suricata
app-layer-ssl.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2020 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Anoop Saldanha <anoopsaldanha@gmail.com>
22  * \author Pierre Chifflier <pierre.chifflier@ssi.gouv.fr>
23  * \author Mats Klepsland <mats.klepsland@gmail.com>
24  *
25  */
26 
27 #include "suricata-common.h"
28 #include "debug.h"
29 #include "decode.h"
30 #include "threads.h"
31 
32 #include "stream-tcp-private.h"
33 #include "stream-tcp-reassemble.h"
34 #include "stream-tcp.h"
35 #include "stream.h"
36 
37 #include "app-layer.h"
38 #include "app-layer-protos.h"
39 #include "app-layer-parser.h"
40 #include "app-layer-ssl.h"
41 
42 #include "decode-events.h"
43 #include "conf.h"
44 
45 #include "util-crypt.h"
46 #include "util-spm.h"
47 #include "util-unittest.h"
48 #include "util-debug.h"
49 #include "util-print.h"
50 #include "util-pool.h"
51 #include "util-byte.h"
52 #include "util-ja3.h"
53 #include "flow-util.h"
54 #include "flow-private.h"
55 #include "util-validate.h"
56 
58  /* TLS protocol messages */
59  { "INVALID_SSLV2_HEADER", TLS_DECODER_EVENT_INVALID_SSLV2_HEADER },
60  { "INVALID_TLS_HEADER", TLS_DECODER_EVENT_INVALID_TLS_HEADER },
61  { "INVALID_RECORD_VERSION", TLS_DECODER_EVENT_INVALID_RECORD_VERSION },
62  { "INVALID_RECORD_TYPE", TLS_DECODER_EVENT_INVALID_RECORD_TYPE },
63  { "INVALID_HANDSHAKE_MESSAGE", TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE },
64  { "HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_HEARTBEAT },
65  { "INVALID_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_INVALID_HEARTBEAT },
66  { "OVERFLOW_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT },
67  { "DATALEAK_HEARTBEAT_MISMATCH", TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH },
68  { "HANDSHAKE_INVALID_LENGTH", TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH },
69  { "MULTIPLE_SNI_EXTENSIONS", TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS },
70  { "INVALID_SNI_TYPE", TLS_DECODER_EVENT_INVALID_SNI_TYPE },
71  { "INVALID_SNI_LENGTH", TLS_DECODER_EVENT_INVALID_SNI_LENGTH },
72  { "TOO_MANY_RECORDS_IN_PACKET", TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET },
73  /* certificate decoding messages */
74  { "INVALID_CERTIFICATE", TLS_DECODER_EVENT_INVALID_CERTIFICATE },
75  { "CERTIFICATE_INVALID_LENGTH", TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH },
76  { "CERTIFICATE_INVALID_VERSION", TLS_DECODER_EVENT_CERTIFICATE_INVALID_VERSION },
77  { "CERTIFICATE_INVALID_SERIAL", TLS_DECODER_EVENT_CERTIFICATE_INVALID_SERIAL },
78  { "CERTIFICATE_INVALID_ALGORITHMIDENTIFIER", TLS_DECODER_EVENT_CERTIFICATE_INVALID_ALGORITHMIDENTIFIER },
79  { "CERTIFICATE_INVALID_X509NAME", TLS_DECODER_EVENT_CERTIFICATE_INVALID_X509NAME },
80  { "CERTIFICATE_INVALID_DATE", TLS_DECODER_EVENT_CERTIFICATE_INVALID_DATE },
81  { "CERTIFICATE_INVALID_EXTENSIONS", TLS_DECODER_EVENT_CERTIFICATE_INVALID_EXTENSIONS },
82  { "CERTIFICATE_INVALID_DER", TLS_DECODER_EVENT_CERTIFICATE_INVALID_DER },
83  { "CERTIFICATE_INVALID_SUBJECT", TLS_DECODER_EVENT_CERTIFICATE_INVALID_SUBJECT },
84  { "CERTIFICATE_INVALID_ISSUER", TLS_DECODER_EVENT_CERTIFICATE_INVALID_ISSUER },
85  { "CERTIFICATE_INVALID_VALIDITY", TLS_DECODER_EVENT_CERTIFICATE_INVALID_VALIDITY },
86  { "ERROR_MESSAGE_ENCOUNTERED", TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED },
87  /* used as a generic error event */
88  { "INVALID_SSL_RECORD", TLS_DECODER_EVENT_INVALID_SSL_RECORD },
89  { NULL, -1 },
90 };
91 
92 enum {
93  /* X.509 error codes, returned by decoder
94  * THESE CONSTANTS MUST MATCH rust/src/x509/mod.rs ! */
104 
105  /* error getting data */
109 };
110 
111 /* JA3 fingerprints are disabled by default */
112 #define SSL_CONFIG_DEFAULT_JA3 0
113 
115  SSL_CNF_ENC_HANDLE_DEFAULT = 0, /**< disable raw content, continue tracking */
116  SSL_CNF_ENC_HANDLE_BYPASS = 1, /**< skip processing of flow, bypass if possible */
117  SSL_CNF_ENC_HANDLE_FULL = 2, /**< handle fully like any other proto */
118 };
119 
120 typedef struct SslConfig_ {
122  /** dynamic setting for ja3: can be enabled on demand if not explicitly
123  * disabled. */
124  SC_ATOMIC_DECLARE(int, enable_ja3);
125  bool disable_ja3; /**< ja3 explicitly disabled. Don't enable on demand. */
127 
129 
130 /* SSLv3 record types */
131 #define SSLV3_CHANGE_CIPHER_SPEC 20
132 #define SSLV3_ALERT_PROTOCOL 21
133 #define SSLV3_HANDSHAKE_PROTOCOL 22
134 #define SSLV3_APPLICATION_PROTOCOL 23
135 #define SSLV3_HEARTBEAT_PROTOCOL 24
136 
137 /* SSLv3 handshake protocol types */
138 #define SSLV3_HS_HELLO_REQUEST 0
139 #define SSLV3_HS_CLIENT_HELLO 1
140 #define SSLV3_HS_SERVER_HELLO 2
141 #define SSLV3_HS_NEW_SESSION_TICKET 4
142 #define SSLV3_HS_CERTIFICATE 11
143 #define SSLV3_HS_SERVER_KEY_EXCHANGE 12
144 #define SSLV3_HS_CERTIFICATE_REQUEST 13
145 #define SSLV3_HS_SERVER_HELLO_DONE 14
146 #define SSLV3_HS_CERTIFICATE_VERIFY 15
147 #define SSLV3_HS_CLIENT_KEY_EXCHANGE 16
148 #define SSLV3_HS_FINISHED 20
149 #define SSLV3_HS_CERTIFICATE_URL 21
150 #define SSLV3_HS_CERTIFICATE_STATUS 22
151 
152 /* SSLv2 protocol message types */
153 #define SSLV2_MT_ERROR 0
154 #define SSLV2_MT_CLIENT_HELLO 1
155 #define SSLV2_MT_CLIENT_MASTER_KEY 2
156 #define SSLV2_MT_CLIENT_FINISHED 3
157 #define SSLV2_MT_SERVER_HELLO 4
158 #define SSLV2_MT_SERVER_VERIFY 5
159 #define SSLV2_MT_SERVER_FINISHED 6
160 #define SSLV2_MT_REQUEST_CERTIFICATE 7
161 #define SSLV2_MT_CLIENT_CERTIFICATE 8
162 
163 #define SSLV3_RECORD_HDR_LEN 5
164 #define SSLV3_MESSAGE_HDR_LEN 4
165 
166 #define SSLV3_CLIENT_HELLO_VERSION_LEN 2
167 #define SSLV3_CLIENT_HELLO_RANDOM_LEN 32
168 
169 /* TLS heartbeat protocol types */
170 #define TLS_HB_REQUEST 1
171 #define TLS_HB_RESPONSE 2
172 
173 #define SSL_RECORD_MINIMUM_LENGTH 6
174 
175 #define SHA1_STRING_LENGTH 60
176 
177 #define HAS_SPACE(n) ((uint64_t)(input - initial_input) + (uint64_t)(n) <= (uint64_t)(input_len))
178 
179 static inline int SafeMemcpy(void *dst, size_t dst_offset, size_t dst_size,
180  const void *src, size_t src_offset, size_t src_size, size_t src_tocopy) WARN_UNUSED;
181 
182 static inline int SafeMemcpy(void *dst, size_t dst_offset, size_t dst_size,
183  const void *src, size_t src_offset, size_t src_size, size_t src_tocopy)
184 {
185  DEBUG_VALIDATE_BUG_ON(dst_offset >= dst_size);
186  DEBUG_VALIDATE_BUG_ON(src_offset >= src_size);
187  DEBUG_VALIDATE_BUG_ON(src_tocopy > (src_size - src_offset));
188  DEBUG_VALIDATE_BUG_ON(src_tocopy > (dst_size - dst_offset));
189 
190  if (dst_offset < dst_size && src_offset < src_size &&
191  src_tocopy <= (src_size - src_offset) &&
192  src_tocopy <= (dst_size - dst_offset)) {
193  memcpy(dst + dst_offset, src + src_offset, src_tocopy);
194  return 0;
195  }
196  return -1;
197 }
198 
199 #ifdef DEBUG_VALIDATION
200 #define ValidateRecordState(connp) \
201  do { \
202  DEBUG_VALIDATE_BUG_ON(((connp)->record_length + SSLV3_RECORD_HDR_LEN) < \
203  (connp)->bytes_processed); \
204  } while(0);
205 #else
206 #define ValidateRecordState(...)
207 #endif
208 
209 #ifdef DEBUG_VALIDATION
210 #define ValidateTrecBuffer(connp) \
211  do { \
212  DEBUG_VALIDATE_BUG_ON((connp)->trec_pos > (connp)->trec_len); \
213  DEBUG_VALIDATE_BUG_ON((connp)->trec == NULL && (connp)->trec_len > 0); \
214  DEBUG_VALIDATE_BUG_ON((connp)->trec == NULL && (connp)->trec_pos > 0); \
215  } while(0)
216 #else
217 #define ValidateTrecBuffer(...)
218 #endif
219 
220 #define SSLParserHSReset(connp) \
221  do { \
222  (connp)->trec_pos = 0; \
223  (connp)->handshake_type = 0; \
224  (connp)->hs_bytes_processed = 0; \
225  (connp)->message_length = 0; \
226  (connp)->message_start = 0; \
227  } while(0)
228 
229 #define SSLParserReset(state) \
230  do { \
231  SCLogDebug("resetting state"); \
232  (state)->curr_connp->bytes_processed = 0; \
233  SSLParserHSReset((state)->curr_connp); \
234  } while(0)
235 
236 void SSLSetEvent(SSLState *ssl_state, uint8_t event)
237 {
238  if (ssl_state == NULL) {
239  SCLogDebug("Could not set decoder event: %u", event);
240  return;
241  }
242 
244  ssl_state->events++;
245 }
246 
247 static AppLayerDecoderEvents *SSLGetEvents(void *tx)
248 {
249  /* for TLS, TX == state, see GetTx */
250  SSLState *ssl_state = (SSLState *)tx;
251  return ssl_state->decoder_events;
252 }
253 
254 static int SSLSetTxDetectState(void *vtx, DetectEngineState *de_state)
255 {
256  SSLState *ssl_state = (SSLState *)vtx;
257  ssl_state->de_state = de_state;
258  return 0;
259 }
260 
261 static DetectEngineState *SSLGetTxDetectState(void *vtx)
262 {
263  SSLState *ssl_state = (SSLState *)vtx;
264  return ssl_state->de_state;
265 }
266 
267 static void *SSLGetTx(void *state, uint64_t tx_id)
268 {
269  SSLState *ssl_state = (SSLState *)state;
270  return ssl_state;
271 }
272 
273 static uint64_t SSLGetTxCnt(void *state)
274 {
275  /* single tx */
276  return 1;
277 }
278 
279 static int SSLGetAlstateProgress(void *tx, uint8_t direction)
280 {
281  SSLState *ssl_state = (SSLState *)tx;
282 
283  /* we don't care about direction, only that app-layer parser is done
284  and have sent an EOF */
285  if (ssl_state->flags & SSL_AL_FLAG_STATE_FINISHED) {
286  return TLS_STATE_FINISHED;
287  }
288 
289  /* we want the logger to log when the handshake is done, even if the
290  state is not finished */
291  if (ssl_state->flags & SSL_AL_FLAG_HANDSHAKE_DONE) {
292  return TLS_HANDSHAKE_DONE;
293  }
294 
295  if (direction == STREAM_TOSERVER &&
296  (ssl_state->server_connp.cert0_subject != NULL ||
297  ssl_state->server_connp.cert0_issuerdn != NULL))
298  {
299  return TLS_STATE_CERT_READY;
300  }
301 
302  return TLS_STATE_IN_PROGRESS;
303 }
304 
305 static AppLayerTxData *SSLGetTxData(void *vtx)
306 {
307  SSLState *ssl_state = (SSLState *)vtx;
308  return &ssl_state->tx_data;
309 }
310 
311 void SSLVersionToString(uint16_t version, char *buffer)
312 {
313  buffer[0] = '\0';
314 
315  switch (version) {
316  case TLS_VERSION_UNKNOWN:
317  strlcat(buffer, "UNDETERMINED", 13);
318  break;
319  case SSL_VERSION_2:
320  strlcat(buffer, "SSLv2", 6);
321  break;
322  case SSL_VERSION_3:
323  strlcat(buffer, "SSLv3", 6);
324  break;
325  case TLS_VERSION_10:
326  strlcat(buffer, "TLSv1", 6);
327  break;
328  case TLS_VERSION_11:
329  strlcat(buffer, "TLS 1.1", 8);
330  break;
331  case TLS_VERSION_12:
332  strlcat(buffer, "TLS 1.2", 8);
333  break;
334  case TLS_VERSION_13:
335  strlcat(buffer, "TLS 1.3", 8);
336  break;
338  strlcat(buffer, "TLS 1.3 draft-28", 17);
339  break;
341  strlcat(buffer, "TLS 1.3 draft-27", 17);
342  break;
344  strlcat(buffer, "TLS 1.3 draft-26", 17);
345  break;
347  strlcat(buffer, "TLS 1.3 draft-25", 17);
348  break;
350  strlcat(buffer, "TLS 1.3 draft-24", 17);
351  break;
353  strlcat(buffer, "TLS 1.3 draft-23", 17);
354  break;
356  strlcat(buffer, "TLS 1.3 draft-22", 17);
357  break;
359  strlcat(buffer, "TLS 1.3 draft-21", 17);
360  break;
362  strlcat(buffer, "TLS 1.3 draft-20", 17);
363  break;
365  strlcat(buffer, "TLS 1.3 draft-19", 17);
366  break;
368  strlcat(buffer, "TLS 1.3 draft-18", 17);
369  break;
371  strlcat(buffer, "TLS 1.3 draft-17", 17);
372  break;
374  strlcat(buffer, "TLS 1.3 draft-16", 17);
375  break;
377  strlcat(buffer, "TLS 1.3 draft-<16", 18);
378  break;
380  strlcat(buffer, "TLS 1.3 draft-20-fb", 20);
381  break;
383  strlcat(buffer, "TLS 1.3 draft-21-fb", 20);
384  break;
386  strlcat(buffer, "TLS 1.3 draft-22-fb", 20);
387  break;
389  strlcat(buffer, "TLS 1.3 draft-23-fb", 20);
390  break;
392  strlcat(buffer, "TLS 1.3 draft-26-fb", 20);
393  break;
394  default:
395  snprintf(buffer, 7, "0x%04x", version);
396  break;
397  }
398 }
399 
400 static void TlsDecodeHSCertificateErrSetEvent(SSLState *ssl_state, uint32_t err)
401 {
402  switch(err) {
405  break;
406  case ERR_EXTRACT_ISSUER:
408  break;
409  case ERR_EXTRACT_SUBJECT:
411  break;
412  case ERR_INVALID_DER:
414  break;
417  break;
418  case ERR_INVALID_DATE:
420  break;
423  break;
426  break;
427  case ERR_INVALID_SERIAL:
429  break;
430  case ERR_INVALID_VERSION:
432  break;
433  case ERR_INVALID_LENGTH:
435  break;
437  default:
439  break;
440  }
441 }
442 
443 static inline int TlsDecodeHSCertificateFingerprint(SSLState *ssl_state,
444  const uint8_t *input,
445  uint32_t cert_len)
446 {
447  if (unlikely(ssl_state->server_connp.cert0_fingerprint != NULL))
448  return 0;
449 
451  sizeof(char));
452  if (ssl_state->server_connp.cert0_fingerprint == NULL)
453  return -1;
454 
455  uint8_t hash[SC_SHA1_LEN];
456  if (SCSha1HashBuffer(input, cert_len, hash, sizeof(hash)) == 1) {
457  for (int i = 0, x = 0; x < SC_SHA1_LEN; x++) {
458  i += snprintf(ssl_state->server_connp.cert0_fingerprint + i,
459  SHA1_STRING_LENGTH - i, i == 0 ? "%02x" : ":%02x",
460  hash[x]);
461  }
462  }
463  return 0;
464 }
465 
466 static inline int TlsDecodeHSCertificateAddCertToChain(SSLState *ssl_state,
467  const uint8_t *input,
468  uint32_t cert_len)
469 {
470  SSLCertsChain *cert = SCCalloc(1, sizeof(SSLCertsChain));
471  if (cert == NULL)
472  return -1;
473 
474  cert->cert_data = (uint8_t *)input;
475  cert->cert_len = cert_len;
476  TAILQ_INSERT_TAIL(&ssl_state->server_connp.certs, cert, next);
477 
478  return 0;
479 }
480 
481 /** \retval consumed bytes consumed or -1 on error */
482 static int TlsDecodeHSCertificate(SSLState *ssl_state,
483  const uint8_t * const initial_input,
484  const uint32_t input_len)
485 {
486  const uint8_t *input = (uint8_t *)initial_input;
487  uint32_t err_code = 0;
488  X509 *x509 = NULL;
489 
490  if (!(HAS_SPACE(3)))
491  return 0;
492 
493  uint32_t cert_chain_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
494  input += 3;
495 
496  if (!(HAS_SPACE(cert_chain_len)))
497  return 0;
498 
499  uint32_t processed_len = 0;
500  /* coverity[tainted_data] */
501  while (processed_len < cert_chain_len)
502  {
503  err_code = 0;
504  int rc = 0;
505 
506  if (!(HAS_SPACE(3)))
507  goto invalid_cert;
508 
509  uint32_t cert_len = *input << 16 | *(input + 1) << 8 | *(input + 2);
510  input += 3;
511 
512  if (!(HAS_SPACE(cert_len)))
513  goto invalid_cert;
514 
515  /* only store fields from the first certificate in the chain */
516  if (processed_len == 0 &&
517  ssl_state->server_connp.cert0_subject == NULL &&
518  ssl_state->server_connp.cert0_issuerdn == NULL &&
519  ssl_state->server_connp.cert0_serial == NULL)
520  {
521  int64_t not_before, not_after;
522 
523  x509 = rs_x509_decode(input, cert_len, &err_code);
524  if (x509 == NULL) {
525  TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
526  goto next;
527  }
528 
529  char *str = rs_x509_get_subject(x509);
530  if (str == NULL) {
531  err_code = ERR_EXTRACT_SUBJECT;
532  goto error;
533  }
534  ssl_state->server_connp.cert0_subject = str;
535 
536  str = rs_x509_get_issuer(x509);
537  if (str == NULL) {
538  err_code = ERR_EXTRACT_ISSUER;
539  goto error;
540  }
541  ssl_state->server_connp.cert0_issuerdn = str;
542 
543  str = rs_x509_get_serial(x509);
544  if (str == NULL) {
545  err_code = ERR_INVALID_SERIAL;
546  goto error;
547  }
548  ssl_state->server_connp.cert0_serial = str;
549 
550  rc = rs_x509_get_validity(x509, &not_before, &not_after);
551  if (rc != 0) {
552  err_code = ERR_EXTRACT_VALIDITY;
553  goto error;
554  }
555  ssl_state->server_connp.cert0_not_before = (time_t)not_before;
556  ssl_state->server_connp.cert0_not_after = (time_t)not_after;
557 
558  rs_x509_free(x509);
559  x509 = NULL;
560 
561  rc = TlsDecodeHSCertificateFingerprint(ssl_state, input, cert_len);
562  if (rc != 0) {
563  SCLogDebug("TlsDecodeHSCertificateFingerprint failed with %d", rc);
564  goto error;
565  }
566  }
567 
568  rc = TlsDecodeHSCertificateAddCertToChain(ssl_state, input, cert_len);
569  if (rc != 0) {
570  SCLogDebug("TlsDecodeHSCertificateAddCertToChain failed with %d", rc);
571  goto error;
572  }
573 
574 next:
575  input += cert_len;
576  processed_len += cert_len + 3;
577  }
578 
579  return (input - initial_input);
580 
581 error:
582  if (err_code != 0)
583  TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code);
584  if (x509 != NULL)
585  rs_x509_free(x509);
586  return -1;
587 
588 invalid_cert:
589  SCLogDebug("TLS invalid certificate");
591  return -1;
592 }
593 
594 /**
595  * \inline
596  * \brief Check if value is GREASE.
597  *
598  * http://tools.ietf.org/html/draft-davidben-tls-grease-00
599  *
600  * \param value Value to check.
601  *
602  * \retval 1 if is GREASE.
603  * \retval 0 if not is GREASE.
