[people/ms/suricata.git] / src / app-layer-parser.h

/* Copyright (C) 2007-2013 Open Information Security Foundation
 *
 * You can copy, redistribute or modify this Program under the terms of
 * the GNU General Public License version 2 as published by the Free
 * Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * version 2 along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 * 02110-1301, USA.
 */

/**
 * \file
 *
 * \author Victor Julien <victor@inliniac.net>
 * \author Anoop Saldanha <anoopsaldanha@gmail.com>
 */

#ifndef __APP_LAYER_PARSER_H__
#define __APP_LAYER_PARSER_H__

#include "app-layer-events.h"
#include "detect-engine-state.h"
#include "util-file.h"
#include "stream-tcp-private.h"

#define APP_LAYER_PARSER_EOF                    0x01
#define APP_LAYER_PARSER_NO_INSPECTION          0x02
#define APP_LAYER_PARSER_NO_REASSEMBLY          0x04
#define APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD  0x08

int AppLayerParserProtoIsRegistered(uint8_t ipproto, AppProto alproto);

/***** transaction handling *****/

/** \brief Function ptr type for getting active TxId from a flow
 *  Used by AppLayerTransactionGetActive.
 */
typedef uint64_t (*GetActiveTxIdFunc)(Flow *f, uint8_t flags);

/** \brief Register GetActiveTxId Function
 *
 */
void RegisterAppLayerGetActiveTxIdFunc(GetActiveTxIdFunc FuncPtr);

/** \brief active TX retrieval for normal ops: so with detection and logging
 *
 *  \retval tx_id lowest tx_id that still needs work
 *
 *  This is the default function.
 */
uint64_t AppLayerTransactionGetActiveDetectLog(Flow *f, uint8_t flags);

/** \brief active TX retrieval for logging only ops
 *
 *  \retval tx_id lowest tx_id that still needs work
 */
uint64_t AppLayerTransactionGetActiveLogOnly(Flow *f, uint8_t flags);


int AppLayerParserSetup(void);
void AppLayerParserPostStreamSetup(void);
int AppLayerParserDeSetup(void);

typedef struct AppLayerParserThreadCtx_ AppLayerParserThreadCtx;

/**
 * \brief Gets a new app layer protocol's parser thread context.
 *
 * \retval Non-NULL pointer on success.
 *         NULL pointer on failure.
 */
AppLayerParserThreadCtx *AppLayerParserThreadCtxAlloc(void);

/**
 * \brief Destroys the app layer parser thread context obtained
 *        using AppLayerParserThreadCtxAlloc().
 *
 * \param tctx Pointer to the thread context to be destroyed.
 */
void AppLayerParserThreadCtxFree(AppLayerParserThreadCtx *tctx);

/**
 * \brief Given a protocol name, checks if the parser is enabled in
 *        the conf file.
 *
 * \param alproto_name Name of the app layer protocol.
 *
 * \retval 1 If enabled.
 * \retval 0 If disabled.
 */
int AppLayerParserConfParserEnabled(const char *ipproto,
                                    const char *alproto_name);

