projects / thirdparty / snort3.git / blame
| Commit | Line | Data |
|---|---|---|
| be1d9b13 | 1 | //-------------------------------------------------------------------------- |
| 5ad5de33 | 2 | // Copyright (C) 2016-2023 Cisco and/or its affiliates. All rights reserved. |
| be1d9b13 TP |
3 | // |
| 4 | // This program is free software; you can redistribute it and/or modify it | |
| 5 | // under the terms of the GNU General Public License Version 2 as published | |
| 6 | // by the Free Software Foundation. You may not use, modify or distribute | |
| 7 | // this program under any other version of the GNU General Public License. | |
| 8 | // | |
| 9 | // This program is distributed in the hope that it will be useful, but | |
| 10 | // WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 11 | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
| 12 | // General Public License for more details. | |
| 13 | // | |
| 14 | // You should have received a copy of the GNU General Public License along | |
| 15 | // with this program; if not, write to the Free Software Foundation, Inc., | |
| 16 | // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |
| 17 | //-------------------------------------------------------------------------- | |
| 18 | ||
| 19 | // appid_mock_session.h author davis mcpherson <davmcphe@cisco.com> | |
| 20 | ||
| 3d760936 RC |
21 | #ifndef APPID_MOCK_SESSION_H |
| 22 | #define APPID_MOCK_SESSION_H | |
| be1d9b13 | 23 | |
| b60fde2f SR |
24 | #include "flow/ha.h" |
| 25 | ||
| 25b2cb6f | 26 | #include "appid_dns_session.h" |
| be1d9b13 | 27 | #include "appid_mock_flow.h" |
| 103cd505 | 28 | #include "appid_mock_http_session.h" |
| a831f4b9 | 29 | #include "appid_mock_inspector.h" |
| be1d9b13 TP |
30 | |
| 31 | bool is_session_decrypted = false; | |
| 32 | ||
| 33 | char const* APPID_UT_TLS_HOST = "vpn.topsecret.com"; | |
| 34 | char const* APPID_UT_SERVICE_IP_ADDR = "192.168.0.2"; | |
| 35 | char const* APPID_UT_INITIATOR_IP_ADDR = "192.168.0.3"; | |
| 36 | ||
| be1d9b13 TP |
37 | char const* APPID_ID_UT_DNS_HOST = "delphi.opendns.com"; |
| 38 | #define APPID_UT_DNS_HOST_OFFSET 22 | |
| 39 | #define APPID_UT_DNS_PATTERN_CNAME_REC 5 | |
| 40 | #define APPID_UT_DNS_NOERROR 0 | |
| 41 | #define APPID_UT_DNS_TTL 5 | |
| 42 | ||
| 43 | const char* test_app_name = "testapp_1492"; | |
| 44 | const AppId APPID_UT_ID = 1492; | |
| 45 | const short APPID_UT_SERVICE_PORT = 1066; | |
| 46 | const char* APPID_UT_USERNAME = "pigpen"; | |
| 47 | const char* APPID_UT_CLIENT_VERSION = "a snorting client"; | |
| 48 | const char* APPID_UT_SERVICE = "at your service"; | |
| 49 | const char* APPID_UT_SERVICE_VENDOR = "cisco snorty"; | |
| 50 | const char* APPID_UT_SERVICE_VERSION = "Version City"; | |
| 51 | ||
| 52 | AppIdServiceSubtype APPID_UT_SERVICE_SUBTYPE = { nullptr, APPID_UT_SERVICE, | |
| 53 | APPID_UT_SERVICE_VENDOR, | |
| 54 | APPID_UT_SERVICE_VERSION }; | |
| 55 | ||
| 4252e4ec | 56 | unsigned AppIdSession::inspector_id = 0; |
| c2950e94 SR |
57 | std::mutex AppIdSession::inferred_svcs_lock; |
| 58 | uint16_t AppIdSession::inferred_svcs_ver = 0; | |
| 99d13aa9 | 59 | uint32_t OdpContext::next_version = 0; |
| be1d9b13 | 60 | |
| 25b2cb6f MA |
61 | class MockAppIdDnsSession : public AppIdDnsSession |
