57 #define SSH_CONFIG_DEFAULT_HASSH false
59 #define SSH_CONFIG_DEFAULT_ENCRYPTION_BYPASS SSH_HANDLE_ENCRYPTION_TRACK_ONLY
61 static int SSHRegisterPatternsForProtocolDetection(
void)
64 IPPROTO_TCP,
ALPROTO_SSH,
"SSH-", 4, 0, STREAM_TOSERVER) < 0) {
68 IPPROTO_TCP,
ALPROTO_SSH,
"SSH-", 4, 0, STREAM_TOCLIENT) < 0) {
76 return SCSshTxGetLogCondition(tx);
83 const char *proto_name =
"ssh";
87 if (SSHRegisterPatternsForProtocolDetection() < 0)
92 const char *strval = NULL;
93 if (
SCConfGet(
"app-layer.protocols.ssh.hassh", &strval) != 1) {
95 }
else if (strcmp(strval,
"auto") == 0) {
109 if (encryption_node != NULL && encryption_node->
val != NULL) {
110 if (strcmp(encryption_node->
val,
"full") == 0) {
111 encryption_bypass = SSH_HANDLE_ENCRYPTION_FULL;
112 }
else if (strcmp(encryption_node->
val,
"track-only") == 0) {
113 encryption_bypass = SSH_HANDLE_ENCRYPTION_TRACK_ONLY;
114 }
else if (strcmp(encryption_node->
val,
"bypass") == 0) {
115 encryption_bypass = SSH_HANDLE_ENCRYPTION_BYPASS;
121 if (encryption_bypass) {
122 SCLogConfig(
"ssh: bypass on the start of encryption enabled");
123 SCSshEnableBypass(encryption_bypass);
128 SCRegisterSshParser();
141 static int SSHParserTestUtilCheck(
const char *protoexp,
const char *softexp,
void *tx, uint8_t
flags) {
144 const uint8_t *software = NULL;
148 printf(
"Version string not parsed correctly return: ");
152 printf(
"Version string not parsed correctly NULL: ");
156 if (p_len != strlen(protoexp)) {
157 printf(
"Version string not parsed correctly length: ");
160 if (memcmp(
protocol, protoexp, strlen(protoexp)) != 0) {
161 printf(
"Version string not parsed correctly: ");
165 if (softexp != NULL) {
166 if (SCSshTxGetSoftware(tx, &software, &s_len,
flags) != 1)
168 if (software == NULL)
170 if (s_len != strlen(softexp)) {
171 printf(
"Software string not parsed correctly length: ");
174 if (memcmp(software, softexp, strlen(softexp)) != 0) {
175 printf(
"Software string not parsed correctly: ");
183 static int SSHParserTest01(
void)
186 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1\n";
187 uint32_t sshlen =
sizeof(sshbuf) - 1;
191 memset(&f, 0,
sizeof(f));
192 memset(&ssn, 0,
sizeof(ssn));
195 f.
proto = IPPROTO_TCP;
201 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
207 void *tx = SCSshStateGetTx(ssh_state, 0);
209 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone);
210 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
221 static int SSHParserTest02(
void)
225 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1 some comments...\n";
226 uint32_t sshlen =
sizeof(sshbuf) - 1;
230 memset(&f, 0,
sizeof(f));
231 memset(&ssn, 0,
sizeof(ssn));
234 f.
proto = IPPROTO_TCP;
240 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
242 printf(
"toclient chunk 1 returned %" PRId32
", expected 0: ", r);
247 if (ssh_state == NULL) {
248 printf(
"no ssh state: ");
251 void *tx = SCSshStateGetTx(ssh_state, 0);
253 if (SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone) {
254 printf(
"Client version string not parsed: ");
257 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
272 static int SSHParserTest03(
void)
276 uint8_t sshbuf[] =
"SSH-2.0 some comments...\n";
277 uint32_t sshlen =
sizeof(sshbuf) - 1;
281 memset(&f, 0,
sizeof(f));
282 memset(&ssn, 0,
sizeof(ssn));
285 f.
proto = IPPROTO_TCP;
291 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
293 printf(
"toclient chunk 1 returned %" PRId32
", expected != 0: ", r);
298 if (ssh_state == NULL) {
299 printf(
"no ssh state: ");
302 void *tx = SCSshStateGetTx(ssh_state, 0);
304 if (SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) == SshStateBannerDone) {
305 printf(
"Client version string parsed? It's not a valid string: ");
308 const uint8_t *dummy = NULL;
309 uint32_t dummy_len = 0;
310 if (SCSshTxGetProtocol(tx, &dummy, &dummy_len, STREAM_TOSERVER) != 0)
312 if (SCSshTxGetSoftware(tx, &dummy, &dummy_len, STREAM_TOSERVER) != 0)
325 static int SSHParserTest04(
void)
329 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1\n";
330 uint32_t sshlen =
sizeof(sshbuf) - 1;
334 memset(&f, 0,
sizeof(f));
335 memset(&ssn, 0,
sizeof(ssn));
338 f.
