Merge pull request #1964 in SNORT/snort3 from ~SHRARANG/snort3:appid_odp_ctxt_2 to...

Squashed commit of the following:

commit d581343cebbbb26244cfd6cba4eeddddc308cf50
Author: Shravan Rangaraju <shrarang@cisco.com>
Date:   Wed Jan 22 14:53:39 2020 -0500

    appid: load app mapping data to odp context

diff --git a/src/network_inspectors/appid/app_info_table.cc b/src/network_inspectors/appid/app_info_table.cc
index e15411fb291b6cb484605252867f3ec77ad34079..6736b6f61fdd126d0c5bd64396708d33ec146049 100644 (file)
--- a/src/network_inspectors/appid/app_info_table.cc
+++ b/src/network_inspectors/appid/app_info_table.cc
@@ -29,25 +29,17 @@
 #include <string>
 #include <unistd.h>
 
-#include "appid_api.h"
-#include "appid_config.h"
-#include "appid_inspector.h"
-#include "appid_peg_counts.h"
 #include "log/unified2.h"
 #include "main/snort_config.h"
 #include "target_based/snort_protocols.h"
 #include "utils/util_cstring.h"
+#include "appid_api.h"
+#include "appid_config.h"
+#include "appid_inspector.h"
+#include "appid_peg_counts.h"
 
 using namespace snort;
 
-static AppInfoTable app_info_table;
-static AppInfoTable app_info_service_table;
-static AppInfoTable app_info_client_table;
-static AppInfoTable app_info_payload_table;
-static AppInfoNameTable app_info_name_table;
-static AppId next_custom_appid = SF_APPID_DYNAMIC_MIN;
-static AppInfoTable custom_app_info_table;
-
 #define MAX_TABLE_LINE_LEN      1024
 static const char* CONF_SEPARATORS = "\t\n\r";
 static const int MIN_MAX_TP_FLOW_DEPTH = 1;
@@ -80,7 +72,7 @@ AppInfoTableEntry::~AppInfoTableEntry()
         snort_free(app_name_key);
 }
 
-static bool is_existing_entry(AppInfoTableEntry* entry)
+bool AppInfoManager::is_existing_entry(AppInfoTableEntry* entry)
 {
     AppInfoNameTable::iterator app;
 
@@ -88,7 +80,7 @@ static bool is_existing_entry(AppInfoTableEntry* entry)
     return app != app_info_name_table.end();
 }
 
-static AppInfoTableEntry* find_app_info_by_name(const char* app_name)
+AppInfoTableEntry* AppInfoManager::find_app_info_by_name(const char* app_name)
 {
     AppInfoTableEntry* entry = nullptr;
     AppInfoNameTable::iterator app;
@@ -102,7 +94,7 @@ static AppInfoTableEntry* find_app_info_by_name(const char* app_name)
     return entry;
 }
 
-static bool add_entry_to_app_info_name_table(const char* app_name, AppInfoTableEntry* entry)
+bool AppInfoManager::add_entry_to_app_info_name_table(const char* app_name, AppInfoTableEntry* entry)
 {
     bool added = true;
 
@@ -119,7 +111,7 @@ static bool add_entry_to_app_info_name_table(const char* app_name, AppInfoTableE
     return added;
 }
 
-static AppId get_static_app_info_entry(AppId appid)
+AppId AppInfoManager::get_static_app_info_entry(AppId appid)
 {
     if (appid > 0 && appid < SF_APPID_BUILDIN_MAX)
         return appid;
@@ -274,7 +266,7 @@ void AppInfoManager::set_app_info_active(AppId appId)
         ParseWarning(WARN_PLUGINS, "appid: no entry in %s for %d", APP_MAPPING_FILE, appId);
 }
 
-void AppInfoManager::load_appid_config(OdpContext& odp_ctxt, const char* path)
+void AppInfoManager::load_odp_config(OdpContext& odp_ctxt, const char* path)
 {
     char buf[MAX_TABLE_LINE_LEN];
     unsigned line = 0;
@@ -607,16 +599,16 @@ SnortProtocolId AppInfoManager::add_appid_protocol_reference(const char* protoco
     return snort_protocol_id;
 }
 
-void AppInfoManager::init_appid_info_table(AppIdConfig* config,
+void AppInfoManager::init_appid_info_table(AppIdConfig& config,
     SnortConfig* sc, OdpContext& odp_ctxt)
 {
-    if ( !config->app_detector_dir )
+    if ( !config.app_detector_dir )
     {
         return;  // no lua detectors, no rule support, already warned
     }
 
     char filepath[PATH_MAX];
-    snprintf(filepath, sizeof(filepath), "%s/odp/%s", config->app_detector_dir,
+    snprintf(filepath, sizeof(filepath), "%s/odp/%s", config.app_detector_dir,
         APP_MAPPING_FILE);
 
     FILE* tableFile = fopen(filepath, "r");
@@ -707,15 +699,15 @@ void AppInfoManager::init_appid_info_table(AppIdConfig* config,
         }
         fclose(tableFile);
 
-        snprintf(filepath, sizeof(filepath), "%s/odp/%s", config->app_detector_dir,
+        snprintf(filepath, sizeof(filepath), "%s/odp/%s", config.app_detector_dir,
             APP_CONFIG_FILE);
-        load_appid_config (odp_ctxt, filepath);
-        snprintf(filepath, sizeof(filepath), "%s/custom/%s", config->app_detector_dir,
+        load_odp_config(odp_ctxt, filepath);
+        snprintf(filepath, sizeof(filepath), "%s/custom/%s", config.app_detector_dir,
             USR_CONFIG_FILE);
         if (access (filepath, F_OK))
-            snprintf(filepath, sizeof(filepath), "%s/../%s", config->app_detector_dir,
+            snprintf(filepath, sizeof(filepath), "%s/../%s", config.app_detector_dir,
                 USR_CONFIG_FILE);
-        load_appid_config (odp_ctxt, filepath);
+        load_odp_config(odp_ctxt, filepath);
     }
 }
 

diff --git a/src/network_inspectors/appid/app_info_table.h b/src/network_inspectors/appid/app_info_table.h
index 370483b0c71a950e5093e0a52a837b030b0fd11b..57cc59beda6a5cb02f011e7e592144b3fef1c9c0 100644 (file)
--- a/src/network_inspectors/appid/app_info_table.h
+++ b/src/network_inspectors/appid/app_info_table.h
@@ -92,12 +92,6 @@ typedef std::unordered_map<std::string, AppInfoTableEntry*> AppInfoNameTable;
 class AppInfoManager
 {
 public:
-    static inline AppInfoManager& get_instance()
-    {
-        static AppInfoManager instance;
-        return instance;
-    }
-
     AppInfoTableEntry* get_app_info_entry(AppId);
     AppInfoTableEntry* add_dynamic_app_entry(const char* app_name);
     AppId get_appid_by_service_id(uint32_t);
@@ -143,15 +137,26 @@ public:
         return entry ? entry->priority : 0;
     }
 
-    void init_appid_info_table(AppIdConfig*, snort::SnortConfig*, OdpContext& odp_ctxt);
+    void init_appid_info_table(AppIdConfig&, snort::SnortConfig*, OdpContext& odp_ctxt);
     void cleanup_appid_info_table();
     void dump_app_info_table();
     SnortProtocolId add_appid_protocol_reference(const char* protocol, snort::SnortConfig*);
 
 private:
-    inline AppInfoManager() = default;
-    void load_appid_config(OdpContext&, const char* path);
+    void load_odp_config(OdpContext&, const char* path);
     AppInfoTableEntry* get_app_info_entry(AppId appId, const AppInfoTable&);
+    bool is_existing_entry(AppInfoTableEntry* entry);
+    AppInfoTableEntry* find_app_info_by_name(const char* app_name);
+    bool add_entry_to_app_info_name_table(const char* app_name, AppInfoTableEntry* entry);
+    AppId get_static_app_info_entry(AppId appid);
+
+    AppInfoTable app_info_table;
+    AppInfoTable app_info_service_table;
+    AppInfoTable app_info_client_table;
+    AppInfoTable app_info_payload_table;
+    AppInfoNameTable app_info_name_table;
+    AppId next_custom_appid = SF_APPID_DYNAMIC_MIN;
+    AppInfoTable custom_app_info_table;
 };
 
 #endif

diff --git a/src/network_inspectors/appid/appid_api.cc b/src/network_inspectors/appid/appid_api.cc
index ebdc1b19a4f1a81c4f8d75f817077c4fa371415b..1a89dc867c2b521a00c8b01a9a3f302323a449db 100644 (file)
--- a/src/network_inspectors/appid/appid_api.cc
+++ b/src/network_inspectors/appid/appid_api.cc
@@ -49,19 +49,18 @@ AppIdSession* AppIdApi::get_appid_session(const Flow& flow)
     return (asd && asd->common.flow_type == APPID_FLOW_TYPE_NORMAL) ? asd : nullptr;
 }
 
-const char* AppIdApi::get_application_name(AppId app_id)
+const char* AppIdApi::get_application_name(AppId app_id, AppIdContext& ctxt)
 {
-    return AppInfoManager::get_instance().get_app_name(app_id);
+    return ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(app_id);
 }
 
 const char* AppIdApi::get_application_name(const Flow& flow, bool from_client)
 {
     const char* app_name = nullptr;
-    AppId appid = APP_ID_NONE;
     AppIdSession* asd = get_appid_session(flow);
     if (asd)
     {
-        appid = asd->pick_payload_app_id();
+        AppId appid = asd->pick_payload_app_id();
         if (appid <= APP_ID_NONE)
             appid = asd->pick_misc_app_id();
         if (!appid and from_client)
@@ -76,16 +75,17 @@ const char* AppIdApi::get_application_name(const Flow& flow, bool from_client)
             if (!appid)
                 appid = asd->pick_client_app_id();
         }
+        if (appid > APP_ID_NONE && appid < SF_APPID_MAX)
+            app_name = asd->ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(appid);
+
     }
-    if (appid > APP_ID_NONE && appid < SF_APPID_MAX)
-        app_name = AppInfoManager::get_instance().get_app_name(appid);
 
     return app_name;
 }
 
-AppId AppIdApi::get_application_id(const char* appName)
+AppId AppIdApi::get_application_id(const char* appName, AppIdContext& ctxt)
 {
-    return AppInfoManager::get_instance().get_appid_by_name(appName);
+    return ctxt.get_odp_ctxt().get_app_info_mgr().get_appid_by_name(appName);
 }
 
 #define APPID_HA_FLAGS_APP ( 1 << 0 )
@@ -139,7 +139,7 @@ uint32_t AppIdApi::consume_ha_state(Flow& flow, const uint8_t* buf, uint8_t, IpP
 
                 asd = new AppIdSession(proto, ip, port, *inspector);
                 flow.set_flow_data(asd);
-                asd->service.set_id(appHA->appId[1]);
+                asd->service.set_id(appHA->appId[1], asd->ctxt.get_odp_ctxt());
                 if (asd->service.get_id() == APP_ID_FTP_CONTROL)
                 {
                     asd->set_session_flags(APPID_SESSION_CLIENT_DETECTED |
@@ -176,7 +176,7 @@ uint32_t AppIdApi::consume_ha_state(Flow& flow, const uint8_t* buf, uint8_t, IpP
             asd->set_session_flags(APPID_SESSION_HTTP_SESSION);
 
         asd->set_tp_app_id(appHA->appId[0]);
-        asd->service.set_id(appHA->appId[1]);
+        asd->service.set_id(appHA->appId[1], asd->ctxt.get_odp_ctxt());
         asd->client_inferred_service_id = appHA->appId[2];
         asd->service.set_port_service_id(appHA->appId[3]);
         asd->payload.set_id(appHA->appId[4]);

diff --git a/src/network_inspectors/appid/appid_api.h b/src/network_inspectors/appid/appid_api.h
index d883645ee6b67972a0bbf8f23688279d00f7723f..19e628ee2d3d2108cc5359ff983687cb2ca9e439 100644 (file)
--- a/src/network_inspectors/appid/appid_api.h
+++ b/src/network_inspectors/appid/appid_api.h
@@ -29,6 +29,7 @@
 
 enum class IpProtocol : uint8_t;
 
+class AppIdContext;
 class AppIdSession;
 
 namespace snort
@@ -52,9 +53,9 @@ public:
     SO_PRIVATE AppIdApi() = default;
 
     AppIdSession* get_appid_session(const Flow& flow);
-    const char* get_application_name(AppId app_id);
+    const char* get_application_name(AppId app_id, AppIdContext& ctxt);
     const char* get_application_name(const Flow& flow, bool from_client);
-    AppId get_application_id(const char* appName);
+    AppId get_application_id(const char* appName, AppIdContext& ctxt);
     uint32_t produce_ha_state(const Flow& flow, uint8_t* buf);
     uint32_t consume_ha_state(Flow& flow, const uint8_t* buf, uint8_t length, IpProtocol,
         SfIp*, uint16_t initiatorPort);

diff --git a/src/network_inspectors/appid/appid_app_descriptor.h b/src/network_inspectors/appid/appid_app_descriptor.h
index 2092c639c14c49f90f9c721c0215f3e8c7cc7656..8b44069f3e951c1ec089c97b97d5eec74164fe68 100644 (file)
--- a/src/network_inspectors/appid/appid_app_descriptor.h
+++ b/src/network_inspectors/appid/appid_app_descriptor.h
@@ -34,6 +34,7 @@
 #include "pub_sub/appid_events.h"
 
 #include "app_info_table.h"
+#include "appid_config.h"
 #include "appid_module.h"
 #include "appid_peg_counts.h"
 #include "appid_types.h"
@@ -117,13 +118,12 @@ class ServiceAppDescriptor : public ApplicationDescriptor
 public:
     ServiceAppDescriptor() = default;
 
-    void set_id(AppId app_id) override
+    void set_id(AppId app_id, OdpContext& odp_ctxt)
     {
         if (get_id() != app_id)
         {
             ApplicationDescriptor::set_id(app_id);
-            AppInfoManager* app_info_mgr = &AppInfoManager::get_instance();
-            deferred = app_info_mgr->get_app_info_flags(app_id, APPINFO_FLAG_DEFER);
+            deferred = odp_ctxt.get_app_info_mgr().get_app_info_flags(app_id, APPINFO_FLAG_DEFER);
         }
     }
 
@@ -161,6 +161,7 @@ public:
 private:
     AppId port_service_id = APP_ID_NONE;
     bool deferred = false;
+    using ApplicationDescriptor::set_id;
 };
 
 class ClientAppDescriptor : public ApplicationDescriptor

diff --git a/src/network_inspectors/appid/appid_config.cc b/src/network_inspectors/appid/appid_config.cc
index a92ea3665f9a50aa92427b3aef90fa38234973ea..3c9dfad0ef8dd6caa2f03bceb9b254075657ec0d 100644 (file)
--- a/src/network_inspectors/appid/appid_config.cc
+++ b/src/network_inspectors/appid/appid_config.cc
@@ -75,15 +75,14 @@ AppIdConfig::~AppIdConfig()
 }
 
 // FIXIT-M: RELOAD - move initialization back to AppIdContext class constructor
-AppInfoManager& AppIdContext::app_info_mgr = AppInfoManager::get_instance();
 std::array<AppId, APP_ID_PORT_ARRAY_SIZE> AppIdContext::tcp_port_only = {APP_ID_NONE};
 std::array<AppId, APP_ID_PORT_ARRAY_SIZE> AppIdContext::udp_port_only = {APP_ID_NONE};
 std::array<AppId, 256> AppIdContext::ip_protocol = {APP_ID_NONE};
 
-// FIXIT-M: RELOAD - Move app info table cleanup back to AppId config destructor - cleanup()
 void AppIdContext::pterm()
 {
-    AppIdContext::app_info_mgr.cleanup_appid_info_table();
+    assert(odp_ctxt);
+    odp_ctxt->get_app_info_mgr().cleanup_appid_info_table();
     delete odp_ctxt;
 }
 
@@ -91,14 +90,13 @@ bool AppIdContext::init_appid(SnortConfig* sc)
 {
     // do not reload ODP on reload_config()
     if (!odp_ctxt)
-        odp_ctxt = new OdpContext();
+        odp_ctxt = new OdpContext(config, sc);
 
     // FIXIT-M: RELOAD - Get rid of "once" flag
     // Handle the if condition in AppIdContext::init_appid
     static bool once = false;
     if (!once)
     {
-        AppIdContext::app_info_mgr.init_appid_info_table(config, sc, *odp_ctxt);
         HttpPatternMatchers* http_matchers = HttpPatternMatchers::get_instance();
         AppIdDiscovery::initialize_plugins();
         LuaDetectorManager::initialize(*this, 1);
@@ -113,7 +111,7 @@ bool AppIdContext::init_appid(SnortConfig* sc)
 
