From: Shivani Bhardwaj Date: Thu, 12 Aug 2021 11:57:53 +0000 (+0530) Subject: http2: use Direction enum X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ee5b300ccf975ace601f6f2c77863a9952bc7d95;p=people%2Fms%2Fsuricata.git http2: use Direction enum --- diff --git a/rust/src/http2/decompression.rs b/rust/src/http2/decompression.rs index 380fcf3a8..7620610c9 100644 --- a/rust/src/http2/decompression.rs +++ b/rust/src/http2/decompression.rs @@ -15,7 +15,7 @@ * 02110-1301, USA. */ -use crate::core::STREAM_TOCLIENT; +use crate::core::Direction; use brotli; use flate2::read::{DeflateDecoder, GzDecoder}; use std; @@ -240,8 +240,8 @@ impl HTTP2Decoder { } } - pub fn http2_encoding_fromvec(&mut self, input: &Vec, dir: u8) { - if dir == STREAM_TOCLIENT { + pub fn http2_encoding_fromvec(&mut self, input: &Vec, dir: Direction) { + if dir == Direction::ToClient { self.decoder_tc.http2_encoding_fromvec(input); } else { self.decoder_ts.http2_encoding_fromvec(input); @@ -249,9 +249,9 @@ impl HTTP2Decoder { } pub fn decompress<'a>( - &mut self, input: &'a [u8], output: &'a mut Vec, dir: u8, + &mut self, input: &'a [u8], output: &'a mut Vec, dir: Direction, ) -> io::Result<&'a [u8]> { - if dir == STREAM_TOCLIENT { + if dir == Direction::ToClient { return self.decoder_tc.decompress(input, output); } else { return self.decoder_ts.decompress(input, output); diff --git a/rust/src/http2/detect.rs b/rust/src/http2/detect.rs index 0cbc59c6c..94e8f7d30 100644 --- a/rust/src/http2/detect.rs +++ b/rust/src/http2/detect.rs @@ -19,14 +19,14 @@ use super::http2::{ HTTP2Event, HTTP2Frame, HTTP2FrameTypeData, HTTP2State, HTTP2Transaction, HTTP2TransactionState, }; use super::parser; -use crate::core::{STREAM_TOCLIENT, STREAM_TOSERVER}; +use crate::core::Direction; use std::ffi::CStr; use std::str::FromStr; fn http2_tx_has_frametype( - tx: &mut HTTP2Transaction, direction: u8, value: u8, + tx: &mut HTTP2Transaction, direction: Direction, value: u8, ) -> std::os::raw::c_int { - if direction & STREAM_TOSERVER != 0 { + if direction == Direction::ToServer { for i in 0..tx.frames_ts.len() { if tx.frames_ts[i].header.ftype as u8 == value { return 1; @@ -47,7 +47,7 @@ pub unsafe extern "C" fn rs_http2_tx_has_frametype( tx: *mut std::os::raw::c_void, direction: u8, value: u8, ) -> std::os::raw::c_int { let tx = cast_pointer!(tx, HTTP2Transaction); - return http2_tx_has_frametype(tx, direction, value); + return http2_tx_has_frametype(tx, direction.into(), value); } #[no_mangle] @@ -64,9 +64,9 @@ pub unsafe extern "C" fn rs_http2_parse_frametype( } fn http2_tx_has_errorcode( - tx: &mut HTTP2Transaction, direction: u8, code: u32, + tx: &mut HTTP2Transaction, direction: Direction, code: u32, ) -> std::os::raw::c_int { - if direction & STREAM_TOSERVER != 0 { + if direction == Direction::ToServer { for i in 0..tx.frames_ts.len() { match tx.frames_ts[i].data { HTTP2FrameTypeData::GOAWAY(goaway) => { @@ -107,7 +107,7 @@ pub unsafe extern "C" fn rs_http2_tx_has_errorcode( tx: *mut std::os::raw::c_void, direction: u8, code: u32, ) -> std::os::raw::c_int { let tx = cast_pointer!(tx, HTTP2Transaction); - return http2_tx_has_errorcode(tx, direction, code); + return http2_tx_has_errorcode(tx, direction.into(), code); } #[no_mangle] @@ -124,10 +124,10 @@ pub unsafe extern "C" fn rs_http2_parse_errorcode( } fn http2_tx_get_next_priority( - tx: &mut HTTP2Transaction, direction: u8, nb: u32, + tx: &mut HTTP2Transaction, direction: Direction, nb: u32, ) -> std::os::raw::c_int { let mut pos = 0 as u32; - if direction & STREAM_TOSERVER != 0 { + if direction == Direction::ToServer { for i in 0..tx.frames_ts.len() { match &tx.frames_ts[i].data { HTTP2FrameTypeData::PRIORITY(prio) => { @@ -180,14 +180,14 @@ pub unsafe extern "C" fn rs_http2_tx_get_next_priority( tx: *mut std::os::raw::c_void, direction: u8, nb: u32, ) -> std::os::raw::c_int { let tx = cast_pointer!