58 #define SSH_CONFIG_DEFAULT_HASSH false
60 static int SSHRegisterPatternsForProtocolDetection(
void)
63 "SSH-", 4, 0, STREAM_TOSERVER) < 0)
68 "SSH-", 4, 0, STREAM_TOCLIENT) < 0)
77 return rs_ssh_tx_get_log_condition(tx);
84 const char *proto_name =
"ssh";
88 if (SSHRegisterPatternsForProtocolDetection() < 0)
93 const char *strval = NULL;
94 if (
ConfGet(
"app-layer.protocols.ssh.hassh", &strval) != 1) {
96 }
else if (strcmp(strval,
"auto") == 0) {
105 rs_ssh_enable_hassh();
110 rs_ssh_register_parser();
124 static int SSHParserTestUtilCheck(
const char *protoexp,
const char *softexp,
void *tx, uint8_t
flags) {
127 const uint8_t *software = NULL;
130 if (rs_ssh_tx_get_protocol(tx, &
protocol, &p_len,
flags) != 1) {
131 printf(
"Version string not parsed correctly return: ");
135 printf(
"Version string not parsed correctly NULL: ");
139 if (p_len != strlen(protoexp)) {
140 printf(
"Version string not parsed correctly length: ");
143 if (memcmp(
protocol, protoexp, strlen(protoexp)) != 0) {
144 printf(
"Version string not parsed correctly: ");
148 if (softexp != NULL) {
149 if (rs_ssh_tx_get_software(tx, &software, &s_len,
flags) != 1)
151 if (software == NULL)
153 if (s_len != strlen(softexp)) {
154 printf(
"Software string not parsed correctly length: ");
157 if (memcmp(software, softexp, strlen(softexp)) != 0) {
158 printf(
"Software string not parsed correctly: ");
166 static int SSHParserTest01(
void)
170 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1\n";
171 uint32_t sshlen =
sizeof(sshbuf) - 1;
175 memset(&f, 0,
sizeof(f));
176 memset(&ssn, 0,
sizeof(ssn));
184 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
186 printf(
"toclient chunk 1 returned %" PRId32
", expected 0: ", r);
191 if (ssh_state == NULL) {
192 printf(
"no ssh state: ");
196 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
197 if ( rs_ssh_tx_get_alstate_progress(tx, STREAM_TOSERVER) != SshStateBannerDone ) {
198 printf(
"Client version string not parsed: ");
202 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
217 static int SSHParserTest02(
void)
221 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1 some comments...\n";
222 uint32_t sshlen =
sizeof(sshbuf) - 1;
226 memset(&f, 0,
sizeof(f));
227 memset(&ssn, 0,
sizeof(ssn));
235 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
237 printf(
"toclient chunk 1 returned %" PRId32
", expected 0: ", r);
242 if (ssh_state == NULL) {
243 printf(
"no ssh state: ");
246 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
248 if ( rs_ssh_tx_get_alstate_progress(tx, STREAM_TOSERVER) != SshStateBannerDone ) {
249 printf(
"Client version string not parsed: ");
252 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
267 static int SSHParserTest03(
void)
271 uint8_t sshbuf[] =
"SSH-2.0 some comments...\n";
272 uint32_t sshlen =
sizeof(sshbuf) - 1;
276 memset(&f, 0,
sizeof(f));
277 memset(&ssn, 0,
sizeof(ssn));
285 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
287 printf(
"toclient chunk 1 returned %" PRId32
", expected != 0: ", r);
292 if (ssh_state == NULL) {
293 printf(
"no ssh state: ");
296 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
298 if ( rs_ssh_tx_get_alstate_progress(tx, STREAM_TOSERVER) == SshStateBannerDone ) {
299 printf(
"Client version string parsed? It's not a valid string: ");
302 const uint8_t *dummy = NULL;
303 uint32_t dummy_len = 0;
304 if (rs_ssh_tx_get_protocol(tx, &dummy, &dummy_len, STREAM_TOSERVER) != 0)
306 if (rs_ssh_tx_get_software(tx, &dummy, &dummy_len, STREAM_TOSERVER) != 0)
319 static int SSHParserTest04(
void)
323 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1\n";
324 uint32_t sshlen =
sizeof(sshbuf) - 1;
328 memset(&f, 0,
sizeof(f));
329 memset(&ssn, 0,
sizeof(ssn));