604  */
605 static inline int TLSDecodeValueIsGREASE(const uint16_t value)
606 {
607  switch (value)
608  {
609  case 0x0a0a:
610  case 0x1a1a:
611  case 0x2a2a:
612  case 0x3a3a:
613  case 0x4a4a:
614  case 0x5a5a:
615  case 0x6a6a:
616  case 0x7a7a:
617  case 0x8a8a:
618  case 0x9a9a:
619  case 0xaaaa:
620  case 0xbaba:
621  case 0xcaca:
622  case 0xdada:
623  case 0xeaea:
624  case 0xfafa:
625  return 1;
626  default:
627  return 0;
628  }
629 }
630 
631 static inline int TLSDecodeHSHelloVersion(SSLState *ssl_state,
632  const uint8_t * const initial_input,
633  const uint32_t input_len)
634 {
635  uint8_t *input = (uint8_t *)initial_input;
636 
638  SCLogDebug("TLS handshake invalid length");
639  SSLSetEvent(ssl_state,
641  return -1;
642  }
643 
644  uint16_t version = *input << 8 | *(input + 1);
645  ssl_state->curr_connp->version = version;
646 
647  /* TLSv1.3 draft1 to draft21 use the version field as earlier TLS
648  versions, instead of using the supported versions extension. */
649  if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) &&
650  ((ssl_state->curr_connp->version == TLS_VERSION_13) ||
651  (((ssl_state->curr_connp->version >> 8) & 0xff) == 0x7f))) {
652  ssl_state->flags |= SSL_AL_FLAG_LOG_WITHOUT_CERT;
653  }
654 
655  /* Catch some early TLSv1.3 draft implementations that does not conform
656  to the draft version. */
657  if ((ssl_state->curr_connp->version >= 0x7f01) &&
658  (ssl_state->curr_connp->version < 0x7f10)) {
660  }
661 
662  /* TLSv1.3 drafts from draft1 to draft15 use 0x0304 (TLSv1.3) as the
663  version number, which makes it hard to accurately pinpoint the
664  exact draft version. */
665  else if (ssl_state->curr_connp->version == TLS_VERSION_13) {
667  }
668 
669  if (SC_ATOMIC_GET(ssl_config.enable_ja3) && ssl_state->curr_connp->ja3_str == NULL) {
670  ssl_state->curr_connp->ja3_str = Ja3BufferInit();
671  if (ssl_state->curr_connp->ja3_str == NULL)
672  return -1;
673 
674  int rc = Ja3BufferAddValue(&ssl_state->curr_connp->ja3_str, version);
675  if (rc != 0)
676  return -1;
677  }
678 
680 
681  return (input - initial_input);
682 }
683 
684 static inline int TLSDecodeHSHelloRandom(SSLState *ssl_state,
685  const uint8_t * const initial_input,
686  const uint32_t input_len)
687 {
688  uint8_t *input = (uint8_t *)initial_input;
689 
691  SCLogDebug("TLS handshake invalid length");
692  SSLSetEvent(ssl_state,
694  return -1;
695  }
696 
697  /* Skip random */
699 
700  return (input - initial_input);
701 }
702 
703 static inline int TLSDecodeHSHelloSessionID(SSLState *ssl_state,
704  const uint8_t * const initial_input,
705  const uint32_t input_len)
706 {
707  uint8_t *input = (uint8_t *)initial_input;
708 
709  if (!(HAS_SPACE(1)))
710  goto invalid_length;
711 
712  uint8_t session_id_length = *input;
713  input += 1;
714 
715  if (!(HAS_SPACE(session_id_length)))
716  goto invalid_length;
717 
718  if (session_id_length != 0 && ssl_state->curr_connp->session_id == NULL) {
719  ssl_state->curr_connp->session_id = SCMalloc(session_id_length);
720 
721  if (unlikely(ssl_state->curr_connp->session_id == NULL)) {
722  return -1;
723  }
724 
725  if (SafeMemcpy(ssl_state->curr_connp->session_id, 0, session_id_length,
726  input, 0, input_len, session_id_length) != 0) {
727  return -1;
728  }
729  ssl_state->curr_connp->session_id_length = session_id_length;
730 
731  if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) &&
732  ssl_state->client_connp.session_id != NULL &&
733  ssl_state->server_connp.session_id != NULL) {
734  if ((ssl_state->client_connp.session_id_length ==
735  ssl_state->server_connp.session_id_length) &&
736  (memcmp(ssl_state->server_connp.session_id,
737  ssl_state->client_connp.session_id, session_id_length) == 0)) {
738  ssl_state->flags |= SSL_AL_FLAG_SESSION_RESUMED;
739  }
740  }
741  }
742 
743  input += session_id_length;
744 
745  return (input - initial_input);
746 
747 invalid_length:
748  SCLogDebug("TLS handshake invalid length");
749  SSLSetEvent(ssl_state,
751  return -1;
752 }
753 
754 static inline int TLSDecodeHSHelloCipherSuites(SSLState *ssl_state,
755  const uint8_t * const initial_input,
756  const uint32_t input_len)
757 {
758  const uint8_t *input = initial_input;
759 
760  if (!(HAS_SPACE(2)))
761  goto invalid_length;
762 
763  uint16_t cipher_suites_length;
764 
766  cipher_suites_length = 2;
767  } else if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
768  cipher_suites_length = *input << 8 | *(input + 1);
769  input += 2;
770  } else {
771  return -1;
772  }
773 
774  if (!(HAS_SPACE(cipher_suites_length)))
775  goto invalid_length;
776 
777  /* Cipher suites length should always be divisible by 2 */
778  if ((cipher_suites_length % 2) != 0) {
779  goto invalid_length;
780  }
781 
782  if (SC_ATOMIC_GET(ssl_config.enable_ja3)) {
783  JA3Buffer *ja3_cipher_suites = Ja3BufferInit();
784  if (ja3_cipher_suites == NULL)
785  return -1;
786 
787  uint16_t processed_len = 0;
788  /* coverity[tainted_data] */
789  while (processed_len < cipher_suites_length)
790  {
791  if (!(HAS_SPACE(2))) {
792  Ja3BufferFree(&ja3_cipher_suites);
793  goto invalid_length;
794  }
795 
796  uint16_t cipher_suite = *input << 8 | *(input + 1);
797  input += 2;
798 
799  if (TLSDecodeValueIsGREASE(cipher_suite) != 1) {
800  int rc = Ja3BufferAddValue(&ja3_cipher_suites, cipher_suite);
801  if (rc != 0) {
802  return -1;
803  }
804  }
805 
806  processed_len += 2;
807  }
808 
809  int rc = Ja3BufferAppendBuffer(&ssl_state->curr_connp->ja3_str,
810  &ja3_cipher_suites);
811  if (rc == -1) {
812  return -1;
813  }
814 
815  } else {
816  /* Skip cipher suites */
817  input += cipher_suites_length;
818  }
819 
820  return (input - initial_input);
821 
822 invalid_length:
823  SCLogDebug("TLS handshake invalid length");
824  SSLSetEvent(ssl_state,
826  return -1;
827 }
828 
829 static inline int TLSDecodeHSHelloCompressionMethods(SSLState *ssl_state,
830  const uint8_t * const initial_input,
831  const uint32_t input_len)
832 {
833  const uint8_t *input = initial_input;
834 
835  if (!(HAS_SPACE(1)))
836  goto invalid_length;
837 
838  /* Skip compression methods */
840  input += 1;
841  } else {
842  uint8_t compression_methods_length = *input;
843  input += 1;
844 
845  if (!(HAS_SPACE(compression_methods_length)))
846  goto invalid_length;
847 
848  input += compression_methods_length;
849  }
850 
851  return (input - initial_input);
852 
853 invalid_length:
854  SCLogDebug("TLS handshake invalid_length");
855  SSLSetEvent(ssl_state,
857  return -1;
858 }
859 
860 static inline int TLSDecodeHSHelloExtensionSni(SSLState *ssl_state,
861  const uint8_t * const initial_input,
862  const uint32_t input_len)
863 {
864  uint8_t *input = (uint8_t *)initial_input;
865 
866  /* Empty extension */
867  if (input_len == 0)
868  return 0;
869 
870  if (!(HAS_SPACE(2)))
871  goto invalid_length;
872 
873  /* Skip sni_list_length */
874  input += 2;
875 
876  if (!(HAS_SPACE(1)))
877  goto invalid_length;
878 
879  uint8_t sni_type = *input;
880  input += 1;
881 
882  /* Currently the only type allowed is host_name
883  (RFC6066 section 3). */
884  if (sni_type != SSL_SNI_TYPE_HOST_NAME) {
885  SCLogDebug("Unknown SNI type");
886  SSLSetEvent(ssl_state,
888  return -1;
889  }
890 
891  if (!(HAS_SPACE(2)))
892  goto invalid_length;
893 
894  uint16_t sni_len = *input << 8 | *(input + 1);
895  input += 2;
896 
897  /* host_name contains the fully qualified domain name,
898  and should therefore be limited by the maximum domain
899  name length. */
900  if (!(HAS_SPACE(sni_len)) || sni_len > 255 || sni_len == 0) {
901  SSLSetEvent(ssl_state,
903  return -1;
904  }
905 
906  /* There must not be more than one extension of the same
907  type (RFC5246 section 7.4.1.4). */
908  if (ssl_state->curr_connp->sni) {
909  SCLogDebug("Multiple SNI extensions");
910  SSLSetEvent(ssl_state,
912  input += sni_len;
913  return (input - initial_input);
914  }
915 
916  const size_t sni_strlen = sni_len + 1;
917  ssl_state->curr_connp->sni = SCMalloc(sni_strlen);
918  if (unlikely(ssl_state->curr_connp->sni == NULL))
919  return -1;
920 
921  const size_t consumed = input - initial_input;
922  if (SafeMemcpy(ssl_state->curr_connp->sni, 0, sni_strlen,
923  initial_input, consumed, input_len, sni_len) != 0) {
924  SCFree(ssl_state->curr_connp->sni);
925  ssl_state->curr_connp->sni = NULL;
926  return -1;
927  }
928  ssl_state->curr_connp->sni[sni_strlen-1] = 0;
929 
930  input += sni_len;
931 
932  return (input - initial_input);
933 
934 invalid_length:
935  SCLogDebug("TLS handshake invalid length");
936  SSLSetEvent(ssl_state,
938 
939 
940  return -1;
941 }
942 
943 static inline int TLSDecodeHSHelloExtensionSupportedVersions(SSLState *ssl_state,
944  const uint8_t * const initial_input,
945  const uint32_t input_len)
946 {
947  const uint8_t *input = initial_input;
948 
949  /* Empty extension */
950  if (input_len == 0)
951  return 0;
952 
954  if (!(HAS_SPACE(1)))
955  goto invalid_length;
956 
957  uint8_t supported_ver_len = *input;
958  input += 1;
959 
960  if (supported_ver_len < 2)
961  goto invalid_length;
962 
963  if (!(HAS_SPACE(supported_ver_len)))
964  goto invalid_length;
965 
966  /* Use the first (and prefered) version as client version */
967  ssl_state->curr_connp->version = *input << 8 | *(input + 1);
968 
969  /* Set a flag to indicate that we have seen this extension */
971 
972  input += supported_ver_len;
973  }
974  else if (ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) {
975  if (!(HAS_SPACE(2)))
976  goto invalid_length;
977 
978  uint16_t ver = *input << 8 | *(input + 1);
979 
980  if ((ssl_state->flags & SSL_AL_FLAG_CH_VERSION_EXTENSION) &&
981  (ver > TLS_VERSION_12)) {
982  ssl_state->flags |= SSL_AL_FLAG_LOG_WITHOUT_CERT;
983  }
984 
985  ssl_state->curr_connp->version = ver;
986  input += 2;
987  }
988 
989  return (input - initial_input);
990 
991 invalid_length:
992  SCLogDebug("TLS handshake invalid length");
993  SSLSetEvent(ssl_state,
995 
996  return -1;
997 }
998 
999 static inline int TLSDecodeHSHelloExtensionEllipticCurves(SSLState *ssl_state,
1000  const uint8_t * const initial_input,
1001  const uint32_t input_len,
1002  JA3Buffer *ja3_elliptic_curves)
1003 {
1004  const uint8_t *input = initial_input;
1005 
1006  /* Empty extension */
1007  if (input_len == 0)
1008  return 0;
1009 
1010  if (!(HAS_SPACE(2)))
1011  goto invalid_length;
1012 
1013  uint16_t elliptic_curves_len = *input << 8 | *(input + 1);
1014  input += 2;
1015 
1016  if (!(HAS_SPACE(elliptic_curves_len)))
1017  goto invalid_length;
1018 
1019  if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) &&
1020  SC_ATOMIC_GET(ssl_config.enable_ja3)) {
1021  uint16_t ec_processed_len = 0;
1022  /* coverity[tainted_data] */
1023  while (ec_processed_len < elliptic_curves_len)
1024  {
1025  if (!(HAS_SPACE(2)))
1026  goto invalid_length;
1027 
1028  uint16_t elliptic_curve = *input << 8 | *(input + 1);
1029  input += 2;
1030 
1031  if (TLSDecodeValueIsGREASE(elliptic_curve) != 1) {
1032  int rc = Ja3BufferAddValue(&ja3_elliptic_curves,
1033  elliptic_curve);
1034  if (rc != 0)
1035  return -1;
1036  }
1037 
1038  ec_processed_len += 2;
1039  }
1040 
1041  } else {
1042  /* Skip elliptic curves */
1043  input += elliptic_curves_len;
1044  }
1045 
1046  return (input - initial_input);
1047 
1048 invalid_length:
1049  SCLogDebug("TLS handshake invalid length");
1050  SSLSetEvent(ssl_state,
1052 
1053  return -1;
1054 }
1055 
1056 static inline int TLSDecodeHSHelloExtensionEllipticCurvePF(SSLState *ssl_state,
1057  const uint8_t * const initial_input,
1058  const uint32_t input_len,
1059  JA3Buffer *ja3_elliptic_curves_pf)
1060 {
1061  const uint8_t *input = initial_input;
1062 
1063  /* Empty extension */
1064  if (input_len == 0)
1065  return 0;
1066 
1067  if (!(HAS_SPACE(1)))
1068  goto invalid_length;
1069 
1070  uint8_t ec_pf_len = *input;
1071  input += 1;
1072 
1073  if (!(HAS_SPACE(ec_pf_len)))
1074  goto invalid_length;
1075 
1076  if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) &&
1077  SC_ATOMIC_GET(ssl_config.enable_ja3)) {
1078  uint8_t ec_pf_processed_len = 0;
1079  /* coverity[tainted_data] */
1080  while (ec_pf_processed_len < ec_pf_len)
1081  {
1082  uint8_t elliptic_curve_pf = *input;
1083  input += 1;
1084 
1085  if (TLSDecodeValueIsGREASE(elliptic_curve_pf) != 1) {
1086  int rc = Ja3BufferAddValue(&ja3_elliptic_curves_pf,
1087  elliptic_curve_pf);
1088  if (rc != 0)
1089  return -1;
1090  }
1091 
1092  ec_pf_processed_len += 1;
1093  }
1094 
1095  } else {
1096  /* Skip elliptic curve point formats */
1097  input += ec_pf_len;
1098  }
1099 
1100  return (input - initial_input);
1101 
1102 invalid_length:
1103  SCLogDebug("TLS handshake invalid length");
1104  SSLSetEvent(ssl_state,
1106 
1107  return -1;
1108 }
1109 
1110 static inline int TLSDecodeHSHelloExtensions(SSLState *ssl_state,
1111  const uint8_t * const initial_input,
1112  const uint32_t input_len)
1113 {
1114  const uint8_t *input = initial_input;
1115 
1116  int ret;
1117  int rc;
1118  const bool ja3 = (SC_ATOMIC_GET(ssl_config.enable_ja3) == 1);
1119 
1120  JA3Buffer *ja3_extensions = NULL;
1121  JA3Buffer *ja3_elliptic_curves = NULL;
1122  JA3Buffer *ja3_elliptic_curves_pf = NULL;
1123 
1124  if (ja3) {
1125  ja3_extensions = Ja3BufferInit();
1126  if (ja3_extensions == NULL)
1127  goto error;
1128 
1129  if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
1130  ja3_elliptic_curves = Ja3BufferInit();
1131  if (ja3_elliptic_curves == NULL)
1132  goto error;
1133 
1134  ja3_elliptic_curves_pf = Ja3BufferInit();
1135  if (ja3_elliptic_curves_pf == NULL)
1136  goto error;
1137  }
1138  }
1139 
1140  /* Extensions are optional (RFC5246 section 7.4.1.2) */
1141  if (!(HAS_SPACE(2)))
1142  goto end;
1143 
1144  uint16_t extensions_len = *input << 8 | *(input + 1);
1145  input += 2;
1146 
1147  if (!(HAS_SPACE(extensions_len)))
1148  goto invalid_length;
1149 
1150  uint16_t processed_len = 0;
1151  /* coverity[tainted_data] */
1152  while (processed_len < extensions_len)
1153  {
1154  if (!(HAS_SPACE(2)))
1155  goto invalid_length;
1156 
1157  uint16_t ext_type = *input << 8 | *(input + 1);
1158  input += 2;
1159 
1160  if (!(HAS_SPACE(2)))
1161  goto invalid_length;
1162 
1163  uint16_t ext_len = *input << 8 | *(input + 1);
1164  input += 2;
1165 
1166  if (!(HAS_SPACE(ext_len)))
1167  goto invalid_length;
1168 
1169  switch (ext_type) {
1170  case SSL_EXTENSION_SNI:
1171  {
1172  /* coverity[tainted_data] */
1173  ret = TLSDecodeHSHelloExtensionSni(ssl_state, input,
1174  ext_len);
1175  if (ret < 0)
1176  goto end;
1177 
1178  input += ret;
1179 
1180  break;
1181  }
1182 
1184  {
1185  /* coverity[tainted_data] */
1186  ret = TLSDecodeHSHelloExtensionEllipticCurves(ssl_state, input,
1187  ext_len,
1188  ja3_elliptic_curves);
1189  if (ret < 0)
1190  goto end;
1191 
1192  input += ret;
1193 
1194  break;
1195  }
1196 
1198  {
1199  /* coverity[tainted_data] */
1200  ret = TLSDecodeHSHelloExtensionEllipticCurvePF(ssl_state, input,
1201  ext_len,
1202  ja3_elliptic_curves_pf);
1203  if (ret < 0)
1204  goto end;
1205 
1206  input += ret;
1207 
1208  break;
1209  }
1210 
1212  {
1213  if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
1214  /* Used by 0-RTT to indicate that encrypted data will
1215  be sent right after the ClientHello record. */
1216  ssl_state->flags |= SSL_AL_FLAG_EARLY_DATA;
1217  }
1218 
1219  input += ext_len;
1220 
1221  break;
1222  }
1223 
1225  {
1226  ret = TLSDecodeHSHelloExtensionSupportedVersions(ssl_state, input,
1227  ext_len);
1228  if (ret < 0)
1229  goto end;
1230 
1231  input += ret;
1232 
1233  break;
1234  }
1235 
1237  {
1238  if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
1239  /* This has to be verified later on by checking if a
1240  certificate record has been sent by the server. */
1241  ssl_state->flags |= SSL_AL_FLAG_SESSION_RESUMED;
1242  }
1243 
1244  input += ext_len;
1245 
1246  break;
1247  }
1248 
1249  default:
1250  {
1251  input += ext_len;
1252  break;
1253  }
1254  }
1255 
1256  if (ja3) {
1257  if (TLSDecodeValueIsGREASE(ext_type) != 1) {
1258  rc = Ja3BufferAddValue(&ja3_extensions, ext_type);
1259  if (rc != 0)
1260  goto error;
1261  }
1262  }
1263 
1264  processed_len += ext_len + 4;
1265  }
1266 
1267 end:
1268  if (ja3) {
1269  rc = Ja3BufferAppendBuffer(&ssl_state->curr_connp->ja3_str,
1270  &ja3_extensions);
1271  if (rc == -1)
1272  goto error;
1273 
1274  if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
1275  rc = Ja3BufferAppendBuffer(&ssl_state->curr_connp->ja3_str,
1276  &ja3_elliptic_curves);
1277  if (rc == -1)
1278  goto error;
1279 
1280  rc = Ja3BufferAppendBuffer(&ssl_state->curr_connp->ja3_str,
1281  &ja3_elliptic_curves_pf);
1282  if (rc == -1)
1283  goto error;
1284  }
1285  }
1286 
1287  return (input - initial_input);
1288 
1289 invalid_length:
1290  SCLogDebug("TLS handshake invalid length");
1291  SSLSetEvent(ssl_state,
1293 
1294 error:
1295  if (ja3_extensions != NULL)
1296  Ja3BufferFree(&ja3_extensions);
1297  if (ja3_elliptic_curves != NULL)
1298  Ja3BufferFree(&ja3_elliptic_curves);
1299  if (ja3_elliptic_curves_pf != NULL)
1300  Ja3BufferFree(&ja3_elliptic_curves_pf);
1301 
1302  return -1;
1303 }
1304 
1305 static int TLSDecodeHandshakeHello(SSLState *ssl_state,
1306  const uint8_t * const input,
1307  const uint32_t input_len)
1308 {
1309  int ret;
1310  uint32_t parsed = 0;
1311 
1312  ret = TLSDecodeHSHelloVersion(ssl_state, input, input_len);
1313  if (ret < 0)
1314  goto end;
1315 
1316  parsed += ret;
1317 
1318  ret = TLSDecodeHSHelloRandom(ssl_state, input + parsed, input_len - parsed);
1319  if (ret < 0)
1320  goto end;
1321 
1322  parsed += ret;
1323 
1324  /* The session id field in the server hello record was removed in
1325  TLSv1.3 draft1, but was readded in draft22. */
1326  if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) ||
1328  ((ssl_state->flags & SSL_AL_FLAG_LOG_WITHOUT_CERT) == 0))) {
1329  ret = TLSDecodeHSHelloSessionID(ssl_state, input + parsed,
1330  input_len - parsed);
1331  if (ret < 0)
1332  goto end;
1333 
1334  parsed += ret;
1335  }
1336 
1337  ret = TLSDecodeHSHelloCipherSuites(ssl_state, input + parsed,
1338  input_len - parsed);
1339  if (ret < 0)
1340  goto end;
1341 
1342  parsed += ret;
1343 
1344  /* The compression methods field in the server hello record was
1345  removed in TLSv1.3 draft1, but was readded in draft22. */
1346  if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) ||
1348  ((ssl_state->flags & SSL_AL_FLAG_LOG_WITHOUT_CERT) == 0))) {
1349  ret = TLSDecodeHSHelloCompressionMethods(ssl_state, input + parsed,
1350  input_len - parsed);
1351  if (ret < 0)
1352  goto end;
1353 
1354  parsed += ret;
1355  }
1356 
1357  ret = TLSDecodeHSHelloExtensions(ssl_state, input + parsed,
1358  input_len - parsed);
1359  if (ret < 0)
1360  goto end;
1361 
1362  if (SC_ATOMIC_GET(ssl_config.enable_ja3) && ssl_state->curr_connp->ja3_hash == NULL) {
1363  ssl_state->curr_connp->ja3_hash = Ja3GenerateHash(ssl_state->curr_connp->ja3_str);
1364  }
1365 
1366 end:
1367  ssl_state->curr_connp->hs_bytes_processed = 0;
1368  return 0;
1369 }
1370 
1371 /** \internal
1372  * \brief Get Certificates len so we can know now much (more) we need to buffer
1373  * If we already have a few bytes queued up in 'trec' we use those or a mix of
1374  * those with the input.
1375  */
1376 static uint32_t GetCertsLen(SSLStateConnp *curr_connp, const uint8_t *input,
1377  const uint32_t input_len)
1378 {
1379  if (curr_connp->trec != NULL && curr_connp->trec_pos > 0) {
1380  if (curr_connp->trec_pos >= 3) {
1381  const uint8_t * const ptr = curr_connp->trec;
1382  uint32_t len = (*ptr << 16 | *(ptr + 1) << 8 | *(ptr + 2)) + 3;
1383  SCLogDebug("length %u (trec)", len);
1384  return len;
1385  } else if (input_len + curr_connp->trec_pos >= 3) {
1386  uint8_t buf[3] = { 0, 0, 0, }; // init to 0 to make scan-build happy
1387  uint32_t i = 0;
1388  for (uint32_t x = 0; x < curr_connp->trec_pos && i < 3; x++) {
1389  buf[i++] = curr_connp->trec[x];
1390  }
1391  for (uint32_t x = 0; x < input_len && i < 3; x++) {
1392  buf[i++] = input[x];
1393  }
1394  uint32_t len = (buf[0] << 16 | buf[1] << 8 | buf[2]) + 3;
1395  SCLogDebug("length %u (part trec, part input)", len);
1396  return len;
1397  }
1398  return 0;
1399  } else if (input_len >= 3) {
1400  uint32_t len = (*input << 16 | *(input + 1) << 8 | *(input + 2)) + 3;
1401  SCLogDebug("length %u (input)", len);
1402  return len;
1403  } else {
1404  SCLogDebug("length unknown (input len %u)", input_len);
1405  return 0;
1406  }
1407 }
1408 
1409 /** \internal
1410  * \brief setup or grow the `trec` space in the connp
1411  */
1412 static int EnsureRecordSpace(SSLStateConnp *curr_connp, const uint8_t * const input,
1413  const uint32_t input_len)
1414 {
1415  ValidateTrecBuffer(curr_connp);
1416 
1417  uint32_t certs_len = GetCertsLen(curr_connp, input, input_len);
1418  if (certs_len == 0) {
1419  SCLogDebug("cert_len unknown still, create small buffer to start");
1420  certs_len = 256;
1421  }
1422 
1423  if (curr_connp->trec == NULL) {
1424  curr_connp->trec_len = certs_len;
1425  curr_connp->trec = SCMalloc(curr_connp->trec_len);
1426  if (unlikely(curr_connp->trec == NULL))
1427  goto error;
1428  }
1429 
1430  if (certs_len > curr_connp->trec_len) {
1431  curr_connp->trec_len = certs_len;
1432  void *ptmp = SCRealloc(curr_connp->trec, curr_connp->trec_len);
1433  if (unlikely(ptmp == NULL)) {
1434  SCFree(curr_connp->trec);
1435  curr_connp->trec = NULL;
1436  goto error;
1437  }
1438  curr_connp->trec = ptmp;
1439  }
1440  ValidateTrecBuffer(curr_connp);
1441  return 0;
1442 error:
1443  curr_connp->trec_len = 0;
1444  curr_connp->trec_pos = 0;
1445  ValidateTrecBuffer(curr_connp);
1446  return -1;
1447 }
1448 
1449 static inline bool
1450 HaveEntireRecord(const SSLStateConnp *curr_connp, const uint32_t input_len)
1451 {
1452  return (curr_connp->bytes_processed + input_len) >=
1453  (curr_connp->record_length + SSLV3_RECORD_HDR_LEN);
1454 }
1455 
1456 #ifdef DEBUG_VALIDATION
1457 static inline bool
1458 RecordAlreadyProcessed(const SSLStateConnp *curr_connp)
1459 {
1460  return ((curr_connp->record_length + SSLV3_RECORD_HDR_LEN) <
1461  curr_connp->bytes_processed);
1462 }
1463 #endif
1464 
1465 static inline int SSLv3ParseHandshakeTypeCertificate(SSLState *ssl_state,
1466  const uint8_t * const initial_input,
1467  const uint32_t input_len)
1468 {
1469  ValidateTrecBuffer(ssl_state->curr_connp);
1470  const uint32_t certs_len = GetCertsLen(ssl_state->curr_connp, initial_input, input_len);
1471  SCLogDebug("certs_len %u", certs_len);
1472 
1473  if (EnsureRecordSpace(ssl_state->curr_connp, initial_input, input_len) < 0) {
1474  /* error, skip input data */
1475  ssl_state->curr_connp->bytes_processed += input_len;
1476  return -1;
1477  }
1478  ValidateTrecBuffer(ssl_state->curr_connp);
1479 
1480  uint32_t write_len = 0;
1481  if (certs_len != 0 && ssl_state->curr_connp->trec_pos + input_len >= certs_len) {
1482  write_len = certs_len - ssl_state->curr_connp->trec_pos;
1483  /* get data left in this frag. The length field may indicate more
1484  * data than just in this record. */
1485  uint32_t cur_frag_left = ssl_state->curr_connp->record_length +
1487  SCLogDebug("write_len %u cur_frag_left %u", write_len, cur_frag_left);
1488  write_len = MIN(write_len, cur_frag_left);
1489  } else {
1490  uint32_t cur_frag_left = (ssl_state->curr_connp->record_length +
1492  SCLogDebug("cur_frag_left %u", cur_frag_left);
1493  write_len = MIN(input_len, cur_frag_left);
1494  SCLogDebug("write_len %u", write_len);
1495  }
1496  if (write_len == 0) {
1497  /* no (new) data, so we're done */
1498  ValidateTrecBuffer(ssl_state->curr_connp);
1499  return 0;
1500  }
1501  BUG_ON(write_len > input_len);
1502 
1503  if (SafeMemcpy(ssl_state->curr_connp->trec,
1504  ssl_state->curr_connp->trec_pos,
1505  ssl_state->curr_connp->trec_len,
1506  initial_input, 0, input_len, write_len) != 0) {
1507  return -1;
1508  }
1509  ssl_state->curr_connp->trec_pos += write_len;
1510  SCLogDebug("ssl_state->curr_connp->trec_pos %u", ssl_state->curr_connp->trec_pos);
1511  DEBUG_VALIDATE_BUG_ON(certs_len != 0 && certs_len < ssl_state->curr_connp->trec_pos);
1512 
1513  /* if we didn't yet get enough to determine the certs len, or we can
1514  * see we didn't buffer enough for the certs, don't bother trying to
1515  * parse it the data */
1516  if (certs_len == 0 || certs_len > ssl_state->curr_connp->trec_pos) {
1517  ssl_state->curr_connp->bytes_processed += write_len;
1518  SCLogDebug("bytes_processed %u record_len %u",
1519  ssl_state->curr_connp->bytes_processed, ssl_state->curr_connp->record_length);
1520  ValidateTrecBuffer(ssl_state->curr_connp);
1521  return write_len;
1522  }
1523 
1524  int rc = TlsDecodeHSCertificate(ssl_state, ssl_state->curr_connp->trec,
1525  ssl_state->curr_connp->trec_pos);
1526  SCLogDebug("rc %d", rc);
1527  if (rc > 0) {
1528  DEBUG_VALIDATE_BUG_ON(rc != (int)ssl_state->curr_connp->trec_pos);
1529  SSLParserHSReset(ssl_state->curr_connp);
1530  } else if (rc < 0) {
1531  SCLogDebug("error parsing cert, reset state");
1532  SSLParserHSReset(ssl_state->curr_connp);
1533  /* fall through to still consume the cert bytes */
1534  }
1535  ssl_state->curr_connp->bytes_processed += write_len;
1536  ValidateTrecBuffer(ssl_state->curr_connp);
1537  return write_len;
1538 }
1539 
1540 /**
1541  * \retval parsed number of consumed bytes
1542  * \retval < 0 error
1543  */
1544 static int SSLv3ParseHandshakeType(SSLState *ssl_state, const uint8_t *input,
1545  uint32_t input_len, uint8_t direction)
1546 {
1547  const uint8_t *initial_input = input;
1548  int rc;
1549 
1550  if (input_len == 0) {
1551  return 0;
1552  }
1553  DEBUG_VALIDATE_BUG_ON(RecordAlreadyProcessed(ssl_state->curr_connp));
1554 
1555  switch (ssl_state->curr_connp->handshake_type) {
1556  case SSLV3_HS_CLIENT_HELLO:
1558 
1559  /* Only parse the message if it is complete */
1560  if (input_len >= ssl_state->curr_connp->message_length &&
1561  input_len >= 40) {
1562  rc = TLSDecodeHandshakeHello(ssl_state, input, input_len);
1563  if (rc < 0)
1564  return rc;
1565  }
1566 
1567  break;
1568 
1569  case SSLV3_HS_SERVER_HELLO:
1571 
1572  /* Only parse the message if it is complete */
1573  if (input_len >= ssl_state->curr_connp->message_length &&
1574  input_len >= 40) {
1575  rc = TLSDecodeHandshakeHello(ssl_state, input,
1576  ssl_state->curr_connp->message_length);
1577  if (rc < 0)
1578  return rc;
1579  }
1580 
1581  break;
1582 
1585  break;
1586 
1589  break;
1590 
1591  case SSLV3_HS_CERTIFICATE:
1592  /* For now, only decode the server certificate */
1593  if (direction == 0) {
1594  SCLogDebug("Incorrect SSL Record type sent in the toserver "
1595  "direction!");
1596  break;
1597  }
1598  rc = SSLv3ParseHandshakeTypeCertificate(ssl_state,
1599  initial_input, input_len);
1600  return rc;
1601  break;
1602 
1606  case SSLV3_HS_FINISHED:
1609  break;
1611  SCLogDebug("new session ticket");
1612  break;
1613  default:
1615  return -1;
1616  }
1617 
1618  ssl_state->flags |= ssl_state->current_flags;
1619 
1620  SCLogDebug("message: start %u length %u", ssl_state->curr_connp->message_start, ssl_state->curr_connp->message_length);
1621  SCLogDebug("input_len %u ssl_state->curr_connp->bytes_processed %u", input_len, ssl_state->curr_connp->bytes_processed);
1622 
1623  uint32_t write_len = 0;
1624  if (ssl_state->curr_connp->message_start + ssl_state->curr_connp->message_length <
1625  ssl_state->curr_connp->bytes_processed + input_len) {
1626  SCLogDebug("msg done");
1627 
1628  // Safety check against integer underflow
1630  ssl_state->curr_connp->message_start + ssl_state->curr_connp->message_length <
1631  ssl_state->curr_connp->bytes_processed);
1632  write_len = (ssl_state->curr_connp->message_start + ssl_state->curr_connp->message_length) -
1633  ssl_state->curr_connp->bytes_processed;
1634  DEBUG_VALIDATE_BUG_ON(write_len > input_len);
1635  ssl_state->curr_connp->bytes_processed += write_len;
1636  SSLParserHSReset(ssl_state->curr_connp);
1637  SCLogDebug("write_len %u", write_len);
1638  return write_len;
1639  } else {
1640  ssl_state->curr_connp->bytes_processed += input_len;
1641  return input_len;
1642  }
1643 }
1644 
1645 static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, const uint8_t *input,
1646  uint32_t input_len, uint8_t direction)
1647 {
1648  const uint8_t *initial_input = input;
1649 
1650  if (input_len == 0 || ssl_state->curr_connp->bytes_processed ==
1651  (ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN)) {
1652  return 0;
1653  }
1654 
1655  SCLogDebug("bytes_processed %u", ssl_state->curr_connp->bytes_processed);
1656  SCLogDebug("ssl_state->curr_connp->hs_bytes_processed %u input %p input_len %u",
1657  ssl_state->curr_connp->hs_bytes_processed, input, input_len);
1658 
1659  switch (ssl_state->curr_connp->hs_bytes_processed) {
1660  case 0:
1661  ssl_state->curr_connp->handshake_type = *(input++);
1662  ssl_state->curr_connp->bytes_processed++;
1663  ssl_state->curr_connp->hs_bytes_processed++;
1664  if (--input_len == 0 || ssl_state->curr_connp->bytes_processed ==
1665  (ssl_state->curr_connp->record_length +
1667  return (input - initial_input);
1668  }
1669 
1670  /* fall through */
1671  case 1:
1672  ssl_state->curr_connp->message_length = *(input++) << 16;
1673  ssl_state->curr_connp->bytes_processed++;
1674  ssl_state->curr_connp->hs_bytes_processed++;
1675  if (--input_len == 0 || ssl_state->curr_connp->bytes_processed ==
1676  (ssl_state->curr_connp->record_length +
1678  return (input - initial_input);
1679  }
1680 
1681  /* fall through */
1682  case 2:
1683  ssl_state->curr_connp->message_length |= *(input++) << 8;
1684  ssl_state->curr_connp->bytes_processed++;
1685  ssl_state->curr_connp->hs_bytes_processed++;
1686  if (--input_len == 0 || ssl_state->curr_connp->bytes_processed ==
1687  (ssl_state->curr_connp->record_length +
1689  return (input - initial_input);
1690  }
1691 
1692  /* fall through */
1693  case 3:
1694  ssl_state->curr_connp->message_length |= *(input++);
1695  ssl_state->curr_connp->bytes_processed++;
1696  ssl_state->curr_connp->hs_bytes_processed++;
1697  --input_len;
1698  ssl_state->curr_connp->message_start = ssl_state->curr_connp->bytes_processed;
1699 
1700  /* fall through */
1701  }
1702  SCLogDebug("message len %u input %p", ssl_state->curr_connp->message_length, input);
1703 
1704  int retval = SSLv3ParseHandshakeType(ssl_state, input, input_len, direction);
1705  if (retval < 0 || retval > (int)input_len) {
1706  DEBUG_VALIDATE_BUG_ON(retval > (int)input_len);
1707  return retval;
1708  }
1709  SCLogDebug("retval %d input_len %u", retval, input_len);
1710  input += retval;
1711 
1712  return (input - initial_input);
1713 }
1714 
1715 /**
1716  * \internal
1717  * \brief TLS Heartbeat parser (see RFC 6520)
1718  *
1719  * \param sslstate Pointer to the SSL state.
1720  * \param input Pointer to the received input data.
1721  * \param input_len Length in bytes of the received data.
1722  * \param direction 1 toclient, 0 toserver
1723  *
1724  * \retval The number of bytes parsed on success, 0 if nothing parsed, -1 on failure.
