ssh: use derived app-layer event

diff --git a/rust/src/ssh/ssh.rs b/rust/src/ssh/ssh.rs
index 0ebad5cb10c2106c10bd2fd7a26781545caefbf4..23e74a4dbd8dee5cd08007e4e56393d7c5e5dc6b 100644 (file)
--- a/rust/src/ssh/ssh.rs
+++ b/rust/src/ssh/ssh.rs
@@ -19,7 +19,7 @@ use super::parser;
 use crate::applayer::*;
 use crate::core::STREAM_TOSERVER;
 use crate::core::{self, AppProto, Flow, ALPROTO_UNKNOWN, IPPROTO_TCP};
-use std::ffi::{CStr, CString};
+use std::ffi::CString;
 use std::sync::atomic::{AtomicBool, Ordering};
 
 static mut ALPROTO_SSH: AppProto = ALPROTO_UNKNOWN;
@@ -29,26 +29,14 @@ fn hassh_is_enabled() -> bool {
     HASSH_ENABLED.load(Ordering::Relaxed)
 }
 
-#[repr(u32)]
+#[derive(AppLayerEvent)]
 pub enum SSHEvent {
-    InvalidBanner = 0,
+    InvalidBanner,
     LongBanner,
     InvalidRecord,
     LongKexRecord,
 }
 
-impl SSHEvent {
-    fn from_i32(value: i32) -> Option<SSHEvent> {
-        match value {
-            0 => Some(SSHEvent::InvalidBanner),
-            1 => Some(SSHEvent::LongBanner),
-            2 => Some(SSHEvent::InvalidRecord),
-            3 => Some(SSHEvent::LongKexRecord),
-            _ => None,
-        }
-    }
-}
-
 #[repr(u8)]
 #[derive(Copy, Clone, PartialOrd, PartialEq)]
 pub enum SSHConnectionState {
@@ -376,52 +364,6 @@ pub unsafe extern "C" fn rs_ssh_state_get_events(
     return tx.events;
 }
 
-#[no_mangle]
-pub unsafe extern "C" fn rs_ssh_state_get_event_info(
-    event_name: *const std::os::raw::c_char, event_id: *mut std::os::raw::c_int,
-    event_type: *mut core::AppLayerEventType,
-) -> std::os::raw::c_int {
-    if event_name == std::ptr::null() {
-        return -1;
-    }
-    let c_event_name: &CStr = CStr::from_ptr(event_name);
-    let event = match c_event_name.to_str() {
-        Ok(s) => {
-            match s {
-                "invalid_banner" => SSHEvent::InvalidBanner as i32,
-                "long_banner" => SSHEvent::LongBanner as i32,
-                "invalid_record" => SSHEvent::InvalidRecord as i32,
-                "long_kex_record" => SSHEvent::LongKexRecord as i32,
-                _ => -1, // unknown event
-            }
-        }
-        Err(_) => -1, // UTF-8 conversion failed
-    };
-    *event_type = core::APP_LAYER_EVENT_TYPE_TRANSACTION;
-    *event_id = event as std::os::raw::c_int;
-    0
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn rs_ssh_state_get_event_info_by_id(
-    event_id: std::os::raw::c_int, event_name: *mut *const std::os::raw::c_char,
-    event_type: *mut core::AppLayerEventType,
-) -> i8 {
-    if let Some(e) = SSHEvent::from_i32(event_id as i32) {
-        let estr = match e {
-            SSHEvent::InvalidBanner => "invalid_banner\0",
-            SSHEvent::LongBanner => "long_banner\0",
-            SSHEvent::InvalidRecord => "invalid_record\0",
-            SSHEvent::LongKexRecord => "long_kex_record\0",
-        };
-        *event_name = estr.as_ptr() as *const std::os::raw::c_char;
-        *event_type = core::APP_LAYER_EVENT_TYPE_TRANSACTION;
-        0
-    } else {
-        -1
-    }
-}
-
 #[no_mangle]
 pub extern "C" fn rs_ssh_state_new(_orig_state: *mut std::os::raw::c_void, _orig_proto: AppProto) -> *mut std::os::raw::c_void {
     let state = SSHState::new();
@@ -547,8 +489,8 @@ pub unsafe extern "C" fn rs_ssh_register_parser() {
         get_de_state: rs_ssh_tx_get_detect_state,
         set_de_state: rs_ssh_tx_set_detect_state,
         get_events: Some(rs_ssh_state_get_events),
-        get_eventinfo: Some(rs_ssh_state_get_event_info),
-        get_eventinfo_byid: Some(rs_ssh_state_get_event_info_by_id),
+        get_eventinfo: Some(SSHEvent::get_event_info),
+        get_eventinfo_byid: Some(SSHEvent::get_event_info_by_id),
         localstorage_new: None,
         localstorage_free: None,
         get_files: None,