(tx, HTTP2Transaction); - return http2_tx_get_next_priority(tx, direction, nb); + return http2_tx_get_next_priority(tx, direction.into(), nb); } fn http2_tx_get_next_window( - tx: &mut HTTP2Transaction, direction: u8, nb: u32, + tx: &mut HTTP2Transaction, direction: Direction, nb: u32, ) -> std::os::raw::c_int { let mut pos = 0 as u32; - if direction & STREAM_TOSERVER != 0 { + if direction == Direction::ToServer { for i in 0..tx.frames_ts.len() { match tx.frames_ts[i].data { HTTP2FrameTypeData::WINDOWUPDATE(wu) => { @@ -222,7 +222,7 @@ pub unsafe extern "C" fn rs_http2_tx_get_next_window( tx: *mut std::os::raw::c_void, direction: u8, nb: u32, ) -> std::os::raw::c_int { let tx = cast_pointer!(tx, HTTP2Transaction); - return http2_tx_get_next_window(tx, direction, nb); + return http2_tx_get_next_window(tx, direction.into(), nb); } #[no_mangle] @@ -283,9 +283,9 @@ fn http2_detect_settings_match( } fn http2_detect_settingsctx_match( - ctx: &mut parser::DetectHTTP2settingsSigCtx, tx: &mut HTTP2Transaction, direction: u8, + ctx: &mut parser::DetectHTTP2settingsSigCtx, tx: &mut HTTP2Transaction, direction: Direction, ) -> std::os::raw::c_int { - if direction & STREAM_TOSERVER != 0 { + if direction == Direction::ToServer { for i in 0..tx.frames_ts.len() { match &tx.frames_ts[i].data { HTTP2FrameTypeData::SETTINGS(set) => { @@ -317,7 +317,7 @@ pub unsafe extern "C" fn rs_http2_detect_settingsctx_match( ) -> std::os::raw::c_int { let ctx = cast_pointer!(ctx, parser::DetectHTTP2settingsSigCtx); let tx = cast_pointer!(tx, HTTP2Transaction); - return http2_detect_settingsctx_match(ctx, tx, direction); + return http2_detect_settingsctx_match(ctx, tx, direction.into()); } #[no_mangle] @@ -396,9 +396,9 @@ fn http2_header_blocks(frame: &HTTP2Frame) -> Option<&[parser::HTTP2FrameHeaderB } fn http2_detect_sizeupdatectx_match( - ctx: &mut parser::DetectU64Data, tx: &mut HTTP2Transaction, direction: u8, + ctx: &mut parser::DetectU64Data, tx: &mut HTTP2Transaction, direction: Direction, ) -> std::os::raw::c_int { - if direction & STREAM_TOSERVER != 0 { + if direction == Direction::ToServer { for i in 0..tx.frames_ts.len() { if let Some(blocks) = http2_header_blocks(&tx.frames_ts[i]) { if http2_detect_sizeupdate_match(blocks, ctx) != 0 { @@ -424,7 +424,7 @@ pub unsafe extern "C" fn rs_http2_detect_sizeupdatectx_match( ) -> std::os::raw::c_int { let ctx = cast_pointer!(ctx, parser::DetectU64Data); let tx = cast_pointer!(tx, HTTP2Transaction); - return http2_detect_sizeupdatectx_match(ctx, tx, direction); + return http2_detect_sizeupdatectx_match(ctx, tx, direction.into()); } //TODOask better syntax between rs_http2_tx_get_header_name in argument @@ -434,29 +434,32 @@ pub unsafe extern "C" fn rs_http2_tx_get_header_name( tx: &mut HTTP2Transaction, direction: u8, nb: u32, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { let mut pos = 0 as u32; - if direction & STREAM_TOSERVER != 0 { - for i in 0..tx.frames_ts.len() { - if let Some(blocks) = http2_header_blocks(&tx.frames_ts[i]) { - if nb < pos + blocks.len() as u32 { - let value = &blocks[(nb - pos) as usize].name; - *buffer = value.as_ptr(); //unsafe - *buffer_len = value.len() as u32; - return 1; - } else { - pos = pos + blocks.len() as u32; + match direction.into() { + Direction::ToServer => { + for i in 0..tx.frames_ts.len() { + if let Some(blocks) = http2_header_blocks(&tx.frames_ts[i]) { + if nb < pos + blocks.len() as u32 { + let value = &blocks[(nb - pos) as usize].name; + *buffer = value.as_ptr(); //unsafe + *buffer_len = value.len() as u32; + return 1; + } else { + pos = pos + blocks.len() as u32; + } } } } - } else { - for i in 0..tx.frames_tc.len() { - if let Some(blocks) = http2_header_blocks(&tx.frames_tc[i]) { - if nb < pos + blocks.len() as u32 { - let value = &blocks[(nb - pos) as usize].name; - *buffer = value.as_ptr(); //unsafe - *buffer_len = value.len() as u32; - return 1; - } else { - pos = pos + blocks.len() as u32; + Direction::ToClient => { + for i in 0..tx.frames_tc.len() { + if let Some(blocks) = http2_header_blocks(&tx.frames_tc[i]) { + if nb < pos + blocks.len() as u32 { + let value = &blocks[(nb - pos) as usize].name; + *buffer = value.as_ptr(); //unsafe + *buffer_len = value.len() as u32; + return 1; + } else { + pos = pos + blocks.len() as u32; + } } } } @@ -465,9 +468,9 @@ pub unsafe extern "C" fn rs_http2_tx_get_header_name( } fn http2_frames_get_header_firstvalue<'a>( - tx: &'a mut HTTP2Transaction, direction: u8, name: &str, + tx: &'a mut HTTP2Transaction, direction: Direction, name: &str, ) -> Result<&'a [u8], ()> { - let frames = if direction == STREAM_TOSERVER { + let frames = if direction == Direction::ToServer { &tx.frames_ts } else { &tx.frames_tc @@ -487,11 +490,11 @@ fn http2_frames_get_header_firstvalue<'a>( // same as http2_frames_get_header_value but returns a new Vec // instead of using the transation to store the result slice pub fn http2_frames_get_header_value_vec( - tx: &HTTP2Transaction, direction: u8, name: &str, + tx: &HTTP2Transaction, direction: Direction, name: &str, ) -> Result, ()> { let mut found = 0; let mut vec = Vec::new(); - let frames = if direction == STREAM_TOSERVER { + let frames = if direction == Direction::ToServer { &tx.frames_ts } else { &tx.frames_tc @@ -523,12 +526,12 @@ pub fn http2_frames_get_header_value_vec( } fn http2_frames_get_header_value<'a>( - tx: &'a mut HTTP2Transaction, direction: u8, name: &str, + tx: &'a mut HTTP2Transaction, direction: Direction, name: &str, ) -> Result<&'a [u8], ()> { let mut found = 0; let mut vec = Vec::new(); let mut single: Result<&[u8], ()> = Err(()); - let frames = if direction == STREAM_TOSERVER { + let frames = if direction == Direction::ToServer { &tx.frames_ts } else { &tx.frames_tc @@ -571,7 +574,7 @@ fn http2_frames_get_header_value<'a>( pub unsafe extern "C" fn rs_http2_tx_get_uri( tx: &mut HTTP2Transaction, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { - if let Ok(value) = http2_frames_get_header_firstvalue(tx, STREAM_TOSERVER, ":path") { + if let Ok(value) = http2_frames_get_header_firstvalue(tx, Direction::ToServer, ":path") { *buffer = value.as_ptr(); //unsafe *buffer_len = value.len() as u32; return 1; @@ -583,7 +586,7 @@ pub unsafe extern "C" fn rs_http2_tx_get_uri( pub unsafe extern "C" fn rs_http2_tx_get_method( tx: &mut HTTP2Transaction, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { - if let Ok(value) = http2_frames_get_header_firstvalue(tx, STREAM_TOSERVER, ":method") { + if let Ok(value) = http2_frames_get_header_firstvalue(tx, Direction::ToServer, ":method") { *buffer = value.as_ptr(); //unsafe *buffer_len = value.len() as u32; return 1; @@ -595,7 +598,7 @@ pub unsafe extern "C" fn rs_http2_tx_get_method( pub unsafe extern "C" fn rs_http2_tx_get_host( tx: &mut HTTP2Transaction, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { - if let Ok(value) = http2_frames_get_header_value(tx, STREAM_TOSERVER, ":authority") { + if let Ok(value) = http2_frames_get_header_value(tx, Direction::ToServer, ":authority") { *buffer = value.as_ptr(); //unsafe *buffer_len = value.len() as u32; return 1; @@ -634,7 +637,7 @@ fn http2_normalize_host(value: &[u8]) -> (Option>, usize) { pub unsafe extern "C" fn rs_http2_tx_get_host_norm( tx: &mut HTTP2Transaction, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { - if let Ok(value) = http2_frames_get_header_value(tx, STREAM_TOSERVER, ":authority") { + if let Ok(value) = http2_frames_get_header_value(tx, Direction::ToServer, ":authority") { let r = http2_normalize_host(value); // r is a tuple with the value and its size // this is useful when we only take a substring (before the port) @@ -663,7 +666,7 @@ pub unsafe extern "C" fn rs_http2_tx_get_host_norm( pub unsafe extern "C" fn rs_http2_tx_get_useragent( tx: &mut HTTP2Transaction, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { - if let Ok(value) = http2_frames_get_header_value(tx, STREAM_TOSERVER, "user-agent") { + if let Ok(value) = http2_frames_get_header_value(tx, Direction::ToServer, "user-agent") { *buffer = value.as_ptr(); //unsafe *buffer_len = value.len() as u32; return 1; @@ -675,7 +678,7 @@ pub unsafe extern "C" fn rs_http2_tx_get_useragent( pub unsafe extern "C" fn rs_http2_tx_get_status( tx: &mut HTTP2Transaction, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { - if let Ok(value) = http2_frames_get_header_firstvalue(tx, STREAM_TOCLIENT, ":status") { + if let Ok(value) = http2_frames_get_header_firstvalue(tx, Direction::ToClient, ":status") { *buffer = value.as_ptr(); //unsafe *buffer_len = value.len() as u32; return 1; @@ -687,14 +690,14 @@ pub unsafe extern "C" fn rs_http2_tx_get_status( pub unsafe extern "C" fn rs_http2_tx_get_cookie( tx: &mut HTTP2Transaction, direction: u8, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { - if direction == STREAM_TOSERVER { - if let Ok(value) = http2_frames_get_header_value(tx, STREAM_TOSERVER, "cookie") { + if direction == Direction::ToServer.into() { + if let Ok(value) = http2_frames_get_header_value(tx, Direction::ToServer, "cookie") { *buffer = value.as_ptr(); //unsafe *buffer_len = value.len() as u32; return 1; } } else { - if let Ok(value) = http2_frames_get_header_value(tx, STREAM_TOCLIENT, "set-cookie") { + if let Ok(value) = http2_frames_get_header_value(tx, Direction::ToClient, "set-cookie") { *buffer = value.as_ptr(); //unsafe *buffer_len = value.len() as u32; return 1; @@ -710,7 +713,7 @@ pub unsafe extern "C" fn rs_http2_tx_get_header_value( ) -> u8 { let hname: &CStr = CStr::from_ptr(strname); //unsafe if let Ok(s) = hname.to_str() { - if let Ok(value) = http2_frames_get_header_value(tx, direction, &s.to_lowercase()) { + if let Ok(value) = http2_frames_get_header_value(tx, direction.into(), &s.to_lowercase()) { *buffer = value.as_ptr(); //unsafe *buffer_len = value.len() as u32; return 1; @@ -744,7 +747,7 @@ pub unsafe extern "C" fn rs_http2_tx_get_header_names( tx: &mut HTTP2Transaction, direction: u8, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { let mut vec = vec![b'\r', b'\n']; - let frames = if direction & STREAM_TOSERVER != 0 { + let frames = if direction & Direction::ToServer as u8 != 0 { &tx.frames_ts } else { &tx.frames_tc @@ -770,9 +773,9 @@ pub unsafe extern "C" fn rs_http2_tx_get_header_names( return 0; } -fn http2_header_iscookie(direction: u8, hname: &[u8]) -> bool { +fn http2_header_iscookie(direction: Direction, hname: &[u8]) -> bool { if let Ok(s) = std::str::from_utf8(hname) { - if direction & STREAM_TOSERVER != 0 { + if direction == Direction::ToServer { if s.to_lowercase() == "cookie" { return true; } @@ -810,7 +813,7 @@ pub unsafe extern "C" fn rs_http2_tx_get_headers( tx: &mut HTTP2Transaction, direction: u8, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { let mut vec = Vec::new(); - let frames = if direction & STREAM_TOSERVER != 0 { + let frames = if direction & Direction::ToServer as u8 != 0 { &tx.frames_ts } else { &tx.frames_tc @@ -818,7 +821,7 @@ pub unsafe extern "C" fn rs_http2_tx_get_headers( for i in 0..frames.len() { if let Some(blocks) = http2_header_blocks(&frames[i]) { for block in blocks.iter() { - if !http2_header_iscookie(direction, &block.name) { + if !http2_header_iscookie(direction.into(), &block.name) { // we do not escape linefeeds nor : in headers names vec.extend_from_slice(&block.name); vec.extend_from_slice(&[b':', b' ']); @@ -844,7 +847,7 @@ pub unsafe extern "C" fn rs_http2_tx_get_headers_raw( tx: &mut HTTP2Transaction, direction: u8, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { let mut vec = Vec::new(); - let frames = if direction & STREAM_TOSERVER != 0 { + let frames = if direction & Direction::ToServer as u8 != 0 { &tx.frames_ts } else { &tx.frames_tc @@ -876,40 +879,42 @@ pub unsafe extern "C" fn rs_http2_tx_get_header( tx: &mut HTTP2Transaction, direction: u8, nb: u32, buffer: *mut *const u8, buffer_len: *mut u32, ) -> u8 { let mut pos = 0 as u32; - if direction & STREAM_TOSERVER != 0 { - for i in 0..tx.frames_ts.len() { - if let Some(blocks) = http2_header_blocks(&tx.frames_ts[i]) { - if nb < pos + blocks.len() as u32 { - let ehdr = http2_escape_header(&blocks, nb - pos); - tx.escaped.push(ehdr); - let idx = tx.escaped.len() - 1; - let value = &tx.escaped[idx]; - *buffer = value.as_ptr(); //unsafe - *buffer_len = value.len() as u32; - return 1; - } else { - pos = pos + blocks.len() as u32; + match direction.into() { + Direction::ToServer => { + for i in 0..tx.frames_ts.len() { + if let Some(blocks) = http2_header_blocks(&tx.frames_ts[i]) { + if nb < pos + blocks.len() as u32 { + let ehdr = http2_escape_header(&blocks, nb - pos); + tx.escaped.push(ehdr); + let idx = tx.escaped.len() - 1; + let value = &tx.escaped[idx]; + *buffer = value.as_ptr(); //unsafe + *buffer_len = value.len() as u32; + return 1; + } else { + pos = pos + blocks.len() as u32; + } } } } - } else { - for i in 0..tx.frames_tc.len() { - if let Some(blocks) = http2_header_blocks(&tx.frames_tc[i]) { - if nb < pos + blocks.len() as u32 { - let ehdr = http2_escape_header(&blocks, nb - pos); - tx.escaped.push(ehdr); - let idx = tx.escaped.len() - 1; - let value = &tx.escaped[idx]; - *buffer = value.as_ptr(); //unsafe - *buffer_len = value.len() as u32; - return 1; - } else { - pos = pos + blocks.len() as u32; + Direction::ToClient => { + for i in 0..tx.frames_tc.len() { + if let Some(blocks) = http2_header_blocks(&tx.frames_tc[i]) { + if nb < pos + blocks.len() as u32 { + let ehdr = http2_escape_header(&blocks, nb - pos); + tx.escaped.push(ehdr); + let idx = tx.escaped.len() - 1; + let value = &tx.escaped[idx]; + *buffer = value.as_ptr(); //unsafe + *buffer_len = value.len() as u32; + return 1; + } else { + pos = pos + blocks.len() as u32; + } } } } } - return 0; } @@ -935,7 +940,7 @@ fn http2_tx_set_header(state: &mut HTTP2State, name: &[u8], input: &[u8]) { blocks: blocks, }; let txdata = HTTP2FrameTypeData::HEADERS(hs); - let tx = state.find_or_create_tx(&head, &txdata, STREAM_TOSERVER); + let tx = state.find_or_create_tx(&head, &txdata, Direction::ToServer); tx.frames_ts.push(HTTP2Frame { header: head, data: txdata, @@ -1078,7 +1083,7 @@ fn http2_tx_set_settings(state: &mut HTTP2State, input: &[u8]) { match parser::http2_parse_frame_settings(&dec) { Ok((_, set)) => { let txdata = HTTP2FrameTypeData::SETTINGS(set); - let tx = state.find_or_create_tx(&head, &txdata, STREAM_TOSERVER); + let tx = state.find_or_create_tx(&head, &txdata, Direction::ToServer); tx.frames_ts.push(HTTP2Frame { header: head, data: txdata, @@ -1202,7 +1207,7 @@ mod tests { header: head, data: txdata, }); - match http2_frames_get_header_value(&mut tx, STREAM_TOSERVER, "Host") { + match http2_frames_get_header_value(&mut tx, Direction::ToServer, "Host") { Ok(x) => { assert_eq!