1 /*
2 * General protocol-agnostic payload-based sample fetches and ACLs
3 *
4 * Copyright 2000-2013 Willy Tarreau <w@1wt.eu>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
13 #include <stdlib.h>
14 #include <string.h>
15
16 #include <common/initcall.h>
17 #include <common/net_helper.h>
18 #include <common/htx.h>
19 #include <proto/acl.h>
20 #include <proto/arg.h>
21 #include <proto/channel.h>
22 #include <proto/pattern.h>
23 #include <proto/payload.h>
24 #include <proto/sample.h>
25 #include <proto/http_ana.h>
26
27
28 /************************************************************************/
29 /* All supported sample fetch functions must be declared here */
30 /************************************************************************/
31
32 /* wait for more data as long as possible, then return TRUE. This should be
33 * used with content inspection.
34 */
35 static int
smp_fetch_wait_end(const struct arg * args,struct sample * smp,const char * kw,void * private)36 smp_fetch_wait_end(const struct arg *args, struct sample *smp, const char *kw, void *private)
37 {
38 if (!(smp->opt & SMP_OPT_FINAL)) {
39 smp->flags |= SMP_F_MAY_CHANGE;
40 return 0;
41 }
42 smp->data.type = SMP_T_BOOL;
43 smp->data.u.sint = 1;
44 return 1;
45 }
46
47 /* return the number of bytes in the request buffer */
48 static int
smp_fetch_len(const struct arg * args,struct sample * smp,const char * kw,void * private)49 smp_fetch_len(const struct arg *args, struct sample *smp, const char *kw, void *private)
50 {
51 struct channel *chn;
52
53 if (!smp->strm)
54 return 0;
55
56 chn = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &smp->strm->res : &smp->strm->req;
57 smp->data.type = SMP_T_SINT;
58 if (IS_HTX_STRM(smp->strm)) {
59 struct htx *htx = htxbuf(&chn->buf);
60 smp->data.u.sint = htx->data - co_data(chn);
61 }
62 else
63 smp->data.u.sint = ci_data(chn);
64 smp->flags = SMP_F_VOLATILE | SMP_F_MAY_CHANGE;
65 return 1;
66 }
67
68 /* Returns 0 if the client didn't send a SessionTicket Extension
69 * Returns 1 if the client sent SessionTicket Extension
70 * Returns 2 if the client also sent non-zero length SessionTicket
71 * Returns SMP_T_SINT data type
72 */
73 static int
smp_fetch_req_ssl_st_ext(const struct arg * args,struct sample * smp,const char * kw,void * private)74 smp_fetch_req_ssl_st_ext(const struct arg *args, struct sample *smp, const char *kw, void *private)
75 {
76 int hs_len, ext_len, bleft;
77 struct channel *chn;
78 unsigned char *data;
79
80 if (!smp->strm)
81 goto not_ssl_hello;
82
83 chn = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &smp->strm->res : &smp->strm->req;
84 bleft = ci_data(chn);
85 data = (unsigned char *)ci_head(chn);
86
87 /* Check for SSL/TLS Handshake */
88 if (!bleft)
89 goto too_short;
90 if (*data != 0x16)
91 goto not_ssl_hello;
92
93 /* Check for SSLv3 or later (SSL version >= 3.0) in the record layer*/
94 if (bleft < 3)
95 goto too_short;
96 if (data[1] < 0x03)
97 goto not_ssl_hello;
98
99 if (bleft < 5)
100 goto too_short;
101 hs_len = (data[3] << 8) + data[4];
102 if (hs_len < 1 + 3 + 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
103 goto not_ssl_hello; /* too short to have an extension */
104
105 data += 5; /* enter TLS handshake */
106 bleft -= 5;
107
108 /* Check for a complete client hello starting at <data> */
109 if (bleft < 1)
110 goto too_short;
111 if (data[0] != 0x01) /* msg_type = Client Hello */
112 goto not_ssl_hello;
113
114 /* Check the Hello's length */
115 if (bleft < 4)
116 goto too_short;
117 hs_len = (data[1] << 16) + (data[2] << 8) + data[3];
118 if (hs_len < 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
119 goto not_ssl_hello; /* too short to have an extension */
120
121 /* We want the full handshake here */
122 if (bleft < hs_len)
123 goto too_short;
124
125 data += 4;
126 /* Start of the ClientHello message */
127 if (data[0] < 0x03 || data[1] < 0x01) /* TLSv1 minimum */
128 goto not_ssl_hello;
129
130 ext_len = data[34]; /* session_id_len */
131 if (ext_len > 32 || ext_len > (hs_len - 35)) /* check for correct session_id len */
132 goto not_ssl_hello;
133
134 /* Jump to cipher suite */
135 hs_len -= 35 + ext_len;
136 data += 35 + ext_len;
137
138 if (hs_len < 4 || /* minimum one cipher */
139 (ext_len = (data[0] << 8) + data[1]) < 2 || /* minimum 2 bytes for a cipher */
140 ext_len > hs_len)
141 goto not_ssl_hello;
142
143 /* Jump to the compression methods */
144 hs_len -= 2 + ext_len;
145 data += 2 + ext_len;
146
147 if (hs_len < 2 || /* minimum one compression method */
148 data[0] < 1 || data[0] > hs_len) /* minimum 1 bytes for a method */
149 goto not_ssl_hello;
150
151 /* Jump to the extensions */
152 hs_len -= 1 + data[0];
153 data += 1 + data[0];
154
155 if (hs_len < 2 || /* minimum one extension list length */
156 (ext_len = (data[0] << 8) + data[1]) > hs_len - 2) /* list too long */
157 goto not_ssl_hello;
158
159 hs_len = ext_len; /* limit ourselves to the extension length */
160 data += 2;
161
162 while (hs_len >= 4) {
163 int ext_type, ext_len;
164
165 ext_type = (data[0] << 8) + data[1];
166 ext_len = (data[2] << 8) + data[3];
167
168 if (ext_len > hs_len - 4) /* Extension too long */
169 goto not_ssl_hello;
170
171 /* SesstionTicket extension */
172 if (ext_type == 35) {
173 smp->data.type = SMP_T_SINT;
174 /* SessionTicket also present */
175 if (ext_len > 0)
176 smp->data.u.sint = 2;
177 /* SessionTicket absent */
178 else
179 smp->data.u.sint = 1;
180 smp->flags = SMP_F_VOLATILE;
181 return 1;
182 }
183
184 hs_len -= 4 + ext_len;
185 data += 4 + ext_len;
186 }
187 /* SessionTicket Extension not found */
188 smp->data.type = SMP_T_SINT;
189 smp->data.u.sint = 0;
190 smp->flags = SMP_F_VOLATILE;
191 return 1;
192
193 too_short:
194 smp->flags = SMP_F_MAY_CHANGE;
195
196 not_ssl_hello:
197 return 0;
198 }
199
200 /* Returns TRUE if the client sent Supported Elliptic Curves Extension (0x000a)
201 * Mainly used to detect if client supports ECC cipher suites.