337 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
339 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
344 if (ssh_state == NULL) {
345 printf(
"no ssh state: ");
348 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
350 if ( rs_ssh_tx_get_alstate_progress(tx, STREAM_TOCLIENT) != SshStateBannerDone ) {
351 printf(
"Client version string not parsed: ");
354 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT))
369 static int SSHParserTest05(
void)
373 uint8_t sshbuf[] =
"SSH-2.0-MySSHClient-0.5.1 some comments...\n";
374 uint32_t sshlen =
sizeof(sshbuf) - 1;
378 memset(&f, 0,
sizeof(f));
379 memset(&ssn, 0,
sizeof(ssn));
387 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
389 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
394 if (ssh_state == NULL) {
395 printf(
"no ssh state: ");
398 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
400 if ( rs_ssh_tx_get_alstate_progress(tx, STREAM_TOCLIENT) != SshStateBannerDone ) {
401 printf(
"Client version string not parsed: ");
404 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT))
418 static int SSHParserTest06(
void)
422 uint8_t sshbuf[] =
"SSH-2.0 some comments...\n";
423 uint32_t sshlen =
sizeof(sshbuf) - 1;
427 memset(&f, 0,
sizeof(f));
428 memset(&ssn, 0,
sizeof(ssn));
436 STREAM_TOCLIENT | STREAM_EOF, sshbuf, sshlen);
438 printf(
"toserver chunk 1 returned %" PRId32
", expected != 0: ", r);
444 if (ssh_state == NULL) {
445 printf(
"no ssh state: ");
448 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
450 if ( rs_ssh_tx_get_alstate_progress(tx, STREAM_TOCLIENT) == SshStateBannerDone ) {
451 printf(
"Client version string parsed? It's not a valid string: ");
454 const uint8_t *dummy = NULL;
455 uint32_t dummy_len = 0;
456 if (rs_ssh_tx_get_protocol(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0)
458 if (rs_ssh_tx_get_software(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0)
471 #define MAX_SSH_TEST_SIZE 512
473 static int SSHParserTest07(
void)
483 memset(&
tv, 0x00,
sizeof(
tv));
491 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
494 f->
proto = IPPROTO_TCP;
499 p->
proto = IPPROTO_TCP;
503 for (
int i=0; i<2; i++) {
505 seq += strlen(sshbufs[i]);
511 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
512 FAIL_IF( rs_ssh_tx_get_alstate_progress(tx, STREAM_TOSERVER) != SshStateBannerDone );
514 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
524 static int SSHParserTest08(
void)
534 memset(&
tv, 0x00,
sizeof(
tv));
542 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
545 f->
proto = IPPROTO_TCP;
550 p->
proto = IPPROTO_TCP;
554 for (
int i=0; i<3; i++) {
556 seq += strlen(sshbufs[i]);
562 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
563 FAIL_IF( rs_ssh_tx_get_alstate_progress(tx, STREAM_TOSERVER) != SshStateBannerDone );
565 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
574 static int SSHParserTest09(
void)
584 memset(&
tv, 0x00,
sizeof(
tv));
592 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
595 f->
proto = IPPROTO_TCP;
600 p->
proto = IPPROTO_TCP;
604 for (
int i=0; i<2; i++) {
606 seq += strlen(sshbufs[i]);
612 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
613 FAIL_IF( rs_ssh_tx_get_alstate_progress(tx, STREAM_TOCLIENT) != SshStateBannerDone );
615 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
625 static int SSHParserTest10(
void)
635 memset(&
tv, 0x00,
sizeof(
tv));
643 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
646 f->
proto = IPPROTO_TCP;
651 p->
proto = IPPROTO_TCP;
655 for (
int i=0; i<3; i++) {
657 seq += strlen(sshbufs[i]);
663 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
664 FAIL_IF( rs_ssh_tx_get_alstate_progress(tx, STREAM_TOCLIENT) != SshStateBannerDone );
666 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