     // do not reload third party on reload_config()
     if (!tp_appid_ctxt)
-        tp_appid_ctxt = TPLibHandler::create_tp_appid_ctxt(*config, *odp_ctxt);
+        tp_appid_ctxt = TPLibHandler::create_tp_appid_ctxt(config, *odp_ctxt);
 
     map_app_names_to_snort_ids(sc);
     return true;
@@ -121,7 +119,7 @@ bool AppIdContext::init_appid(SnortConfig* sc)
 
 void AppIdContext::create_tp_appid_ctxt()
 {
-    tp_appid_ctxt = TPLibHandler::create_tp_appid_ctxt(*config, *odp_ctxt);
+    tp_appid_ctxt = TPLibHandler::create_tp_appid_ctxt(config, *odp_ctxt);
 }
 
 AppId AppIdContext::get_port_service_id(IpProtocol proto, uint16_t port)
@@ -143,8 +141,8 @@ AppId AppIdContext::get_protocol_service_id(IpProtocol proto)
 
 void AppIdContext::show()
 {
-    if (!config->tp_appid_path.empty())
-        LogMessage("    3rd Party Dir: %s\n", config->tp_appid_path.c_str());
+    if (!config.tp_appid_path.empty())
+        LogMessage("    3rd Party Dir: %s\n", config.tp_appid_path.c_str());
 }
 
 void AppIdContext::display_port_config()
@@ -175,3 +173,7 @@ void AppIdContext::display_port_config()
         }
 }
 
+OdpContext::OdpContext(AppIdConfig& config, SnortConfig* sc)
+{
+    app_info_mgr.init_appid_info_table(config, sc, *this);
+}

diff --git a/src/network_inspectors/appid/appid_config.h b/src/network_inspectors/appid/appid_config.h
index 8bf22e5b4d9ba02f63631b14a29649fba1c218da..793527de92d76400d0ac540d17dcdff63710221a 100644 (file)
--- a/src/network_inspectors/appid/appid_config.h
+++ b/src/network_inspectors/appid/appid_config.h
@@ -35,6 +35,7 @@
 #include "tp_appid_module_api.h"
 
 #include "application_ids.h"
+#include "app_info_table.h"
 #include "host_port_app_cache.h"
 #include "length_app_cache.h"
 
@@ -99,6 +100,8 @@ public:
     bool allow_port_wildcard_host_cache = false;
     bool recheck_for_portservice_appid = false;
 
+    OdpContext(AppIdConfig&, snort::SnortConfig*);
+
     HostPortVal* host_port_cache_find(const snort::SfIp* ip, uint16_t port, IpProtocol proto)
     {
         return host_port_cache.find(ip, port, proto, *this);
@@ -119,21 +122,30 @@ public:
         return length_cache.add(key, val);
     }
 
+    AppInfoManager& get_app_info_mgr()
+    {
+        return app_info_mgr;
+    }
+
 private:
     HostPortCache host_port_cache;
     LengthCache length_cache;
+    AppInfoManager app_info_mgr;
 };
 
 class AppIdContext
 {
 public:
-    AppIdContext(AppIdConfig* config) : config(config)
+    AppIdContext(AppIdConfig& config) : config(config)
     { }
 
     ~AppIdContext() { }
 
     OdpContext& get_odp_ctxt() const
-    { return *odp_ctxt; }
+    {
+        assert(odp_ctxt);
+        return *odp_ctxt;
+    }
 
     ThirdPartyAppIdContext* get_tp_appid_ctxt() const
     { return tp_appid_ctxt; }
@@ -155,13 +167,10 @@ public:
     static std::array<AppId, APP_ID_PORT_ARRAY_SIZE> udp_port_only;     // port-only UDP services
     static std::array<AppId, 256> ip_protocol;         // non-TCP / UDP protocol services
 
-    AppIdConfig* config = nullptr;
+    AppIdConfig& config;
 
 private:
     void display_port_config();
-    // FIXIT-M: RELOAD - Remove static, once app_info_mgr cleanup is
-    // removed from AppIdContext::pterm
-    static AppInfoManager& app_info_mgr;
     static OdpContext* odp_ctxt;
     static ThirdPartyAppIdContext* tp_appid_ctxt;
 };

diff --git a/src/network_inspectors/appid/appid_detector.cc b/src/network_inspectors/appid/appid_detector.cc
index a981971ca5c01312922b4b0ce4427fb6148bad73..b3f64ec6f5d63a9a0929697a7e7f9f0532a80cf9 100644 (file)
--- a/src/network_inspectors/appid/appid_detector.cc
+++ b/src/network_inspectors/appid/appid_detector.cc
@@ -17,7 +17,7 @@
 // 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 //--------------------------------------------------------------------------
 
-// client_detector.cc author davis mcpherson
+// appid_detector.cc author davis mcpherson
 
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -25,11 +25,13 @@
 
 #include "appid_detector.h"
 
+#include "managers/inspector_manager.h"
 #include "protocols/packet.h"
 
 #include "app_info_table.h"
 #include "appid_config.h"
 #include "appid_http_session.h"
+#include "appid_inspector.h"
 #include "lua_detector_api.h"
 
 using namespace snort;
@@ -45,8 +47,13 @@ int AppIdDetector::initialize()
             handler->register_udp_pattern(this, pat.pattern, pat.length, pat.index, pat.nocase);
 
     if (!appid_registry.empty())
+    {
+        // FIXIT-M: RELOAD - to support ODP reload, store ODP context in AppIdDetector
+        AppIdInspector* inspector = (AppIdInspector*) InspectorManager::get_inspector(MOD_NAME, true);
+        AppIdContext& ctxt = inspector->get_ctxt();
         for (auto& id : appid_registry)
-            register_appid(id.appId, id.additionalInfo);
+         register_appid(id.appId, id.additionalInfo, ctxt.get_odp_ctxt());
+      }
 
     if (!service_ports.empty())
         for (auto& port: service_ports)

diff --git a/src/network_inspectors/appid/appid_detector.h b/src/network_inspectors/appid/appid_detector.h
index 8f7945e5a442fb75fb355b05d6c5ad442c0481af..427de8c74115d9a371cd7fcf90d6332a67086627 100644 (file)
--- a/src/network_inspectors/appid/appid_detector.h
+++ b/src/network_inspectors/appid/appid_detector.h
@@ -85,7 +85,7 @@ public:
     AppidSessionDirection dir;
     AppIdSession& asd;
     snort::Packet* pkt;
-    const AppIdContext* ctxt = nullptr;
+    const AppIdContext& ctxt;
     AppidChangeBits& change_bits;
 };
 
@@ -115,7 +115,7 @@ public:
     virtual void do_custom_init() = 0;
     virtual void release_thread_resources() = 0;
     virtual int validate(AppIdDiscoveryArgs&) = 0;
-    virtual void register_appid(AppId, unsigned extractsInfo) = 0;
+    virtual void register_appid(AppId, unsigned extractsInfo, OdpContext& odp_ctxt) = 0;
 
     virtual void* data_get(AppIdSession&);
     virtual int data_add(AppIdSession&, void*, AppIdFreeFCN);

diff --git a/src/network_inspectors/appid/appid_discovery.cc b/src/network_inspectors/appid/appid_discovery.cc
index cfaf896c3aa3c96d19127706911c88d9a1ec1ad2..ae3a5714e2f0ec75cb6cc6e6ab30f769b211fa3a 100644 (file)
--- a/src/network_inspectors/appid/appid_discovery.cc
+++ b/src/network_inspectors/appid/appid_discovery.cc
@@ -495,7 +495,7 @@ bool AppIdDiscovery::do_pre_discovery(Packet* p, AppIdSession** p_asd, AppIdInsp
 
     if ( appidDebug->is_enabled() )
         appidDebug->activate(p->flow, asd,
-            inspector.get_ctxt()->config->log_all_sessions);
+            inspector.get_ctxt().config.log_all_sessions);
 
     if ( is_packet_ignored(asd, p, direction) )
         return false;
@@ -550,7 +550,7 @@ bool AppIdDiscovery::do_pre_discovery(Packet* p, AppIdSession** p_asd, AppIdInsp
         {
             asd->set_session_flags(APPID_SESSION_IGNORE_FLOW_LOGGED);
 
-            const char *app_name = AppInfoManager::get_instance().get_app_name(asd->service.get_id());
+            const char *app_name = asd->ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(asd->service.get_id());
             LogMessage("AppIdDbg %s Ignoring connection with service %s (%d)\n",
                 appidDebug->get_debug_session(), app_name ? app_name : "unknown", asd->service.get_id());
         }
@@ -614,7 +614,7 @@ bool AppIdDiscovery::do_pre_discovery(Packet* p, AppIdSession** p_asd, AppIdInsp
     // FIXIT-L: DECRYPT_DEBUG - Move set_proxied and first_decrypted_packet_debug to ssl-module
     // after ssl-module's decryption capability is implemented
 #ifdef REG_TEST
-    uint32_t fdpd = inspector.get_ctxt()->config->first_decrypted_packet_debug;
+    uint32_t fdpd = inspector.get_ctxt().config.first_decrypted_packet_debug;
     if (fdpd and (fdpd == asd->session_packet_count))
     {
         p->flow->set_proxied();
@@ -648,14 +648,14 @@ void AppIdDiscovery::do_port_based_discovery(Packet* p, AppIdSession& asd, IpPro
             return;
     }
 
-    AppId id = asd.ctxt->get_port_service_id(protocol, p->ptrs.sp);
+    AppId id = asd.ctxt.get_port_service_id(protocol, p->ptrs.sp);
     if (id > APP_ID_NONE)
     {
         asd.service.set_port_service_id(id);
         if (appidDebug->is_active())
         {
             const char *app_name =
-                AppInfoManager::get_instance().get_app_name(asd.service.get_port_service_id());
+                asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(asd.service.get_port_service_id());
             LogMessage("AppIdDbg %s Port service %s (%d) from port\n",
                 appidDebug->get_debug_session(), app_name ? app_name : "unknown",
                 asd.service.get_port_service_id());
@@ -676,9 +676,9 @@ bool AppIdDiscovery::do_host_port_based_discovery(Packet* p, AppIdSession& asd,
     if (!(asd.scan_flags & SCAN_HOST_PORT_FLAG))
         check_static = true;
 
-    if ((asd.session_packet_count % asd.ctxt->get_odp_ctxt().host_port_app_cache_lookup_interval == 0) and
-        (asd.session_packet_count <= asd.ctxt->get_odp_ctxt().host_port_app_cache_lookup_range) and
-        asd.ctxt->get_odp_ctxt().is_host_port_app_cache_runtime )
+    if ((asd.session_packet_count % asd.ctxt.get_odp_ctxt().host_port_app_cache_lookup_interval == 0) and
+        (asd.session_packet_count <= asd.ctxt.get_odp_ctxt().host_port_app_cache_lookup_range) and
+        asd.ctxt.get_odp_ctxt().is_host_port_app_cache_runtime )
         check_dynamic = true;
 
     if (!(check_static || check_dynamic))
@@ -710,7 +710,7 @@ bool AppIdDiscovery::do_host_port_based_discovery(Packet* p, AppIdSession& asd,
     HostPortVal* hv = nullptr;
 
     if (check_static and
-        (hv = asd.ctxt->get_odp_ctxt().host_port_cache_find(ip, port, protocol)))
+        (hv = asd.ctxt.get_odp_ctxt().host_port_cache_find(ip, port, protocol)))
     {
         asd.scan_flags |= SCAN_HOST_PORT_FLAG;
         switch (hv->type)
@@ -723,7 +723,7 @@ bool AppIdDiscovery::do_host_port_based_discovery(Packet* p, AppIdSession& asd,
             asd.payload.set_id(hv->appId);
             break;
         default:
-            asd.service.set_id(hv->appId);
+            asd.service.set_id(hv->appId, asd.ctxt.get_odp_ctxt());
             asd.sync_with_snort_protocol_id(hv->appId, p);
             asd.service_disco_state = APPID_DISCO_STATE_FINISHED;
             asd.client_disco_state = APPID_DISCO_STATE_FINISHED;
@@ -746,7 +746,7 @@ bool AppIdDiscovery::do_host_port_based_discovery(Packet* p, AppIdSession& asd,
         auto ht = host_cache.find(*ip);
         if (ht)
         {
-         AppId appid = ht->get_appid(port, protocol, true, asd.ctxt->get_odp_ctxt().allow_port_wildcard_host_cache);
+         AppId appid = ht->get_appid(port, protocol, true, asd.ctxt.get_odp_ctxt().allow_port_wildcard_host_cache);
             if (appid > APP_ID_NONE)
             {
                 // FIXIT-L: Make this more generic to support service and payload IDs
@@ -766,10 +766,10 @@ static inline bool is_check_host_cache_valid(AppIdSession& asd, AppId service_id
 {
     bool is_payload_client_misc_none = (payload_id <= APP_ID_NONE and client_id <= APP_ID_NONE and misc_id <= APP_ID_NONE);
     bool is_appid_none = is_payload_client_misc_none and (service_id <= APP_ID_NONE or service_id == APP_ID_UNKNOWN_UI or
-        (asd.ctxt->get_odp_ctxt().recheck_for_portservice_appid and service_id == asd.service.get_port_service_id()));
-    bool is_ssl_none = asd.ctxt->get_odp_ctxt().check_host_cache_unknown_ssl and asd.get_session_flags(APPID_SESSION_SSL_SESSION) and
+        (asd.ctxt.get_odp_ctxt().recheck_for_portservice_appid and service_id == asd.service.get_port_service_id()));
+    bool is_ssl_none = asd.ctxt.get_odp_ctxt().check_host_cache_unknown_ssl and asd.get_session_flags(APPID_SESSION_SSL_SESSION) and
                           (not(asd.tsession and asd.tsession->get_tls_host() and asd.tsession->get_tls_cname()));
-    if (is_appid_none or is_ssl_none or asd.ctxt->get_odp_ctxt().check_host_port_app_cache)
+    if (is_appid_none or is_ssl_none or asd.ctxt.get_odp_ctxt().check_host_port_app_cache)
         return true;
     return false;
 }
@@ -787,7 +787,7 @@ bool AppIdDiscovery::do_discovery(Packet* p, AppIdSession& asd,
     {
         if ( !asd.get_session_flags(APPID_SESSION_PORT_SERVICE_DONE) )
         {
-            AppId id = asd.ctxt->get_protocol_service_id(protocol);
+            AppId id = asd.ctxt.get_protocol_service_id(protocol);
             if (id > APP_ID_NONE)
             {
                 asd.service.set_port_service_id(id);
@@ -795,7 +795,7 @@ bool AppIdDiscovery::do_discovery(Packet* p, AppIdSession& asd,
                 asd.service_disco_state = APPID_DISCO_STATE_FINISHED;
                 if (appidDebug->is_active())
                 {
-                    const char *app_name = AppInfoManager::get_instance().get_app_name(asd.service.get_port_service_id());
+                    const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(asd.service.get_port_service_id());
                     LogMessage("AppIdDbg %s Protocol service %s (%d) from protocol\n",
                         appidDebug->get_debug_session(), app_name ? app_name : "unknown", asd.service.get_port_service_id());
                 }
@@ -811,7 +811,7 @@ bool AppIdDiscovery::do_discovery(Packet* p, AppIdSession& asd,
     if (tp_appid_ctxt)
     {
         // Skip third-party inspection for sessions using old config
-        if ((asd.tpsession and asd.tpsession->get_ctxt() == tp_appid_ctxt) || !asd.tpsession)
+        if ((asd.tpsession and &(asd.tpsession->get_ctxt()) == tp_appid_ctxt) || !asd.tpsession)
             is_discovery_done = do_tp_discovery(*tp_appid_ctxt, asd, protocol, p,
                 direction, change_bits);
     }
@@ -856,14 +856,14 @@ bool AppIdDiscovery::do_discovery(Packet* p, AppIdSession& asd,
         asd.length_sequence.sequence_cnt++;
         asd.length_sequence.sequence[index].direction = direction;
         asd.length_sequence.sequence[index].length = p->dsize;
-        AppId id = asd.ctxt->get_odp_ctxt().length_cache_find(asd.length_sequence);
+        AppId id = asd.ctxt.get_odp_ctxt().length_cache_find(asd.length_sequence);
         if (id > APP_ID_NONE)
         {
             service_id = id;
             asd.service.set_port_service_id(id);
             if (appidDebug->is_active())
             {
-                const char *app_name = AppInfoManager::get_instance().get_app_name(id);
+                const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(id);
                 LogMessage("AppIdDbg %s Port service %s (%d) from length\n",
                     appidDebug->get_debug_session(), app_name ? app_name : "unknown", id);
             }
@@ -925,7 +925,7 @@ void AppIdDiscovery::do_post_discovery(Packet* p, AppIdSession& asd,
     // Set the field that the Firewall queries to see if we have a search engine
     if (asd.search_support_type == UNKNOWN_SEARCH_ENGINE && payload_id > APP_ID_NONE)
     {
-        uint flags = AppInfoManager::get_instance().get_app_info_flags(payload_id,
+        uint flags = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_flags(payload_id,
             APPINFO_FLAG_SEARCH_ENGINE | APPINFO_FLAG_SUPPORTED_SEARCH);
         asd.search_support_type =
             (flags & APPINFO_FLAG_SEARCH_ENGINE) ?
@@ -935,7 +935,7 @@ void AppIdDiscovery::do_post_discovery(Packet* p, AppIdSession& asd,
         if (appidDebug->is_active())
         {
             const char* typeString;
-            const char *app_name = AppInfoManager::get_instance().get_app_name(payload_id);
+            const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(payload_id);
             switch ( asd.search_support_type )
             {
             case NOT_A_SEARCH_ENGINE: typeString = "NOT_A_SEARCH_ENGINE"; break;