202 */
203 static int
smp_fetch_req_ssl_ec_ext(const struct arg * args,struct sample * smp,const char * kw,void * private)204 smp_fetch_req_ssl_ec_ext(const struct arg *args, struct sample *smp, const char *kw, void *private)
205 {
206 int hs_len, ext_len, bleft;
207 struct channel *chn;
208 unsigned char *data;
209
210 if (!smp->strm)
211 goto not_ssl_hello;
212
213 chn = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &smp->strm->res : &smp->strm->req;
214 bleft = ci_data(chn);
215 data = (unsigned char *)ci_head(chn);
216
217 /* Check for SSL/TLS Handshake */
218 if (!bleft)
219 goto too_short;
220 if (*data != 0x16)
221 goto not_ssl_hello;
222
223 /* Check for SSLv3 or later (SSL version >= 3.0) in the record layer*/
224 if (bleft < 3)
225 goto too_short;
226 if (data[1] < 0x03)
227 goto not_ssl_hello;
228
229 if (bleft < 5)
230 goto too_short;
231 hs_len = (data[3] << 8) + data[4];
232 if (hs_len < 1 + 3 + 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
233 goto not_ssl_hello; /* too short to have an extension */
234
235 data += 5; /* enter TLS handshake */
236 bleft -= 5;
237
238 /* Check for a complete client hello starting at <data> */
239 if (bleft < 1)
240 goto too_short;
241 if (data[0] != 0x01) /* msg_type = Client Hello */
242 goto not_ssl_hello;
243
244 /* Check the Hello's length */
245 if (bleft < 4)
246 goto too_short;
247 hs_len = (data[1] << 16) + (data[2] << 8) + data[3];
248 if (hs_len < 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
249 goto not_ssl_hello; /* too short to have an extension */
250
251 /* We want the full handshake here */
252 if (bleft < hs_len)
253 goto too_short;
254
255 data += 4;
256 /* Start of the ClientHello message */
257 if (data[0] < 0x03 || data[1] < 0x01) /* TLSv1 minimum */
258 goto not_ssl_hello;
259
260 ext_len = data[34]; /* session_id_len */
261 if (ext_len > 32 || ext_len > (hs_len - 35)) /* check for correct session_id len */
262 goto not_ssl_hello;
263
264 /* Jump to cipher suite */
265 hs_len -= 35 + ext_len;
266 data += 35 + ext_len;
267
268 if (hs_len < 4 || /* minimum one cipher */
269 (ext_len = (data[0] << 8) + data[1]) < 2 || /* minimum 2 bytes for a cipher */
270 ext_len > hs_len)
271 goto not_ssl_hello;
272
273 /* Jump to the compression methods */
274 hs_len -= 2 + ext_len;
275 data += 2 + ext_len;
276
277 if (hs_len < 2 || /* minimum one compression method */
278 data[0] < 1 || data[0] > hs_len) /* minimum 1 bytes for a method */
279 goto not_ssl_hello;
280
281 /* Jump to the extensions */
282 hs_len -= 1 + data[0];
283 data += 1 + data[0];
284
285 if (hs_len < 2 || /* minimum one extension list length */
286 (ext_len = (data[0] << 8) + data[1]) > hs_len - 2) /* list too long */
287 goto not_ssl_hello;
288
289 hs_len = ext_len; /* limit ourselves to the extension length */
290 data += 2;
291
292 while (hs_len >= 4) {
293 int ext_type, ext_len;
294
295 ext_type = (data[0] << 8) + data[1];
296 ext_len = (data[2] << 8) + data[3];
297
298 if (ext_len > hs_len - 4) /* Extension too long */
299 goto not_ssl_hello;
300
301 /* Elliptic curves extension */
302 if (ext_type == 10) {
303 smp->data.type = SMP_T_BOOL;
304 smp->data.u.sint = 1;
305 smp->flags = SMP_F_VOLATILE;
306 return 1;
307 }
308
309 hs_len -= 4 + ext_len;
310 data += 4 + ext_len;
311 }
312 /* server name not found */
313 goto not_ssl_hello;
314
315 too_short:
316 smp->flags = SMP_F_MAY_CHANGE;
317
318 not_ssl_hello:
319
320 return 0;
321 }
322 /* returns the type of SSL hello message (mainly used to detect an SSL hello) */
323 static int
smp_fetch_ssl_hello_type(const struct arg * args,struct sample * smp,const char * kw,void * private)324 smp_fetch_ssl_hello_type(const struct arg *args, struct sample *smp, const char *kw, void *private)
325 {
326 int hs_len;
327 int hs_type, bleft;
328 struct channel *chn;
329 const unsigned char *data;
330
331 if (!smp->strm)
332 goto not_ssl_hello;
333
334 chn = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &smp->strm->res : &smp->strm->req;
335 bleft = ci_data(chn);
336 data = (const unsigned char *)ci_head(chn);
337
338 if (!bleft)
339 goto too_short;
340
341 if ((*data >= 0x14 && *data <= 0x17) || (*data == 0xFF)) {
342 /* SSLv3 header format */
343 if (bleft < 9)
344 goto too_short;
345
346 /* ssl version 3 */
347 if ((data[1] << 16) + data[2] < 0x00030000)
348 goto not_ssl_hello;
349
350 /* ssl message len must present handshake type and len */
351 if ((data[3] << 8) + data[4] < 4)
352 goto not_ssl_hello;
353
354 /* format introduced with SSLv3 */
355
356 hs_type = (int)data[5];
357 hs_len = ( data[6] << 16 ) + ( data[7] << 8 ) + data[8];
358
359 /* not a full handshake */
360 if (bleft < (9 + hs_len))
361 goto too_short;
362
363 }
364 else {
365 goto not_ssl_hello;
366 }
367
368 smp->data.type = SMP_T_SINT;
369 smp->data.u.sint = hs_type;
370 smp->flags = SMP_F_VOLATILE;
371
372 return 1;
373
374 too_short:
375 smp->flags = SMP_F_MAY_CHANGE;
376
377 not_ssl_hello:
378
379 return 0;
380 }
381
382 /* Return the version of the SSL protocol in the request. It supports both
383 * SSLv3 (TLSv1) header format for any message, and SSLv2 header format for
384 * the hello message. The SSLv3 format is described in RFC 2246 p49, and the
385 * SSLv2 format is described here, and completed p67 of RFC 2246 :
386 * http://wp.netscape.com/eng/security/SSL_2.html
387 *
388 * Note: this decoder only works with non-wrapping data.