676 static int SSHParserTest11(
void)
680 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
681 uint32_t sshlen1 =
sizeof(sshbuf1) - 1;
682 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
683 uint32_t sshlen2 =
sizeof(sshbuf2);
687 memset(&f, 0,
sizeof(f));
688 memset(&ssn, 0,
sizeof(ssn));
696 STREAM_TOSERVER, sshbuf1, sshlen1);
698 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
704 printf(
"toserver chunk 2 returned %" PRId32
", expected 0: ", r);
709 if (ssh_state == NULL) {
710 printf(
"no ssh state: ");
713 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
714 if ( rs_ssh_tx_get_flags(tx, STREAM_TOSERVER) != SshStateFinished ) {
715 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
718 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
731 static int SSHParserTest12(
void)
735 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
736 uint32_t sshlen1 =
sizeof(sshbuf1) - 1;
737 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x03,0x01, 17, 0x00};
738 uint32_t sshlen2 =
sizeof(sshbuf2);
739 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03,0x01, 21, 0x00};
740 uint32_t sshlen3 =
sizeof(sshbuf3);
744 memset(&f, 0,
sizeof(f));
745 memset(&ssn, 0,
sizeof(ssn));
753 STREAM_TOSERVER, sshbuf1, sshlen1);
755 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
761 printf(
"toserver chunk 2 returned %" PRId32
", expected 0: ", r);
767 printf(
"toserver chunk 3 returned %" PRId32
", expected 0: ", r);
772 if (ssh_state == NULL) {
773 printf(
"no ssh state: ");
776 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
777 if ( rs_ssh_tx_get_flags(tx, STREAM_TOSERVER) != SshStateFinished ) {
778 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
781 if (SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER))
794 static int SSHParserTest13(
void)
802 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
803 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x02, 0x01, 17};
804 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x02, 0x01, 21};
806 uint8_t* sshbufs[3] = {sshbuf1, sshbuf2, sshbuf3};
807 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3)};
809 memset(&
tv, 0x00,
sizeof(
tv));
817 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
820 f->
proto = IPPROTO_TCP;
825 p->
proto = IPPROTO_TCP;
829 for (
int i=0; i<3; i++) {
837 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
838 FAIL_IF( rs_ssh_tx_get_flags(tx, STREAM_TOSERVER) != SshStateFinished );
840 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
850 static int SSHParserTest14(
void)
858 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
859 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x10, 0x01, 17, 0x00};
860 uint8_t sshbuf3[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};
861 uint8_t sshbuf4[] = { 0x09, 0x10, 0x11, 0x12, 0x13, 0x00};
863 uint8_t sshbuf5[] = { 0x00, 0x00, 0x02, 0x01, 21};
865 uint8_t* sshbufs[5] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4, sshbuf5};
866 uint32_t sshlens[5] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3),
sizeof(sshbuf4),
sizeof(sshbuf5)};
868 memset(&
tv, 0x00,
sizeof(
tv));
876 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
879 f->
proto = IPPROTO_TCP;
884 p->
proto = IPPROTO_TCP;
888 for (
int i=0; i<5; i++) {
896 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
897 FAIL_IF( rs_ssh_tx_get_flags(tx, STREAM_TOSERVER) != SshStateFinished );
899 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
909 static int SSHParserTest15(
void)
917 uint8_t sshbuf1[] =
"SSH-2.0-MySSHClient-0.5.1\r\n";
918 uint8_t sshbuf2[] = { 0x00, 0x00, 0x00, 0x10, 0x01, 17, 0x00};
919 uint8_t sshbuf3[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};
920 uint8_t sshbuf4[] = { 0x09, 0x10, 0x11, 0x12, 0x13, 0x00};