1725  */
1726 static int SSLv3ParseHeartbeatProtocol(SSLState *ssl_state, const uint8_t *input,
1727  uint32_t input_len, uint8_t direction)
1728 {
1729  uint8_t hb_type;
1730  uint16_t payload_len;
1731  uint16_t padding_len;
1732 
1733  /* expect at least 3 bytes: heartbeat type (1) + length (2) */
1734  if (input_len < 3) {
1735  return 0;
1736  }
1737 
1738  hb_type = *input++;
1739 
1740  if (!(ssl_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC)) {
1741  if (!(hb_type == TLS_HB_REQUEST || hb_type == TLS_HB_RESPONSE)) {
1743  return -1;
1744  }
1745  }
1746 
1747  if ((ssl_state->flags & SSL_AL_FLAG_HB_INFLIGHT) == 0) {
1748  ssl_state->flags |= SSL_AL_FLAG_HB_INFLIGHT;
1749 
1750  if (direction) {
1751  SCLogDebug("HeartBeat Record type sent in the toclient direction!");
1752  ssl_state->flags |= SSL_AL_FLAG_HB_SERVER_INIT;
1753  } else {
1754  SCLogDebug("HeartBeat Record type sent in the toserver direction!");
1755  ssl_state->flags |= SSL_AL_FLAG_HB_CLIENT_INIT;
1756  }
1757 
1758  /* if we reach this point, then we can assume that the HB request
1759  is encrypted. If so, let's set the HB record length */
1760  if (ssl_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) {
1761  ssl_state->hb_record_len = ssl_state->curr_connp->record_length;
1762  SCLogDebug("Encrypted HeartBeat Request In-flight. Storing len %u",
1763  ssl_state->hb_record_len);
1764  return (ssl_state->curr_connp->record_length - 3);
1765  }
1766 
1767  payload_len = (*input++) << 8;
1768  payload_len |= (*input++);
1769 
1770  /* check that the requested payload length is really present in
1771  the record (CVE-2014-0160) */
1772  if ((uint32_t)(payload_len+3) > ssl_state->curr_connp->record_length) {
1773  SCLogDebug("We have a short record in HeartBeat Request");
1775  return -1;
1776  }
1777 
1778  /* check the padding length. It must be at least 16 bytes
1779  (RFC 6520, section 4) */
1780  padding_len = ssl_state->curr_connp->record_length - payload_len - 3;
1781  if (padding_len < 16) {
1782  SCLogDebug("We have a short record in HeartBeat Request");
1784  return -1;
1785  }
1786 
1787  /* we don't have the payload */
1788  if (input_len < payload_len + padding_len) {
1789  return 0;
1790  }
1791 
1792  /* OpenSSL still seems to discard multiple in-flight
1793  heartbeats although some tools send multiple at once */
1794  } else if (direction == 1 && (ssl_state->flags & SSL_AL_FLAG_HB_INFLIGHT) &&
1795  (ssl_state->flags & SSL_AL_FLAG_HB_SERVER_INIT)) {
1796  SCLogDebug("Multiple in-flight server initiated HeartBeats");
1798  return -1;
1799 
1800  } else if (direction == 0 && (ssl_state->flags & SSL_AL_FLAG_HB_INFLIGHT) &&
1801  (ssl_state->flags & SSL_AL_FLAG_HB_CLIENT_INIT)) {
1802  SCLogDebug("Multiple in-flight client initiated HeartBeats");
1804  return -1;
1805 
1806  } else {
1807  /* we have a HB record in the opposite direction of the request,
1808  let's reset our flags */
1809  ssl_state->flags &= ~SSL_AL_FLAG_HB_INFLIGHT;
1810  ssl_state->flags &= ~SSL_AL_FLAG_HB_SERVER_INIT;
1811  ssl_state->flags &= ~SSL_AL_FLAG_HB_CLIENT_INIT;
1812 
1813  /* if we reach this point, then we can assume that the HB request
1814  is encrypted. If so, let's set the HB record length */
1815  if (ssl_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) {
1816  /* check to see if the encrypted response is longer than the
1817  encrypted request */
1818  if (ssl_state->hb_record_len > 0 && ssl_state->hb_record_len <
1819  ssl_state->curr_connp->record_length) {
1820  SCLogDebug("My heart is bleeding.. OpenSSL HeartBleed response (%u)",
1821  ssl_state->hb_record_len);
1822  SSLSetEvent(ssl_state,
1824  ssl_state->hb_record_len = 0;
1825  return -1;
1826  }
1827  }
1828 
1829  /* reset the HB record length in case we have a legit HB followed
1830  by a bad one */
1831  ssl_state->hb_record_len = 0;
1832  }
1833 
1834  /* skip the HeartBeat, 3 bytes were already parsed,
1835  e.g |18 03 02| for TLS 1.2 */
1836  return (ssl_state->curr_connp->record_length - 3);
1837 }
1838 
1839 static int SSLv3ParseRecord(uint8_t direction, SSLState *ssl_state,
1840  const uint8_t *input, uint32_t input_len)
1841 {
1842  const uint8_t *initial_input = input;
1843 
1844  if (input_len == 0) {
1845  return 0;
1846  }
1847 
1848  uint8_t skip_version = 0;
1849 
1850  /* Only set SSL/TLS version here if it has not already been set in
1851  client/server hello. */
1852  if (direction == 0) {
1853  if ((ssl_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) &&
1854  (ssl_state->client_connp.version != TLS_VERSION_UNKNOWN)) {
1855  skip_version = 1;
1856  }
1857  } else {
1858  if ((ssl_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) &&
1859  (ssl_state->server_connp.version != TLS_VERSION_UNKNOWN)) {
1860  skip_version = 1;
1861  }
1862  }
1863 
1864  switch (ssl_state->curr_connp->bytes_processed) {
1865  case 0:
1866  if (input_len >= 5) {
1867  ssl_state->curr_connp->content_type = input[0];
1868  if (!skip_version) {
1869  ssl_state->curr_connp->version = input[1] << 8;
1870  ssl_state->curr_connp->version |= input[2];
1871  }
1872  ssl_state->curr_connp->record_length = input[3] << 8;
1873  ssl_state->curr_connp->record_length |= input[4];
1875  return SSLV3_RECORD_HDR_LEN;
1876  } else {
1877  ssl_state->curr_connp->content_type = *(input++);
1878  if (--input_len == 0)
1879  break;
1880  }
1881 
1882  /* fall through */
1883  case 1:
1884  if (!skip_version) {
1885  ssl_state->curr_connp->version = *(input++) << 8;
1886  } else {
1887  input++;
1888  }
1889  if (--input_len == 0)
1890  break;
1891 
1892  /* fall through */
1893  case 2:
1894  if (!skip_version) {
1895  ssl_state->curr_connp->version |= *(input++);
1896  } else {
1897  input++;
1898  }
1899  if (--input_len == 0)
1900  break;
1901 
1902  /* fall through */
1903  case 3:
1904  ssl_state->curr_connp->record_length = *(input++) << 8;
1905  if (--input_len == 0)
1906  break;
1907 
1908  /* fall through */
1909  case 4:
1910  ssl_state->curr_connp->record_length |= *(input++);
1911  if (--input_len == 0)
1912  break;
1913 
1914  /* fall through */
1915  }
1916 
1917  ssl_state->curr_connp->bytes_processed += (input - initial_input);
1918 
1919  return (input - initial_input);
1920 }
1921 
1922 static int SSLv2ParseRecord(uint8_t direction, SSLState *ssl_state,
1923  const uint8_t *input, uint32_t input_len)
1924 {
1925  const uint8_t *initial_input = input;
1926 
1927  if (input_len == 0) {
1928  return 0;
1929  }
1930 
1931  if (ssl_state->curr_connp->record_lengths_length == 2) {
1932  switch (ssl_state->curr_connp->bytes_processed) {
1933  case 0:
1934  if (input_len >= ssl_state->curr_connp->record_lengths_length + 1) {
1935  ssl_state->curr_connp->record_length = (0x7f & input[0]) << 8 | input[1];
1936  ssl_state->curr_connp->content_type = input[2];
1937  ssl_state->curr_connp->version = SSL_VERSION_2;
1938  ssl_state->curr_connp->bytes_processed += 3;
1939  return 3;
1940  } else {
1941  ssl_state->curr_connp->record_length = (0x7f & *(input++)) << 8;
1942  if (--input_len == 0)
1943  break;
1944  }
1945 
1946  /* fall through */
1947  case 1:
1948  ssl_state->curr_connp->record_length |= *(input++);
1949  if (--input_len == 0)
1950  break;
1951 
1952  /* fall through */
1953  case 2:
1954  ssl_state->curr_connp->content_type = *(input++);
1955  ssl_state->curr_connp->version = SSL_VERSION_2;
1956  if (--input_len == 0)
1957  break;
1958 
1959  /* fall through */
1960  }
1961 
1962  } else {
1963  switch (ssl_state->curr_connp->bytes_processed) {
1964  case 0:
1965  if (input_len >= ssl_state->curr_connp->record_lengths_length + 1) {
1966  ssl_state->curr_connp->record_length = (0x3f & input[0]) << 8 | input[1];
1967  ssl_state->curr_connp->content_type = input[3];
1968  ssl_state->curr_connp->version = SSL_VERSION_2;
1969  ssl_state->curr_connp->bytes_processed += 4;
1970  return 4;
1971  } else {
1972  ssl_state->curr_connp->record_length = (0x3f & *(input++)) << 8;
1973  if (--input_len == 0)
1974  break;
1975  }
1976 
1977  /* fall through */
1978  case 1:
1979  ssl_state->curr_connp->record_length |= *(input++);
1980  if (--input_len == 0)
1981  break;
1982 
1983  /* fall through */
1984  case 2:
1985  /* padding */
1986  input++;
1987  if (--input_len == 0)
1988  break;
1989 
1990  /* fall through */
1991  case 3:
1992  ssl_state->curr_connp->content_type = *(input++);
1993  ssl_state->curr_connp->version = SSL_VERSION_2;
1994  if (--input_len == 0)
1995  break;
1996 
1997  /* fall through */
1998  }
1999  }
2000 
2001  ssl_state->curr_connp->bytes_processed += (input - initial_input);
2002 
2003  return (input - initial_input);
2004 }
2005 
2006 static int SSLv2Decode(uint8_t direction, SSLState *ssl_state,
2007  AppLayerParserState *pstate, const uint8_t *input,
2008  uint32_t input_len)
2009 {
2010  int retval = 0;
2011  const uint8_t *initial_input = input;
2012 
2013  if (ssl_state->curr_connp->bytes_processed == 0) {
2014  if (input[0] & 0x80) {
2015  ssl_state->curr_connp->record_lengths_length = 2;
2016  } else {
2017  ssl_state->curr_connp->record_lengths_length = 3;
2018  }
2019  }
2020 
2021  /* the +1 is because we read one extra byte inside SSLv2ParseRecord
2022  to read the msg_type */
2023  if (ssl_state->curr_connp->bytes_processed <
2024  (ssl_state->curr_connp->record_lengths_length + 1)) {
2025  retval = SSLv2ParseRecord(direction, ssl_state, input, input_len);
2026  if (retval < 0 || retval > (int)input_len) {
2027  DEBUG_VALIDATE_BUG_ON(retval > (int)input_len);
2029  return -1;
2030  }
2031  input += retval;
2032  input_len -= retval;
2033  }
2034 
2035  if (input_len == 0) {
2036  return (input - initial_input);
2037  }
2038 
2039  /* record_length should never be zero */
2040  if (ssl_state->curr_connp->record_length == 0) {
2041  SCLogDebug("SSLv2 record length is zero");
2043  return -1;
2044  }
2045 
2046  /* record_lenghts_length should never be zero */
2047  if (ssl_state->curr_connp->record_lengths_length == 0) {
2048  SCLogDebug("SSLv2 record lengths length is zero");
2050  return -1;
2051  }
2052 
2053  switch (ssl_state->curr_connp->content_type) {
2054  case SSLV2_MT_ERROR:
2055  SCLogDebug("SSLV2_MT_ERROR msg_type received. Error encountered "
2056  "in establishing the sslv2 session, may be version");
2058 
2059  break;
2060 
2061  case SSLV2_MT_CLIENT_HELLO:
2064 
2065  if (ssl_state->curr_connp->record_lengths_length == 3) {
2066  switch (ssl_state->curr_connp->bytes_processed) {
2067  case 4:
2068  if (input_len >= 6) {
2069  uint16_t session_id_length = input[5] | (input[4] << 8);
2070  input += 6;
2071  input_len -= 6;
2072  ssl_state->curr_connp->bytes_processed += 6;
2073  if (session_id_length == 0) {
2075  }
2076 
2077  break;
2078  } else {
2079  input++;
2080  ssl_state->curr_connp->bytes_processed++;
2081  if (--input_len == 0)
2082  break;
2083  }
2084 
2085  /* fall through */
2086  case 5:
2087  input++;
2088  ssl_state->curr_connp->bytes_processed++;
2089  if (--input_len == 0)
2090  break;
2091 
2092  /* fall through */
2093  case 6:
2094  input++;
2095  ssl_state->curr_connp->bytes_processed++;
2096  if (--input_len == 0)
2097  break;
2098 
2099  /* fall through */
2100  case 7:
2101  input++;
2102  ssl_state->curr_connp->bytes_processed++;
2103  if (--input_len == 0)
2104  break;
2105 
2106  /* fall through */
2107  case 8:
2108  ssl_state->curr_connp->bytes_processed++;
2109  if (--input_len == 0)
2110  break;
2111 
2112  /* fall through */
2113  case 9:
2114  ssl_state->curr_connp->bytes_processed++;
2115  if (--input_len == 0)
2116  break;
2117 
2118  /* fall through */
2119  }
2120 
2121  } else {
2122  switch (ssl_state->curr_connp->bytes_processed) {
2123  case 3:
2124  if (input_len >= 6) {
2125  uint16_t session_id_length = input[5] | (input[4] << 8);
2126  input += 6;
2127  input_len -= 6;
2128  ssl_state->curr_connp->bytes_processed += 6;
2129  if (session_id_length == 0) {
2131  }
2132 
2133  break;
2134  } else {
2135  input++;
2136  ssl_state->curr_connp->bytes_processed++;
2137  if (--input_len == 0)
2138  break;
2139  }
2140 
2141  /* fall through */
2142  case 4:
2143  input++;
2144  ssl_state->curr_connp->bytes_processed++;
2145  if (--input_len == 0)
2146  break;
2147 
2148  /* fall through */
2149  case 5:
2150  input++;
2151  ssl_state->curr_connp->bytes_processed++;
2152  if (--input_len == 0)
2153  break;
2154 
2155  /* fall through */
2156  case 6:
2157  input++;
2158  ssl_state->curr_connp->bytes_processed++;
2159  if (--input_len == 0)
2160  break;
2161 
2162  /* fall through */
2163  case 7:
2164  ssl_state->curr_connp->bytes_processed++;
2165  if (--input_len == 0)
2166  break;
2167 
2168  /* fall through */
2169  case 8:
2170  ssl_state->curr_connp->bytes_processed++;
2171  if (--input_len == 0)
2172  break;
2173 
2174  /* fall through */
2175  }
2176  }
2177 
2178  break;
2179 
2181  if (!(ssl_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS)) {
2182  SCLogDebug("Client hello is not seen before master key "
2183  "message!");
2184  }
2186 
2187  break;
2188 
2190  if (direction == 1) {
2191  SCLogDebug("Incorrect SSL Record type sent in the toclient "
2192  "direction!");
2193  } else {
2195  }
2196 
2197  /* fall through */
2200  if (direction == 0 &&
2201  !(ssl_state->curr_connp->content_type &
2203  SCLogDebug("Incorrect SSL Record type sent in the toserver "
2204  "direction!");
2205  }
2206 
2207  /* fall through */
2210  /* both client hello and server hello must be seen */
2211  if ((ssl_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) &&
2212  (ssl_state->flags & SSL_AL_FLAG_SSL_SERVER_HS)) {
2213 
2214  if (direction == 0) {
2215  if (ssl_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) {
2217  SCLogDebug("SSLv2 client side has started the encryption");
2218  } else if (ssl_state->flags & SSL_AL_FLAG_SSL_CLIENT_MASTER_KEY) {
2220  SCLogDebug("SSLv2 client side has started the encryption");
2221  }
2222  } else {
2224  SCLogDebug("SSLv2 Server side has started the encryption");
2225  }
2226 
2227  if ((ssl_state->flags & SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED) &&
2229  {
2233  }
2234 
2238  }
2239  SCLogDebug("SSLv2 No reassembly & inspection has been set");
2240  }
2241  }
2242 
2243  break;
2244 
2245  case SSLV2_MT_SERVER_HELLO:
2248 
2249  break;
2250  }
2251 
2252  ssl_state->flags |= ssl_state->current_flags;
2253 
2254  if (input_len + ssl_state->curr_connp->bytes_processed >=
2255  (ssl_state->curr_connp->record_length +
2256  ssl_state->curr_connp->record_lengths_length)) {
2257 
2258  /* looks like we have another record after this */
2259  uint32_t diff = ssl_state->curr_connp->record_length +
2260  ssl_state->curr_connp->record_lengths_length + -
2261  ssl_state->curr_connp->bytes_processed;
2262  input += diff;
2263  SSLParserReset(ssl_state);
2264  return (input - initial_input);
2265 
2266  /* we still don't have the entire record for the one we are
2267  currently parsing */
2268  } else {
2269  input += input_len;
2270  ssl_state->curr_connp->bytes_processed += input_len;
2271  return (input - initial_input);
2272  }
2273 }
2274 
2275 static int SSLv3Decode(uint8_t direction, SSLState *ssl_state,
2276  AppLayerParserState *pstate, const uint8_t *input,
2277  const uint32_t input_len)
2278 {
2279  uint32_t parsed = 0;
2280  uint32_t record_len; /* slice of input_len for the current record */
2281 
2282  if (ssl_state->curr_connp->bytes_processed < SSLV3_RECORD_HDR_LEN) {
2283  int retval = SSLv3ParseRecord(direction, ssl_state, input, input_len);
2284  if (retval < 0 || retval > (int)input_len) {
2285  DEBUG_VALIDATE_BUG_ON(retval > (int)input_len);
2286  SCLogDebug("SSLv3ParseRecord returned %d", retval);
2288  return -1;
2289  }
2290  parsed += retval;
2291  record_len = MIN(input_len - parsed, ssl_state->curr_connp->record_length);
2292  SCLogDebug("record_len %u (input_len %u, parsed %u, ssl_state->curr_connp->record_length %u)",
2293  record_len, input_len, parsed, ssl_state->curr_connp->record_length);
2294  } else {
2295  ValidateRecordState(ssl_state->curr_connp);
2296 
2297  record_len = (ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN)- ssl_state->curr_connp->bytes_processed;
2298  record_len = MIN(input_len, record_len);
2299  }
2300  SCLogDebug("record length %u processed %u got %u",
2301  ssl_state->curr_connp->record_length, ssl_state->curr_connp->bytes_processed, record_len);
2302 
2303  if (record_len == 0) {
2304  return parsed;
2305  }
2306 
2307  /* record_length should never be zero */
2308  if (ssl_state->curr_connp->record_length == 0) {
2309  SCLogDebug("SSLv3 Record length is 0");
2311  return -1;
2312  }
2313 
2314  switch (ssl_state->curr_connp->content_type) {
2315 
2316  /* we don't need any data from these types */
2318  ssl_state->flags |= SSL_AL_FLAG_CHANGE_CIPHER_SPEC;
2319 
2320  if (direction) {
2322  } else {
2324  }
2325 
2326  break;
2327 
2328  case SSLV3_ALERT_PROTOCOL:
2329  break;
2330 
2332  /* In TLSv1.3 early data (0-RTT) could be sent before the
2333  handshake is complete (rfc8446, section 2.3). We should
2334  therefore not mark the handshake as done before we have
2335  seen the ServerHello record. */
2336  if ((ssl_state->flags & SSL_AL_FLAG_EARLY_DATA) &&
2337  ((ssl_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0))
2338  break;
2339 
2340  /* if we see (encrypted) aplication data, then this means the
2341  handshake must be done */
2342  ssl_state->flags |= SSL_AL_FLAG_HANDSHAKE_DONE;
2343 
2345  SCLogDebug("setting APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD");
2348  }
2349 
2350  /* Encrypted data, reassembly not asked, bypass asked, let's sacrifice
2351  * heartbeat lke inspection to be able to be able to bypass the flow */
2353  SCLogDebug("setting APP_LAYER_PARSER_NO_REASSEMBLY");
2360  }
2361 
2362  break;
2363 
2364  case SSLV3_HANDSHAKE_PROTOCOL: {
2365  if (ssl_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) {
2366  /* In TLSv1.3, ChangeCipherSpec is only used for middlebox
2367  compability (rfc8446, appendix D.4). */
2368  // Client hello flags is needed to have a valid version
2369  if ((ssl_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) &&
2370  (ssl_state->client_connp.version > TLS_VERSION_12) &&
2371  ((ssl_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0)) {
2372  /* do nothing */
2373  } else {
2374  // if we started parsing this, we must stop
2375  ssl_state->curr_connp->hs_bytes_processed = 0;
2376  break;
2377  }
2378  }
2379 
2380  if (ssl_state->curr_connp->record_length < 4) {
2381  SSLParserReset(ssl_state);
2383  SCLogDebug("record len < 4 => %u", ssl_state->curr_connp->record_length);
2384  return -1;
2385  }
2386 
2387  int retval = SSLv3ParseHandshakeProtocol(ssl_state, input + parsed,
2388  record_len, direction);
2389  if (retval < 0 || retval > (int)record_len) {
2390  DEBUG_VALIDATE_BUG_ON(retval > (int)record_len);
2391  SSLSetEvent(ssl_state,
2393  SSLSetEvent(ssl_state,
2395  SCLogDebug("SSLv3ParseHandshakeProtocol returned %d", retval);
2396  return -1;
2397  }
2398  SCLogDebug("retval %d", retval);
2399 
2400  parsed += retval;
2401  record_len -= retval;
2402  (void)record_len; /* for scan-build */
2403 
2404  SCLogDebug("bytes_processed %u (record+hdr %u)", ssl_state->curr_connp->bytes_processed,
2406  ValidateRecordState(ssl_state->curr_connp);
2407 
2408  if (ssl_state->curr_connp->bytes_processed >=
2409  ssl_state->curr_connp->record_length +
2411  SCLogDebug("record ready");
2412  SSLParserReset(ssl_state);
2413  }
2414 
2415  SCLogDebug("trigger RAW! (post HS)");
2417  direction == 0 ? STREAM_TOSERVER : STREAM_TOCLIENT);
2418  return parsed;
2419  }
2420  case SSLV3_HEARTBEAT_PROTOCOL: {
2421  int retval = SSLv3ParseHeartbeatProtocol(ssl_state, input + parsed,
2422  record_len, direction);
2423  if (retval < 0) {
2424  SCLogDebug("SSLv3ParseHeartbeatProtocol returned %d", retval);
2425  return -1;
2426  }
2427  break;
2428  }
2429  default:
2430  /* \todo fix the event from invalid rule to unknown rule */
2433  SCLogDebug("unsupported record type");
2434  return -1;
2435  }
2436 
2437  if (HaveEntireRecord(ssl_state->curr_connp, record_len)) {
2439  ssl_state->curr_connp->bytes_processed));
2440 
2441  if ((ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN) <
2442  ssl_state->curr_connp->bytes_processed) {
2443  /* defensive checks. Something is wrong. */
2445  SCLogDebug("defensive checks. Something is wrong.");
2446  return -1;
2447  }
2448 
2449  SCLogDebug("record complete, trigger RAW");
2451  direction == 0 ? STREAM_TOSERVER : STREAM_TOCLIENT);
2452 
2453  /* looks like we have another record */
2454  uint32_t diff = ssl_state->curr_connp->record_length +
2456  parsed += diff;
2457  SSLParserReset(ssl_state);
2458  ValidateRecordState(ssl_state->curr_connp);
2459  return parsed;
2460 
2461  /* we still don't have the entire record for the one we are
2462  currently parsing */
2463  } else {
2464  parsed += record_len;
2465  ssl_state->curr_connp->bytes_processed += record_len;
2466  ValidateRecordState(ssl_state->curr_connp);
2467  return parsed;
2468  }
2469 }
2470 
2471 /**
2472  * \internal
2473  * \brief SSLv2, SSLv23, SSLv3, TLSv1.1, TLSv1.2, TLSv1.3 parser.
2474  *
2475  * On parsing error, this should be the only function that should reset
2476  * the parser state, to avoid multiple functions in the chain reseting
2477  * the parser state.
2478  *
2479  * \param direction 0 for toserver, 1 for toclient.
2480  * \param alstate Pointer to the state.
2481  * \param pstate Application layer parser state for this session.
2482  * \param input Pointer the received input data.
2483  * \param input_len Length in bytes of the received data.
2484  * \param output Pointer to the list of parsed output elements.
2485  *
2486  * \todo On reaching an inconsistent state, check if the input has
2487  * another new record, instead of just returning after the reset
2488  *
2489  * \retval >=0 On success.
2490  */
2491 static AppLayerResult SSLDecode(Flow *f, uint8_t direction, void *alstate, AppLayerParserState *pstate,
2492  const uint8_t *input, uint32_t ilen)
2493 {
2494  SSLState *ssl_state = (SSLState *)alstate;
2495  uint32_t counter = 0;
2496  int32_t input_len = (int32_t)ilen;
2497  ssl_state->f = f;
2498 
2499  if (input == NULL &&
2500  ((direction == 0 && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) ||
2501  (direction == 1 && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)))) {
2502  /* flag session as finished if APP_LAYER_PARSER_EOF is set */
2503  ssl_state->flags |= SSL_AL_FLAG_STATE_FINISHED;
2505  } else if (input == NULL || input_len == 0) {
2507  }
2508 
2509  if (direction == 0)
2510  ssl_state->curr_connp = &ssl_state->client_connp;
2511  else
2512  ssl_state->curr_connp = &ssl_state->server_connp;
2513 
2514  /* If entering on a new record, reset the current flags. */
2515  if (ssl_state->curr_connp->bytes_processed == 0) {
2516  ssl_state->current_flags = 0;
2517  }
2518 
2519  /* if we have more than one record */
2520  uint32_t max_records = MAX((input_len / SSL_RECORD_MINIMUM_LENGTH),1);
2521  while (input_len > 0) {
2522  if (counter > max_records) {
2523  SCLogDebug("Looks like we have looped quite a bit. Reset state "
2524  "and get out of here");
2525  SSLParserReset(ssl_state);
2526  SSLSetEvent(ssl_state,
2528  return APP_LAYER_ERROR;
2529  }
2530 
2531  /* ssl_state->bytes_processed is zero for a fresh record or
2532  positive to indicate a record currently being parsed */
2533 
2534  if (ssl_state->curr_connp->bytes_processed == 0) {
2535  if ((input[0] & 0x80) || (input[0] & 0x40)) {
2536  /* only SSLv2, has one of the top 2 bits set */
2537  ssl_state->curr_connp->version = SSL_VERSION_2;
2538  SCLogDebug("SSLv2 detected");
2539  } else if (ssl_state->curr_connp->version == SSL_VERSION_2) {
2540  ssl_state->curr_connp->version = TLS_VERSION_UNKNOWN;
2541  SCLogDebug("SSL/TLS version reset");
2542  }
2543  }
2544  SCLogDebug("record %u: bytes_processed %u, version %02X", counter,
2545  ssl_state->curr_connp->bytes_processed, ssl_state->curr_connp->version);
2546 
2547  if (ssl_state->curr_connp->version == SSL_VERSION_2) {
2548  if (ssl_state->curr_connp->bytes_processed == 0) {
2549  SCLogDebug("New SSLv2 record parsing");
2550  } else {
2551  SCLogDebug("Continuing parsing SSLv2 record");
2552  }
2553  int retval = SSLv2Decode(direction, ssl_state, pstate, input,
2554  input_len);
2555  if (retval < 0 || retval > input_len) {
2556  DEBUG_VALIDATE_BUG_ON(retval > input_len);
2557  SCLogDebug("Error parsing SSLv2. Reseting parser "
2558  "state. Let's get outta here");
2559  SSLParserReset(ssl_state);
2560  SSLSetEvent(ssl_state,
2562  return APP_LAYER_OK;
2563  }
2564  input_len -= retval;
2565  input += retval;
2566  SCLogDebug("SSLv2 decoder consumed %d bytes: %u left", retval, input_len);
2567  } else {
2568  if (ssl_state->curr_connp->bytes_processed == 0) {
2569  SCLogDebug("New TLS record: record_length %u",
2570  ssl_state->curr_connp->record_length);
2571  } else {
2572  SCLogDebug("Continuing parsing TLS record: record_length %u, bytes_processed %u",
2573  ssl_state->curr_connp->record_length, ssl_state->curr_connp->bytes_processed);
2574  }
2575  int retval = SSLv3Decode(direction, ssl_state, pstate, input,
2576  input_len);
2577  if (retval < 0 || retval > input_len) {
2578  DEBUG_VALIDATE_BUG_ON(retval > input_len);
2579  SCLogDebug("Error parsing TLS. Reseting parser "
2580  "state. Let's get outta here");
2581  SSLParserReset(ssl_state);
2582  return APP_LAYER_ERROR;
2583  }
2584  input_len -= retval;
2585  input += retval;
2586  SCLogDebug("TLS decoder consumed %d bytes: %u left", retval, input_len);
2587 
2589  && ssl_state->curr_connp->record_length == 0) {
2590  SCLogDebug("TLS empty record");
2591  /* empty record */
2592  SSLParserReset(ssl_state);
2593  }
2594  }
2595  counter++;
2596  } /* while (input_len) */
2597 
2598  /* mark handshake as done if we have subject and issuer */
2599  if (ssl_state->server_connp.cert0_subject &&
2600  ssl_state->server_connp.cert0_issuerdn) {
2601  SCLogDebug("SSL_AL_FLAG_HANDSHAKE_DONE");
2602  ssl_state->flags |= SSL_AL_FLAG_HANDSHAKE_DONE;
2603  }
2604 
2605  /* flag session as finished if APP_LAYER_PARSER_EOF is set */
2608  SCLogDebug("SSL_AL_FLAG_STATE_FINISHED");
2609  ssl_state->flags |= SSL_AL_FLAG_STATE_FINISHED;
2610  }
2611 
2612  return APP_LAYER_OK;
2613 }
2614 
2615 static AppLayerResult SSLParseClientRecord(Flow *f, void *alstate, AppLayerParserState *pstate,
2616  const uint8_t *input, uint32_t input_len,
2617  void *local_data, const uint8_t flags)
2618 {
2619  return SSLDecode(f, 0 /* toserver */, alstate, pstate, input, input_len);
2620 }
2621 
2622 static AppLayerResult SSLParseServerRecord(Flow *f, void *alstate, AppLayerParserState *pstate,
2623  const uint8_t *input, uint32_t input_len,
2624  void *local_data, const uint8_t flags)
2625 {
2626  return SSLDecode(f, 1 /* toclient */, alstate, pstate, input, input_len);
2627 }
2628 
2629 /**
2630  * \internal
2631  * \brief Function to allocate the SSL state memory.