389 */
390 static int
smp_fetch_req_ssl_ver(const struct arg * args,struct sample * smp,const char * kw,void * private)391 smp_fetch_req_ssl_ver(const struct arg *args, struct sample *smp, const char *kw, void *private)
392 {
393 int version, bleft, msg_len;
394 const unsigned char *data;
395 struct channel *req;
396
397 if (!smp->strm)
398 return 0;
399
400 req = &smp->strm->req;
401 msg_len = 0;
402 bleft = ci_data(req);
403 if (!bleft)
404 goto too_short;
405
406 data = (const unsigned char *)ci_head(req);
407 if ((*data >= 0x14 && *data <= 0x17) || (*data == 0xFF)) {
408 /* SSLv3 header format */
409 if (bleft < 11)
410 goto too_short;
411
412 version = (data[1] << 16) + data[2]; /* record layer version: major, minor */
413 msg_len = (data[3] << 8) + data[4]; /* record length */
414
415 /* format introduced with SSLv3 */
416 if (version < 0x00030000)
417 goto not_ssl;
418
419 /* message length between 6 and 2^14 + 2048 */
420 if (msg_len < 6 || msg_len > ((1<<14) + 2048))
421 goto not_ssl;
422
423 bleft -= 5; data += 5;
424
425 /* return the client hello client version, not the record layer version */
426 version = (data[4] << 16) + data[5]; /* client hello version: major, minor */
427 } else {
428 /* SSLv2 header format, only supported for hello (msg type 1) */
429 int rlen, plen, cilen, silen, chlen;
430
431 if (*data & 0x80) {
432 if (bleft < 3)
433 goto too_short;
434 /* short header format : 15 bits for length */
435 rlen = ((data[0] & 0x7F) << 8) | data[1];
436 plen = 0;
437 bleft -= 2; data += 2;
438 } else {
439 if (bleft < 4)
440 goto too_short;
441 /* long header format : 14 bits for length + pad length */
442 rlen = ((data[0] & 0x3F) << 8) | data[1];
443 plen = data[2];
444 bleft -= 3; data += 3;
445 }
446
447 if (*data != 0x01)
448 goto not_ssl;
449 bleft--; data++;
450
451 if (bleft < 8)
452 goto too_short;
453 version = (data[0] << 16) + data[1]; /* version: major, minor */
454 cilen = (data[2] << 8) + data[3]; /* cipher len, multiple of 3 */
455 silen = (data[4] << 8) + data[5]; /* session_id_len: 0 or 16 */
456 chlen = (data[6] << 8) + data[7]; /* 16<=challenge length<=32 */
457
458 bleft -= 8; data += 8;
459 if (cilen % 3 != 0)
460 goto not_ssl;
461 if (silen && silen != 16)
462 goto not_ssl;
463 if (chlen < 16 || chlen > 32)
464 goto not_ssl;
465 if (rlen != 9 + cilen + silen + chlen)
466 goto not_ssl;
467
468 /* focus on the remaining data length */
469 msg_len = cilen + silen + chlen + plen;
470 }
471 /* We could recursively check that the buffer ends exactly on an SSL
472 * fragment boundary and that a possible next segment is still SSL,
473 * but that's a bit pointless. However, we could still check that
474 * all the part of the request which fits in a buffer is already
475 * there.
476 */
477 if (msg_len > channel_recv_limit(req) + b_orig(&req->buf) - ci_head(req))
478 msg_len = channel_recv_limit(req) + b_orig(&req->buf) - ci_head(req);
479
480 if (bleft < msg_len)
481 goto too_short;
482
483 /* OK that's enough. We have at least the whole message, and we have
484 * the protocol version.
485 */
486 smp->data.type = SMP_T_SINT;
487 smp->data.u.sint = version;
488 smp->flags = SMP_F_VOLATILE;
489 return 1;
490
491 too_short:
492 smp->flags = SMP_F_MAY_CHANGE;
493 not_ssl:
494 return 0;
495 }
496
497 /* Try to extract the Server Name Indication that may be presented in a TLS
498 * client hello handshake message. The format of the message is the following
499 * (cf RFC5246 + RFC6066) :
500 * TLS frame :
501 * - uint8 type = 0x16 (Handshake)
502 * - uint16 version >= 0x0301 (TLSv1)
503 * - uint16 length (frame length)
504 * - TLS handshake :
505 * - uint8 msg_type = 0x01 (ClientHello)
506 * - uint24 length (handshake message length)
507 * - ClientHello :
508 * - uint16 client_version >= 0x0301 (TLSv1)
509 * - uint8 Random[32] (4 first ones are timestamp)
510 * - SessionID :
511 * - uint8 session_id_len (0..32) (SessionID len in bytes)
512 * - uint8 session_id[session_id_len]
513 * - CipherSuite :
514 * - uint16 cipher_len >= 2 (Cipher length in bytes)
515 * - uint16 ciphers[cipher_len/2]
516 * - CompressionMethod :
517 * - uint8 compression_len >= 1 (# of supported methods)
518 * - uint8 compression_methods[compression_len]
519 * - optional client_extension_len (in bytes)
520 * - optional sequence of ClientHelloExtensions (as many bytes as above):
521 * - uint16 extension_type = 0 for server_name
522 * - uint16 extension_len
523 * - opaque extension_data[extension_len]
524 * - uint16 server_name_list_len (# of bytes here)
525 * - opaque server_names[server_name_list_len bytes]
526 * - uint8 name_type = 0 for host_name
527 * - uint16 name_len
528 * - opaque hostname[name_len bytes]
529 */
530 static int
smp_fetch_ssl_hello_sni(const struct arg * args,struct sample * smp,const char * kw,void * private)531 smp_fetch_ssl_hello_sni(const struct arg *args, struct sample *smp, const char *kw, void *private)
532 {
533 int hs_len, ext_len, bleft;
534 struct channel *chn;
535 unsigned char *data;
536
537 if (!smp->strm)
538 goto not_ssl_hello;
539
540 chn = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &smp->strm->res : &smp->strm->req;
541 bleft = ci_data(chn);
542 data = (unsigned char *)ci_head(chn);
543
544 /* Check for SSL/TLS Handshake */
545 if (!bleft)
546 goto too_short;
547 if (*data != 0x16)
548 goto not_ssl_hello;
549
550 /* Check for SSLv3 or later (SSL version >= 3.0) in the record layer*/
551 if (bleft < 3)
552 goto too_short;
553 if (data[1] < 0x03)
554 goto not_ssl_hello;
555
556 if (bleft < 5)
