suricata
|
Go to the source code of this file.
Data Structures | |
struct | SSLCertsChain_ |
struct | SSLAlpns_ |
struct | SSLStateConnp_ |
struct | SSLState_ |
SSLv[2.0|3.[0|1|2|3]] state structure. More... | |
Typedefs | |
typedef struct SSLCertsChain_ | SSLCertsChain |
typedef struct SSLAlpns_ | SSLAlpns |
typedef struct SSLStateConnp_ | SSLStateConnp |
typedef struct SSLState_ | SSLState |
SSLv[2.0|3.[0|1|2|3]] state structure. More... | |
Functions | |
void | RegisterSSLParsers (void) |
Function to register the SSL protocol parser and other functions. More... | |
void | SSLVersionToString (uint16_t, char *) |
void | SSLEnableJA3 (void) |
if not explicitly disabled in config, enable ja3 support More... | |
bool | SSLJA3IsEnabled (void) |
return whether ja3 is effectively enabled More... | |
void | SSLEnableJA4 (void) |
if not explicitly disabled in config, enable ja4 support More... | |
bool | SSLJA4IsEnabled (void) |
return whether ja4 is effectively enabled More... | |
Definition in file app-layer-ssl.h.
#define SSL_AL_FLAG_CH_VERSION_EXTENSION BIT_U32(21) |
Definition at line 120 of file app-layer-ssl.h.
#define SSL_AL_FLAG_CHANGE_CIPHER_SPEC BIT_U32(2) |
Definition at line 88 of file app-layer-ssl.h.
#define SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC BIT_U32(1) |
Definition at line 87 of file app-layer-ssl.h.
#define SSL_AL_FLAG_EARLY_DATA BIT_U32(23) |
Definition at line 128 of file app-layer-ssl.h.
#define SSL_AL_FLAG_HANDSHAKE_DONE BIT_U32(18) |
Definition at line 114 of file app-layer-ssl.h.
#define SSL_AL_FLAG_HB_CLIENT_INIT BIT_U32(16) |
Definition at line 110 of file app-layer-ssl.h.
#define SSL_AL_FLAG_HB_INFLIGHT BIT_U32(15) |
Definition at line 109 of file app-layer-ssl.h.
#define SSL_AL_FLAG_HB_SERVER_INIT BIT_U32(17) |
Definition at line 111 of file app-layer-ssl.h.
#define SSL_AL_FLAG_LOG_WITHOUT_CERT BIT_U32(22) |
Definition at line 124 of file app-layer-ssl.h.
#define SSL_AL_FLAG_NEED_CLIENT_CERT BIT_U32(26) |
Definition at line 136 of file app-layer-ssl.h.
#define SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC BIT_U32(0) |
Definition at line 85 of file app-layer-ssl.h.
#define SSL_AL_FLAG_SESSION_RESUMED BIT_U32(20) |
Definition at line 117 of file app-layer-ssl.h.
#define SSL_AL_FLAG_SSL_CLIENT_HS BIT_U32(3) |
Definition at line 91 of file app-layer-ssl.h.
#define SSL_AL_FLAG_SSL_CLIENT_MASTER_KEY BIT_U32(5) |
Definition at line 93 of file app-layer-ssl.h.
#define SSL_AL_FLAG_SSL_CLIENT_SSN_ENCRYPTED BIT_U32(6) |
Definition at line 94 of file app-layer-ssl.h.
#define SSL_AL_FLAG_SSL_NO_SESSION_ID BIT_U32(8) |
Definition at line 96 of file app-layer-ssl.h.
#define SSL_AL_FLAG_SSL_SERVER_HS BIT_U32(4) |
Definition at line 92 of file app-layer-ssl.h.
#define SSL_AL_FLAG_SSL_SERVER_SSN_ENCRYPTED BIT_U32(7) |
Definition at line 95 of file app-layer-ssl.h.
#define SSL_AL_FLAG_STATE_CLIENT_HELLO BIT_U32(9) |
Definition at line 99 of file app-layer-ssl.h.
#define SSL_AL_FLAG_STATE_CLIENT_KEYX BIT_U32(11) |
Definition at line 101 of file app-layer-ssl.h.
#define SSL_AL_FLAG_STATE_FINISHED BIT_U32(14) |
Definition at line 106 of file app-layer-ssl.h.
#define SSL_AL_FLAG_STATE_SERVER_HELLO BIT_U32(10) |
Definition at line 100 of file app-layer-ssl.h.
#define SSL_AL_FLAG_STATE_SERVER_KEYX BIT_U32(12) |
Definition at line 102 of file app-layer-ssl.h.
#define SSL_AL_FLAG_STATE_UNKNOWN BIT_U32(13) |
Definition at line 103 of file app-layer-ssl.h.
#define SSL_EXTENSION_ALPN 0x0010 |
Definition at line 146 of file app-layer-ssl.h.
#define SSL_EXTENSION_EARLY_DATA 0x002a |
Definition at line 148 of file app-layer-ssl.h.
#define SSL_EXTENSION_EC_POINT_FORMATS 0x000b |
Definition at line 144 of file app-layer-ssl.h.
#define SSL_EXTENSION_ELLIPTIC_CURVES 0x000a |
Definition at line 143 of file app-layer-ssl.h.
#define SSL_EXTENSION_SESSION_TICKET 0x0023 |
Definition at line 147 of file app-layer-ssl.h.
