57 #define SSH_CONFIG_DEFAULT_HASSH false
59 #define SSH_CONFIG_DEFAULT_ENCRYPTION_BYPASS SSH_HANDLE_ENCRYPTION_TRACK_ONLY
61 static int SSHRegisterPatternsForProtocolDetection(
void)
64 IPPROTO_TCP,
ALPROTO_SSH,
"SSH-", 4, 0, STREAM_TOSERVER) < 0) {
68 IPPROTO_TCP,
ALPROTO_SSH,
"SSH-", 4, 0, STREAM_TOCLIENT) < 0) {
76 return SCSshTxGetLogCondition(tx);
83 const char *proto_name =
"ssh";
87 if (SSHRegisterPatternsForProtocolDetection() < 0)
92 const char *strval = NULL;
93 if (
SCConfGet(
"app-layer.protocols.ssh.hassh", &strval) != 1) {
95 }
else if (strcmp(strval,
"auto") == 0) {
109 if (encryption_node != NULL && encryption_node->
val != NULL) {
110 if (strcmp(encryption_node->
val,
"full") == 0) {
111 encryption_bypass = SSH_HANDLE_ENCRYPTION_FULL;
112 }
else if (strcmp(encryption_node->
val,
"track-only") == 0) {
113 encryption_bypass = SSH_HANDLE_ENCRYPTION_TRACK_ONLY;
114 }
else if (strcmp(encryption_node->
val,
"bypass") == 0) {
115 encryption_bypass = SSH_HANDLE_ENCRYPTION_BYPASS;
121 if (encryption_bypass) {
122 SCLogConfig(
"ssh: bypass on the start of encryption enabled");
123 SCSshEnableBypass(encryption_bypass);
128 SCRegisterSshParser();
141 static int SSHParserTestUtilCheck(
const char *protoexp,
const char *softexp,
void *tx, uint8_t
flags) {
144 const uint8_t *software = NULL;
148 printf(
"Version string not parsed correctly return: ");
152 printf(
"Version string not parsed correctly NULL: ");
156 if (p_len != strlen(protoexp)) {
157 printf(
"Version string not parsed correctly length: ");
160 if (memcmp(
protocol, protoexp, strlen(protoexp)) != 0) {
161 printf(
"Version string not parsed correctly: ");
165 if (softexp != NULL) {
166 if (SCSshTxGetSoftware(tx, &software, &s_len,
flags) != 1)
168 if (software == NULL)
170 if (s_len != strlen(softexp)) {
171 printf(
"Software string not parsed correctly length: ");
174 if (memcmp(software, softexp, strlen(softexp)) != 0) {
175 printf(
"Software string not parsed correctly: ");
183 static int SSHParserTest01(
void)
187 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1\n";
188 uint32_t sshlen =
sizeof(sshbuf) - 1;
192 memset(&f, 0,
sizeof(f));
193 memset(&ssn, 0,
sizeof(ssn));
201 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
203 printf(
"toclient chunk 1 returned %" PRId32
", expected 0: ", r);
208 if (ssh_state == NULL) {
209 printf(
"no ssh state: ");
213 void *tx = SCSshStateGetTx(ssh_state, 0);
214 if (SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone) {
215 printf(
"Client version string not parsed: ");
219 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
234 static int SSHParserTest02(
void)
238 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1 some comments...\n";
239 uint32_t sshlen =
sizeof(sshbuf) - 1;
243 memset(&f, 0,
sizeof(f));
244 memset(&ssn, 0,
sizeof(ssn));
252 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
254 printf(
"toclient chunk 1 returned %" PRId32
", expected 0: ", r);
259 if (ssh_state == NULL) {
260 printf(
"no ssh state: ");
263 void *tx = SCSshStateGetTx(ssh_state, 0);
265 if (SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone) {
266 printf(
"Client version string not parsed: ");
269 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
284 static int SSHParserTest03(
void)
288 uint8_t sshbuf[] =
"SSH-2.0 some comments...\n";
289 uint32_t sshlen =
sizeof(sshbuf) - 1;
293 memset(&f, 0,
sizeof(f));
294 memset(&ssn, 0,
sizeof(ssn));
302 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
304 printf(
"toclient chunk 1 returned %" PRId32
", expected != 0: ", r);
309 if (ssh_state == NULL) {
310 printf(
"no ssh state: ");
313 void *tx = SCSshStateGetTx(ssh_state, 0);
315 if (SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) == SshStateBannerDone) {
316 printf(
"Client version string parsed? It's not a valid string: ");
319 const uint8_t *dummy = NULL;
320 uint32_t dummy_len = 0;
321 if (SCSshTxGetProtocol(tx, &dummy, &dummy_len, STREAM_TOSERVER) != 0)
323 if (SCSshTxGetSoftware(tx, &dummy, &dummy_len, STREAM_TOSERVER) != 0)
336 static int SSHParserTest04(
void)
340 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1\n";
341 uint32_t sshlen =
sizeof(sshbuf) - 1;
345 memset(&f, 0,
sizeof(f));
346 memset(&ssn, 0,
sizeof(ssn));
354 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
356 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
361 if (ssh_state == NULL) {
362 printf(
"no ssh state: ");
365 void *tx = SCSshStateGetTx(ssh_state, 0);