557 goto too_short;
558 hs_len = (data[3] << 8) + data[4];
559 if (hs_len < 1 + 3 + 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
560 goto not_ssl_hello; /* too short to have an extension */
561
562 data += 5; /* enter TLS handshake */
563 bleft -= 5;
564
565 /* Check for a complete client hello starting at <data> */
566 if (bleft < 1)
567 goto too_short;
568 if (data[0] != 0x01) /* msg_type = Client Hello */
569 goto not_ssl_hello;
570
571 /* Check the Hello's length */
572 if (bleft < 4)
573 goto too_short;
574 hs_len = (data[1] << 16) + (data[2] << 8) + data[3];
575 if (hs_len < 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
576 goto not_ssl_hello; /* too short to have an extension */
577
578 /* We want the full handshake here */
579 if (bleft < hs_len)
580 goto too_short;
581
582 data += 4;
583 /* Start of the ClientHello message */
584 if (data[0] < 0x03 || data[1] < 0x01) /* TLSv1 minimum */
585 goto not_ssl_hello;
586
587 ext_len = data[34]; /* session_id_len */
588 if (ext_len > 32 || ext_len > (hs_len - 35)) /* check for correct session_id len */
589 goto not_ssl_hello;
590
591 /* Jump to cipher suite */
592 hs_len -= 35 + ext_len;
593 data += 35 + ext_len;
594
595 if (hs_len < 4 || /* minimum one cipher */
596 (ext_len = (data[0] << 8) + data[1]) < 2 || /* minimum 2 bytes for a cipher */
597 ext_len > hs_len)
598 goto not_ssl_hello;
599
600 /* Jump to the compression methods */
601 hs_len -= 2 + ext_len;
602 data += 2 + ext_len;
603
604 if (hs_len < 2 || /* minimum one compression method */
605 data[0] < 1 || data[0] > hs_len) /* minimum 1 bytes for a method */
606 goto not_ssl_hello;
607
608 /* Jump to the extensions */
609 hs_len -= 1 + data[0];
610 data += 1 + data[0];
611
612 if (hs_len < 2 || /* minimum one extension list length */
613 (ext_len = (data[0] << 8) + data[1]) > hs_len - 2) /* list too long */
614 goto not_ssl_hello;
615
616 hs_len = ext_len; /* limit ourselves to the extension length */
617 data += 2;
618
619 while (hs_len >= 4) {
620 int ext_type, name_type, srv_len, name_len;
621
622 ext_type = (data[0] << 8) + data[1];
623 ext_len = (data[2] << 8) + data[3];
624
625 if (ext_len > hs_len - 4) /* Extension too long */
626 goto not_ssl_hello;
627
628 if (ext_type == 0) { /* Server name */
629 if (ext_len < 2) /* need one list length */
630 goto not_ssl_hello;
631
632 srv_len = (data[4] << 8) + data[5];
633 if (srv_len < 4 || srv_len > hs_len - 6)
634 goto not_ssl_hello; /* at least 4 bytes per server name */
635
636 name_type = data[6];
637 name_len = (data[7] << 8) + data[8];
638
639 if (name_type == 0) { /* hostname */
640 smp->data.type = SMP_T_STR;
641 smp->data.u.str.area = (char *)data + 9;
642 smp->data.u.str.data = name_len;
643 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
644 return 1;
645 }
646 }
647
648 hs_len -= 4 + ext_len;
649 data += 4 + ext_len;
650 }
651 /* server name not found */
652 goto not_ssl_hello;
653
654 too_short:
655 smp->flags = SMP_F_MAY_CHANGE;
656
657 not_ssl_hello:
658
659 return 0;
660 }
661
662 /* Try to extract the Application-Layer Protocol Negotiation (ALPN) protocol
663 * names that may be presented in a TLS client hello handshake message. As the
664 * message presents a list of protocol names in descending order of preference,
665 * it may return iteratively. The format of the message is the following
666 * (cf RFC5246 + RFC7301) :
667 * TLS frame :
668 * - uint8 type = 0x16 (Handshake)
669 * - uint16 version >= 0x0301 (TLSv1)
670 * - uint16 length (frame length)
671 * - TLS handshake :
672 * - uint8 msg_type = 0x01 (ClientHello)
673 * - uint24 length (handshake message length)
674 * - ClientHello :
675 * - uint16 client_version >= 0x0301 (TLSv1)
676 * - uint8 Random[32] (4 first ones are timestamp)
677 * - SessionID :
678 * - uint8 session_id_len (0..32) (SessionID len in bytes)
679 * - uint8 session_id[session_id_len]
680 * - CipherSuite :
681 * - uint16 cipher_len >= 2 (Cipher length in bytes)
682 * - uint16 ciphers[cipher_len/2]
683 * - CompressionMethod :
684 * - uint8 compression_len >= 1 (# of supported methods)
685 * - uint8 compression_methods[compression_len]
686 * - optional client_extension_len (in bytes)
687 * - optional sequence of ClientHelloExtensions (as many bytes as above):
688 * - uint16 extension_type = 16 for application_layer_protocol_negotiation
689 * - uint16 extension_len
690 * - opaque extension_data[extension_len]
691 * - uint16 protocol_names_len (# of bytes here)
692 * - opaque protocol_names[protocol_names_len bytes]
693 * - uint8 name_len
694 * - opaque protocol_name[name_len bytes]
695 */
696 static int
smp_fetch_ssl_hello_alpn(const struct arg * args,struct sample * smp,const char * kw,void * private)697 smp_fetch_ssl_hello_alpn(const struct arg *args, struct sample *smp, const char *kw, void *private)
698 {
699 int hs_len, ext_len, bleft;
700 struct channel *chn;
701 unsigned char *data;
702
703 if (!smp->strm)
704 goto not_ssl_hello;
705
706 chn = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &smp->strm->res : &smp->strm->req;
707 bleft = ci_data(chn);
708 data = (unsigned char *)ci_head(chn);
709
710 /* Check for SSL/TLS Handshake */
711 if (!bleft)
712 goto too_short;
713 if (*data != 0x16)
714 goto not_ssl_hello;
715
716 /* Check for SSLv3 or later (SSL version >= 3.0) in the record layer*/
717 if (bleft < 3)
718 goto too_short;
719 if (data[1] < 0x03)
720 goto not_ssl_hello;
721
722 if (bleft < 5)
723 goto too_short;
724 hs_len = (data[3] << 8) + data[4];
