssn));
254 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
256 printf(
"toclient chunk 1 returned %" PRId32
", expected 0: ", r);
261 if (ssh_state == NULL) {
262 printf(
"no ssh state: ");
265 void *tx = SCSshStateGetTx(ssh_state, 0);
267 if (SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone) {
268 printf(
"Client version string not parsed: ");
271 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
286 static int SSHParserTest03(
void)
290 uint8_t sshbuf[] =
"SSH-2.0 some comments...\n";
291 uint32_t sshlen =
sizeof(sshbuf) - 1;
295 memset(&f, 0,
sizeof(f));
296 memset(&ssn, 0,
sizeof(ssn));
304 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
306 printf(
"toclient chunk 1 returned %" PRId32
", expected != 0: ", r);
311 if (ssh_state == NULL) {
312 printf(
"no ssh state: ");
315 void *tx = SCSshStateGetTx(ssh_state, 0);
317 if (SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) == SshStateBannerDone) {
318 printf(
"Client version string parsed? It's not a valid string: ");
321 const uint8_t *dummy = NULL;
322 uint32_t dummy_len = 0;
323 if (SCSshTxGetProtocol(tx, &dummy, &dummy_len, STREAM_TOSERVER) != 0)
325 if (SCSshTxGetSoftware(tx, &dummy, &dummy_len, STREAM_TOSERVER) != 0)
338 static int SSHParserTest04(
void)
342 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1\n";
343 uint32_t sshlen =
sizeof(sshbuf) - 1;
347 memset(&f, 0,
sizeof(f));
348 memset(&ssn, 0,
sizeof(ssn));
356 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
358 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
363 if (ssh_state == NULL) {
364 printf(
"no ssh state: ");
367 void *tx = SCSshStateGetTx(ssh_state, 0);
369 if (SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone) {
370 printf(
"Client version string not parsed: ");
373 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT))
388 static int SSHParserTest05(
void)
392 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1 some comments...\n";
393 uint32_t sshlen =
sizeof(sshbuf) - 1;
397 memset(&f, 0,
sizeof(f));
398 memset(&ssn, 0,
sizeof(ssn));
406 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
408 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
413 if (ssh_state == NULL) {
414 printf(
"no ssh state: ");
417 void *tx = SCSshStateGetTx(ssh_state, 0);
419 if (SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone) {
420 printf(
"Client version string not parsed: ");
423 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT))
437 static int SSHParserTest06(
void)
441 uint8_t sshbuf[] =
"SSH-2.0 some comments...\n";
442 uint32_t sshlen =
sizeof(sshbuf) - 1;
446 memset(&f, 0,
sizeof(f));
447 memset(&ssn, 0,
sizeof(ssn));
455 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
457 printf(
"toserver chunk 1 returned %" PRId32
", expected != 0: ", r);
463 if (ssh_state == NULL) {
464 printf(
"no ssh state: ");
467 void *tx = SCSshStateGetTx(ssh_state, 0);
469 if (SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) == SshStateBannerDone) {
470 printf(
"Client version string parsed? It's not a valid string: ");
473 const uint8_t *dummy = NULL;
474 uint32_t dummy_len = 0;
475 if (SCSshTxGetProtocol(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0)
477 if (SCSshTxGetSoftware(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0)
490 #define MAX_SSH_TEST_SIZE 512
492 static int SSHParserTest07(
void)
502 memset(&
tv, 0x00,
sizeof(
tv));
510 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
513 f->
proto = IPPROTO_TCP;
518 p->
proto = IPPROTO_TCP;
522 for (
int i=0; i<2; i++) {
524 seq += strlen(sshbufs[i]);
530 void *tx = SCSshStateGetTx(ssh_state, 0);
531 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone);
533 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
543 static int SSHParserTest08(
void)
553 memset(&
tv, 0x00,
sizeof(
tv));
561 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
564 f->
proto = IPPROTO_TCP;
569 p->
proto = IPPROTO_TCP;
573 for (
int i=0; i<3; i++) {
575 seq += strlen(sshbufs[i]);
581 void *tx = SCSshStateGetTx(ssh_state, 0);
582 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone);
584 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
593 static int SSHParserTest09(
void)
603 memset(&
tv, 0x00,
sizeof(
tv));
611 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
614 f->
proto = IPPROTO_TCP;
619 p->
proto = IPPROTO_TCP;
623 for (
int i=0; i<2; i++) {
625 seq += strlen(sshbufs[i]);
631 void *tx = SCSshStateGetTx(ssh_state, 0);
632 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone);
634 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
644 static int SSHParserTest10(
void)
654 memset(&
tv, 0x00,
sizeof(
tv));
662 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
665 f->
proto = IPPROTO_TCP;
670 p->
proto = IPPROTO_TCP;
674 for (
int i=0; i<3; i++) {
676 seq += strlen(sshbufs[i]);
682 void *tx = SCSshStateGetTx(ssh_state, 0);
