suricata
detect-ssl-version.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2019 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file detect-ssl-version.c
20  *
21  * \author Gurvinder Singh <gurvindersinghdahiya@gmail.com>
22  *
23  */
24 
25 #include "detect-engine-build.h"
26 
27 /**
28  * \test DetectSslVersionTestParse01 is a test to make sure that we parse the
29  * "ssl_version" option correctly when given valid ssl_version option
30  */
31 static int DetectSslVersionTestParse01(void)
32 {
33  DetectSslVersionData *ssl = NULL;
34  ssl = DetectSslVersionParse(NULL, "SSlv3");
35  FAIL_IF_NULL(ssl);
37  DetectSslVersionFree(NULL, ssl);
38  PASS;
39 }
40 
41 /**
42  * \test DetectSslVersionTestParse02 is a test to make sure that we parse the
43  * "ssl_version" option correctly when given an invalid ssl_version option
44  * it should return ssl = NULL
45  */
46 static int DetectSslVersionTestParse02(void)
47 {
48  DetectSslVersionData *ssl = NULL;
49  ssl = DetectSslVersionParse(NULL, "2.5");
50  FAIL_IF_NOT_NULL(ssl);
51  DetectSslVersionFree(NULL, ssl);
52  ssl = DetectSslVersionParse(NULL, "tls1.0, !");
53  FAIL_IF_NOT_NULL(ssl);
54  DetectSslVersionFree(NULL, ssl);
55  ssl = DetectSslVersionParse(NULL, "tls1.0, !tls1.0");
56  FAIL_IF_NOT_NULL(ssl);
57  DetectSslVersionFree(NULL, ssl);
58  ssl = DetectSslVersionParse(NULL, "tls1.1, tls1.1");
59  FAIL_IF_NOT_NULL(ssl);
60  DetectSslVersionFree(NULL, ssl);
61  ssl = DetectSslVersionParse(NULL, "tls1.1, !tls1.2");
62  FAIL_IF_NOT_NULL(ssl);
63  DetectSslVersionFree(NULL, ssl);
64  PASS;
65 }
66 
67 /**
68  * \test DetectSslVersionTestParse03 is a test to make sure that we parse the
69  * "ssl_version" options correctly when given valid ssl_version options
70  */
71 static int DetectSslVersionTestParse03(void)
72 {
73  DetectSslVersionData *ssl = NULL;
74  ssl = DetectSslVersionParse(NULL, "SSlv3 , tls1.0");
75  FAIL_IF_NULL(ssl);
78  DetectSslVersionFree(NULL, ssl);
79  ssl = DetectSslVersionParse(NULL, " !tls1.2");
80  FAIL_IF_NULL(ssl);
83  DetectSslVersionFree(NULL, ssl);
84  PASS;
85 }
86 
87 /**
88  * \brief this function registers unit tests for DetectSslVersion
89  */
90 static void DetectSslVersionRegisterTests(void)
91 {
92  UtRegisterTest("DetectSslVersionTestParse01", DetectSslVersionTestParse01);
93  UtRegisterTest("DetectSslVersionTestParse02", DetectSslVersionTestParse02);
94  UtRegisterTest("DetectSslVersionTestParse03", DetectSslVersionTestParse03);
95 }
FAIL_IF_NULL
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
Definition: util-unittest.h:89
TLS_VERSION_12
@ TLS_VERSION_12
Definition: app-layer-ssl.h:168
UtRegisterTest
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
Definition: util-unittest.c:103
SSLVersionData_::flags
uint8_t flags
Definition: detect-ssl-version.h:44
TLS12
@ TLS12
Definition: detect-ssl-version.h:35
FAIL_IF_NOT
#define FAIL_IF_NOT(expr)
Fail a test if expression evaluates to false.
Definition: util-unittest.h:82
FAIL_IF_NOT_NULL
#define FAIL_IF_NOT_NULL(expr)
Fail a test if expression evaluates to non-NULL.
Definition: util-unittest.h:96
PASS
#define PASS
Pass the test.
Definition: util-unittest.h:105
TLS_VERSION_10
@ TLS_VERSION_10
Definition: app-layer-ssl.h:166
DetectSslVersionData_
Definition: detect-ssl-version.h:47
detect-engine-build.h
SSLv3
@ SSLv3
Definition: detect-ssl-version.h:32
DetectSslVersionData_::data
SSLVersionData data[TLS_SIZE]
Definition: detect-ssl-version.h:48
TLS10
@ TLS10
Definition: detect-ssl-version.h:33
SSLVersionData_::ver
uint16_t ver
Definition: detect-ssl-version.h:43
SSL_VERSION_3
@ SSL_VERSION_3
Definition: app-layer-ssl.h:165
DETECT_SSL_VERSION_NEGATED
#define DETECT_SSL_VERSION_NEGATED
Definition: detect-ssl-version.h:28