367 if (SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone) {
368 printf(
"Client version string not parsed: ");
371 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT))
386 static int SSHParserTest05(
void)
390 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1 some comments...\n";
391 uint32_t sshlen =
sizeof(sshbuf) - 1;
395 memset(&f, 0,
sizeof(f));
396 memset(&ssn, 0,
sizeof(ssn));
404 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
406 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
411 if (ssh_state == NULL) {
412 printf(
"no ssh state: ");
415 void *tx = SCSshStateGetTx(ssh_state, 0);
417 if (SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone) {
418 printf(
"Client version string not parsed: ");
421 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT))
435 static int SSHParserTest06(
void)
439 uint8_t sshbuf[] =
"SSH-2.0 some comments...\n";
440 uint32_t sshlen =
sizeof(sshbuf) - 1;
444 memset(&f, 0,
sizeof(f));
445 memset(&ssn, 0,
sizeof(ssn));
453 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
455 printf(
"toserver chunk 1 returned %" PRId32
", expected != 0: ", r);
461 if (ssh_state == NULL) {
462 printf(
"no ssh state: ");
465 void *tx = SCSshStateGetTx(ssh_state, 0);
467 if (SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) == SshStateBannerDone) {
468 printf(
"Client version string parsed? It's not a valid string: ");
471 const uint8_t *dummy = NULL;
472 uint32_t dummy_len = 0;
473 if (SCSshTxGetProtocol(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0)
475 if (SCSshTxGetSoftware(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0)
488 #define MAX_SSH_TEST_SIZE 512
490 static int SSHParserTest07(
void)
500 memset(&
tv, 0x00,
sizeof(
tv));
508 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
511 f->
proto = IPPROTO_TCP;
516 p->
proto = IPPROTO_TCP;
520 for (
int i=0; i<2; i++) {
522 seq += strlen(sshbufs[i]);
528 void *tx = SCSshStateGetTx(ssh_state, 0);
529 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone);
531 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
541 static int SSHParserTest08(
void)
551 memset(&
tv, 0x00,
sizeof(
tv));
559 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
562 f->
proto = IPPROTO_TCP;
567 p->
proto = IPPROTO_TCP;
571 for (
int i=0; i<3; i++) {
573 seq += strlen(sshbufs[i]);
579 void *tx = SCSshStateGetTx(ssh_state, 0);
580 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOSERVER) != SshStateBannerDone);
582 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
591 static int SSHParserTest09(
void)
601 memset(&
tv, 0x00,
sizeof(
tv));
609 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
612 f->
proto = IPPROTO_TCP;
617 p->
proto = IPPROTO_TCP;
621 for (
int i=0; i<2; i++) {
623 seq += strlen(sshbufs[i]);
629 void *tx = SCSshStateGetTx(ssh_state, 0);
630 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone);
632 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
642 static int SSHParserTest10(
void)
652 memset(&
tv, 0x00,
sizeof(
tv));
660 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
663 f->
proto = IPPROTO_TCP;
668 p->
proto = IPPROTO_TCP;
672 for (
int i=0; i<3; i++) {
674 seq += strlen(sshbufs[i]);
680 void *tx = SCSshStateGetTx(ssh_state, 0);
681 FAIL_IF(SCSshTxGetAlStateProgress(tx, STREAM_TOCLIENT) != SshStateBannerDone);
683 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
693 static int SSHParserTest11(
void)
697 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
698 uint32_t sshlen1 =
sizeof(sshbuf1) - 1;
699 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
700 uint32_t sshlen2 =
sizeof(sshbuf2);
704 memset(&f, 0,
sizeof(f));
705 memset(&ssn, 0,
sizeof(ssn));
713 STREAM_TOSERVER, sshbuf1, sshlen1);
715 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
721 printf(
"toserver chunk 2 returned %" PRId32
", expected 0: ", r);
726 if (ssh_state == NULL) {
727 printf(
"no ssh state: ");
730 void *tx = SCSshStateGetTx(ssh_state, 0);
731 if (SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished) {
732 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
735 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
748 static int SSHParserTest12(
void)
752 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
753 uint32_t sshlen1 =
sizeof(sshbuf1) - 1;
754 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x03,0x01, 17, 0x00};
755 uint32_t sshlen2 =
sizeof(sshbuf2);
756 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03,0x01, 21, 0x00};
757 uint32_t sshlen3 =
