suricata
app-layer-ssl.c File Reference
#include "suricata-common.h"
#include "debug.h"
#include "decode.h"
#include "threads.h"
#include "stream-tcp-private.h"
#include "stream-tcp-reassemble.h"
#include "stream-tcp.h"
#include "stream.h"
#include "app-layer.h"
#include "app-layer-protos.h"
#include "app-layer-parser.h"
#include "app-layer-ssl.h"
#include "decode-events.h"
#include "conf.h"
#include "util-crypt.h"
#include "util-decode-der.h"
#include "util-decode-der-get.h"
#include "util-spm.h"
#include "util-unittest.h"
#include "util-debug.h"
#include "util-print.h"
#include "util-pool.h"
#include "util-byte.h"
#include "util-ja3.h"
#include "flow-util.h"
#include "flow-private.h"
Include dependency graph for app-layer-ssl.c:

Go to the source code of this file.

Data Structures

struct  SslConfig_
 

Macros

#define SSL_CONFIG_DEFAULT_JA3   0
 
#define SSLV3_CHANGE_CIPHER_SPEC   20
 
#define SSLV3_ALERT_PROTOCOL   21
 
#define SSLV3_HANDSHAKE_PROTOCOL   22
 
#define SSLV3_APPLICATION_PROTOCOL   23
 
#define SSLV3_HEARTBEAT_PROTOCOL   24
 
#define SSLV3_HS_HELLO_REQUEST   0
 
#define SSLV3_HS_CLIENT_HELLO   1
 
#define SSLV3_HS_SERVER_HELLO   2
 
#define SSLV3_HS_NEW_SESSION_TICKET   4
 
#define SSLV3_HS_CERTIFICATE   11
 
#define SSLV3_HS_SERVER_KEY_EXCHANGE   12
 
#define SSLV3_HS_CERTIFICATE_REQUEST   13
 
#define SSLV3_HS_SERVER_HELLO_DONE   14
 
#define SSLV3_HS_CERTIFICATE_VERIFY   15
 
#define SSLV3_HS_CLIENT_KEY_EXCHANGE   16
 
#define SSLV3_HS_FINISHED   20
 
#define SSLV3_HS_CERTIFICATE_URL   21
 
#define SSLV3_HS_CERTIFICATE_STATUS   22
 
#define SSLV2_MT_ERROR   0
 
#define SSLV2_MT_CLIENT_HELLO   1
 
#define SSLV2_MT_CLIENT_MASTER_KEY   2
 
#define SSLV2_MT_CLIENT_FINISHED   3
 
#define SSLV2_MT_SERVER_HELLO   4
 
#define SSLV2_MT_SERVER_VERIFY   5
 
#define SSLV2_MT_SERVER_FINISHED   6
 
#define SSLV2_MT_REQUEST_CERTIFICATE   7
 
#define SSLV2_MT_CLIENT_CERTIFICATE   8
 
#define SSLV3_RECORD_HDR_LEN   5
 
#define SSLV3_MESSAGE_HDR_LEN   4
 
#define SSLV3_CLIENT_HELLO_VERSION_LEN   2
 
#define SSLV3_CLIENT_HELLO_RANDOM_LEN   32
 
#define TLS_HB_REQUEST   1
 
#define TLS_HB_RESPONSE   2
 
#define SSL_RECORD_MINIMUM_LENGTH   6
 
#define SHA1_STRING_LENGTH   60
 
#define HAS_SPACE(n)   ((uint64_t)(input - initial_input) + (uint64_t)(n) <= (uint64_t)(input_len))
 

Typedefs

typedef struct SslConfig_ SslConfig
 

Enumerations

enum  SslConfigEncryptHandling { SSL_CNF_ENC_HANDLE_DEFAULT = 0, SSL_CNF_ENC_HANDLE_BYPASS = 1, SSL_CNF_ENC_HANDLE_FULL = 2 }
 

Functions

void SSLSetEvent (SSLState *ssl_state, uint8_t event)
 
void SSLVersionToString (uint16_t version, char *buffer)
 
void RegisterSSLParsers (void)
 Function to register the SSL protocol parser and other functions. More...
 
void SSLEnableJA3 (void)
 if not explicitly disabled in config, enable ja3 support More...
 
bool SSLJA3IsEnabled (void)
 
void SSLParserRegisterTests (void)
 

Variables

SCEnumCharMap tls_decoder_event_table []
 
SslConfig ssl_config
 

Detailed Description

Macro Definition Documentation

#define HAS_SPACE (   n)    ((uint64_t)(input - initial_input) + (uint64_t)(n) <= (uint64_t)(input_len))

Definition at line 152 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SHA1_STRING_LENGTH   60

Definition at line 150 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSL_CONFIG_DEFAULT_JA3   0

Definition at line 87 of file app-layer-ssl.c.