diff --git a/src/network_inspectors/appid/appid_http_session.cc b/src/network_inspectors/appid/appid_http_session.cc
index 3e42e2c127fcb8602869beef7edd264efef58d74..80f6d3af73fa407d144e395b0d70e02292aade39 100644 (file)
--- a/src/network_inspectors/appid/appid_http_session.cc
+++ b/src/network_inspectors/appid/appid_http_session.cc
@@ -300,7 +300,7 @@ void AppIdHttpSession::process_chp_buffers(AppidChangeBits& change_bits)
                 int num_found = 0;
                 cmd.cur_ptype = (HttpFieldIds)i;
                 AppId ret = http_matchers->scan_chp(cmd, &version, &user, &num_found, this,
-                    *asd.ctxt);
+                    asd.ctxt);
                 total_found += num_found;
                 if (!ret || num_found < ptype_req_counts[i])
                 {
@@ -493,7 +493,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
 
     if (asd.service.get_id() == APP_ID_NONE)
     {
-        asd.service.set_id(APP_ID_HTTP);
+        asd.service.set_id(APP_ID_HTTP, asd.ctxt.get_odp_ctxt());
         asd.set_session_flags(APPID_SESSION_SERVICE_DETECTED | APPID_SESSION_HTTP_SESSION);
         asd.service_disco_state = APPID_DISCO_STATE_FINISHED;
     }
@@ -564,14 +564,14 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
                     if (service_id > APP_ID_NONE and service_id != APP_ID_HTTP and
                         asd.service.get_id() != service_id)
                     {
-                        const char *app_name = AppInfoManager::get_instance().get_app_name(service_id);
+                        const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(service_id);
                         LogMessage("AppIdDbg %s User Agent is service %s (%d)\n",
                             appidDebug->get_debug_session(), app_name ? app_name : "unknown", service_id);
                     }
                     if (client_id > APP_ID_NONE and client_id != APP_ID_HTTP and
                         asd.client.get_id() != client_id)
                     {
-                        const char *app_name = AppInfoManager::get_instance().get_app_name(client_id);
+                        const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(client_id);
                         LogMessage("AppIdDbg %s User Agent is client %s (%d)\n",
                             appidDebug->get_debug_session(), app_name ? app_name : "unknown", client_id);
                     }
@@ -591,7 +591,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
                 if (appidDebug->is_active() && payload_id > APP_ID_NONE &&
                     asd.payload.get_id() != payload_id)
                 {
-                    const char *app_name = AppInfoManager::get_instance().get_app_name(payload_id);
+                    const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(payload_id);
                     LogMessage("AppIdDbg %s VIA is payload %s (%d)\n", appidDebug->get_debug_session(),
                         app_name ? app_name : "unknown",
                         payload_id);
@@ -620,7 +620,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
                     if (appidDebug->is_active() && client_id > APP_ID_NONE && client_id !=
                         APP_ID_HTTP && asd.client.get_id() != client_id)
                     {
-                        const char *app_name = AppInfoManager::get_instance().get_app_name(appId);
+                        const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(appId);
                         LogMessage("AppIdDbg %s X is client %s (%d)\n", appidDebug->get_debug_session(),
                         app_name ? app_name : "unknown", appId);
                     }
@@ -631,7 +631,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
                     if (appidDebug->is_active() && service_id > APP_ID_NONE && service_id !=
                         APP_ID_HTTP && asd.service.get_id() != service_id)
                     {
-                        const char *app_name = AppInfoManager::get_instance().get_app_name(appId);
+                        const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(appId);
                         LogMessage("AppIdDbg %s X service %s (%d)\n", appidDebug->get_debug_session(),
                             app_name ? app_name : "unknown", appId);
                     }
@@ -656,7 +656,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
             if (appidDebug->is_active() && payload_id > APP_ID_NONE
                 && asd.payload.get_id() != payload_id)
             {
-                const char *app_name = AppInfoManager::get_instance().get_app_name(payload_id);
+                const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(payload_id);
                 LogMessage("AppIdDbg %s Content-Type is payload %s (%d)\n",
                     appidDebug->get_debug_session(),
                     app_name ? app_name : "unknown",
@@ -676,7 +676,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
             const char* urlStr = url ? url->c_str() : nullptr;
             if ( http_matchers->get_appid_from_url(my_host, urlStr, &version,
                 refStr, &client_id, &service_id, &payload_id,
-                &referredPayloadAppId, false) )
+                &referredPayloadAppId, false, asd.ctxt.get_odp_ctxt()) )
             {
                 // do not overwrite a previously-set client or service
                 if (asd.client.get_id() <= APP_ID_NONE)
@@ -684,7 +684,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
                     if (appidDebug->is_active() && client_id > APP_ID_NONE && client_id !=
                         APP_ID_HTTP && asd.client.get_id() != client_id)
                     {
-                        const char *app_name = AppInfoManager::get_instance().get_app_name(client_id);
+                        const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(client_id);
                         LogMessage("AppIdDbg %s URL is client %s (%d)\n",
                             appidDebug->get_debug_session(),
                             app_name ? app_name : "unknown",
@@ -698,7 +698,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
                     if (appidDebug->is_active() && service_id > APP_ID_NONE && service_id !=
                         APP_ID_HTTP && asd.service.get_id() != service_id)
                     {
-                        const char *app_name = AppInfoManager::get_instance().get_app_name(service_id);
+                        const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(service_id);
                         LogMessage("AppIdDbg %s URL is service %s (%d)\n",
                             appidDebug->get_debug_session(),
                             app_name ? app_name : "unknown",
@@ -711,7 +711,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
                 if (appidDebug->is_active() && payload_id > APP_ID_NONE &&
                     asd.payload.get_id() != payload_id)
                 {
-                    const char *app_name = AppInfoManager::get_instance().get_app_name(payload_id);
+                    const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(payload_id);
                     LogMessage("AppIdDbg %s URL is payload %s (%d)\n", appidDebug->get_debug_session(),
                         app_name ? app_name : "unknown",
                         payload_id);
@@ -733,7 +733,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
             AppId tp_payload_app_id = asd.get_tp_payload_app_id();
             if (tp_payload_app_id > APP_ID_NONE)
             {
-                entry = asd.app_info_mgr->get_app_info_entry(tp_payload_app_id);
+                entry = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(tp_payload_app_id);
                 // only move tpPayloadAppId to client if client app id is valid
                 if (entry && entry->clientId > APP_ID_NONE)
                 {
@@ -743,7 +743,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
             }
             else if (asd.payload.get_id() > APP_ID_NONE)
             {
-                entry =  asd.app_info_mgr->get_app_info_entry(asd.payload.get_id());
+                entry =  asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(asd.payload.get_id());
                 // only move payload_app_id to client if it has a ClientAppid
                 if (entry && entry->clientId > APP_ID_NONE)
                 {

diff --git a/src/network_inspectors/appid/appid_inspector.cc b/src/network_inspectors/appid/appid_inspector.cc
index 8f78db6c5b4df81f05f563f2d42603ff5627ca6e..1317fc3abb4e92a41aa6353cb7a7585bdfec1df0 100644 (file)
--- a/src/network_inspectors/appid/appid_inspector.cc
+++ b/src/network_inspectors/appid/appid_inspector.cc
@@ -71,10 +71,10 @@ static void add_appid_to_packet_trace(Flow& flow)
         AppId service_id, client_id, payload_id, misc_id;
         const char* service_app_name, * client_app_name, * payload_app_name, * misc_name;
         session->get_application_ids(service_id, client_id, payload_id, misc_id);
-        service_app_name = appid_api.get_application_name(service_id);
-        client_app_name = appid_api.get_application_name(client_id);
-        payload_app_name = appid_api.get_application_name(payload_id);
-        misc_name = appid_api.get_application_name(misc_id);
+        service_app_name = appid_api.get_application_name(service_id, session->ctxt);
+        client_app_name = appid_api.get_application_name(client_id, session->ctxt);
+        payload_app_name = appid_api.get_application_name(payload_id, session->ctxt);
+        misc_name = appid_api.get_application_name(misc_id, session->ctxt);
 
         if (PacketTracer::is_active())
         {
@@ -91,24 +91,27 @@ static void add_appid_to_packet_trace(Flow& flow)
 AppIdInspector::AppIdInspector(AppIdModule& mod)
 {
     config = mod.get_data();
+    assert(config);
 }
 
 AppIdInspector::~AppIdInspector()
 {
-    delete ctxt;
+    if (ctxt)
+        delete ctxt;
     delete config;
 }
 
-AppIdContext* AppIdInspector::get_ctxt()
+AppIdContext& AppIdInspector::get_ctxt() const
 {
-    return ctxt;
+    assert(ctxt);
+    return *ctxt;
 }
 
 bool AppIdInspector::configure(SnortConfig* sc)
 {
     assert(!ctxt);
 
-    ctxt = new AppIdContext(const_cast<AppIdConfig*>(config));
+    ctxt = new AppIdContext(const_cast<AppIdConfig&>(*config));
 
     my_seh = SipEventHandler::create();
     my_seh->subscribe(sc);
@@ -150,7 +153,7 @@ void AppIdInspector::tinit()
     LuaDetectorManager::initialize(*ctxt);
     AppIdServiceState::initialize(config->memcap);
     appidDebug = new AppIdDebug();
-    if (ctxt->config and ctxt->config->log_all_sessions)
+    if (ctxt->config.log_all_sessions)
         appidDebug->set_enabled(true);
 }
 

diff --git a/src/network_inspectors/appid/appid_inspector.h b/src/network_inspectors/appid/appid_inspector.h
index 482dc6abedf2780b9846dbc70721d918bf1e7513..1feaa1ff5106f3f3beac340b206891403996501a 100644 (file)
--- a/src/network_inspectors/appid/appid_inspector.h
+++ b/src/network_inspectors/appid/appid_inspector.h
@@ -46,7 +46,7 @@ public:
     void tinit() override;
     void tterm() override;
     void eval(snort::Packet*) override;
-    AppIdContext* get_ctxt();
+    AppIdContext& get_ctxt() const;
 
     SipEventHandler& get_sip_event_handler()
     {

diff --git a/src/network_inspectors/appid/appid_module.cc b/src/network_inspectors/appid/appid_module.cc
index 58efc1c85ef3ab05057d8bb1f16e63acb24e79a3..dba62871a07fa623cc29316521200d91e7a321f8 100644 (file)
--- a/src/network_inspectors/appid/appid_module.cc
+++ b/src/network_inspectors/appid/appid_module.cc
@@ -185,8 +185,8 @@ static int reload_third_party(lua_State*)
         Swapper::set_reload_in_progress(true);
         LogMessage(".. reloading third-party\n");
         AppIdInspector* inspector = (AppIdInspector*) InspectorManager::get_inspector(MOD_NAME, true);
-        AppIdContext* ctxt = inspector->get_ctxt();
-        ctxt->create_tp_appid_ctxt();
+        AppIdContext& ctxt = inspector->get_ctxt();
+        ctxt.create_tp_appid_ctxt();
         Swapper::set_reload_in_progress(false);
         LogMessage("== reload third-party complete\n");
     }

diff --git a/src/network_inspectors/appid/appid_session.cc b/src/network_inspectors/appid/appid_session.cc
index de70e974f2e5549016d3b57deea2f5962f8fdecf..6adcb8a51404c444238d051617038140dbed3700 100644 (file)
--- a/src/network_inspectors/appid/appid_session.cc
+++ b/src/network_inspectors/appid/appid_session.cc
@@ -100,7 +100,6 @@ AppIdSession::AppIdSession(IpProtocol proto, const SfIp* ip, uint16_t port,
     common.flow_type = APPID_FLOW_TYPE_NORMAL;
     common.initiator_ip = *ip;
     common.initiator_port = port;
-    app_info_mgr = &AppInfoManager::get_instance();
 
     length_sequence.proto = IpProtocol::PROTO_NOT_SET;
     length_sequence.sequence_cnt = 0;
@@ -113,7 +112,7 @@ AppIdSession::~AppIdSession()
 {
     if (!in_expected_cache)
     {
-        if (ctxt->config->stats_logging_enabled)
+        if (ctxt.config.stats_logging_enabled)
             AppIdStatistics::get_stats_manager()->update(*this);
 
         // fail any service detection that is in process for this flow
@@ -137,7 +136,7 @@ AppIdSession::~AppIdSession()
 
     if (tpsession)
     {
-        if (tpsession->get_ctxt() == tp_appid_thread_ctxt)
+        if (&(tpsession->get_ctxt()) == tp_appid_thread_ctxt)
             tpsession->delete_with_ctxt();
         else
             delete tpsession;
@@ -297,7 +296,7 @@ void AppIdSession::sync_with_snort_protocol_id(AppId newAppId, Packet* p)
             break;
         }
 
-        AppInfoTableEntry* entry = app_info_mgr->get_app_info_entry(newAppId);
+        AppInfoTableEntry* entry = ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(newAppId);
         if (entry)
         {
             SnortProtocolId tmp_snort_protocol_id = entry->snort_protocol_id;
@@ -420,7 +419,7 @@ void AppIdSession::examine_ssl_metadata(Packet* p, AppidChangeBits& change_bits)
             if (client.get_id() == APP_ID_NONE or client.get_id() == APP_ID_SSL_CLIENT)
                 set_client_appid_data(client_id, change_bits);
             set_payload_appid_data(payload_id, change_bits);
-            setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id));
+            setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id), ctxt.get_odp_ctxt());
         }
         scan_flags &= ~SCAN_SSL_HOST_FLAG;
     }
@@ -433,7 +432,7 @@ void AppIdSession::examine_ssl_metadata(Packet* p, AppidChangeBits& change_bits)
             if (client.get_id() == APP_ID_NONE or client.get_id() == APP_ID_SSL_CLIENT)
                 set_client_appid_data(client_id, change_bits);
             set_payload_appid_data(payload_id, change_bits);
-            setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id));
+            setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id), ctxt.get_odp_ctxt());
         }
         scan_flags &= ~SCAN_SSL_CERTIFICATE_FLAG;
     }
@@ -445,7 +444,7 @@ void AppIdSession::examine_ssl_metadata(Packet* p, AppidChangeBits& change_bits)
         {
             set_client_appid_data(client_id, change_bits);
             set_payload_appid_data(payload_id, change_bits);
-            setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id));
+            setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id), ctxt.get_odp_ctxt());
         }
         tsession->set_tls_org_unit(nullptr, 0);
     }
@@ -475,10 +474,10 @@ void AppIdSession::examine_rtmp_metadata(AppidChangeBits& change_bits)
         const char* referer = hsession->get_cfield(REQ_REFERER_FID);
         if (((http_matchers->get_appid_from_url(nullptr, url, &version,
             referer, &client_id, &service_id, &payload_id,
-            &referred_payload_id, true)) ||
+            &referred_payload_id, true, ctxt.get_odp_ctxt())) ||
             (http_matchers->get_appid_from_url(nullptr, url, &version,
             referer, &client_id, &service_id, &payload_id,
-            &referred_payload_id, false))))
+            &referred_payload_id, false, ctxt.get_odp_ctxt()))))
         {
             /* do not overwrite a previously-set client or service */
             if (client.get_id() <= APP_ID_NONE)
@@ -502,7 +501,7 @@ void AppIdSession::set_client_appid_data(AppId id, AppidChangeBits& change_bits,
     if (id != cur_id)
     {
         if (cur_id)
-            if (app_info_mgr->get_priority(cur_id) > app_info_mgr->get_priority(id))
+            if (ctxt.get_odp_ctxt().get_app_info_mgr().get_priority(cur_id) > ctxt.get_odp_ctxt().get_app_info_mgr().get_priority(id))
                 return;
 
         client.set_id(id);
@@ -528,7 +527,7 @@ void AppIdSession::set_payload_appid_data(AppId id, AppidChangeBits& change_bits
     if (id <= APP_ID_NONE)
         return;
 