proto = IPPROTO_TCP;
344 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
346 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
351 if (ssh_state == NULL) {
352 printf(
"no ssh state: ");
355 void *tx = SCSshStateGetTx(ssh_state, 0);
357 if (SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone) {
358 printf(
"Client version string not parsed: ");
361 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT))
376 static int SSHParserTest05(
void)
380 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1 some comments...\n";
381 uint32_t sshlen =
sizeof(sshbuf) - 1;
385 memset(&f, 0,
sizeof(f));
386 memset(&ssn, 0,
sizeof(ssn));
389 f.
proto = IPPROTO_TCP;
395 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
397 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
402 if (ssh_state == NULL) {
403 printf(
"no ssh state: ");
406 void *tx = SCSshStateGetTx(ssh_state, 0);
408 if (SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone) {
409 printf(
"Client version string not parsed: ");
412 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT))
426 static int SSHParserTest06(
void)
430 uint8_t sshbuf[] =
"SSH-2.0 some comments...\n";
431 uint32_t sshlen =
sizeof(sshbuf) - 1;
435 memset(&f, 0,
sizeof(f));
436 memset(&ssn, 0,
sizeof(ssn));
439 f.
proto = IPPROTO_TCP;
445 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
447 printf(
"toserver chunk 1 returned %" PRId32
", expected != 0: ", r);
453 if (ssh_state == NULL) {
454 printf(
"no ssh state: ");
457 void *tx = SCSshStateGetTx(ssh_state, 0);
459 if (SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) == SshStateBannerDone) {
460 printf(
"Client version string parsed? It's not a valid string: ");
463 const uint8_t *dummy = NULL;
464 uint32_t dummy_len = 0;
465 if (SCSshTxGetProtocol(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0)
467 if (SCSshTxGetSoftware(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0)
479 #define MAX_SSH_TEST_SIZE 512
481 static int SSHParserTest07(
void)
491 memset(&
tv, 0x00,
sizeof(
tv));
499 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
502 f->
proto = IPPROTO_TCP;
507 p->
proto = IPPROTO_TCP;
511 for (
int i=0; i<2; i++) {
513 seq += strlen(sshbufs[i]);
519 void *tx = SCSshStateGetTx(ssh_state, 0);
520 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone);
522 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
532 static int SSHParserTest08(
void)
542 memset(&
tv, 0x00,
sizeof(
tv));
550 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
553 f->
proto = IPPROTO_TCP;
558 p->
proto = IPPROTO_TCP;
562 for (
int i=0; i<3; i++) {
564 seq += strlen(sshbufs[i]);
570 void *tx = SCSshStateGetTx(ssh_state, 0);
571 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone);
573 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
582 static int SSHParserTest09(
void)
592 memset(&
tv, 0x00,
sizeof(
tv));
600 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
603 f->
proto = IPPROTO_TCP;
608 p->
proto = IPPROTO_TCP;
612 for (
int i=0; i<2; i++) {
614 seq += strlen(sshbufs[i]);
620 void *tx = SCSshStateGetTx(ssh_state, 0);
621 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone);
623 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
633 static int SSHParserTest10(
void)
643 memset(&
tv, 0x00,
sizeof(
tv));
651 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
654 f->
proto = IPPROTO_TCP;
659 p->
proto = IPPROTO_TCP;
663 for (
int i=0; i<3; i++) {
665 seq += strlen(sshbufs[i]);
671 void *tx = SCSshStateGetTx(ssh_state, 0);
672 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone);
674 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
684 static int SSHParserTest11(
void)
688 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
689 uint32_t sshlen1 =
sizeof(sshbuf1) - 1;
690 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
691 uint32_t sshlen2 =
sizeof(sshbuf2);
695 memset(&f, 0,
sizeof(f));
696 memset(&ssn, 0,
sizeof(ssn));
699 f.