Referenced by RegisterSSLParsers().

#define SSL_RECORD_MINIMUM_LENGTH   6

Definition at line 148 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_CLIENT_CERTIFICATE   8

Definition at line 136 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_CLIENT_FINISHED   3

Definition at line 131 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_CLIENT_HELLO   1

Definition at line 129 of file app-layer-ssl.c.

Referenced by SSLJA3IsEnabled(), and SSLVersionToString().

#define SSLV2_MT_CLIENT_MASTER_KEY   2

Definition at line 130 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_ERROR   0

Definition at line 128 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_REQUEST_CERTIFICATE   7

Definition at line 135 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_SERVER_FINISHED   6

Definition at line 134 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV2_MT_SERVER_HELLO   4

Definition at line 132 of file app-layer-ssl.c.

Referenced by SSLJA3IsEnabled(), and SSLVersionToString().

#define SSLV2_MT_SERVER_VERIFY   5

Definition at line 133 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_ALERT_PROTOCOL   21

Definition at line 107 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_APPLICATION_PROTOCOL   23

Definition at line 109 of file app-layer-ssl.c.

Referenced by SSLJA3IsEnabled(), and SSLVersionToString().

#define SSLV3_CHANGE_CIPHER_SPEC   20

Definition at line 106 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_CLIENT_HELLO_RANDOM_LEN   32

Definition at line 142 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_CLIENT_HELLO_VERSION_LEN   2

Definition at line 141 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HANDSHAKE_PROTOCOL   22

Definition at line 108 of file app-layer-ssl.c.

Referenced by SSLJA3IsEnabled(), and SSLVersionToString().

#define SSLV3_HEARTBEAT_PROTOCOL   24

Definition at line 110 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CERTIFICATE   11

Definition at line 117 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CERTIFICATE_REQUEST   13

Definition at line 119 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CERTIFICATE_STATUS   22

Definition at line 125 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CERTIFICATE_URL   21

Definition at line 124 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CERTIFICATE_VERIFY   15

Definition at line 121 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CLIENT_HELLO   1

Definition at line 114 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_CLIENT_KEY_EXCHANGE   16

Definition at line 122 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_FINISHED   20

Definition at line 123 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_HELLO_REQUEST   0

Definition at line 113 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_NEW_SESSION_TICKET   4

Definition at line 116 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_SERVER_HELLO   2

Definition at line 115 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_HS_SERVER_HELLO_DONE   14

Definition at line 120 of file app-layer-ssl.c.

#define SSLV3_HS_SERVER_KEY_EXCHANGE   12

Definition at line 118 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define SSLV3_MESSAGE_HDR_LEN   4

Definition at line 139 of file app-layer-ssl.c.

#define SSLV3_RECORD_HDR_LEN   5

Definition at line 138 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define TLS_HB_REQUEST   1

Definition at line 145 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

#define TLS_HB_RESPONSE   2

Definition at line 146 of file app-layer-ssl.c.

Referenced by SSLVersionToString().

Typedef Documentation

typedef struct SslConfig_ SslConfig

Enumeration Type Documentation

Enumerator
SSL_CNF_ENC_HANDLE_DEFAULT 

disable raw content, continue tracking

SSL_CNF_ENC_HANDLE_BYPASS 

skip processing of flow, bypass if possible

SSL_CNF_ENC_HANDLE_FULL 

handle fully like any other proto

Definition at line 89 of file app-layer-ssl.c.

Function Documentation

void RegisterSSLParsers ( void  )

Function to register the SSL protocol parser and other functions.

SSLv2 and SSLv23

Definition at line 2843 of file app-layer-ssl.c.