2632  */
2633 static void *SSLStateAlloc(void *orig_state, AppProto proto_orig)
2634 {
2635  SSLState *ssl_state = SCMalloc(sizeof(SSLState));
2636  if (unlikely(ssl_state == NULL))
2637  return NULL;
2638  memset(ssl_state, 0, sizeof(SSLState));
2639  ssl_state->client_connp.cert_log_flag = 0;
2640  ssl_state->server_connp.cert_log_flag = 0;
2641  TAILQ_INIT(&ssl_state->server_connp.certs);
2642 
2643  return (void *)ssl_state;
2644 }
2645 
2646 /**
2647  * \internal
2648  * \brief Function to free the SSL state memory.
2649  */
2650 static void SSLStateFree(void *p)
2651 {
2652  SSLState *ssl_state = (SSLState *)p;
2653  SSLCertsChain *item;
2654 
2655  if (ssl_state->client_connp.trec)
2656  SCFree(ssl_state->client_connp.trec);
2657  if (ssl_state->client_connp.cert0_subject)
2658  rs_cstring_free(ssl_state->client_connp.cert0_subject);
2659  if (ssl_state->client_connp.cert0_issuerdn)
2660  rs_cstring_free(ssl_state->client_connp.cert0_issuerdn);
2661  if (ssl_state->client_connp.cert0_serial)
2662  rs_cstring_free(ssl_state->client_connp.cert0_serial);
2663  if (ssl_state->client_connp.cert0_fingerprint)
2665  if (ssl_state->client_connp.sni)
2666  SCFree(ssl_state->client_connp.sni);
2667  if (ssl_state->client_connp.session_id)
2668  SCFree(ssl_state->client_connp.session_id);
2669 
2670  if (ssl_state->server_connp.trec)
2671  SCFree(ssl_state->server_connp.trec);
2672  if (ssl_state->server_connp.cert0_subject)
2673  rs_cstring_free(ssl_state->server_connp.cert0_subject);
2674  if (ssl_state->server_connp.cert0_issuerdn)
2675  rs_cstring_free(ssl_state->server_connp.cert0_issuerdn);
2676  if (ssl_state->server_connp.cert0_serial)
2677  rs_cstring_free(ssl_state->server_connp.cert0_serial);
2678  if (ssl_state->server_connp.cert0_fingerprint)
2680  if (ssl_state->server_connp.sni)
2681  SCFree(ssl_state->server_connp.sni);
2682  if (ssl_state->server_connp.session_id)
2683  SCFree(ssl_state->server_connp.session_id);
2684 
2685  if (ssl_state->client_connp.ja3_str)
2686  Ja3BufferFree(&ssl_state->client_connp.ja3_str);
2687  if (ssl_state->client_connp.ja3_hash)
2688  SCFree(ssl_state->client_connp.ja3_hash);
2689  if (ssl_state->server_connp.ja3_str)
2690  Ja3BufferFree(&ssl_state->server_connp.ja3_str);
2691  if (ssl_state->server_connp.ja3_hash)
2692  SCFree(ssl_state->server_connp.ja3_hash);
2693 
2695 
2696  if (ssl_state->de_state != NULL) {
2697  DetectEngineStateFree(ssl_state->de_state);
2698  }
2699 
2700  /* Free certificate chain */
2701  while ((item = TAILQ_FIRST(&ssl_state->server_connp.certs))) {
2702  TAILQ_REMOVE(&ssl_state->server_connp.certs, item, next);
2703  SCFree(item);
2704  }
2705  TAILQ_INIT(&ssl_state->server_connp.certs);
2706 
2707  SCFree(ssl_state);
2708 
2709  return;
2710 }
2711 
2712 static void SSLStateTransactionFree(void *state, uint64_t tx_id)
2713 {
2714  /* do nothing */
2715 }
2716 
2717 static AppProto SSLProbingParser(Flow *f, uint8_t direction,
2718  const uint8_t *input, uint32_t ilen, uint8_t *rdir)
2719 {
2720  /* probably a rst/fin sending an eof */
2721  if (ilen < 3)
2722  return ALPROTO_UNKNOWN;
2723 
2724  /* for now just the 3 byte header ones */
2725  /* \todo Detect the 2 byte ones */
2726  if ((input[0] & 0x80) && (input[2] == 0x01)) {
2727  return ALPROTO_TLS;
2728  }
2729 
2730  return ALPROTO_FAILED;
2731 }
2732 
2733 static int SSLStateGetEventInfo(const char *event_name,
2734  int *event_id, AppLayerEventType *event_type)
2735 {
2736  *event_id = SCMapEnumNameToValue(event_name, tls_decoder_event_table);
2737  if (*event_id == -1) {
2738  SCLogError(SC_ERR_INVALID_ENUM_MAP, "event \"%s\" not present in "
2739  "ssl's enum map table.", event_name);
2740  /* yes this is fatal */
2741  return -1;
2742  }
2743 
2744  *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
2745 
2746  return 0;
2747 }
2748 
2749 static int SSLStateGetEventInfoById(int event_id, const char **event_name,
2750  AppLayerEventType *event_type)
2751 {
2752  *event_name = SCMapEnumValueToName(event_id, tls_decoder_event_table);
2753  if (*event_name == NULL) {
2754  SCLogError(SC_ERR_INVALID_ENUM_MAP, "event \"%d\" not present in "
2755  "ssl's enum map table.", event_id);
2756  /* yes this is fatal */
2757  return -1;
2758  }
2759 
2760  *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION;
2761 
2762  return 0;
2763 }
2764 
2765 static int SSLRegisterPatternsForProtocolDetection(void)
2766 {
2767  if (AppLayerProtoDetectPMRegisterPatternCSwPP(IPPROTO_TCP, ALPROTO_TLS, "|01 00 02|", 5, 2,
2768  STREAM_TOSERVER, SSLProbingParser, 0, 3) < 0) {
2769  return -1;
2770  }
2771 
2772  /** SSLv3 */
2774  "|01 03 00|", 3, 0, STREAM_TOSERVER) < 0)
2775  {
2776  return -1;
2777  }
2779  "|16 03 00|", 3, 0, STREAM_TOSERVER) < 0)
2780  {
2781  return -1;
2782  }
2783 
2784  /** TLSv1 */
2786  "|01 03 01|", 3, 0, STREAM_TOSERVER) < 0)
2787  {
2788  return -1;
2789  }
2791  "|16 03 01|", 3, 0, STREAM_TOSERVER) < 0)
2792  {
2793  return -1;
2794  }
2795 
2796  /** TLSv1.1 */
2798  "|01 03 02|", 3, 0, STREAM_TOSERVER) < 0)
2799  {
2800  return -1;
2801  }
2803  "|16 03 02|", 3, 0, STREAM_TOSERVER) < 0)
2804  {
2805  return -1;
2806  }
2807 
2808  /** TLSv1.2 */
2810  "|01 03 03|", 3, 0, STREAM_TOSERVER) < 0)
2811  {
2812  return -1;
2813  }
2815  "|16 03 03|", 3, 0, STREAM_TOSERVER) < 0)
2816  {
2817  return -1;
2818  }
2819 
2820  /***** toclient direction *****/
2821 
2823  "|15 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
2824  {
2825  return -1;
2826  }
2828  "|16 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
2829  {
2830  return -1;
2831  }
2833  "|17 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
2834  {
2835  return -1;
2836  }
2837 
2838  /** TLSv1 */
2840  "|15 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
2841  {
2842  return -1;
2843  }
2845  "|16 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
2846  {
2847  return -1;
2848  }
2850  "|17 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
2851  {
2852  return -1;
2853  }
2854 
2855  /** TLSv1.1 */
2857  "|15 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
2858  {
2859  return -1;
2860  }
2862  "|16 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
2863  {
2864  return -1;
2865  }
2867  "|17 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
2868  {
2869  return -1;
2870  }
2871 
2872  /** TLSv1.2 */
2874  "|15 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
2875  {
2876  return -1;
2877  }
2879  "|16 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
2880  {
2881  return -1;
2882  }
2884  "|17 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
2885  {
2886  return -1;
2887  }
2888 
2889  /* Subsection - SSLv2 style record by client, but informing the server
2890  * the max version it supports.
2891  * Updated by Anoop Saldanha. Disabled it for now. We'll get back to
2892  * it after some tests */
2893 #if 0
2895  "|01 03 00|", 5, 2, STREAM_TOSERVER) < 0)
2896  {
2897  return -1;
2898  }
2900  "|00 02|", 7, 5, STREAM_TOCLIENT) < 0)
2901  {
2902  return -1;
2903  }
2904 #endif
2905 
2906  return 0;
2907 }
2908 
2909 /**
2910  * \brief Function to register the SSL protocol parser and other functions
2911  */
2913 {
2914  const char *proto_name = "tls";
2915 
2916  SC_ATOMIC_INIT(ssl_config.enable_ja3);
2917 
2918  /** SSLv2 and SSLv23*/
2919  if (AppLayerProtoDetectConfProtoDetectionEnabled("tcp", proto_name)) {
2921 
2922  if (SSLRegisterPatternsForProtocolDetection() < 0)
2923  return;
2924 
2925  if (RunmodeIsUnittests()) {
2926  AppLayerProtoDetectPPRegister(IPPROTO_TCP,
2927  "443",
2928  ALPROTO_TLS,
2929  0, 3,
2931  SSLProbingParser, NULL);
2932  } else {
2933  if (AppLayerProtoDetectPPParseConfPorts("tcp", IPPROTO_TCP,
2934  proto_name, ALPROTO_TLS,
2935  0, 3,
2936  SSLProbingParser, NULL) == 0) {
2937  SCLogConfig("no TLS config found, "
2938  "enabling TLS detection on port 443.");
2939  AppLayerProtoDetectPPRegister(IPPROTO_TCP,
2940  "443",
2941  ALPROTO_TLS,
2942  0, 3,
2944  SSLProbingParser, NULL);
2945  }
2946  }
2947  } else {
2948  SCLogConfig("Protocol detection and parser disabled for %s protocol",
2949  proto_name);
2950  return;
2951  }
2952 
2953  if (AppLayerParserConfParserEnabled("tcp", proto_name)) {
2955  SSLParseClientRecord);
2956 
2958  SSLParseServerRecord);
2959 
2960  AppLayerParserRegisterGetEventInfo(IPPROTO_TCP, ALPROTO_TLS, SSLStateGetEventInfo);
2961  AppLayerParserRegisterGetEventInfoById(IPPROTO_TCP, ALPROTO_TLS, SSLStateGetEventInfoById);
2962 
2963  AppLayerParserRegisterStateFuncs(IPPROTO_TCP, ALPROTO_TLS, SSLStateAlloc, SSLStateFree);
2964 
2966 
2967  AppLayerParserRegisterTxFreeFunc(IPPROTO_TCP, ALPROTO_TLS, SSLStateTransactionFree);
2968 
2969  AppLayerParserRegisterGetEventsFunc(IPPROTO_TCP, ALPROTO_TLS, SSLGetEvents);
2970 
2972  SSLGetTxDetectState, SSLSetTxDetectState);
2973 
2974  AppLayerParserRegisterGetTx(IPPROTO_TCP, ALPROTO_TLS, SSLGetTx);
2975  AppLayerParserRegisterTxDataFunc(IPPROTO_TCP, ALPROTO_TLS, SSLGetTxData);
2976 
2977  AppLayerParserRegisterGetTxCnt(IPPROTO_TCP, ALPROTO_TLS, SSLGetTxCnt);
2978 
2979  AppLayerParserRegisterGetStateProgressFunc(IPPROTO_TCP, ALPROTO_TLS, SSLGetAlstateProgress);
2980 
2983 
2984  ConfNode *enc_handle = ConfGetNode("app-layer.protocols.tls.encryption-handling");
2985  if (enc_handle != NULL && enc_handle->val != NULL) {
2986  SCLogDebug("have app-layer.protocols.tls.encryption-handling = %s", enc_handle->val);
2987  if (strcmp(enc_handle->val, "full") == 0) {
2989  } else if (strcmp(enc_handle->val, "bypass") == 0) {
2991  } else if (strcmp(enc_handle->val, "default") == 0) {
2993  } else {
2995  }
2996  } else {
2997  /* Get the value of no reassembly option from the config file */
2998  if (ConfGetNode("app-layer.protocols.tls.no-reassemble") == NULL) {
2999  int value = 0;
3000  if (ConfGetBool("tls.no-reassemble", &value) == 1 && value == 1)
3002  } else {
3003  int value = 0;
3004  if (ConfGetBool("app-layer.protocols.tls.no-reassemble", &value) == 1 && value == 1)
3006  }
3007  }
3008  SCLogDebug("ssl_config.encrypt_mode %u", ssl_config.encrypt_mode);
3009 
3010  /* Check if we should generate JA3 fingerprints */
3011  int enable_ja3 = SSL_CONFIG_DEFAULT_JA3;
3012  const char *strval = NULL;
3013  if (ConfGetValue("app-layer.protocols.tls.ja3-fingerprints", &strval) != 1) {
3014  enable_ja3 = SSL_CONFIG_DEFAULT_JA3;
3015  } else if (strcmp(strval, "auto") == 0) {
3016  enable_ja3 = SSL_CONFIG_DEFAULT_JA3;
3017  } else if (ConfValIsFalse(strval)) {
3018  enable_ja3 = 0;
3019  ssl_config.disable_ja3 = true;
3020  } else if (ConfValIsTrue(strval)) {
3021  enable_ja3 = true;
3022  }
3023  SC_ATOMIC_SET(ssl_config.enable_ja3, enable_ja3);
3024 
3025  if (g_disable_hashing) {
3026  if (SC_ATOMIC_GET(ssl_config.enable_ja3)) {
3027  SCLogWarning(
3028  SC_WARN_NO_JA3_SUPPORT, "MD5 calculation has been disabled, disabling JA3");
3029  SC_ATOMIC_SET(ssl_config.enable_ja3, 0);
3030  }
3031  } else {
3032  if (RunmodeIsUnittests()) {
3033  SC_ATOMIC_SET(ssl_config.enable_ja3, 1);
3034  }
3035  }
3036  } else {
3037  SCLogConfig("Parsed disabled for %s protocol. Protocol detection"
3038  "still on.", proto_name);
3039  }
3040 
3041 #ifdef UNITTESTS
3043 #endif
3044  return;
3045 }
3046 
3047 /**
3048  * \brief if not explicitly disabled in config, enable ja3 support
3049  *
3050  * Implemented using atomic to allow rule reloads to do this at
3051  * runtime.
3052  */
3053 void SSLEnableJA3(void)
3054 {
3056  return;
3057  }
3058  if (SC_ATOMIC_GET(ssl_config.enable_ja3)) {
3059  return;
3060  }
3061  SC_ATOMIC_SET(ssl_config.enable_ja3, 1);
3062 }
3063 
3065 {
3066  if (SC_ATOMIC_GET(ssl_config.enable_ja3)) {
3067  return true;
3068  }
3069  return false;
3070 }
3071 
3072 /***************************************Unittests******************************/
3073 
3074 #ifdef UNITTESTS
3075 
3076 /**
3077  *\test Send a get request in one chunk.
3078  */
3079 static int SSLParserTest01(void)
3080 {
3081  Flow f;
3082  uint8_t tlsbuf[] = { 0x16, 0x03, 0x01 };
3083  uint32_t tlslen = sizeof(tlsbuf);
3084  TcpSession ssn;
3086 
3087  memset(&f, 0, sizeof(f));
3088  memset(&ssn, 0, sizeof(ssn));
3089 
3090  FLOW_INITIALIZE(&f);
3091  f.protoctx = (void *)&ssn;
3092  f.proto = IPPROTO_TCP;
3093  f.alproto = ALPROTO_TLS;
3094 
3095  StreamTcpInitConfig(true);
3096 
3097  FLOWLOCK_WRLOCK(&f);
3098  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
3099  STREAM_TOSERVER | STREAM_EOF, tlsbuf, tlslen);
3100  FLOWLOCK_UNLOCK(&f);
3101  FAIL_IF(r != 0);
3102 
3103  SSLState *ssl_state = f.alstate;
3104  FAIL_IF_NULL(ssl_state);
3105 
3106  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
3107 
3108  FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10);
3109 
3111  StreamTcpFreeConfig(true);
3112  FLOW_DESTROY(&f);
3113 
3114  PASS;
3115 }
3116 
3117 /** \test Send a get request in two chunks. */
3118 static int SSLParserTest02(void)
3119 {
3120  Flow f;
3121  uint8_t tlsbuf1[] = { 0x16 };
3122  uint32_t tlslen1 = sizeof(tlsbuf1);
3123  uint8_t tlsbuf2[] = { 0x03, 0x01 };
3124  uint32_t tlslen2 = sizeof(tlsbuf2);
3125  TcpSession ssn;
3127 
3128  memset(&f, 0, sizeof(f));
3129  memset(&ssn, 0, sizeof(ssn));
3130  FLOW_INITIALIZE(&f);
3131  f.protoctx = (void *)&ssn;
3132  f.proto = IPPROTO_TCP;
3133  f.alproto = ALPROTO_TLS;
3134 
3135  StreamTcpInitConfig(true);
3136 
3137  FLOWLOCK_WRLOCK(&f);
3138  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
3139  STREAM_TOSERVER, tlsbuf1, tlslen1);
3140  FLOWLOCK_UNLOCK(&f);
3141  FAIL_IF(r != 0);
3142 
3143  FLOWLOCK_WRLOCK(&f);
3145  tlsbuf2, tlslen2);
3146  FLOWLOCK_UNLOCK(&f);
3147  FAIL_IF(r != 0);
3148 
3149  SSLState *ssl_state = f.alstate;
3150  FAIL_IF_NULL(ssl_state);
3151 
3152  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
3153 
3154  FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10);
3155 
3157  StreamTcpFreeConfig(true);
3158  FLOW_DESTROY(&f);
3159 
3160  PASS;
3161 }
3162 
3163 /** \test Send a get request in three chunks. */
3164 static int SSLParserTest03(void)
3165 {
3166  Flow f;
3167  uint8_t tlsbuf1[] = { 0x16 };
3168  uint32_t tlslen1 = sizeof(tlsbuf1);
3169  uint8_t tlsbuf2[] = { 0x03 };
3170  uint32_t tlslen2 = sizeof(tlsbuf2);
3171  uint8_t tlsbuf3[] = { 0x01 };
3172  uint32_t tlslen3 = sizeof(tlsbuf3);
3173  TcpSession ssn;
3175 
3176  memset(&f, 0, sizeof(f));
3177  memset(&ssn, 0, sizeof(ssn));
3178  FLOW_INITIALIZE(&f);
3179  f.protoctx = (void *)&ssn;
3180  f.proto = IPPROTO_TCP;
3181  f.alproto = ALPROTO_TLS;
3182 
3183  StreamTcpInitConfig(true);
3184 
3185  FLOWLOCK_WRLOCK(&f);
3186  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
3187  STREAM_TOSERVER, tlsbuf1, tlslen1);
3188  FLOWLOCK_UNLOCK(&f);
3189  FAIL_IF(r != 0);
3190 
3191  FLOWLOCK_WRLOCK(&f);
3193  tlsbuf2, tlslen2);
3194  FLOWLOCK_UNLOCK(&f);
3195  FAIL_IF(r != 0);
3196 
3197  FLOWLOCK_WRLOCK(&f);
3199  tlsbuf3, tlslen3);
3200  FLOWLOCK_UNLOCK(&f);
3201  FAIL_IF(r != 0);
3202 
3203  SSLState *ssl_state = f.alstate;
3204  FAIL_IF_NULL(ssl_state);
3205 
3206  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
3207 
3208  FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10);
3209 
3211  StreamTcpFreeConfig(true);
3212  FLOW_DESTROY(&f);
3213 
3214  PASS;
3215 }
3216 
3217 /** \test Send a get request in three chunks + more data. */
3218 static int SSLParserTest04(void)
3219 {
3220  Flow f;
3221  uint8_t tlsbuf1[] = { 0x16 };
3222  uint32_t tlslen1 = sizeof(tlsbuf1);
3223  uint8_t tlsbuf2[] = { 0x03 };
3224  uint32_t tlslen2 = sizeof(tlsbuf2);
3225  uint8_t tlsbuf3[] = { 0x01 };
3226  uint32_t tlslen3 = sizeof(tlsbuf3);
3227  uint8_t tlsbuf4[] = { 0x01, 0x00, 0x00, 0xad, 0x03, 0x01 };
3228  uint32_t tlslen4 = sizeof(tlsbuf4);
3229  TcpSession ssn;
3231 
3232  memset(&f, 0, sizeof(f));
3233  memset(&ssn, 0, sizeof(ssn));
3234  FLOW_INITIALIZE(&f);
3235  f.protoctx = (void *)&ssn;
3236  f.proto = IPPROTO_TCP;
3237  f.alproto = ALPROTO_TLS;
3238 
3239  StreamTcpInitConfig(true);
3240 
3241  FLOWLOCK_WRLOCK(&f);
3242  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
3243  STREAM_TOSERVER, tlsbuf1, tlslen1);
3244  FLOWLOCK_UNLOCK(&f);
3245  FAIL_IF(r != 0);
3246 
3247  FLOWLOCK_WRLOCK(&f);
3249  tlsbuf2, tlslen2);
3250  FLOWLOCK_UNLOCK(&f);
3251  FAIL_IF(r != 0);
3252 
3253  FLOWLOCK_WRLOCK(&f);
3255  tlsbuf3, tlslen3);
3256  FLOWLOCK_UNLOCK(&f);
3257  FAIL_IF(r != 0);
3258 
3259  FLOWLOCK_WRLOCK(&f);
3261  tlsbuf4, tlslen4);
3262  FLOWLOCK_UNLOCK(&f);
3263  FAIL_IF(r != 0);
3264 
3265  SSLState *ssl_state = f.alstate;
3266  FAIL_IF_NULL(ssl_state);
3267 
3268  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
3269 
3270  FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10);
3271 
3273  StreamTcpFreeConfig(true);
3274  FLOW_DESTROY(&f);
3275 
3276  PASS;
3277 }
3278 
3279 #if 0
3280 /** \test Test the setting up of no reassembly and no payload inspection flag
3281  * after detection of the TLS handshake completion */
3282 static int SSLParserTest05(void)
3283 {
3284  int result = 1;
3285  Flow f;
3286  uint8_t tlsbuf[] = { 0x16, 0x03, 0x01, 0x00, 0x01 };
3287  uint32_t tlslen = sizeof(tlsbuf);
3288  TcpSession ssn;
3290 
3291  memset(&f, 0, sizeof(f));
3292  memset(&ssn, 0, sizeof(ssn));
3293  FLOW_INITIALIZE(&f);
3294  f.protoctx = (void *)&ssn;
3295  f.proto = IPPROTO_TCP;
3296  f.alproto = ALPROTO_TLS;
3297 
3298  StreamTcpInitConfig(true);
3299 
3300  int r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen);
3301  if (r != 0) {
3302  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3303  result = 0;
3304  goto end;
3305  }
3306 
3307  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen);
3308  if (r != 0) {
3309  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3310  result = 0;
3311  goto end;
3312  }
3313 
3314  tlsbuf[0] = 0x14;
3315 
3316  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen);
3317  if (r != 0) {
3318  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3319  result = 0;
3320  goto end;
3321  }
3322 
3323  tlsbuf[0] = 0x14;
3324 
3325  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen);
3326  if (r != 0) {
3327  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3328  result = 0;
3329  goto end;
3330  }
3331 
3332  tlsbuf[0] = 0x17;
3333 
3334  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen);
3335  if (r != 0) {
3336  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3337  result = 0;
3338  goto end;
3339  }
3340 
3341  SSLState *ssl_state = f.alstate;
3342  if (ssl_state == NULL) {
3343  printf("no tls state: ");
3344  result = 0;
3345  goto end;
3346  }
3347 
3348  if (ssl_state->client_connp.content_type != 0x17) {
3349  printf("expected content_type %" PRIu8 ", got %" PRIu8 ": ", 0x17,
3350  ssl_state->client_connp.content_type);
3351  result = 0;
3352  goto end;
3353  }
3354 
3355  if (ssl_state->client_connp.version != TLS_VERSION_10) {
3356  printf("expected version %04" PRIu16 ", got %04" PRIu16 ": ",
3357  TLS_VERSION_10, ssl_state->client_connp.client_version);
3358  result = 0;
3359  goto end;
3360  }
3361 
3362  AppLayerParserStateStore *parser_state_store = (AppLayerParserStateStore *)
3363  ssn.alparser;
3364  AppLayerParserState *parser_state = &parser_state_store->to_server;
3365 
3366  if (!(parser_state->flags & APP_LAYER_PARSER_NO_INSPECTION) &&
3369  {
3370  printf("The flags should be set\n");
3371  result = 0;
3372  goto end;
3373  }
3374 
3375  if (!(f.flags & FLOW_NOPAYLOAD_INSPECTION)) {
3376  printf("The flags should be set\n");
3377  result = 0;
3378  goto end;
3379  }
3380 
3381 end:
3382  if (alp_tctx != NULL)
3384  StreamTcpFreeConfig(true);
3385  FLOW_DESTROY(&f);
3386  return result;
3387 }
3388 #endif
3389 
3390 #if 0
3391 /** \test Test the setting up of no reassembly and no payload inspection flag
3392  * after detection of the valid TLS handshake completion, the rouge
3393  * 0x17 packet will not be considered in the detection process */
3394 static int SSLParserTest06(void)
3395 {
3396  int result = 1;
3397  Flow f;
3398  uint8_t tlsbuf[] = { 0x16, 0x03, 0x01, 0x00, 0x01 };
3399  uint32_t tlslen = sizeof(tlsbuf);
3400  TcpSession ssn;
3402 
3403  memset(&f, 0, sizeof(f));
3404  memset(&ssn, 0, sizeof(ssn));
3405  FLOW_INITIALIZE(&f);
3406  f.protoctx = (void *)&ssn;
3407  f.proto = IPPROTO_TCP;
3408  f.alproto = ALPROTO_TLS;
3409 
3410  StreamTcpInitConfig(true);
3411 
3412  int r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen);
3413  if (r != 0) {
3414  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3415  result = 0;
3416  goto end;
3417  }
3418 
3419  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen);
3420  if (r != 0) {
3421  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3422  result = 0;
3423  goto end;
3424  }
3425 
3426  tlsbuf[0] = 0x14;
3427 
3428  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen);
3429  if (r != 0) {
3430  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3431  result = 0;
3432  goto end;
3433  }
3434 
3435  tlsbuf[0] = 0x17;
3436 
3437  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen);
3438  if (r != 0) {
3439  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3440  result = 0;
3441  goto end;
3442  }
3443 
3444  SSLState *ssl_state = f.alstate;
3445  if (ssl_state == NULL) {
3446  printf("no tls state: ");
3447  result = 0;
3448  goto end;
3449  }
3450 
3451  if (ssl_state->client_connp.content_type != 0x17) {
3452  printf("expected content_type %" PRIu8 ", got %" PRIu8 ": ", 0x17,
3453  ssl_state->client_connp._content_type);
3454  result = 0;
3455  goto end;
3456  }
3457 
3458  if (ssl_state->client_connp.version != TLS_VERSION_10) {
3459  printf("expected version %04" PRIu16 ", got %04" PRIu16 ": ",
3460  TLS_VERSION_10, ssl_state->client_connp.version);
3461  result = 0;
3462  goto end;
3463  }
3464 
3465  AppLayerParserStateStore *parser_state_store = (AppLayerParserStateStore *)
3466  ssn.alparser;
3467  AppLayerParserState *parser_state = &parser_state_store->to_server;
3468 
3469  if ((parser_state->flags & APP_LAYER_PARSER_NO_INSPECTION) ||
3472  printf("The flags should not be set\n");
3473  result = 0;
3474  goto end;
3475  }
3476 
3477  tlsbuf[0] = 0x14;
3478 
3479  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen);
3480  if (r != 0) {
3481  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3482  result = 0;
3483  goto end;
3484  }
3485 
3486  tlsbuf[0] = 0x17;
3487 
3488  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen);
3489  if (r != 0) {
3490  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3491  result = 0;
3492  goto end;
3493  }
3494 
3495  if (!(parser_state->flags & APP_LAYER_PARSER_NO_INSPECTION) &&
3498  printf("The flags should be set\n");
3499  result = 0;
3500  goto end;
3501  }
3502 
3503  if (!(f.flags & FLOW_NOPAYLOAD_INSPECTION)) {
3504  printf("The flags should be set\n");
3505  result = 0;
3506  goto end;
3507  }
3508 
3509 end:
3510  if (alp_tctx != NULL)
3512  StreamTcpFreeConfig(true);
3513  FLOW_DESTROY(&f);
3514  return result;
3515 }
3516 #endif
3517 
3518 /** \test multimsg test */
3519 static int SSLParserMultimsgTest01(void)
3520 {
3521  Flow f;
3522  /* 3 msgs */
3523  uint8_t tlsbuf1[] = {
3524  0x16, 0x03, 0x01, 0x00, 0x86, 0x10, 0x00, 0x00,
3525  0x82, 0x00, 0x80, 0xd3, 0x6f, 0x1f, 0x63, 0x82,
3526  0x8d, 0x75, 0x77, 0x8c, 0x91, 0xbc, 0xa1, 0x3d,
3527  0xbb, 0xe1, 0xb5, 0xd3, 0x31, 0x92, 0x59, 0x2b,
3528  0x2c, 0x43, 0x96, 0xa3, 0xaa, 0x23, 0x92, 0xd0,
3529  0x91, 0x2a, 0x5e, 0x10, 0x5b, 0xc8, 0xc1, 0xe2,
3530  0xd3, 0x5c, 0x8b, 0x8c, 0x91, 0x9e, 0xc2, 0xf2,
3531  0x9c, 0x3c, 0x4f, 0x37, 0x1e, 0x20, 0x5e, 0x33,
