TEST(appid_http_event, handle_null_appid_data)
{
- HttpEvent event(nullptr);
+ HttpEvent event(nullptr, false, 0);
HttpEventHandler event_handler(HttpEventHandler::REQUEST_EVENT);
mock().expectOneCall("get_appid_session");
event_handler.handle(event, flow);
TEST(appid_http_event, handle_null_msg_header)
{
- HttpEvent event(nullptr);
+ HttpEvent event(nullptr, false, 0);
HttpEventHandler event_handler(HttpEventHandler::REQUEST_EVENT);
mock().strictOrder();
static void run_event_handler(TestData test_data, TestData* expect_data = nullptr)
{
- HttpEvent event(nullptr);
+ HttpEvent event(nullptr, false, 0);
FakeHttpMsgHeader http_msg_header;
HttpEventHandler event_handler(test_data.type);
fake_msg_header = &http_msg_header;
DESTINATION "${INCLUDE_INSTALL_PATH}/pub_sub"
)
+add_subdirectory ( test )
+
return HttpMsgRequest::is_webdav(method);
}
+bool HttpEvent::get_is_http2() const
+{
+ return is_http2;
+}
+
+uint32_t HttpEvent::get_http2_stream_id() const
+{
+ return http2_stream_id;
+}
class SO_PUBLIC HttpEvent : public snort::DataEvent
{
public:
- HttpEvent(HttpMsgHeader* http_msg_header_) :
- http_msg_header(http_msg_header_)
- {
- }
+ HttpEvent(HttpMsgHeader* http_msg_header_, bool http2, uint32_t stream_id) :
+ http_msg_header(http_msg_header_), is_http2(http2), http2_stream_id(stream_id) { }
const uint8_t* get_content_type(int32_t &length);
const uint8_t* get_x_working_with(int32_t &length);
int32_t get_response_code();
bool contains_webdav_method();
+ bool get_is_http2() const;
+ uint32_t get_http2_stream_id() const;
private:
HttpMsgHeader* const http_msg_header;
+ bool is_http2 = false;
+ uint32_t http2_stream_id = 0;
const uint8_t* get_header(unsigned, uint64_t, int32_t&);
--- /dev/null
+add_cpputest( pub_sub_http_event_test
+ SOURCES
+ ../http_events.cc
+)
--- /dev/null
+//--------------------------------------------------------------------------
+// Copyright (C) 2020-2020 Cisco and/or its affiliates. All rights reserved.
+//
+// This program is free software; you can redistribute it and/or modify it
+// under the terms of the GNU General Public License Version 2 as published
+// by the Free Software Foundation. You may not use, modify or distribute
+// this program under any other version of the GNU General Public License.
+//
+// This program is distributed in the hope that it will be useful, but
+// WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+// General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+//--------------------------------------------------------------------------
+// pub_sub_http_event_test.cc author Katura Harvey <katharve@cisco.com>
+
+// Unit test for the HttpEvent methods to retrieve HTTP/2 information
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include "pub_sub/http_events.h"
+#include "service_inspectors/http_inspect/http_common.h"
+#include "service_inspectors/http_inspect/http_msg_section.h"
+#include "service_inspectors/http_inspect/http_field.h"
+
+#include <CppUTest/CommandLineTestRunner.h>
+#include <CppUTest/TestHarness.h>
+#include <CppUTestExt/MockSupport.h>
+
+using namespace snort;
+using namespace HttpCommon;
+
+// Stubs to make the code link
+const Field Field::FIELD_NULL { STAT_NO_SOURCE };
+const Field& HttpMsgSection::get_classic_buffer(unsigned int, unsigned long, unsigned long)
+ { return Field::FIELD_NULL; }
+
+TEST_GROUP(pub_sub_http_event_test)
+{
+};
+
+
+TEST(pub_sub_http_event_test, http_traffic)
+{
+ uint32_t stream_id = 0;
+ HttpEvent event(nullptr, false, stream_id);
+ CHECK_FALSE(event.get_is_http2());
+ CHECK(event.get_http2_stream_id() == stream_id);
+}
+
+TEST(pub_sub_http_event_test, http2_traffic)
+{
+ uint32_t stream_id = 3;
+ HttpEvent event(nullptr, true, stream_id);
+ CHECK(event.get_is_http2());
+ CHECK(event.get_http2_stream_id() == stream_id);
+}
+
+int main(int argc, char** argv)
+{
+ return CommandLineTestRunner::RunAllTests(argc, argv);
+}
+
return get_stream(current_stream[source_id]);
}
+uint32_t Http2FlowData::get_current_stream_id(const HttpCommon::SourceId source_id)
+{
+ return current_stream[source_id];
+}
+
~StreamInfo() { delete stream; }
};
class Http2Stream* get_current_stream(const HttpCommon::SourceId source_id);
+ uint32_t get_current_stream_id(const HttpCommon::SourceId source_id);
Http2HpackDecoder* get_hpack_decoder(const HttpCommon::SourceId source_id)
{ return &hpack_decoder[source_id]; }
#include "http_msg_request.h"
#include "http_msg_body.h"
#include "pub_sub/http_events.h"
+#include "service_inspectors/http2_inspect/http2_flow_data.h"
#include "sfip/sf_ip.h"
using namespace snort;
void HttpMsgHeader::publish()
{
- HttpEvent http_event(this);
+ uint32_t stream_id = 0;
+ if (session_data->for_http2)
+ {
+ Http2FlowData* h2i_flow_data = (Http2FlowData*)flow->get_flow_data(Http2FlowData::inspector_id);
+ assert(h2i_flow_data);
+ stream_id = h2i_flow_data->get_current_stream_id(source_id);
+ }
+
+ HttpEvent http_event(this, session_data->for_http2, stream_id);
const char* key = (source_id == SRC_CLIENT) ?
HTTP_REQUEST_HEADER_EVENT_KEY : HTTP_RESPONSE_HEADER_EVENT_KEY;
projects / thirdparty / snort3.git / commitdiff
