|
|
|
|
@ -38,6 +38,7 @@ static mut G_SDP_BANDWIDTH_BUFFER_ID: c_int = 0;
|
|
|
|
|
static mut G_SDP_TIME_BUFFER_ID: c_int = 0;
|
|
|
|
|
static mut G_SDP_REPEAT_TIME_BUFFER_ID: c_int = 0;
|
|
|
|
|
static mut G_SDP_TIMEZONE_BUFFER_ID: c_int = 0;
|
|
|
|
|
static mut G_SDP_ENCRYPTION_KEY_BUFFER_ID: c_int = 0;
|
|
|
|
|
|
|
|
|
|
unsafe extern "C" fn sdp_session_name_setup(
|
|
|
|
|
de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
|
|
|
|
|
@ -571,6 +572,53 @@ unsafe extern "C" fn sdp_timezone_get_data(
|
|
|
|
|
false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
unsafe extern "C" fn sdp_encryption_key_setup(
|
|
|
|
|
de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
|
|
|
|
|
) -> c_int {
|
|
|
|
|
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if DetectBufferSetActiveList(de, s, G_SDP_ENCRYPTION_KEY_BUFFER_ID) < 0 {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
unsafe extern "C" fn sdp_encryption_key_get(
|
|
|
|
|
de: *mut c_void, transforms: *const c_void, flow: *const c_void, flow_flags: u8,
|
|
|
|
|
tx: *const c_void, list_id: c_int,
|
|
|
|
|
) -> *mut c_void {
|
|
|
|
|
return DetectHelperGetData(
|
|
|
|
|
de,
|
|
|
|
|
transforms,
|
|
|
|
|
flow,
|
|
|
|
|
flow_flags,
|
|
|
|
|
tx,
|
|
|
|
|
list_id,
|
|
|
|
|
sdp_encryption_key_get_data,
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
unsafe extern "C" fn sdp_encryption_key_get_data(
|
|
|
|
|
tx: *const c_void, direction: u8, buffer: *mut *const u8, buffer_len: *mut u32,
|
|
|
|
|
) -> bool {
|
|
|
|
|
let tx = cast_pointer!(tx, SIPTransaction);
|
|
|
|
|
let sdp_option = match direction.into() {
|
|
|
|
|
Direction::ToServer => tx.request.as_ref().and_then(|req| req.body.as_ref()),
|
|
|
|
|
Direction::ToClient => tx.response.as_ref().and_then(|resp| resp.body.as_ref()),
|
|
|
|
|
};
|
|
|
|
|
if let Some(sdp) = sdp_option {
|
|
|
|
|
if let Some(k) = &sdp.encryption_key {
|
|
|
|
|
*buffer = k.as_ptr();
|
|
|
|
|
*buffer_len = k.len() as u32;
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
*buffer = ptr::null();
|
|
|
|
|
*buffer_len = 0;
|
|
|
|
|
false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[no_mangle]
|
|
|
|
|
pub unsafe extern "C" fn ScDetectSdpRegister() {
|
|
|
|
|
let kw = SCSigTableElmt {
|
|
|
|
|
@ -777,4 +825,23 @@ pub unsafe extern "C" fn ScDetectSdpRegister() {
|
|
|
|
|
true,
|
|
|
|
|
sdp_timezone_get,
|
|
|
|
|
);
|
|
|
|
|
let kw = SCSigTableElmt {
|
|
|
|
|
name: b"sdp.encryption_key\0".as_ptr() as *const libc::c_char,
|
|
|
|
|
desc: b"sticky buffer to match on the SDP encryption key field\0".as_ptr()
|
|
|
|
|
as *const libc::c_char,
|
|
|
|
|
url: b"/rules/sdp-keywords.html#encryption-key\0".as_ptr() as *const libc::c_char,
|
|
|
|
|
Setup: sdp_encryption_key_setup,
|
|
|
|
|
flags: SIGMATCH_NOOPT,
|
|
|
|
|
AppLayerTxMatch: None,
|
|
|
|
|
Free: None,
|
|
|
|
|
};
|
|
|
|
|
let _ = DetectHelperKeywordRegister(&kw);
|
|
|
|
|
G_SDP_ENCRYPTION_KEY_BUFFER_ID = DetectHelperBufferMpmRegister(
|
|
|
|
|
b"sdp.encryption_key\0".as_ptr() as *const libc::c_char,
|
|
|
|
|
b"sdp.encription_key\0".as_ptr() as *const libc::c_char,
|
|
|
|
|
ALPROTO_SIP,
|
|
|
|
|
true,
|
|
|
|
|
true,
|
|
|
|
|
sdp_encryption_key_get,
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
Giuseppe Longo
10 months ago
committed by
Victor Julien