921 uint8_t sshbuf5[] = { 0x00, 0x00, 0x02, 0x01, 20, 0x00, 0x00, 0x00, 0x02, 0x01, 21};
923 uint8_t* sshbufs[5] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4, sshbuf5};
924 uint32_t sshlens[5] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2),
sizeof(sshbuf3),
sizeof(sshbuf4),
sizeof(sshbuf5)};
926 memset(&
tv, 0x00,
sizeof(
tv));
934 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
937 f->
proto = IPPROTO_TCP;
942 p->
proto = IPPROTO_TCP;
946 for (
int i=0; i<5; i++) {
954 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
955 FAIL_IF( rs_ssh_tx_get_flags(tx, STREAM_TOSERVER) != SshStateFinished );
957 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOSERVER));
967 static int SSHParserTest16(
void)
975 uint8_t sshbuf1[] =
"SSH-";
976 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
977 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03,0x01, 21, 0x00};
979 uint8_t* sshbufs[3] = {sshbuf1, sshbuf2, sshbuf3};
980 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3)};
982 memset(&
tv, 0x00,
sizeof(
tv));
990 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
993 f->
proto = IPPROTO_TCP;
998 p->
proto = IPPROTO_TCP;
1002 for (
int i=0; i<3; i++) {
1010 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
1011 FAIL_IF( rs_ssh_tx_get_flags(tx, STREAM_TOCLIENT) != SshStateFinished );
1013 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
1023 static int SSHParserTest17(
void)
1031 uint8_t sshbuf1[] =
"SSH-";
1032 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
1033 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 17, 0x00};
1034 uint8_t sshbuf4[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
1036 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1037 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3),
sizeof(sshbuf4)};
1039 memset(&
tv, 0x00,
sizeof(
tv));
1047 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1050 f->
proto = IPPROTO_TCP;
1055 p->
proto = IPPROTO_TCP;
1059 for (
int i=0; i<4; i++) {
1067 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
1068 FAIL_IF( rs_ssh_tx_get_flags(tx, STREAM_TOCLIENT) != SshStateFinished );
1070 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"MySSHClient-0.5.1", tx, STREAM_TOCLIENT));
1080 static int SSHParserTest18(
void)
1088 uint8_t server1[] =
"SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu3\r\n";
1089 uint8_t sshbuf1[] =
"SSH-";
1090 uint8_t sshbuf2[] =
"2.0-MySSHClient-0.5.1\r\n";
1091 uint8_t server2[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00 };
1092 uint8_t sshbuf3[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00 };
1095 memset(&
tv, 0x00,
sizeof(
tv));
1103 uint8_t* sshbufs[5] = {server1, sshbuf1, sshbuf2, server2, sshbuf3};
1104 uint32_t sshlens[5] = {
sizeof(server1) - 1,
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) -1,
sizeof(server2) - 1,
sizeof(sshbuf3)};
1105 bool sshdirs[5] = {
true,
false,
false,
true,
false};
1107 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1110 f->
proto = IPPROTO_TCP;
1115 p->
proto = IPPROTO_TCP;
1118 uint32_t seqcli = 2;
1119 uint32_t seqsrv = 2;
1120 for (
int i=0; i<5; i++) {
1123 seqsrv += sshlens[i];
1127 seqcli += sshlens[i];
1134 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
1135 FAIL_IF( rs_ssh_tx_get_flags(tx, STREAM_TOCLIENT) != SshStateFinished );
1147 static int SSHParserTest19(
void)
1155 uint8_t sshbuf1[] =
"SSH-";
1156 uint8_t sshbuf2[] =
"2.0-";
1157 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1158 "abcdefghijklmnopqrstuvwxyz"
1159 "abcdefghijklmnopqrstuvwxyz"
1160 "abcdefghijklmnopqrstuvwxyz"
1161 "abcdefghijklmnopqrstuvwxyz"
1162 "abcdefghijklmnopqrstuvwxyz"
1163 "abcdefghijklmnopqrstuvwxyz"
1164 "abcdefghijklmnopqrstuvwxyz"
1165 "abcdefghijklmnopqrstuvwxyz"
