suricata
app-layer-ssl.c File Reference
#include "suricata-common.h"
#include "debug.h"
#include "decode.h"
#include "threads.h"
#include "stream-tcp-private.h"
#include "stream-tcp-reassemble.h"
#include "stream-tcp.h"
#include "stream.h"
#include "app-layer.h"
#include "app-layer-protos.h"
#include "app-layer-parser.h"
#include "app-layer-ssl.h"
#include "decode-events.h"
#include "conf.h"
#include "util-crypt.h"
#include "util-decode-der.h"
#include "util-decode-der-get.h"
#include "util-spm.h"
#include "util-unittest.h"
#include "util-debug.h"
#include "util-print.h"
#include "util-pool.h"
#include "util-byte.h"
#include "util-ja3.h"
#include "flow-util.h"
#include "flow-private.h"
Include dependency graph for app-layer-ssl.c:

Go to the source code of this file.

Data Structures

struct  SslConfig_
 

Macros

#define SSL_CONFIG_DEFAULT_JA3   0
 
#define SSLV3_CHANGE_CIPHER_SPEC   20
 
#define SSLV3_ALERT_PROTOCOL   21
 
#define SSLV3_HANDSHAKE_PROTOCOL   22
 
#define SSLV3_APPLICATION_PROTOCOL   23
 
#define SSLV3_HEARTBEAT_PROTOCOL   24
 
#define SSLV3_HS_HELLO_REQUEST   0
 
#define SSLV3_HS_CLIENT_HELLO   1
 
#define SSLV3_HS_SERVER_HELLO   2
 
#define SSLV3_HS_NEW_SESSION_TICKET   4
 
#define SSLV3_HS_CERTIFICATE   11
 
#define SSLV3_HS_SERVER_KEY_EXCHANGE   12
 
#define SSLV3_HS_CERTIFICATE_REQUEST   13
 
#define SSLV3_HS_SERVER_HELLO_DONE   14
 
#define SSLV3_HS_CERTIFICATE_VERIFY   15
 
#define SSLV3_HS_CLIENT_KEY_EXCHANGE   16
 
#define SSLV3_HS_FINISHED   20
 
#define SSLV3_HS_CERTIFICATE_URL   21
 
#define SSLV3_HS_CERTIFICATE_STATUS   22
 
#define SSLV2_MT_ERROR   0
 
#define SSLV2_MT_CLIENT_HELLO   1
 
#define SSLV2_MT_CLIENT_MASTER_KEY   2
 
#define SSLV2_MT_CLIENT_FINISHED   3
 
#define SSLV2_MT_SERVER_HELLO   4
 
#define SSLV2_MT_SERVER_VERIFY   5
 
#define SSLV2_MT_SERVER_FINISHED   6
 
#define SSLV2_MT_REQUEST_CERTIFICATE   7
 
#define SSLV2_MT_CLIENT_CERTIFICATE   8
 
#define SSLV3_RECORD_HDR_LEN   5
 
#define SSLV3_MESSAGE_HDR_LEN   4
 
#define SSLV3_CLIENT_HELLO_VERSION_LEN   2
 
#define SSLV3_CLIENT_HELLO_RANDOM_LEN   32
 
#define TLS_HB_REQUEST   1
 
#define TLS_HB_RESPONSE   2
 
#define SSL_RECORD_MINIMUM_LENGTH   6
 
#define SHA1_STRING_LENGTH   60
 
#define HAS_SPACE(n)   ((uint64_t)(input - initial_input) + (uint64_t)(n) > (uint64_t)(input_len)) ? 0 : 1
 

Typedefs

typedef struct SslConfig_ SslConfig
 

Enumerations

enum  SslConfigEncryptHandling { SSL_CNF_ENC_HANDLE_DEFAULT = 0, SSL_CNF_ENC_HANDLE_BYPASS = 1, SSL_CNF_ENC_HANDLE_FULL = 2 }
 