-    if (app_info_mgr->get_priority(payload.get_id()) > app_info_mgr->get_priority(id))
+    if (ctxt.get_odp_ctxt().get_app_info_mgr().get_priority(payload.get_id()) > ctxt.get_odp_ctxt().get_app_info_mgr().get_priority(id))
         return;
     payload.set_id(id);
     payload.set_version(version, change_bits);
@@ -916,7 +915,7 @@ AppIdDnsSession* AppIdSession::get_dns_session()
 
 bool AppIdSession::is_tp_appid_done() const
 {
-    if (ctxt->get_tp_appid_ctxt())
+    if (ctxt.get_tp_appid_ctxt())
     {
         if (!tpsession)
             return false;
@@ -941,7 +940,7 @@ bool AppIdSession::is_tp_processing_done() const
 
 bool AppIdSession::is_tp_appid_available() const
 {
-    if (ctxt->get_tp_appid_ctxt())
+    if (ctxt.get_tp_appid_ctxt())
     {
         if (!tpsession)
             return false;
@@ -960,7 +959,7 @@ void AppIdSession::set_tp_app_id(Packet& p, AppidSessionDirection dir, AppId app
     if (tp_app_id != app_id)
     {
         tp_app_id = app_id;
-        AppInfoTableEntry* entry = app_info_mgr->get_app_info_entry(tp_app_id);
+        AppInfoTableEntry* entry = ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(tp_app_id);
         if (entry)
         {
             tp_app_id_deferred = (entry->flags & APPINFO_FLAG_DEFER) ? true : false;
@@ -974,7 +973,7 @@ void AppIdSession::set_tp_payload_app_id(Packet& p, AppidSessionDirection dir, A
     if (tp_payload_app_id != app_id)
     {
         tp_payload_app_id = app_id;
-        AppInfoTableEntry* entry = app_info_mgr->get_app_info_entry(tp_payload_app_id);
+        AppInfoTableEntry* entry = ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(tp_payload_app_id);
         if (entry)
         {
             tp_payload_app_id_deferred = (entry->flags & APPINFO_FLAG_DEFER_PAYLOAD) ? true : false;

diff --git a/src/network_inspectors/appid/appid_session.h b/src/network_inspectors/appid/appid_session.h
index 2b9c354b0cb6590d1a90ac91798dc7669098d0d6..211c08975a93408d17d23d7d43dbb5525533117f 100644 (file)
--- a/src/network_inspectors/appid/appid_session.h
+++ b/src/network_inspectors/appid/appid_session.h
@@ -206,9 +206,8 @@ public:
 
     uint32_t session_id = 0;
     snort::Flow* flow = nullptr;
-    AppIdContext* ctxt;
+    AppIdContext& ctxt;
     std::unordered_map<unsigned, AppIdFlowData*> flow_data;
-    AppInfoManager* app_info_mgr = nullptr;
     CommonAppIdData common;
     uint16_t session_packet_count = 0;
 
@@ -347,7 +346,8 @@ public:
         if (tp_app_id != app_id)
         {
             tp_app_id = app_id;
-            tp_app_id_deferred = app_info_mgr->get_app_info_flags(tp_app_id, APPINFO_FLAG_DEFER);
+            tp_app_id_deferred = ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_flags
+                (tp_app_id, APPINFO_FLAG_DEFER);
         }
     }
 
@@ -355,7 +355,8 @@ public:
         if (tp_payload_app_id != app_id)
         {
             tp_payload_app_id = app_id;
-            tp_payload_app_id_deferred = app_info_mgr->get_app_info_flags(tp_payload_app_id, APPINFO_FLAG_DEFER_PAYLOAD);
+            tp_payload_app_id_deferred = ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_flags
+                (tp_payload_app_id, APPINFO_FLAG_DEFER_PAYLOAD);
         }
     }
 

diff --git a/src/network_inspectors/appid/appid_session_api.cc b/src/network_inspectors/appid/appid_session_api.cc
index d84dea4875ebc03321735aaecbef15c57901578c..7839c29185bc44dbffbb9edbf1a4fe94ceadf898 100644 (file)
--- a/src/network_inspectors/appid/appid_session_api.cc
+++ b/src/network_inspectors/appid/appid_session_api.cc
@@ -133,7 +133,7 @@ bool AppIdSessionApi::is_appid_inspecting_session()
         return true;
     }
 
-    if (asd->ctxt->get_odp_ctxt().check_host_port_app_cache)
+    if (asd->ctxt.get_odp_ctxt().check_host_port_app_cache)
         return true;
 
     return false;

diff --git a/src/network_inspectors/appid/appid_stats.cc b/src/network_inspectors/appid/appid_stats.cc
index 014b2402a8fd3553e0e93448d9ab46f23ed86829..949147599c23effacfe519f038d1fb6964fc3bd3 100644 (file)
--- a/src/network_inspectors/appid/appid_stats.cc
+++ b/src/network_inspectors/appid/appid_stats.cc
@@ -40,7 +40,7 @@ using namespace snort;
 
 struct AppIdStatRecord
 {
-    uint32_t app_id;
+    char* app_name = nullptr;
     uint64_t initiatorBytes;
     uint64_t responderBytes;
 };
@@ -51,6 +51,7 @@ static THREAD_LOCAL AppIdStatistics* appid_stats_manager = nullptr;
 
 static void delete_record(void* record)
 {
+    snort_free(((AppIdStatRecord*)record)->app_name);
     snort_free(record);
 }
 
@@ -123,52 +124,13 @@ void AppIdStatistics::dump_statistics()
 
             for (node = fwAvlFirst(bucket->appsTree); node != nullptr; node = fwAvlNext(node))
             {
-                const char* app_name;
-                bool cooked_client = false;
-                AppId app_id;
-                char tmpBuff[MAX_EVENT_APPNAME_LEN];
                 struct AppIdStatRecord* record;
 
                 record = (struct AppIdStatRecord*)node->data;
-                app_id = (AppId)record->app_id;
-
-                if ( app_id >= 2000000000 )
-                {
-                    cooked_client = true;
-                    app_id -= 2000000000;
-                }
-
-                AppInfoTableEntry* entry
-                    = AppInfoManager::get_instance().get_app_info_entry(app_id);
-
-                if ( entry )
-                {
-                    app_name = entry->app_name;
-                    if (cooked_client)
-                    {
-                        snprintf(tmpBuff, MAX_EVENT_APPNAME_LEN, "_cl_%s", app_name);
-                        tmpBuff[MAX_EVENT_APPNAME_LEN-1] = 0;
-                        app_name = tmpBuff;
-                    }
-                }
-                else if ( app_id == APP_ID_UNKNOWN || app_id == APP_ID_UNKNOWN_UI )
-                    app_name = "__unknown";
-                else if ( app_id == APP_ID_NONE )
-                    app_name = "__none";
-                else
-                {
-                    if (cooked_client)
-                        snprintf(tmpBuff, MAX_EVENT_APPNAME_LEN, "_err_cl_%d",app_id);
-                    else
-                        snprintf(tmpBuff, MAX_EVENT_APPNAME_LEN, "_err_%d",app_id);
-
-                    tmpBuff[MAX_EVENT_APPNAME_LEN - 1] = 0;
-                    app_name = tmpBuff;
-                }
 
                 // FIXIT-M %lu won't do time_t on 32-bit systems
                 TextLog_Print(log, "%lu,%s," STDu64 "," STDu64 "\n",
-                    packet_time(), app_name, record->initiatorBytes, record->responderBytes);
+                    packet_time(), record->app_name, record->initiatorBytes, record->responderBytes);
             }
         }
         fwAvlDeleteTree(bucket->appsTree, delete_record);
@@ -234,10 +196,45 @@ static void update_stats(const AppIdSession& asd, AppId app_id, StatsBucket* buc
     AppIdStatRecord* record = (AppIdStatRecord*)(fwAvlLookup(app_id, bucket->appsTree));
     if ( !record )
     {
+        char tmp_buff[MAX_EVENT_APPNAME_LEN];
+        bool cooked_client = false;
+
         record = (AppIdStatRecord*)(snort_calloc(sizeof(struct AppIdStatRecord)));
+
+        if ( app_id >= 2000000000 )
+            cooked_client = true;
+
+        AppInfoTableEntry* entry
+            = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(app_id);
+
+        if ( entry )
+        {
+            if (cooked_client)
+            {
+                snprintf(tmp_buff, MAX_EVENT_APPNAME_LEN, "_cl_%s", entry->app_name);
+                tmp_buff[MAX_EVENT_APPNAME_LEN-1] = 0;
+                record->app_name = snort_strdup(tmp_buff);
+            }
+            else
+                record->app_name = snort_strdup(entry->app_name);
+        }
+        else if ( app_id == APP_ID_UNKNOWN || app_id == APP_ID_UNKNOWN_UI )
+            record->app_name = snort_strdup("__unknown");
+        else if ( app_id == APP_ID_NONE )
+            record->app_name = snort_strdup("__none");
+        else
+        {
+            if (cooked_client)
+                snprintf(tmp_buff, MAX_EVENT_APPNAME_LEN, "_err_cl_%d",app_id);
+            else
+                snprintf(tmp_buff, MAX_EVENT_APPNAME_LEN, "_err_%d",app_id);
+
+            tmp_buff[MAX_EVENT_APPNAME_LEN - 1] = 0;
+            record->app_name = snort_strdup(tmp_buff);
+        }
+
         if (fwAvlInsert(app_id, record, bucket->appsTree) == 0)
         {
-            record->app_id = app_id;
             bucket->appRecordCnt += 1;
         }
         else

diff --git a/src/network_inspectors/appid/client_plugins/client_detector.cc b/src/network_inspectors/appid/client_plugins/client_detector.cc
index a7dcfd5c326b9f4fef42f35cdab3e6e7a67a0767..33c8e1f615a212d32fb0129b80e8f48ff26e26b3 100644 (file)
--- a/src/network_inspectors/appid/client_plugins/client_detector.cc
+++ b/src/network_inspectors/appid/client_plugins/client_detector.cc
@@ -42,12 +42,12 @@ ClientDetector::ClientDetector()
     client = true;
 }
 
-void ClientDetector::register_appid(AppId appId, unsigned extractsInfo)
+void ClientDetector::register_appid(AppId appId, unsigned extractsInfo, OdpContext& odp_ctxt)
 {
-    AppInfoTableEntry* pEntry = AppInfoManager::get_instance().get_app_info_entry(appId);
+    AppInfoTableEntry* pEntry = odp_ctxt.get_app_info_mgr().get_app_info_entry(appId);
     if (!pEntry)
     {
-        if ( AppInfoManager::get_instance().configured() )
+        if ( odp_ctxt.get_app_info_mgr().configured() )
         {
             ParseWarning(WARN_RULES,
                 "appid: no entry for %d in appMapping.data; no rule support for this ID.",

diff --git a/src/network_inspectors/appid/client_plugins/client_detector.h b/src/network_inspectors/appid/client_plugins/client_detector.h
index 26062f4961d5d18c0860edfae4d86f1ab84c61cd..03a5ae4508fc6a1a8646da2f1a13f2222b3726d0 100644 (file)
--- a/src/network_inspectors/appid/client_plugins/client_detector.h
+++ b/src/network_inspectors/appid/client_plugins/client_detector.h
@@ -34,7 +34,7 @@ public:
 
     void do_custom_init() override { }
     void release_thread_resources() override { }
-    void register_appid(AppId, unsigned extractsInfo) override;
+    void register_appid(AppId, unsigned extractsInfo, OdpContext& odp_ctxt) override;
 };
 #endif
 

diff --git a/src/network_inspectors/appid/client_plugins/client_discovery.cc b/src/network_inspectors/appid/client_plugins/client_discovery.cc
index 1ef86cbe909b3bea24f5a415bcf5a8afb51f61ae..4dd84e9b668eea82f978519c23d3cc19c1c6f9f6 100644 (file)
--- a/src/network_inspectors/appid/client_plugins/client_discovery.cc
+++ b/src/network_inspectors/appid/client_plugins/client_discovery.cc
@@ -364,7 +364,7 @@ bool ClientDiscovery::do_client_discovery(AppIdSession& asd, Packet* p,
         {
             // Third party has positively identified appId; Dig deeper only if our
             // detector identifies additional information
-            entry = asd.app_info_mgr->get_app_info_entry(tp_app_id);
+            entry = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(tp_app_id);
             if ( entry && entry->client_detector
                 && ( ( entry->flags & ( APPINFO_FLAG_CLIENT_ADDITIONAL |
                 APPINFO_FLAG_CLIENT_USER ) )
@@ -393,7 +393,7 @@ bool ClientDiscovery::do_client_discovery(AppIdSession& asd, Packet* p,
          !asd.get_session_flags(APPID_SESSION_NO_TPI)  and
          asd.is_tp_appid_available() )
     {
-        entry = asd.app_info_mgr->get_app_info_entry(tp_app_id);
+        entry = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(tp_app_id);
         if ( !( entry && entry->client_detector
             && entry->client_detector == asd.client_detector
             && (entry->flags & (APPINFO_FLAG_CLIENT_ADDITIONAL | APPINFO_FLAG_CLIENT_USER) ) ) )

diff --git a/src/network_inspectors/appid/detector_plugins/detector_dns.cc b/src/network_inspectors/appid/detector_plugins/detector_dns.cc
index 7b427503dfc8baff48ad9d9570a23da0e605c879..1340f9f75da9832eff9badb85c3cd3b95bf512a8 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_dns.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_dns.cc
@@ -602,7 +602,7 @@ int DnsUdpServiceDetector::validate(AppIdDiscoveryArgs& args)
         goto udp_done;
     }
     if ((rval = dns_validate_header(args.dir, (const DNSHeader*)args.data,
-        args.ctxt->get_odp_ctxt().dns_host_reporting, args.asd)) != APPID_SUCCESS)
+        args.ctxt.get_odp_ctxt().dns_host_reporting, args.asd)) != APPID_SUCCESS)
     {
         if (rval == APPID_REVERSED)
         {
@@ -613,7 +613,7 @@ int DnsUdpServiceDetector::validate(AppIdDiscoveryArgs& args)
                     // To get here, we missed the initial query, got a
                     // response, and now we've got another query.
                     rval = validate_packet(args.data, args.size, args.dir,
-                        args.ctxt->get_odp_ctxt().dns_host_reporting, args.asd);
+                        args.ctxt.get_odp_ctxt().dns_host_reporting, args.asd);
                     if (rval == APPID_SUCCESS)
                         goto inprocess;
                 }
@@ -624,7 +624,7 @@ int DnsUdpServiceDetector::validate(AppIdDiscoveryArgs& args)
                 // To get here, we missed the initial query, but now we've got
                 // a response.
                 rval = validate_packet(args.data, args.size, args.dir,
-                    args.ctxt->get_odp_ctxt().dns_host_reporting, args.asd);
+                    args.ctxt.get_odp_ctxt().dns_host_reporting, args.asd);
                 if (rval == APPID_SUCCESS)
                 {
                     args.asd.set_session_flags(APPID_SESSION_UDP_REVERSED);
@@ -638,7 +638,7 @@ int DnsUdpServiceDetector::validate(AppIdDiscoveryArgs& args)
     }
 
     rval = validate_packet(args.data, args.size, args.dir,
-        args.ctxt->get_odp_ctxt().dns_host_reporting, args.asd);
+        args.ctxt.get_odp_ctxt().dns_host_reporting, args.asd);
     if ((rval == APPID_SUCCESS) && (args.dir == APP_ID_FROM_INITIATOR))
         goto inprocess;
 
@@ -690,7 +690,7 @@ int DnsTcpServiceDetector::validate(AppIdDiscoveryArgs& args)
         uint16_t size = args.size - sizeof(DNSTCPHeader);
         uint16_t tmp = ntohs(hdr->length);
         if (tmp < sizeof(DNSHeader) || dns_validate_header(args.dir, (const DNSHeader*)data,
-            args.ctxt->get_odp_ctxt().dns_host_reporting, args.asd))
+            args.ctxt.get_odp_ctxt().dns_host_reporting, args.asd))
         {
             if (args.dir == APP_ID_FROM_INITIATOR)
                 goto not_compatible;
@@ -701,7 +701,7 @@ int DnsTcpServiceDetector::validate(AppIdDiscoveryArgs& args)
         if (tmp > size)
             goto not_compatible;
         rval = validate_packet(data, size, args.dir,
-            args.ctxt->get_odp_ctxt().dns_host_reporting, args.asd);
+            args.ctxt.get_odp_ctxt().dns_host_reporting, args.asd);
         if (rval != APPID_SUCCESS)
             goto tcp_done;
 

diff --git a/src/network_inspectors/appid/detector_plugins/detector_pattern.cc b/src/network_inspectors/appid/detector_plugins/detector_pattern.cc
index 35e96ba191e158613d0e93e469086d855433f451..786daaa8dddd04d005355fb26165fe4b0455dcf0 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_pattern.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_pattern.cc
@@ -25,11 +25,14 @@
 
 #include "detector_pattern.h"
 
-#include "app_info_table.h"
 #include "log/messages.h"
+#include "managers/inspector_manager.h"
 #include "protocols/packet.h"
 #include "search_engines/search_tool.h"
 