1167 uint8_t sshbuf4[] = { 0x00, 0x00, 0x00, 0x03, 0x01, 21, 0x00};
1169 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1170 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4)};
1172 memset(&
tv, 0x00,
sizeof(
tv));
1180 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1183 f->
proto = IPPROTO_TCP;
1188 p->
proto = IPPROTO_TCP;
1192 for (
int i=0; i<4; i++) {
1200 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
1201 FAIL_IF( rs_ssh_tx_get_flags(tx, STREAM_TOCLIENT) != SshStateFinished );
1203 sshbuf3[
sizeof(sshbuf3) - 2] = 0;
1204 FAIL_IF(SSHParserTestUtilCheck(
"2.0", (
char *)sshbuf3, tx, STREAM_TOCLIENT));
1215 static int SSHParserTest20(
void)
1223 uint8_t sshbuf1[] =
"SSH-";
1224 uint8_t sshbuf2[] =
"2.0-";
1225 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1226 "abcdefghijklmnopqrstuvwxyz"
1227 "abcdefghijklmnopqrstuvwxyz"
1228 "abcdefghijklmnopqrstuvwxyz"
1229 "abcdefghijklmnopqrstuvwxyz"
1230 "abcdefghijklmnopqrstuvwxyz"
1231 "abcdefghijklmnopqrstuvwxyz"
1232 "abcdefghijklmnopqrstuvwxyz"
1233 "abcdefghijklmnopqrstuvwxyz"
1235 uint8_t sshbuf4[] = {
'a',
'b',
'c',
'd',
'e',
'f',
'\r',
1236 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00, 0x00, 0x00};
1238 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1239 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4) - 1};
1241 memset(&
tv, 0x00,
sizeof(
tv));
1249 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1252 f->
proto = IPPROTO_TCP;
1257 p->
proto = IPPROTO_TCP;
1261 for (
int i=0; i<4; i++) {
1269 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
1270 FAIL_IF( rs_ssh_tx_get_flags(tx, STREAM_TOCLIENT) != SshStateFinished );
1272 FAIL_IF(SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOCLIENT));
1283 static int SSHParserTest21(
void)
1291 uint8_t sshbuf1[] =
"SSH-";
1292 uint8_t sshbuf2[] =
"2.0-";
1293 uint8_t sshbuf3[] =
"abcdefghijklmnopqrstuvwxyz"
1294 "abcdefghijklmnopqrstuvwxyz"
1295 "abcdefghijklmnopqrstuvwxyz"
1296 "abcdefghijklmnopqrstuvwxyz"
1297 "abcdefghijklmnopqrstuvwxyz"
1298 "abcdefghijklmnopqrstuvwxyz"
1299 "abcdefghijklmnopqrstuvwxyz"
1300 "abcdefghijklmnopqrstuvwxyz"
1301 "abcdefghijklmnopqrstuvwxy";
1302 uint8_t sshbuf4[] = {
'l',
'i',
'b',
's',
's',
'h',
'\r',
1303 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00, 0x00, 0x00};
1305 uint8_t* sshbufs[4] = {sshbuf1, sshbuf2, sshbuf3, sshbuf4};
1306 uint32_t sshlens[4] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1,
sizeof(sshbuf4)};
1308 memset(&
tv, 0x00,
sizeof(
tv));
1316 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1319 f->
proto = IPPROTO_TCP;
1324 p->
proto = IPPROTO_TCP;
1328 for (
int i=0; i<4; i++) {
1336 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
1337 FAIL_IF( rs_ssh_tx_get_flags(tx, STREAM_TOCLIENT) != SshStateFinished );
1339 FAIL_IF(SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOCLIENT));
1350 static int SSHParserTest22(
void)
1358 uint8_t sshbuf1[] =
"SSH-";
1359 uint8_t sshbuf2[] =
"2.0-";
1360 uint8_t sshbuf3[] = {
1361 'l',
'i',
'b',
's',
's',
'h',
'\r',
1363 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1364 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1365 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1366 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1367 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1369 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1370 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1371 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1372 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1373 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1375 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1376 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1377 