/***** Parser related registration *****/

/**
 * \brief Register app layer parser for the protocol.
 *
 * \retval 0 On success.
 * \retval -1 On failure.
 */
int AppLayerParserRegisterParser(uint8_t ipproto, AppProto alproto,
                      uint8_t direction,
                      int (*Parser)(Flow *f, void *protocol_state,
                                    AppLayerParserState *pstate,
                                    uint8_t *buf, uint32_t buf_len,
                                    void *local_storage));
void AppLayerParserRegisterParserAcceptableDataDirection(uint8_t ipproto,
                                              AppProto alproto,
                                              uint8_t direction);
void AppLayerParserRegisterStateFuncs(uint8_t ipproto, AppProto alproto,
                           void *(*StateAlloc)(void),
                           void (*StateFree)(void *));
void AppLayerParserRegisterLocalStorageFunc(uint8_t ipproto, AppProto proto,
                                 void *(*LocalStorageAlloc)(void),
                                 void (*LocalStorageFree)(void *));
void AppLayerParserRegisterGetFilesFunc(uint8_t ipproto, AppProto alproto,
                             FileContainer *(*StateGetFiles)(void *, uint8_t));
void AppLayerParserRegisterGetEventsFunc(uint8_t ipproto, AppProto proto,
    AppLayerDecoderEvents *(*StateGetEvents)(void *, uint64_t));
void AppLayerParserRegisterHasEventsFunc(uint8_t ipproto, AppProto alproto,
                              int (*StateHasEvents)(void *));
void AppLayerParserRegisterLoggerFuncs(uint8_t ipproto, AppProto alproto,
                         int (*StateGetTxLogged)(void *, void *, uint32_t),
                         void (*StateSetTxLogged)(void *, void *, uint32_t));
void AppLayerParserRegisterLogger(uint8_t ipproto, AppProto alproto);
void AppLayerParserRegisterTruncateFunc(uint8_t ipproto, AppProto alproto,
                             void (*Truncate)(void *, uint8_t));
void AppLayerParserRegisterGetStateProgressFunc(uint8_t ipproto, AppProto alproto,
    int (*StateGetStateProgress)(void *alstate, uint8_t direction));
void AppLayerParserRegisterTxFreeFunc(uint8_t ipproto, AppProto alproto,
                           void (*StateTransactionFree)(void *, uint64_t));
void AppLayerParserRegisterGetTxCnt(uint8_t ipproto, AppProto alproto,
                         uint64_t (*StateGetTxCnt)(void *alstate));
void AppLayerParserRegisterGetTx(uint8_t ipproto, AppProto alproto,
                      void *(StateGetTx)(void *alstate, uint64_t tx_id));
void AppLayerParserRegisterGetStateProgressCompletionStatus(AppProto alproto,
    int (*StateGetStateProgressCompletionStatus)(uint8_t direction));
void AppLayerParserRegisterGetEventInfo(uint8_t ipproto, AppProto alproto,
    int (*StateGetEventInfo)(const char *event_name, int *event_id,
                             AppLayerEventType *event_type));
void AppLayerParserRegisterDetectStateFuncs(uint8_t ipproto, AppProto alproto,
        int (*StateHasTxDetectState)(void *alstate),
        DetectEngineState *(*GetTxDetectState)(void *tx),
        int (*SetTxDetectState)(void *alstate, void *tx, DetectEngineState *));
void AppLayerParserRegisterGetStreamDepth(uint8_t ipproto,
                                          AppProto alproto,
                                          uint32_t (*GetStreamDepth)(void));
void AppLayerParserRegisterMpmIDsFuncs(uint8_t ipproto, AppProto alproto,
        uint64_t (*GetTxMpmIDs)(void *tx),
        int (*SetTxMpmIDs)(void *tx, uint64_t));

/***** Get and transaction functions *****/

void *AppLayerParserGetProtocolParserLocalStorage(uint8_t ipproto, AppProto alproto);
void AppLayerParserDestroyProtocolParserLocalStorage(uint8_t ipproto, AppProto alproto,
                                          void *local_data);


uint64_t AppLayerParserGetTransactionLogId(AppLayerParserState *pstate);
void AppLayerParserSetTransactionLogId(AppLayerParserState *pstate, uint64_t tx_id);
void AppLayerParserSetTxLogged(uint8_t ipproto, AppProto alproto, void *alstate,
                               void *tx, uint32_t logger);
int AppLayerParserGetTxLogged(uint8_t ipproto, AppProto alproto, void *alstate,
                              void *tx, uint32_t logger);
uint64_t AppLayerParserGetTransactionInspectId(AppLayerParserState *pstate, uint8_t direction);
void AppLayerParserSetTransactionInspectId(AppLayerParserState *pstate,
                                const uint8_t ipproto, const AppProto alproto, void *alstate,
                                const uint8_t flags);
AppLayerDecoderEvents *AppLayerParserGetDecoderEvents(AppLayerParserState *pstate);
void AppLayerParserSetDecoderEvents(AppLayerParserState *pstate, AppLayerDecoderEvents *devents);
AppLayerDecoderEvents *AppLayerParserGetEventsByTx(uint8_t ipproto, AppProto alproto, void *alstate,
                                        uint64_t tx_id);
FileContainer *AppLayerParserGetFiles(uint8_t ipproto, AppProto alproto,
                           void *alstate, uint8_t direction);
int AppLayerParserGetStateProgress(uint8_t ipproto, AppProto alproto,
                        void *alstate, uint8_t direction);
uint64_t AppLayerParserGetTxCnt(uint8_t ipproto, AppProto alproto, void *alstate);
void *AppLayerParserGetTx(uint8_t ipproto, AppProto alproto, void *alstate, uint64_t tx_id);
int AppLayerParserGetStateProgressCompletionStatus(AppProto alproto, uint8_t direction);
int AppLayerParserGetEventInfo(uint8_t ipproto, AppProto alproto, const char *event_name,
                    int *event_id, AppLayerEventType *event_type);

