61 static int GetCertNotBefore(lua_State *luastate,
const Flow *f,
int direction)
65 return LuaCallbackError(luastate,
"error: no app layer state");
77 return LuaCallbackError(luastate,
"error: no certificate NotBefore");
84 static int TlsGetCertNotBefore(lua_State *luastate)
89 return LuaCallbackError(luastate,
"error: protocol not tls");
91 int direction = LuaStateGetDirection(luastate);
93 Flow *f = LuaStateGetFlow(luastate);
95 return LuaCallbackError(luastate,
"internal error: no flow");
97 r = GetCertNotBefore(luastate, f, direction);
102 static int GetCertNotAfter(lua_State *luastate,
const Flow *f,
int direction)
106 return LuaCallbackError(luastate,
"error: no app layer state");
118 return LuaCallbackError(luastate,
"error: no certificate NotAfter");
125 static int TlsGetCertNotAfter(lua_State *luastate)
130 return LuaCallbackError(luastate,
"error: protocol not tls");
132 int direction = LuaStateGetDirection(luastate);
134 Flow *f = LuaStateGetFlow(luastate);
136 return LuaCallbackError(luastate,
"internal error: no flow");
138 r = GetCertNotAfter(luastate, f, direction);
143 static int GetCertInfo(lua_State *luastate,
const Flow *f,
int direction)
147 return LuaCallbackError(luastate,
"error: no app layer state");
159 return LuaCallbackError(luastate,
"error: no cert");
165 int r = LuaPushStringBuffer(luastate, (uint8_t *)ssl_version, strlen(ssl_version));
172 static int TlsGetCertInfo(lua_State *luastate)
177 return LuaCallbackError(luastate,
"error: protocol not tls");
179 int direction = LuaStateGetDirection(luastate);
181 Flow *f = LuaStateGetFlow(luastate);
183 return LuaCallbackError(luastate,
"internal error: no flow");
185 r = GetCertInfo(luastate, f, direction);
190 static int GetAgreedVersion(lua_State *luastate,
const Flow *f)
194 return LuaCallbackError(luastate,
"error: no app layer state");
201 return LuaPushStringBuffer(luastate, (uint8_t *)ssl_version,
202 strlen(ssl_version));
205 static int TlsGetVersion(lua_State *luastate)
210 return LuaCallbackError(luastate,
"error: protocol not tls");
212 Flow *f = LuaStateGetFlow(luastate);
214 return LuaCallbackError(luastate,
"internal error: no flow");
216 r = GetAgreedVersion(luastate, f);
221 static int GetSNI(lua_State *luastate,
const Flow *f)
225 return LuaCallbackError(luastate,
"error: no app layer state");
230 return LuaCallbackError(luastate,
"error: no server name indication");
232 return LuaPushStringBuffer(luastate, (uint8_t *)ssl_state->
client_connp.
sni,
236 static int TlsGetSNI(lua_State *luastate)
241 return LuaCallbackError(luastate,
"error: protocol not tls");
243 Flow *f = LuaStateGetFlow(luastate);
245 return LuaCallbackError(luastate,
"internal error: no flow");
247 r = GetSNI(luastate, f);
252 static int GetCertSerial(lua_State *luastate,
const Flow *f)
256 return LuaCallbackError(luastate,
"error: no app layer state");
261 return LuaCallbackError(luastate,
"error: no certificate serial");
263 return LuaPushStringBuffer(luastate,
268 static int TlsGetCertSerial(lua_State *luastate)
273 return LuaCallbackError(luastate,
"error: protocol not tls");
275 Flow *f = LuaStateGetFlow(luastate);
277 return LuaCallbackError(luastate,
"internal error: no flow");
279 r = GetCertSerial(luastate, f);
284 static int GetCertChain(lua_State *luastate,
const Flow *f,
int direction)
288 return LuaCallbackError(luastate,
"error: no app layer state");
300 lua_newtable(luastate);
304 lua_pushinteger(luastate, u++);
306 lua_newtable(luastate);
308 lua_pushstring(luastate,
"length");
309 lua_pushinteger(luastate, cert->
cert_len);
310 lua_settable(luastate, -3);
312 lua_pushstring(luastate,
"data");
315 lua_settable(luastate, -3);
316 lua_settable(luastate, -3);
322 static int TlsGetCertChain(lua_State *luastate)
327 return LuaCallbackError(luastate,
"error: protocol not tls");
329 int direction = LuaStateGetDirection(luastate);
331 Flow *f = LuaStateGetFlow(luastate);
333 return LuaCallbackError(luastate,
"internal error: no flow");
335 r = GetCertChain(luastate, f, direction);
341 int LuaRegisterTlsFunctions(lua_State *luastate)
344 lua_pushcfunction(luastate, TlsGetCertNotBefore);
345 lua_setglobal(luastate,
"TlsGetCertNotBefore");
347 lua_pushcfunction(luastate, TlsGetCertNotAfter);
348 lua_setglobal(luastate,
"TlsGetCertNotAfter");
350 lua_pushcfunction(luastate, TlsGetVersion);
351 lua_setglobal(luastate,
"TlsGetVersion");
353 lua_pushcfunction(luastate, TlsGetCertInfo);
354 lua_setglobal(luastate,
"TlsGetCertInfo");
356 lua_pushcfunction(luastate, TlsGetSNI);
357 lua_setglobal(luastate,
"TlsGetSNI");
359 lua_pushcfunction(luastate, TlsGetCertSerial);
360 lua_setglobal(luastate,
"TlsGetCertSerial");
362 lua_pushcfunction(luastate, TlsGetCertChain);
363 lua_setglobal(luastate,
"TlsGetCertChain");
#define TAILQ_FOREACH(var, head, field)
struct HtpBodyChunk_ * next
SSLStateConnp server_connp
void SSLVersionToString(uint16_t version, char *buffer)
#define SSL_VERSION_MAX_STRLEN
SSLv[2.0|3.[0|1|2|3]] state structure.
void * FlowGetAppState(const Flow *f)
SSLStateConnp client_connp