#define SSL_EXTENSION_SIGNATURE_ALGORITHMS 0x000d |
Definition at line 145 of file app-layer-ssl.h.
#define SSL_EXTENSION_SNI 0x0000 |
Definition at line 142 of file app-layer-ssl.h.
#define SSL_EXTENSION_SUPPORTED_VERSIONS 0x002b |
Definition at line 149 of file app-layer-ssl.h.
#define SSL_SNI_TYPE_HOST_NAME 0 |
Definition at line 152 of file app-layer-ssl.h.
#define SSL_TLS_LOG_PEM (1 << 0) |
Definition at line 139 of file app-layer-ssl.h.
#define SSL_VERSION_MAX_STRLEN 20 |
Definition at line 155 of file app-layer-ssl.h.
#define TLS_RANDOM_LEN 32 |
Definition at line 158 of file app-layer-ssl.h.
#define TLS_TC_RANDOM_SET BIT_U32(25) |
Definition at line 134 of file app-layer-ssl.h.
#define TLS_TS_RANDOM_SET BIT_U32(24) |
Definition at line 131 of file app-layer-ssl.h.
typedef struct SSLCertsChain_ SSLCertsChain |
SSLv[2.0|3.[0|1|2|3]] state structure.
Structure to store the SSL state values.
typedef struct SSLStateConnp_ SSLStateConnp |
anonymous enum |
Definition at line 42 of file app-layer-ssl.h.
anonymous enum |
Enumerator | |
---|---|
TLS_STATE_IN_PROGRESS | |
TLS_STATE_CERT_READY | |
TLS_HANDSHAKE_DONE | |
TLS_STATE_FINISHED |
Definition at line 76 of file app-layer-ssl.h.
anonymous enum |
Definition at line 161 of file app-layer-ssl.h.
enum TlsFrameTypes |
Enumerator | |
---|---|
TLS_FRAME_PDU | whole PDU, so header + data |
TLS_FRAME_HDR | only header portion |
TLS_FRAME_DATA | only data portion |
TLS_FRAME_ALERT_DATA | |
TLS_FRAME_HB_DATA | |
TLS_FRAME_SSLV2_HDR | |
TLS_FRAME_SSLV2_PDU |
Definition at line 32 of file app-layer-ssl.h.
void RegisterSSLParsers | ( | void | ) |
Function to register the SSL protocol parser and other functions.
SSLv2 and SSLv23
Definition at line 3209 of file app-layer-ssl.c.
References ALPROTO_TLS, AppLayerProtoDetectConfProtoDetectionEnabled(), AppLayerProtoDetectRegisterProtocol(), SC_ATOMIC_INIT, and ssl_config.
void SSLEnableJA3 | ( | void | ) |
if not explicitly disabled in config, enable ja3 support
Implemented using atomic to allow rule reloads to do this at runtime.
Definition at line 3342 of file app-layer-ssl.c.
References SslConfig_::disable_ja3, g_disable_hashing, SC_ATOMIC_GET, SC_ATOMIC_SET, and ssl_config.
void SSLEnableJA4 | ( | void | ) |
if not explicitly disabled in config, enable ja4 support
Implemented using atomic to allow rule reloads to do this at runtime.
Definition at line 3359 of file app-layer-ssl.c.
References SslConfig_::disable_ja4, g_disable_hashing, SC_ATOMIC_GET, SC_ATOMIC_SET, and ssl_config.
bool SSLJA3IsEnabled | ( | void | ) |
return whether ja3 is effectively enabled
This means that it either has been enabled explicitly or has been enabled by having loaded a rule while not being explicitly disabled.
true | if enabled, false otherwise |
Definition at line 3378 of file app-layer-ssl.c.
References SC_ATOMIC_GET, and ssl_config.
bool SSLJA4IsEnabled | ( | void | ) |
return whether ja4 is effectively enabled
This means that it either has been enabled explicitly or has been enabled by having loaded a rule while not being explicitly disabled.
true | if enabled, false otherwise |
Definition at line 3391 of file app-layer-ssl.c.
References SC_ATOMIC_GET, and ssl_config.
void SSLVersionToString | ( | uint16_t | , |
char * | |||
) |
Definition at line 332 of file app-layer-ssl.c.
References SSL_VERSION_2, SSL_VERSION_3, strlcat(), TLS_VERSION_10, TLS_VERSION_11, TLS_VERSION_12, TLS_VERSION_13, TLS_VERSION_13_DRAFT16, TLS_VERSION_13_DRAFT17, TLS_VERSION_13_DRAFT18, TLS_VERSION_13_DRAFT19, TLS_VERSION_13_DRAFT20, TLS_VERSION_13_DRAFT20_FB, TLS_VERSION_13_DRAFT21, TLS_VERSION_13_DRAFT21_FB, TLS_VERSION_13_DRAFT22, TLS_VERSION_13_DRAFT22_FB, TLS_VERSION_13_DRAFT23, TLS_VERSION_13_DRAFT23_FB, TLS_VERSION_13_DRAFT24, TLS_VERSION_13_DRAFT25, TLS_VERSION_13_DRAFT26, TLS_VERSION_13_DRAFT26_FB, TLS_VERSION_13_DRAFT27, TLS_VERSION_13_DRAFT28, TLS_VERSION_13_PRE_DRAFT16, TLS_VERSION_UNKNOWN, and version.