uint64_t AppLayerParserGetTransactionActive(const Flow *f, AppLayerParserState *pstate, uint8_t direction);

uint8_t AppLayerParserGetFirstDataDir(uint8_t ipproto, AppProto alproto);

int AppLayerParserSupportsFiles(uint8_t ipproto, AppProto alproto);
int AppLayerParserSupportsTxDetectState(uint8_t ipproto, AppProto alproto);
int AppLayerParserHasTxDetectState(uint8_t ipproto, AppProto alproto, void *alstate);
DetectEngineState *AppLayerParserGetTxDetectState(uint8_t ipproto, AppProto alproto, void *tx);
int AppLayerParserSetTxDetectState(const Flow *f, void *alstate, void *tx, DetectEngineState *s);

uint64_t AppLayerParserGetTxMpmIDs(uint8_t ipproto, AppProto alproto, void *tx);
int AppLayerParserSetTxMpmIDs(uint8_t ipproto, AppProto alproto, void *tx, uint64_t);

/***** General *****/

int AppLayerParserParse(ThreadVars *tv, AppLayerParserThreadCtx *tctx, Flow *f, AppProto alproto,
                   uint8_t flags, uint8_t *input, uint32_t input_len);
void AppLayerParserSetEOF(AppLayerParserState *pstate);
int AppLayerParserHasDecoderEvents(const Flow *f, void *alstate, AppLayerParserState *pstate,
                        uint8_t flags);
int AppLayerParserIsTxAware(AppProto alproto);
int AppLayerParserProtocolIsTxAware(uint8_t ipproto, AppProto alproto);
int AppLayerParserProtocolIsTxEventAware(uint8_t ipproto, AppProto alproto);
int AppLayerParserProtocolSupportsTxs(uint8_t ipproto, AppProto alproto);
int AppLayerParserProtocolHasLogger(uint8_t ipproto, AppProto alproto);
void AppLayerParserTriggerRawStreamReassembly(Flow *f, int direction);
void AppLayerParserSetStreamDepth(uint8_t ipproto, AppProto alproto, uint32_t stream_depth);
uint32_t AppLayerParserGetStreamDepth(const Flow *f);

/***** Cleanup *****/

void AppLayerParserStateCleanup(const Flow *f, void *alstate, AppLayerParserState *pstate);

void AppLayerParserRegisterProtocolParsers(void);


void AppLayerParserStateSetFlag(AppLayerParserState *pstate, uint8_t flag);
int AppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint8_t flag);

void AppLayerParserStreamTruncated(uint8_t ipproto, AppProto alproto, void *alstate,
                        uint8_t direction);


AppLayerParserState *AppLayerParserStateAlloc(void);
void AppLayerParserStateFree(AppLayerParserState *pstate);


#ifdef DEBUG
void AppLayerParserStatePrintDetails(AppLayerParserState *pstate);
#endif

#ifdef AFLFUZZ_APPLAYER
int AppLayerParserRequestFromFile(uint8_t ipproto, AppProto alproto, char *filename);
int AppLayerParserFromFile(uint8_t ipproto, AppProto alproto, char *filename);
#endif

/***** Unittests *****/

#ifdef UNITTESTS
void AppLayerParserRegisterProtocolUnittests(uint8_t ipproto, AppProto alproto,
                                  void (*RegisterUnittests)(void));
void AppLayerParserRegisterUnittests(void);
void AppLayerParserBackupParserTable(void);
void AppLayerParserRestoreParserTable(void);
#endif

