Go to the source code of this file.
Data Structures | |
| struct | SSLCertsChain_ |
| struct | SSLAlpns_ |
| struct | SSLStateConnp_ |
| struct | SSLState_ |
| SSLv[2.0|3.[0|1|2|3]] state structure. More... | |
Typedefs | |
| typedef struct SSLCertsChain_ | SSLCertsChain |
| typedef struct SSLAlpns_ | SSLAlpns |
| typedef struct SSLStateConnp_ | SSLStateConnp |
| typedef struct SSLState_ | SSLState |
| SSLv[2.0|3.[0|1|2|3]] state structure. More... | |
Functions | |
| void | RegisterSSLParsers (void) |
| Function to register the SSL protocol parser and other functions. More... | |
| void | SSLVersionToString (uint16_t, char *) |
| void | SSLEnableJA3 (void) |
| if not explicitly disabled in config, enable ja3 support More... | |
| bool | SSLJA3IsEnabled (void) |
| return whether ja3 is effectively enabled More... | |
| void | SSLEnableJA4 (void) |
| if not explicitly disabled in config, enable ja4 support More... | |
| bool | SSLJA4IsEnabled (void) |
| return whether ja4 is effectively enabled More... | |
Detailed Description
Definition in file app-layer-ssl.h.
Macro Definition Documentation
◆ SSL_AL_FLAG_CH_VERSION_EXTENSION
| #define SSL_AL_FLAG_CH_VERSION_EXTENSION BIT_U32(21) |
Definition at line 120 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_CHANGE_CIPHER_SPEC
| #define SSL_AL_FLAG_CHANGE_CIPHER_SPEC BIT_U32(2) |
Definition at line 88 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC
| #define SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC BIT_U32(1) |
Definition at line 87 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_EARLY_DATA
| #define SSL_AL_FLAG_EARLY_DATA BIT_U32(23) |
Definition at line 128 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_HANDSHAKE_DONE
| #define SSL_AL_FLAG_HANDSHAKE_DONE BIT_U32(18) |
Definition at line 114 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_HB_CLIENT_INIT
| #define SSL_AL_FLAG_HB_CLIENT_INIT BIT_U32(16) |
Definition at line 110 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_HB_INFLIGHT
| #define SSL_AL_FLAG_HB_INFLIGHT BIT_U32(15) |
Definition at line 109 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_HB_SERVER_INIT
| #define SSL_AL_FLAG_HB_SERVER_INIT BIT_U32(17) |
Definition at line 111 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_LOG_WITHOUT_CERT
| #define SSL_AL_FLAG_LOG_WITHOUT_CERT BIT_U32(22) |
Definition at line 124 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_NEED_CLIENT_CERT
| #define SSL_AL_FLAG_NEED_CLIENT_CERT BIT_U32(26) |
Definition at line 136 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC
| #define SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC BIT_U32(0) |
Definition at line 85 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_SESSION_RESUMED
| #define SSL_AL_FLAG_SESSION_RESUMED BIT_U32(20) |
Definition at line 117 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_SSL_CLIENT_HS
| #define SSL_AL_FLAG_SSL_CLIENT_HS BIT_U32(3) |
Definition at line 91 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_SSL_CLIENT_MASTER_KEY
| #define SSL_AL_FLAG_SSL_CLIENT_MASTER_KEY BIT_U32(5) |
Definition at line 93 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED
| #define SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED BIT_U32(6) |
Definition at line 94 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_SSL_NO_SESSION_ID
| #define SSL_AL_FLAG_SSL_NO_SESSION_ID BIT_U32(8) |
Definition at line 96 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_SSL_SERVER_HS
| #define SSL_AL_FLAG_SSL_SERVER_HS BIT_U32(4) |
Definition at line 92 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_SSL_SERVER_SSN_ENCRYPTED
| #define SSL_AL_FLAG_SSL_SERVER_SSN_ENCRYPTED BIT_U32(7) |
Definition at line 95 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_STATE_CLIENT_HELLO
| #define SSL_AL_FLAG_STATE_CLIENT_HELLO BIT_U32(9) |
Definition at line 99 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_STATE_CLIENT_KEYX
| #define SSL_AL_FLAG_STATE_CLIENT_KEYX BIT_U32(11) |
Definition at line 101 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_STATE_FINISHED
| #define SSL_AL_FLAG_STATE_FINISHED BIT_U32(14) |
Definition at line 106 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_STATE_SERVER_HELLO
| #define SSL_AL_FLAG_STATE_SERVER_HELLO BIT_U32(10) |
Definition at line 100 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_STATE_SERVER_KEYX
| #define SSL_AL_FLAG_STATE_SERVER_KEYX BIT_U32(12) |
Definition at line 102 of file app-layer-ssl.h.
