ike: use Direction enum

diff --git a/rust/src/ike/ike.rs b/rust/src/ike/ike.rs
index 8bdb5e051e3439ab2832bb6465472066b4fbf7b1..f445e815817f2c9f52a0f2a142d678340f79f89c 100644 (file)
--- a/rust/src/ike/ike.rs
+++ b/rust/src/ike/ike.rs
@@ -22,9 +22,7 @@ use self::ipsec_parser::*;
 
 use crate::applayer;
 use crate::applayer::*;
-use crate::core::{
-    self, AppProto, Flow, ALPROTO_FAILED, ALPROTO_UNKNOWN, STREAM_TOCLIENT, STREAM_TOSERVER,
-};
+use crate::core::{self, *};
 use crate::ike::ikev1::{handle_ikev1, IkeV1Header, Ikev1Container};
 use crate::ike::ikev2::{handle_ikev2, Ikev2Container};
 use crate::ike::parser::*;
@@ -201,7 +199,7 @@ impl IKEState {
         }
     }
 
-    fn handle_input(&mut self, input: &[u8], direction: u8) -> AppLayerResult {
+    fn handle_input(&mut self, input: &[u8], direction: Direction) -> AppLayerResult {
         // We're not interested in empty requests.
         if input.len() == 0 {
             return AppLayerResult::ok();
@@ -259,13 +257,13 @@ impl IKEState {
 }
 
 /// Probe to see if this input looks like a request or response.
-fn probe(input: &[u8], direction: u8, rdir: *mut u8) -> bool {
+fn probe(input: &[u8], direction: Direction, rdir: *mut u8) -> bool {
     match parse_isakmp_header(input) {
         Ok((_, isakmp_header)) => {
             if isakmp_header.maj_ver == 1 {
-                if isakmp_header.resp_spi == 0 && direction != STREAM_TOSERVER {
+                if isakmp_header.resp_spi == 0 && direction != Direction::ToServer {
                     unsafe {
-                        *rdir = STREAM_TOSERVER;
+                        *rdir = Direction::ToServer.into();
                     }
                 }
                 return true;
@@ -288,9 +286,9 @@ fn probe(input: &[u8], direction: u8, rdir: *mut u8) -> bool {
                     return false;
                 }
 
-                if isakmp_header.resp_spi == 0 && direction != STREAM_TOSERVER {
+                if isakmp_header.resp_spi == 0 && direction != Direction::ToServer {
                     unsafe {
-                        *rdir = STREAM_TOSERVER;
+                        *rdir = Direction::ToServer.into();
                     }
                 }
                 return true;
@@ -318,8 +316,8 @@ pub unsafe extern "C" fn rs_ike_probing_parser(
 
     if !input.is_null() {
         let slice = build_slice!(input, input_len as usize);
-        if probe(slice, direction, rdir) {
-            return ALPROTO_IKE ;
+        if probe(slice, direction.into(), rdir) {
+            return ALPROTO_IKE;
         }
     }
     return ALPROTO_FAILED;
@@ -354,7 +352,7 @@ pub unsafe extern "C" fn rs_ike_parse_request(
     let state = cast_pointer!(state, IKEState);
     let buf = build_slice!(input, input_len as usize);
 
-    return state.handle_input(buf, STREAM_TOSERVER);
+    return state.handle_input(buf, Direction::ToServer);
 }
 
 #[no_mangle]
@@ -364,7 +362,7 @@ pub unsafe extern "C" fn rs_ike_parse_response(
 ) -> AppLayerResult {
     let state = cast_pointer!(state, IKEState);
     let buf = build_slice!(input, input_len as usize);
-    return state.handle_input(buf, STREAM_TOCLIENT);
+    return state.handle_input(buf, Direction::ToClient);
 }
 
 #[no_mangle]

diff --git a/rust/src/ike/ikev1.rs b/rust/src/ike/ikev1.rs
index c7f85945e746d04292c00af02917a912f170c35c..02aa5b0cb19793ece2a302eafff2cad2478b3f79 100644 (file)
--- a/rust/src/ike/ikev1.rs
+++ b/rust/src/ike/ikev1.rs
@@ -19,7 +19,7 @@
 
 use crate::applayer::*;
 use crate::common::to_hex;
-use crate::core::STREAM_TOSERVER;
+use crate::core::Direction;
 use crate::ike::ike::{IKEState, IkeEvent};
 use crate::ike::parser::*;
 use nom;
@@ -72,7 +72,7 @@ pub struct Ikev1Container {
 }
 
 pub fn handle_ikev1(
-    state: &mut IKEState, current: &[u8], isakmp_header: IsakmpHeader, direction: u8,
+    state: &mut IKEState, current: &[u8], isakmp_header: IsakmpHeader, direction: Direction,
 ) -> AppLayerResult {
     let mut tx = state.new_tx();
 