+#include "app_info_table.h"
+#include "appid_inspector.h"
+
 using namespace snort;
 
 static PatternServiceDetector* service_pattern_detector;
@@ -115,7 +118,12 @@ static void read_patterns(PortPatternNode* portPatternList, PatternService** ser
         pattern->offset = pNode->offset;
         pattern->next = ps->pattern;
         ps->pattern = pattern;
-        AppInfoManager::get_instance().set_app_info_active(ps->id);
+
+        // FIXIT-M: Tp support ODP reload, store ODP context in PatternService
+        AppIdInspector* inspector = (AppIdInspector*) InspectorManager::get_inspector(MOD_NAME, true);
+        AppIdContext& ctxt = inspector->get_ctxt();
+
+        ctxt.get_odp_ctxt().get_app_info_mgr().set_app_info_active(ps->id);
     }
 }
 

diff --git a/src/network_inspectors/appid/detector_plugins/detector_sip.cc b/src/network_inspectors/appid/detector_plugins/detector_sip.cc
index c64f5e9056d8e72651f875ba5f9606385d5726f6..7638653f56602389f807841aa749bf263280f1f4 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_sip.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_sip.cc
@@ -343,7 +343,7 @@ void SipServiceDetector::createRtpFlow(AppIdSession& asd, const Packet* pkt, con
     {
         fp->client.set_id(asd.client.get_id());
         fp->payload.set_id(asd.payload.get_id());
-        fp->service.set_id(APP_ID_RTP);
+        fp->service.set_id(APP_ID_RTP, asd.ctxt.get_odp_ctxt());
 
         // FIXIT-H : snort 2.9.x updated the flag to APPID_SESSION_EXPECTED_EVALUATE.
         // Check if it is needed here as well.
@@ -363,7 +363,7 @@ void SipServiceDetector::createRtpFlow(AppIdSession& asd, const Packet* pkt, con
     {
         fp2->client.set_id(asd.client.get_id());
         fp2->payload.set_id(asd.payload.get_id());
-        fp2->service.set_id(APP_ID_RTCP);
+        fp2->service.set_id(APP_ID_RTCP, asd.ctxt.get_odp_ctxt());
 
         // FIXIT-H : same comment as above
         //initialize_expected_session(asd, fp2, APPID_SESSION_EXPECTED_EVALUATE);

diff --git a/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc b/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc
index b83f87e103edf45cf2978773dcd781d0b98da6b6..7705d76a85b083a3eea862995bd0eeb7ddd7e289 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc
+++ b/src/network_inspectors/appid/detector_plugins/http_url_patterns.cc
@@ -1567,7 +1567,7 @@ AppId HttpPatternMatchers::get_appid_by_content_type(const char* data, int size)
 
 bool HttpPatternMatchers::get_appid_from_url(char* host, const char* url, char** version,
     const char* referer, AppId* ClientAppId, AppId* serviceAppId, AppId* payloadAppId,
-    AppId* referredPayloadAppId, bool from_rtmp)
+    AppId* referredPayloadAppId, bool from_rtmp, OdpContext& odp_ctxt)
 {
     char* temp_host = nullptr;
     tMlmpPattern patterns[3];
@@ -1667,7 +1667,7 @@ bool HttpPatternMatchers::get_appid_from_url(char* host, const char* url, char**
 
     /* if referred_id feature id disabled, referer will be null */
     if ( referer and (referer[0] != '\0') and (!payload_found or
-        AppInfoManager::get_instance().get_app_info_flags(data->payload_id,
+        odp_ctxt.get_app_info_mgr().get_app_info_flags(data->payload_id,
         APPINFO_FLAG_REFERRED)) )
     {
         const char* referer_start = referer;

diff --git a/src/network_inspectors/appid/detector_plugins/http_url_patterns.h b/src/network_inspectors/appid/detector_plugins/http_url_patterns.h
index 56a9699f3adb490499b0355e36abd3ad65265f85..0d8afd8d2724a83e8be9b97ab9cbe2b19d184d1f 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/http_url_patterns.h
+++ b/src/network_inspectors/appid/detector_plugins/http_url_patterns.h
@@ -42,6 +42,7 @@ struct Packet;
 }
 class AppIdHttpSession;
 class AppIdContext;
+class OdpContext;
 
 enum httpPatternType
 {
@@ -306,7 +307,7 @@ public:
     AppId scan_header_x_working_with(const char*, uint32_t, char**);
     int get_appid_by_pattern(const char*, unsigned, char**);
     bool get_appid_from_url(char*, const char*, char**, const char*, AppId*, AppId*,
-        AppId*, AppId*, bool);
+        AppId*, AppId*, bool, OdpContext&);
     AppId get_appid_by_content_type(const char*, int);
     void get_server_vendor_version(const char*, int, char**, char**, snort::AppIdServiceSubtype**);
     void identify_user_agent(const char*, int, AppId&, AppId&, char**);

diff --git a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h
index fd0a14b797aac669cfac5e269246fd87d486d916..81de2204c329a735699051bb5a83fd7a02417b9d 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h
+++ b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h
@@ -140,8 +140,10 @@ snort::ProfileStats* AppIdModule::get_profile() const
 
 // Stubs for inspectors
 unsigned AppIdSession::inspector_id = 0;
+AppIdConfig stub_config;
+AppIdContext stub_ctxt(stub_config);
 AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector& inspector)
-    : snort::FlowData(inspector_id, (snort::Inspector*)&inspector) { }
+    : snort::FlowData(inspector_id, (snort::Inspector*)&inspector), ctxt(stub_ctxt) { }
 AppIdSession::~AppIdSession() = default;
 AppIdHttpSession::AppIdHttpSession(AppIdSession& asd)
     : asd(asd)
@@ -204,4 +206,7 @@ bool AppIdReloadTuner::tune_resources(unsigned int)
     return true;
 }
 
+OdpContext::OdpContext(AppIdConfig&, snort::SnortConfig*)
+{ }
+
 #endif

diff --git a/src/network_inspectors/appid/detector_plugins/test/http_url_patterns_test.cc b/src/network_inspectors/appid/detector_plugins/test/http_url_patterns_test.cc
index 59c5dfd946dfdab3bd6d74441b2961df065d96ab..3eb6f3340eaec1653bc6ecdbd6da50b90a3f1d07 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/test/http_url_patterns_test.cc
+++ b/src/network_inspectors/appid/detector_plugins/test/http_url_patterns_test.cc
@@ -50,8 +50,8 @@ static char* my_action_data = (char*)"0";
 static const char* my_chp_data = (const char*)"chp_data";
 static int total_found;
 static AppIdConfig config;
-static AppIdContext ctxt(&config);
-static OdpContext odpctxt;
+static AppIdContext ctxt(config);
+static OdpContext odpctxt(config, nullptr);
 OdpContext* AppIdContext::odp_ctxt = &odpctxt;
 static AppId service_id = APP_ID_NONE;
 static AppId client_id = APP_ID_NONE;

diff --git a/src/network_inspectors/appid/host_port_app_cache.cc b/src/network_inspectors/appid/host_port_app_cache.cc
index 83bbdedd3a1676fbc12c032ff4762640cd85491c..d703e903cb3e3489f93732d7a3cbab070378b60e 100644 (file)
--- a/src/network_inspectors/appid/host_port_app_cache.cc
+++ b/src/network_inspectors/appid/host_port_app_cache.cc
@@ -59,8 +59,8 @@ bool HostPortCache::add(const SfIp* ip, uint16_t port, IpProtocol proto, unsigne
 
     hk.ip = *ip;
     AppIdInspector* inspector = (AppIdInspector*) InspectorManager::get_inspector(MOD_NAME, true);
-    AppIdContext* ctxt = inspector->get_ctxt();
-    hk.port = (ctxt->get_odp_ctxt().allow_port_wildcard_host_cache)? 0 : port;
+    AppIdContext& ctxt = inspector->get_ctxt();
+    hk.port = (ctxt.get_odp_ctxt().allow_port_wildcard_host_cache)? 0 : port;
     hk.proto = proto;
 
     hv.appId = appId;

diff --git a/src/network_inspectors/appid/ips_appid_option.cc b/src/network_inspectors/appid/ips_appid_option.cc
index c8f5d0120efe09d2604739414b80b55b20d2ad08..4226805378ec1a9d8aaad574d4ef3ff02e122951 100644 (file)
--- a/src/network_inspectors/appid/ips_appid_option.cc
+++ b/src/network_inspectors/appid/ips_appid_option.cc
@@ -71,7 +71,7 @@ public:
     EvalStatus eval(Cursor&, Packet*) override;
 
 private:
-    bool match_id_against_rule(int32_t id);
+    bool match_id_against_rule(OdpContext& odp_ctxt, int32_t id);
     set<string> appid_table;
 };
 
@@ -102,9 +102,9 @@ bool AppIdIpsOption::operator==(const IpsOption& ips) const
     return ( appid_table == ((const AppIdIpsOption&)ips).appid_table );
 }
 
-bool AppIdIpsOption::match_id_against_rule(int32_t id)
+bool AppIdIpsOption::match_id_against_rule(OdpContext& odp_ctxt, int32_t id)
 {
-    const char *app_name_key = AppInfoManager::get_instance().get_app_name_key(id);
+    const char *app_name_key = odp_ctxt.get_app_info_mgr().get_app_name_key(id);
     if ( nullptr != app_name_key )
     {
         string app_name(app_name_key);
@@ -140,7 +140,8 @@ IpsOption::EvalStatus AppIdIpsOption::eval(Cursor&, Packet* p)
             app_ids[PAYLOAD], app_ids[MISC]);
 
     for ( unsigned i = 0; i < NUM_ID_TYPES; i++ )
-        if ( (app_ids[i] > APP_ID_NONE) && match_id_against_rule(app_ids[i]) )
+        if ( (app_ids[i] > APP_ID_NONE) and
+            match_id_against_rule(session->ctxt.get_odp_ctxt(), app_ids[i]) )
             return MATCH;
 
     return NO_MATCH;

diff --git a/src/network_inspectors/appid/lua_detector_api.cc b/src/network_inspectors/appid/lua_detector_api.cc
index 4164163f331adc16f41e28a1301c4716bcb22cc9..3a9c078051ce8722b8061cf354fed4c4f7d65ac1 100644 (file)
--- a/src/network_inspectors/appid/lua_detector_api.cc
+++ b/src/network_inspectors/appid/lua_detector_api.cc
@@ -238,11 +238,11 @@ static int common_register_application_id(lua_State* L)
     AppId appId = lua_tonumber(L, ++index);
 
     if ( ad->is_client() )
-        ad->register_appid(appId, APPINFO_FLAG_CLIENT_ADDITIONAL);
+        ad->register_appid(appId, APPINFO_FLAG_CLIENT_ADDITIONAL, ud->get_odp_ctxt());
     else
-        ad->register_appid(appId, APPINFO_FLAG_SERVICE_ADDITIONAL);
+        ad->register_appid(appId, APPINFO_FLAG_SERVICE_ADDITIONAL, ud->get_odp_ctxt());
 
-    AppInfoManager::get_instance().set_app_info_active(appId);
+    ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(appId);
 
     lua_pushnumber(L, 0);
     return 1;
@@ -517,7 +517,7 @@ static int service_add_service(lua_State* L)
     /*Phase2 - discuss AppIdServiceSubtype will be maintained on lua side therefore the last
       parameter on the following call is nullptr. Subtype is not displayed on DC at present. */
     unsigned int retValue = ud->sd->add_service(*lsd->ldp.change_bits, *lsd->ldp.asd, lsd->ldp.pkt,
-        lsd->ldp.dir, AppInfoManager::get_instance().get_appid_by_service_id(service_id),
+        lsd->ldp.dir, ud->get_odp_ctxt().get_app_info_mgr().get_appid_by_service_id(service_id),
         vendor, version, nullptr);
 
     lua_pushnumber(L, retValue);
@@ -915,8 +915,8 @@ static int client_add_application(lua_State* L)
     unsigned int productId = lua_tonumber(L, 4);
     const char* version = lua_tostring(L, 5);
     ud->cd->add_app(*lsd->ldp.pkt, *lsd->ldp.asd, lsd->ldp.dir,
-        AppInfoManager::get_instance().get_appid_by_service_id(service_id),
-        AppInfoManager::get_instance().get_appid_by_client_id(productId), version,
+        ud->get_odp_ctxt().get_app_info_mgr().get_appid_by_service_id(service_id),
+        ud->get_odp_ctxt().get_app_info_mgr().get_appid_by_client_id(productId), version,
         *lsd->ldp.change_bits);
 
     lua_pushnumber(L, 0);
@@ -944,7 +944,7 @@ static int client_add_user(lua_State* L)
     const char* userName = lua_tostring(L, 2);
     unsigned int service_id = lua_tonumber(L, 3);
     ud->cd->add_user(*lsd->ldp.asd, userName,
-        AppInfoManager::get_instance().get_appid_by_service_id(service_id), true);
+        ud->get_odp_ctxt().get_app_info_mgr().get_appid_by_service_id(service_id), true);
     lua_pushnumber(L, 0);
     return 1;
 }
@@ -957,7 +957,7 @@ static int client_add_payload(lua_State* L)
 
     unsigned int payloadId = lua_tonumber(L, 2);
     ud->cd->add_payload(*lsd->ldp.asd,
-        AppInfoManager::get_instance().get_appid_by_payload_id(payloadId));
+        ud->get_odp_ctxt().get_app_info_mgr().get_appid_by_payload_id(payloadId));
 
     lua_pushnumber(L, 0);
     return 1;
@@ -1006,7 +1006,7 @@ static int detector_add_http_pattern(lua_State* L)
     }
 
     DHPSequence seq  = (DHPSequence)lua_tointeger(L, ++index);
-    AppInfoManager& aim = AppInfoManager::get_instance();
+    AppInfoManager& aim = ud->get_odp_ctxt().get_app_info_mgr();
     uint32_t service_id = aim.get_appid_by_service_id((uint32_t)lua_tointeger(L, ++index));
     uint32_t client_id = aim.get_appid_by_client_id((uint32_t)lua_tointeger(L, ++index));
     /*uint32_t client_app_type =*/ lua_tointeger(L, ++index);
@@ -1058,7 +1058,7 @@ static int detector_add_ssl_cert_pattern(lua_State* L)
         return 0;
     }
 
-    AppInfoManager::get_instance().set_app_info_active(app_id);
+    ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(app_id);
     return 0;
 }
 
@@ -1121,7 +1121,7 @@ static int detector_add_ssl_cname_pattern(lua_State* L)
         return 0;
     }
 
-    AppInfoManager::get_instance().set_app_info_active(app_id);
+    ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(app_id);
     return 0;
 }
 
@@ -1224,7 +1224,7 @@ static int detector_add_content_type_pattern(lua_State* L)
     detector.pattern_size = strlen((char*)pattern);
     detector.app_id = appId;
     HttpPatternMatchers::get_instance()->insert_content_type_pattern(detector);
-    AppInfoManager::get_instance().set_app_info_active(appId);
+    ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(appId);
 
     return 0;
 }
@@ -1246,7 +1246,7 @@ static int register_callback(lua_State* L, LuaObject& ud, AppInfoFlags flag)
     if (init(L))
     {
         // in control thread, update app info table. app info table is shared across all threads
-        AppInfoTableEntry* entry = AppInfoManager::get_instance().get_app_info_entry(app_id);
+        AppInfoTableEntry* entry = ud.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(app_id);
         if (entry)
         {
             if (entry->flags & flag)
@@ -1350,10 +1350,11 @@ static int detector_callback(const uint8_t* data, uint16_t size, AppidSessionDir
     return ret;
 }
 
-void check_detector_callback(const Packet& p, AppIdSession& asd, AppidSessionDirection dir, AppId app_id, AppidChangeBits& change_bits, AppInfoTableEntry* entry)
+void check_detector_callback(const Packet& p, AppIdSession& asd, AppidSessionDirection dir,
+    AppId app_id, AppidChangeBits& change_bits, AppInfoTableEntry* entry)
 {
     if (!entry)
-        entry = AppInfoManager::get_instance().get_app_info_entry(app_id);
+        entry = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(app_id);
     if (!entry)
         return;
 
@@ -1482,7 +1483,8 @@ static inline int get_chp_action_data(lua_State* L, int index, char** action_dat
 }
 
 static int add_chp_pattern_action(AppId appIdInstance, int isKeyPattern, HttpFieldIds patternType,
-    size_t patternSize, char* patternData, ActionType actionType, char* optionalActionData)
+    size_t patternSize, char* patternData, ActionType actionType, char* optionalActionData,
+    AppInfoManager& app_info_mgr)
 {
     //find the CHP App for this
     auto chp_entry = CHP_glossary->find(appIdInstance);
@@ -1499,7 +1501,6 @@ static int add_chp_pattern_action(AppId appIdInstance, int isKeyPattern, HttpFie
     }
 
     CHPApp* chpapp = chp_entry->second;
-    AppInfoManager& app_info_mgr = AppInfoManager::get_instance();
 
     if (isKeyPattern)
     {
@@ -1619,7 +1620,7 @@ static int detector_add_chp_action(lua_State* L)
     }
 
     return add_chp_pattern_action(appIdInstance, key_pattern, ptype, psize, pattern,
-        action, action_data);
+        action, action_data, ud->get_odp_ctxt().get_app_info_mgr());
 }
 
 static int detector_create_chp_multi_application(lua_State* L)
@@ -1709,7 +1710,7 @@ static int detector_add_chp_multi_action(lua_State* L)
     }
 
     return add_chp_pattern_action(appIdInstance, key_pattern, ptype, psize, pattern,
-        action, action_data);
+        action, action_data, ud->get_odp_ctxt().get_app_info_mgr());
 }
 
 static int detector_port_only_service(lua_State* L)
@@ -1732,7 +1733,7 @@ static int detector_port_only_service(lua_State* L)
     else if (protocol == 17)
         AppIdContext::udp_port_only[port] = appId;
 