◆ SSL_AL_FLAG_STATE_UNKNOWN
| #define SSL_AL_FLAG_STATE_UNKNOWN BIT_U32(13) |
Definition at line 103 of file app-layer-ssl.h.
◆ SSL_EXTENSION_ALPN
| #define SSL_EXTENSION_ALPN 0x0010 |
Definition at line 146 of file app-layer-ssl.h.
◆ SSL_EXTENSION_EARLY_DATA
| #define SSL_EXTENSION_EARLY_DATA 0x002a |
Definition at line 148 of file app-layer-ssl.h.
◆ SSL_EXTENSION_EC_POINT_FORMATS
| #define SSL_EXTENSION_EC_POINT_FORMATS 0x000b |
Definition at line 144 of file app-layer-ssl.h.
◆ SSL_EXTENSION_ELLIPTIC_CURVES
| #define SSL_EXTENSION_ELLIPTIC_CURVES 0x000a |
Definition at line 143 of file app-layer-ssl.h.
◆ SSL_EXTENSION_SESSION_TICKET
| #define SSL_EXTENSION_SESSION_TICKET 0x0023 |
Definition at line 147 of file app-layer-ssl.h.
◆ SSL_EXTENSION_SIGNATURE_ALGORITHMS
| #define SSL_EXTENSION_SIGNATURE_ALGORITHMS 0x000d |
Definition at line 145 of file app-layer-ssl.h.
◆ SSL_EXTENSION_SNI
| #define SSL_EXTENSION_SNI 0x0000 |
Definition at line 142 of file app-layer-ssl.h.
◆ SSL_EXTENSION_SUPPORTED_VERSIONS
| #define SSL_EXTENSION_SUPPORTED_VERSIONS 0x002b |
Definition at line 149 of file app-layer-ssl.h.
◆ SSL_SNI_TYPE_HOST_NAME
| #define SSL_SNI_TYPE_HOST_NAME 0 |
Definition at line 152 of file app-layer-ssl.h.
◆ SSL_TLS_LOG_PEM
| #define SSL_TLS_LOG_PEM (1 << 0) |
Definition at line 139 of file app-layer-ssl.h.
◆ SSL_VERSION_MAX_STRLEN
| #define SSL_VERSION_MAX_STRLEN 20 |
Definition at line 155 of file app-layer-ssl.h.
◆ TLS_RANDOM_LEN
| #define TLS_RANDOM_LEN 32 |
Definition at line 158 of file app-layer-ssl.h.
◆ TLS_TC_RANDOM_SET
| #define TLS_TC_RANDOM_SET BIT_U32(25) |
Definition at line 134 of file app-layer-ssl.h.
◆ TLS_TS_RANDOM_SET
| #define TLS_TS_RANDOM_SET BIT_U32(24) |
Definition at line 131 of file app-layer-ssl.h.
Typedef Documentation
◆ SSLAlpns
◆ SSLCertsChain
| typedef struct SSLCertsChain_ SSLCertsChain |
◆ SSLState
SSLv[2.0|3.[0|1|2|3]] state structure.
Structure to store the SSL state values.
◆ SSLStateConnp
| typedef struct SSLStateConnp_ SSLStateConnp |
Enumeration Type Documentation
◆ anonymous enum
| anonymous enum |
Definition at line 42 of file app-layer-ssl.h.
◆ anonymous enum
| anonymous enum |
| Enumerator | |
|---|---|
| TLS_STATE_IN_PROGRESS | |
| TLS_STATE_CERT_READY | |
| TLS_HANDSHAKE_DONE | |
| TLS_STATE_FINISHED | |
Definition at line 76 of file app-layer-ssl.h.
