]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a96446d)
TLS: register patterns for tls-alerts
authorVictor Julien <victor@inliniac.net>
Wed, 12 Mar 2014 21:52:00 +0000 (22:52 +0100)
committerVictor Julien <victor@inliniac.net>
Wed, 26 Mar 2014 16:13:18 +0000 (17:13 +0100)
Register patterns for when server has an alert as the first message.

src/app-layer-ssl.c patch | blob | blame | history

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index 53672803cf682944e5e2aad8615ee955264f3810..2d42c4aef27a53658f5e0873fca209cfe6a67f13 100644 (file)
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -1090,6 +1090,11 @@ static int SSLRegisterPatternsForProtocolDetection(void)
 
     /***** toclient direction *****/
 
+    if (AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_TLS,
+                                               "|15 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
+    {
+        return -1;
+    }
     if (AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_TLS,
                                                "|16 03 00|", 3, 0, STREAM_TOCLIENT) < 0)
     {
@@ -1102,6 +1107,11 @@ static int SSLRegisterPatternsForProtocolDetection(void)
     }
 
     /** TLSv1 */
+    if (AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_TLS,
+                                               "|15 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
+    {
+        return -1;
+    }
     if (AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_TLS,
                                                "|16 03 01|", 3, 0, STREAM_TOCLIENT) < 0)
     {
@@ -1114,6 +1124,11 @@ static int SSLRegisterPatternsForProtocolDetection(void)
     }
 
     /** TLSv1.1 */
+    if (AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_TLS,
+                                               "|15 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
+    {
+        return -1;
+    }
     if (AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_TLS,
                                                "|16 03 02|", 3, 0, STREAM_TOCLIENT) < 0)
     {
@@ -1126,6 +1141,11 @@ static int SSLRegisterPatternsForProtocolDetection(void)
     }
 
     /** TLSv1.2 */
+    if (AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_TLS,
+                                               "|15 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
+    {
+        return -1;
+    }
     if (AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_TLS,
                                                "|16 03 03|", 3, 0, STREAM_TOCLIENT) < 0)
     {
Mirror of https://github.com/OISF/suricata.git