proto = IPPROTO_TCP;
705 STREAM_TOSERVER, sshbuf1, sshlen1);
707 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
713 printf(
"toserver chunk 2 returned %" PRId32
", expected 0: ", r);
718 if (ssh_state == NULL) {
719 printf(
"no ssh state: ");
722 void *tx = SCSshStateGetTx(ssh_state, 0);
723 if (SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished) {
724 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
727 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
740 static int SSHParserTest12(
void)
744 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
745 uint32_t sshlen1 =
sizeof(sshbuf1) - 1;
746 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x03,0x01, 17, 0x00};
747 uint32_t sshlen2 =
sizeof(sshbuf2);
748 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03,0x01, 21, 0x00};
749 uint32_t sshlen3 =
sizeof(sshbuf3);
753 memset(&f, 0,
sizeof(f));
754 memset(&ssn, 0,
sizeof(ssn));
757 f.
proto = IPPROTO_TCP;
763 STREAM_TOSERVER, sshbuf1, sshlen1);
765 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
771 printf(
"toserver chunk 2 returned %" PRId32
", expected 0: ", r);
777 printf(
"toserver chunk 3 returned %" PRId32
", expected 0: ", r);
782 if (ssh_state == NULL) {
783 printf(
"no ssh state: ");
786 void *tx = SCSshStateGetTx(ssh_state, 0);
787 if (SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished) {
788 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
791 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
804 static int SSHParserTest13(
void)
812 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
813 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x02, 0x01, 17};
814 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x02, 0x01, 21};
816 uint8_t* sshbufs[3] = {sshbuf1, sshbuf2, sshbuf3};
817 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3)};
819 memset(&
tv, 0x00,
sizeof(
tv));
827 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
830 f->
proto = IPPROTO_TCP;
835 p->
proto = IPPROTO_TCP;
839 for (
int i=0; i<3; i++) {
847 void *tx = SCSshStateGetTx(ssh_state, 0);
848 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished);
850 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
860 static int SSHParserTest14(
void)
868 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
869 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x10, 0x01, 17, 0x00};
870 uint8_t sshbuf3[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};
871 uint8_t sshbuf4[] = { 0x09, 0x10, 0x11, 0x12, 0x13, 0x00};
873 uint8_t sshbuf5[] = { 0x00, 0x00, 0x02, 0x01, 21};
875 uint8_t* sshbufs[5] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4, sshbuf5};
876 uint32_t sshlens[5] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3),
sizeof(sshbuf4),
sizeof(sshbuf5)};
878 memset(&
tv, 0x00,
sizeof(
tv));
886 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
889 f->
proto = IPPROTO_TCP;
894 p->
proto = IPPROTO_TCP;
898 for (
int i=0; i<5; i++) {
906 void *tx = SCSshStateGetTx(ssh_state, 0);
907 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished);
909 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
919 static int SSHParserTest15(
void)
927 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
928 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x10, 0x01, 17, 0x00};
929 uint8_t sshbuf3[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};
930 uint8_t sshbuf4[] = { 0x09, 0x10, 0x11, 0x12, 0x13, 0x00};
931 uint8_t sshbuf5[] = { 0x00, 0x00, 0x02, 0x01, 20, 0x00, 0x00, 0x00, 0x02, 0x01, 21};
933 uint8_t* sshbufs[5] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4, sshbuf5};
934 uint32_t sshlens[5] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3),
sizeof(sshbuf4),
sizeof(sshbuf5)};
936 memset(&
tv, 0x00,
sizeof(
tv));
944 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
947 f->
proto = IPPROTO_TCP;
952 p->
proto = IPPROTO_TCP;
956 for (
int i=0; i<5; i++) {
964 void *tx = SCSshStateGetTx(ssh_state, 0);
965 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished);
967 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
977 static int SSHParserTest16(
void)
985 uint8_t sshbuf1[] =
"SSH-";
986 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
987 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03,0x01, 21, 0x00};
989 uint8_t* sshbufs[3] = {sshbuf1, sshbuf2, sshbuf3};
990 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3)};
992 memset(&
tv, 0x00,
sizeof(
tv));
1000 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1003 f->
proto = IPPROTO_TCP;
1008 p->
proto = IPPROTO_TCP;
1012 for (
int i=0; i<3; i++) {