sizeof(sshbuf3);
761 memset(&f, 0,
sizeof(f));
762 memset(&ssn, 0,
sizeof(ssn));
770 STREAM_TOSERVER, sshbuf1, sshlen1);
772 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
778 printf(
"toserver chunk 2 returned %" PRId32
", expected 0: ", r);
784 printf(
"toserver chunk 3 returned %" PRId32
", expected 0: ", r);
789 if (ssh_state == NULL) {
790 printf(
"no ssh state: ");
793 void *tx = SCSshStateGetTx(ssh_state, 0);
794 if (SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished) {
795 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
798 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
811 static int SSHParserTest13(
void)
819 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
820 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x02, 0x01, 17};
821 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x02, 0x01, 21};
823 uint8_t* sshbufs[3] = {sshbuf1, sshbuf2, sshbuf3};
824 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3)};
826 memset(&
tv, 0x00,
sizeof(
tv));
834 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
837 f->
proto = IPPROTO_TCP;
842 p->
proto = IPPROTO_TCP;
846 for (
int i=0; i<3; i++) {
854 void *tx = SCSshStateGetTx(ssh_state, 0);
855 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished);
857 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
867 static int SSHParserTest14(
void)
875 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
876 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x10, 0x01, 17, 0x00};
877 uint8_t sshbuf3[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};
878 uint8_t sshbuf4[] = { 0x09, 0x10, 0x11, 0x12, 0x13, 0x00};
880 uint8_t sshbuf5[] = { 0x00, 0x00, 0x02, 0x01, 21};
882 uint8_t* sshbufs[5] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4, sshbuf5};
883 uint32_t sshlens[5] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3),
sizeof(sshbuf4),
sizeof(sshbuf5)};
885 memset(&
tv, 0x00,
sizeof(
tv));
893 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
896 f->
proto = IPPROTO_TCP;
901 p->
proto = IPPROTO_TCP;
905 for (
int i=0; i<5; i++) {
913 void *tx = SCSshStateGetTx(ssh_state, 0);
914 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished);
916 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
926 static int SSHParserTest15(
void)
934 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
935 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x10, 0x01, 17, 0x00};
936 uint8_t sshbuf3[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};
937 uint8_t sshbuf4[] = { 0x09, 0x10, 0x11, 0x12, 0x13, 0x00};
938 uint8_t sshbuf5[] = { 0x00, 0x00, 0x02, 0x01, 20, 0x00, 0x00, 0x00, 0x02, 0x01, 21};
940 uint8_t* sshbufs[5] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4, sshbuf5};
941 uint32_t sshlens[5] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3),
sizeof(sshbuf4),
sizeof(sshbuf5)};
943 memset(&
tv, 0x00,
sizeof(
tv));
951 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
954 f->
proto = IPPROTO_TCP;
959 p->
proto = IPPROTO_TCP;
963 for (
int i=0; i<5; i++) {
971 void *tx = SCSshStateGetTx(ssh_state, 0);
972 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateFinished);
974 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
984 static int SSHParserTest16(
void)
992 uint8_t sshbuf1[] =
"SSH-";
993 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
994 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03,0x01, 21, 0x00};
996 uint8_t* sshbufs[3] = {sshbuf1, sshbuf2, sshbuf3};
997 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3)};
999 memset(&
tv, 0x00,
sizeof(
tv));
1007 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1010 f->
proto = IPPROTO_TCP;
1015 p->
proto = IPPROTO_TCP;
1019 for (
int i=0; i<3; i++) {
1027 void *tx = SCSshStateGetTx(ssh_state, 0);
1028 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1030 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
1040 static int SSHParserTest17(
void)
1048 uint8_t sshbuf1[] =
"SSH-";
1049 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
1050 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 17, 0x00};
1051 uint8_t sshbuf4[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
1053 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1054 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3),
sizeof(sshbuf4)};
1056 memset(&
tv, 0x00,
sizeof(
tv));
1064 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1067 f->
proto = IPPROTO_TCP;
1072 p->
proto = IPPROTO_TCP;
1076 for (