(x, "abc.com, efg.net".as_bytes()); } diff --git a/rust/src/http2/http2.rs b/rust/src/http2/http2.rs index 806d96267..66f550fa3 100644 --- a/rust/src/http2/http2.rs +++ b/rust/src/http2/http2.rs @@ -21,10 +21,7 @@ use super::parser; use super::range; use crate::applayer::{self, *}; -use crate::core::{ - self, AppProto, Flow, HttpRangeContainerBlock, SuricataFileContext, ALPROTO_FAILED, - ALPROTO_UNKNOWN, IPPROTO_TCP, SC, STREAM_TOCLIENT, STREAM_TOSERVER, -}; +use crate::core::{self, *}; use crate::filecontainer::*; use crate::filetracker::*; use nom; @@ -195,7 +192,7 @@ impl HTTP2Transaction { core::sc_app_layer_decoder_events_set_event_raw(&mut self.events, ev); } - fn handle_headers(&mut self, blocks: &Vec, dir: u8) { + fn handle_headers(&mut self, blocks: &Vec, dir: Direction) { for i in 0..blocks.len() { if blocks[i].name == "content-encoding".as_bytes().to_vec() { self.decoder.http2_encoding_fromvec(&blocks[i].value, dir); @@ -204,13 +201,13 @@ impl HTTP2Transaction { } fn decompress<'a>( - &'a mut self, input: &'a [u8], dir: u8, sfcm: &'static SuricataFileContext, over: bool, - files: &mut FileContainer, flags: u16, flow: *const Flow, + &'a mut self, input: &'a [u8], dir: Direction, sfcm: &'static SuricataFileContext, + over: bool, files: &mut FileContainer, flags: u16, flow: *const Flow, ) -> io::Result<()> { let mut output = Vec::with_capacity(decompression::HTTP2_DECOMPRESSION_CHUNK_SIZE); let decompressed = self.decoder.decompress(input, &mut output, dir)?; let xid: u32 = self.tx_id as u32; - if dir == STREAM_TOCLIENT { + if dir == Direction::ToClient { self.ft_tc.tx_id = self.tx_id - 1; if !self.ft_tc.file_open { // we are now sure that new_chunk will open a file @@ -218,7 +215,7 @@ impl HTTP2Transaction { self.tx_data.incr_files_opened(); if let Ok(value) = detect::http2_frames_get_header_value_vec( self, - STREAM_TOCLIENT, + Direction::ToClient, "content-range", ) { match range::http2_parse_check_content_range(&value) { @@ -276,12 +273,12 @@ impl HTTP2Transaction { } fn handle_frame( - &mut self, header: &parser::HTTP2FrameHeader, data: &HTTP2FrameTypeData, dir: u8, + &mut self, header: &parser::HTTP2FrameHeader, data: &HTTP2FrameTypeData, dir: Direction, ) { //handle child_stream_id changes match data { HTTP2FrameTypeData::PUSHPROMISE(hs) => { - if dir == STREAM_TOCLIENT { + if dir == Direction::ToClient { //we could set an event if self.child_stream_id != 0 if header.flags & parser::HTTP2_FLAG_HEADER_END_HEADERS == 0 { self.child_stream_id = hs.stream_id; @@ -291,7 +288,7 @@ impl HTTP2Transaction { self.handle_headers(&hs.blocks, dir); } HTTP2FrameTypeData::CONTINUATION(hs) => { - if dir == STREAM_TOCLIENT + if dir == Direction::ToClient && header.flags & parser::HTTP2_FLAG_HEADER_END_HEADERS != 0 { self.child_stream_id = 0; @@ -299,7 +296,7 @@ impl HTTP2Transaction { self.handle_headers(&hs.blocks, dir); } HTTP2FrameTypeData::HEADERS(hs) => { - if dir == STREAM_TOCLIENT { + if dir == Direction::ToClient { self.child_stream_id = 0; } self.handle_headers(&hs.blocks, dir); @@ -316,12 +313,12 @@ impl HTTP2Transaction { match self.state { HTTP2TransactionState::HTTP2StateHalfClosedClient | HTTP2TransactionState::HTTP2StateDataServer => { - if dir == STREAM_TOCLIENT { + if dir == Direction::ToClient { self.state = HTTP2TransactionState::HTTP2StateClosed; } } HTTP2TransactionState::HTTP2StateHalfClosedServer => { - if dir == STREAM_TOSERVER { + if dir == Direction::ToServer { self.state = HTTP2TransactionState::HTTP2StateClosed; } } @@ -329,7 +326,7 @@ impl HTTP2Transaction { HTTP2TransactionState::HTTP2StateClosed => {} HTTP2TransactionState::HTTP2StateGlobal => {} _ => { - if dir == STREAM_TOCLIENT { + if dir == Direction::ToClient { self.state = HTTP2TransactionState::HTTP2StateHalfClosedServer; } else { self.state = HTTP2TransactionState::HTTP2StateHalfClosedClient; @@ -338,7 +335,7 @@ impl HTTP2Transaction { } } else if header.ftype == parser::HTTP2FrameType::DATA as u8 { //not end of stream - if dir == STREAM_TOSERVER { + if dir == Direction::ToServer { if self.state < HTTP2TransactionState::HTTP2StateDataClient { self.state = HTTP2TransactionState::HTTP2StateDataClient; } @@ -498,7 +495,7 @@ impl HTTP2State { } pub fn find_or_create_tx( - &mut self, header: &parser::HTTP2FrameHeader, data: &HTTP2FrameTypeData, dir: u8, + &mut self, header: &parser::HTTP2FrameHeader, data: &HTTP2FrameTypeData, dir: Direction, ) -> &mut HTTP2Transaction { if header.stream_id == 0 { return self.create_global_tx(); @@ -507,7 +504,7 @@ impl HTTP2State { //yes, the right stream_id for Suricata is not the header one HTTP2FrameTypeData::PUSHPROMISE(hs) => hs.stream_id, HTTP2FrameTypeData::CONTINUATION(_) => { - if dir == STREAM_TOCLIENT { + if dir == Direction::ToClient { //continuation of a push promise self.find_child_stream_id(header.stream_id) } else { @@ -539,7 +536,7 @@ impl HTTP2State { } } - fn process_headers(&mut self, blocks: &Vec, dir: u8) { + fn process_headers(&mut self, blocks: &Vec, dir: Direction) { let (mut update, mut sizeup) = (false, 0); for i in 0..blocks.len() { if blocks[i].error >= parser::HTTP2HeaderDecodeStatus::HTTP2HeaderDecodeError { @@ -555,7 +552,7 @@ impl HTTP2State { } if update { //borrow checker forbids to pass directly dyn_headers - let dyn_headers = if dir == STREAM_TOCLIENT { + let dyn_headers = if dir == Direction::ToClient { &mut self.dynamic_headers_tc } else { &mut self.dynamic_headers_ts @@ -565,7 +562,7 @@ impl HTTP2State { } fn parse_frame_data( - &mut self, ftype: u8, input: &[u8], complete: bool, hflags: u8, dir: u8, + &mut self, ftype: u8, input: &[u8], complete: bool, hflags: u8, dir: Direction, ) -> HTTP2FrameTypeData { match num::FromPrimitive::from_u8(ftype) { Some(parser::HTTP2FrameType::GOAWAY) => { @@ -593,7 +590,7 @@ impl HTTP2State { for i in 0..set.len() { if set[i].id == parser::HTTP2SettingsId::SETTINGSHEADERTABLESIZE { //reverse order as this is what we accept from the other endpoint - let dyn_headers = if dir == STREAM_TOCLIENT { + let dyn_headers = if dir == Direction::ToClient { &mut self.dynamic_headers_ts } else { &mut self.dynamic_headers_tc @@ -692,7 +689,7 @@ impl HTTP2State { } } Some(parser::HTTP2FrameType::PUSHPROMISE) => { - let dyn_headers = if dir == STREAM_TOCLIENT { + let dyn_headers = if dir == Direction::ToClient { &mut self.dynamic_headers_tc } else { &mut self.dynamic_headers_ts @@ -726,7 +723,7 @@ impl HTTP2State { return HTTP2FrameTypeData::DATA; } Some(parser::HTTP2FrameType::CONTINUATION) => { - let dyn_headers = if dir == STREAM_TOCLIENT { + let dyn_headers = if dir == Direction::ToClient { &mut self.dynamic_headers_tc } else { &mut self.dynamic_headers_ts @@ -757,7 +754,7 @@ impl HTTP2State { } } Some(parser::HTTP2FrameType::HEADERS) => { - let dyn_headers = if dir == STREAM_TOCLIENT { + let dyn_headers = if dir == Direction::ToClient { &mut self.dynamic_headers_tc } else { &mut self.dynamic_headers_ts @@ -803,7 +800,7 @@ impl HTTP2State { } fn parse_frames( - &mut self, mut input: &[u8], il: usize, dir: u8, flow: *const Flow, + &mut self, mut input: &[u8], il: usize, dir: Direction, flow: *const Flow, ) -> AppLayerResult { while