-    AppInfoManager::get_instance().set_app_info_active(appId);
+    ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(appId);
 
     return 0;
 }
@@ -1932,7 +1933,7 @@ static int detector_add_url_application(lua_State* L)
         query_pattern = (uint8_t*)snort_strdup(tmp_string);
 
     uint32_t appId = lua_tointeger(L, ++index);
-    AppInfoManager& app_info_manager = AppInfoManager::get_instance();
+    AppInfoManager& app_info_manager = ud->get_odp_ctxt().get_app_info_mgr();
     DetectorAppUrlPattern* pattern =
         (DetectorAppUrlPattern*)snort_calloc(sizeof(DetectorAppUrlPattern));
     pattern->userData.service_id        = app_info_manager.get_appid_by_service_id(service_id);
@@ -2034,7 +2035,7 @@ static int detector_add_rtmp_url(lua_State* L)
     pattern->patterns.scheme.patternSize = (int)schemePatternSize;
     HttpPatternMatchers::get_instance()->insert_rtmp_url_pattern(pattern);
 
-    AppInfoManager& app_info_manager = AppInfoManager::get_instance();
+    AppInfoManager& app_info_manager = ud->get_odp_ctxt().get_app_info_mgr();
     app_info_manager.set_app_info_active(pattern->userData.service_id);
     app_info_manager.set_app_info_active(pattern->userData.client_id);
     app_info_manager.set_app_info_active(pattern->userData.payload_id);
@@ -2071,7 +2072,7 @@ static int detector_add_sip_user_agent(lua_State* L)
 
     SipUdpClientDetector::sipUaPatternAdd(client_app, clientVersion, uaPattern);
 
-    AppInfoManager::get_instance().set_app_info_active(client_app);
+    ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(client_app);
 
     return 0;
 }
@@ -2098,12 +2099,12 @@ static int create_custom_application(lua_State* L)
 
     if (control)
     {
-        AppInfoTableEntry* entry = AppInfoManager::get_instance().add_dynamic_app_entry(tmp_string);
+        AppInfoTableEntry* entry = ud->get_odp_ctxt().get_app_info_mgr().add_dynamic_app_entry(tmp_string);
         appId = entry->appId;
         AppIdPegCounts::add_app_peg_info(tmp_string, appId);
     }
     else
-        appId  = AppInfoManager::get_instance().get_appid_by_name(tmp_string);
+        appId  = ud->get_odp_ctxt().get_app_info_mgr().get_appid_by_name(tmp_string);
 
     lua_pushnumber(L, appId);
     return 1;   /*number of results */
@@ -2193,7 +2194,7 @@ static int add_http_pattern(lua_State* L)
         payload_id, APP_ID_NONE) )
     {
         HttpPatternMatchers::get_instance()->insert_http_pattern(pat_type, pattern);
-        AppInfoManager& app_info_manager = AppInfoManager::get_instance();
+        AppInfoManager& app_info_manager = ud->get_odp_ctxt().get_app_info_mgr();
         app_info_manager.set_app_info_active(service_id);
         app_info_manager.set_app_info_active(client_id);
         app_info_manager.set_app_info_active(payload_id);
@@ -2268,7 +2269,7 @@ static int add_url_pattern(lua_State* L)
     pattern->patterns.scheme.patternSize = (int)schemePatternSize;
     HttpPatternMatchers::get_instance()->insert_app_url_pattern(pattern);
 
-    AppInfoManager& app_info_manager = AppInfoManager::get_instance();
+    AppInfoManager& app_info_manager = ud->get_odp_ctxt().get_app_info_mgr();
     app_info_manager.set_app_info_active(service_id);
     app_info_manager.set_app_info_active(clientAppId);
     app_info_manager.set_app_info_active(payload_id);
@@ -2322,7 +2323,7 @@ static int add_port_pattern_client(lua_State* L)
     pPattern->detectorName = snort_strdup(ud->get_detector()->get_name().c_str());
     PatternClientDetector::insert_client_port_pattern(pPattern);
 
-    AppInfoManager::get_instance().set_app_info_active(appId);
+    ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(appId);
 
     return 0;
 }
@@ -2366,7 +2367,7 @@ static int add_port_pattern_service(lua_State* L)
     pPattern->offset = position;
     pPattern->detectorName = snort_strdup(ud->get_detector()->get_name().c_str());
     PatternServiceDetector::insert_service_port_pattern(pPattern);
-    AppInfoManager::get_instance().set_app_info_active(appId);
+    ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(appId);
 
     return 0;
 }
@@ -2398,7 +2399,7 @@ static int detector_add_sip_server(lua_State* L)
     }
 
     SipUdpClientDetector::sipServerPatternAdd(client_app, clientVersion, uaPattern);
-    AppInfoManager::get_instance().set_app_info_active(client_app);
+    ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(client_app);
 
     return 0;
 }
@@ -2456,7 +2457,7 @@ static int create_future_flow(lua_State* L)
     AppId app_id_to_snort = lua_tointeger(L, 10);
     if (app_id_to_snort > APP_ID_NONE)
     {
-        AppInfoTableEntry* entry = AppInfoManager::get_instance().get_app_info_entry(
+        AppInfoTableEntry* entry = ud->get_odp_ctxt().get_app_info_mgr().get_app_info_entry(
             app_id_to_snort);
         if (!entry)
             return 0;
@@ -2468,7 +2469,7 @@ static int create_future_flow(lua_State* L)
         APPID_EARLY_SESSION_FLAG_FW_RULE);
     if (fp)
     {
-        fp->service.set_id(service_id);
+        fp->service.set_id(service_id, ud->get_odp_ctxt());
         fp->client.set_id(client_id);
         fp->payload.set_id(payload_id);
         fp->set_session_flags(APPID_SESSION_SERVICE_DETECTED | APPID_SESSION_NOT_A_SERVICE |

diff --git a/src/network_inspectors/appid/lua_detector_module.cc b/src/network_inspectors/appid/lua_detector_module.cc
index 0f14efc1877650a7123db49aa620ce9c626a99d1..124e92afc0b29941bcb9e02d1505b287f7064de9 100644 (file)
--- a/src/network_inspectors/appid/lua_detector_module.cc
+++ b/src/network_inspectors/appid/lua_detector_module.cc
@@ -95,7 +95,7 @@ inline void set_control(lua_State* L, int is_control)
     lua_pop(L, 1);
 }
 
-static lua_State* create_lua_state(const AppIdConfig* config, int is_control)
+static lua_State* create_lua_state(const AppIdConfig& config, int is_control)
 {
     auto L = luaL_newstate();
 
@@ -134,12 +134,12 @@ static lua_State* create_lua_state(const AppIdConfig* config, int is_control)
     {
         snprintf(new_lua_path, sizeof(new_lua_path) - 1,
             "%s;%s/odp/libs/?.lua;%s/custom/libs/?.lua",
-            cur_lua_path, config->app_detector_dir, config->app_detector_dir);
+            cur_lua_path, config.app_detector_dir, config.app_detector_dir);
     }
     else
     {
         snprintf(new_lua_path, sizeof(new_lua_path) - 1, "%s/odp/libs/?.lua;%s/custom/libs/?.lua",
-            config->app_detector_dir, config->app_detector_dir);
+            config.app_detector_dir, config.app_detector_dir);
     }
 
     lua_pop(L, 1);
@@ -213,7 +213,7 @@ void LuaDetectorManager::initialize(AppIdContext& ctxt, int is_control)
     lua_detector_mgr->initialize_lua_detectors();
     lua_detector_mgr->activate_lua_detectors();
 
-    if (ctxt.config->debug)
+    if (ctxt.config.debug)
         lua_detector_mgr->list_lua_detectors();
 }
 
@@ -459,7 +459,7 @@ void LuaDetectorManager::load_lua_detectors(const char* path, bool isCustom)
 void LuaDetectorManager::initialize_lua_detectors()
 {
     char path[PATH_MAX];
-    const char* dir = ctxt.config->app_detector_dir;
+    const char* dir = ctxt.config.app_detector_dir;
 
     if ( !dir )
         return;

diff --git a/src/network_inspectors/appid/service_plugins/service_detector.cc b/src/network_inspectors/appid/service_plugins/service_detector.cc
index 4e25521efa29525eb7c30ca04ba0762be8d5dac2..9bbbb4ddc936763c1c70c53341b0062e91f23cfd 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_detector.cc
+++ b/src/network_inspectors/appid/service_plugins/service_detector.cc
@@ -44,12 +44,12 @@ ServiceDetector::ServiceDetector()
     client = false;
 }
 
-void ServiceDetector::register_appid(AppId appId, unsigned extractsInfo)
+void ServiceDetector::register_appid(AppId appId, unsigned extractsInfo, OdpContext& odp_ctxt)
 {
-    AppInfoTableEntry* pEntry = AppInfoManager::get_instance().get_app_info_entry(appId);
+    AppInfoTableEntry* pEntry = odp_ctxt.get_app_info_mgr().get_app_info_entry(appId);
     if (!pEntry)
     {
-        if ( AppInfoManager::get_instance().configured() )
+        if ( odp_ctxt.get_app_info_mgr().configured() )
         {
             ParseWarning(WARN_RULES,
                 "appid: no entry for %d in appMapping.data; no rule support for this ID.",
@@ -90,7 +90,7 @@ int ServiceDetector::update_service_data(AppIdSession& asd, const Packet* pkt, A
     asd.service.set_vendor(vendor);
     asd.service.set_version(version, change_bits);
     asd.set_service_detected();
-    asd.service.set_id(appId);
+    asd.service.set_id(appId, asd.ctxt.get_odp_ctxt());
 
     if (asd.get_session_flags(APPID_SESSION_IGNORE_HOST))
         return APPID_SUCCESS;

diff --git a/src/network_inspectors/appid/service_plugins/service_detector.h b/src/network_inspectors/appid/service_plugins/service_detector.h
index 47eef7fad03a329ab86ed6421e795c80fadd690f..fb57de27aea5f3b3588bcc58636291836f6f13f5 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_detector.h
+++ b/src/network_inspectors/appid/service_plugins/service_detector.h
@@ -34,7 +34,7 @@ public:
 
     void do_custom_init() override { }
     void release_thread_resources() override { }
-    void register_appid(AppId, unsigned extractsInfo) override;
+    void register_appid(AppId, unsigned extractsInfo, OdpContext& odp_ctxt) override;
 
     int service_inprocess(AppIdSession&, const snort::Packet*, AppidSessionDirection dir);
 

diff --git a/src/network_inspectors/appid/service_plugins/service_discovery.cc b/src/network_inspectors/appid/service_plugins/service_discovery.cc
index 1001aa954fa3b01927705581c93fe1f86e571038..a28eded45aaf522625dfa039cba242f8e8cf006c 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_discovery.cc
+++ b/src/network_inspectors/appid/service_plugins/service_discovery.cc
@@ -613,7 +613,7 @@ bool ServiceDiscovery::do_service_discovery(AppIdSession& asd, Packet* p,
         {
             // Third party has positively identified appId; Dig deeper only if our
             // detector identifies additional information or flow is UDP reversed.
-            AppInfoTableEntry* entry = asd.app_info_mgr->get_app_info_entry(tp_app_id);
+            AppInfoTableEntry* entry = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(tp_app_id);
             if ( entry && entry->service_detector &&
                 ( ( entry->flags & APPINFO_FLAG_SERVICE_ADDITIONAL ) ||
                 ( ( entry->flags & APPINFO_FLAG_SERVICE_UDP_REVERSED ) &&
@@ -639,7 +639,7 @@ bool ServiceDiscovery::do_service_discovery(AppIdSession& asd, Packet* p,
          !asd.get_session_flags(APPID_SESSION_NO_TPI) and
          asd.is_tp_appid_available() )
     {
-        AppInfoTableEntry* entry = asd.app_info_mgr->get_app_info_entry(tp_app_id);
+        AppInfoTableEntry* entry = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_entry(tp_app_id);
         if ( entry && entry->service_detector &&
             !(entry->flags & APPINFO_FLAG_SERVICE_ADDITIONAL) )
         {
@@ -658,7 +658,7 @@ bool ServiceDiscovery::do_service_discovery(AppIdSession& asd, Packet* p,
             // job of it than we do, so stay out of its way, and don't
             // waste time (but we will still get the Snort callbacks
             // for any of our own future flows). Shut down our detectors.
-            asd.service.set_id(APP_ID_SIP);
+            asd.service.set_id(APP_ID_SIP, asd.ctxt.get_odp_ctxt());
             asd.stop_rna_service_inspection(p, direction);
             asd.service_disco_state = APPID_DISCO_STATE_FINISHED;
         }
@@ -667,7 +667,7 @@ bool ServiceDiscovery::do_service_discovery(AppIdSession& asd, Packet* p,
         {
             // No need for anybody to keep wasting time once we've
             // found RTP - Shut down our detectors.
-            asd.service.set_id(tp_app_id);
+            asd.service.set_id(tp_app_id, asd.ctxt.get_odp_ctxt());
             asd.stop_rna_service_inspection(p, direction);
             asd.service_disco_state = APPID_DISCO_STATE_FINISHED;
             //  - Shut down TP.
@@ -696,7 +696,7 @@ bool ServiceDiscovery::do_service_discovery(AppIdSession& asd, Packet* p,
         }
 
         AppIdDnsSession* dsession = asd.get_dns_session();
-        if (asd.service.get_id() == APP_ID_DNS && asd.ctxt->get_odp_ctxt().dns_host_reporting
+        if (asd.service.get_id() == APP_ID_DNS && asd.ctxt.get_odp_ctxt().dns_host_reporting
             && dsession->get_host())
         {
             AppId client_id = APP_ID_NONE;
@@ -739,7 +739,7 @@ int ServiceDiscovery::incompatible_data(AppIdSession& asd, const Packet* pkt, Ap
 
     asd.set_service_detected();
     asd.clear_session_flags(APPID_SESSION_CONTINUE);
-    asd.service.set_id(APP_ID_NONE);
+    asd.service.set_id(APP_ID_NONE, asd.ctxt.get_odp_ctxt());
 
     if ( asd.get_session_flags(APPID_SESSION_IGNORE_HOST | APPID_SESSION_UDP_REVERSED) )
         return APPID_SUCCESS;
@@ -775,7 +775,7 @@ int ServiceDiscovery::fail_service(AppIdSession& asd, const Packet* pkt, AppidSe
     if ( !asd.service_detector && !asd.service_candidates.empty() )
         return APPID_SUCCESS;
 
-    asd.service.set_id(APP_ID_NONE);
+    asd.service.set_id(APP_ID_NONE, asd.ctxt.get_odp_ctxt());
     asd.set_service_detected();
     asd.clear_session_flags(APPID_SESSION_CONTINUE);
 

diff --git a/src/network_inspectors/appid/service_plugins/service_ftp.cc b/src/network_inspectors/appid/service_plugins/service_ftp.cc
index ccc282311722f8f332b207fd41aadf614960486f..e3d93a7888be6aef8d34a037ce3195b7540a36f0 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_ftp.cc
+++ b/src/network_inspectors/appid/service_plugins/service_ftp.cc
@@ -893,12 +893,12 @@ void FtpServiceDetector::create_expected_session(AppIdSession& asd, const Packet
         uint64_t encrypted_flags = asd.get_session_flags(APPID_SESSION_ENCRYPTED | APPID_SESSION_DECRYPTED);
         if (encrypted_flags == APPID_SESSION_ENCRYPTED)
         {
-            fp->service.set_id(APP_ID_FTPSDATA);
+            fp->service.set_id(APP_ID_FTPSDATA, asd.ctxt.get_odp_ctxt());
         }
         else
         {
             encrypted_flags = 0; // reset (APPID_SESSION_ENCRYPTED | APPID_SESSION_DECRYPTED) bits
-            fp->service.set_id(APP_ID_FTP_DATA);
+            fp->service.set_id(APP_ID_FTP_DATA, asd.ctxt.get_odp_ctxt());
         }
 
         initialize_expected_session(asd, *fp, APPID_SESSION_IGNORE_ID_FLAGS | encrypted_flags, dir);

diff --git a/src/network_inspectors/appid/service_plugins/service_mdns.cc b/src/network_inspectors/appid/service_plugins/service_mdns.cc
index a8e7287ef343b11fab6a4c3e2db70b08fb0bfa91..f48ae13604cdf543bf958e0d7d7511ee545422ba 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_mdns.cc
+++ b/src/network_inspectors/appid/service_plugins/service_mdns.cc
@@ -150,7 +150,7 @@ int MdnsServiceDetector::validate(AppIdDiscoveryArgs& args)
         ret_val = validate_reply(args.data, args.size);
         if (ret_val == 1)
         {
-            if (args.ctxt->get_odp_ctxt().mdns_user_reporting)
+            if (args.ctxt.get_odp_ctxt().mdns_user_reporting)
             {
                 analyze_user(args.asd, args.pkt, args.size);
                 destroy_match_list();

diff --git a/src/network_inspectors/appid/service_plugins/service_rtmp.cc b/src/network_inspectors/appid/service_plugins/service_rtmp.cc
index f55f2ae37e233a0594d59b91f4e736704d4e1f39..c715efcefe059d71cc0c27e36f5bfbfb0d92a017 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_rtmp.cc
+++ b/src/network_inspectors/appid/service_plugins/service_rtmp.cc
@@ -615,7 +615,7 @@ int RtmpServiceDetector::validate(AppIdDiscoveryArgs& args)
     }
 