@@ -114,7 +114,7 @@ pub fn handle_ikev1(
                 if payload_types.contains(&(IsakmpPayloadType::SecurityAssociation as u8)) {
                     // clear transforms on a new SA in case there is happening a new key exchange
                     // on the same flow, elsewise properties would be added to the old/other SA
-                    if direction == STREAM_TOSERVER {
+                    if direction == Direction::ToServer {
                         state.ikev1_container.client.reset();
                     } else {
                         state.ikev1_container.server.reset();
@@ -122,7 +122,7 @@ pub fn handle_ikev1(
                 }
 
                 // add transaction values to state values
-                if direction == STREAM_TOSERVER {
+                if direction == Direction::ToServer {
                     state.ikev1_container.client.update(
                         &to_hex(tx.hdr.ikev1_header.key_exchange.as_ref()),
                         &to_hex(tx.hdr.ikev1_header.nonce.as_ref()),

diff --git a/rust/src/ike/ikev2.rs b/rust/src/ike/ikev2.rs
index e731637522d1bd5cd53b9b7bc6218fabcc371d45..054f10e314002426cca2e55fe20bccc80e2f0859 100644 (file)
--- a/rust/src/ike/ikev2.rs
+++ b/rust/src/ike/ikev2.rs
@@ -18,7 +18,7 @@
 // written by Pierre Chifflier  <chifflier@wzdftpd.net>
 
 use crate::applayer::*;
-use crate::core::STREAM_TOCLIENT;
+use crate::core::Direction;
 use crate::ike::ipsec_parser::*;
 
 use super::ipsec_parser::IkeV2Transform;
@@ -99,7 +99,7 @@ impl Default for Ikev2Container {
 }
 
 pub fn handle_ikev2(
-    mut state: &mut IKEState, current: &[u8], isakmp_header: IsakmpHeader, direction: u8,
+    mut state: &mut IKEState, current: &[u8], isakmp_header: IsakmpHeader, direction: Direction,
 ) -> AppLayerResult {
     let hdr = IkeV2Header {
         init_spi: isakmp_header.init_spi,
@@ -140,7 +140,7 @@ pub fn handle_ikev2(
                     }
                     IkeV2PayloadContent::KE(ref kex) => {
                         SCLogDebug!("KEX {:?}", kex.dh_group);
-                        if direction == STREAM_TOCLIENT {
+                        if direction == Direction::ToClient {
                             state.ikev2_container.dh_group = kex.dh_group;
                         }
                     }
@@ -181,7 +181,9 @@ pub fn handle_ikev2(
     return AppLayerResult::ok();
 }
 
-fn add_proposals(state: &mut IKEState, tx: &mut IKETransaction, prop: &Vec<IkeV2Proposal>, direction: u8) {
+fn add_proposals(
+    state: &mut IKEState, tx: &mut IKETransaction, prop: &Vec<IkeV2Proposal>, direction: Direction,
+) {
     for p in prop {
         let transforms: Vec<IkeV2Transform> = p.transforms.iter().map(|x| x.into()).collect();
         // Rule 1: warn on weak or unknown transforms
@@ -286,7 +288,7 @@ fn add_proposals(state: &mut IKEState, tx: &mut IKETransaction, prop: &Vec<IkeV2
             }
         }
         // Finally
-        if direction == STREAM_TOCLIENT {
+        if direction == Direction::ToClient {
             transforms.iter().for_each(|t| match *t {
                 IkeV2Transform::Encryption(ref e) => {
                     state.ikev2_container.alg_enc = *e;
@@ -308,7 +310,7 @@ fn add_proposals(state: &mut IKEState, tx: &mut IKETransaction, prop: &Vec<IkeV2
                     state.ikev2_container.alg_esn = *e;
                     tx.hdr.ikev2_transforms.push(IkeV2Transform::ESN(*e));
                 }
-                _ => {},
+                _ => {}
             });
             SCLogDebug!("Selected transforms: {:?}", transforms);
         } else {