input.len() > 0 { match parser::http2_parse_frame_header(input) { @@ -853,7 +850,7 @@ impl HTTP2State { let over = head.flags & parser::HTTP2_FLAG_HEADER_EOS != 0; let ftype = head.ftype; let sid = head.stream_id; - if dir == STREAM_TOSERVER { + if dir == Direction::ToServer { tx.frames_ts.push(HTTP2Frame { header: head, data: txdata, @@ -871,7 +868,7 @@ impl HTTP2State { let index = self.find_tx_index(sid); if index > 0 { let tx_same = &mut self.transactions[index - 1]; - let (files, flags) = self.files.get(dir.into()); + let (files, flags) = self.files.get(dir); match tx_same.decompress( &rem[..hlsafe], dir, @@ -949,7 +946,7 @@ impl HTTP2State { } //then parse all we can - let r = self.parse_frames(input, il, STREAM_TOSERVER, flow); + let r = self.parse_frames(input, il, Direction::ToServer, flow); if r.status == 1 { //adds bytes consumed by banner to incomplete result return AppLayerResult::incomplete(r.consumed + magic_consumed as u32, r.needed); @@ -973,7 +970,7 @@ impl HTTP2State { } } //then parse all we can - return self.parse_frames(input, il, STREAM_TOCLIENT, flow); + return self.parse_frames(input, il, Direction::ToClient, flow); } fn tx_iterator( @@ -1078,7 +1075,7 @@ pub unsafe extern "C" fn rs_http2_parse_ts( let state = cast_pointer!(state, HTTP2State); let buf = build_slice!(input, input_len as usize); - state.files.flags_ts = FileFlowToFlags(flow, STREAM_TOSERVER); + state.files.flags_ts = FileFlowToFlags(flow, Direction::ToServer.into()); state.files.flags_ts = state.files.flags_ts | FILE_USE_DETECT; return state.parse_ts(buf, flow); } @@ -1090,7 +1087,7 @@ pub unsafe extern "C" fn rs_http2_parse_tc( ) -> AppLayerResult { let state = cast_pointer!(state, HTTP2State); let buf = build_slice!(input, input_len as usize); - state.files.flags_tc = FileFlowToFlags(flow, STREAM_TOCLIENT); + state.files.flags_tc = FileFlowToFlags(flow, Direction::ToClient.into()); state.files.flags_tc = state.files.flags_tc | FILE_USE_DETECT; return state.parse_tc(buf, flow); } @@ -1162,7 +1159,7 @@ pub unsafe extern "C" fn rs_http2_getfiles( state: *mut std::os::raw::c_void, direction: u8, ) -> *mut FileContainer { let state = cast_pointer!(state, HTTP2State); - if direction == STREAM_TOCLIENT { + if direction == Direction::ToClient.into() { &mut state.files.files_tc as *mut FileContainer } else { &mut state.files.files_ts as *mut FileContainer diff --git a/rust/src/http2/range.rs b/rust/src/http2/range.rs index 08f3b5bec..1fc22b49d 100644 --- a/rust/src/http2/range.rs +++ b/rust/src/http2/range.rs @@ -17,7 +17,7 @@ use super::detect; use crate::core::{ - Flow, HttpRangeContainerBlock, StreamingBufferConfig, SuricataFileContext, SC, STREAM_TOSERVER, + Direction, Flow, HttpRangeContainerBlock, StreamingBufferConfig, SuricataFileContext, SC, }; use crate::filecontainer::FileContainer; use crate::http2::http2::HTTP2Transaction; @@ -105,7 +105,7 @@ pub unsafe extern "C" fn rs_http_parse_content_range( } fn http2_range_key_get(tx: &mut HTTP2Transaction) -> Result<(Vec, usize), ()> { - let hostv = detect::http2_frames_get_header_value_vec(tx, STREAM_TOSERVER, ":authority")?; + let hostv = detect::http2_frames_get_header_value_vec(tx, Direction::ToServer, ":authority")?; let mut hostv = &hostv[..]; match hostv.iter().position(|&x| x == b':') { Some(p) => { @@ -113,7 +113,7 @@ fn http2_range_key_get(tx: &mut HTTP2Transaction) -> Result<(Vec, usize), () } None => {} } - let uriv = detect::http2_frames_get_header_value_vec(tx, STREAM_TOSERVER, ":path")?; + let uriv = detect::http2_frames_get_header_value_vec(tx, Direction::ToServer, ":path")?; let mut uriv = &uriv[..]; match uriv.iter().position(|&x| x == b'?') { Some(p) => {