#endif /* __APP_LAYER_PARSER_H__ */
Commit	Line	Data
429c6388	1	/* Copyright (C) 2007-2013 Open Information Security Foundation
ce019275 WM	2	*
	3	* You can copy, redistribute or modify this Program under the terms of
	4	* the GNU General Public License version 2 as published by the Free
	5	* Software Foundation.
	6	*
	7	* This program is distributed in the hope that it will be useful,
	8	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	9	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	10	* GNU General Public License for more details.
	11	*
	12	* You should have received a copy of the GNU General Public License
	13	* version 2 along with this program; if not, write to the Free Software
	14	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
	15	* 02110-1301, USA.
	16	*/
	17
	18	/**
	19	* \file
	20	*
	21	* \author Victor Julien <victor@inliniac.net>
429c6388	22	* \author Anoop Saldanha <anoopsaldanha@gmail.com>
ce019275 WM	23	*/
ce019275 WM	24
59327e0f VJ	25	#ifndef __APP_LAYER_PARSER_H__
59327e0f VJ	26	#define __APP_LAYER_PARSER_H__
8e10844f	27
347c0df9	28	#include "app-layer-events.h"
1cf02560	29	#include "detect-engine-state.h"
e1022ee5	30	#include "util-file.h"
b160c49e	31	#include "stream-tcp-private.h"
e1022ee5	32
26169ad8 WM	33	#define APP_LAYER_PARSER_EOF 0x01
	34	#define APP_LAYER_PARSER_NO_INSPECTION 0x02
	35	#define APP_LAYER_PARSER_NO_REASSEMBLY 0x04
	36	#define APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD 0x08
2c857087	37
5908dd08	38	int AppLayerParserProtoIsRegistered(uint8_t ipproto, AppProto alproto);
2c857087 VJ	39
	40	/*** transaction handling ***/
	41
	42	/** \brief Function ptr type for getting active TxId from a flow
	43	* Used by AppLayerTransactionGetActive.
	44	*/
	45	typedef uint64_t (GetActiveTxIdFunc)(Flow f, uint8_t flags);
	46
	47	/** \brief Register GetActiveTxId Function
	48	*
	49	*/
	50	void RegisterAppLayerGetActiveTxIdFunc(GetActiveTxIdFunc FuncPtr);
	51
	52	/** \brief active TX retrieval for normal ops: so with detection and logging
	53	*
	54	* \retval tx_id lowest tx_id that still needs work
	55	*
	56	* This is the default function.
	57	*/
	58	uint64_t AppLayerTransactionGetActiveDetectLog(Flow *f, uint8_t flags);
	59
5cc880c5 VJ	60	/** \brief active TX retrieval for logging only ops
	61	*
	62	* \retval tx_id lowest tx_id that still needs work
	63	*/
	64	uint64_t AppLayerTransactionGetActiveLogOnly(Flow *f, uint8_t flags);
	65
	66
429c6388	67	int AppLayerParserSetup(void);
6d562f3b	68	void AppLayerParserPostStreamSetup(void);
429c6388 AS	69	int AppLayerParserDeSetup(void);
429c6388 AS	70
9634e60e VJ	71	typedef struct AppLayerParserThreadCtx_ AppLayerParserThreadCtx;
9634e60e VJ	72
429c6388 AS	73	/**
	74	* \brief Gets a new app layer protocol's parser thread context.
	75	*
	76	* \retval Non-NULL pointer on success.
	77	* NULL pointer on failure.
	78	*/
9634e60e	79	AppLayerParserThreadCtx *AppLayerParserThreadCtxAlloc(void);
429c6388 AS	80
	81	/**
	82	* \brief Destroys the app layer parser thread context obtained
fdefb65b	83	* using AppLayerParserThreadCtxAlloc().
429c6388 AS	84	*
	85	* \param tctx Pointer to the thread context to be destroyed.
	86	*/
9634e60e	87	void AppLayerParserThreadCtxFree(AppLayerParserThreadCtx *tctx);