725 if (hs_len < 1 + 3 + 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
726 goto not_ssl_hello; /* too short to have an extension */
727
728 data += 5; /* enter TLS handshake */
729 bleft -= 5;
730
731 /* Check for a complete client hello starting at <data> */
732 if (bleft < 1)
733 goto too_short;
734 if (data[0] != 0x01) /* msg_type = Client Hello */
735 goto not_ssl_hello;
736
737 /* Check the Hello's length */
738 if (bleft < 4)
739 goto too_short;
740 hs_len = (data[1] << 16) + (data[2] << 8) + data[3];
741 if (hs_len < 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
742 goto not_ssl_hello; /* too short to have an extension */
743
744 /* We want the full handshake here */
745 if (bleft < hs_len)
746 goto too_short;
747
748 data += 4;
749 /* Start of the ClientHello message */
750 if (data[0] < 0x03 || data[1] < 0x01) /* TLSv1 minimum */
751 goto not_ssl_hello;
752
753 ext_len = data[34]; /* session_id_len */
754 if (ext_len > 32 || ext_len > (hs_len - 35)) /* check for correct session_id len */
755 goto not_ssl_hello;
756
757 /* Jump to cipher suite */
758 hs_len -= 35 + ext_len;
759 data += 35 + ext_len;
760
761 if (hs_len < 4 || /* minimum one cipher */
762 (ext_len = (data[0] << 8) + data[1]) < 2 || /* minimum 2 bytes for a cipher */
763 ext_len > hs_len)
764 goto not_ssl_hello;
765
766 /* Jump to the compression methods */
767 hs_len -= 2 + ext_len;
768 data += 2 + ext_len;
769
770 if (hs_len < 2 || /* minimum one compression method */
771 data[0] < 1 || data[0] > hs_len) /* minimum 1 bytes for a method */
772 goto not_ssl_hello;
773
774 /* Jump to the extensions */
775 hs_len -= 1 + data[0];
776 data += 1 + data[0];
777
778 if (hs_len < 2 || /* minimum one extension list length */
779 (ext_len = (data[0] << 8) + data[1]) > hs_len - 2) /* list too long */
780 goto not_ssl_hello;
781
782 hs_len = ext_len; /* limit ourselves to the extension length */
783 data += 2;
784
785 while (hs_len >= 4) {
786 int ext_type, name_len, name_offset;
787
788 ext_type = (data[0] << 8) + data[1];
789 ext_len = (data[2] << 8) + data[3];
790
791 if (ext_len > hs_len - 4) /* Extension too long */
792 goto not_ssl_hello;
793
794 if (ext_type == 16) { /* ALPN */
795 if (ext_len < 3) /* one list length [uint16] + at least one name length [uint8] */
796 goto not_ssl_hello;
797
798 /* Name cursor in ctx, must begin after protocol_names_len */
799 name_offset = smp->ctx.i < 6 ? 6 : smp->ctx.i;
800 name_len = data[name_offset];
801
802 if (name_len + name_offset - 3 > ext_len)
803 goto not_ssl_hello;
804
805 smp->data.type = SMP_T_STR;
806 smp->data.u.str.area = (char *)data + name_offset + 1; /* +1 to skip name_len */
807 smp->data.u.str.data = name_len;
808 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
809
810 /* May have more protocol names remaining */
811 if (name_len + name_offset - 3 < ext_len) {
812 smp->ctx.i = name_offset + name_len + 1;
813 smp->flags |= SMP_F_NOT_LAST;
814 }
815
816 return 1;
817 }
818
819 hs_len -= 4 + ext_len;
820 data += 4 + ext_len;
821 }
822 /* alpn not found */
823 goto not_ssl_hello;
824
825 too_short:
826 smp->flags = SMP_F_MAY_CHANGE;
827
828 not_ssl_hello:
829
830 return 0;
831 }
832
833 /* Fetch the request RDP cookie identified in <cname>:<clen>, or any cookie if
834 * <clen> is empty (cname is then ignored). It returns the data into sample <smp>
835 * of type SMP_T_CSTR. Note: this decoder only works with non-wrapping data.
836 */
837 int
fetch_rdp_cookie_name(struct stream * s,struct sample * smp,const char * cname,int clen)838 fetch_rdp_cookie_name(struct stream *s, struct sample *smp, const char *cname, int clen)
839 {
840 int bleft;
841 const unsigned char *data;
842
843 smp->flags = SMP_F_CONST;
844 smp->data.type = SMP_T_STR;
845
846 bleft = ci_data(&s->req);
847 if (bleft <= 11)
848 goto too_short;
849
850 data = (const unsigned char *)ci_head(&s->req) + 11;
851 bleft -= 11;
852
853 if (bleft <= 7)
854 goto too_short;
855
856 if (strncasecmp((const char *)data, "Cookie:", 7) != 0)
857 goto not_cookie;
858
859 data += 7;
860 bleft -= 7;
861
862 while (bleft > 0 && *data == ' ') {
863 data++;
864 bleft--;
865 }
866
867 if (clen) {
868 if (bleft <= clen)
869 goto too_short;
870
871 if ((data[clen] != '=') ||
872 strncasecmp(cname, (const char *)data, clen) != 0)
873 goto not_cookie;
874
875 data += clen + 1;
876 bleft -= clen + 1;
877 } else {
878 while (bleft > 0 && *data != '=') {
879 if (*data == '\r' || *data == '\n')
880 goto not_cookie;
881 data++;
882 bleft--;
883 }
884
885 if (bleft < 1)
886 goto too_short;
887
888 if (*data != '=')
889 goto not_cookie;
890
891 data++;
892 bleft--;
893 }
894
895 /* data points to cookie value */
896 smp->data.u.str.area = (char *)data;
897 smp->data.u.str.data = 0;
898
899 while (bleft > 0 && *data != '\r') {
900 data++;
901 bleft--;
902 }
903
904 if (bleft < 2)
905 goto too_short;
906
907 if (data[0] != '\r' || data[1] != '\n')
908 goto not_cookie;
909
910 smp->data.u.str.data = (char *)data - smp->data.u.str.area;
911 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
912 return 1;
913
914 too_short:
915 smp->flags = SMP_F_MAY_CHANGE | SMP_F_CONST;
916 not_cookie:
917 return 0;
918 }
919
920 /* Fetch the request RDP cookie identified in the args, or any cookie if no arg
921 * is passed. It is usable both for ACL and for samples. Note: this decoder
922 * only works with non-wrapping data. Accepts either 0 or 1 argument. Argument
923 * is a string (cookie name), other types will lead to undefined behaviour. The
924 * returned sample has type SMP_T_CSTR.