Functions

void SSLSetEvent (SSLState *ssl_state, uint8_t event)
 
void SSLVersionToString (uint16_t version, char *buffer)
 
void RegisterSSLParsers (void)
 Function to register the SSL protocol parser and other functions. More...
 
void SSLParserRegisterTests (void)
 

Variables

SCEnumCharMap tls_decoder_event_table []
 
SslConfig ssl_config
 

Detailed Description

Macro Definition Documentation

#define HAS_SPACE (   n)    ((uint64_t)(input - initial_input) + (uint64_t)(n) > (uint64_t)(input_len)) ? 0 : 1

Definition at line 149 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SHA1_STRING_LENGTH   60

Definition at line 147 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSL_CONFIG_DEFAULT_JA3   0

Definition at line 87 of file app-layer-ssl.c.

Referenced by RegisterSSLParsers().

#define SSL_RECORD_MINIMUM_LENGTH   6

Definition at line 145 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_CLIENT_CERTIFICATE   8

Definition at line 133 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_CLIENT_FINISHED   3

Definition at line 128 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_CLIENT_HELLO   1

Definition at line 126 of file app-layer-ssl.c.

Referenced by RegisterSSLParsers(), and SSLVersionToString().

#define SSLV2_MT_CLIENT_MASTER_KEY   2

Definition at line 127 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_ERROR   0

Definition at line 125 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_REQUEST_CERTIFICATE   7

Definition at line 132 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_SERVER_FINISHED   6

Definition at line 131 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_SERVER_HELLO   4

Definition at line 129 of file app-layer-ssl.c.

Referenced by RegisterSSLParsers(), and SSLVersionToString().

#define SSLV2_MT_SERVER_VERIFY   5

Definition at line 130 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_ALERT_PROTOCOL   21

Definition at line 104 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_APPLICATION_PROTOCOL   23

Definition at line 106 of file app-layer-ssl.c.

Referenced by RegisterSSLParsers(), and SSLVersionToString().

#define SSLV3_CHANGE_CIPHER_SPEC   20

Definition at line 103 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_CLIENT_HELLO_RANDOM_LEN   32

Definition at line 139 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_CLIENT_HELLO_VERSION_LEN   2

Definition at line 138 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HANDSHAKE_PROTOCOL   22

Definition at line 105 of file app-layer-ssl.c.

Referenced by RegisterSSLParsers(), and SSLVersionToString().

#define SSLV3_HEARTBEAT_PROTOCOL   24

Definition at line 107 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CERTIFICATE   11

Definition at line 114 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CERTIFICATE_REQUEST   13

Definition at line 116 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CERTIFICATE_STATUS   22

Definition at line 122 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CERTIFICATE_URL   21

Definition at line 121 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CERTIFICATE_VERIFY   15

Definition at line 118 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CLIENT_HELLO   1

Definition at line 111 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CLIENT_KEY_EXCHANGE   16

Definition at line 119 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_FINISHED   20

Definition at line 120 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_HELLO_REQUEST   0

Definition at line 110 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_NEW_SESSION_TICKET   4

Definition at line 113 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_SERVER_HELLO   2

Definition at line 112 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_SERVER_HELLO_DONE   14

Definition at line 117 of file app-layer-ssl.c.

#define SSLV3_HS_SERVER_KEY_EXCHANGE   12

Definition at line 115 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_MESSAGE_HDR_LEN   4

Definition at line 136 of file app-layer-ssl.c.

#define SSLV3_RECORD_HDR_LEN   5

Definition at line 135 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define TLS_HB_REQUEST   1

Definition at line 142 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define TLS_HB_RESPONSE   2

Definition at line 143 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

Typedef Documentation

typedef struct SslConfig_ SslConfig

Enumeration Type Documentation

Enumerator
SSL_CNF_ENC_HANDLE_DEFAULT 

disable raw content, continue tracking

SSL_CNF_ENC_HANDLE_BYPASS 

skip processing of flow, bypass if possible

SSL_CNF_ENC_HANDLE_FULL 

handle fully like any other proto

Definition at line 89 of file app-layer-ssl.c.

