From fcac063cfe29cd0e85d32497c37ef9bc191298cc Mon Sep 17 00:00:00 2001
From: Philippe Antoine <pantoine@oisf.net>
Date: Tue, 15 Apr 2025 14:28:51 +0200
Subject: [PATCH] ssh: make hooks available

Allows signature like `alert ssh:request_banner_done`
---
 rust/src/ssh/ssh.rs | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/rust/src/ssh/ssh.rs b/rust/src/ssh/ssh.rs
index a4b7b22463..7c25dd2b69 100644
--- a/rust/src/ssh/ssh.rs
+++ b/rust/src/ssh/ssh.rs
@@ -64,7 +64,8 @@ pub enum SSHEvent {
 }
 
 #[repr(u8)]
-#[derive(Copy, Clone, PartialOrd, PartialEq, Eq)]
+#[derive(AppLayerState, Copy, Clone, PartialOrd, PartialEq, Eq)]
+#[suricata(alstate_strip_prefix = "SshState")]
 pub enum SSHConnectionState {
     SshStateInProgress = 0,
     SshStateBannerWaitEol = 1,
@@ -552,8 +553,8 @@ pub unsafe extern "C" fn SCRegisterSshParser() {
         flags: 0,
         get_frame_id_by_name: Some(SshFrameType::ffi_id_from_name),
         get_frame_name_by_id: Some(SshFrameType::ffi_name_from_id),
-        get_state_id_by_name: None,
-        get_state_name_by_id: None,
+        get_state_id_by_name: Some(SSHConnectionState::ffi_id_from_name),
+        get_state_name_by_id: Some(SSHConnectionState::ffi_name_from_id),
     };
 
     let ip_proto_str = CString::new("tcp").unwrap();