925 */
926 int
smp_fetch_rdp_cookie(const struct arg * args,struct sample * smp,const char * kw,void * private)927 smp_fetch_rdp_cookie(const struct arg *args, struct sample *smp, const char *kw, void *private)
928 {
929 if (!smp->strm)
930 return 0;
931
932 return fetch_rdp_cookie_name(smp->strm, smp,
933 args ? args->data.str.area : NULL,
934 args ? args->data.str.data : 0);
935 }
936
937 /* returns either 1 or 0 depending on whether an RDP cookie is found or not */
938 static int
smp_fetch_rdp_cookie_cnt(const struct arg * args,struct sample * smp,const char * kw,void * private)939 smp_fetch_rdp_cookie_cnt(const struct arg *args, struct sample *smp, const char *kw, void *private)
940 {
941 int ret;
942
943 ret = smp_fetch_rdp_cookie(args, smp, kw, private);
944
945 if (smp->flags & SMP_F_MAY_CHANGE)
946 return 0;
947
948 smp->flags = SMP_F_VOLATILE;
949 smp->data.type = SMP_T_SINT;
950 smp->data.u.sint = ret;
951 return 1;
952 }
953
954 /* extracts part of a payload with offset and length at a given position */
955 static int
smp_fetch_payload_lv(const struct arg * arg_p,struct sample * smp,const char * kw,void * private)956 smp_fetch_payload_lv(const struct arg *arg_p, struct sample *smp, const char *kw, void *private)
957 {
958 unsigned int len_offset = arg_p[0].data.sint;
959 unsigned int len_size = arg_p[1].data.sint;
960 unsigned int buf_offset;
961 unsigned int buf_size = 0;
962 struct channel *chn;
963 int i;
964
965 /* Format is (len offset, len size, buf offset) or (len offset, len size) */
966 /* by default buf offset == len offset + len size */
967 /* buf offset could be absolute or relative to len offset + len size if prefixed by + or - */
968
969 if (!smp->strm)
970 return 0;
971
972 chn = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &smp->strm->res : &smp->strm->req;
973 if (len_offset + len_size > ci_data(chn))
974 goto too_short;
975
976 for (i = 0; i < len_size; i++) {
977 buf_size = (buf_size << 8) + ((unsigned char *)ci_head(chn))[i + len_offset];
978 }
979
980 /* buf offset may be implicit, absolute or relative. If the LSB
981 * is set, then the offset is relative otherwise it is absolute.
982 */
983 buf_offset = len_offset + len_size;
984 if (arg_p[2].type == ARGT_SINT) {
985 if (arg_p[2].data.sint & 1)
986 buf_offset += arg_p[2].data.sint >> 1;
987 else
988 buf_offset = arg_p[2].data.sint >> 1;
989 }
990
991 if (!buf_size || buf_size > global.tune.bufsize || buf_offset + buf_size > global.tune.bufsize) {
992 /* will never match */
993 smp->flags = 0;
994 return 0;
995 }
996
997 if (buf_offset + buf_size > ci_data(chn))
998 goto too_short;
999
1000 /* init chunk as read only */
1001 smp->data.type = SMP_T_BIN;
1002 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
1003 chunk_initlen(&smp->data.u.str, ci_head(chn) + buf_offset, 0, buf_size);
1004 return 1;
1005
1006 too_short:
1007 smp->flags = SMP_F_MAY_CHANGE | SMP_F_CONST;
1008 return 0;
1009 }
1010
1011 /* extracts some payload at a fixed position and length */
1012 static int
smp_fetch_payload(const struct arg * arg_p,struct sample * smp,const char * kw,void * private)1013 smp_fetch_payload(const struct arg *arg_p, struct sample *smp, const char *kw, void *private)
1014 {
1015 unsigned int buf_offset = arg_p[0].data.sint;
1016 unsigned int buf_size = arg_p[1].data.sint;
1017 struct channel *chn;
1018
1019 if (!smp->strm)
1020 return 0;
1021
1022 chn = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &smp->strm->res : &smp->strm->req;
1023 if (buf_size > global.tune.bufsize || buf_offset + buf_size > global.tune.bufsize) {
1024 /* will never match */
1025 smp->flags = 0;
1026 return 0;
1027 }
1028
1029 if (buf_offset + buf_size > ci_data(chn))
1030 goto too_short;
1031
1032 /* init chunk as read only */
1033 smp->data.type = SMP_T_BIN;
1034 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
1035 chunk_initlen(&smp->data.u.str, ci_head(chn) + buf_offset, 0, buf_size ? buf_size : (ci_data(chn) - buf_offset));
1036 if (!buf_size && channel_may_recv(chn) && !channel_input_closed(chn))
1037 smp->flags |= SMP_F_MAY_CHANGE;
1038
1039 return 1;
1040
1041 too_short:
1042 smp->flags = SMP_F_MAY_CHANGE | SMP_F_CONST;
1043 return 0;
1044 }
1045
1046 /* This function is used to validate the arguments passed to a "payload_lv" fetch
1047 * keyword. This keyword allows two positive integers and an optional signed one,
1048 * with the second one being strictly positive and the third one being greater than
1049 * the opposite of the two others if negative. It is assumed that the types are
1050 * already the correct ones. Returns 0 on error, non-zero if OK. If <err_msg> is
1051 * not NULL, it will be filled with a pointer to an error message in case of
1052 * error, that the caller is responsible for freeing. The initial location must
1053 * either be freeable or NULL.
1054 *
1055 * Note that offset2 is stored with SINT type, but its not directly usable as is.
1056 * The value is contained in the 63 MSB and the LSB is used as a flag for marking
1057 * the "relative" property of the value.