Function Documentation

void RegisterSSLParsers ( void  )

Function to register the SSL protocol parser and other functions.

SSLv2 and SSLv23

Definition at line 2820 of file app-layer-ssl.c.

References Flow_::alproto, ALPROTO_TLS, Flow_::alstate, APP_LAYER_PARSER_NO_INSPECTION, AppLayerParserConfParserEnabled(), AppLayerParserParse(), AppLayerParserRegisterDetectFlagsFuncs(), AppLayerParserRegisterDetectStateFuncs(), AppLayerParserRegisterGetEventInfo(), AppLayerParserRegisterGetEventsFunc(), AppLayerParserRegisterGetStateProgressCompletionStatus(), AppLayerParserRegisterGetStateProgressFunc(), AppLayerParserRegisterGetTx(), AppLayerParserRegisterGetTxCnt(), AppLayerParserRegisterLoggerFuncs(), AppLayerParserRegisterParser(), AppLayerParserRegisterParserAcceptableDataDirection(), AppLayerParserRegisterProtocolUnittests(), AppLayerParserRegisterStateFuncs(), AppLayerParserRegisterTxFreeFunc(), AppLayerParserThreadCtxAlloc(), AppLayerParserThreadCtxFree(), AppLayerProtoDetectConfProtoDetectionEnabled(), AppLayerProtoDetectPPParseConfPorts(), AppLayerProtoDetectPPRegister(), AppLayerProtoDetectRegisterProtocol(), SSLStateConnp_::bytes_processed, TcpSession_::client, SSLState_::client_connp, ConfGetBool(), ConfGetNode(), SSLStateConnp_::content_type, SslConfig_::enable_ja3, SslConfig_::encrypt_mode, FAIL_IF, FAIL_IF_NOT, FAIL_IF_NULL, TcpStream_::flags, SSLState_::flags, Flow_::flags, FLOW_DESTROY, FLOW_INITIALIZE, FLOW_NOPAYLOAD_INSPECTION, FLOWLOCK_UNLOCK, FLOWLOCK_WRLOCK, SSLStateConnp_::hs_bytes_processed, PASS, Flow_::proto, Flow_::protoctx, RunmodeIsUnittests(), SC_WARN_NO_JA3_SUPPORT, SCLogDebug, SCLogInfo, SCLogWarning, TcpSession_::server, SSLState_::server_connp, SSLStateConnp_::session_id, SSL_AL_FLAG_CHANGE_CIPHER_SPEC, SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC, SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC, SSL_AL_FLAG_SESSION_RESUMED, SSL_AL_FLAG_SSL_CLIENT_HS, SSL_AL_FLAG_SSL_NO_SESSION_ID, SSL_AL_FLAG_STATE_CLIENT_HELLO, SSL_AL_FLAG_STATE_CLIENT_KEYX, SSL_AL_FLAG_STATE_SERVER_HELLO, SSL_CNF_ENC_HANDLE_BYPASS, SSL_CNF_ENC_HANDLE_DEFAULT, SSL_CNF_ENC_HANDLE_FULL, SSL_CONFIG_DEFAULT_JA3, SSL_VERSION_2, SSL_VERSION_3, SSLParserRegisterTests(), SSLV2_MT_CLIENT_HELLO, SSLV2_MT_SERVER_HELLO, SSLV3_APPLICATION_PROTOCOL, SSLV3_HANDSHAKE_PROTOCOL, STREAM_EOF, STREAM_START, STREAM_TOCLIENT, STREAM_TOSERVER, STREAMTCP_STREAM_FLAG_NOREASSEMBLY, StreamTcpFreeConfig(), StreamTcpInitConfig(), TLS_VERSION_10, TRUE, ConfNode_::val, and SSLStateConnp_::version.