     /* Give up if it's taking us too long to figure out this thing. */
-    if (args.asd.session_packet_count >= args.asd.ctxt->get_odp_ctxt().rtmp_max_packets)
+    if (args.asd.session_packet_count >= args.asd.ctxt.get_odp_ctxt().rtmp_max_packets)
     {
         goto fail;
     }
@@ -648,7 +648,7 @@ success:
     if ( ss->pageUrl )
     {
         if ( !hsession->get_field(REQ_REFERER_FID) &&
-            !args.asd.ctxt->get_odp_ctxt().referred_appId_disabled )
+            !args.asd.ctxt.get_odp_ctxt().referred_appId_disabled )
             hsession->set_field(REQ_REFERER_FID, new std::string(ss->pageUrl), args.change_bits);
 
         snort_free(ss->pageUrl);

diff --git a/src/network_inspectors/appid/service_plugins/service_snmp.cc b/src/network_inspectors/appid/service_plugins/service_snmp.cc
index 1ce4b44b42391fc40ee16b3f27a4842d8d457f1b..438f514686643bb8c1bb88c075642d05d82f8fa8 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_snmp.cc
+++ b/src/network_inspectors/appid/service_plugins/service_snmp.cc
@@ -472,7 +472,7 @@ int SnmpServiceDetector::validate(AppIdDiscoveryArgs& args)
         {
             args.asd.set_session_flags(APPID_SESSION_SERVICE_DETECTED | APPID_SESSION_NOT_A_SERVICE);
             args.asd.clear_session_flags(APPID_SESSION_CONTINUE);
-            args.asd.service.set_id(APP_ID_SNMP);
+            args.asd.service.set_id(APP_ID_SNMP, args.asd.ctxt.get_odp_ctxt());
             break;
         }
         sd->state = SNMP_STATE_RESPONSE;

diff --git a/src/network_inspectors/appid/service_plugins/service_ssl.cc b/src/network_inspectors/appid/service_plugins/service_ssl.cc
index 69ea7bff582654ad407597f7ceb493f9dc39ed95..5802f651739cd98dd3f691b676d57aca0ad5a685 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_ssl.cc
+++ b/src/network_inspectors/appid/service_plugins/service_ssl.cc
@@ -1025,9 +1025,9 @@ void ssl_detector_free_patterns()
     ssl_patterns_free(&service_ssl_config.DetectorSSLCnamePatternList);
 }
 
-bool setSSLSquelch(Packet* p, int type, AppId appId)
+bool setSSLSquelch(Packet* p, int type, AppId appId, OdpContext& odp_ctxt)
 {
-    if (!AppInfoManager::get_instance().get_app_info_flags(appId, APPINFO_FLAG_SSL_SQUELCH))
+    if (!odp_ctxt.get_app_info_mgr().get_app_info_flags(appId, APPINFO_FLAG_SSL_SQUELCH))
         return false;
 
     const SfIp* dip = p->ptrs.ip_api.get_dst();

diff --git a/src/network_inspectors/appid/service_plugins/service_ssl.h b/src/network_inspectors/appid/service_plugins/service_ssl.h
index 31ab767c0db92c06d21ebfeabb0d5f88587fc4d6..2836a6420cadedcebfd088c104635ac5fcfaf56c 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_ssl.h
+++ b/src/network_inspectors/appid/service_plugins/service_ssl.h
@@ -24,6 +24,7 @@
 
 #include "service_detector.h"
 
+class OdpContext;
 class ServiceDiscovery;
 
 class SslServiceDetector : public ServiceDetector
@@ -43,7 +44,7 @@ int ssl_scan_cname(const uint8_t*, size_t, AppId&, AppId&);
 int ssl_add_cert_pattern(uint8_t*, size_t, uint8_t, AppId);
 int ssl_add_cname_pattern(uint8_t*, size_t, uint8_t, AppId);
 void ssl_detector_free_patterns();
-bool setSSLSquelch(snort::Packet*, int type, AppId);
+bool setSSLSquelch(snort::Packet*, int type, AppId, OdpContext&);
 
 #endif
 

diff --git a/src/network_inspectors/appid/test/appid_api_test.cc b/src/network_inspectors/appid/test/appid_api_test.cc
index b15d8d3d329be98b9c15d0548172e367a44c053e..e5c7bf5aaae733a528e584743e4ce8316cfe1f27 100644 (file)
--- a/src/network_inspectors/appid/test/appid_api_test.cc
+++ b/src/network_inspectors/appid/test/appid_api_test.cc
@@ -85,13 +85,17 @@ TEST_GROUP(appid_api)
 
 TEST(appid_api, get_application_name)
 {
-    const char* app_name = appid_api.get_application_name(1066);
+    AppIdConfig config;
+    AppIdContext ctxt(config);
+    const char* app_name = appid_api.get_application_name(1066, ctxt);
     STRCMP_EQUAL(app_name, test_app_name);
 }
 
 TEST(appid_api, get_application_id)
 {
-    AppId id = appid_api.get_application_id(test_app_name);
+    AppIdConfig config;
+    AppIdContext ctxt(config);
+    AppId id = appid_api.get_application_id(test_app_name, ctxt);
     CHECK_EQUAL(id, 1492);
 }
 

diff --git a/src/network_inspectors/appid/test/appid_debug_test.cc b/src/network_inspectors/appid/test/appid_debug_test.cc
index 1053376d097af216e06ea19b2f4bb27cfb478d7d..791c7e35c32b5883a26fb7f1148474f4d8c9ac98 100644 (file)
--- a/src/network_inspectors/appid/test/appid_debug_test.cc
+++ b/src/network_inspectors/appid/test/appid_debug_test.cc
@@ -52,8 +52,12 @@ public:
     AppIdInspector() = default;
 };
 
+AppIdConfig::~AppIdConfig() { }
+
+AppIdConfig stub_config;
+AppIdContext stub_ctxt(stub_config);
 AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector&)
-    : FlowData(0) { }
+    : FlowData(0), ctxt(stub_ctxt) { }
 AppIdSession::~AppIdSession() = default;
 
 // Utility functions

diff --git a/src/network_inspectors/appid/test/appid_detector_test.cc b/src/network_inspectors/appid/test/appid_detector_test.cc
index 633e69e7dc134c68c4570244c4abe524f1a9f4d3..1c1a565223edd856d19aeffc25a0a18539bf8285 100644 (file)
--- a/src/network_inspectors/appid/test/appid_detector_test.cc
+++ b/src/network_inspectors/appid/test/appid_detector_test.cc
@@ -36,6 +36,7 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+snort::Inspector* snort::InspectorManager::get_inspector(char const*, bool, snort::SnortConfig*) { }
 void ApplicationDescriptor::set_id(const Packet&, AppIdSession&, AppidSessionDirection, AppId, AppidChangeBits&) { }
 void AppIdHttpSession::set_http_change_bits(AppidChangeBits&, HttpFieldIds) {}
 
@@ -46,7 +47,7 @@ public:
 
     void do_custom_init() override { }
     int validate(AppIdDiscoveryArgs&) override { return 0; }
-    void register_appid(AppId, unsigned) override { }
+    void register_appid(AppId, unsigned, OdpContext&) override { }
     void release_thread_resources() override { }
 };
 

diff --git a/src/network_inspectors/appid/test/appid_discovery_test.cc b/src/network_inspectors/appid/test/appid_discovery_test.cc
index 762e609cf331b5add6c9727486fda7c623a88baf..7b488e12182aa4175978a6cbfd7fc80a1d77a77a 100644 (file)
--- a/src/network_inspectors/appid/test/appid_discovery_test.cc
+++ b/src/network_inspectors/appid/test/appid_discovery_test.cc
@@ -138,11 +138,8 @@ PegCount* AppIdModule::get_counts() const { return nullptr; }
 ProfileStats* AppIdModule::get_profile() const { return nullptr; }
 
 // Stubs for config
-AppIdConfig::~AppIdConfig() {}
 static AppIdConfig app_config;
-static AppIdContext app_ctxt(&app_config);
-static OdpContext odpctxt;
-OdpContext* AppIdContext::odp_ctxt = &odpctxt;
+static AppIdContext app_ctxt(app_config);
 AppId AppIdContext::get_port_service_id(IpProtocol, uint16_t)
 {
     return APP_ID_NONE;
@@ -154,17 +151,17 @@ AppId AppIdContext::get_protocol_service_id(IpProtocol)
 }
 
 // Stubs for AppIdInspector
-AppIdInspector::AppIdInspector(AppIdModule&) {}
+AppIdInspector::AppIdInspector(AppIdModule&) { ctxt = &stub_ctxt; }
 AppIdInspector::~AppIdInspector() = default;
 void AppIdInspector::eval(Packet*) { }
 bool AppIdInspector::configure(SnortConfig*) { return true; }
 void AppIdInspector::show(SnortConfig*) { }
 void AppIdInspector::tinit() { }
 void AppIdInspector::tterm() { }
-AppIdContext* AppIdInspector::get_ctxt()
+AppIdContext& AppIdInspector::get_ctxt() const
 {
-    app_ctxt.config = &app_config;
-    return &app_ctxt;
+    assert(ctxt);
+    return *ctxt;
 }
 
 // Stubs for AppInfoManager
@@ -332,7 +329,6 @@ TEST(appid_discovery_tests, event_published_when_ignoring_flow)
     Flow* flow = new Flow;
     flow->set_flow_data(asd);
     p.flow = flow;
-    asd->ctxt = &app_ctxt;
     asd->common.initiator_port = 21;
     asd->common.initiator_ip.set("1.2.3.4");
     asd->set_session_flags(APPID_SESSION_IGNORE_FLOW);
@@ -364,7 +360,6 @@ TEST(appid_discovery_tests, event_published_when_processing_flow)
     Flow* flow = new Flow;
     flow->set_flow_data(asd);
     p.flow = flow;
-    asd->ctxt = &app_ctxt;
     asd->common.initiator_port = 21;
     asd->common.initiator_ip.set("1.2.3.4");
 
@@ -421,13 +416,12 @@ TEST(appid_discovery_tests, change_bits_for_non_http_appid)
     flow->set_flow_data(asd);
     p.flow = flow;
     p.ptrs.tcph = nullptr;
-    asd->ctxt = &app_ctxt;
     asd->common.initiator_port = 21;
     asd->common.initiator_ip.set("1.2.3.4");
     asd->misc_app_id = APP_ID_NONE;
     asd->payload.set_id(APP_ID_NONE);
     asd->client.set_id(APP_ID_CURL);
-    asd->service.set_id(APP_ID_FTP);
+    asd->service.set_id(APP_ID_FTP, app_ctxt.get_odp_ctxt());
 
     AppIdDiscovery::do_application_discovery(&p, ins, nullptr);
 
@@ -441,7 +435,7 @@ TEST(appid_discovery_tests, change_bits_for_non_http_appid)
     asd->misc_app_id = APP_ID_NONE;
     asd->payload.set_id(APP_ID_NONE);
     asd->client.set_id(APP_ID_NONE);
-    asd->service.set_id(APP_ID_DNS);
+    asd->service.set_id(APP_ID_DNS, app_ctxt.get_odp_ctxt());
     AppIdDiscovery::do_application_discovery(&p, ins, nullptr);
 
     // Detect event for DNS service

diff --git a/src/network_inspectors/appid/test/appid_expected_flags_test.cc b/src/network_inspectors/appid/test/appid_expected_flags_test.cc
index 871e2f9e9633101c0dc1e87b9bb1c627c9201304..3d23047441d921b8fd61391dbd6c95a6925ac5f1 100644 (file)
--- a/src/network_inspectors/appid/test/appid_expected_flags_test.cc
+++ b/src/network_inspectors/appid/test/appid_expected_flags_test.cc
@@ -28,6 +28,8 @@
 #include <CppUTest/CommandLineTestRunner.h>
 #include <CppUTest/TestHarness.h>
 
+snort::Inspector* snort::InspectorManager::get_inspector(char const*, bool, snort::SnortConfig*) { return nullptr; }
+
 void ApplicationDescriptor::set_id(const Packet&, AppIdSession&, AppidSessionDirection, AppId, AppidChangeBits&) { }
 void AppIdHttpSession::set_http_change_bits(AppidChangeBits&, HttpFieldIds) {}
 

diff --git a/src/network_inspectors/appid/test/appid_http_session_test.cc b/src/network_inspectors/appid/test/appid_http_session_test.cc
index aab2c7116533d2698a13ef0fb7ce313cb68f26db..9794b4a3e6469f2c356c8dfe1c3ca53a18500ea4 100644 (file)
--- a/src/network_inspectors/appid/test/appid_http_session_test.cc
+++ b/src/network_inspectors/appid/test/appid_http_session_test.cc
@@ -31,6 +31,7 @@
 #include "service_inspectors/http_inspect/http_msg_header.h"
 #include "tp_appid_module_api.h"
 #include "tp_appid_session_api.h"
+#include "appid_config.h"
 #include "appid_http_session.h"
 #include "appid_module.h"
 
@@ -91,15 +92,20 @@ AppId HttpPatternMatchers::get_appid_by_content_type(const char*, int)
 }
 
 bool HttpPatternMatchers::get_appid_from_url(char*, const char*, char**,
-    const char*, AppId*, AppId*, AppId*, AppId* referredPayloadAppId, bool)
+    const char*, AppId*, AppId*, AppId*, AppId* referredPayloadAppId, bool, OdpContext&)
 {
     *referredPayloadAppId = APP_ID_FACEBOOK;
     return true;
 }
 
+static AppIdConfig stub_config;
+static AppIdContext stub_ctxt(stub_config);
+static OdpContext stub_odp_ctxt(stub_config, nullptr);
+OdpContext* AppIdContext::odp_ctxt = &stub_odp_ctxt;
+
 // AppIdSession mock functions
 AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector& inspector)
-    : FlowData(inspector_id, &inspector)
+    : FlowData(inspector_id, &inspector), ctxt(stub_ctxt)
 {
 }
 
@@ -164,6 +170,9 @@ void Profiler::show_stats() { }
 MemoryContext::MemoryContext(MemoryTracker&) { }
 MemoryContext::~MemoryContext() { }
 
+OdpContext::OdpContext(AppIdConfig&, snort::SnortConfig*) { }
+AppIdConfig::~AppIdConfig() { }
+
 unsigned AppIdSession::inspector_id = 0;
 THREAD_LOCAL AppIdDebug* appidDebug = nullptr;
 
@@ -266,7 +275,9 @@ TEST(appid_http_session, change_bits_for_referred_appid)
     // Testing set_referred_payload_app_id_data
     AppidChangeBits change_bits;
     AppIdPegCounts::init_pegs();
-    session.service.set_id(APP_ID_HTTP);
+    AppIdConfig config;
+    OdpContext odp_ctxt(config, nullptr);
+    session.service.set_id(APP_ID_HTTP, odp_ctxt);
     session.scan_flags |= SCAN_HTTP_HOST_URL_FLAG;
     hsession.set_skip_simple_detect(false);
     hsession.set_field( (HttpFieldIds)2, new std::string("referer"), change_bits );

diff --git a/src/network_inspectors/appid/test/appid_mock_inspector.h b/src/network_inspectors/appid/test/appid_mock_inspector.h
index c94782862b0e7aee2ec62f4ef0d3dec8b63a34a5..cf9f6137b279170f4e93741e6701a86ee6087868 100644 (file)
--- a/src/network_inspectors/appid/test/appid_mock_inspector.h
+++ b/src/network_inspectors/appid/test/appid_mock_inspector.h
@@ -21,6 +21,8 @@
 #ifndef APPID_MOCK_INSPECTOR_H
 #define APPID_MOCK_INSPECTOR_H
 
+#include "appid_inspector.h"
+
 typedef uint64_t Trace;
 class Value;
 
@@ -58,17 +60,14 @@ const PegInfo* AppIdModule::get_pegs() const { return nullptr; }
 PegCount* AppIdModule::get_counts() const { return nullptr; }
 snort::ProfileStats* AppIdModule::get_profile() const { return nullptr; }
 