1058 */
val_payload_lv(struct arg * arg,char ** err_msg)1059 int val_payload_lv(struct arg *arg, char **err_msg)
1060 {
1061 int relative = 0;
1062 const char *str;
1063
1064 if (arg[0].data.sint < 0) {
1065 memprintf(err_msg, "payload offset1 must be positive");
1066 return 0;
1067 }
1068
1069 if (!arg[1].data.sint) {
1070 memprintf(err_msg, "payload length must be > 0");
1071 return 0;
1072 }
1073
1074 if (arg[2].type == ARGT_STR && arg[2].data.str.data > 0) {
1075 if (arg[2].data.str.area[0] == '+' || arg[2].data.str.area[0] == '-')
1076 relative = 1;
1077 str = arg[2].data.str.area;
1078 arg[2].type = ARGT_SINT;
1079 arg[2].data.sint = read_int64(&str,
1080 str + arg[2].data.str.data);
1081 if (*str != '\0') {
1082 memprintf(err_msg, "payload offset2 is not a number");
1083 return 0;
1084 }
1085 if (arg[0].data.sint + arg[1].data.sint + arg[2].data.sint < 0) {
1086 memprintf(err_msg, "payload offset2 too negative");
1087 return 0;
1088 }
1089 if (relative)
1090 arg[2].data.sint = ( arg[2].data.sint << 1 ) + 1;
1091 }
1092 return 1;
1093 }
1094
1095 /* extracts the parameter value of a distcc token */
1096 static int
smp_fetch_distcc_param(const struct arg * arg_p,struct sample * smp,const char * kw,void * private)1097 smp_fetch_distcc_param(const struct arg *arg_p, struct sample *smp, const char *kw, void *private)
1098 {
1099 unsigned int match_tok = arg_p[0].data.sint;
1100 unsigned int match_occ = arg_p[1].data.sint;
1101 unsigned int token;
1102 unsigned int param;
1103 unsigned int body;
1104 unsigned int ofs;
1105 unsigned int occ;
1106 struct channel *chn;
1107 int i;
1108
1109 /* Format is (token[,occ]). occ starts at 1. */
1110
1111 if (!smp->strm)
1112 return 0;
1113
1114 chn = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &smp->strm->res : &smp->strm->req;
1115
1116 ofs = 0; occ = 0;
1117 while (1) {
1118 if (ofs + 12 > ci_data(chn)) {
1119 /* not there yet but could it at least fit ? */
1120 if (!chn->buf.size)
1121 goto too_short;
1122
1123 if (ofs + 12 <= channel_recv_limit(chn) + b_orig(&chn->buf) - ci_head(chn))
1124 goto too_short;
1125
1126 goto no_match;
1127 }
1128
1129 token = read_n32(ci_head(chn) + ofs);
1130 ofs += 4;
1131
1132 for (i = param = 0; i < 8; i++) {
1133 int c = hex2i(ci_head(chn)[ofs + i]);
1134
1135 if (c < 0)
1136 goto no_match;
1137 param = (param << 4) + c;
1138 }
1139 ofs += 8;
1140
1141 /* these tokens don't have a body */
1142 if (token != 0x41524743 /* ARGC */ && token != 0x44495354 /* DIST */ &&
1143 token != 0x4E46494C /* NFIL */ && token != 0x53544154 /* STAT */ &&
1144 token != 0x444F4E45 /* DONE */)
1145 body = param;
1146 else
1147 body = 0;
1148
1149 if (token == match_tok) {
1150 occ++;
1151 if (!match_occ || match_occ == occ) {
1152 /* found */
1153 smp->data.type = SMP_T_SINT;
1154 smp->data.u.sint = param;
1155 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
1156 return 1;
1157 }
1158 }
1159 ofs += body;
1160 }
1161
1162 too_short:
1163 smp->flags = SMP_F_MAY_CHANGE | SMP_F_CONST;
1164 return 0;
1165 no_match:
1166 /* will never match (end of buffer, or bad contents) */
1167 smp->flags = 0;
1168 return 0;
1169
1170 }
1171
1172 /* extracts the (possibly truncated) body of a distcc token */
1173 static int
smp_fetch_distcc_body(const struct arg * arg_p,struct sample * smp,const char * kw,void * private)1174 smp_fetch_distcc_body(const struct arg *arg_p, struct sample *smp, const char *kw, void *private)
1175 {
1176 unsigned int match_tok = arg_p[0].data.sint;
1177 unsigned int match_occ = arg_p[1].data.sint;
1178 unsigned int token;
1179 unsigned int param;
1180 unsigned int ofs;
1181 unsigned int occ;
1182 unsigned int body;
1183 struct channel *chn;
1184 int i;
1185
1186 /* Format is (token[,occ]). occ starts at 1. */
1187
1188 if (!smp->strm)
1189 return 0;
1190
1191 chn = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? &smp->strm->res : &smp->strm->req;
1192
1193 ofs = 0; occ = 0;
1194 while (1) {
1195 if (ofs + 12 > ci_data(chn)) {
1196 if (!chn->buf.size)
1197 goto too_short;
1198
1199 if (ofs + 12 <= channel_recv_limit(chn) + b_orig(&chn->buf) - ci_head(chn))
1200 goto too_short;
1201
1202 goto no_match;
1203 }
1204
1205 token = read_n32(ci_head(chn) + ofs);
1206 ofs += 4;
1207
1208 for (i = param = 0; i < 8; i++) {
1209 int c = hex2i(ci_head(chn)[ofs + i]);
1210
1211 if (c < 0)
1212 goto no_match;
1213 param = (param << 4) + c;
1214 }
1215 ofs += 8;
1216
1217 /* these tokens don't have a body */
1218 if (token != 0x41524743 /* ARGC */ && token != 0x44495354 /* DIST */ &&
1219 token != 0x4E46494C /* NFIL */ && token != 0x53544154 /* STAT */ &&
1220 token != 0x444F4E45 /* DONE */)
1221 body = param;
1222 else
1223 body = 0;
1224
1225 if (token == match_tok) {
1226 occ++;
1227 if (!match_occ || match_occ == occ) {
1228 /* found */
1229
1230 smp->data.type = SMP_T_BIN;
1231 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
1232
1233 if (ofs + body > ci_head(chn) - b_orig(&chn->buf) + ci_data(chn)) {
1234 /* incomplete body */
1235
1236 if (ofs + body > channel_recv_limit(chn) + b_orig(&chn->buf) - ci_head(chn)) {
1237 /* truncate it to whatever will fit */
1238 smp->flags |= SMP_F_MAY_CHANGE;
1239 body = channel_recv_limit(chn) + b_orig(&chn->buf) - ci_head(chn) - ofs;
1240 }
1241 }
1242
1243 chunk_initlen(&smp->data.u.str, ci_head(chn) + ofs, 0, body);
1244 return 1;
1245 }
1246 }
1247 ofs += body;
1248 }
1249
1250 too_short:
1251 smp->flags = SMP_F_MAY_CHANGE | SMP_F_CONST;
1252 return 0;
1253 no_match:
1254 /* will never match (end of buffer, or bad contents) */
1255 smp->flags = 0;
1256 return 0;
1257
1258 }
1259
1260 /* This function is used to validate the arguments passed to a "distcc_param" or
1261 * "distcc_body" sample fetch keyword. They take a mandatory token name of exactly
1262 * 4 characters, followed by an optional occurrence number starting at 1. It is
1263 * assumed that the types are already the correct ones. Returns 0 on error, non-
1264 * zero if OK. If <err_msg> is not NULL, it will be filled with a pointer to an
1265 * error message in case of error, that the caller is responsible for freeing.