3532  0xd5, 0xf0, 0xd6, 0xaf, 0x89, 0xf5, 0xcc, 0xb2,
3533  0xcf, 0xc1, 0x60, 0x3a, 0x46, 0xd5, 0x4e, 0x2a,
3534  0xb6, 0x6a, 0xb9, 0xfc, 0x32, 0x8b, 0xe0, 0x6e,
3535  0xa0, 0xed, 0x25, 0xa0, 0xa4, 0x82, 0x81, 0x73,
3536  0x90, 0xbf, 0xb5, 0xde, 0xeb, 0x51, 0x8d, 0xde,
3537  0x5b, 0x6f, 0x94, 0xee, 0xba, 0xe5, 0x69, 0xfa,
3538  0x1a, 0x80, 0x30, 0x54, 0xeb, 0x12, 0x01, 0xb9,
3539  0xfe, 0xbf, 0x82, 0x95, 0x01, 0x7b, 0xb0, 0x97,
3540  0x14, 0xc2, 0x06, 0x3c, 0x69, 0xfb, 0x1c, 0x66,
3541  0x47, 0x17, 0xd9, 0x14, 0x03, 0x01, 0x00, 0x01,
3542  0x01, 0x16, 0x03, 0x01, 0x00, 0x30, 0xf6, 0xbc,
3543  0x0d, 0x6f, 0xe8, 0xbb, 0xaa, 0xbf, 0x14, 0xeb,
3544  0x7b, 0xcc, 0x6c, 0x28, 0xb0, 0xfc, 0xa6, 0x01,
3545  0x2a, 0x97, 0x96, 0x17, 0x5e, 0xe8, 0xb4, 0x4e,
3546  0x78, 0xc9, 0x04, 0x65, 0x53, 0xb6, 0x93, 0x3d,
3547  0xeb, 0x44, 0xee, 0x86, 0xf9, 0x80, 0x49, 0x45,
3548  0x21, 0x34, 0xd1, 0xee, 0xc8, 0x9c
3549  };
3550  uint32_t tlslen1 = sizeof(tlsbuf1);
3551  TcpSession ssn;
3553 
3554  memset(&f, 0, sizeof(f));
3555  memset(&ssn, 0, sizeof(ssn));
3556  FLOW_INITIALIZE(&f);
3557  f.protoctx = (void *)&ssn;
3558  f.proto = IPPROTO_TCP;
3559  f.alproto = ALPROTO_TLS;
3560 
3561  StreamTcpInitConfig(true);
3562 
3563  FLOWLOCK_WRLOCK(&f);
3564  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
3565  STREAM_TOSERVER, tlsbuf1, tlslen1);
3566  FLOWLOCK_UNLOCK(&f);
3567  FAIL_IF(r != 0);
3568 
3569  SSLState *ssl_state = f.alstate;
3570  FAIL_IF_NULL(ssl_state);
3571 
3572  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
3573 
3574  FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10);
3575 
3577  StreamTcpFreeConfig(true);
3578  FLOW_DESTROY(&f);
3579 
3580  PASS;
3581 }
3582 
3583 /** \test multimsg test server */
3584 static int SSLParserMultimsgTest02(void)
3585 {
3586  Flow f;
3587  /* 3 msgs */
3588  uint8_t tlsbuf1[] = {
3589  0x16, 0x03, 0x01, 0x00, 0x86, 0x10, 0x00, 0x00,
3590  0x82, 0x00, 0x80, 0xd3, 0x6f, 0x1f, 0x63, 0x82,
3591  0x8d, 0x75, 0x77, 0x8c, 0x91, 0xbc, 0xa1, 0x3d,
3592  0xbb, 0xe1, 0xb5, 0xd3, 0x31, 0x92, 0x59, 0x2b,
3593  0x2c, 0x43, 0x96, 0xa3, 0xaa, 0x23, 0x92, 0xd0,
3594  0x91, 0x2a, 0x5e, 0x10, 0x5b, 0xc8, 0xc1, 0xe2,
3595  0xd3, 0x5c, 0x8b, 0x8c, 0x91, 0x9e, 0xc2, 0xf2,
3596  0x9c, 0x3c, 0x4f, 0x37, 0x1e, 0x20, 0x5e, 0x33,
3597  0xd5, 0xf0, 0xd6, 0xaf, 0x89, 0xf5, 0xcc, 0xb2,
3598  0xcf, 0xc1, 0x60, 0x3a, 0x46, 0xd5, 0x4e, 0x2a,
3599  0xb6, 0x6a, 0xb9, 0xfc, 0x32, 0x8b, 0xe0, 0x6e,
3600  0xa0, 0xed, 0x25, 0xa0, 0xa4, 0x82, 0x81, 0x73,
3601  0x90, 0xbf, 0xb5, 0xde, 0xeb, 0x51, 0x8d, 0xde,
3602  0x5b, 0x6f, 0x94, 0xee, 0xba, 0xe5, 0x69, 0xfa,
3603  0x1a, 0x80, 0x30, 0x54, 0xeb, 0x12, 0x01, 0xb9,
3604  0xfe, 0xbf, 0x82, 0x95, 0x01, 0x7b, 0xb0, 0x97,
3605  0x14, 0xc2, 0x06, 0x3c, 0x69, 0xfb, 0x1c, 0x66,
3606  0x47, 0x17, 0xd9, 0x14, 0x03, 0x01, 0x00, 0x01,
3607  0x01, 0x16, 0x03, 0x01, 0x00, 0x30, 0xf6, 0xbc,
3608  0x0d, 0x6f, 0xe8, 0xbb, 0xaa, 0xbf, 0x14, 0xeb,
3609  0x7b, 0xcc, 0x6c, 0x28, 0xb0, 0xfc, 0xa6, 0x01,
3610  0x2a, 0x97, 0x96, 0x17, 0x5e, 0xe8, 0xb4, 0x4e,
3611  0x78, 0xc9, 0x04, 0x65, 0x53, 0xb6, 0x93, 0x3d,
3612  0xeb, 0x44, 0xee, 0x86, 0xf9, 0x80, 0x49, 0x45,
3613  0x21, 0x34, 0xd1, 0xee, 0xc8, 0x9c
3614  };
3615  uint32_t tlslen1 = sizeof(tlsbuf1);
3616  TcpSession ssn;
3618 
3619  memset(&f, 0, sizeof(f));
3620  memset(&ssn, 0, sizeof(ssn));
3621  FLOW_INITIALIZE(&f);
3622  f.protoctx = (void *)&ssn;
3623  f.proto = IPPROTO_TCP;
3624  f.alproto = ALPROTO_TLS;
3625 
3626  StreamTcpInitConfig(true);
3627 
3628  FLOWLOCK_WRLOCK(&f);
3629  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
3630  STREAM_TOCLIENT, tlsbuf1, tlslen1);
3631  FLOWLOCK_UNLOCK(&f);
3632  FAIL_IF(r != 0);
3633 
3634  SSLState *ssl_state = f.alstate;
3635  FAIL_IF_NULL(ssl_state);
3636 
3637  FAIL_IF(ssl_state->server_connp.content_type != 0x16);
3638 
3639  FAIL_IF(ssl_state->server_connp.version != 0x0301);
3640 
3642  StreamTcpFreeConfig(true);
3643  FLOW_DESTROY(&f);
3644 
3645  PASS;
3646 }
3647 
3648 /**
3649  * \test Test the detection of SSLv3 protocol from the given packet
3650  */
3651 static int SSLParserTest07(void)
3652 {
3653  Flow f;
3654  uint8_t tlsbuf[] = { 0x16, 0x03, 0x00, 0x00, 0x4c, 0x01,
3655  0x00, 0x00, 0x48, 0x03, 0x00, 0x57, 0x04, 0x9f,
3656  0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f, 0xbf, 0xbb,
3657  0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f,
3658  0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93,
3659  0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06,
3660  0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00,
3661  0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13,
3662  0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65,
3663  0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68,
3664  0x2e, 0x6e, 0x6f };
3665  uint32_t tlslen = sizeof(tlsbuf);
3666  TcpSession ssn;
3668 
3669  memset(&f, 0, sizeof(f));
3670  memset(&ssn, 0, sizeof(ssn));
3671  FLOW_INITIALIZE(&f);
3672  f.protoctx = (void *)&ssn;
3673  f.proto = IPPROTO_TCP;
3674  f.alproto = ALPROTO_TLS;
3675 
3676  StreamTcpInitConfig(true);
3677 
3678  FLOWLOCK_WRLOCK(&f);
3679  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
3680  STREAM_TOSERVER, tlsbuf, tlslen);
3681  FLOWLOCK_UNLOCK(&f);
3682  FAIL_IF(r != 0);
3683 
3684  SSLState *ssl_state = f.alstate;
3685  FAIL_IF_NULL(ssl_state);
3686 
3687  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
3688 
3689  FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3);
3690 
3692  StreamTcpFreeConfig(true);
3693  FLOW_DESTROY(&f);
3694 
3695  PASS;
3696 }
3697 
3698 #if 0
3699 /** \test Test the setting up of no reassembly and no payload inspection flag
3700  * after detection of the SSLv3 handshake completion */
3701 static int SSLParserTest08(void)
3702 {
3703  int result = 1;
3704  Flow f;
3705  uint8_t tlsbuf[] = { 0x16, 0x03, 0x00, 0x00, 0x01 };
3706  uint32_t tlslen = sizeof(tlsbuf);
3707  TcpSession ssn;
3709 
3710  memset(&f, 0, sizeof(f));
3711  memset(&ssn, 0, sizeof(ssn));
3712  FLOW_INITIALIZE(&f);
3713  f.protoctx = (void *)&ssn;
3714  f.proto = IPPROTO_TCP;
3715  f.alproto = ALPROTO_TLS;
3716 
3717  StreamTcpInitConfig(true);
3718 
3719  int r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen);
3720  if (r != 0) {
3721  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3722  result = 0;
3723  goto end;
3724  }
3725 
3726  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen);
3727  if (r != 0) {
3728  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3729  result = 0;
3730  goto end;
3731  }
3732 
3733  tlsbuf[0] = 0x14;
3734 
3735  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen);
3736  if (r != 0) {
3737  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3738  result = 0;
3739  goto end;
3740  }
3741 
3742  tlsbuf[0] = 0x14;
3743 
3744  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen);
3745  if (r != 0) {
3746  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3747  result = 0;
3748  goto end;
3749  }
3750 
3751  tlsbuf[0] = 0x17;
3752 
3753  r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen);
3754  if (r != 0) {
3755  printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r);
3756  result = 0;
3757  goto end;
3758  }
3759 
3760  SSLState *ssl_state = f.alstate;
3761  if (ssl_state == NULL) {
3762  printf("no tls state: ");
3763  result = 0;
3764  goto end;
3765  }
3766 
3767  if (ssl_state->client_connp.content_type != 0x17) {
3768  printf("expected content_type %" PRIu8 ", got %" PRIu8 ": ", 0x17,
3769  ssl_state->client_connp.content_type);
3770  result = 0;
3771  goto end;
3772  }
3773 
3774  if (ssl_state->client_connp.version != SSL_VERSION_3) {
3775  printf("expected version %04" PRIu16 ", got %04" PRIu16 ": ",
3776  SSL_VERSION_3, ssl_state->client_connp.version);
3777  result = 0;
3778  goto end;
3779  }
3780 
3781  AppLayerParserStateStore *parser_state_store = (AppLayerParserStateStore *)
3782  ssn.alparser;
3783  AppLayerParserState *parser_state = &parser_state_store->to_server;
3784 
3785  if (!(parser_state->flags & APP_LAYER_PARSER_NO_INSPECTION) &&
3788  printf("The flags should be set\n");
3789  result = 0;
3790  goto end;
3791  }
3792 
3793  if (!(f.flags & FLOW_NOPAYLOAD_INSPECTION)) {
3794  printf("The flags should be set\n");
3795  result = 0;
3796  goto end;
3797  }
3798 
3799 end:
3800  if (alp_tctx != NULL)
3802  StreamTcpFreeConfig(true);
3803  FLOW_DESTROY(&f);
3804  return result;
3805 }
3806 
3807 #endif
3808 
3809 /**
3810  * \test Tests the parser for handling fragmented records.
3811  */
3812 static int SSLParserTest09(void)
3813 {
3814  Flow f;
3815  uint8_t buf1[] = {
3816  0x16,
3817  };
3818  uint32_t buf1_len = sizeof(buf1);
3819 
3820  uint8_t buf2[] = {
3821  0x03, 0x00, 0x00, 0x4c, 0x01,
3822  0x00, 0x00, 0x48, 0x03, 0x00, 0x57, 0x04, 0x9f,
3823  0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f, 0xbf, 0xbb,
3824  0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f,
3825  0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93,
3826  0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06,
3827  0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00,
3828  0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13,
3829  0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65,
3830  0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68,
3831  0x2e, 0x6e, 0x6f
3832  };
3833  uint32_t buf2_len = sizeof(buf2);
3834  TcpSession ssn;
3836 
3837  memset(&f, 0, sizeof(f));
3838  memset(&ssn, 0, sizeof(ssn));
3839  FLOW_INITIALIZE(&f);
3840  f.protoctx = (void *)&ssn;
3841  f.proto = IPPROTO_TCP;
3842  f.alproto = ALPROTO_TLS;
3843 
3844  StreamTcpInitConfig(true);
3845 
3846  FLOWLOCK_WRLOCK(&f);
3847  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
3848  STREAM_TOSERVER, buf1, buf1_len);
3849  FLOWLOCK_UNLOCK(&f);
3850  FAIL_IF(r != 0);
3851 
3852  FLOWLOCK_WRLOCK(&f);
3854  buf2, buf2_len);
3855  FLOWLOCK_UNLOCK(&f);
3856  FAIL_IF(r != 0);
3857 
3858  SSLState *ssl_state = f.alstate;
3859  FAIL_IF_NULL(ssl_state);
3860 
3861  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
3862 
3863  FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3);
3864 
3866  StreamTcpFreeConfig(true);
3867  FLOW_DESTROY(&f);
3868 
3869  PASS;
3870 }
3871 
3872 /**
3873  * \test Tests the parser for handling fragmented records.
3874  */
3875 static int SSLParserTest10(void)
3876 {
3877  Flow f;
3878  uint8_t buf1[] = {
3879  0x16, 0x03,
3880  };
3881  uint32_t buf1_len = sizeof(buf1);
3882 
3883  uint8_t buf2[] = {
3884  0x00, 0x00, 0x4c, 0x01,
3885  0x00, 0x00, 0x48, 0x03, 0x00, 0x57, 0x04, 0x9f,
3886  0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f, 0xbf, 0xbb,
3887  0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f,
3888  0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93,
3889  0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06,
3890  0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00,
3891  0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13,
3892  0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65,
3893  0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68,
3894  0x2e, 0x6e, 0x6f
3895  };
3896  uint32_t buf2_len = sizeof(buf2);
3897  TcpSession ssn;
3899 
3900  memset(&f, 0, sizeof(f));
3901  memset(&ssn, 0, sizeof(ssn));
3902  FLOW_INITIALIZE(&f);
3903  f.protoctx = (void *)&ssn;
3904  f.proto = IPPROTO_TCP;
3905  f.alproto = ALPROTO_TLS;
3906 
3907  StreamTcpInitConfig(true);
3908 
3909  FLOWLOCK_WRLOCK(&f);
3910  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
3911  STREAM_TOSERVER, buf1, buf1_len);
3912  FLOWLOCK_UNLOCK(&f);
3913  FAIL_IF(r != 0);
3914 
3915  FLOWLOCK_WRLOCK(&f);
3917  buf2, buf2_len);
3918  FLOWLOCK_UNLOCK(&f);
3919  FAIL_IF(r != 0);
3920 
3921  SSLState *ssl_state = f.alstate;
3922  FAIL_IF_NULL(ssl_state);
3923 
3924  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
3925 
3926  FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3);
3927 
3929  StreamTcpFreeConfig(true);
3930  FLOW_DESTROY(&f);
3931 
3932  PASS;
3933 }
3934 
3935 /**
3936  * \test Tests the parser for handling fragmented records.
3937  */
3938 static int SSLParserTest11(void)
3939 {
3940  Flow f;
3941  uint8_t buf1[] = {
3942  0x16, 0x03, 0x00, 0x00, 0x4c, 0x01,
3943  };
3944  uint32_t buf1_len = sizeof(buf1);
3945 
3946  uint8_t buf2[] = {
3947  0x00, 0x00, 0x48, 0x03, 0x00, 0x57, 0x04, 0x9f,
3948  0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f, 0xbf, 0xbb,
3949  0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f,
3950  0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93,
3951  0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06,
3952  0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00,
3953  0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13,
3954  0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65,
3955  0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68,
3956  0x2e, 0x6e, 0x6f
3957  };
3958  uint32_t buf2_len = sizeof(buf2);
3959  TcpSession ssn;
3961 
3962  memset(&f, 0, sizeof(f));
3963  memset(&ssn, 0, sizeof(ssn));
3964  FLOW_INITIALIZE(&f);
3965  f.protoctx = (void *)&ssn;
3966  f.proto = IPPROTO_TCP;
3967  f.alproto = ALPROTO_TLS;
3968 
3969  StreamTcpInitConfig(true);
3970 
3971  FLOWLOCK_WRLOCK(&f);
3972  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
3973  STREAM_TOSERVER, buf1, buf1_len);
3974  FLOWLOCK_UNLOCK(&f);
3975  FAIL_IF(r != 0);
3976 
3977  FLOWLOCK_WRLOCK(&f);
3979  buf2, buf2_len);
3980  FLOWLOCK_UNLOCK(&f);
3981  FAIL_IF(r != 0);
3982 
3983  SSLState *ssl_state = f.alstate;
3984  FAIL_IF_NULL(ssl_state);
3985 
3986  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
3987 
3988  FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3);
3989 
3991  StreamTcpFreeConfig(true);
3992  FLOW_DESTROY(&f);
3993 
3994  PASS;
3995 }
3996 
3997 /**
3998  * \test Tests the parser for handling fragmented records.
3999  */
4000 static int SSLParserTest12(void)
4001 {
4002  Flow f;
4003  uint8_t buf1[] = {
4004  0x16, 0x03, 0x00, 0x00, 0x4c, 0x01,
4005  };
4006  uint32_t buf1_len = sizeof(buf1);
4007 
4008  uint8_t buf2[] = {
4009  0x00, 0x00, 0x48,
4010  };
4011  uint32_t buf2_len = sizeof(buf2);
4012 
4013  uint8_t buf3[] = {
4014  0x03, 0x00, 0x57, 0x04, 0x9f,
4015  0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f, 0xbf, 0xbb,
4016  0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f,
4017  0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93,
4018  0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06,
4019  0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00,
4020  0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13,
4021  0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65,
4022  0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68,
4023  0x2e, 0x6e, 0x6f
4024  };
4025  uint32_t buf3_len = sizeof(buf2);
4026  TcpSession ssn;
4028 
4029  memset(&f, 0, sizeof(f));
4030  memset(&ssn, 0, sizeof(ssn));
4031  FLOW_INITIALIZE(&f);
4032  f.protoctx = (void *)&ssn;
4033  f.proto = IPPROTO_TCP;
4034  f.alproto = ALPROTO_TLS;
4035 
4036  StreamTcpInitConfig(true);
4037 
4038  FLOWLOCK_WRLOCK(&f);
4039  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4040  STREAM_TOSERVER, buf1, buf1_len);
4041  FLOWLOCK_UNLOCK(&f);
4042  FAIL_IF(r != 0);
4043 
4044  FLOWLOCK_WRLOCK(&f);
4046  buf2, buf2_len);
4047  FLOWLOCK_UNLOCK(&f);
4048  FAIL_IF(r != 0);
4049 
4050  FLOWLOCK_WRLOCK(&f);
4052  buf3, buf3_len);
4053  FLOWLOCK_UNLOCK(&f);
4054  FAIL_IF(r != 0);
4055 
4056  SSLState *ssl_state = f.alstate;
4057  FAIL_IF_NULL(ssl_state);
4058 
4059  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
4060 
4061  FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3);
4062 
4064  StreamTcpFreeConfig(true);
4065  FLOW_DESTROY(&f);
4066 
4067  PASS;
4068 }
4069 
4070 /**
4071  * \test Tests the parser for handling fragmented records.
4072  */
4073 static int SSLParserTest13(void)
4074 {
4075  Flow f;
4076  uint8_t buf1[] = {
4077  0x16, 0x03, 0x00, 0x00, 0x4c, 0x01,
4078  };
4079  uint32_t buf1_len = sizeof(buf1);
4080 
4081  uint8_t buf2[] = {
4082  0x00, 0x00, 0x48,
4083  };
4084  uint32_t buf2_len = sizeof(buf2);
4085 
4086  uint8_t buf3[] = {
4087  0x03, 0x00, 0x57, 0x04, 0x9f,
4088  0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f,
4089  };
4090  uint32_t buf3_len = sizeof(buf3);
4091 
4092  uint8_t buf4[] = {
4093  0xbf, 0xbb,
4094  0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f,
4095  0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93,
4096  0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06,
4097  0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00,
4098  0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13,
4099  0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65,
4100  0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68,
4101  0x2e, 0x6e, 0x6f
4102  };
4103  uint32_t buf4_len = sizeof(buf4);
4104  TcpSession ssn;
4106 
4107  memset(&f, 0, sizeof(f));
4108  memset(&ssn, 0, sizeof(ssn));
4109  FLOW_INITIALIZE(&f);
4110  f.protoctx = (void *)&ssn;
4111  f.proto = IPPROTO_TCP;
4112  f.alproto = ALPROTO_TLS;
4113 
4114  StreamTcpInitConfig(true);
4115 
4116  FLOWLOCK_WRLOCK(&f);
4117  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4118  STREAM_TOSERVER, buf1, buf1_len);
4119  FLOWLOCK_UNLOCK(&f);
4120  FAIL_IF(r != 0);
4121 
4122  FLOWLOCK_WRLOCK(&f);
4124  buf2, buf2_len);
4125  FLOWLOCK_UNLOCK(&f);
4126  FAIL_IF(r != 0);
4127 
4128  FLOWLOCK_WRLOCK(&f);
4130  buf3, buf3_len);
4131  FLOWLOCK_UNLOCK(&f);
4132  FAIL_IF(r != 0);
4133 
4134  FLOWLOCK_WRLOCK(&f);
4136  buf4, buf4_len);
4137  FLOWLOCK_UNLOCK(&f);
4138  FAIL_IF(r != 0);
4139 
4140  SSLState *ssl_state = f.alstate;
4141  FAIL_IF_NULL(ssl_state);
4142 
4143  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
4144 
4145  FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3);
4146 
4148  StreamTcpFreeConfig(true);
4149  FLOW_DESTROY(&f);
4150 
4151  PASS;
4152 }
4153 
4154 /**
4155  * \test Tests the parser for handling fragmented records.
4156  */
4157 static int SSLParserTest14(void)
4158 {
4159  Flow f;
4160 
4161  uint8_t buf1[] = {
4162  0x16, 0x03, 0x00, 0x00, 0x00,
4163  };
4164  uint32_t buf1_len = sizeof(buf1);
4165 
4166  uint8_t buf2[] = {
4167  0x16, 0x03, 0x00, 0x00, 0x00,
4168  };
4169  uint32_t buf2_len = sizeof(buf2);
4170 
4171  TcpSession ssn;
4173 
4174  memset(&f, 0, sizeof(f));
4175  memset(&ssn, 0, sizeof(ssn));
4176  FLOW_INITIALIZE(&f);
4177  f.protoctx = (void *)&ssn;
4178  f.proto = IPPROTO_TCP;
4179  f.alproto = ALPROTO_TLS;
4180 
4181  StreamTcpInitConfig(true);
4182 
4183  FLOWLOCK_WRLOCK(&f);
4184  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4185  STREAM_TOSERVER, buf1, buf1_len);
4186  FLOWLOCK_UNLOCK(&f);
4187  FAIL_IF(r != 0);
4188 
4189  FLOWLOCK_WRLOCK(&f);
4191  buf2, buf2_len);
4192  FLOWLOCK_UNLOCK(&f);
4193  FAIL_IF(r != 0);
4194 
4195  SSLState *ssl_state = f.alstate;
4196  FAIL_IF_NULL(ssl_state);
4197 
4199  StreamTcpFreeConfig(true);
4200  FLOW_DESTROY(&f);
4201 
4202  PASS;
4203 }
4204 
4205 /**
4206  * \test Tests the parser for handling fragmented records.
4207  */
4208 static int SSLParserTest15(void)
4209 {
4210  Flow f;
4211 
4212  uint8_t buf1[] = {
4213  0x16, 0x03, 0x00, 0x00, 0x01, 0x01,
4214  };
4215  uint32_t buf1_len = sizeof(buf1);
4216 
4217  TcpSession ssn;
4219 
4220  memset(&f, 0, sizeof(f));
4221  memset(&ssn, 0, sizeof(ssn));
4222  FLOW_INITIALIZE(&f);
4223  f.protoctx = (void *)&ssn;
4224  f.proto = IPPROTO_TCP;
4225  f.alproto = ALPROTO_TLS;
4226 
4227  StreamTcpInitConfig(true);
4228 
4229  FLOWLOCK_WRLOCK(&f);
4230  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4231  STREAM_TOSERVER, buf1, buf1_len);
4232  FLOWLOCK_UNLOCK(&f);
4233  FAIL_IF(r == 0);
4234 
4236  StreamTcpFreeConfig(true);
4237  FLOW_DESTROY(&f);
4238 
4239  PASS;
4240 }
4241 
4242 /**
4243  * \test Tests the parser for handling fragmented records.
4244  */
4245 static int SSLParserTest16(void)
4246 {
4247  Flow f;
4248 
4249  uint8_t buf1[] = {
4250  0x16, 0x03, 0x00, 0x00, 0x02, 0x01, 0x00
4251  };
4252  uint32_t buf1_len = sizeof(buf1);
4253 
4254  TcpSession ssn;
4256 
4257  memset(&f, 0, sizeof(f));
4258  memset(&ssn, 0, sizeof(ssn));
4259  FLOW_INITIALIZE(&f);
4260  f.protoctx = (void *)&ssn;
4261  f.proto = IPPROTO_TCP;
4262  f.alproto = ALPROTO_TLS;
4263 
4264  StreamTcpInitConfig(true);
4265 
4266  FLOWLOCK_WRLOCK(&f);
4267  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4268  STREAM_TOSERVER, buf1, buf1_len);
4269  FLOWLOCK_UNLOCK(&f);
4270  FAIL_IF(r == 0);
4271 
4273  StreamTcpFreeConfig(true);
4274  FLOW_DESTROY(&f);
4275 
4276  PASS;
4277 }
4278 
4279 /**
4280  * \test Tests the parser for handling fragmented records.
4281  */
4282 static int SSLParserTest17(void)
4283 {
4284  Flow f;
4285 
4286  uint8_t buf1[] = {
4287  0x16, 0x03, 0x00, 0x00, 0x03, 0x01, 0x00, 0x00
4288  };
4289  uint32_t buf1_len = sizeof(buf1);
4290 
4291  TcpSession ssn;
4293 
4294  memset(&f, 0, sizeof(f));
4295  memset(&ssn, 0, sizeof(ssn));
4296  FLOW_INITIALIZE(&f);
4297  f.protoctx = (void *)&ssn;
4298  f.proto = IPPROTO_TCP;
4299  f.alproto = ALPROTO_TLS;
4300 
4301  StreamTcpInitConfig(true);
4302 
4303  FLOWLOCK_WRLOCK(&f);
4304  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4305  STREAM_TOSERVER, buf1, buf1_len);
4306  FLOWLOCK_UNLOCK(&f);
4307  FAIL_IF(r == 0);
4308 
4310  StreamTcpFreeConfig(true);
4311  FLOW_DESTROY(&f);
4312 
4313  PASS;
4314 }
4315 
4316 /**
4317  * \test Tests the parser for handling fragmented records.
4318  */
4319 static int SSLParserTest18(void)
4320 {
4321  Flow f;
4322 
4323  uint8_t buf1[] = {
4324  0x16, 0x03, 0x00, 0x00, 0x04, 0x01, 0x00, 0x00,
4325  0x6b,
4326  };
4327  uint32_t buf1_len = sizeof(buf1);
4328 
4329  uint8_t buf2[] = {
4330  0x16, 0x03, 0x00, 0x00, 0x00,
4331  };
4332  uint32_t buf2_len = sizeof(buf2);
4333 
4334  TcpSession ssn;
4336 
4337  memset(&f, 0, sizeof(f));
4338  memset(&ssn, 0, sizeof(ssn));
4339  FLOW_INITIALIZE(&f);
4340  f.protoctx = (void *)&ssn;
4341  f.proto = IPPROTO_TCP;
4342  f.alproto = ALPROTO_TLS;
4343 
4344  StreamTcpInitConfig(true);
4345 
4346  FLOWLOCK_WRLOCK(&f);
4347  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4348  STREAM_TOSERVER, buf1, buf1_len);
4349  FLOWLOCK_UNLOCK(&f);
4350  FAIL_IF(r != 0);
4351 
4352  FLOWLOCK_WRLOCK(&f);
4354  buf2, buf2_len);
4355  FLOWLOCK_UNLOCK(&f);
4356  FAIL_IF(r != 0);
4357 
4358  SSLState *ssl_state = f.alstate;
4359  FAIL_IF_NULL(ssl_state);
4360 
4362  StreamTcpFreeConfig(true);
4363  FLOW_DESTROY(&f);
4364 
4365  PASS;
4366 }
4367 
4368 /**
4369  * \test Tests the parser for handling fragmented records.
4370  */
4371 static int SSLParserTest19(void)
4372 {
4373  Flow f;
4374 
4375  uint8_t buf1[] = {
4376  0x16, 0x03, 0x00, 0x00, 0x04, 0x01, 0x00, 0x00,
4377  0x6b, 0x16, 0x03, 0x00, 0x00, 0x00,
4378  };
4379  uint32_t buf1_len = sizeof(buf1);
4380 
4381  TcpSession ssn;
4383 
4384  memset(&f, 0, sizeof(f));
4385  memset(&ssn, 0, sizeof(ssn));
4386  FLOW_INITIALIZE(&f);
4387  f.protoctx = (void *)&ssn;
4388  f.proto = IPPROTO_TCP;
4389  f.alproto = ALPROTO_TLS;
4390 
4391  StreamTcpInitConfig(true);
4392 
4393  FLOWLOCK_WRLOCK(&f);
4394  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4395  STREAM_TOSERVER, buf1, buf1_len);
4396  FLOWLOCK_UNLOCK(&f);
4397  FAIL_IF(r != 0);
4398 
4399  SSLState *ssl_state = f.alstate;
4400  FAIL_IF_NULL(ssl_state);
4401 
4403  StreamTcpFreeConfig(true);
4404  FLOW_DESTROY(&f);
4405 
4406  PASS;
4407 }
4408 
4409 /**
4410  * \test Tests the parser for handling fragmented records.