References ALPROTO_TLS, AppLayerParserConfParserEnabled(), AppLayerParserRegisterDetectFlagsFuncs(), AppLayerParserRegisterDetectStateFuncs(), AppLayerParserRegisterGetEventInfo(), AppLayerParserRegisterGetEventInfoById(), AppLayerParserRegisterGetEventsFunc(), AppLayerParserRegisterGetStateProgressCompletionStatus(), AppLayerParserRegisterGetStateProgressFunc(), AppLayerParserRegisterGetTx(), AppLayerParserRegisterGetTxCnt(), AppLayerParserRegisterLoggerFuncs(), AppLayerParserRegisterParser(), AppLayerParserRegisterParserAcceptableDataDirection(), AppLayerParserRegisterProtocolUnittests(), AppLayerParserRegisterStateFuncs(), AppLayerParserRegisterTxFreeFunc(), AppLayerProtoDetectConfProtoDetectionEnabled(), AppLayerProtoDetectPPParseConfPorts(), AppLayerProtoDetectPPRegister(), AppLayerProtoDetectRegisterProtocol(), ConfGetBool(), ConfGetNode(), ConfGetValue(), ConfValIsFalse(), ConfValIsTrue(), SslConfig_::disable_ja3, SslConfig_::encrypt_mode, RunmodeIsUnittests(), SC_ATOMIC_GET, SC_ATOMIC_INIT, SC_ATOMIC_SET, SC_ERR_MISSING_CONFIG_PARAM, SC_WARN_NO_JA3_SUPPORT, SCLogDebug, SCLogInfo, SCLogWarning, SSL_CNF_ENC_HANDLE_BYPASS, SSL_CNF_ENC_HANDLE_DEFAULT, SSL_CNF_ENC_HANDLE_FULL, SSL_CONFIG_DEFAULT_JA3, SSLParserRegisterTests(), STREAM_TOCLIENT, STREAM_TOSERVER, and ConfNode_::val.

Referenced by AppLayerParserRegisterProtocolParsers(), and RegisterAllModules().

Here is the call graph for this function:

Here is the caller graph for this function:

void SSLEnableJA3 ( void  )

if not explicitly disabled in config, enable ja3 support

Implemented using atomic to allow rule reloads to do this at runtime.

Definition at line 2989 of file app-layer-ssl.c.

References SslConfig_::disable_ja3, SC_ATOMIC_GET, and SC_ATOMIC_SET.

Referenced by DetectTlsJa3HashRegister(), DetectTlsJa3SHashRegister(), DetectTlsJa3SStringRegister(), and DetectTlsJa3StringRegister().

Here is the caller graph for this function:

void SSLParserRegisterTests ( void  )

Definition at line 5435 of file app-layer-ssl.c.

References UtRegisterTest().

Referenced by RegisterSSLParsers().

Here is the call graph for this function:

Here is the caller graph for this function:

void SSLVersionToString ( uint16_t  version,
char *  buffer 
)

Definition at line 269 of file app-layer-ssl.c.

