Go to the documentation of this file.
55 Flow *, uint8_t,
void *,
void *,
59 static void DetectSslVersionRegisterTests(
void);
62 static int g_tls_generic_list_id = 0;
94 Flow *f, uint8_t
flags,
void *state,
void *txv,
105 if (app_state == NULL) {
110 if (
flags & STREAM_TOCLIENT) {
111 SCLogDebug(
"server (toclient) version is 0x%02X",
114 }
else if (
flags & STREAM_TOSERVER) {
115 SCLogDebug(
"client (toserver) version is 0x%02X",
146 case TLS_VERSION_13_DRAFT28:
147 case TLS_VERSION_13_DRAFT27:
148 case TLS_VERSION_13_DRAFT26:
149 case TLS_VERSION_13_DRAFT25:
150 case TLS_VERSION_13_DRAFT24:
151 case TLS_VERSION_13_DRAFT23:
152 case TLS_VERSION_13_DRAFT22:
153 case TLS_VERSION_13_DRAFT21:
154 case TLS_VERSION_13_DRAFT20:
155 case TLS_VERSION_13_DRAFT19:
156 case TLS_VERSION_13_DRAFT18:
157 case TLS_VERSION_13_DRAFT17:
158 case TLS_VERSION_13_DRAFT16:
159 case TLS_VERSION_13_PRE_DRAFT16:
160 if (((ver >> 8) & 0xff) == 0x7f)
161 ver = TLS_VERSION_13;
183 {
"sslv2",
SSLv2, SSL_VERSION_2 },
184 {
"sslv3",
SSLv3, SSL_VERSION_3 },
185 {
"tls1.0",
TLS10, TLS_VERSION_10 },
186 {
"tls1.1",
TLS11, TLS_VERSION_11 },
187 {
"tls1.2",
TLS12, TLS_VERSION_12 },
188 {
"tls1.3",
TLS13, TLS_VERSION_13 },
204 const char *tmp_str =
str;
214 while (tmp_str[0] != 0 && isspace(tmp_str[0])) {
217 if (tmp_str[0] == 0) {
222 while (tmp_str[0] != 0) {
224 if (tmp_str[0] ==
'!') {
230 while (tmp_str[tmp_len] != 0 && !isspace(tmp_str[tmp_len]) && tmp_str[tmp_len] !=
',') {
234 bool is_keyword =
false;
235 for (
size_t i = 0; i <
TLS_SIZE; i++) {
259 }
else if (found != 1 << neg) {
260 SCLogError(
"Invalid value mixing negative and positive forms");
265 while (isspace(tmp_str[0]) || tmp_str[0] ==
',') {
274 DetectSslVersionFree(
de_ctx, ssl);
297 ssl = DetectSslVersionParse(
de_ctx,
str);
312 DetectSslVersionFree(
de_ctx, ssl);
SSLv[2.0|3.[0|1|2|3]] state structure.
SigTableElmt * sigmatch_table
void(* Free)(DetectEngineCtx *, void *)
SSLStateConnp client_connp
SSLStateConnp server_connp
main detection engine ctx
int(* AppLayerTxMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, void *alstate, void *txv, const Signature *, const SigMatchCtx *)
int SCDetectSignatureSetAppProto(Signature *s, AppProto alproto)
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
SigMatch * SCSigMatchAppendSMToList(DetectEngineCtx *de_ctx, Signature *s, uint16_t type, SigMatchCtx *ctx, const int list)
Append a SigMatch to the list type.
Data structures and function prototypes for keeping state for the detection engine.
struct SSLVersionKeywords ssl_version_keywords[TLS_SIZE]
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
int DetectBufferTypeRegister(const char *name)
SSLVersionData data[TLS_SIZE]
#define SCLogError(...)
Macro used to log ERROR messages.
void DetectSslVersionRegister(void)
Registration function for keyword: ssl_version.
#define DETECT_SSL_VERSION_NEGATED
void(* RegisterTests)(void)