From: Jason Ish Date: Wed, 23 Dec 2020 22:35:07 +0000 (-0600) Subject: util/mime: use Rust md5 bindings instead of libnss X-Git-Tag: suricata-7.0.0-beta1~1886 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=815396263bdebce961b31c3d473fb0751e59711a;p=thirdparty%2Fsuricata.git util/mime: use Rust md5 bindings instead of libnss As the new Md5 hashing consumes its context on finalize, an bool has_md5 flag has been added to let the logger know there is an md5 hash available. --- diff --git a/src/output-json-email-common.c b/src/output-json-email-common.c index 5bdb495e3f..63abd44720 100644 --- a/src/output-json-email-common.c +++ b/src/output-json-email-common.c @@ -53,6 +53,10 @@ #include "output-json.h" #include "output-json-email-common.h" +#ifdef HAVE_NSS +#include +#endif + #define LOG_EMAIL_DEFAULT 0 #define LOG_EMAIL_EXTENDED (1<<0) #define LOG_EMAIL_ARRAY (1<<1) /* require array handling */ @@ -149,7 +153,7 @@ static void EveEmailLogJSONMd5(OutputJsonEmailCtx *email_ctx, JsonBuilder *js, S if (email_ctx->flags & LOG_EMAIL_BODY_MD5) { MimeDecParseState *mime_state = tx->mime_state; - if (mime_state && mime_state->md5_ctx && (mime_state->state_flag == PARSE_DONE)) { + if (mime_state && mime_state->has_md5 && (mime_state->state_flag == PARSE_DONE)) { size_t x; int i; char s[256]; diff --git a/src/util-decode-mime.c b/src/util-decode-mime.c index cb6ae8d489..1bbe0e284f 100644 --- a/src/util-decode-mime.c +++ b/src/util-decode-mime.c @@ -32,6 +32,8 @@ #include "util-memcmp.h" #include "util-print.h" +#include "rust.h" + /* Character constants */ #ifndef CR #define CR 13 @@ -2094,13 +2096,6 @@ static int ProcessBodyComplete(MimeDecParseState *state) } } -#ifdef HAVE_NSS - if (state->md5_ctx) { - unsigned int len = 0; - HASH_End(state->md5_ctx, state->md5, &len, sizeof(state->md5)); - } -#endif - /* Invoke pre-processor and callback with remaining data */ ret = ProcessDecodedDataChunk(state->data_chunk, state->data_chunk_len, state); if (ret != MIME_DEC_OK) { @@ -2269,17 +2264,16 @@ static int ProcessMimeBody(const uint8_t *buf, uint32_t len, int body_found = 0; uint32_t tlen; -#ifdef HAVE_NSS - if (MimeDecGetConfig()->body_md5) { - if (state->body_begin == 1) { - if (state->md5_ctx == NULL) { - state->md5_ctx = HASH_Create(HASH_AlgMD5); - HASH_Begin(state->md5_ctx); + if (!g_disable_hashing) { + if (MimeDecGetConfig()->body_md5) { + if (state->body_begin == 1) { + if (state->md5_ctx == NULL) { + state->md5_ctx = SCMd5New(); + } } + SCMd5Update(state->md5_ctx, buf, len + state->current_line_delimiter_len); } - HASH_Update(state->md5_ctx, buf, len + state->current_line_delimiter_len); } -#endif /* Ignore empty lines */ if (len == 0) { @@ -2505,10 +2499,8 @@ void MimeDecDeInitParser(MimeDecParseState *state) SCFree(state->hname); FreeDataValue(state->hvalue); FreeMimeDecStack(state->stack); -#ifdef HAVE_NSS if (state->md5_ctx) - HASH_Destroy(state->md5_ctx); -#endif + SCMd5Free(state->md5_ctx); SCFree(state); } @@ -2547,6 +2539,12 @@ int MimeDecParseComplete(MimeDecParseState *state) return ret; } + if (state->md5_ctx) { + SCMd5Finalize(state->md5_ctx, state->md5, sizeof(state->md5)); + state->md5_ctx = NULL; + state->has_md5 = true; + } + if (state->stack->top == NULL) { state->msg->anomaly_flags |= ANOM_MALFORMED_MSG; SCLogDebug("Error: Message is malformed"); diff --git a/src/util-decode-mime.h b/src/util-decode-mime.h index c070748f5e..0baed68bf1 100644 --- a/src/util-decode-mime.h +++ b/src/util-decode-mime.h @@ -25,10 +25,6 @@ #ifndef MIME_DECODE_H_ #define MIME_DECODE_H_ -#ifdef HAVE_NSS -#include -#endif - #include #include #include @@ -201,10 +197,9 @@ typedef struct MimeDecParseState { uint8_t bvremain[B64_BLOCK]; /**< Remainder from base64-decoded line */ uint8_t bvr_len; /**< Length of remainder from base64-decoded line */ uint8_t data_chunk[DATA_CHUNK_SIZE]; /**< Buffer holding data chunk */ -#ifdef HAVE_NSS - HASHContext *md5_ctx; - uint8_t md5[MD5_LENGTH]; -#endif + SCMd5 *md5_ctx; + uint8_t md5[SC_MD5_LEN]; + bool has_md5; uint8_t state_flag; /**< Flag representing current state of parser */ uint32_t data_chunk_len; /**< Length of data chunk */ int found_child; /**< Flag indicating a child entity was found */