References ALPROTO_FAILED, ALPROTO_TLS, ALPROTO_UNKNOWN, APP_LAYER_EVENT_TYPE_TRANSACTION, APP_LAYER_PARSER_BYPASS_READY, APP_LAYER_PARSER_EOF, APP_LAYER_PARSER_NO_INSPECTION, APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD, APP_LAYER_PARSER_NO_REASSEMBLY, AppLayerDecoderEventsFreeEvents(), AppLayerParserStateIssetFlag(), AppLayerParserStateSetFlag(), AppLayerParserTriggerRawStreamReassembly(), AppLayerProtoDetectPMRegisterPatternCS(), Asn1DerGetIssuerDN(), Asn1DerGetSerial(), Asn1DerGetSubjectDN(), Asn1DerGetValidity(), SSLStateConnp_::bytes_processed, SSLStateConnp_::cert0_fingerprint, SSLStateConnp_::cert0_issuerdn, SSLStateConnp_::cert0_not_after, SSLStateConnp_::cert0_not_before, SSLStateConnp_::cert0_serial, SSLStateConnp_::cert0_subject, SSLCertsChain_::cert_data, SSLCertsChain_::cert_len, SSLStateConnp_::cert_log_flag, SSLState_::client_connp, ComputeSHA1(), SSLStateConnp_::content_type, SSLState_::curr_connp, SSLState_::current_flags, SSLState_::de_state, DecodeDer(), SSLState_::decoder_events, DerFree(), DetectEngineStateFree(), SslConfig_::encrypt_mode, ERR_DER_ELEMENT_SIZE_TOO_BIG, ERR_DER_GENERIC, ERR_DER_INVALID_OBJECT, ERR_DER_INVALID_SIZE, ERR_DER_INVALID_TAG, ERR_DER_MISSING_ELEMENT, ERR_DER_RECURSION_LIMIT, ERR_DER_UNKNOWN_ELEMENT, ERR_DER_UNSUPPORTED_STRING, event_type, SSLState_::f, SSLState_::flags, flags, SSLStateConnp_::handshake_type, HAS_SPACE, SSLState_::hb_record_len, SSLStateConnp_::hs_bytes_processed, SSLStateConnp_::ja3_hash, SSLStateConnp_::ja3_str, Ja3BufferAddValue(), Ja3BufferAppendBuffer(), Ja3BufferFree(), Ja3BufferInit(), Ja3GenerateHash(), MAX, SSLStateConnp_::message_length, next, payload_len, SSLStateConnp_::record_length, SSLStateConnp_::record_lengths_length, SC_ATOMIC_GET, SC_ERR_INVALID_ENUM_MAP, SCCalloc, SCFree, SCLogDebug, SCLogError, SCMalloc, SCMapEnumNameToValue(), SCMapEnumValueToName(), SCRealloc, SCReturnInt, SCStrdup, SSLState_::server_connp, SSLStateConnp_::session_id, SSLStateConnp_::session_id_length, SHA1_LENGTH, SHA1_STRING_LENGTH, SSLStateConnp_::sni, SSL_AL_FLAG_CH_VERSION_EXTENSION, SSL_AL_FLAG_CHANGE_CIPHER_SPEC, SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC, SSL_AL_FLAG_EARLY_DATA, SSL_AL_FLAG_HANDSHAKE_DONE, SSL_AL_FLAG_HB_CLIENT_INIT, SSL_AL_FLAG_HB_INFLIGHT, SSL_AL_FLAG_HB_SERVER_INIT, SSL_AL_FLAG_LOG_WITHOUT_CERT, SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC, SSL_AL_FLAG_SESSION_RESUMED, SSL_AL_FLAG_SSL_CLIENT_HS, SSL_AL_FLAG_SSL_CLIENT_MASTER_KEY, SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED, SSL_AL_FLAG_SSL_NO_SESSION_ID, SSL_AL_FLAG_SSL_SERVER_HS, SSL_AL_FLAG_SSL_SERVER_SSN_ENCRYPTED, SSL_AL_FLAG_STATE_CLIENT_HELLO, SSL_AL_FLAG_STATE_CLIENT_KEYX, SSL_AL_FLAG_STATE_FINISHED, SSL_AL_FLAG_STATE_SERVER_HELLO, SSL_AL_FLAG_STATE_SERVER_KEYX, SSL_CNF_ENC_HANDLE_BYPASS, SSL_CNF_ENC_HANDLE_FULL, SSL_EXTENSION_EARLY_DATA, SSL_EXTENSION_EC_POINT_FORMATS, SSL_EXTENSION_ELLIPTIC_CURVES, SSL_EXTENSION_SESSION_TICKET, SSL_EXTENSION_SNI, SSL_EXTENSION_SUPPORTED_VERSIONS, SSL_RECORD_MINIMUM_LENGTH, SSL_SNI_TYPE_HOST_NAME, SSL_VERSION_2, SSL_VERSION_3, SSLSetEvent(), SSLV2_MT_CLIENT_CERTIFICATE, SSLV2_MT_CLIENT_FINISHED, SSLV2_MT_CLIENT_HELLO, SSLV2_MT_CLIENT_MASTER_KEY, SSLV2_MT_ERROR, SSLV2_MT_REQUEST_CERTIFICATE, SSLV2_MT_SERVER_FINISHED, SSLV2_MT_SERVER_HELLO, SSLV2_MT_SERVER_VERIFY, SSLV3_ALERT_PROTOCOL, SSLV3_APPLICATION_PROTOCOL, SSLV3_CHANGE_CIPHER_SPEC, SSLV3_CLIENT_HELLO_RANDOM_LEN, SSLV3_CLIENT_HELLO_VERSION_LEN, SSLV3_HANDSHAKE_PROTOCOL, SSLV3_HEARTBEAT_PROTOCOL, SSLV3_HS_CERTIFICATE, SSLV3_HS_CERTIFICATE_REQUEST, SSLV3_HS_CERTIFICATE_STATUS, SSLV3_HS_CERTIFICATE_URL, SSLV3_HS_CERTIFICATE_VERIFY, SSLV3_HS_CLIENT_HELLO, SSLV3_HS_CLIENT_KEY_EXCHANGE, SSLV3_HS_FINISHED, SSLV3_HS_HELLO_REQUEST, SSLV3_HS_NEW_SESSION_TICKET, SSLV3_HS_SERVER_HELLO, SSLV3_HS_SERVER_KEY_EXCHANGE, SSLV3_RECORD_HDR_LEN, STREAM_TOCLIENT, STREAM_TOSERVER, strlcat(), TAILQ_FIRST, TAILQ_INIT, TAILQ_INSERT_TAIL, TAILQ_REMOVE, TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH, TLS_DECODER_EVENT_CERTIFICATE_INVALID_STRING, TLS_DECODER_EVENT_CERTIFICATE_MISSING_ELEMENT, TLS_DECODER_EVENT_CERTIFICATE_UNKNOWN_ELEMENT, TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH, TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED, TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH, TLS_DECODER_EVENT_INVALID_CERTIFICATE, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE, TLS_DECODER_EVENT_INVALID_HEARTBEAT, TLS_DECODER_EVENT_INVALID_RECORD_TYPE, TLS_DECODER_EVENT_INVALID_SNI_LENGTH, TLS_DECODER_EVENT_INVALID_SNI_TYPE, TLS_DECODER_EVENT_INVALID_SSL_RECORD, TLS_DECODER_EVENT_INVALID_SSLV2_HEADER, TLS_DECODER_EVENT_INVALID_TLS_HEADER, TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS, TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT, TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET, TLS_HB_REQUEST, TLS_HB_RESPONSE, TLS_VERSION_10, TLS_VERSION_11, TLS_VERSION_12, TLS_VERSION_13, TLS_VERSION_13_DRAFT16, TLS_VERSION_13_DRAFT17, TLS_VERSION_13_DRAFT18, TLS_VERSION_13_DRAFT19, TLS_VERSION_13_DRAFT20, TLS_VERSION_13_DRAFT20_FB, TLS_VERSION_13_DRAFT21, TLS_VERSION_13_DRAFT21_FB, TLS_VERSION_13_DRAFT22, TLS_VERSION_13_DRAFT22_FB, TLS_VERSION_13_DRAFT23, TLS_VERSION_13_DRAFT23_FB, TLS_VERSION_13_DRAFT24, TLS_VERSION_13_DRAFT25, TLS_VERSION_13_DRAFT26, TLS_VERSION_13_DRAFT26_FB, TLS_VERSION_13_DRAFT27, TLS_VERSION_13_DRAFT28, TLS_VERSION_13_PRE_DRAFT16, TLS_VERSION_UNKNOWN, SSLStateConnp_::trec, SSLStateConnp_::trec_len, SSLStateConnp_::trec_pos, tx_id, unlikely, SSLStateConnp_::version, and version.

