git.ipfire.org Git - thirdparty/suricata.git/commit

author	Aaron Bungay <amb240h@gmail.com>
	Sun, 19 Apr 2020 22:22:18 +0000 (18:22 -0400)
committer	Victor Julien <vjulien@oisf.net>
	Mon, 31 Jan 2022 12:20:51 +0000 (13:20 +0100)
commit	272786908cf130b7d84324af141dbad6b7695a58
tree	0dbb0844c957a65a2170562232db3553877a86f7	tree
parent	6c240938b51daadb6c869d2339c2e7cc29ebde68	commit \| diff

smtp/mime: configurable url scheme extraction

Parse extract-url-schemes from the mime config.
e.g. 'extract-urls-schemes: [http, https, ftp, mailto]'
Update MimeDecConfig struct to new url extraction fields.
Change app-layer-smtp.c & util-decode-mime.c to initialize new struct
fields for MimeDecConfig.
Sets the default value for extract-url-schemes if not found in the
config to 'extract-urls-schemes: [http]' for backwards compatibility.

Uses the schemes defined in the mime config value for
extract-urls-schemes to search for URLS starting with those scheme
names followed by "://".
Logs the URLS with the scheme + '://' at the start if the
log-url-scheme is set in the mime config, otherwise the old behaviour
is reverted to and the urls are logged with the schemes stripped.

Removed unused constant URL_STR now that URLS are being searched for
using extract-urls-schemes mime config values instead of just URL's
starting with 'http://'.

Added commented out new options for extract-urls-schemes and
log-url-scheme to suricata.yaml.in.

Update FindUrlStrings comments.
Remove old outdated comments/commented code from FindUrlStrings.
Update test case for mime which now needs schemes list to be set.
Add Test Cases for FindUrlStrings() method.

Feature: #2054

src/app-layer-smtp.c		diff \| blob \| blame \| history
src/util-decode-mime.c		diff \| blob \| blame \| history
src/util-decode-mime.h		diff \| blob \| blame \| history
suricata.yaml.in		diff \| blob \| blame \| history