1020 void *tx = SCSshStateGetTx(ssh_state, 0);
1021 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1023 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
1033 static int SSHParserTest17(
void)
1041 uint8_t sshbuf1[] =
"SSH-";
1042 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
1043 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 17, 0x00};
1044 uint8_t sshbuf4[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
1046 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1047 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3),
sizeof(sshbuf4)};
1049 memset(&
tv, 0x00,
sizeof(
tv));
1057 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1060 f->
proto = IPPROTO_TCP;
1065 p->
proto = IPPROTO_TCP;
1069 for (
int i=0; i<4; i++) {
1077 void *tx = SCSshStateGetTx(ssh_state, 0);
1078 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1080 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
1090 static int SSHParserTest18(
void)
1098 uint8_t server1[] =
"SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu3\r\n";
1099 uint8_t sshbuf1[] =
"SSH-";
1100 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
1101 uint8_t server2[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00 };
1102 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00 };
1105 memset(&
tv, 0x00,
sizeof(
tv));
1113 uint8_t* sshbufs[5] = {server1, sshbuf1, sshbuf2, server2, sshbuf3};
1114 uint32_t sshlens[5] = {
sizeof(server1) - 1,
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) -1,
sizeof(server2) - 1,
sizeof(sshbuf3)};
1115 bool sshdirs[5] = {
true,
false,
false,
true,
false};
1117 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1120 f->
proto = IPPROTO_TCP;
1125 p->
proto = IPPROTO_TCP;
1128 uint32_t seqcli = 2;
1129 uint32_t seqsrv = 2;
1130 for (
int i=0; i<5; i++) {
1133 seqsrv += sshlens[i];
1137 seqcli += sshlens[i];
1144 void *tx = SCSshStateGetTx(ssh_state, 0);
1145 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1157 static int SSHParserTest19(
void)
1165 uint8_t sshbuf1[] =
"SSH-";
1166 uint8_t sshbuf2[] =
"2.0-";
1167 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1168 "abcdefghijklmnopqrstuvwxyz"
1169 "abcdefghijklmnopqrstuvwxyz"
1170 "abcdefghijklmnopqrstuvwxyz"
1171 "abcdefghijklmnopqrstuvwxyz"
1172 "abcdefghijklmnopqrstuvwxyz"
1173 "abcdefghijklmnopqrstuvwxyz"
1174 "abcdefghijklmnopqrstuvwxyz"
1175 "abcdefghijklmnopqrstuvwxyz"
1177 uint8_t sshbuf4[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
1179 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1180 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4)};
1182 memset(&
tv, 0x00,
sizeof(
tv));
1190 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1193 f->
proto = IPPROTO_TCP;
1198 p->
proto = IPPROTO_TCP;
1202 for (
int i=0; i<4; i++) {
1210 void *tx = SCSshStateGetTx(ssh_state, 0);
1211 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1213 sshbuf3[
sizeof(sshbuf3) - 2] = 0;
1214 FAIL_IF(SSHParserTestUtilCheck(
"2.0", (
char *)sshbuf3, tx, STREAM_TOCLIENT));
1225 static int SSHParserTest20(
void)
1233 uint8_t sshbuf1[] =
"SSH-";
1234 uint8_t sshbuf2[] =
"2.0-";
1235 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1236 "abcdefghijklmnopqrstuvwxyz"
1237 "abcdefghijklmnopqrstuvwxyz"
1238 "abcdefghijklmnopqrstuvwxyz"
1239 "abcdefghijklmnopqrstuvwxyz"
1240 "abcdefghijklmnopqrstuvwxyz"
1241 "abcdefghijklmnopqrstuvwxyz"
1242 "abcdefghijklmnopqrstuvwxyz"
1243 "abcdefghijklmnopqrstuvwxyz"
1245 uint8_t sshbuf4[] = {
'a',
'b',
'c',
'd',
'e',
'f',
'\r',
1246 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00, 0x00, 0x00};
1248 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1249 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4) - 1};
1251 memset(&
tv, 0x00,
sizeof(
tv));
1259 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1262 f->
proto = IPPROTO_TCP;
1267 p->
proto = IPPROTO_TCP;
1271 for (
int i=0; i<4; i++) {
1279 void *tx = SCSshStateGetTx(ssh_state, 0);
1280 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1282 FAIL_IF(SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOCLIENT));
1293 static int SSHParserTest21(
void)
1301 uint8_t sshbuf1[] =
"SSH-";
1302 uint8_t sshbuf2[] =
"2.0-";
1303 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1304 "abcdefghijklmnopqrstuvwxyz"
1305 "abcdefghijklmnopqrstuvwxyz"
1306 "abcdefghijklmnopqrstuvwxyz"
1307 "abcdefghijklmnopqrstuvwxyz"
1308 "abcdefghijklmnopqrstuvwxyz"
1309 "abcdefghijklmnopqrstuvwxyz"
1310 "abcdefghijklmnopqrstuvwxyz"
1311 "abcdefghijklmnopqrstuvwxy";
1312 uint8_t sshbuf4[] = {
'l',
'i',
'b',
's',
's',
'h',
'\r',
1313 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00, 0x00, 0x00};