1266 * The initial location must either be freeable or NULL.
1267 */
val_distcc(struct arg * arg,char ** err_msg)1268 int val_distcc(struct arg *arg, char **err_msg)
1269 {
1270 unsigned int token;
1271
1272 if (arg[0].data.str.data != 4) {
1273 memprintf(err_msg, "token name must be exactly 4 characters");
1274 return 0;
1275 }
1276
1277 /* convert the token name to an unsigned int (one byte per character,
1278 * big endian format).
1279 */
1280 token = (arg[0].data.str.area[0] << 24) + (arg[0].data.str.area[1] << 16) +
1281 (arg[0].data.str.area[2] << 8) + (arg[0].data.str.area[3] << 0);
1282
1283 arg[0].type = ARGT_SINT;
1284 arg[0].data.sint = token;
1285
1286 if (arg[1].type != ARGT_SINT) {
1287 arg[1].type = ARGT_SINT;
1288 arg[1].data.sint = 0;
1289 }
1290 return 1;
1291 }
1292
1293 /************************************************************************/
1294 /* All supported sample and ACL keywords must be declared here. */
1295 /************************************************************************/
1296
1297 /* Note: must not be declared <const> as its list will be overwritten.
1298 * Note: fetches that may return multiple types must be declared as the lowest
1299 * common denominator, the type that can be casted into all other ones. For
1300 * instance IPv4/IPv6 must be declared IPv4.
1301 */
1302 static struct sample_fetch_kw_list smp_kws = {ILH, {
1303 { "distcc_body", smp_fetch_distcc_body, ARG2(1,STR,SINT), val_distcc, SMP_T_BIN, SMP_USE_L6REQ|SMP_USE_L6RES },
1304 { "distcc_param", smp_fetch_distcc_param, ARG2(1,STR,SINT), val_distcc, SMP_T_SINT, SMP_USE_L6REQ|SMP_USE_L6RES },
1305 { "payload", smp_fetch_payload, ARG2(2,SINT,SINT), NULL, SMP_T_BIN, SMP_USE_L6REQ|SMP_USE_L6RES },
1306 { "payload_lv", smp_fetch_payload_lv, ARG3(2,SINT,SINT,STR), val_payload_lv, SMP_T_BIN, SMP_USE_L6REQ|SMP_USE_L6RES },
1307 { "rdp_cookie", smp_fetch_rdp_cookie, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_L6REQ },
1308 { "rdp_cookie_cnt", smp_fetch_rdp_cookie_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_L6REQ },
1309 { "rep_ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_SINT, SMP_USE_L6RES },
1310 { "req_len", smp_fetch_len, 0, NULL, SMP_T_SINT, SMP_USE_L6REQ },
1311 { "req_ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_SINT, SMP_USE_L6REQ },
1312 { "req_ssl_sni", smp_fetch_ssl_hello_sni, 0, NULL, SMP_T_STR, SMP_USE_L6REQ },
1313 { "req_ssl_ver", smp_fetch_req_ssl_ver, 0, NULL, SMP_T_SINT, SMP_USE_L6REQ },
1314
1315 { "req.len", smp_fetch_len, 0, NULL, SMP_T_SINT, SMP_USE_L6REQ },
1316 { "req.payload", smp_fetch_payload, ARG2(2,SINT,SINT), NULL, SMP_T_BIN, SMP_USE_L6REQ },
1317 { "req.payload_lv", smp_fetch_payload_lv, ARG3(2,SINT,SINT,STR), val_payload_lv, SMP_T_BIN, SMP_USE_L6REQ },
1318 { "req.rdp_cookie", smp_fetch_rdp_cookie, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_L6REQ },
1319 { "req.rdp_cookie_cnt", smp_fetch_rdp_cookie_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_L6REQ },
1320 { "req.ssl_ec_ext", smp_fetch_req_ssl_ec_ext, 0, NULL, SMP_T_BOOL, SMP_USE_L6REQ },
1321 { "req.ssl_st_ext", smp_fetch_req_ssl_st_ext, 0, NULL, SMP_T_SINT, SMP_USE_L6REQ },
1322 { "req.ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_SINT, SMP_USE_L6REQ },
1323 { "req.ssl_sni", smp_fetch_ssl_hello_sni, 0, NULL, SMP_T_STR, SMP_USE_L6REQ },
1324 { "req.ssl_alpn", smp_fetch_ssl_hello_alpn, 0, NULL, SMP_T_STR, SMP_USE_L6REQ },
1325 { "req.ssl_ver", smp_fetch_req_ssl_ver, 0, NULL, SMP_T_SINT, SMP_USE_L6REQ },
1326 { "res.len", smp_fetch_len, 0, NULL, SMP_T_SINT, SMP_USE_L6RES },
1327 { "res.payload", smp_fetch_payload, ARG2(2,SINT,SINT), NULL, SMP_T_BIN, SMP_USE_L6RES },
1328 { "res.payload_lv", smp_fetch_payload_lv, ARG3(2,SINT,SINT,STR), val_payload_lv, SMP_T_BIN, SMP_USE_L6RES },
1329 { "res.ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_SINT, SMP_USE_L6RES },
1330 { "wait_end", smp_fetch_wait_end, 0, NULL, SMP_T_BOOL, SMP_USE_INTRN },
1331 { /* END */ },
1332 }};
1333
1334 INITCALL1(STG_REGISTER, sample_register_fetches, &smp_kws);
1335
1336 /* Note: must not be declared <const> as its list will be overwritten.
1337 * Please take care of keeping this list alphabetically sorted.
1338 */
1339 static struct acl_kw_list acl_kws = {ILH, {
1340 { "payload", "req.payload", PAT_MATCH_BIN },
1341 { "payload_lv", "req.payload_lv", PAT_MATCH_BIN },
1342 { "req_rdp_cookie", "req.rdp_cookie", PAT_MATCH_STR },
1343 { "req_rdp_cookie_cnt", "req.rdp_cookie_cnt", PAT_MATCH_INT },
1344 { "req_ssl_sni", "req.ssl_sni", PAT_MATCH_STR },
1345 { "req_ssl_ver", "req.ssl_ver", PAT_MATCH_INT, pat_parse_dotted_ver },
1346 { "req.ssl_ver", "req.ssl_ver", PAT_MATCH_INT, pat_parse_dotted_ver },
1347 { /* END */ },
1348 }};
1349
1350 INITCALL1(STG_REGISTER, acl_register_keywords, &acl_kws);
1351
1352 /*
1353 * Local variables:
1354 * c-indent-level: 8
1355 * c-basic-offset: 8
1356 * End:
1357 */
1358