int i=0; i<4; i++) {
1084 void *tx = SCSshStateGetTx(ssh_state, 0);
1085 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1087 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
1097 static int SSHParserTest18(
void)
1105 uint8_t server1[] =
"SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu3\r\n";
1106 uint8_t sshbuf1[] =
"SSH-";
1107 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
1108 uint8_t server2[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00 };
1109 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00 };
1112 memset(&
tv, 0x00,
sizeof(
tv));
1120 uint8_t* sshbufs[5] = {server1, sshbuf1, sshbuf2, server2, sshbuf3};
1121 uint32_t sshlens[5] = {
sizeof(server1) - 1,
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) -1,
sizeof(server2) - 1,
sizeof(sshbuf3)};
1122 bool sshdirs[5] = {
true,
false,
false,
true,
false};
1124 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1127 f->
proto = IPPROTO_TCP;
1132 p->
proto = IPPROTO_TCP;
1135 uint32_t seqcli = 2;
1136 uint32_t seqsrv = 2;
1137 for (
int i=0; i<5; i++) {
1140 seqsrv += sshlens[i];
1144 seqcli += sshlens[i];
1151 void *tx = SCSshStateGetTx(ssh_state, 0);
1152 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1164 static int SSHParserTest19(
void)
1172 uint8_t sshbuf1[] =
"SSH-";
1173 uint8_t sshbuf2[] =
"2.0-";
1174 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1175 "abcdefghijklmnopqrstuvwxyz"
1176 "abcdefghijklmnopqrstuvwxyz"
1177 "abcdefghijklmnopqrstuvwxyz"
1178 "abcdefghijklmnopqrstuvwxyz"
1179 "abcdefghijklmnopqrstuvwxyz"
1180 "abcdefghijklmnopqrstuvwxyz"
1181 "abcdefghijklmnopqrstuvwxyz"
1182 "abcdefghijklmnopqrstuvwxyz"
1184 uint8_t sshbuf4[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
1186 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1187 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4)};
1189 memset(&
tv, 0x00,
sizeof(
tv));
1197 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1200 f->
proto = IPPROTO_TCP;
1205 p->
proto = IPPROTO_TCP;
1209 for (
int i=0; i<4; i++) {
1217 void *tx = SCSshStateGetTx(ssh_state, 0);
1218 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1220 sshbuf3[
sizeof(sshbuf3) - 2] = 0;
1221 FAIL_IF(SSHParserTestUtilCheck(
"2.0", (
char *)sshbuf3, tx, STREAM_TOCLIENT));
1232 static int SSHParserTest20(
void)
1240 uint8_t sshbuf1[] =
"SSH-";
1241 uint8_t sshbuf2[] =
"2.0-";
1242 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1243 "abcdefghijklmnopqrstuvwxyz"
1244 "abcdefghijklmnopqrstuvwxyz"
1245 "abcdefghijklmnopqrstuvwxyz"
1246 "abcdefghijklmnopqrstuvwxyz"
1247 "abcdefghijklmnopqrstuvwxyz"
1248 "abcdefghijklmnopqrstuvwxyz"
1249 "abcdefghijklmnopqrstuvwxyz"
1250 "abcdefghijklmnopqrstuvwxyz"
1252 uint8_t sshbuf4[] = {
'a',
'b',
'c',
'd',
'e',
'f',
'\r',
1253 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00, 0x00, 0x00};
1255 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1256 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4) - 1};
1258 memset(&
tv, 0x00,
sizeof(
tv));
1266 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1269 f->
proto = IPPROTO_TCP;
1274 p->
proto = IPPROTO_TCP;
1278 for (
int i=0; i<4; i++) {
1286 void *tx = SCSshStateGetTx(ssh_state, 0);
1287 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1289 FAIL_IF(SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOCLIENT));
1300 static int SSHParserTest21(
void)
1308 uint8_t sshbuf1[] =
"SSH-";
1309 uint8_t sshbuf2[] =
"2.0-";
1310 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1311 "abcdefghijklmnopqrstuvwxyz"
1312 "abcdefghijklmnopqrstuvwxyz"
1313 "abcdefghijklmnopqrstuvwxyz"
1314 "abcdefghijklmnopqrstuvwxyz"
1315 "abcdefghijklmnopqrstuvwxyz"
1316 "abcdefghijklmnopqrstuvwxyz"
1317 "abcdefghijklmnopqrstuvwxyz"
1318 "abcdefghijklmnopqrstuvwxy";
1319 uint8_t sshbuf4[] = {
'l',
'i',
'b',
's',
's',
'h',
'\r',
1320 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00, 0x00, 0x00};
1322 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1323 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4)};
1325 memset(&
tv, 0x00,
sizeof(
tv));
1333 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1336 f->
proto = IPPROTO_TCP;
1341 p->
proto = IPPROTO_TCP;
1345 for (
int i=0; i<4; i++) {
1353 void *tx = SCSshStateGetTx(ssh_state, 0);
1354 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1356 FAIL_IF(SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOCLIENT));
1367 static int SSHParserTest22(
void)
1375 uint8_t sshbuf1[] =
"SSH-";