| 62 | { | |
| 63 | public: | |
| 64 | MockAppIdDnsSession() | |
| 65 | { | |
| bafa88da | 66 | host = (const char*) APPID_ID_UT_DNS_HOST; |
| 25b2cb6f MA |
67 | host_offset = APPID_UT_DNS_HOST_OFFSET; |
| 68 | record_type = APPID_UT_DNS_PATTERN_CNAME_REC; | |
| 69 | response_type = APPID_UT_DNS_NOERROR; | |
| 70 | ttl = APPID_UT_DNS_TTL; | |
| 71 | } | |
| 72 | }; | |
| 73 | ||
| a524ad57 | 74 | AppIdConfig::~AppIdConfig() = default; |
| 25f69c51 | 75 | OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } |
| 0265b2ea | 76 | |
| b60fde2f SR |
77 | void FlowHAState::add(uint8_t) { } |
| 78 | ||
| 0265b2ea SR |
79 | static AppIdConfig stub_config; |
| 80 | static AppIdContext stub_ctxt(stub_config); | |
| 81 | static OdpContext stub_odp_ctxt(stub_config, nullptr); | |
| 82 | OdpContext* AppIdContext::odp_ctxt = &stub_odp_ctxt; | |
| eb170c4c | 83 | AppIdSession::AppIdSession(IpProtocol proto, const SfIp* ip, uint16_t, AppIdInspector& inspector, |
| 2a0742e1 | 84 | OdpContext&, uint32_t, uint32_t) : FlowData(inspector_id, &inspector), config(stub_config), |
| eb170c4c | 85 | protocol(proto), api(*(new AppIdSessionApi(this, *ip))), odp_ctxt(stub_odp_ctxt) |
| be1d9b13 | 86 | { |
| 7b79c237 | 87 | this->set_session_flags(APPID_SESSION_DISCOVER_APP | APPID_SESSION_SPECIAL_MONITORED); |
| 99d13aa9 | 88 | odp_ctxt_version = odp_ctxt.get_version(); |
| afe0a782 | 89 | set_service_port(APPID_UT_SERVICE_PORT); |
| 6a23d341 | 90 | AppidChangeBits change_bits; |
| be1d9b13 | 91 | |
| ce7f33c5 | 92 | set_client_user(APPID_UT_ID, APPID_UT_USERNAME, change_bits); |
| 704c6709 | 93 | set_client_version(APPID_UT_CLIENT_VERSION, change_bits); |
| be1d9b13 | 94 | |
| 7d36e3ec | 95 | set_service_vendor(APPID_UT_SERVICE_VENDOR, change_bits); |
| 704c6709 | 96 | set_service_version(APPID_UT_SERVICE_VERSION, change_bits); |
| 7d36e3ec | 97 | add_service_subtype(*(new AppIdServiceSubtype(APPID_UT_SERVICE_SUBTYPE)), change_bits); |
| be1d9b13 | 98 | |
| be1d9b13 | 99 | tsession = new TlsSession; |
| be1d9b13 | 100 | |
| afe0a782 SR |
101 | SfIp svc_ip; |
| 102 | svc_ip.pton(AF_INET, APPID_UT_SERVICE_IP_ADDR); | |
| 103 | set_service_ip(svc_ip); | |
| 704c6709 | 104 | api.initiator_ip.pton(AF_INET, APPID_UT_INITIATOR_IP_ADDR); |
| be1d9b13 | 105 | |
| 704c6709 | 106 | api.dsession = new MockAppIdDnsSession; |
| be1d9b13 | 107 | tp_app_id = APPID_UT_ID; |
| eb170c4c | 108 | set_service_id(APPID_UT_ID + 1, odp_ctxt); |
| 96e924be | 109 | client_inferred_service_id = APPID_UT_ID + 2; |
| 704c6709 SR |
110 | set_port_service_id(APPID_UT_ID + 3); |
| 111 | set_payload_id(APPID_UT_ID + 4); | |
| be1d9b13 | 112 | tp_payload_app_id = APPID_UT_ID + 5; |
| 704c6709 | 113 | set_client_id(APPID_UT_ID + 6); |
| be1d9b13 TP |
114 | misc_app_id = APPID_UT_ID + 7; |
| 115 | } | |
| 116 | ||
| 117 | AppIdSession::~AppIdSession() | |
| 118 | { | |
| be1d9b13 | 119 | delete tsession; |
| be1d9b13 TP |
120 | } |
| 121 | ||
| 34c7f938 | 122 | void* AppIdSession::get_flow_data(unsigned) const |
| be1d9b13 TP |
123 | { |
| 124 | return nullptr; | |
| 125 | } | |
| 126 | ||
| 39505d41 | 127 | int AppIdSession::add_flow_data(void*, unsigned, AppIdFreeFCN) |
| be1d9b13 | 128 | { |
| be1d9b13 TP |
129 | return 0; |
| 130 | } | |
| 131 | ||