4411  */
4412 static int SSLParserTest20(void)
4413 {
4414  Flow f;
4415 
4416  uint8_t buf1[] = {
4417  0x16, 0x03, 0x00, 0x00, 0x03, 0x01, 0x00, 0x00,
4418  0x16, 0x03, 0x00, 0x00, 0x00,
4419  };
4420  uint32_t buf1_len = sizeof(buf1);
4421 
4422  TcpSession ssn;
4424 
4425  memset(&f, 0, sizeof(f));
4426  memset(&ssn, 0, sizeof(ssn));
4427  FLOW_INITIALIZE(&f);
4428  f.protoctx = (void *)&ssn;
4429  f.proto = IPPROTO_TCP;
4430  f.alproto = ALPROTO_TLS;
4431 
4432  StreamTcpInitConfig(true);
4433 
4434  FLOWLOCK_WRLOCK(&f);
4435  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4436  STREAM_TOSERVER, buf1, buf1_len);
4437  FLOWLOCK_UNLOCK(&f);
4438  FAIL_IF(r == 0);
4439 
4441  StreamTcpFreeConfig(true);
4442  FLOW_DESTROY(&f);
4443 
4444  PASS;
4445 }
4446 
4447 /**
4448  * \test SSLv2 Record parsing.
4449  */
4450 static int SSLParserTest21(void)
4451 {
4452  Flow f;
4453  uint8_t buf[] = {
4454  0x80, 0x31, 0x01, 0x00, 0x02, 0x00, 0x00, 0x00,
4455  0x01,
4456  };
4457  uint32_t buf_len = sizeof(buf);
4458 
4459  TcpSession ssn;
4461 
4462  memset(&f, 0, sizeof(f));
4463  memset(&ssn, 0, sizeof(ssn));
4464 
4465  FLOW_INITIALIZE(&f);
4466  f.protoctx = (void *)&ssn;
4467  f.proto = IPPROTO_TCP;
4468  f.alproto = ALPROTO_TLS;
4469 
4470  StreamTcpInitConfig(true);
4471 
4472  FLOWLOCK_WRLOCK(&f);
4473  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4474  STREAM_TOSERVER | STREAM_EOF, buf, buf_len);
4475  FLOWLOCK_UNLOCK(&f);
4476  FAIL_IF(r != 0);
4477 
4478  SSLState *app_state = f.alstate;
4479  FAIL_IF_NULL(app_state);
4480 
4482 
4483  FAIL_IF(app_state->client_connp.version != SSL_VERSION_2);
4484 
4486  StreamTcpFreeConfig(true);
4487  FLOW_DESTROY(&f);
4488 
4489  PASS;
4490 }
4491 
4492 /**
4493  * \test SSLv2 Record parsing.
4494  */
4495 static int SSLParserTest22(void)
4496 {
4497  Flow f;
4498  uint8_t buf[] = {
4499  0x80, 0x31, 0x04, 0x00, 0x01, 0x00,
4500  0x02, 0x00, 0x00, 0x00, 0x10, 0x07, 0x00, 0xc0,
4501  0x05, 0x00, 0x80, 0x03, 0x00, 0x80, 0x01, 0x00,
4502  0x80, 0x08, 0x00, 0x80, 0x06, 0x00, 0x40, 0x04,
4503  0x00, 0x80, 0x02, 0x00, 0x80, 0x76, 0x64, 0x75,
4504  0x2d, 0xa7, 0x98, 0xfe, 0xc9, 0x12, 0x92, 0xc1,
4505  0x2f, 0x34, 0x84, 0x20, 0xc5};
4506  uint32_t buf_len = sizeof(buf);
4507  TcpSession ssn;
4509 
4510  //AppLayerDetectProtoThreadInit();
4511 
4512  memset(&f, 0, sizeof(f));
4513  memset(&ssn, 0, sizeof(ssn));
4514 
4515  FLOW_INITIALIZE(&f);
4516  f.protoctx = (void *)&ssn;
4517  f.proto = IPPROTO_TCP;
4518  f.alproto = ALPROTO_TLS;
4519 
4520  StreamTcpInitConfig(true);
4521 
4522  FLOWLOCK_WRLOCK(&f);
4523  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4524  STREAM_TOCLIENT | STREAM_EOF, buf, buf_len);
4525  FLOWLOCK_UNLOCK(&f);
4526  FAIL_IF(r != 0);
4527 
4528  SSLState *app_state = f.alstate;
4529  FAIL_IF_NULL(app_state);
4530 
4532 
4533  FAIL_IF(app_state->server_connp.version != SSL_VERSION_2);
4534 
4536  StreamTcpFreeConfig(true);
4537  FLOW_DESTROY(&f);
4538 
4539  PASS;
4540 }
4541 
4542 /**
4543  * \test SSLv2 Record parsing.
4544  */
4545 static int SSLParserTest23(void)
4546 {
4547  Flow f;
4548  uint8_t chello_buf[] = {
4549  0x80, 0x67, 0x01, 0x03, 0x00, 0x00, 0x4e, 0x00,
4550  0x00, 0x00, 0x10, 0x01, 0x00, 0x80, 0x03, 0x00,
4551  0x80, 0x07, 0x00, 0xc0, 0x06, 0x00, 0x40, 0x02,
4552  0x00, 0x80, 0x04, 0x00, 0x80, 0x00, 0x00, 0x39,
4553  0x00, 0x00, 0x38, 0x00, 0x00, 0x35, 0x00, 0x00,
4554  0x33, 0x00, 0x00, 0x32, 0x00, 0x00, 0x04, 0x00,
4555  0x00, 0x05, 0x00, 0x00, 0x2f, 0x00, 0x00, 0x16,
4556  0x00, 0x00, 0x13, 0x00, 0xfe, 0xff, 0x00, 0x00,
4557  0x0a, 0x00, 0x00, 0x15, 0x00, 0x00, 0x12, 0x00,
4558  0xfe, 0xfe, 0x00, 0x00, 0x09, 0x00, 0x00, 0x64,
4559  0x00, 0x00, 0x62, 0x00, 0x00, 0x03, 0x00, 0x00,
4560  0x06, 0xa8, 0xb8, 0x93, 0xbb, 0x90, 0xe9, 0x2a,
4561  0xa2, 0x4d, 0x6d, 0xcc, 0x1c, 0xe7, 0x2a, 0x80,
4562  0x21
4563  };
4564  uint32_t chello_buf_len = sizeof(chello_buf);
4565 
4566  uint8_t shello_buf[] = {
4567  0x16, 0x03, 0x00, 0x00, 0x4a, 0x02,
4568  0x00, 0x00, 0x46, 0x03, 0x00, 0x44, 0x4c, 0x94,
4569  0x8f, 0xfe, 0x81, 0xed, 0x93, 0x65, 0x02, 0x88,
4570  0xa3, 0xf8, 0xeb, 0x63, 0x86, 0x0e, 0x2c, 0xf6,
4571  0x8d, 0xd0, 0x0f, 0x2c, 0x2a, 0xd6, 0x4f, 0xcd,
4572  0x2d, 0x3c, 0x16, 0xd7, 0xd6, 0x20, 0xa0, 0xfb,
4573  0x60, 0x86, 0x3d, 0x1e, 0x76, 0xf3, 0x30, 0xfe,
4574  0x0b, 0x01, 0xfd, 0x1a, 0x01, 0xed, 0x95, 0xf6,
4575  0x7b, 0x8e, 0xc0, 0xd4, 0x27, 0xbf, 0xf0, 0x6e,
4576  0xc7, 0x56, 0xb1, 0x47, 0xce, 0x98, 0x00, 0x35,
4577  0x00, 0x16, 0x03, 0x00, 0x03, 0x44, 0x0b, 0x00,
4578  0x03, 0x40, 0x00, 0x03, 0x3d, 0x00, 0x03, 0x3a,
4579  0x30, 0x82, 0x03, 0x36, 0x30, 0x82, 0x02, 0x9f,
4580  0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01,
4581  0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
4582  0xf7, 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30,
4583  0x81, 0xa9, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
4584  0x55, 0x04, 0x06, 0x13, 0x02, 0x58, 0x59, 0x31,
4585  0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x08,
4586  0x13, 0x0c, 0x53, 0x6e, 0x61, 0x6b, 0x65, 0x20,
4587  0x44, 0x65, 0x73, 0x65, 0x72, 0x74, 0x31, 0x13,
4588  0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13,
4589  0x0a, 0x53, 0x6e, 0x61, 0x6b, 0x65, 0x20, 0x54,
4590  0x6f, 0x77, 0x6e, 0x31, 0x17, 0x30, 0x15, 0x06,
4591  0x03, 0x55, 0x04, 0x0a, 0x13, 0x0e, 0x53, 0x6e,
4592  0x61, 0x6b, 0x65, 0x20, 0x4f, 0x69, 0x6c, 0x2c,
4593  0x20, 0x4c, 0x74, 0x64, 0x31, 0x1e, 0x30, 0x1c,
4594  0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x15, 0x43,
4595  0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61,
4596  0x74, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f,
4597  0x72, 0x69, 0x74, 0x79, 0x31, 0x15, 0x30, 0x13,
4598  0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0c, 0x53,
4599  0x6e, 0x61, 0x6b, 0x65, 0x20, 0x4f, 0x69, 0x6c,
4600  0x20, 0x43, 0x41, 0x31, 0x1e, 0x30, 0x1c, 0x06,
4601  0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
4602  0x09, 0x01, 0x16, 0x0f, 0x63, 0x61, 0x40, 0x73,
4603  0x6e, 0x61, 0x6b, 0x65, 0x6f, 0x69, 0x6c, 0x2e,
4604  0x64, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x30,
4605  0x33, 0x30, 0x33, 0x30, 0x35, 0x31, 0x36, 0x34,
4606  0x37, 0x34, 0x35, 0x5a, 0x17, 0x0d, 0x30, 0x38,
4607  0x30, 0x33, 0x30, 0x33, 0x31, 0x36, 0x34, 0x37,
4608  0x34, 0x35, 0x5a, 0x30, 0x81, 0xa7, 0x31, 0x0b,
4609  0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
4610  0x02, 0x58, 0x59, 0x31, 0x15, 0x30, 0x13, 0x06,
4611  0x03, 0x55, 0x04, 0x08, 0x13, 0x0c, 0x53, 0x6e,
4612  0x61, 0x6b, 0x65, 0x20, 0x44, 0x65, 0x73, 0x65,
4613  0x72, 0x74, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03,
4614  0x55, 0x04, 0x07, 0x13, 0x0a, 0x53, 0x6e, 0x61,
4615  0x6b, 0x65, 0x20, 0x54, 0x6f, 0x77, 0x6e, 0x31,
4616  0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0a,
4617  0x13, 0x0e, 0x53, 0x6e, 0x61, 0x6b, 0x65, 0x20,
4618  0x4f, 0x69, 0x6c, 0x2c, 0x20, 0x4c, 0x74, 0x64,
4619  0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04,
4620  0x0b, 0x13, 0x0e, 0x57, 0x65, 0x62, 0x73, 0x65,
4621  0x72, 0x76, 0x65, 0x72, 0x20, 0x54, 0x65, 0x61,
4622  0x6d, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55,
4623  0x04, 0x03, 0x13, 0x10, 0x77, 0x77, 0x77, 0x2e,
4624  0x73, 0x6e, 0x61, 0x6b, 0x65, 0x6f, 0x69, 0x6c,
4625  0x2e, 0x64, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d,
4626  0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
4627  0x01, 0x09, 0x01, 0x16, 0x10, 0x77, 0x77, 0x77,
4628  0x40, 0x73, 0x6e, 0x61, 0x6b, 0x65, 0x6f, 0x69,
4629  0x6c, 0x2e, 0x64, 0x6f, 0x6d, 0x30, 0x81, 0x9f,
4630  0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
4631  0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03,
4632  0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81,
4633  0x81, 0x00, 0xa4, 0x6e, 0x53, 0x14, 0x0a, 0xde,
4634  0x2c, 0xe3, 0x60, 0x55, 0x9a, 0xf2, 0x42, 0xa6,
4635  0xaf, 0x47, 0x12, 0x2f, 0x17, 0xce, 0xfa, 0xba,
4636  0xdc, 0x4e, 0x63, 0x56, 0x34, 0xb9, 0xba, 0x73,
4637  0x4b, 0x78, 0x44, 0x3d, 0xc6, 0x6c, 0x69, 0xa4,
4638  0x25, 0xb3, 0x61, 0x02, 0x9d, 0x09, 0x04, 0x3f,
4639  0x72, 0x3d, 0xd8, 0x27, 0xd3, 0xb0, 0x5a, 0x45,
4640  0x77, 0xb7, 0x36, 0xe4, 0x26, 0x23, 0xcc, 0x12,
4641  0xb8, 0xae, 0xde, 0xa7, 0xb6, 0x3a, 0x82, 0x3c,
4642  0x7c, 0x24, 0x59, 0x0a, 0xf8, 0x96, 0x43, 0x8b,
4643  0xa3, 0x29, 0x36, 0x3f, 0x91, 0x7f, 0x5d, 0xc7,
4644  0x23, 0x94, 0x29, 0x7f, 0x0a, 0xce, 0x0a, 0xbd,
4645  0x8d, 0x9b, 0x2f, 0x19, 0x17, 0xaa, 0xd5, 0x8e,
4646  0xec, 0x66, 0xa2, 0x37, 0xeb, 0x3f, 0x57, 0x53,
4647  0x3c, 0xf2, 0xaa, 0xbb, 0x79, 0x19, 0x4b, 0x90,
4648  0x7e, 0xa7, 0xa3, 0x99, 0xfe, 0x84, 0x4c, 0x89,
4649  0xf0, 0x3d, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3,
4650  0x6e, 0x30, 0x6c, 0x30, 0x1b, 0x06, 0x03, 0x55,
4651  0x1d, 0x11, 0x04, 0x14, 0x30, 0x12, 0x81, 0x10,
4652  0x77, 0x77, 0x77, 0x40, 0x73, 0x6e, 0x61, 0x6b,
4653  0x65, 0x6f, 0x69, 0x6c, 0x2e, 0x64, 0x6f, 0x6d,
4654  0x30, 0x3a, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
4655  0x86, 0xf8, 0x42, 0x01, 0x0d, 0x04, 0x2d, 0x16,
4656  0x2b, 0x6d, 0x6f, 0x64, 0x5f, 0x73, 0x73, 0x6c,
4657  0x20, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74,
4658  0x65, 0x64, 0x20, 0x63, 0x75, 0x73, 0x74, 0x6f,
4659  0x6d, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72,
4660  0x20, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
4661  0x63, 0x61, 0x74, 0x65, 0x30, 0x11, 0x06, 0x09,
4662  0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01,
4663  0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30,
4664  0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
4665  0x0d, 0x01, 0x01, 0x04, 0x05, 0x00, 0x03, 0x81,
4666  0x81, 0x00, 0xae, 0x79, 0x79, 0x22, 0x90, 0x75,
4667  0xfd, 0xa6, 0xd5, 0xc4, 0xb8, 0xc4, 0x99, 0x4e,
4668  0x1c, 0x05, 0x7c, 0x91, 0x59, 0xbe, 0x89, 0x0d,
4669  0x3d, 0xc6, 0x8c, 0xa3, 0xcf, 0xf6, 0xba, 0x23,
4670  0xdf, 0xb8, 0xae, 0x44, 0x68, 0x8a, 0x8f, 0xb9,
4671  0x8b, 0xcb, 0x12, 0xda, 0xe6, 0xa2, 0xca, 0xa5,
4672  0xa6, 0x55, 0xd9, 0xd2, 0xa1, 0xad, 0xba, 0x9b,
4673  0x2c, 0x44, 0x95, 0x1d, 0x4a, 0x90, 0x59, 0x7f,
4674  0x83, 0xae, 0x81, 0x5e, 0x3f, 0x92, 0xe0, 0x14,
4675  0x41, 0x82, 0x4e, 0x7f, 0x53, 0xfd, 0x10, 0x23,
4676  0xeb, 0x8a, 0xeb, 0xe9, 0x92, 0xea, 0x61, 0xf2,
4677  0x8e, 0x19, 0xa1, 0xd3, 0x49, 0xc0, 0x84, 0x34,
4678  0x1e, 0x2e, 0x6e, 0xf6, 0x98, 0xe2, 0x87, 0x53,
4679  0xd6, 0x55, 0xd9, 0x1a, 0x8a, 0x92, 0x5c, 0xad,
4680  0xdc, 0x1e, 0x1c, 0x30, 0xa7, 0x65, 0x9d, 0xc2,
4681  0x4f, 0x60, 0xd2, 0x6f, 0xdb, 0xe0, 0x9f, 0x9e,
4682  0xbc, 0x41, 0x16, 0x03, 0x00, 0x00, 0x04, 0x0e,
4683  0x00, 0x00, 0x00
4684  };
4685  uint32_t shello_buf_len = sizeof(shello_buf);
4686 
4687  uint8_t client_change_cipher_spec_buf[] = {
4688  0x16, 0x03, 0x00, 0x00, 0x84, 0x10, 0x00, 0x00,
4689  0x80, 0x65, 0x51, 0x2d, 0xa6, 0xd4, 0xa7, 0x38,
4690  0xdf, 0xac, 0x79, 0x1f, 0x0b, 0xd9, 0xb2, 0x61,
4691  0x7d, 0x73, 0x88, 0x32, 0xd9, 0xf2, 0x62, 0x3a,
4692  0x8b, 0x11, 0x04, 0x75, 0xca, 0x42, 0xff, 0x4e,
4693  0xd9, 0xcc, 0xb9, 0xfa, 0x86, 0xf3, 0x16, 0x2f,
4694  0x09, 0x73, 0x51, 0x66, 0xaa, 0x29, 0xcd, 0x80,
4695  0x61, 0x0f, 0xe8, 0x13, 0xce, 0x5b, 0x8e, 0x0a,
4696  0x23, 0xf8, 0x91, 0x5e, 0x5f, 0x54, 0x70, 0x80,
4697  0x8e, 0x7b, 0x28, 0xef, 0xb6, 0x69, 0xb2, 0x59,
4698  0x85, 0x74, 0x98, 0xe2, 0x7e, 0xd8, 0xcc, 0x76,
4699  0x80, 0xe1, 0xb6, 0x45, 0x4d, 0xc7, 0xcd, 0x84,
4700  0xce, 0xb4, 0x52, 0x79, 0x74, 0xcd, 0xe6, 0xd7,
4701  0xd1, 0x9c, 0xad, 0xef, 0x63, 0x6c, 0x0f, 0xf7,
4702  0x05, 0xe4, 0x4d, 0x1a, 0xd3, 0xcb, 0x9c, 0xd2,
4703  0x51, 0xb5, 0x61, 0xcb, 0xff, 0x7c, 0xee, 0xc7,
4704  0xbc, 0x5e, 0x15, 0xa3, 0xf2, 0x52, 0x0f, 0xbb,
4705  0x32, 0x14, 0x03, 0x00, 0x00, 0x01, 0x01, 0x16,
4706  0x03, 0x00, 0x00, 0x40, 0xa9, 0xd8, 0xd7, 0x35,
4707  0xbc, 0x39, 0x56, 0x98, 0xad, 0x87, 0x61, 0x2a,
4708  0xc4, 0x8f, 0xcc, 0x03, 0xcb, 0x93, 0x80, 0x81,
4709  0xb0, 0x4a, 0xc4, 0xd2, 0x09, 0x71, 0x3e, 0x90,
4710  0x3c, 0x8d, 0xe0, 0x95, 0x44, 0xfe, 0x56, 0xd1,
4711  0x7e, 0x88, 0xe2, 0x48, 0xfd, 0x76, 0x70, 0x76,
4712  0xe2, 0xcd, 0x06, 0xd0, 0xf3, 0x9d, 0x13, 0x79,
4713  0x67, 0x1e, 0x37, 0xf6, 0x98, 0xbe, 0x59, 0x18,
4714  0x4c, 0xfc, 0x75, 0x56
4715  };
4716  uint32_t client_change_cipher_spec_buf_len =
4717  sizeof(client_change_cipher_spec_buf);
4718 
4719  uint8_t server_change_cipher_spec_buf[] = {
4720  0x14, 0x03, 0x00, 0x00, 0x01, 0x01, 0x16, 0x03,
4721  0x00, 0x00, 0x40, 0xce, 0x7c, 0x92, 0x43, 0x59,
4722  0xcc, 0x3d, 0x90, 0x91, 0x9c, 0x58, 0xf0, 0x7a,
4723  0xce, 0xae, 0x0d, 0x08, 0xe0, 0x76, 0xb4, 0x86,
4724  0xb1, 0x15, 0x5b, 0x32, 0xb8, 0x77, 0x53, 0xe7,
4725  0xa6, 0xf9, 0xd0, 0x95, 0x5f, 0xaa, 0x07, 0xc3,
4726  0x96, 0x7c, 0xc9, 0x88, 0xc2, 0x7a, 0x20, 0x89,
4727  0x4f, 0xeb, 0xeb, 0xb6, 0x19, 0xef, 0xaa, 0x27,
4728  0x73, 0x9d, 0xa6, 0xb4, 0x9f, 0xeb, 0x34, 0xe2,
4729  0x4d, 0x9f, 0x6b
4730  };
4731  uint32_t server_change_cipher_spec_buf_len =
4732  sizeof(server_change_cipher_spec_buf);
4733 
4734  uint8_t toserver_app_data_buf[] = {
4735  0x17, 0x03, 0x00, 0x01, 0xb0, 0x4a, 0xc3, 0x3e,
4736  0x9d, 0x77, 0x78, 0x01, 0x2c, 0xb4, 0xbc, 0x4c,
4737  0x9a, 0x84, 0xd7, 0xb9, 0x90, 0x0c, 0x21, 0x10,
4738  0xf0, 0xfa, 0x00, 0x7c, 0x16, 0xbb, 0x77, 0xfb,
4739  0x72, 0x42, 0x4f, 0xad, 0x50, 0x4a, 0xd0, 0xaa,
4740  0x6f, 0xaa, 0x44, 0x6c, 0x62, 0x94, 0x1b, 0xc5,
4741  0xfe, 0xe9, 0x1c, 0x5e, 0xde, 0x85, 0x0b, 0x0e,
4742  0x05, 0xe4, 0x18, 0x6e, 0xd2, 0xd3, 0xb5, 0x20,
4743  0xab, 0x81, 0xfd, 0x18, 0x9a, 0x73, 0xb8, 0xd7,
4744  0xef, 0xc3, 0xdd, 0x74, 0xd7, 0x9c, 0x1e, 0x6f,
4745  0x21, 0x6d, 0xf8, 0x24, 0xca, 0x3c, 0x70, 0x78,
4746  0x36, 0x12, 0x7a, 0x8a, 0x9c, 0xac, 0x4e, 0x1c,
4747  0xa8, 0xfb, 0x27, 0x30, 0xba, 0x9a, 0xf4, 0x2f,
4748  0x0a, 0xab, 0x80, 0x6a, 0xa1, 0x60, 0x74, 0xf0,
4749  0xe3, 0x91, 0x84, 0xe7, 0x90, 0x88, 0xcc, 0xf0,
4750  0x95, 0x7b, 0x0a, 0x22, 0xf2, 0xf9, 0x27, 0xe0,
4751  0xdd, 0x38, 0x0c, 0xfd, 0xe9, 0x03, 0x71, 0xdc,
4752  0x70, 0xa4, 0x6e, 0xdf, 0xe3, 0x72, 0x9e, 0xa1,
4753  0xf0, 0xc9, 0x00, 0xd6, 0x03, 0x55, 0x6a, 0x67,
4754  0x5d, 0x9c, 0xb8, 0x75, 0x01, 0xb0, 0x01, 0x9f,
4755  0xe6, 0xd2, 0x44, 0x18, 0xbc, 0xca, 0x7a, 0x10,
4756  0x39, 0xa6, 0xcf, 0x15, 0xc7, 0xf5, 0x35, 0xd4,
4757  0xb3, 0x6d, 0x91, 0x23, 0x84, 0x99, 0xba, 0xb0,
4758  0x7e, 0xd0, 0xc9, 0x4c, 0xbf, 0x3f, 0x33, 0x68,
4759  0x37, 0xb7, 0x7d, 0x44, 0xb0, 0x0b, 0x2c, 0x0f,
4760  0xd0, 0x75, 0xa2, 0x6b, 0x5b, 0xe1, 0x9f, 0xd4,
4761  0x69, 0x9a, 0x14, 0xc8, 0x29, 0xb7, 0xd9, 0x10,
4762  0xbb, 0x99, 0x30, 0x9a, 0xfb, 0xcc, 0x13, 0x1f,
4763  0x76, 0x4e, 0xe6, 0xdf, 0x14, 0xaa, 0xd5, 0x60,
4764  0xbf, 0x91, 0x49, 0x0d, 0x64, 0x42, 0x29, 0xa8,
4765  0x64, 0x27, 0xd4, 0x5e, 0x1b, 0x18, 0x03, 0xa8,
4766  0x73, 0xd6, 0x05, 0x6e, 0xf7, 0x50, 0xb0, 0x09,
4767  0x6b, 0x69, 0x7a, 0x12, 0x28, 0x58, 0xef, 0x5a,
4768  0x86, 0x11, 0xde, 0x71, 0x71, 0x9f, 0xca, 0xbd,
4769  0x79, 0x2a, 0xc2, 0xe5, 0x9b, 0x5e, 0x32, 0xe7,
4770  0xcb, 0x97, 0x6e, 0xa0, 0xea, 0xa4, 0xa4, 0x6a,
4771  0x32, 0xf9, 0x37, 0x39, 0xd8, 0x37, 0x6d, 0x63,
4772  0xf3, 0x08, 0x1c, 0xdd, 0x06, 0xdd, 0x2c, 0x2b,
4773  0x9f, 0x04, 0x88, 0x5f, 0x36, 0x42, 0xc1, 0xb1,
4774  0xc7, 0xe8, 0x2d, 0x5d, 0xa4, 0x6c, 0xe5, 0x60,
4775  0x94, 0xae, 0xd0, 0x90, 0x1e, 0x88, 0xa0, 0x87,
4776  0x52, 0xfb, 0xed, 0x97, 0xa5, 0x25, 0x5a, 0xb7,
4777  0x55, 0xc5, 0x13, 0x07, 0x85, 0x27, 0x40, 0xed,
4778  0xb8, 0xa0, 0x26, 0x13, 0x44, 0x0c, 0xfc, 0xcc,
4779  0x5a, 0x09, 0xe5, 0x44, 0xb5, 0x63, 0xa1, 0x43,
4780  0x51, 0x23, 0x4f, 0x17, 0x21, 0x89, 0x2e, 0x58,
4781  0xfd, 0xf9, 0x63, 0x74, 0x04, 0x70, 0x1e, 0x7d,
4782  0xd0, 0x66, 0xba, 0x40, 0x5e, 0x45, 0xdc, 0x39,
4783  0x7c, 0x53, 0x0f, 0xa8, 0x38, 0xb2, 0x13, 0x99,
4784  0x27, 0xd9, 0x4a, 0x51, 0xe9, 0x9f, 0x2a, 0x92,
4785  0xbb, 0x9c, 0x90, 0xab, 0xfd, 0xf1, 0xb7, 0x40,
4786  0x05, 0xa9, 0x7a, 0x20, 0x63, 0x36, 0xc1, 0xef,
4787  0xb9, 0xad, 0xa2, 0xe0, 0x1d, 0x20, 0x4f, 0xb2,
4788  0x34, 0xbd, 0xea, 0x07, 0xac, 0x21, 0xce, 0xf6,
4789  0x8a, 0xa2, 0x9e, 0xcd, 0xfa
4790  };
4791  uint32_t toserver_app_data_buf_len = sizeof(toserver_app_data_buf);
4792 
4793  TcpSession ssn;
4795 
4796  //AppLayerDetectProtoThreadInit();
4797 
4798  memset(&f, 0, sizeof(f));
4799  memset(&ssn, 0, sizeof(ssn));
4800 
4801  FLOW_INITIALIZE(&f);
4802  f.protoctx = (void *)&ssn;
4803  f.proto = IPPROTO_TCP;
4804  f.alproto = ALPROTO_TLS;
4805 
4806  StreamTcpInitConfig(true);
4807 
4808  FLOWLOCK_WRLOCK(&f);
4809  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4810  STREAM_TOSERVER | STREAM_START, chello_buf,
4811  chello_buf_len);
4812  FLOWLOCK_UNLOCK(&f);
4813  FAIL_IF(r != 0);
4814 
4815  SSLState *app_state = f.alstate;
4816  FAIL_IF_NULL(app_state);
4817 
4819 
4820  FAIL_IF(app_state->client_connp.version != SSL_VERSION_2);
4821 
4822  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0);
4823  FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) == 0);
4824  FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) == 0);
4825 
4826  FLOWLOCK_WRLOCK(&f);
4828  shello_buf, shello_buf_len);
4829  FLOWLOCK_UNLOCK(&f);
4830  FAIL_IF(r != 0);
4831 
4833 
4834  FAIL_IF(app_state->server_connp.version != SSL_VERSION_3);
4835 
4836  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0);
4837  FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) == 0);
4838  FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) == 0);
4839  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0);
4840 
4841  FLOWLOCK_WRLOCK(&f);
4843  client_change_cipher_spec_buf,
4844  client_change_cipher_spec_buf_len);
4845  FLOWLOCK_UNLOCK(&f);
4846  FAIL_IF(r != 0);
4847 
4848  /* with multiple records the client content type hold the type from the last
4849  * record */
4851 
4852  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0);
4853  FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) == 0);
4854  FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) == 0);
4855  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0);
4856  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_KEYX) == 0);
4858  FAIL_IF((app_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) == 0);
4859 
4860  FLOWLOCK_WRLOCK(&f);
4862  server_change_cipher_spec_buf,
4863  server_change_cipher_spec_buf_len);
4864  FLOWLOCK_UNLOCK(&f);
4865  FAIL_IF(r != 0);
4866 
4867  /* with multiple records the serve content type hold the type from the last
4868  * record */
4870 
4871  FAIL_IF(app_state->server_connp.version != SSL_VERSION_3);
4872 
4873  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0);
4874  FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) == 0);
4875  FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) == 0);
4876  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0);
4877  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_KEYX) == 0);
4880  FAIL_IF((app_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) == 0);
4881 
4882  FLOWLOCK_WRLOCK(&f);
4884  toserver_app_data_buf, toserver_app_data_buf_len);
4885  FLOWLOCK_UNLOCK(&f);
4886  FAIL_IF(r != 0);
4887 
4889 
4890  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0);
4891  FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) == 0);
4892  FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) == 0);
4893  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0);
4894  FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_KEYX) == 0);
4897  FAIL_IF((app_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) == 0);
4898 
4900 
4901  if (alp_tctx != NULL)
4903  StreamTcpFreeConfig(true);
4904  FLOW_DESTROY(&f);
4905 
4906  PASS;
4907 }
4908 
4909 /**
4910  * \test Tests the parser for handling fragmented records.