1376 uint8_t sshbuf2[] =
"2.0-";
1377 uint8_t sshbuf3[] = {
1378 'l',
'i',
'b',
's',
's',
'h',
'\r',
1380 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1381 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1382 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1383 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1384 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1386 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1387 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1388 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1389 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1390 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1392 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1393 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1394 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1395 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1396 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1398 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1399 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1400 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1401 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1402 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1404 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1405 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1406 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1407 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1408 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1410 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1411 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1412 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1413 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1414 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00, 0x00, 0x00, 0x00,
1418 uint8_t* sshbufs[3] = {sshbuf1, sshbuf2, sshbuf3};
1419 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1};
1421 memset(&
tv, 0x00,
sizeof(
tv));
1429 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1432 f->
proto = IPPROTO_TCP;
1437 p->
proto = IPPROTO_TCP;
1441 for (
int i=0; i<3; i++) {
1449 void *tx = SCSshStateGetTx(ssh_state, 0);
1450 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
1452 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"libssh", tx, STREAM_TOCLIENT));
1462 static int SSHParserTest23(
void)
1466 uint8_t sshbuf[] =
"SSH-2.0\r-MySSHClient-0.5.1\n";
1467 uint32_t sshlen =
sizeof(sshbuf) - 1;
1471 memset(&f, 0,
sizeof(f));
1472 memset(&ssn, 0,
sizeof(ssn));
1480 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1482 printf(
"toclient chunk 1 returned 0 expected non null: ");
1496 static int SSHParserTest24(
void)
1500 uint8_t sshbuf[] =
"SSH-2.0-\rMySSHClient-0.5.1\n";
1501 uint32_t sshlen =
sizeof(sshbuf) - 1;
1505 memset(&f, 0,
sizeof(f));
1506 memset(&ssn, 0,
sizeof(ssn));
1514 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1516 printf(
"toclient chunk 1 returned %" PRId32
", expected 0: ", r);
1521 if (ssh_state == NULL) {
1522 printf(
"no ssh state: ");
1525 void *tx = SCSshStateGetTx(ssh_state, 0);
1526 if (SCSshTxGetFlags(tx, STREAM_TOSERVER) != SshStateBannerDone) {
1527 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
1530 if (SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOSERVER))
1543 static int SSHParserTest25(
void)
1546 uint8_t sshbuf[] =
"\n";
1547 uint32_t sshlen =
sizeof(sshbuf) - 1;
1552 memset(&f, 0,
sizeof(f));
1553 memset(&ssn, 0,
sizeof(ssn));
1561 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1566 void *tx = SCSshStateGetTx(ssh_state, 0);
1567 FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOSERVER) == SshStateBannerDone);
1568 const uint8_t *dummy = NULL;
1569 uint32_t dummy_len = 0;
1570 FAIL_IF(SCSshTxGetSoftware(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0);
1589 UtRegisterTest(
"SSHParserTest07 - ToServer 2 chunks", SSHParserTest07);
1590 UtRegisterTest(
"SSHParserTest08 - ToServer 3 chunks", SSHParserTest08);
1591 UtRegisterTest(
"SSHParserTest09 - ToClient 2 chunks", SSHParserTest09);
1592 UtRegisterTest(
"SSHParserTest10 - ToClient 3 chunks", SSHParserTest10);
1593 UtRegisterTest(
"SSHParserTest11 - ToClient 4 chunks", SSHParserTest11);
1594 UtRegisterTest(
"SSHParserTest12 - ToClient 4 chunks", SSHParserTest12);
1595 UtRegisterTest(
"SSHParserTest13 - ToClient 4 chunks", SSHParserTest13);
1596 UtRegisterTest(
"SSHParserTest14 - ToClient 4 chunks", SSHParserTest14);