Referenced by TLSGetIPInformations().

Here is the call graph for this function:

Here is the caller graph for this function:

Variable Documentation

SslConfig ssl_config

Definition at line 103 of file app-layer-ssl.c.

SCEnumCharMap tls_decoder_event_table[]
Initial value:
= {
{ "INVALID_SSLV2_HEADER", TLS_DECODER_EVENT_INVALID_SSLV2_HEADER },
{ "INVALID_TLS_HEADER", TLS_DECODER_EVENT_INVALID_TLS_HEADER },
{ "INVALID_RECORD_VERSION", TLS_DECODER_EVENT_INVALID_RECORD_VERSION },
{ "INVALID_RECORD_TYPE", TLS_DECODER_EVENT_INVALID_RECORD_TYPE },
{ "INVALID_HANDSHAKE_MESSAGE", TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE },
{ "HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_HEARTBEAT },
{ "INVALID_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_INVALID_HEARTBEAT },
{ "OVERFLOW_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT },
{ "DATALEAK_HEARTBEAT_MISMATCH", TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH },
{ "HANDSHAKE_INVALID_LENGTH", TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH },
{ "MULTIPLE_SNI_EXTENSIONS", TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS },
{ "INVALID_SNI_TYPE", TLS_DECODER_EVENT_INVALID_SNI_TYPE },
{ "INVALID_SNI_LENGTH", TLS_DECODER_EVENT_INVALID_SNI_LENGTH },
{ "TOO_MANY_RECORDS_IN_PACKET", TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET },
{ "INVALID_CERTIFICATE", TLS_DECODER_EVENT_INVALID_CERTIFICATE },
{ "CERTIFICATE_MISSING_ELEMENT", TLS_DECODER_EVENT_CERTIFICATE_MISSING_ELEMENT },
{ "CERTIFICATE_UNKNOWN_ELEMENT", TLS_DECODER_EVENT_CERTIFICATE_UNKNOWN_ELEMENT },
{ "CERTIFICATE_INVALID_LENGTH", TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH },
{ "CERTIFICATE_INVALID_STRING", TLS_DECODER_EVENT_CERTIFICATE_INVALID_STRING },
{ "ERROR_MESSAGE_ENCOUNTERED", TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED },
{ "INVALID_SSL_RECORD", TLS_DECODER_EVENT_INVALID_SSL_RECORD },
{ NULL, -1 },
}

Definition at line 58 of file app-layer-ssl.c.