4911  */
4912 static int SSLParserTest24(void)
4913 {
4914  Flow f;
4915  uint8_t buf1[] = {
4916  0x16, 0x03, 0x00, 0x00, 0x6f, 0x01, 0x00, 0x00,
4917  0x6b, 0x03,
4918  };
4919  uint32_t buf1_len = sizeof(buf1);
4920 
4921  uint8_t buf2[] = {
4922  0x00, 0x4b, 0x2f, 0xdc,
4923  0x4e, 0xe6, 0x95, 0xf1, 0xa0, 0xc7, 0xcf, 0x8e,
4924  0xf6, 0xeb, 0x22, 0x6d, 0xce, 0x9c, 0x44, 0xfb,
4925  0xc8, 0xa0, 0x44, 0x31, 0x15, 0x4c, 0xe9, 0x97,
4926  0xa7, 0xa1, 0xfe, 0xea, 0xcc, 0x20, 0x4b, 0x5d,
4927  0xfb, 0xa5, 0x63, 0x7a, 0x73, 0x95, 0xf7, 0xff,
4928  0x42, 0xac, 0x8f, 0x46, 0xed, 0xe4, 0xb1, 0x35,
4929  0x35, 0x78, 0x1a, 0x9d, 0xaf, 0x10, 0xc5, 0x52,
4930  0xf3, 0x7b, 0xfb, 0xb5, 0xe9, 0xa8, 0x00, 0x24,
4931  0x00, 0x88, 0x00, 0x87, 0x00, 0x39, 0x00, 0x38,
4932  0x00, 0x84, 0x00, 0x35, 0x00, 0x45, 0x00, 0x44,
4933  0x00, 0x33, 0x00, 0x32, 0x00, 0x96, 0x00, 0x41,
4934  0x00, 0x2f, 0x00, 0x16, 0x00, 0x13, 0xfe, 0xff,
4935  0x00, 0x0a, 0x00, 0x02, 0x01, 0x00
4936  };
4937  uint32_t buf2_len = sizeof(buf2);
4938  TcpSession ssn;
4940 
4941  memset(&f, 0, sizeof(f));
4942  memset(&ssn, 0, sizeof(ssn));
4943  FLOW_INITIALIZE(&f);
4944  f.protoctx = (void *)&ssn;
4945  f.proto = IPPROTO_TCP;
4946  f.alproto = ALPROTO_TLS;
4947 
4948  StreamTcpInitConfig(true);
4949 
4950  FLOWLOCK_WRLOCK(&f);
4951  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
4952  STREAM_TOSERVER, buf1, buf1_len);
4953  FLOWLOCK_UNLOCK(&f);
4954  FAIL_IF(r != 0);
4955 
4956  FLOWLOCK_WRLOCK(&f);
4958  buf2, buf2_len);
4959  FLOWLOCK_UNLOCK(&f);
4960  FAIL_IF(r != 0);
4961 
4962  SSLState *ssl_state = f.alstate;
4963  FAIL_IF_NULL(ssl_state);
4964 
4965  FAIL_IF(ssl_state->client_connp.content_type != 0x16);
4966 
4967  FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3);
4968 
4970  StreamTcpFreeConfig(true);
4971  FLOW_DESTROY(&f);
4972 
4973  PASS;
4974 }
4975 
4976 /**
4977  * \test Test for bug #955 and CVE-2013-5919. The data is from the
4978  * pcap that was used to report this issue.
4979  */
4980 static int SSLParserTest25(void)
4981 {
4982  Flow f;
4983  uint8_t client_hello[] = {
4984  0x16, 0x03, 0x01, 0x00, 0xd3, 0x01, 0x00, 0x00,
4985  0xcf, 0x03, 0x01, 0x51, 0x60, 0xc2, 0x15, 0x36,
4986  0x73, 0xf5, 0xb8, 0x58, 0x55, 0x3b, 0x68, 0x12,
4987  0x7d, 0xe3, 0x28, 0xa3, 0xe1, 0x02, 0x79, 0x2d,
4988  0x12, 0xe1, 0xf4, 0x24, 0x12, 0xa2, 0x9e, 0xf1,
4989  0x08, 0x49, 0x68, 0x20, 0x0e, 0x96, 0x46, 0x3d,
4990  0x84, 0x5a, 0xc6, 0x55, 0xeb, 0x3b, 0x53, 0x77,
4991  0xf4, 0x8e, 0xf4, 0xd2, 0x8b, 0xec, 0xd6, 0x99,
4992  0x63, 0x64, 0x62, 0xf8, 0x3f, 0x3b, 0xd5, 0x35,
4993  0x45, 0x1b, 0x16, 0xac, 0x00, 0x46, 0x00, 0x04,
4994  0x00, 0x05, 0x00, 0x2f, 0x00, 0x35, 0xc0, 0x02,
4995  0xc0, 0x04, 0xc0, 0x05, 0xc0, 0x0c, 0xc0, 0x0e,
4996  0xc0, 0x0f, 0xc0, 0x07, 0xc0, 0x09, 0xc0, 0x0a,
4997  0xc0, 0x11, 0xc0, 0x13, 0xc0, 0x14, 0x00, 0x33,
4998  0x00, 0x39, 0x00, 0x32, 0x00, 0x38, 0x00, 0x0a,
4999  0xc0, 0x03, 0xc0, 0x0d, 0xc0, 0x08, 0xc0, 0x12,
5000  0x00, 0x16, 0x00, 0x13, 0x00, 0x09, 0x00, 0x15,
5001  0x00, 0x12, 0x00, 0x03, 0x00, 0x08, 0x00, 0x14,
5002  0x00, 0x11, 0x00, 0xff, 0x01, 0x00, 0x00, 0x40,
5003  0x00, 0x0b, 0x00, 0x04, 0x03, 0x00, 0x01, 0x02,
5004  0x00, 0x0a, 0x00, 0x34, 0x00, 0x32, 0x00, 0x0e,
5005  0x00, 0x0d, 0x00, 0x19, 0x00, 0x0b, 0x00, 0x0c,
5006  0x00, 0x18, 0x00, 0x09, 0x00, 0x0a, 0x00, 0x16,
5007  0x00, 0x17, 0x00, 0x08, 0x00, 0x06, 0x00, 0x07,
5008  0x00, 0x14, 0x00, 0x15, 0x00, 0x04, 0x00, 0x05,
5009  0x00, 0x12, 0x00, 0x13, 0x00, 0x01, 0x00, 0x02,
5010  0x00, 0x03, 0x00, 0x0f, 0x00, 0x10, 0x00, 0x11
5011  };
5012  uint32_t client_hello_len = sizeof(client_hello);
5013 
5014  uint8_t server_hello_certificate_done[] = {
5015  0x16, 0x03, 0x01, 0x00, 0x51, 0x02, 0x00, 0x00,
5016  0x4d, 0x03, 0x01, 0x51, 0x60, 0xc2, 0x17, 0xb7,
5017  0x81, 0xaa, 0x27, 0xa1, 0xd5, 0xfa, 0x14, 0xc1,
5018  0xe0, 0x05, 0xab, 0x75, 0xf2, 0x51, 0xe7, 0x6e,
5019  0xe6, 0xf9, 0xc4, 0x8f, 0x16, 0x08, 0x26, 0x6c,
5020  0x1b, 0x86, 0x90, 0x20, 0x0a, 0x38, 0x90, 0x2d,
5021  0x17, 0x7d, 0xb7, 0x6b, 0x6b, 0xe5, 0xeb, 0x61,
5022  0x90, 0x35, 0xf8, 0xcd, 0xb1, 0x2a, 0x69, 0x6e,
5023  0x0e, 0x3e, 0x5f, 0x90, 0xdc, 0x2f, 0x51, 0x45,
5024  0x68, 0x63, 0xe3, 0xb3, 0x00, 0x05, 0x00, 0x00,
5025  0x05, 0xff, 0x01, 0x00, 0x01, 0x00, 0x16, 0x03,
5026  0x01, 0x07, 0x60, 0x0b, 0x00, 0x07, 0x5c, 0x00,
5027  0x07, 0x59, 0x00, 0x03, 0xcc, 0x30, 0x82, 0x03,
5028  0xc8, 0x30, 0x82, 0x03, 0x31, 0xa0, 0x03, 0x02,
5029  0x01, 0x02, 0x02, 0x10, 0x01, 0x7f, 0x77, 0xde,
5030  0xb3, 0xbc, 0xbb, 0x23, 0x5d, 0x44, 0xcc, 0xc7,
5031  0xdb, 0xa6, 0x2e, 0x72, 0x30, 0x0d, 0x06, 0x09,
5032  0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
5033  0x05, 0x05, 0x00, 0x30, 0x81, 0xba, 0x31, 0x1f,
5034  0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13,
5035  0x16, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67,
5036  0x6e, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20,
5037  0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x31,
5038  0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0b,
5039  0x13, 0x0e, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69,
5040  0x67, 0x6e, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e,
5041  0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04,
5042  0x0b, 0x13, 0x2a, 0x56, 0x65, 0x72, 0x69, 0x53,
5043  0x69, 0x67, 0x6e, 0x20, 0x49, 0x6e, 0x74, 0x65,
5044  0x72, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x61,
5045  0x6c, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
5046  0x20, 0x43, 0x41, 0x20, 0x2d, 0x20, 0x43, 0x6c,
5047  0x61, 0x73, 0x73, 0x20, 0x33, 0x31, 0x49, 0x30,
5048  0x47, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x40,
5049  0x77, 0x77, 0x77, 0x2e, 0x76, 0x65, 0x72, 0x69,
5050  0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d,
5051  0x2f, 0x43, 0x50, 0x53, 0x20, 0x49, 0x6e, 0x63,
5052  0x6f, 0x72, 0x70, 0x2e, 0x62, 0x79, 0x20, 0x52,
5053  0x65, 0x66, 0x2e, 0x20, 0x4c, 0x49, 0x41, 0x42,
5054  0x49, 0x4c, 0x49, 0x54, 0x59, 0x20, 0x4c, 0x54,
5055  0x44, 0x2e, 0x28, 0x63, 0x29, 0x39, 0x37, 0x20,
5056  0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6e,
5057  0x30, 0x1e, 0x17, 0x0d, 0x31, 0x32, 0x30, 0x36,
5058  0x32, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
5059  0x5a, 0x17, 0x0d, 0x31, 0x33, 0x31, 0x32, 0x33,
5060  0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a,
5061  0x30, 0x68, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03,
5062  0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
5063  0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08,
5064  0x13, 0x0a, 0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f,
5065  0x72, 0x6e, 0x69, 0x61, 0x31, 0x12, 0x30, 0x10,
5066  0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x09, 0x50,
5067  0x61, 0x6c, 0x6f, 0x20, 0x41, 0x6c, 0x74, 0x6f,
5068  0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04,
5069  0x0a, 0x13, 0x0e, 0x46, 0x61, 0x63, 0x65, 0x62,
5070  0x6f, 0x6f, 0x6b, 0x2c, 0x20, 0x49, 0x6e, 0x63,
5071  0x2e, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55,
5072  0x04, 0x02, 0x14, 0x0e, 0x2a, 0x2e, 0x66, 0x61,
5073  0x63, 0x65, 0x62, 0x6f, 0x6f, 0x6b, 0x2e, 0x63,
5074  0x6f, 0x6d, 0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06,
5075  0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
5076  0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00,
5077  0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xae,
5078  0x94, 0xb1, 0x71, 0xe2, 0xde, 0xcc, 0xc1, 0x69,
5079  0x3e, 0x05, 0x10, 0x63, 0x24, 0x01, 0x02, 0xe0,
5080  0x68, 0x9a, 0xe8, 0x3c, 0x39, 0xb6, 0xb3, 0xe7,
5081  0x4b, 0x97, 0xd4, 0x8d, 0x7b, 0x23, 0x68, 0x91,
5082  0x00, 0xb0, 0xb4, 0x96, 0xee, 0x62, 0xf0, 0xe6,
5083  0xd3, 0x56, 0xbc, 0xf4, 0xaa, 0x0f, 0x50, 0x64,
5084  0x34, 0x02, 0xf5, 0xd1, 0x76, 0x6a, 0xa9, 0x72,
5085  0x83, 0x5a, 0x75, 0x64, 0x72, 0x3f, 0x39, 0xbb,
5086  0xef, 0x52, 0x90, 0xde, 0xd9, 0xbc, 0xdb, 0xf9,
5087  0xd3, 0xd5, 0x5d, 0xfa, 0xd2, 0x3a, 0xa0, 0x3d,
5088  0xc6, 0x04, 0xc5, 0x4d, 0x29, 0xcf, 0x1d, 0x4b,
5089  0x3b, 0xdb, 0xd1, 0xa8, 0x09, 0xcf, 0xae, 0x47,
5090  0xb4, 0x4c, 0x7e, 0xae, 0x17, 0xc5, 0x10, 0x9b,
5091  0xee, 0x24, 0xa9, 0xcf, 0x4a, 0x8d, 0x91, 0x1b,
5092  0xb0, 0xfd, 0x04, 0x15, 0xae, 0x4c, 0x3f, 0x43,
5093  0x0a, 0xa1, 0x2a, 0x55, 0x7e, 0x2a, 0xe1, 0x02,
5094  0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, 0x01, 0x1e,
5095  0x30, 0x82, 0x01, 0x1a, 0x30, 0x09, 0x06, 0x03,
5096  0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30,
5097  0x44, 0x06, 0x03, 0x55, 0x1d, 0x20, 0x04, 0x3d,
5098  0x30, 0x3b, 0x30, 0x39, 0x06, 0x0b, 0x60, 0x86,
5099  0x48, 0x01, 0x86, 0xf8, 0x45, 0x01, 0x07, 0x17,
5100  0x03, 0x30, 0x2a, 0x30, 0x28, 0x06, 0x08, 0x2b,
5101  0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x01, 0x16,
5102  0x1c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f,
5103  0x2f, 0x77, 0x77, 0x77, 0x2e, 0x76, 0x65, 0x72,
5104  0x69, 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f,
5105  0x6d, 0x2f, 0x72, 0x70, 0x61, 0x30, 0x3c, 0x06,
5106  0x03, 0x55, 0x1d, 0x1f, 0x04, 0x35, 0x30, 0x33,
5107  0x30, 0x31, 0xa0, 0x2f, 0xa0, 0x2d, 0x86, 0x2b,
5108  0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x53,
5109  0x56, 0x52, 0x49, 0x6e, 0x74, 0x6c, 0x2d, 0x63,
5110  0x72, 0x6c, 0x2e, 0x76, 0x65, 0x72, 0x69, 0x73,
5111  0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
5112  0x53, 0x56, 0x52, 0x49, 0x6e, 0x74, 0x6c, 0x2e,
5113  0x63, 0x72, 0x6c, 0x30, 0x1d, 0x06, 0x03, 0x55,
5114  0x1d, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08,
5115  0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01,
5116  0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
5117  0x03, 0x02, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d,
5118  0x0f, 0x04, 0x04, 0x03, 0x02, 0x05, 0xa0, 0x30,
5119  0x34, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
5120  0x07, 0x01, 0x01, 0x04, 0x28, 0x30, 0x26, 0x30,
5121  0x24, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05,
5122  0x07, 0x30, 0x01, 0x86, 0x18, 0x68, 0x74, 0x74,
5123  0x70, 0x3a, 0x2f, 0x2f, 0x6f, 0x63, 0x73, 0x70,
5124  0x2e, 0x76, 0x65, 0x72, 0x69, 0x73, 0x69, 0x67,
5125  0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x27, 0x06,
5126  0x03, 0x55, 0x1d, 0x11, 0x04, 0x20, 0x30, 0x1e,
5127  0x82, 0x0e, 0x2a, 0x2e, 0x66, 0x61, 0x63, 0x65,
5128  0x62, 0x6f, 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d,
5129  0x82, 0x0c, 0x66, 0x61, 0x63, 0x65, 0x62, 0x6f,
5130  0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x0d,
5131  0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
5132  0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x81, 0x81,
5133  0x00, 0x5b, 0x6c, 0x2b, 0x75, 0xf8, 0xed, 0x30,
5134  0xaa, 0x51, 0xaa, 0xd3, 0x6a, 0xba, 0x59, 0x5e,
5135  0x55, 0x51, 0x41, 0x95, 0x1f, 0x81, 0xa5, 0x3b,
5136  0x44, 0x79, 0x10, 0xac, 0x1f, 0x76, 0xff, 0x78,
5137  0xfc, 0x27, 0x81, 0x61, 0x6b, 0x58, 0xf3, 0x12,
5138  0x2a, 0xfc, 0x1c, 0x87, 0x01, 0x04, 0x25, 0xe9,
5139  0xed, 0x43, 0xdf, 0x1a, 0x7b, 0xa6, 0x49, 0x80,
5140  0x60, 0x67, 0xe2, 0x68, 0x8a, 0xf0, 0x3d, 0xb5,
5141  0x8c, 0x7d, 0xf4, 0xee, 0x03, 0x30, 0x9a, 0x6a,
5142  0xfc, 0x24, 0x7c, 0xcb, 0x13, 0x4d, 0xc3, 0x3e,
5143  0x54, 0xc6, 0xbc, 0x1d, 0x51, 0x33, 0xa5, 0x32,
5144  0xa7, 0x32, 0x73, 0xb1, 0xd7, 0x9c, 0xad, 0xc0,
5145  0x8e, 0x7e, 0x1a, 0x83, 0x11, 0x6d, 0x34, 0x52,
5146  0x33, 0x40, 0xb0, 0x30, 0x54, 0x27, 0xa2, 0x17,
5147  0x42, 0x82, 0x7c, 0x98, 0x91, 0x66, 0x98, 0xee,
5148  0x7e, 0xaf, 0x8c, 0x3b, 0xdd, 0x71, 0x70, 0x08,
5149  0x17, 0x00, 0x03, 0x87, 0x30, 0x82, 0x03, 0x83,
5150  0x30, 0x82, 0x02, 0xec, 0xa0, 0x03, 0x02, 0x01,
5151  0x02, 0x02, 0x10, 0x46, 0xfc, 0xeb, 0xba, 0xb4,
5152  0xd0, 0x2f, 0x0f, 0x92, 0x60, 0x98, 0x23, 0x3f,
5153  0x93, 0x07, 0x8f, 0x30, 0x0d, 0x06, 0x09, 0x2a,
5154  0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
5155  0x05, 0x00, 0x30, 0x5f, 0x31, 0x0b, 0x30, 0x09,
5156  0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
5157  0x53, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55,
5158  0x04, 0x0a, 0x13, 0x0e, 0x56, 0x65, 0x72, 0x69,
5159  0x53, 0x69, 0x67, 0x6e, 0x2c, 0x20, 0x49, 0x6e,
5160  0x63, 0x2e, 0x31, 0x37, 0x30, 0x35, 0x06, 0x03,
5161  0x55, 0x04, 0x0b, 0x13, 0x2e, 0x43, 0x6c, 0x61,
5162  0x73, 0x73, 0x20, 0x33, 0x20, 0x50, 0x75, 0x62,
5163  0x6c, 0x69, 0x63, 0x20, 0x50, 0x72, 0x69, 0x6d,
5164  0x61, 0x72, 0x79, 0x20, 0x43, 0x65, 0x72, 0x74,
5165  0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
5166  0x6e, 0x20, 0x41, 0x75, 0x64, 0x68, 0x6f, 0x72,
5167  0x69, 0x74, 0x79, 0x30, 0x1e, 0x17, 0x0d, 0x39,
5168  0x37, 0x30, 0x34, 0x31, 0x37, 0x30, 0x30, 0x30,
5169  0x30, 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x31, 0x36,
5170  0x31, 0x30, 0x32, 0x34, 0x32, 0x33, 0x35, 0x39,
5171  0x35, 0x39, 0x5a, 0x30, 0x81, 0xba, 0x31, 0x1f,
5172  0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13,
5173  0x16, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67,
5174  0x6e, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20,
5175  0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x31,
5176  0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0b,
5177  0x13, 0x0e, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69,
5178  0x67, 0x6e, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e,
5179  0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04,
5180  0x0b, 0x13, 0x2a, 0x56, 0x65, 0x72, 0x69, 0x53,
5181  0x69, 0x67, 0x6e, 0x20, 0x49, 0x6e, 0x74, 0x65,
5182  0x72, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x61,
5183  0x6c, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72,
5184  0x20, 0x43, 0x41, 0x20, 0x2d, 0x20, 0x43, 0x6c,
5185  0x61, 0x73, 0x73, 0x20, 0x33, 0x31, 0x49, 0x30,
5186  0x47, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x40,
5187  0x77, 0x77, 0x77, 0x2e, 0x76, 0x65, 0x72, 0x69,
5188  0x73, 0x69,
5189  0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43,
5190  0x50, 0x53, 0x20, 0x49, 0x6e, 0x63, 0x6f, 0x72,
5191  0x70, 0x2e, 0x62, 0x79, 0x20, 0x52, 0x65, 0x66,
5192  0x2e, 0x20, 0x4c, 0x49, 0x41, 0x42, 0x49, 0x4c,
5193  0x49, 0x54, 0x59, 0x20, 0x4c, 0x54, 0x44, 0x2e,
5194  0x28, 0x63, 0x29, 0x39, 0x37, 0x20, 0x56, 0x65,
5195  0x72, 0x69, 0x53, 0x69, 0x67, 0x6e, 0x30, 0x81,
5196  0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48,
5197  0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,
5198  0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02,
5199  0x81, 0x81, 0x00, 0xd8, 0x82, 0x80, 0xe8, 0xd6,
5200  0x19, 0x02, 0x7d, 0x1f, 0x85, 0x18, 0x39, 0x25,
5201  0xa2, 0x65, 0x2b, 0xe1, 0xbf, 0xd4, 0x05, 0xd3,
5202  0xbc, 0xe6, 0x36, 0x3b, 0xaa, 0xf0, 0x4c, 0x6c,
5203  0x5b, 0xb6, 0xe7, 0xaa, 0x3c, 0x73, 0x45, 0x55,
5204  0xb2, 0xf1, 0xbd, 0xea, 0x97, 0x42, 0xed, 0x9a,
5205  0x34, 0x0a, 0x15, 0xd4, 0xa9, 0x5c, 0xf5, 0x40,
5206  0x25, 0xdd, 0xd9, 0x07, 0xc1, 0x32, 0xb2, 0x75,
5207  0x6c, 0xc4, 0xca, 0xbb, 0xa3, 0xfe, 0x56, 0x27,
5208  0x71, 0x43, 0xaa, 0x63, 0xf5, 0x30, 0x3e, 0x93,
5209  0x28, 0xe5, 0xfa, 0xf1, 0x09, 0x3b, 0xf3, 0xb7,
5210  0x4d, 0x4e, 0x39, 0xf7, 0x5c, 0x49, 0x5a, 0xb8,
5211  0xc1, 0x1d, 0xd3, 0xb2, 0x8a, 0xfe, 0x70, 0x30,
5212  0x95, 0x42, 0xcb, 0xfe, 0x2b, 0x51, 0x8b, 0x5a,
5213  0x3c, 0x3a, 0xf9, 0x22, 0x4f, 0x90, 0xb2, 0x02,
5214  0xa7, 0x53, 0x9c, 0x4f, 0x34, 0xe7, 0xab, 0x04,
5215  0xb2, 0x7b, 0x6f, 0x02, 0x03, 0x01, 0x00, 0x01,
5216  0xa3, 0x81, 0xe3, 0x30, 0x81, 0xe0, 0x30, 0x0f,
5217  0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x08, 0x30,
5218  0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x00, 0x30,
5219  0x44, 0x06, 0x03, 0x55, 0x1d, 0x20, 0x04, 0x3d,
5220  0x30, 0x3b, 0x30, 0x39, 0x06, 0x0b, 0x60, 0x86,
5221  0x48, 0x01, 0x86, 0xf8, 0x45, 0x01, 0x07, 0x01,
5222  0x01, 0x30, 0x2a, 0x30, 0x28, 0x06, 0x08, 0x2b,
5223  0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01, 0x16,
5224  0x1c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f,
5225  0x2f, 0x77, 0x77, 0x77, 0x2e, 0x76, 0x65, 0x72,
5226  0x69, 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f,
5227  0x6d, 0x2f, 0x43, 0x50, 0x53, 0x30, 0x34, 0x06,
5228  0x03, 0x55, 0x1d, 0x25, 0x04, 0x2d, 0x30, 0x2b,
5229  0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
5230  0x03, 0x01, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05,
5231  0x05, 0x07, 0x03, 0x02, 0x06, 0x09, 0x60, 0x86,
5232  0x48, 0x01, 0x86, 0xf8, 0x42, 0x04, 0x01, 0x06,
5233  0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x45,
5234  0x01, 0x08, 0x01, 0x30, 0x0b, 0x06, 0x03, 0x55,
5235  0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x01, 0x06,
5236  0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
5237  0x86, 0xf8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03,
5238  0x02, 0x01, 0x06, 0x30, 0x31, 0x06, 0x03, 0x55,
5239  0x1d, 0x1f, 0x04, 0x2a, 0x30, 0x28, 0x30, 0x26,
5240  0xa0, 0x24, 0xa0, 0x22, 0x86, 0x20, 0x68, 0x74,
5241  0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x63, 0x72, 0x6c,
5242  0x2e, 0x76, 0x65, 0x72, 0x69, 0x73, 0x69, 0x67,
5243  0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x63,
5244  0x61, 0x33, 0x2e, 0x63, 0x72, 0x6c, 0x30, 0x0d,
5245  0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
5246  0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x81, 0x81,
5247  0x00, 0x40, 0x8e, 0x49, 0x97, 0x96, 0x8a, 0x73,
5248  0xdd, 0x8e, 0x4d, 0xef, 0x3e, 0x61, 0xb7, 0xca,
5249  0xa0, 0x62, 0xad, 0xf4, 0x0e, 0x0a, 0xbb, 0x75,
5250  0x3d, 0xe2, 0x6e, 0xd8, 0x2c, 0xc7, 0xbf, 0xf4,
5251  0xb9, 0x8c, 0x36, 0x9b, 0xca, 0xa2, 0xd0, 0x9c,
5252  0x72, 0x46, 0x39, 0xf6, 0xa6, 0x82, 0x03, 0x65,
5253  0x11, 0xc4, 0xbc, 0xbf, 0x2d, 0xa6, 0xf5, 0xd9,
5254  0x3b, 0x0a, 0xb5, 0x98, 0xfa, 0xb3, 0x78, 0xb9,
5255  0x1e, 0xf2, 0x2b, 0x4c, 0x62, 0xd5, 0xfd, 0xb2,
5256  0x7a, 0x1d, 0xdf, 0x33, 0xfd, 0x73, 0xf9, 0xa5,
5257  0xd8, 0x2d, 0x8c, 0x2a, 0xea, 0xd1, 0xfc, 0xb0,
5258  0x28, 0xb6, 0xe9, 0x49, 0x48, 0x13, 0x4b, 0x83,
5259  0x8a, 0x1b, 0x48, 0x7b, 0x24, 0xf7, 0x38, 0xde,
5260  0x6f, 0x41, 0x54, 0xb8, 0xab, 0x57, 0x6b, 0x06,
5261  0xdf, 0xc7, 0xa2, 0xd4, 0xa9, 0xf6, 0xf1, 0x36,
5262  0x62, 0x80, 0x88, 0xf2, 0x8b, 0x75, 0xd6, 0x80,
5263  0x75, 0x16, 0x03, 0x01, 0x00, 0x04, 0x0e, 0x00,
5264  0x00, 0x00
5265  };
5266  uint32_t server_hello_certificate_done_len = sizeof(server_hello_certificate_done);
5267 
5268  uint8_t client_key_exchange_cipher_enc_hs[] = {
5269  0x16, 0x03, 0x01, 0x00, 0x86, 0x10, 0x00, 0x00,
5270  0x80, 0x00, 0x80, 0x14, 0x2b, 0x2f, 0x9f, 0x02,
5271  0x1d, 0x4e, 0x0d, 0xa7, 0x41, 0x0f, 0x99, 0xc5,
5272  0xe9, 0x49, 0x22, 0x14, 0xa0, 0x42, 0x7b, 0xb4,
5273  0x6d, 0x4f, 0x82, 0x3c, 0x3a, 0x6e, 0xed, 0xd5,
5274  0x6e, 0x72, 0x71, 0xae, 0x00, 0x4a, 0x9a, 0xc9,
5275  0x0e, 0x2d, 0x08, 0xa2, 0xd3, 0x3a, 0xb0, 0xb2,
5276  0x1a, 0x56, 0x01, 0x7c, 0x9a, 0xfa, 0xfb, 0x1a,
5277  0xd7, 0x7e, 0x20, 0x68, 0x51, 0xd0, 0xfe, 0xd9,
5278  0xdc, 0xa7, 0x0b, 0xeb, 0x1a, 0xb6, 0xd3, 0xc7,
5279  0x17, 0x1f, 0xf3, 0x6e, 0x91, 0xdd, 0x06, 0x0d,
5280  0x48, 0xde, 0xcd, 0x0c, 0x36, 0x8c, 0x83, 0x29,
5281  0x9a, 0x40, 0x03, 0xcd, 0xf3, 0x1b, 0xdb, 0xd8,
5282  0x44, 0x6b, 0x75, 0xf3, 0x5a, 0x9f, 0x26, 0x1a,
5283  0xc4, 0x16, 0x35, 0x8f, 0xc1, 0x15, 0x19, 0xa9,
5284  0xdf, 0x07, 0xa9, 0xe5, 0x56, 0x45, 0x6d, 0xca,
5285  0x20, 0x3c, 0xcf, 0x8e, 0xbe, 0x44, 0x68, 0x73,
5286  0xc8, 0x0b, 0xc7, 0x14, 0x03, 0x01, 0x00, 0x01,
5287  0x01, 0x16, 0x03, 0x01, 0x00, 0x24, 0xf9, 0x7e,
5288  0x28, 0x77, 0xa9, 0x9a, 0x08, 0x0c, 0x2e, 0xa9,