1315 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1316 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4)};
1318 memset(&
tv, 0x00,
sizeof(
tv));
1326 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1329 f->
proto = IPPROTO_TCP;
1334 p->
proto = IPPROTO_TCP;
1338 for (
int i=0; i<4; i++) {
1346 void *tx = SCSshStateGetTx(ssh_state, 0);
1347 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1349 FAIL_IF(SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOCLIENT));
1360 static int SSHParserTest22(
void)
1368 uint8_t sshbuf1[] =
"SSH-";
1369 uint8_t sshbuf2[] =
"2.0-";
1370 uint8_t sshbuf3[] = {
1371 'l',
'i',
'b',
's',
's',
'h',
'\r',
1373 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17,
1374 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00,
1375 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00,
1378 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17,
1379 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00,
1380 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00,
1383 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17,
1384 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00,
1385 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00,
1388 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17,
1389 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00,
1390 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00,
1393 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17,
1394 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00,
1395 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00,
1398 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17,
1399 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00,
1400 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00,
1404 uint8_t *sshbufs[3] = { sshbuf1, sshbuf2, sshbuf3 };
1405 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1 };
1407 memset(&
tv, 0x00,
sizeof(
tv));
1415 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1418 f->
proto = IPPROTO_TCP;
1423 p->
proto = IPPROTO_TCP;
1427 for (
int i = 0; i < 3; i++) {
1429 &
tv, ra_ctx, &ssn.
server,
seq, sshbufs[i], sshlens[i]) == -1);
1437 void *tx = SCSshStateGetTx(ssh_state, 0);
1438 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1440 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"libssh", tx, STREAM_TOCLIENT));
1450 static int SSHParserTest23(
void)
1454 uint8_t sshbuf[] =
"SSH-2.0\r-MySSHClient-0.5.1\n";
1455 uint32_t sshlen =
sizeof(sshbuf) - 1;
1459 memset(&f, 0,
sizeof(f));
1460 memset(&ssn, 0,
sizeof(ssn));
1463 f.
proto = IPPROTO_TCP;
1469 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1471 printf(
"toclient chunk 1 returned 0 expected non null: ");
1485 static int SSHParserTest24(
void)
1489 uint8_t sshbuf[] =
"SSH-2.0-\rMySSHClient-0.5.1\n";
1490 uint32_t sshlen =
sizeof(sshbuf) - 1;
1494 memset(&f, 0,
sizeof(f));
1495 memset(&ssn, 0,
sizeof(ssn));
1498 f.
proto = IPPROTO_TCP;
1504 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1506 printf(
"toclient chunk 1 returned %" PRId32
", expected 0: ", r);
1511 if (ssh_state == NULL) {
1512 printf(
"no ssh state: ");
1515 void *tx = SCSshStateGetTx(ssh_state, 0);
1516 if (SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateBannerDone) {
1517 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
1520 if (SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOSERVER))
1533 static int SSHParserTest25(
void)
1536 uint8_t sshbuf[] =
"\n";
1537 uint32_t sshlen =
sizeof(sshbuf) - 1;
1542 memset(&f, 0,
sizeof(f));
1543 memset(&ssn, 0,
sizeof(ssn));
1546 f.
proto = IPPROTO_TCP;
1552 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1557 void *tx = SCSshStateGetTx(ssh_state, 0);
1558 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) == SshStateBannerDone);
1559 const uint8_t *dummy = NULL;
1560 uint32_t dummy_len = 0;
1561 FAIL_IF(SCSshTxGetSoftware(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0);
1580 UtRegisterTest(
"SSHParserTest07 - ToServer 2 chunks", SSHParserTest07);
1581 UtRegisterTest(
"SSHParserTest08 - ToServer 3 chunks", SSHParserTest08);
1582 UtRegisterTest(
"SSHParserTest09 - ToClient 2 chunks", SSHParserTest09);
1583 UtRegisterTest(
"SSHParserTest10 - ToClient 3 chunks", SSHParserTest10);
1584 UtRegisterTest(
"SSHParserTest11 - ToClient 4 chunks", SSHParserTest11);
1585 UtRegisterTest(
"SSHParserTest12 - ToClient 4 chunks", SSHParserTest12);
1586 UtRegisterTest(
"SSHParserTest13 - ToClient 4 chunks", SSHParserTest13);
1587 UtRegisterTest(
"SSHParserTest14 - ToClient 4 chunks", SSHParserTest14);