429c6388 AS	88
	89	/**
	90	* \brief Given a protocol name, checks if the parser is enabled in
	91	* the conf file.
	92	*
	93	* \param alproto_name Name of the app layer protocol.
	94	*
	95	* \retval 1 If enabled.
	96	* \retval 0 If disabled.
d4d18e31	97	*/
429c6388 AS	98	int AppLayerParserConfParserEnabled(const char *ipproto,
429c6388 AS	99	const char *alproto_name);
d4d18e31	100
429c6388	101	/*** Parser related registration ***/
d4d18e31 AS	102
d4d18e31 AS	103	/**
429c6388	104	* \brief Register app layer parser for the protocol.
d4d18e31	105	*
429c6388 AS	106	* \retval 0 On success.
429c6388 AS	107	* \retval -1 On failure.
d4d18e31	108	*/
5cdeadb3	109	int AppLayerParserRegisterParser(uint8_t ipproto, AppProto alproto,
429c6388 AS	110	uint8_t direction,
429c6388 AS	111	int (Parser)(Flow f, void *protocol_state,
9634e60e	112	AppLayerParserState *pstate,
429c6388 AS	113	uint8_t *buf, uint32_t buf_len,
429c6388 AS	114	void *local_storage));
5cdeadb3	115	void AppLayerParserRegisterParserAcceptableDataDirection(uint8_t ipproto,
429c6388 AS	116	AppProto alproto,
429c6388 AS	117	uint8_t direction);
5cdeadb3	118	void AppLayerParserRegisterStateFuncs(uint8_t ipproto, AppProto alproto,
429c6388 AS	119	void (StateAlloc)(void),
429c6388 AS	120	void (StateFree)(void ));
5cdeadb3	121	void AppLayerParserRegisterLocalStorageFunc(uint8_t ipproto, AppProto proto,
429c6388 AS	122	void (LocalStorageAlloc)(void),
429c6388 AS	123	void (LocalStorageFree)(void ));
5cdeadb3	124	void AppLayerParserRegisterGetFilesFunc(uint8_t ipproto, AppProto alproto,
429c6388	125	FileContainer (StateGetFiles)(void *, uint8_t));
5cdeadb3	126	void AppLayerParserRegisterGetEventsFunc(uint8_t ipproto, AppProto proto,
429c6388	127	AppLayerDecoderEvents (StateGetEvents)(void *, uint64_t));
5cdeadb3	128	void AppLayerParserRegisterHasEventsFunc(uint8_t ipproto, AppProto alproto,
429c6388	129	int (StateHasEvents)(void ));
f3599323 MK	130	void AppLayerParserRegisterLoggerFuncs(uint8_t ipproto, AppProto alproto,
	131	int (StateGetTxLogged)(void , void *, uint32_t),
	132	void (StateSetTxLogged)(void , void *, uint32_t));
5cdeadb3 VJ	133	void AppLayerParserRegisterLogger(uint8_t ipproto, AppProto alproto);
5cdeadb3 VJ	134	void AppLayerParserRegisterTruncateFunc(uint8_t ipproto, AppProto alproto,
429c6388	135	void (Truncate)(void , uint8_t));
5cdeadb3	136	void AppLayerParserRegisterGetStateProgressFunc(uint8_t ipproto, AppProto alproto,
429c6388	137	int (StateGetStateProgress)(void alstate, uint8_t direction));
5cdeadb3	138	void AppLayerParserRegisterTxFreeFunc(uint8_t ipproto, AppProto alproto,
429c6388	139	void (StateTransactionFree)(void , uint64_t));
5cdeadb3	140	void AppLayerParserRegisterGetTxCnt(uint8_t ipproto, AppProto alproto,
429c6388	141	uint64_t (StateGetTxCnt)(void alstate));
5cdeadb3	142	void AppLayerParserRegisterGetTx(uint8_t ipproto, AppProto alproto,
429c6388	143	void (StateGetTx)(void alstate, uint64_t tx_id));
c4b918b6	144	void AppLayerParserRegisterGetStateProgressCompletionStatus(AppProto alproto,
429c6388	145	int (*StateGetStateProgressCompletionStatus)(uint8_t direction));
5cdeadb3	146	void AppLayerParserRegisterGetEventInfo(uint8_t ipproto, AppProto alproto,
429c6388 AS	147	int (StateGetEventInfo)(const char event_name, int *event_id,