683 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone);
685 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
695 static int SSHParserTest11(
void)
699 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
700 uint32_t sshlen1 =
sizeof(sshbuf1) - 1;
701 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
702 uint32_t sshlen2 =
sizeof(sshbuf2);
706 memset(&f, 0,
sizeof(f));
707 memset(&ssn, 0,
sizeof(ssn));
715 STREAM_TOSERVER, sshbuf1, sshlen1);
717 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
723 printf(
"toserver chunk 2 returned %" PRId32
", expected 0: ", r);
728 if (ssh_state == NULL) {
729 printf(
"no ssh state: ");
732 void *tx = SCSshStateGetTx(ssh_state, 0);
733 if (SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished) {
734 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
737 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
750 static int SSHParserTest12(
void)
754 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
755 uint32_t sshlen1 =
sizeof(sshbuf1) - 1;
756 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x03,0x01, 17, 0x00};
757 uint32_t sshlen2 =
sizeof(sshbuf2);
758 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03,0x01, 21, 0x00};
759 uint32_t sshlen3 =
sizeof(sshbuf3);
763 memset(&f, 0,
sizeof(f));
764 memset(&ssn, 0,
sizeof(ssn));
772 STREAM_TOSERVER, sshbuf1, sshlen1);
774 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
780 printf(
"toserver chunk 2 returned %" PRId32
", expected 0: ", r);
786 printf(
"toserver chunk 3 returned %" PRId32
", expected 0: ", r);
791 if (ssh_state == NULL) {
792 printf(
"no ssh state: ");
795 void *tx = SCSshStateGetTx(ssh_state, 0);
796 if (SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished) {
797 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
800 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
813 static int SSHParserTest13(
void)
821 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
822 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x02, 0x01, 17};
823 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x02, 0x01, 21};
825 uint8_t* sshbufs[3] = {sshbuf1, sshbuf2, sshbuf3};
826 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3)};
828 memset(&
tv, 0x00,
sizeof(
tv));
836 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
839 f->
proto = IPPROTO_TCP;
844 p->
proto = IPPROTO_TCP;
848 for (
int i=0; i<3; i++) {
856 void *tx = SCSshStateGetTx(ssh_state, 0);
857 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished);
859 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
869 static int SSHParserTest14(
void)
877 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
878 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x10, 0x01, 17, 0x00};
879 uint8_t sshbuf3[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};
880 uint8_t sshbuf4[] = { 0x09, 0x10, 0x11, 0x12, 0x13, 0x00};
882 uint8_t sshbuf5[] = { 0x00, 0x00, 0x02, 0x01, 21};
884 uint8_t* sshbufs[5] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4, sshbuf5};
885 uint32_t sshlens[5] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3),
sizeof(sshbuf4),
sizeof(sshbuf5)};
887 memset(&
tv, 0x00,
sizeof(
tv));
895 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
898 f->
proto = IPPROTO_TCP;
903 p->
proto = IPPROTO_TCP;
907 for (
int i=0; i<5; i++) {
915 void *tx = SCSshStateGetTx(ssh_state, 0);
916 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished);
918 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
928 static int SSHParserTest15(
void)
936 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
937 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x10, 0x01, 17, 0x00};
938 uint8_t sshbuf3[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};
939 uint8_t sshbuf4[] = { 0x09, 0x10, 0x11, 0x12, 0x13, 0x00};
940 uint8_t sshbuf5[] = { 0x00, 0x00, 0x02, 0x01, 20, 0x00, 0x00, 0x00, 0x02, 0x01, 21};
942 uint8_t* sshbufs[5] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4, sshbuf5};
943 uint32_t sshlens[5] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3),
sizeof(sshbuf4),
sizeof(sshbuf5)};
945 memset(&
tv, 0x00,
sizeof(
tv));
953 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
956 f->
proto = IPPROTO_TCP;
961 p->
proto = IPPROTO_TCP;
965 for (
int i=0; i<5; i++) {
973 void *tx = SCSshStateGetTx(ssh_state, 0);
974 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished);
976 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
986 static int SSHParserTest16(
void)
994 uint8_t sshbuf1[] =
"SSH-";
995 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
996 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03,0x01, 21, 0x00};
998 uint8_t* sshbufs[3] = {sshbuf1, sshbuf2, sshbuf3};
999 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3)};
1001 memset(&
tv, 0x00,
sizeof(
tv));
1009 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1012 f->
proto = IPPROTO_TCP;