Referenced by AppLayerParserRegisterProtocolParsers(), and RegisterAllModules().

Here is the call graph for this function:

Here is the caller graph for this function:

void SSLParserRegisterTests ( void  )

Definition at line 5361 of file app-layer-ssl.c.

References UtRegisterTest().

Referenced by RegisterSSLParsers().

Here is the call graph for this function:

Here is the caller graph for this function:

void SSLVersionToString ( uint16_t  version,
char *  buffer 
)

Definition at line 265 of file app-layer-ssl.c.

References ALPROTO_FAILED, ALPROTO_TLS, ALPROTO_UNKNOWN, APP_LAYER_EVENT_TYPE_TRANSACTION, APP_LAYER_PARSER_BYPASS_READY, APP_LAYER_PARSER_EOF, APP_LAYER_PARSER_NO_INSPECTION, APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD, APP_LAYER_PARSER_NO_REASSEMBLY, AppLayerDecoderEventsFreeEvents(), AppLayerParserStateIssetFlag(), AppLayerParserStateSetFlag(), AppLayerParserTriggerRawStreamReassembly(), AppLayerProtoDetectPMRegisterPatternCS(), Asn1DerGetIssuerDN(), Asn1DerGetSerial(), Asn1DerGetSubjectDN(), Asn1DerGetValidity(), SSLStateConnp_::bytes_processed, SSLStateConnp_::cert0_fingerprint, SSLStateConnp_::cert0_issuerdn, SSLStateConnp_::cert0_not_after, SSLStateConnp_::cert0_not_before, SSLStateConnp_::cert0_serial, SSLStateConnp_::cert0_subject, SSLCertsChain_::cert_data, SSLCertsChain_::cert_len, SSLStateConnp_::cert_log_flag, SSLState_::client_connp, ComputeSHA1(), SSLStateConnp_::content_type, SSLState_::curr_connp, SSLState_::current_flags, SSLState_::de_state, DecodeDer(), SSLState_::decoder_events, DerFree(), DetectEngineStateFree(), SslConfig_::enable_ja3, SslConfig_::encrypt_mode, ERR_DER_ELEMENT_SIZE_TOO_BIG, ERR_DER_GENERIC, ERR_DER_INVALID_OBJECT, ERR_DER_INVALID_SIZE, ERR_DER_INVALID_TAG, ERR_DER_MISSING_ELEMENT, ERR_DER_RECURSION_LIMIT, ERR_DER_UNKNOWN_ELEMENT, ERR_DER_UNSUPPORTED_STRING, event_type, SSLState_::f, SSLState_::flags, flags, SSLStateConnp_::handshake_type, HAS_SPACE, SSLState_::hb_record_len, SSLStateConnp_::hs_bytes_processed, SSLStateConnp_::ja3_hash, SSLStateConnp_::ja3_str, Ja3BufferAddValue(), Ja3BufferAppendBuffer(), Ja3BufferFree(), Ja3BufferInit(), Ja3GenerateHash(), MAX, SSLStateConnp_::message_length, next, payload_len, SSLStateConnp_::record_length, SSLStateConnp_::record_lengths_length, SC_ERR_INVALID_ENUM_MAP, SCCalloc, SCFree, SCLogDebug, SCLogError, SCMalloc, SCMapEnumNameToValue(), SCRealloc, SCReturnInt, SCStrdup, SSLState_::server_connp, SSLStateConnp_::session_id, SSLStateConnp_::session_id_length, SHA1_LENGTH, SHA1_STRING_LENGTH, SSLStateConnp_::sni, SSL_AL_FLAG_CH_VERSION_EXTENSION, SSL_AL_FLAG_CHANGE_CIPHER_SPEC, SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC, SSL_AL_FLAG_EARLY_DATA, SSL_AL_FLAG_HANDSHAKE_DONE, SSL_AL_FLAG_HB_CLIENT_INIT, SSL_AL_FLAG_HB_INFLIGHT, SSL_AL_FLAG_HB_SERVER_INIT, SSL_AL_FLAG_LOG_WITHOUT_CERT, SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC, SSL_AL_FLAG_SESSION_RESUMED, SSL_AL_FLAG_SSL_CLIENT_HS, SSL_AL_FLAG_SSL_CLIENT_MASTER_KEY, SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED, SSL_AL_FLAG_SSL_NO_SESSION_ID, SSL_AL_FLAG_SSL_SERVER_HS, SSL_AL_FLAG_SSL_SERVER_SSN_ENCRYPTED, SSL_AL_FLAG_STATE_CLIENT_HELLO, SSL_AL_FLAG_STATE_CLIENT_KEYX, SSL_AL_FLAG_STATE_FINISHED, SSL_AL_FLAG_STATE_SERVER_HELLO, SSL_AL_FLAG_STATE_SERVER_KEYX, SSL_CNF_ENC_HANDLE_BYPASS, SSL_CNF_ENC_HANDLE_FULL, SSL_EXTENSION_EARLY_DATA, SSL_EXTENSION_EC_POINT_FORMATS, SSL_EXTENSION_ELLIPTIC_CURVES, SSL_EXTENSION_SESSION_TICKET, SSL_EXTENSION_SNI, SSL_EXTENSION_SUPPORTED_VERSIONS, SSL_RECORD_MINIMUM_LENGTH, SSL_SNI_TYPE_HOST_NAME, SSL_VERSION_2, SSL_VERSION_3, SSLSetEvent(), SSLV2_MT_CLIENT_CERTIFICATE, SSLV2_MT_CLIENT_FINISHED, SSLV2_MT_CLIENT_HELLO, SSLV2_MT_CLIENT_MASTER_KEY, SSLV2_MT_ERROR, SSLV2_MT_REQUEST_CERTIFICATE, SSLV2_MT_SERVER_FINISHED, SSLV2_MT_SERVER_HELLO, SSLV2_MT_SERVER_VERIFY, SSLV3_ALERT_PROTOCOL, SSLV3_APPLICATION_PROTOCOL, SSLV3_CHANGE_CIPHER_SPEC, SSLV3_CLIENT_HELLO_RANDOM_LEN, SSLV3_CLIENT_HELLO_VERSION_LEN, SSLV3_HANDSHAKE_PROTOCOL, SSLV3_HEARTBEAT_PROTOCOL, SSLV3_HS_CERTIFICATE, SSLV3_HS_CERTIFICATE_REQUEST, SSLV3_HS_CERTIFICATE_STATUS, SSLV3_HS_CERTIFICATE_URL, SSLV3_HS_CERTIFICATE_VERIFY, SSLV3_HS_CLIENT_HELLO, SSLV3_HS_CLIENT_KEY_EXCHANGE, SSLV3_HS_FINISHED, SSLV3_HS_HELLO_REQUEST, SSLV3_HS_NEW_SESSION_TICKET, SSLV3_HS_SERVER_HELLO, SSLV3_HS_SERVER_KEY_EXCHANGE, SSLV3_RECORD_HDR_LEN, STREAM_TOCLIENT, STREAM_TOSERVER, strlcat(), TAILQ_FIRST, TAILQ_INIT, TAILQ_INSERT_TAIL, TAILQ_REMOVE, TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH, TLS_DECODER_EVENT_CERTIFICATE_INVALID_STRING, TLS_DECODER_EVENT_CERTIFICATE_MISSING_ELEMENT, TLS_DECODER_EVENT_CERTIFICATE_UNKNOWN_ELEMENT, TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH, TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED, TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH, TLS_DECODER_EVENT_INVALID_CERTIFICATE, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE, TLS_DECODER_EVENT_INVALID_HEARTBEAT, TLS_DECODER_EVENT_INVALID_RECORD_TYPE, TLS_DECODER_EVENT_INVALID_SNI_LENGTH, TLS_DECODER_EVENT_INVALID_SNI_TYPE, TLS_DECODER_EVENT_INVALID_SSL_RECORD, TLS_DECODER_EVENT_INVALID_SSLV2_HEADER, TLS_DECODER_EVENT_INVALID_TLS_HEADER, TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS, TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT, TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET, TLS_HB_REQUEST, TLS_HB_RESPONSE, TLS_VERSION_10, TLS_VERSION_11, TLS_VERSION_12, TLS_VERSION_13, TLS_VERSION_13_DRAFT16, TLS_VERSION_13_DRAFT17, TLS_VERSION_13_DRAFT18, TLS_VERSION_13_DRAFT19, TLS_VERSION_13_DRAFT20, TLS_VERSION_13_DRAFT20_FB, TLS_VERSION_13_DRAFT21, TLS_VERSION_13_DRAFT21_FB, TLS_VERSION_13_DRAFT22, TLS_VERSION_13_DRAFT22_FB, TLS_VERSION_13_DRAFT23, TLS_VERSION_13_DRAFT23_FB, TLS_VERSION_13_DRAFT24, TLS_VERSION_13_DRAFT25, TLS_VERSION_13_DRAFT26, TLS_VERSION_13_DRAFT26_FB, TLS_VERSION_13_DRAFT27, TLS_VERSION_13_DRAFT28, TLS_VERSION_13_PRE_DRAFT16, TLS_VERSION_UNKNOWN, SSLStateConnp_::trec, SSLStateConnp_::trec_len, SSLStateConnp_::trec_pos, tx_id, unlikely, SSLStateConnp_::version, and version.

