mirror of
https://github.com/zeek/zeek.git
synced 2025-10-10 02:28:21 +00:00
173 lines
4.5 KiB
C++
173 lines
4.5 KiB
C++
// See the file "COPYING" in the main distribution directory for copyright.
|
|
|
|
#ifndef nvt_h
|
|
#define nvt_h
|
|
|
|
#include "ContentLine.h"
|
|
|
|
|
|
#define TELNET_OPTION_BINARY 0
|
|
#define TELNET_OPTION_TERMINAL 24
|
|
#define TELNET_OPTION_AUTHENTICATE 37
|
|
#define TELNET_OPTION_ENCRYPT 38
|
|
#define TELNET_OPTION_ENVIRON 39
|
|
#define NUM_TELNET_OPTIONS 5
|
|
|
|
class NVT_Analyzer;
|
|
|
|
|
|
class TelnetOption {
|
|
public:
|
|
TelnetOption(NVT_Analyzer* endp, unsigned int code);
|
|
virtual ~TelnetOption() { }
|
|
|
|
// Whether we told the other side WILL/WONT/DO/DONT.
|
|
#define OPT_SAID_WILL 0x1
|
|
#define OPT_SAID_WONT 0x2
|
|
#define OPT_SAID_DO 0x4
|
|
#define OPT_SAID_DONT 0x8
|
|
|
|
unsigned int Code() const { return code; }
|
|
|
|
int IsActive() const { return active; }
|
|
|
|
int SaidWill() const { return flags & OPT_SAID_WILL; }
|
|
int SaidWont() const { return flags & OPT_SAID_WONT; }
|
|
int SaidDo() const { return flags & OPT_SAID_DO; }
|
|
int SaidDont() const { return flags & OPT_SAID_DONT; }
|
|
|
|
void SetWill() { flags |= OPT_SAID_WILL; }
|
|
void SetWont() { flags |= OPT_SAID_WONT; }
|
|
void SetDo() { flags |= OPT_SAID_DO; }
|
|
void SetDont() { flags |= OPT_SAID_DONT; }
|
|
|
|
void RecvOption(unsigned int type);
|
|
virtual void RecvSubOption(u_char* data, int len);
|
|
|
|
virtual void SetActive(int is_active);
|
|
|
|
const NVT_Analyzer* Endpoint() const { return endp; }
|
|
|
|
protected:
|
|
friend class NVT_Analyzer;
|
|
virtual void InconsistentOption(unsigned int type);
|
|
virtual void BadOption();
|
|
|
|
NVT_Analyzer* endp;
|
|
unsigned int code;
|
|
int flags;
|
|
int active;
|
|
};
|
|
|
|
class TelnetTerminalOption : public TelnetOption {
|
|
public:
|
|
TelnetTerminalOption(NVT_Analyzer* arg_endp)
|
|
: TelnetOption(arg_endp, TELNET_OPTION_TERMINAL) { }
|
|
|
|
void RecvSubOption(u_char* data, int len);
|
|
};
|
|
|
|
class TelnetEncryptOption : public TelnetOption {
|
|
public:
|
|
TelnetEncryptOption(NVT_Analyzer* arg_endp)
|
|
: TelnetOption(arg_endp, TELNET_OPTION_ENCRYPT)
|
|
{ did_encrypt_request = doing_encryption = 0; }
|
|
|
|
void RecvSubOption(u_char* data, int len);
|
|
|
|
int DidRequest() const { return did_encrypt_request; }
|
|
int DoingEncryption() const { return doing_encryption; }
|
|
|
|
protected:
|
|
friend class NVT_Analyzer;
|
|
int did_encrypt_request, doing_encryption;
|
|
};
|
|
|
|
class TelnetAuthenticateOption : public TelnetOption {
|
|
public:
|
|
TelnetAuthenticateOption(NVT_Analyzer* arg_endp)
|
|
: TelnetOption(arg_endp, TELNET_OPTION_AUTHENTICATE)
|
|
{ authentication_requested = 0; }
|
|
|
|
void RecvSubOption(u_char* data, int len);
|
|
|
|
int DidRequestAuthentication() const
|
|
{ return authentication_requested; }
|
|
|
|
protected:
|
|
friend class NVT_Analyzer;
|
|
int authentication_requested;
|
|
};
|
|
|
|
class TelnetEnvironmentOption : public TelnetOption {
|
|
public:
|
|
TelnetEnvironmentOption(NVT_Analyzer* arg_endp)
|
|
: TelnetOption(arg_endp, TELNET_OPTION_ENVIRON)
|
|
{ }
|
|
|
|
void RecvSubOption(u_char* data, int len);
|
|
|
|
protected:
|
|
char* ExtractEnv(u_char*& data, int& len, int& code);
|
|
};
|
|
|
|
class TelnetBinaryOption : public TelnetOption {
|
|
public:
|
|
TelnetBinaryOption(NVT_Analyzer* arg_endp)
|
|
: TelnetOption(arg_endp, TELNET_OPTION_BINARY)
|
|
{ }
|
|
|
|
void SetActive(int is_active);
|
|
|
|
protected:
|
|
void InconsistentOption(unsigned int type);
|
|
};
|
|
|
|
class NVT_Analyzer : public ContentLine_Analyzer {
|
|
public:
|
|
NVT_Analyzer(Connection* conn, bool orig);
|
|
~NVT_Analyzer();
|
|
|
|
TelnetOption* FindOption(unsigned int code);
|
|
TelnetOption* FindPeerOption(unsigned int code);
|
|
|
|
void SetPeer(NVT_Analyzer* arg_peer) { peer = arg_peer; }
|
|
|
|
void AuthenticationAccepted();
|
|
void AuthenticationRejected();
|
|
|
|
void SetTerminal(const u_char* terminal, int len);
|
|
void SetBinaryMode(int mode) { binary_mode = mode; }
|
|
void SetEncrypting(int mode);
|
|
void SetAuthName(char* arg_auth_name) { auth_name = arg_auth_name; }
|
|
|
|
const char* AuthName() const { return auth_name; }
|
|
int AuthenticationHasBeenAccepted() const
|
|
{ return authentication_has_been_accepted; }
|
|
|
|
protected:
|
|
void DoDeliver(int len, const u_char* data);
|
|
|
|
void ScanOption(int seq, int len, const u_char* data);
|
|
virtual void SawOption(unsigned int code);
|
|
virtual void SawOption(unsigned int code, unsigned int subcode);
|
|
virtual void SawSubOption(const char* opt, int len);
|
|
virtual void BadOptionTermination(unsigned int code);
|
|
const char* PeerAuthName() const;
|
|
|
|
NVT_Analyzer* peer;
|
|
|
|
int pending_IAC; // true if we're working on an option/IAC
|
|
int IAC_pos; // where the IAC was seen
|
|
int is_suboption; // true if current option is suboption
|
|
int last_was_IAC; // for scanning suboptions
|
|
|
|
int binary_mode, encrypting_mode;
|
|
int authentication_has_been_accepted; // if true, we accepted peer's authentication
|
|
char* auth_name;
|
|
|
|
TelnetOption* options[NUM_TELNET_OPTIONS];
|
|
int num_options;
|
|
};
|
|
|
|
#endif
|