1017 p->
proto = IPPROTO_TCP;
1021 for (
int i=0; i<3; i++) {
1029 void *tx = SCSshStateGetTx(ssh_state, 0);
1030 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1032 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
1042 static int SSHParserTest17(
void)
1050 uint8_t sshbuf1[] =
"SSH-";
1051 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
1052 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 17, 0x00};
1053 uint8_t sshbuf4[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
1055 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1056 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3),
sizeof(sshbuf4)};
1058 memset(&
tv, 0x00,
sizeof(
tv));
1066 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1069 f->
proto = IPPROTO_TCP;
1074 p->
proto = IPPROTO_TCP;
1078 for (
int i=0; i<4; i++) {
1086 void *tx = SCSshStateGetTx(ssh_state, 0);
1087 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1089 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
1099 static int SSHParserTest18(
void)
1107 uint8_t server1[] =
"SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu3\r\n";
1108 uint8_t sshbuf1[] =
"SSH-";
1109 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
1110 uint8_t server2[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00 };
1111 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00 };
1114 memset(&
tv, 0x00,
sizeof(
tv));
1122 uint8_t* sshbufs[5] = {server1, sshbuf1, sshbuf2, server2, sshbuf3};
1123 uint32_t sshlens[5] = {
sizeof(server1) - 1,
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) -1,
sizeof(server2) - 1,
sizeof(sshbuf3)};
1124 bool sshdirs[5] = {
true,
false,
false,
true,
false};
1126 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1129 f->
proto = IPPROTO_TCP;
1134 p->
proto = IPPROTO_TCP;
1137 uint32_t seqcli = 2;
1138 uint32_t seqsrv = 2;
1139 for (
int i=0; i<5; i++) {
1142 seqsrv += sshlens[i];
1146 seqcli += sshlens[i];
1153 void *tx = SCSshStateGetTx(ssh_state, 0);
1154 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1166 static int SSHParserTest19(
void)
1174 uint8_t sshbuf1[] =
"SSH-";
1175 uint8_t sshbuf2[] =
"2.0-";
1176 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1177 "abcdefghijklmnopqrstuvwxyz"
1178 "abcdefghijklmnopqrstuvwxyz"
1179 "abcdefghijklmnopqrstuvwxyz"
1180 "abcdefghijklmnopqrstuvwxyz"
1181 "abcdefghijklmnopqrstuvwxyz"
1182 "abcdefghijklmnopqrstuvwxyz"
1183 "abcdefghijklmnopqrstuvwxyz"
1184 "abcdefghijklmnopqrstuvwxyz"
1186 uint8_t sshbuf4[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
1188 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1189 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4)};
1191 memset(&
tv, 0x00,
sizeof(
tv));
1199 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1202 f->
proto = IPPROTO_TCP;
1207 p->
proto = IPPROTO_TCP;
1211 for (
int i=0; i<4; i++) {
1219 void *tx = SCSshStateGetTx(ssh_state, 0);
1220 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1222 sshbuf3[
sizeof(sshbuf3) - 2] = 0;
1223 FAIL_IF(SSHParserTestUtilCheck(
"2.0", (
char *)sshbuf3, tx, STREAM_TOCLIENT));
1234 static int SSHParserTest20(
void)
1242 uint8_t sshbuf1[] =
"SSH-";
1243 uint8_t sshbuf2[] =
"2.0-";
1244 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1245 "abcdefghijklmnopqrstuvwxyz"
1246 "abcdefghijklmnopqrstuvwxyz"
1247 "abcdefghijklmnopqrstuvwxyz"
1248 "abcdefghijklmnopqrstuvwxyz"
1249 "abcdefghijklmnopqrstuvwxyz"
1250 "abcdefghijklmnopqrstuvwxyz"
1251 "abcdefghijklmnopqrstuvwxyz"
1252 "abcdefghijklmnopqrstuvwxyz"
1254 uint8_t sshbuf4[] = {
'a',
'b',
'c',
'd',
'e',
'f',
'\r',
1255 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00, 0x00, 0x00};
1257 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1258 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4) - 1};
1260 memset(&
tv, 0x00,
sizeof(
tv));
1268 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1271 f->
proto = IPPROTO_TCP;
1276 p->
proto = IPPROTO_TCP;
1280 for (
int i=0; i<4; i++) {
1288 void *tx = SCSshStateGetTx(ssh_state, 0);
1289 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1291 FAIL_IF(SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOCLIENT));
1302 static int SSHParserTest21(
void)
1310 uint8_t sshbuf1[] =
"SSH-";
1311 uint8_t sshbuf2[] =
"2.0-";
1312 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1313 "abcdefghijklmnopqrstuvwxyz"
1314 "abcdefghijklmnopqrstuvwxyz"
1315 "abcdefghijklmnopqrstuvwxyz"
1316 "abcdefghijklmnopqrstuvwxyz"
1317 "abcdefghijklmnopqrstuvwxyz"
1318 "abcdefghijklmnopqrstuvwxyz"
1319 "abcdefghijklmnopqrstuvwxyz"
1320 "abcdefghijklmnopqrstuvwxy";
1321 uint8_t sshbuf4[] = {
'l',
'i',
'b',
's',
's',
'h',
'\r',
1322 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00, 0x00, 0x00};
1324 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1325 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4)};
1327 memset(&
tv, 0x00,
sizeof(
tv));
