From: Anoop Saldanha <anoopsaldanha@gmail.com>
Date: Wed, 23 Oct 2013 05:55:46 +0000 (+0530)
Subject: Disabling the ssh parser temporarily, since we are moving away from some
X-Git-Tag: suricata-2.0rc1~268
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=abded4200a39c28e9adaa352eb9d2bd66a3aa271;p=thirdparty%2Fsuricata.git

Disabling the ssh parser temporarily, since we are moving away from some
of the archaic features we use in the app layer. We will reintroduce this
parser shortly. Also do note that keywords that rely on the ssh parser
would now be disabled.
---

diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c
index 78f0b6b7b0..ed8f18db10 100644
--- a/src/app-layer-parser.c
+++ b/src/app-layer-parser.c
@@ -1453,7 +1453,13 @@ void RegisterAppLayerParsers(void)
     RegisterDCERPCParsers();
     RegisterDCERPCUDPParsers();
     RegisterFTPParsers();
+    /* we are disabling the ssh parser temporarily, since we are moving away
+     * from some of the archaic features we use in the app layer.  We will
+     * reintroduce this parser.  Also do note that keywords that rely on
+     * the ssh parser would now be disabled */
+#if 0
     RegisterSSHParsers();
+#endif
     RegisterSMTPParsers();
     RegisterDNSUDPParsers();
     RegisterDNSTCPParsers();
diff --git a/src/app-layer-ssh.c b/src/app-layer-ssh.c
index c915af5adf..ecd0252cec 100644
--- a/src/app-layer-ssh.c
+++ b/src/app-layer-ssh.c
@@ -1,3 +1,9 @@
+/* we are disabling the ssh parser temporarily, since we are moving away
+ * from some of the archaic features we use in the app layer.  We will
+ * reintroduce this parser.  Also do note that keywords that rely on
+ * the ssh parser would now be disabled */
+#if 0
+
 /* Copyright (C) 2007-2010 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
@@ -1853,3 +1859,5 @@ void SSHParserRegisterTests(void) {
     UtRegisterTest("SSHParserTest14 - ToClient 4 chunks", SSHParserTest14, 1);
 #endif /* UNITTESTS */
 }
+
+#endif /* #if 0 */
diff --git a/src/detect-ssh-proto-version.c b/src/detect-ssh-proto-version.c
index e66be0f902..1a7f856b58 100644
--- a/src/detect-ssh-proto-version.c
+++ b/src/detect-ssh-proto-version.c
@@ -1,3 +1,8 @@
+/* we are disabling the ssh parser temporarily, since we are moving away
+ * from some of the archaic features we use in the app layer.  We will
+ * reintroduce this parser.  Also do note that keywords that rely on
+ * the ssh parser would now be disabled */
+#if 0
 /* Copyright (C) 2007-2010 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
@@ -681,3 +686,4 @@ void DetectSshVersionRegisterTests(void) {
 #endif /* UNITTESTS */
 }
 
+#endif /* #if 0 */
diff --git a/src/detect-ssh-software-version.c b/src/detect-ssh-software-version.c
index bcde214b87..b07b0108fa 100644
--- a/src/detect-ssh-software-version.c
+++ b/src/detect-ssh-software-version.c
@@ -1,3 +1,8 @@
+/* we are disabling the ssh parser temporarily, since we are moving away
+ * from some of the archaic features we use in the app layer.  We will
+ * reintroduce this parser.  Also do note that keywords that rely on
+ * the ssh parser would now be disabled */
+#if 0
 /* Copyright (C) 2007-2010 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
@@ -654,3 +659,4 @@ void DetectSshSoftwareVersionRegisterTests(void) {
 #endif /* UNITTESTS */
 }
 
+#endif /* #if 0 */
diff --git a/src/detect.c b/src/detect.c
index 682c8bb4ff..e19d85ddb9 100644
--- a/src/detect.c
+++ b/src/detect.c
@@ -4735,9 +4735,15 @@ void SigTableSetup(void) {
     DetectHttpUriRegister();
     DetectHttpRawUriRegister();
     DetectAsn1Register();
+/* we are disabling the ssh parser temporarily, since we are moving away
+ * from some of the archaic features we use in the app layer.  We will
+ * reintroduce this parser.  Also do note that keywords that rely on
+ * the ssh parser would now be disabled */
+#if 0
     DetectSshVersionRegister();
-    DetectSslStateRegister();
     DetectSshSoftwareVersionRegister();
+#endif
+    DetectSslStateRegister();
     DetectHttpStatCodeRegister();
     DetectSslVersionRegister();
     DetectByteExtractRegister();
diff --git a/src/runmode-unittests.c b/src/runmode-unittests.c
index b58abcbd8c..60b93d5cce 100644
--- a/src/runmode-unittests.c
+++ b/src/runmode-unittests.c
@@ -188,7 +188,13 @@ int RunUnittests(int list_unittests, char *regex_arg)
     DecodePPPRegisterTests();
     DecodeVLANRegisterTests();
     HTPParserRegisterTests();
+/* we are disabling the ssh parser temporarily, since we are moving away
+ * from some of the archaic features we use in the app layer.  We will
+ * reintroduce this parser.  Also do note that keywords that rely on
+ * the ssh parser would now be disabled */
+#if 0
     SSHParserRegisterTests();
+#endif
     SMBParserRegisterTests();
     DCERPCParserRegisterTests();
     DCERPCUDPParserRegisterTests();