5289  0x09, 0x15, 0x27, 0xcd, 0x93, 0x5f, 0xc0, 0x32,
5290  0x0a, 0x8d, 0x62, 0xd3, 0x54, 0x79, 0x6b, 0x51,
5291  0xd7, 0xba, 0x02, 0xd6, 0xdb, 0x66, 0xe8, 0x97,
5292  0x5d, 0x7a
5293  };
5294  uint32_t client_key_exchange_cipher_enc_hs_len = sizeof(client_key_exchange_cipher_enc_hs);
5295 
5296  TcpSession ssn;
5298 
5299  memset(&f, 0, sizeof(f));
5300  memset(&ssn, 0, sizeof(ssn));
5301  FLOW_INITIALIZE(&f);
5302  f.protoctx = (void *)&ssn;
5303  f.proto = IPPROTO_TCP;
5304  f.alproto = ALPROTO_TLS;
5305 
5306  StreamTcpInitConfig(true);
5307 
5308  FLOWLOCK_WRLOCK(&f);
5309  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
5310  STREAM_TOSERVER, client_hello,
5311  client_hello_len);
5312  FLOWLOCK_UNLOCK(&f);
5313  FAIL_IF(r != 0);
5314 
5315  SSLState *ssl_state = f.alstate;
5316  FAIL_IF_NULL(ssl_state);
5317 
5318  FAIL_IF(ssl_state->client_connp.bytes_processed != 0);
5319  FAIL_IF(ssl_state->client_connp.hs_bytes_processed != 0);
5320 
5321  FLOWLOCK_WRLOCK(&f);
5323  server_hello_certificate_done,
5324  server_hello_certificate_done_len);
5325  FLOWLOCK_UNLOCK(&f);
5326  FAIL_IF(r != 0);
5327 
5328  FAIL_IF(ssl_state->client_connp.bytes_processed != 0);
5329  FAIL_IF(ssl_state->client_connp.hs_bytes_processed != 0);
5330 
5331  FLOWLOCK_WRLOCK(&f);
5333  client_key_exchange_cipher_enc_hs,
5334  client_key_exchange_cipher_enc_hs_len);
5335  FLOWLOCK_UNLOCK(&f);
5336  FAIL_IF(r != 0);
5337 
5339  StreamTcpFreeConfig(true);
5340  FLOW_DESTROY(&f);
5341 
5342  PASS;
5343 }
5344 
5345 static int SSLParserTest26(void)
5346 {
5347  Flow f;
5348  uint8_t client_hello[] = {
5349  0x16, 0x03, 0x01, 0x02, 0x0e, 0x01, 0x00, 0x02,
5350  0x0a, 0x03, 0x03, 0x58, 0x36, 0x15, 0x03, 0x8e,
5351  0x07, 0xf9, 0xad, 0x2a, 0xb7, 0x56, 0xbf, 0xe2,
5352  0xa2, 0xf8, 0x21, 0xe0, 0xbb, 0x69, 0xc2, 0xd6,
5353  0x76, 0xe6, 0x77, 0xfe, 0x09, 0xff, 0x8e, 0xac,
5354  0x80, 0xb5, 0x27, 0x20, 0xb7, 0xbb, 0x90, 0x35,
5355  0x7a, 0xdd, 0xd9, 0x67, 0xdf, 0x79, 0xd6, 0x16,
5356  0x90, 0xf6, 0xd7, 0x5c, 0xd3, 0x07, 0x19, 0x20,
5357  0x01, 0x39, 0x76, 0x25, 0x12, 0x32, 0x71, 0xa1,
5358  0x84, 0x8d, 0x2d, 0xea, 0x00, 0x88, 0xc0, 0x30,
5359  0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14,
5360  0xc0, 0x0a, 0x00, 0xa3, 0x00, 0x9f, 0x00, 0x6b,
5361  0x00, 0x6a, 0x00, 0x39, 0x00, 0x38, 0x00, 0x88,
5362  0x00, 0x87, 0xc0, 0x32, 0xc0, 0x2e, 0xc0, 0x2a,
5363  0xc0, 0x26, 0xc0, 0x0f, 0xc0, 0x05, 0x00, 0x9d,
5364  0x00, 0x3d, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x12,
5365  0xc0, 0x08, 0x00, 0x16, 0x00, 0x13, 0xc0, 0x0d,
5366  0xc0, 0x03, 0x00, 0x0a, 0xc0, 0x2f, 0xc0, 0x2b,
5367  0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09,
5368  0x00, 0xa2, 0x00, 0x9e, 0x00, 0x67, 0x00, 0x40,
5369  0x00, 0x33, 0x00, 0x32, 0x00, 0x9a, 0x00, 0x99,
5370  0x00, 0x45, 0x00, 0x44, 0xc0, 0x31, 0xc0, 0x2d,
5371  0xc0, 0x29, 0xc0, 0x25, 0xc0, 0x0e, 0xc0, 0x04,
5372  0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0x96,
5373  0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0xc0, 0x0c,
5374  0xc0, 0x02, 0x00, 0x05, 0x00, 0x04, 0x00, 0x15,
5375  0x00, 0x12, 0x00, 0x09, 0x00, 0xff, 0x01, 0x00,
5376  0x01, 0x39, 0x00, 0x00, 0x00, 0x14, 0x00, 0x12,
5377  0x00, 0x00, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x79,
5378  0x6f, 0x75, 0x74, 0x75, 0x62, 0x65, 0x2e, 0x63,
5379  0x6f, 0x6d, 0x00, 0x0b, 0x00, 0x04, 0x03, 0x00,
5380  0x01, 0x02, 0x00, 0x0a, 0x00, 0x34, 0x00, 0x32,
5381  0x00, 0x0e, 0x00, 0x0d, 0x00, 0x19, 0x00, 0x0b,
5382  0x00, 0x0c, 0x00, 0x18, 0x00, 0x09, 0x00, 0x0a,
5383  0x00, 0x16, 0x00, 0x17, 0x00, 0x08, 0x00, 0x06,
5384  0x00, 0x07, 0x00, 0x14, 0x00, 0x15, 0x00, 0x04,
5385  0x00, 0x05, 0x00, 0x12, 0x00, 0x13, 0x00, 0x01,
5386  0x00, 0x02, 0x00, 0x03, 0x00, 0x0f, 0x00, 0x10,
5387  0x00, 0x11, 0x00, 0x23, 0x00, 0xb4, 0x05, 0x6c,
5388  0xfa, 0x27, 0x6f, 0x12, 0x2f, 0x2a, 0xe5, 0x56,
5389  0xcb, 0x42, 0x62, 0x44, 0xf2, 0xd7, 0xd1, 0x05,
5390  0x87, 0xd4, 0x52, 0x02, 0x10, 0x85, 0xa4, 0xa6,
5391  0x82, 0x6f, 0x6d, 0x7b, 0xaf, 0x11, 0xbe, 0x21,
5392  0x7e, 0x7c, 0x36, 0x03, 0x20, 0x29, 0xd8, 0xf9,
5393  0xe5, 0x2b, 0xe2, 0x26, 0xb2, 0x27, 0xc7, 0xb9,
5394  0xda, 0x59, 0xd7, 0xdc, 0xfd, 0x74, 0x74, 0x76,
5395  0xd0, 0x5e, 0xe4, 0xfe, 0x9d, 0xb7, 0x1b, 0x13,
5396  0x81, 0xce, 0x63, 0x75, 0x2b, 0x2f, 0x98, 0x3a,
5397  0x84, 0x46, 0xd3, 0x0c, 0xb3, 0x01, 0xdb, 0x62,
5398  0x51, 0x97, 0x92, 0x1c, 0xa5, 0x94, 0x60, 0xef,
5399  0xa6, 0xd8, 0xb2, 0x2f, 0x02, 0x42, 0x5c, 0xac,
5400  0xb4, 0xd9, 0x10, 0x2f, 0x7e, 0x89, 0xab, 0xa5,
5401  0xd7, 0x56, 0x6d, 0x03, 0xd2, 0x5f, 0x20, 0x2c,
5402  0xb6, 0x99, 0x2b, 0x66, 0xbd, 0xd4, 0xde, 0x53,
5403  0x76, 0x5c, 0x78, 0xf0, 0xe9, 0x6d, 0xa5, 0xc3,
5404  0x1a, 0x9e, 0x61, 0xb2, 0x45, 0xb0, 0xb3, 0x61,
5405  0xee, 0xa1, 0x07, 0xab, 0x2f, 0x84, 0xea, 0x43,
5406  0x76, 0x4b, 0x3d, 0xb0, 0xbe, 0xa4, 0xb4, 0x21,
5407  0xe1, 0xd3, 0xfd, 0x91, 0xe2, 0xe7, 0xf3, 0x38,
5408  0x9c, 0x56, 0x5f, 0xa1, 0xde, 0xa8, 0x2f, 0x0a,
5409  0x49, 0x6d, 0x44, 0x8e, 0xb7, 0xef, 0x4a, 0x6f,
5410  0x79, 0xb2, 0x00, 0x0d, 0x00, 0x20, 0x00, 0x1e,
5411  0x06, 0x01, 0x06, 0x02, 0x06, 0x03, 0x05, 0x01,
5412  0x05, 0x02, 0x05, 0x03, 0x04, 0x01, 0x04, 0x02,
5413  0x04, 0x03, 0x03, 0x01, 0x03, 0x02, 0x03, 0x03,
5414  0x02, 0x01, 0x02, 0x02, 0x02, 0x03, 0x00, 0x0f,
5415  0x00, 0x01, 0x01
5416  };
5417  uint32_t client_hello_len = sizeof(client_hello);
5418 
5419  uint8_t server_hello_change_cipher_spec[] = {
5420  0x16, 0x03, 0x03, 0x00, 0x57, 0x02, 0x00, 0x00,
5421  0x53, 0x03, 0x03, 0x58, 0x36, 0x15, 0x03, 0x9f,
5422  0x3b, 0xf3, 0x11, 0x96, 0x2b, 0xc3, 0xae, 0x91,
5423  0x8c, 0x5f, 0x8b, 0x3f, 0x90, 0xbd, 0xa9, 0x26,
5424  0x26, 0xb2, 0xfd, 0x12, 0xc5, 0xc5, 0x7b, 0xe4,
5425  0xd1, 0x3e, 0x81, 0x20, 0xb7, 0xbb, 0x90, 0x35,
5426  0x7a, 0xdd, 0xd9, 0x67, 0xdf, 0x79, 0xd6, 0x16,
5427  0x90, 0xf6, 0xd7, 0x5c, 0xd3, 0x07, 0x19, 0x20,
5428  0x01, 0x39, 0x76, 0x25, 0x12, 0x32, 0x71, 0xa1,
5429  0x84, 0x8d, 0x2d, 0xea, 0xc0, 0x2b, 0x00, 0x00,
5430  0x0b, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x0b,
5431  0x00, 0x02, 0x01, 0x00, 0x14, 0x03, 0x03, 0x00,
5432  0x01, 0x01, 0x16, 0x03, 0x03, 0x00, 0x28, 0x00,
5433  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06,
5434  0x66, 0xfe, 0x07, 0x08, 0x33, 0x4d, 0xc2, 0x83,
5435  0x8e, 0x05, 0x8b, 0xf8, 0xd1, 0xb1, 0xa7, 0x16,
5436  0x4b, 0x42, 0x5c, 0x3a, 0xa4, 0x31, 0x0f, 0xba,
5437  0x84, 0x06, 0xcb, 0x9d, 0xc6, 0xc4, 0x66
5438  };
5439  uint32_t server_hello_change_cipher_spec_len = sizeof(server_hello_change_cipher_spec);
5440 
5441  TcpSession ssn;
5443 
5444  memset(&f, 0, sizeof(f));
5445  memset(&ssn, 0, sizeof(ssn));
5446  FLOW_INITIALIZE(&f);
5447  f.protoctx = (void *)&ssn;
5448  f.proto = IPPROTO_TCP;
5449  f.alproto = ALPROTO_TLS;
5450 
5451  StreamTcpInitConfig(true);
5452 
5453  FLOWLOCK_WRLOCK(&f);
5454  int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
5455  STREAM_TOSERVER, client_hello,
5456  client_hello_len);
5457  FLOWLOCK_UNLOCK(&f);
5458  FAIL_IF(r != 0);
5459 
5460  SSLState *ssl_state = f.alstate;
5461  FAIL_IF_NULL(ssl_state);
5462 
5463  FAIL_IF((ssl_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0);
5464  FAIL_IF_NULL(ssl_state->client_connp.session_id);
5465 
5466  FLOWLOCK_WRLOCK(&f);
5468  server_hello_change_cipher_spec,
5469  server_hello_change_cipher_spec_len);
5470  FLOWLOCK_UNLOCK(&f);
5471  FAIL_IF(r != 0);
5472 
5474  FAIL_IF((ssl_state->flags & SSL_AL_FLAG_SESSION_RESUMED) == 0);
5475 
5477  StreamTcpFreeConfig(true);
5478  FLOW_DESTROY(&f);
5479 
5480  PASS;
5481 }
5482 
5483 #endif /* UNITTESTS */
5484 
5486 {
5487 #ifdef UNITTESTS
5488  UtRegisterTest("SSLParserTest01", SSLParserTest01);
5489  UtRegisterTest("SSLParserTest02", SSLParserTest02);
5490  UtRegisterTest("SSLParserTest03", SSLParserTest03);
5491  UtRegisterTest("SSLParserTest04", SSLParserTest04);
5492  /* Updated by Anoop Saldanha. Faulty tests. Disable it for now */
5493  //UtRegisterTest("SSLParserTest05", SSLParserTest05, 1);
5494  //UtRegisterTest("SSLParserTest06", SSLParserTest06, 1);
5495  UtRegisterTest("SSLParserTest07", SSLParserTest07);
5496  //UtRegisterTest("SSLParserTest08", SSLParserTest08, 1);
5497  UtRegisterTest("SSLParserTest09", SSLParserTest09);
5498  UtRegisterTest("SSLParserTest10", SSLParserTest10);
5499  UtRegisterTest("SSLParserTest11", SSLParserTest11);
5500  UtRegisterTest("SSLParserTest12", SSLParserTest12);
5501  UtRegisterTest("SSLParserTest13", SSLParserTest13);
5502 
5503  UtRegisterTest("SSLParserTest14", SSLParserTest14);
5504  UtRegisterTest("SSLParserTest15", SSLParserTest15);
5505  UtRegisterTest("SSLParserTest16", SSLParserTest16);
5506  UtRegisterTest("SSLParserTest17", SSLParserTest17);
5507  UtRegisterTest("SSLParserTest18", SSLParserTest18);
5508  UtRegisterTest("SSLParserTest19", SSLParserTest19);
5509  UtRegisterTest("SSLParserTest20", SSLParserTest20);
5510  UtRegisterTest("SSLParserTest21", SSLParserTest21);
5511  UtRegisterTest("SSLParserTest22", SSLParserTest22);
5512  UtRegisterTest("SSLParserTest23", SSLParserTest23);
5513  UtRegisterTest("SSLParserTest24", SSLParserTest24);
5514  UtRegisterTest("SSLParserTest25", SSLParserTest25);
5515  UtRegisterTest("SSLParserTest26", SSLParserTest26);
5516 
5517  UtRegisterTest("SSLParserMultimsgTest01", SSLParserMultimsgTest01);
5518  UtRegisterTest("SSLParserMultimsgTest02", SSLParserMultimsgTest02);
5519 #endif /* UNITTESTS */
5520 
5521  return;
5522 }
SSLV3_CHANGE_CIPHER_SPEC
#define SSLV3_CHANGE_CIPHER_SPEC
Definition: app-layer-ssl.c:131
TLS_VERSION_10
@ TLS_VERSION_10
Definition: app-layer-ssl.h:147
TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH
@ TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH
Definition: app-layer-ssl.h:45
TLS_VERSION_13_DRAFT20
@ TLS_VERSION_13_DRAFT20
Definition: app-layer-ssl.h:159
SSLStateConnp_::cert0_not_before
time_t cert0_not_before
Definition: app-layer-ssl.h:205
util-byte.h
SSLStateConnp_::cert0_subject
char * cert0_subject
Definition: app-layer-ssl.h:202
AppLayerParserRegisterGetStateProgressFunc
void AppLayerParserRegisterGetStateProgressFunc(uint8_t ipproto, AppProto alproto, int(*StateGetProgress)(void *alstate, uint8_t direction))
Definition: app-layer-parser.c:474
TLS_DECODER_EVENT_CERTIFICATE_INVALID_SUBJECT
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_SUBJECT
Definition: app-layer-ssl.h:61
SSLState_
SSLv[2.0|3.[0|1|2|3]] state structure.
Definition: app-layer-ssl.h:233
SslConfig_::disable_ja3
bool disable_ja3
Definition: app-layer-ssl.c:125
SSL_EXTENSION_EC_POINT_FORMATS
#define SSL_EXTENSION_EC_POINT_FORMATS
Definition: app-layer-ssl.h:130
AppLayerProtoDetectPPParseConfPorts
int AppLayerProtoDetectPPParseConfPorts(const char *ipproto_name, uint8_t ipproto, const char *alproto_name, AppProto alproto, uint16_t min_depth, uint16_t max_depth, ProbingParserFPtr ProbingParserTs, ProbingParserFPtr ProbingParserTc)
Definition: app-layer-detect-proto.c:1711
len
uint8_t len
Definition: app-layer-dnp3.h:2
FAIL_IF_NULL
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
Definition: util-unittest.h:89
JA3Buffer_
Definition: util-ja3.h:29
SSLCertsChain_::cert_len
uint32_t cert_len
Definition: app-layer-ssl.h:174
TLS_STATE_CERT_READY
@ TLS_STATE_CERT_READY
Definition: app-layer-ssl.h:70
TLS_HB_RESPONSE
#define TLS_HB_RESPONSE
Definition: app-layer-ssl.c:171
SHA1_STRING_LENGTH
#define SHA1_STRING_LENGTH
Definition: app-layer-ssl.c:175
TAILQ_INIT
#define TAILQ_INIT(head)
Definition: queue.h:263
ERR_EXTRACT_ISSUER
@ ERR_EXTRACT_ISSUER
Definition: app-layer-ssl.c:107
TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET
@ TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET
Definition: app-layer-ssl.h:50
flow-util.h
SC_ATOMIC_INIT
#define SC_ATOMIC_INIT(name)
wrapper for initializing an atomic variable.
Definition: util-atomic.h:315
SSL_VERSION_3
@ SSL_VERSION_3
Definition: app-layer-ssl.h:146
TLS_VERSION_13_DRAFT21
@ TLS_VERSION_13_DRAFT21
Definition: app-layer-ssl.h:158
ValidateTrecBuffer
#define ValidateTrecBuffer(...)
Definition: app-layer-ssl.c:217
SSL_AL_FLAG_HANDSHAKE_DONE
#define SSL_AL_FLAG_HANDSHAKE_DONE
Definition: app-layer-ssl.h:105
DetectEngineState_
Definition: detect-engine-state.h:93
ConfNode_::val
char * val
Definition: conf.h:34
ConfGetBool
int ConfGetBool(const char *name, int *val)
Retrieve a configuration value as an boolen.
Definition: conf.c:516
stream-tcp.h
SSLV3_HS_FINISHED
#define SSLV3_HS_FINISHED
Definition: app-layer-ssl.c:148
unlikely
#define unlikely(expr)
Definition: util-optimize.h:35
SSL_EXTENSION_ELLIPTIC_CURVES
#define SSL_EXTENSION_ELLIPTIC_CURVES
Definition: app-layer-ssl.h:129
SC_ATOMIC_SET
#define SC_ATOMIC_SET(name, val)
Set the value for the atomic variable.
Definition: util-atomic.h:387
SSLStateConnp_::message_length
uint32_t message_length
Definition: app-layer-ssl.h:187
UtRegisterTest
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
Definition: util-unittest.c:103
SSLState_::client_connp
SSLStateConnp client_connp
Definition: app-layer-ssl.h:250
ALPROTO_TLS
@ ALPROTO_TLS
Definition: app-layer-protos.h:33
TLS_VERSION_13_DRAFT19
@ TLS_VERSION_13_DRAFT19
Definition: app-layer-ssl.h:160
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:298
SSL_AL_FLAG_EARLY_DATA
#define SSL_AL_FLAG_EARLY_DATA
Definition: app-layer-ssl.h:122
SSLStateConnp_::bytes_processed
uint32_t bytes_processed
Definition: app-layer-ssl.h:196
APP_LAYER_PARSER_BYPASS_READY
#define APP_LAYER_PARSER_BYPASS_READY
Definition: app-layer-parser.h:40
next
struct HtpBodyChunk_ * next
Definition: app-layer-htp.h:0
SSLState_::hb_record_len
uint16_t hb_record_len
Definition: app-layer-ssl.h:242
SSLV2_MT_SERVER_FINISHED
#define SSLV2_MT_SERVER_FINISHED
Definition: app-layer-ssl.c:159
SSLState_::server_connp
SSLStateConnp server_connp
Definition: app-layer-ssl.h:251
SSL_AL_FLAG_SESSION_RESUMED
#define SSL_AL_FLAG_SESSION_RESUMED
Definition: app-layer-ssl.h:111
Flow_::proto
uint8_t proto
Definition: flow.h:375
TLS_DECODER_EVENT_CERTIFICATE_INVALID_ALGORITHMIDENTIFIER
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_ALGORITHMIDENTIFIER
Definition: app-layer-ssl.h:56
AppProto
uint16_t AppProto
Definition: app-layer-protos.h:77
ValidateRecordState
#define ValidateRecordState(...)
Definition: app-layer-ssl.c:206
SSLStateConnp_
Definition: app-layer-ssl.h:179
AppLayerParserConfParserEnabled
int AppLayerParserConfParserEnabled(const char *ipproto, const char *alproto_name)
check if a parser is enabled in the config Returns enabled always if: were running unittests
Definition: app-layer-parser.c:300
AppLayerParserTriggerRawStreamReassembly
void AppLayerParserTriggerRawStreamReassembly(Flow *f, int direction)
Definition: app-layer-parser.c:1446
TLS_DECODER_EVENT_CERTIFICATE_INVALID_DER
@ TLS_DECODER_EVENT_CERTIFICATE_INVALID_DER
Definition: app-layer-ssl.h:60
TLS_DECODER_EVENT_INVALID_RECORD_TYPE
@ TLS_DECODER_EVENT_INVALID_RECORD_TYPE
Definition: app-layer-ssl.h:40
SSLStateConnp_::ja3_hash
char * ja3_hash
Definition: app-layer-ssl.h:219
SSL_CONFIG_DEFAULT_JA3
#define SSL_CONFIG_DEFAULT_JA3
Definition: app-layer-ssl.c:112
SSLStateConnp_::session_id_length
uint16_t session_id_length
Definition: app-layer-ssl.h:200
ConfGetNode
ConfNode * ConfGetNode(const char *name)
Get a ConfNode by name.
Definition: conf.c:175
threads.h
tls_decoder_event_table
SCEnumCharMap tls_decoder_event_table[]
Definition: app-layer-ssl.c:57
flow-private.h
Flow_
Flow data structure.
Definition: flow.h:353
SSL_EXTENSION_SUPPORTED_VERSIONS
#define SSL_EXTENSION_SUPPORTED_VERSIONS
Definition: app-layer-ssl.h:133
SSLState_::f
Flow * f
Definition: app-layer-ssl.h:234
SSL_AL_FLAG_STATE_SERVER_HELLO
#define SSL_AL_FLAG_STATE_SERVER_HELLO
Definition: app-layer-ssl.h:91
AppLayerEventType
enum AppLayerEventType_ AppLayerEventType
AppLayerParserRegisterGetEventsFunc
void AppLayerParserRegisterGetEventsFunc(uint8_t ipproto, AppProto alproto, AppLayerDecoderEvents *(*StateGetEvents)(void *))
Definition: app-layer-parser.c:435
TLS_DECODER_EVENT_INVALID_SSL_RECORD
@ TLS_DECODER_EVENT_INVALID_SSL_RECORD
Definition: app-layer-ssl.h:65
SSLV3_HS_SERVER_HELLO
#define SSLV3_HS_SERVER_HELLO
Definition: app-layer-ssl.c:140
AppLayerParserRegisterStateProgressCompletionStatus
void AppLayerParserRegisterStateProgressCompletionStatus(AppProto alproto, const int ts, const int tc)
Definition: app-layer-parser.c:526
AppLayerParserRegisterParserAcceptableDataDirection
void AppLayerParserRegisterParserAcceptableDataDirection(uint8_t ipproto, AppProto alproto, uint8_t direction)
Definition: app-layer-parser.c:370
TLS_DECODER_EVENT_INVALID_RECORD_VERSION
@ TLS_DECODER_EVENT_INVALID_RECORD_VERSION
Definition: app-layer-ssl.h:39
TLS_VERSION_11
@ TLS_VERSION_11
Definition: app-layer-ssl.h:148
SSLState_::tx_data
AppLayerTxData tx_data
Definition: app-layer-ssl.h:236
SSLParserHSReset
#define SSLParserHSReset(connp)
Definition: app-layer-ssl.c:220
SSLV3_HS_CERTIFICATE
#define SSLV3_HS_CERTIFICATE
Definition: app-layer-ssl.c:142
AppLayerParserRegisterTxFreeFunc
void AppLayerParserRegisterTxFreeFunc(uint8_t ipproto, AppProto alproto, void(*StateTransactionFree)(void *, uint64_t))
Definition: app-layer-parser.c:485
SSLV3_HEARTBEAT_PROTOCOL
#define SSLV3_HEARTBEAT_PROTOCOL
Definition: app-layer-ssl.c:135
SSLV2_MT_SERVER_HELLO
#define SSLV2_MT_SERVER_HELLO
Definition: app-layer-ssl.c:157
FLOW_NOPAYLOAD_INSPECTION
#define FLOW_NOPAYLOAD_INSPECTION
Definition: flow.h:65
ERR_INVALID_VERSION
@ ERR_INVALID_VERSION
Definition: app-layer-ssl.c:97
ERR_INVALID_DATE
@ ERR_INVALID_DATE
Definition: app-layer-ssl.c:101
SSLState_::curr_connp
SSLStateConnp * curr_connp
Definition: app-layer-ssl.h:248
Ja3BufferAddValue
int Ja3BufferAddValue(JA3Buffer **buffer, uint32_t value)
Add value to buffer.
Definition: util-ja3.c:170
AppLayerParserThreadCtxFree
void AppLayerParserThreadCtxFree(AppLayerParserThreadCtx *tctx)
Destroys the app layer parser thread context obtained using AppLayerParserThreadCtxAlloc().
Definition: app-layer-parser.c:277
SSLV3_HS_CERTIFICATE_URL
#define SSLV3_HS_CERTIFICATE_URL
Definition: app-layer-ssl.c:149
MIN
#define MIN(x, y)
Definition: suricata-common.h:368
AppLayerDecoderEventsFreeEvents
void AppLayerDecoderEventsFreeEvents(AppLayerDecoderEvents **events)
Definition: app-layer-events.c:148
util-ja3.h
stream-tcp-reassemble.h
AppLayerParserRegisterDetectStateFuncs
void AppLayerParserRegisterDetectStateFuncs(uint8_t ipproto, AppProto alproto, DetectEngineState *(*GetTxDetectState)(void *tx), int(*SetTxDetectState)(void *tx, DetectEngineState *))
Definition: app-layer-parser.c:565
TLS_DECODER_EVENT_INVALID_SNI_TYPE
@ TLS_DECODER_EVENT_INVALID_SNI_TYPE
Definition: app-layer-ssl.h:48
SSL_AL_FLAG_STATE_SERVER_KEYX
#define SSL_AL_FLAG_STATE_SERVER_KEYX
Definition: app-layer-ssl.h:93
TcpStream_::flags
uint16_t flags
Definition: stream-tcp-private.h:95
SSL_VERSION_2
@ SSL_VERSION_2
Definition: app-layer-ssl.h:145
TAILQ_INSERT_TAIL
#define TAILQ_INSERT_TAIL(head, elm, field)
Definition: queue.h:295
SSLStateConnp_::sni
char * sni
Definition: app-layer-ssl.h:210
TLS_DECODER_EVENT_INVALID_TLS_HEADER
@ TLS_DECODER_EVENT_INVALID_TLS_HEADER
Definition: app-layer-ssl.h:38
SSLV3_HS_CERTIFICATE_VERIFY
#define SSLV3_HS_CERTIFICATE_VERIFY
Definition: app-layer-ssl.c:146
TLS_DECODER_EVENT_INVALID_SNI_LENGTH
@ TLS_DECODER_EVENT_INVALID_SNI_LENGTH
Definition: app-layer-ssl.h:49
MAX
#define MAX(x, y)
Definition: suricata-common.h:372
APP_LAYER_PARSER_EOF_TS
#define APP_LAYER_PARSER_EOF_TS
Definition: app