1335 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1338 f->
proto = IPPROTO_TCP;
1343 p->
proto = IPPROTO_TCP;
1347 for (
int i=0; i<4; i++) {
1355 void *tx = SCSshStateGetTx(ssh_state, 0);
1356 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1358 FAIL_IF(SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOCLIENT));
1369 static int SSHParserTest22(
void)
1377 uint8_t sshbuf1[] =
"SSH-";
1378 uint8_t sshbuf2[] =
"2.0-";
1379 uint8_t sshbuf3[] = {
1380 'l',
'i',
'b',
's',
's',
'h',
'\r',
1382 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1383 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1384 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1385 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1386 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1388 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1389 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1390 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1391 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1392 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1394 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1395 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1396 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1397 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1398 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1400 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1401 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1402 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1403 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1404 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1406 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1407 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1408 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1409 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1410 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1412 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1413 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1414 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1415 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1416 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00, 0x00, 0x00, 0x00,
1420 uint8_t* sshbufs[3] = {sshbuf1, sshbuf2, sshbuf3};
1421 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1};
1423 memset(&
tv, 0x00,
sizeof(
tv));
1431 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1434 f->
proto = IPPROTO_TCP;
1439 p->
proto = IPPROTO_TCP;
1443 for (
int i=0; i<3; i++) {
1451 void *tx = SCSshStateGetTx(ssh_state, 0);
1452 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1454 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"libssh", tx, STREAM_TOCLIENT));
1464 static int SSHParserTest23(
void)
1468 uint8_t sshbuf[] =
"SSH-2.0\r-MySSHClient-0.5.1\n";
1469 uint32_t sshlen =
sizeof(sshbuf) - 1;
1473 memset(&f, 0,
sizeof(f));
1474 memset(&ssn, 0,
sizeof(ssn));
1482 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1484 printf(
"toclient chunk 1 returned 0 expected non null: ");
1498 static int SSHParserTest24(
void)
1502 uint8_t sshbuf[] =
"SSH-2.0-\rMySSHClient-0.5.1\n";
1503 uint32_t sshlen =
sizeof(sshbuf) - 1;
1507 memset(&f, 0,
sizeof(f));
1508 memset(&ssn, 0,
sizeof(ssn));
1516 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1518 printf(
"toclient chunk 1 returned %" PRId32
", expected 0: ", r);
1523 if (ssh_state == NULL) {
1524 printf(
"no ssh state: ");
1527 void *tx = SCSshStateGetTx(ssh_state, 0);
1528 if (SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateBannerDone) {
1529 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
1532 if (SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOSERVER))
1545 static int SSHParserTest25(
void)
1548 uint8_t sshbuf[] =
"\n";
1549 uint32_t sshlen =
sizeof(sshbuf) - 1;
1554 memset(&f, 0,
sizeof(f));
1555 memset(&ssn, 0,
sizeof(ssn));
1563 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1568 void *tx = SCSshStateGetTx(ssh_state, 0);
1569 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) == SshStateBannerDone);
1570 const uint8_t *dummy = NULL;
1571 uint32_t dummy_len = 0;
1572 FAIL_IF(SCSshTxGetSoftware(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0);
1591 UtRegisterTest(
"SSHParserTest07 - ToServer 2 chunks", SSHParserTest07);
1592 UtRegisterTest(
"SSHParserTest08 - ToServer 3 chunks", SSHParserTest08);
1593 UtRegisterTest(
"SSHParserTest09 - ToClient 2 chunks", SSHParserTest09);
1594 UtRegisterTest(
"SSHParserTest10 - ToClient 3 chunks", SSHParserTest10);
1595 UtRegisterTest(
"SSHParserTest11 - ToClient 4 chunks", SSHParserTest11);
1596 UtRegisterTest(
"SSHParserTest12 - ToClient 4 chunks", SSHParserTest12);
1597 UtRegisterTest(
"SSHParserTest13 - ToClient 4 chunks", SSHParserTest13);
1598 UtRegisterTest(
"SSHParserTest14 - ToClient 4 chunks", SSHParserTest14);