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1378 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1379 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1381 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1382 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1383 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1384 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1385 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1387 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1388 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1389 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1390 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1391 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1393 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1394 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1395 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1396 0x00, 0x00, 0x00, 0x06, 0x01, 17, 0x00, 0x00, 0x00, 0x00,
1397 0x00, 0x00, 0x00, 0x06, 0x01, 21, 0x00, 0x00, 0x00, 0x00,
1401 uint8_t* sshbufs[3] = {sshbuf1, sshbuf2, sshbuf3};
1402 uint32_t sshlens[3] = {
sizeof(sshbuf1) - 1,
sizeof(sshbuf2) - 1,
sizeof(sshbuf3) - 1};
1404 memset(&
tv, 0x00,
sizeof(
tv));
1412 f =
UTHBuildFlow(AF_INET,
"1.1.1.1",
"2.2.2.2", 1234, 2222);
1415 f->
proto = IPPROTO_TCP;
1420 p->
proto = IPPROTO_TCP;
1424 for (
int i=0; i<3; i++) {
1432 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
1433 FAIL_IF( rs_ssh_tx_get_flags(tx, STREAM_TOCLIENT) != SshStateFinished );
1435 FAIL_IF(SSHParserTestUtilCheck(
"2.0",
"libssh", tx, STREAM_TOCLIENT));
1445 static int SSHParserTest23(
void)
1449 uint8_t sshbuf[] =
"SSH-2.0\r-MySSHClient-0.5.1\n";
1450 uint32_t sshlen =
sizeof(sshbuf) - 1;
1454 memset(&f, 0,
sizeof(f));
1455 memset(&ssn, 0,
sizeof(ssn));
1463 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1465 printf(
"toclient chunk 1 returned 0 expected non null: ");
1479 static int SSHParserTest24(
void)
1483 uint8_t sshbuf[] =
"SSH-2.0-\rMySSHClient-0.5.1\n";
1484 uint32_t sshlen =
sizeof(sshbuf) - 1;
1488 memset(&f, 0,
sizeof(f));
1489 memset(&ssn, 0,
sizeof(ssn));
1497 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1499 printf(
"toclient chunk 1 returned %" PRId32
", expected 0: ", r);
1504 if (ssh_state == NULL) {
1505 printf(
"no ssh state: ");
1508 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
1509 if ( rs_ssh_tx_get_flags(tx, STREAM_TOSERVER) != SshStateBannerDone ) {
1510 printf(
"Didn't detect the msg code of new keys (ciphered data starts): ");
1513 if (SSHParserTestUtilCheck(
"2.0", NULL, tx, STREAM_TOSERVER))
1526 static int SSHParserTest25(
void)
1529 uint8_t sshbuf[] =
"\n";
1530 uint32_t sshlen =
sizeof(sshbuf) - 1;
1535 memset(&f, 0,
sizeof(f));
1536 memset(&ssn, 0,
sizeof(ssn));
1544 STREAM_TOSERVER | STREAM_EOF, sshbuf, sshlen);
1549 void * tx = rs_ssh_state_get_tx(ssh_state, 0);
1550 FAIL_IF( rs_ssh_tx_get_flags(tx, STREAM_TOSERVER) == SshStateBannerDone );
1551 const uint8_t *dummy = NULL;
1552 uint32_t dummy_len = 0;
1553 FAIL_IF (rs_ssh_tx_get_software(tx, &dummy, &dummy_len, STREAM_TOCLIENT) != 0);
1572 UtRegisterTest(
"SSHParserTest07 - ToServer 2 chunks", SSHParserTest07);
1573 UtRegisterTest(
"SSHParserTest08 - ToServer 3 chunks", SSHParserTest08);
1574 UtRegisterTest(
"SSHParserTest09 - ToClient 2 chunks", SSHParserTest09);
1575 UtRegisterTest(
"SSHParserTest10 - ToClient 3 chunks", SSHParserTest10);
1576 UtRegisterTest(
"SSHParserTest11 - ToClient 4 chunks", SSHParserTest11);
1577 UtRegisterTest(
"SSHParserTest12 - ToClient 4 chunks", SSHParserTest12);
1578 UtRegisterTest(
"SSHParserTest13 - ToClient 4 chunks", SSHParserTest13);
1579 UtRegisterTest(
"SSHParserTest14 - ToClient 4 chunks", SSHParserTest14);