429c6388 AS	148	AppLayerEventType *event_type));
1cf02560	149	void AppLayerParserRegisterDetectStateFuncs(uint8_t ipproto, AppProto alproto,
f536099a	150	int (StateHasTxDetectState)(void alstate),
1cf02560	151	DetectEngineState (GetTxDetectState)(void *tx),
f536099a	152	int (SetTxDetectState)(void alstate, void tx, DetectEngineState ));
b160c49e GL	153	void AppLayerParserRegisterGetStreamDepth(uint8_t ipproto,
	154	AppProto alproto,
	155	uint32_t (*GetStreamDepth)(void));
a0fad6bb VJ	156	void AppLayerParserRegisterMpmIDsFuncs(uint8_t ipproto, AppProto alproto,
	157	uint64_t (GetTxMpmIDs)(void tx),
	158	int (SetTxMpmIDs)(void tx, uint64_t));
d4d18e31	159
429c6388	160	/*** Get and transaction functions ***/
16cfae2f	161
5cdeadb3 VJ	162	void *AppLayerParserGetProtocolParserLocalStorage(uint8_t ipproto, AppProto alproto);
5cdeadb3 VJ	163	void AppLayerParserDestroyProtocolParserLocalStorage(uint8_t ipproto, AppProto alproto,
429c6388	164	void *local_data);
6cb00142	165
6cb00142	166
9634e60e	167	uint64_t AppLayerParserGetTransactionLogId(AppLayerParserState *pstate);
e9fccfa6	168	void AppLayerParserSetTransactionLogId(AppLayerParserState *pstate, uint64_t tx_id);
f3599323 MK	169	void AppLayerParserSetTxLogged(uint8_t ipproto, AppProto alproto, void *alstate,
	170	void *tx, uint32_t logger);
	171	int AppLayerParserGetTxLogged(uint8_t ipproto, AppProto alproto, void *alstate,
	172	void *tx, uint32_t logger);
9634e60e VJ	173	uint64_t AppLayerParserGetTransactionInspectId(AppLayerParserState *pstate, uint8_t direction);
9634e60e VJ	174	void AppLayerParserSetTransactionInspectId(AppLayerParserState *pstate,
6946e0be VJ	175	const uint8_t ipproto, const AppProto alproto, void *alstate,
6946e0be VJ	176	const uint8_t flags);
9634e60e VJ	177	AppLayerDecoderEvents AppLayerParserGetDecoderEvents(AppLayerParserState pstate);
9634e60e VJ	178	void AppLayerParserSetDecoderEvents(AppLayerParserState pstate, AppLayerDecoderEvents devents);
5cdeadb3	179	AppLayerDecoderEvents AppLayerParserGetEventsByTx(uint8_t ipproto, AppProto alproto, void alstate,
429c6388	180	uint64_t tx_id);
5cdeadb3	181	FileContainer *AppLayerParserGetFiles(uint8_t ipproto, AppProto alproto,
429c6388	182	void *alstate, uint8_t direction);
5cdeadb3	183	int AppLayerParserGetStateProgress(uint8_t ipproto, AppProto alproto,
429c6388	184	void *alstate, uint8_t direction);
5cdeadb3 VJ	185	uint64_t AppLayerParserGetTxCnt(uint8_t ipproto, AppProto alproto, void *alstate);
5cdeadb3 VJ	186	void AppLayerParserGetTx(uint8_t ipproto, AppProto alproto, void alstate, uint64_t tx_id);
c4b918b6	187	int AppLayerParserGetStateProgressCompletionStatus(AppProto alproto, uint8_t direction);
5cdeadb3	188	int AppLayerParserGetEventInfo(uint8_t ipproto, AppProto alproto, const char *event_name,
429c6388	189	int event_id, AppLayerEventType event_type);
6cb00142	190
3148ff34	191	uint64_t AppLayerParserGetTransactionActive(const Flow f, AppLayerParserState pstate, uint8_t direction);
6cb00142	192
f5f14880	193	uint8_t AppLayerParserGetFirstDataDir(uint8_t ipproto, AppProto alproto);
ddde572f	194
bcfa484b	195	int AppLayerParserSupportsFiles(uint8_t ipproto, AppProto alproto);
1cf02560	196	int AppLayerParserSupportsTxDetectState(uint8_t ipproto, AppProto alproto);