Here is the call graph for this function:

Variable Documentation

SslConfig ssl_config

Definition at line 100 of file app-layer-ssl.c.

SCEnumCharMap tls_decoder_event_table[]
Initial value:
= {
{ "INVALID_SSLV2_HEADER", TLS_DECODER_EVENT_INVALID_SSLV2_HEADER },
{ "INVALID_TLS_HEADER", TLS_DECODER_EVENT_INVALID_TLS_HEADER },
{ "INVALID_RECORD_VERSION", TLS_DECODER_EVENT_INVALID_RECORD_VERSION },
{ "INVALID_RECORD_TYPE", TLS_DECODER_EVENT_INVALID_RECORD_TYPE },
{ "INVALID_HANDSHAKE_MESSAGE", TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE },
{ "HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_HEARTBEAT },
{ "INVALID_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_INVALID_HEARTBEAT },
{ "OVERFLOW_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT },
{ "DATALEAK_HEARTBEAT_MISMATCH", TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH },
{ "HANDSHAKE_INVALID_LENGTH", TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH },
{ "MULTIPLE_SNI_EXTENSIONS", TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS },
{ "INVALID_SNI_TYPE", TLS_DECODER_EVENT_INVALID_SNI_TYPE },
{ "INVALID_SNI_LENGTH", TLS_DECODER_EVENT_INVALID_SNI_LENGTH },
{ "TOO_MANY_RECORDS_IN_PACKET", TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET },
{ "INVALID_CERTIFICATE", TLS_DECODER_EVENT_INVALID_CERTIFICATE },
{ "CERTIFICATE_MISSING_ELEMENT", TLS_DECODER_EVENT_CERTIFICATE_MISSING_ELEMENT },
{ "CERTIFICATE_UNKNOWN_ELEMENT", TLS_DECODER_EVENT_CERTIFICATE_UNKNOWN_ELEMENT },
{ "CERTIFICATE_INVALID_LENGTH", TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH },
{ "CERTIFICATE_INVALID_STRING", TLS_DECODER_EVENT_CERTIFICATE_INVALID_STRING },
{ "ERROR_MESSAGE_ENCOUNTERED", TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED },
{ "INVALID_SSL_RECORD", TLS_DECODER_EVENT_INVALID_SSL_RECORD },
{ NULL, -1 },
}

Definition at line 58 of file app-layer-ssl.c.