From 2c370a1dd70130d82e9222945ff2421a4168e640 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 19:40:14 +0200
Subject: Merging upstream version 1:7.0.4.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 rust/src/ssh/logger.rs | 10 +++++-----
 rust/src/ssh/ssh.rs    |  6 ++++--
 2 files changed, 9 insertions(+), 7 deletions(-)

(limited to 'rust/src/ssh')

diff --git a/rust/src/ssh/logger.rs b/rust/src/ssh/logger.rs
index 9bc7d7c..e83d288 100644
--- a/rust/src/ssh/logger.rs
+++ b/rust/src/ssh/logger.rs
@@ -15,7 +15,7 @@
  * 02110-1301, USA.
  */
 
-use super::ssh::SSHTransaction;
+use super::ssh::{SSHTransaction, SSH_MAX_BANNER_LEN};
 use crate::jsonbuilder::{JsonBuilder, JsonError};
 
 fn log_ssh(tx: &SSHTransaction, js: &mut JsonBuilder) -> Result<bool, JsonError> {
@@ -24,9 +24,9 @@ fn log_ssh(tx: &SSHTransaction, js: &mut JsonBuilder) -> Result<bool, JsonError>
     }
     if !tx.cli_hdr.protover.is_empty() {
         js.open_object("client")?;
-        js.set_string_from_bytes("proto_version", &tx.cli_hdr.protover)?;
+        js.set_string_from_bytes_limited("proto_version", &tx.cli_hdr.protover, SSH_MAX_BANNER_LEN)?;
         if !tx.cli_hdr.swver.is_empty() {
-            js.set_string_from_bytes("software_version", &tx.cli_hdr.swver)?;
+            js.set_string_from_bytes_limited("software_version", &tx.cli_hdr.swver, SSH_MAX_BANNER_LEN)?;
         }
         if !tx.cli_hdr.hassh.is_empty() || !tx.cli_hdr.hassh_string.is_empty() {
             js.open_object("hassh")?;
@@ -42,9 +42,9 @@ fn log_ssh(tx: &SSHTransaction, js: &mut JsonBuilder) -> Result<bool, JsonError>
     }
     if !tx.srv_hdr.protover.is_empty() {
         js.open_object("server")?;
-        js.set_string_from_bytes("proto_version", &tx.srv_hdr.protover)?;
+        js.set_string_from_bytes_limited("proto_version", &tx.srv_hdr.protover, SSH_MAX_BANNER_LEN)?;
         if !tx.srv_hdr.swver.is_empty() {
-            js.set_string_from_bytes("software_version", &tx.srv_hdr.swver)?;
+            js.set_string_from_bytes_limited("software_version", &tx.srv_hdr.swver, SSH_MAX_BANNER_LEN)?;
         }
         if !tx.srv_hdr.hassh.is_empty() || !tx.srv_hdr.hassh_string.is_empty() {
             js.open_object("hassh")?;
diff --git a/rust/src/ssh/ssh.rs b/rust/src/ssh/ssh.rs
index 6280e0b..a058689 100644
--- a/rust/src/ssh/ssh.rs
+++ b/rust/src/ssh/ssh.rs
@@ -46,7 +46,7 @@ pub enum SSHConnectionState {
     SshStateFinished = 3,
 }
 
-const SSH_MAX_BANNER_LEN: usize = 256;
+pub const SSH_MAX_BANNER_LEN: usize = 256;
 const SSH_RECORD_HEADER_LEN: usize = 6;
 const SSH_MAX_REASSEMBLED_RECORD_LEN: usize = 65535;
 
@@ -256,7 +256,9 @@ impl SSHState {
                     return r;
                 }
                 Err(Err::Incomplete(_)) => {
-                    return AppLayerResult::incomplete(0_u32, (input.len() + 1) as u32);
+                    // we do not need to retain these bytes
+                    // we parsed them, we skip them
+                    return AppLayerResult::ok();
                 }
                 Err(_e) => {
                     SCLogDebug!("SSH invalid banner {}", _e);
-- 
cgit v1.2.3