f536099a	197	int AppLayerParserHasTxDetectState(uint8_t ipproto, AppProto alproto, void *alstate);
1cf02560	198	DetectEngineState AppLayerParserGetTxDetectState(uint8_t ipproto, AppProto alproto, void tx);
3148ff34	199	int AppLayerParserSetTxDetectState(const Flow f, void alstate, void tx, DetectEngineState s);
1cf02560	200
a0fad6bb VJ	201	uint64_t AppLayerParserGetTxMpmIDs(uint8_t ipproto, AppProto alproto, void *tx);
	202	int AppLayerParserSetTxMpmIDs(uint8_t ipproto, AppProto alproto, void *tx, uint64_t);
	203
429c6388 AS	204	/*** General ***/
429c6388 AS	205
675fa564	206	int AppLayerParserParse(ThreadVars tv, AppLayerParserThreadCtx tctx, Flow *f, AppProto alproto,
429c6388	207	uint8_t flags, uint8_t *input, uint32_t input_len);
9634e60e	208	void AppLayerParserSetEOF(AppLayerParserState *pstate);
3148ff34	209	int AppLayerParserHasDecoderEvents(const Flow f, void alstate, AppLayerParserState *pstate,
429c6388	210	uint8_t flags);
01913f6a	211	int AppLayerParserIsTxAware(AppProto alproto);
b2d420be	212	int AppLayerParserProtocolIsTxAware(uint8_t ipproto, AppProto alproto);
5cdeadb3 VJ	213	int AppLayerParserProtocolIsTxEventAware(uint8_t ipproto, AppProto alproto);
5cdeadb3 VJ	214	int AppLayerParserProtocolSupportsTxs(uint8_t ipproto, AppProto alproto);
078ff0c0	215	int AppLayerParserProtocolHasLogger(uint8_t ipproto, AppProto alproto);
2d223b69	216	void AppLayerParserTriggerRawStreamReassembly(Flow *f, int direction);
b160c49e	217	void AppLayerParserSetStreamDepth(uint8_t ipproto, AppProto alproto, uint32_t stream_depth);
3148ff34	218	uint32_t AppLayerParserGetStreamDepth(const Flow *f);
429c6388 AS	219
	220	/*** Cleanup ***/
	221
3148ff34	222	void AppLayerParserStateCleanup(const Flow f, void alstate, AppLayerParserState *pstate);
429c6388 AS	223
	224	void AppLayerParserRegisterProtocolParsers(void);
	225
	226
9634e60e VJ	227	void AppLayerParserStateSetFlag(AppLayerParserState *pstate, uint8_t flag);
9634e60e VJ	228	int AppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint8_t flag);
429c6388	229
5cdeadb3	230	void AppLayerParserStreamTruncated(uint8_t ipproto, AppProto alproto, void *alstate,
429c6388 AS	231	uint8_t direction);
	232
	233
	234
9634e60e VJ	235	AppLayerParserState *AppLayerParserStateAlloc(void);
9634e60e VJ	236	void AppLayerParserStateFree(AppLayerParserState *pstate);
429c6388 AS	237
	238
	239
	240	#ifdef DEBUG
9634e60e	241	void AppLayerParserStatePrintDetails(AppLayerParserState *pstate);
429c6388	242	#endif
6cb00142	243
077ac816	244	#ifdef AFLFUZZ_APPLAYER
4683b0e6 VJ	245	int AppLayerParserRequestFromFile(uint8_t ipproto, AppProto alproto, char *filename);
4683b0e6 VJ	246	int AppLayerParserFromFile(uint8_t ipproto, AppProto alproto, char *filename);
077ac816 VJ	247	#endif
077ac816 VJ	248
6cb00142 AS	249	/*** Unittests ***/
6cb00142 AS	250
429c6388	251	#ifdef UNITTESTS
5cdeadb3	252	void AppLayerParserRegisterProtocolUnittests(uint8_t ipproto, AppProto alproto,
429c6388 AS	253	void (*RegisterUnittests)(void));
	254	void AppLayerParserRegisterUnittests(void);
	255	void AppLayerParserBackupParserTable(void);
	256	void AppLayerParserRestoreParserTable(void);
	257	#endif
6cb00142	258
59327e0f	259	#endif /* __APP_LAYER_PARSER_H__ */