| 34c7f938 | 132 | AppId AppIdSession::pick_service_app_id() const |
| be1d9b13 | 133 | { |
| 704c6709 | 134 | return get_service_id(); |
| be1d9b13 TP |
135 | } |
| 136 | ||
| 34c7f938 | 137 | AppId AppIdSession::pick_ss_misc_app_id() const |
| be1d9b13 | 138 | { |
| 6a23d341 | 139 | return misc_app_id; |
| be1d9b13 TP |
140 | } |
| 141 | ||
| 34c7f938 | 142 | AppId AppIdSession::pick_ss_client_app_id() const |
| be1d9b13 | 143 | { |
| a80c988b | 144 | if (get_eve_client_app_id() > APP_ID_NONE and get_client_id() <= APP_ID_NONE) |
| 49e17530 | 145 | { |
| a80c988b SR |
146 | api.client.set_eve_client_app_detect_type(CLIENT_APP_DETECT_TLS_FP); |
| 147 | return get_eve_client_app_id(); | |
| 49e17530 SR |
148 | } |
| 149 | else | |
| 150 | { | |
| a80c988b | 151 | api.client.set_eve_client_app_detect_type(CLIENT_APP_DETECT_APPID); |
| 49e17530 SR |
152 | return get_client_id(); |
| 153 | } | |
| be1d9b13 TP |
154 | } |
| 155 | ||
| 34c7f938 | 156 | AppId AppIdSession::pick_ss_payload_app_id() const |
| be1d9b13 | 157 | { |
| 704c6709 | 158 | return get_payload_id(); |
| be1d9b13 TP |
159 | } |
| 160 | ||
| 34c7f938 | 161 | AppId AppIdSession::pick_ss_referred_payload_app_id() const |
| be1d9b13 TP |
162 | { |
| 163 | return APPID_UT_ID; | |
| 164 | } | |
| 165 | ||
| e26358e9 | 166 | AppIdHttpSession* AppIdSession::create_http_session(int64_t) |
| 25b2cb6f | 167 | { |
| 2c7c87b9 | 168 | AppIdHttpSession* hsession = new MockAppIdHttpSession(*this); |
| 659b66a7 SR |
169 | AppidChangeBits change_bits; |
| 170 | ||
| 2c7c87b9 | 171 | hsession->client.set_id(APPID_UT_ID); |
| e1bb0d1f SR |
172 | hsession->client.set_version(APPID_UT_CLIENT_VERSION); |
| 173 | change_bits.set(APPID_CLIENT_INFO_BIT); | |
| 2c7c87b9 SR |
174 | hsession->payload.set_id(APPID_UT_ID); |
| 175 | hsession->misc_app_id = APPID_UT_ID; | |
| 176 | hsession->referred_payload_app_id = APPID_UT_ID; | |
| 704c6709 | 177 | api.hsessions.push_back(hsession); |
| 25b2cb6f MA |
178 | return hsession; |
| 179 | } | |
| 180 | ||
| e26358e9 | 181 | AppIdHttpSession* AppIdSession::get_matching_http_session(int64_t stream_id) const |
| 730e6c9a | 182 | { |
| e26358e9 | 183 | for (uint64_t stream_index=0; stream_index < api.hsessions.size(); stream_index++) |
| 730e6c9a | 184 | { |
| e26358e9 | 185 | if (stream_id == api.hsessions[stream_index]->get_httpx_stream_id()) |
| 704c6709 | 186 | return api.hsessions[stream_index]; |
| 730e6c9a SR |
187 | } |
| 188 | return nullptr; | |
| 189 | } | |
| 190 | ||
| 7666fdd4 | 191 | AppIdDnsSession* AppIdSession::create_dns_session() |
| 25b2cb6f | 192 | { |
| 704c6709 SR |
193 | if ( !api.dsession ) |
| 194 | api.dsession = new MockAppIdDnsSession(); | |
| 195 | return api.dsession; | |
| 25b2cb6f MA |
196 | } |
| 197 | ||
| 34c7f938 | 198 | AppIdDnsSession* AppIdSession::get_dns_session() const |
| 7666fdd4 | 199 | { |
| 704c6709 | 200 | return api.dsession; |
| 7666fdd4 SR |
201 | } |
| 202 | ||
| 3ea06dbe | 203 | bool AppIdSession::is_tp_appid_done() const |
| 7fd491e7 MS |
204 | { |
| 205 | return true; | |
| 206 | } | |
| 207 | ||
| 3ea06dbe | 208 | bool AppIdSession::is_tp_appid_available() const |
| 7fd491e7 | 209 | { |
| 58f81b64 | 210 | return true; |
| 7fd491e7 MS |
211 | } |
| 212 | ||
| be1d9b13 TP |
213 | #endif |
| 214 |