◆ anonymous enum
| anonymous enum |
Definition at line 161 of file app-layer-ssl.h.
◆ TlsFrameTypes
| enum TlsFrameTypes |
| Enumerator | |
|---|---|
| TLS_FRAME_PDU | whole PDU, so header + data |
| TLS_FRAME_HDR | only header portion |
| TLS_FRAME_DATA | only data portion |
| TLS_FRAME_ALERT_DATA | |
| TLS_FRAME_HB_DATA | |
| TLS_FRAME_SSLV2_HDR | |
| TLS_FRAME_SSLV2_PDU | |
Definition at line 32 of file app-layer-ssl.h.
Function Documentation
◆ RegisterSSLParsers()
| void RegisterSSLParsers | ( | void | ) |
Function to register the SSL protocol parser and other functions.
SSLv2 and SSLv23
Definition at line 3207 of file app-layer-ssl.c.
References ALPROTO_TLS, AppLayerProtoDetectConfProtoDetectionEnabled(), AppLayerProtoDetectRegisterProtocol(), SC_ATOMIC_INIT, and ssl_config.
◆ SSLEnableJA3()
| void SSLEnableJA3 | ( | void | ) |
if not explicitly disabled in config, enable ja3 support
Implemented using atomic to allow rule reloads to do this at runtime.
Definition at line 3340 of file app-layer-ssl.c.
References SslConfig_::disable_ja3, g_disable_hashing, SC_ATOMIC_GET, SC_ATOMIC_SET, and ssl_config.
◆ SSLEnableJA4()
| void SSLEnableJA4 | ( | void | ) |
if not explicitly disabled in config, enable ja4 support
Implemented using atomic to allow rule reloads to do this at runtime.
Definition at line 3357 of file app-layer-ssl.c.
References SslConfig_::disable_ja4, g_disable_hashing, SC_ATOMIC_GET, SC_ATOMIC_SET, and ssl_config.
◆ SSLJA3IsEnabled()
| bool SSLJA3IsEnabled | ( | void | ) |
return whether ja3 is effectively enabled
This means that it either has been enabled explicitly or has been enabled by having loaded a rule while not being explicitly disabled.
- Return values
-
true if enabled, false otherwise
Definition at line 3376 of file app-layer-ssl.c.
References SC_ATOMIC_GET, and ssl_config.
◆ SSLJA4IsEnabled()
| bool SSLJA4IsEnabled | ( | void | ) |
return whether ja4 is effectively enabled
This means that it either has been enabled explicitly or has been enabled by having loaded a rule while not being explicitly disabled.
- Return values
-
true if enabled, false otherwise
Definition at line 3389 of file app-layer-ssl.c.
References SC_ATOMIC_GET, and ssl_config.
◆ SSLVersionToString()
| void SSLVersionToString | ( | uint16_t | , |
| char * | |||
| ) |
Definition at line 332 of file app-layer-ssl.c.
References SSL_VERSION_2, SSL_VERSION_3, strlcat(), TLS_VERSION_10, TLS_VERSION_11, TLS_VERSION_12, TLS_VERSION_13, TLS_VERSION_13_DRAFT16, TLS_VERSION_13_DRAFT17, TLS_VERSION_13_DRAFT18, TLS_VERSION_13_DRAFT19, TLS_VERSION_13_DRAFT20, TLS_VERSION_13_DRAFT20_FB, TLS_VERSION_13_DRAFT21, TLS_VERSION_13_DRAFT21_FB, TLS_VERSION_13_DRAFT22, TLS_VERSION_13_DRAFT22_FB, TLS_VERSION_13_DRAFT23, TLS_VERSION_13_DRAFT23_FB, TLS_VERSION_13_DRAFT24, TLS_VERSION_13_DRAFT25, TLS_VERSION_13_DRAFT26, TLS_VERSION_13_DRAFT26_FB, TLS_VERSION_13_DRAFT27, TLS_VERSION_13_DRAFT28, TLS_VERSION_13_PRE_DRAFT16, TLS_VERSION_UNKNOWN, and version.