-class AppIdInspector : public snort::Inspector
-{
-public:
-    AppIdInspector(AppIdModule& ) { }
-    ~AppIdInspector() override = default;
-    void eval(snort::Packet*) override { }
-    bool configure(snort::SnortConfig*) override { return true; }
-    void show(snort::SnortConfig*) override { }
-    void tinit() override { }
-    void tterm() override { }
-};
+AppIdInspector::AppIdInspector(AppIdModule& ) { }
+AppIdInspector::~AppIdInspector() { }
+void AppIdInspector::eval(snort::Packet*) { }
+bool AppIdInspector::configure(snort::SnortConfig*) { return true; }
+void AppIdInspector::show(snort::SnortConfig*) { }
+void AppIdInspector::tinit() { }
+void AppIdInspector::tterm() { }
+AppIdContext& AppIdInspector::get_ctxt() const { return *ctxt; }
 
 AppIdModule appid_mod;
 AppIdInspector appid_inspector( appid_mod );

diff --git a/src/network_inspectors/appid/test/appid_mock_session.h b/src/network_inspectors/appid/test/appid_mock_session.h
index 994f6e1cbce4d679e80a5c14862545f178f04f7b..400a09948c4f51b5ce75272f1e06690be5ed075a 100644 (file)
--- a/src/network_inspectors/appid/test/appid_mock_session.h
+++ b/src/network_inspectors/appid/test/appid_mock_session.h
@@ -70,8 +70,15 @@ public:
     }
 };
 
+AppIdConfig::~AppIdConfig() { }
+OdpContext::OdpContext(AppIdConfig&, snort::SnortConfig*) { }
+
+static AppIdConfig stub_config;
+static AppIdContext stub_ctxt(stub_config);
+static OdpContext stub_odp_ctxt(stub_config, nullptr);
+OdpContext* AppIdContext::odp_ctxt = &stub_odp_ctxt;
 AppIdSession::AppIdSession(IpProtocol proto, const SfIp*, uint16_t, AppIdInspector& inspector)
-    : FlowData(inspector_id, &inspector), protocol(proto)
+    : FlowData(inspector_id, &inspector), ctxt(stub_ctxt), protocol(proto)
 {
     common.flow_type = APPID_FLOW_TYPE_NORMAL;
     service_port = APPID_UT_SERVICE_PORT;
@@ -96,7 +103,7 @@ AppIdSession::AppIdSession(IpProtocol proto, const SfIp*, uint16_t, AppIdInspect
 
     dsession = new MockAppIdDnsSession;
     tp_app_id = APPID_UT_ID;
-    service.set_id(APPID_UT_ID + 1);
+    service.set_id(APPID_UT_ID + 1, ctxt.get_odp_ctxt());
     client_inferred_service_id = APPID_UT_ID + 2;
     service.set_port_service_id(APPID_UT_ID + 3);
     payload.set_id(APPID_UT_ID + 4);

diff --git a/src/network_inspectors/appid/test/appid_session_api_test.cc b/src/network_inspectors/appid/test/appid_session_api_test.cc
index 11a57d670fad2d521a158badfaf9d3ce7290eb60..ed08d46d98e2e1a5d5d878147d8423c86a205efc 100644 (file)
--- a/src/network_inspectors/appid/test/appid_session_api_test.cc
+++ b/src/network_inspectors/appid/test/appid_session_api_test.cc
@@ -31,6 +31,7 @@
 #include <CppUTest/TestHarness.h>
 
 void ApplicationDescriptor::set_id(const Packet&, AppIdSession&, AppidSessionDirection, AppId, AppidChangeBits&) { }
+
 void BootpServiceDetector::AppIdFreeDhcpData(DHCPData* data)
 {
     delete data;
@@ -48,8 +49,8 @@ void NbdgmServiceDetector::AppIdFreeSMBData(FpSMBData* data)
 
 AppIdSession* mock_session = nullptr;
 AppIdSessionApi* appid_session_api = nullptr;
-static OdpContext odpctxt;
-OdpContext* AppIdContext::odp_ctxt = &odpctxt;
+static AppIdConfig config;
+static OdpContext odpctxt(config, nullptr);
 
 TEST_GROUP(appid_session_api)
 {
@@ -221,7 +222,7 @@ TEST(appid_session_api, is_appid_inspecting_session)
 
     // 4th if in is_appid_inspecting_session
     mock_session->set_tp_app_id(APP_ID_NONE);
-    mock_session->ctxt->get_odp_ctxt().check_host_port_app_cache = true;
+    mock_session->ctxt.get_odp_ctxt().check_host_port_app_cache = true;
     val = appid_session_api->is_appid_inspecting_session();
     CHECK_TRUE(val);
 }
@@ -386,8 +387,6 @@ int main(int argc, char** argv)
 {
     mock_init_appid_pegs();
     mock_session = new AppIdSession(IpProtocol::TCP, nullptr, 1492, appid_inspector);
-    AppIdConfig *config = new AppIdConfig();
-    mock_session->ctxt = new AppIdContext(config);
     int rc = CommandLineTestRunner::RunAllTests(argc, argv);
     mock_cleanup_appid_pegs();
     return rc;

diff --git a/src/network_inspectors/appid/test/service_state_test.cc b/src/network_inspectors/appid/test/service_state_test.cc
index 6944275b5593bd2fef17c851ec50ac5b7336a66e..1477263c622aae232c6bb65ae2931ca1052ff811 100644 (file)
--- a/src/network_inspectors/appid/test/service_state_test.cc
+++ b/src/network_inspectors/appid/test/service_state_test.cc
@@ -72,8 +72,11 @@ THREAD_LOCAL AppIdStats appid_stats;
 void AppIdDebug::activate(const Flow*, const AppIdSession*, bool) { active = true; }
 
 void ApplicationDescriptor::set_id(const Packet&, AppIdSession&, AppidSessionDirection, AppId, AppidChangeBits&) { }
+AppIdConfig::~AppIdConfig() { }
+AppIdConfig stub_config;
+AppIdContext stub_ctxt(stub_config);
 AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector&)
-    : FlowData(0) {}
+    : FlowData(0), ctxt(stub_ctxt) {}
 AppIdSession::~AppIdSession() = default;
 AppIdDiscovery::AppIdDiscovery() {}
 AppIdDiscovery::~AppIdDiscovery() {}

diff --git a/src/network_inspectors/appid/test/tp_lib_handler_test.cc b/src/network_inspectors/appid/test/tp_lib_handler_test.cc
index f75ab9ff8a7eca70ab1824522a8adb7b0af81b88..cadced2cbd673c6646a11c1054497a9c2cdd50b7 100644 (file)
--- a/src/network_inspectors/appid/test/tp_lib_handler_test.cc
+++ b/src/network_inspectors/appid/test/tp_lib_handler_test.cc
@@ -39,12 +39,13 @@ using namespace std;
 
 static TPLibHandler* tph = nullptr;
 static AppIdConfig config;
-static AppIdContext ctxt(&config);
-static OdpContext odpctxt;
-OdpContext* AppIdContext::odp_ctxt = &odpctxt;
+static AppIdContext ctxt(config);
+static OdpContext stub_odp_ctxt(config, nullptr);
+OdpContext* AppIdContext::odp_ctxt = &stub_odp_ctxt;
 ThirdPartyAppIdContext* AppIdContext::tp_appid_ctxt = nullptr;
 
 AppIdConfig::~AppIdConfig() { }
+OdpContext::OdpContext(AppIdConfig&, snort::SnortConfig*) { }
 
 TEST_GROUP(tp_lib_handler)
 {

diff --git a/src/network_inspectors/appid/test/tp_mock.cc b/src/network_inspectors/appid/test/tp_mock.cc
index 88a4de79a7cb3c05f8b36781ba880b37e2f7023e..c64f4eeced23e590c09c8d79a147b0d6ff52fbe6 100644 (file)
--- a/src/network_inspectors/appid/test/tp_mock.cc
+++ b/src/network_inspectors/appid/test/tp_mock.cc
@@ -86,7 +86,7 @@ extern "C"
 {
     SO_PUBLIC ThirdPartyAppIdContextImpl* tp_appid_create_ctxt(ThirdPartyConfig& config)
     {
-        return new ThirdPartyAppIdContextImpl(3,"foobar", config);
+        return new ThirdPartyAppIdContextImpl(THIRD_PARTY_APPID_API_VERSION,"foobar", config);
     }
 
     SO_PUBLIC ThirdPartyAppIdSessionImpl* tp_appid_create_session(ThirdPartyAppIdContext& ctxt)

diff --git a/src/network_inspectors/appid/tp_appid_module_api.h b/src/network_inspectors/appid/tp_appid_module_api.h
index d397122a36322a9f94b22c81741ae703b7fcf09f..818dd7c3c8e7f698b1d69eb90dbf101c542adb4b 100644 (file)
--- a/src/network_inspectors/appid/tp_appid_module_api.h
+++ b/src/network_inspectors/appid/tp_appid_module_api.h
@@ -25,7 +25,7 @@
 #include <string>
 #include "tp_appid_types.h"
 
-#define THIRD_PARTY_APP_ID_API_VERSION 3
+#define THIRD_PARTY_APPID_API_VERSION 4
 
 class ThirdPartyConfig
 {

diff --git a/src/network_inspectors/appid/tp_appid_session_api.h b/src/network_inspectors/appid/tp_appid_session_api.h
index e025ec45c8d6b20b22a28fa9159994b3d6cba33a..a7335b792dee75a282b6583fa0c39422be7ade59 100644 (file)
--- a/src/network_inspectors/appid/tp_appid_session_api.h
+++ b/src/network_inspectors/appid/tp_appid_session_api.h
@@ -55,8 +55,8 @@ public:
     virtual void set_attr(TPSessionAttr) = 0;
     virtual unsigned get_attr(TPSessionAttr) = 0;
     virtual AppId get_appid(int& conf) { conf=confidence; return appid; }
-    virtual const ThirdPartyAppIdContext* get_ctxt() const
-    { return &ctxt; }
+    virtual const ThirdPartyAppIdContext& get_ctxt() const
+    { return ctxt; }
 
 protected:
     AppId appid;

diff --git a/src/network_inspectors/appid/tp_appid_utils.cc b/src/network_inspectors/appid/tp_appid_utils.cc
index 305ade9e08094564d457c92013efd7731242e5f8..03572b834763fa50bab782817de8b7896ab93bc0 100644 (file)
--- a/src/network_inspectors/appid/tp_appid_utils.cc
+++ b/src/network_inspectors/appid/tp_appid_utils.cc
@@ -61,12 +61,12 @@ static inline bool check_reinspect(const Packet* p, const AppIdSession& asd)
            !asd.get_session_flags(APPID_SESSION_NO_TPI) and asd.is_tp_appid_done() and p->dsize;
 }
 
-static inline int check_ssl_appid_for_reinspect(AppId app_id)
+static inline int check_ssl_appid_for_reinspect(AppId app_id, OdpContext& odp_ctxt)
 {
     if (app_id <= SF_APPID_MAX &&
         (app_id == APP_ID_SSL ||
-        AppInfoManager::get_instance().get_app_info_flags(app_id,
-        APPINFO_FLAG_SSL_INSPECT)))
+        odp_ctxt.get_app_info_mgr().get_app_info_flags(app_id,
+            APPINFO_FLAG_SSL_INSPECT)))
         return 1;
     else
         return 0;
@@ -288,7 +288,7 @@ static inline void process_http_session(AppIdSession& asd,
             LogMessage("AppIdDbg %s HTTP response upgrade is %s\n",
                 appidDebug->get_debug_session(),field->c_str());
 
-        if (asd.ctxt->get_odp_ctxt().http2_detection_enabled)
+        if (asd.ctxt.get_odp_ctxt().http2_detection_enabled)
         {
             const std::string* rc = hsession->get_field(MISC_RESP_CODE_FID);
             if ( rc && *rc == "101" )
@@ -420,7 +420,7 @@ static inline void process_rtmp(AppIdSession& asd,
         }
     }
 
-    if ( !asd.ctxt->get_odp_ctxt().referred_appId_disabled &&
+    if ( !asd.ctxt.get_odp_ctxt().referred_appId_disabled &&
         !hsession->get_field(REQ_REFERER_FID) )
     {
         if ( ( field=attribute_data.http_request_referer(own) ) != nullptr )
@@ -465,7 +465,7 @@ static inline void process_rtmp(AppIdSession& asd,
     }
 
     if ( hsession->get_field(MISC_URL_FID) || (confidence == 100 &&
-        asd.session_packet_count > asd.ctxt->get_odp_ctxt().rtmp_max_packets) )
+        asd.session_packet_count > asd.ctxt.get_odp_ctxt().rtmp_max_packets) )
     {
         const std::string* url;
         if ( ( url = hsession->get_field(MISC_URL_FID) ) != nullptr )
@@ -474,11 +474,11 @@ static inline void process_rtmp(AppIdSession& asd,
             const char* referer = hsession->get_cfield(REQ_REFERER_FID);
             if ( ( ( http_matchers->get_appid_from_url(nullptr, url->c_str(),
                 nullptr, referer, &client_id, &service_id,
-                &payload_id, &referred_payload_app_id, 1) )
+                &payload_id, &referred_payload_app_id, true, asd.ctxt.get_odp_ctxt()) )
                 ||
                 ( http_matchers->get_appid_from_url(nullptr, url->c_str(),
                 nullptr, referer, &client_id, &service_id,
-                &payload_id, &referred_payload_app_id, 0) ) ) == 1 )
+                &payload_id, &referred_payload_app_id, false, asd.ctxt.get_odp_ctxt()) ) ) == 1 )
             {
                 // do not overwrite a previously-set client or service
                 if ( client_id <= APP_ID_NONE )
@@ -518,7 +518,7 @@ static inline void process_ssl(AppIdSession& asd,
     if (!asd.client.get_id())
         asd.set_client_appid_data(APP_ID_SSL_CLIENT, change_bits);
 
-    reinspect_ssl_appid = check_ssl_appid_for_reinspect(tmpAppId);
+    reinspect_ssl_appid = check_ssl_appid_for_reinspect(tmpAppId, asd.ctxt.get_odp_ctxt());
 
     if ((field=attribute_data.tls_host(false)) != nullptr)
     {
@@ -547,7 +547,7 @@ static inline void process_ftp_control(AppIdSession& asd,
     ThirdPartyAppIDAttributeData& attribute_data)
 {
     const string* field=0;
-    if (!asd.ctxt->get_odp_ctxt().ftp_userid_disabled &&
+    if (!asd.ctxt.get_odp_ctxt().ftp_userid_disabled &&
         (field=attribute_data.ftp_command_user()) != nullptr)
     {
         asd.client.update_user(APP_ID_FTP_CONTROL, field->c_str());
@@ -596,7 +596,7 @@ static inline void check_terminate_tp_module(AppIdSession& asd, uint16_t tpPktCo
 {
     AppIdHttpSession* hsession = asd.get_http_session();
 
-    if ((tpPktCount >= asd.ctxt->get_odp_ctxt().max_tp_flow_depth) ||
+    if ((tpPktCount >= asd.ctxt.get_odp_ctxt().max_tp_flow_depth) ||
         (asd.get_session_flags(APPID_SESSION_HTTP_SESSION | APPID_SESSION_APP_REINSPECT) ==
         (APPID_SESSION_HTTP_SESSION | APPID_SESSION_APP_REINSPECT) &&
         hsession->get_field(REQ_URI_FID) &&
@@ -634,7 +634,7 @@ bool do_tp_discovery(ThirdPartyAppIdContext& tp_appid_ctxt, AppIdSession& asd, I
     /*** Start of third-party processing. ***/
     bool isTpAppidDiscoveryDone = false;
 
-    if (p->dsize || asd.ctxt->get_odp_ctxt().tp_allow_probes)
+    if (p->dsize || asd.ctxt.get_odp_ctxt().tp_allow_probes)
     {
         //restart inspection by 3rd party
         if (!asd.tp_reinspect_by_initiator && (direction == APP_ID_FROM_INITIATOR) &&
@@ -654,7 +654,7 @@ bool do_tp_discovery(ThirdPartyAppIdContext& tp_appid_ctxt, AppIdSession& asd, I
         if (!asd.is_tp_processing_done())
         {
             if (protocol != IpProtocol::TCP || (p->packet_flags & PKT_STREAM_ORDER_OK)
-                || asd.ctxt->get_odp_ctxt().tp_allow_probes)
+                || asd.ctxt.get_odp_ctxt().tp_allow_probes)
             {
                 int tp_confidence;
                 ThirdPartyAppIDAttributeData tp_attribute_data;
@@ -693,7 +693,7 @@ bool do_tp_discovery(ThirdPartyAppIdContext& tp_appid_ctxt, AppIdSession& asd, I
 
                 if (appidDebug->is_active())
                 {
-                    const char *app_name = AppInfoManager::get_instance().get_app_name(tp_app_id);
+                    const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(tp_app_id);
                     LogMessage("AppIdDbg %s 3rd party returned %s (%d)\n",
                         appidDebug->get_debug_session(),
                         app_name ? app_name : "unknown",
@@ -712,7 +712,7 @@ bool do_tp_discovery(ThirdPartyAppIdContext& tp_appid_ctxt, AppIdSession& asd, I
                     asd.is_http2 = true;
                 }
                 // if the third-party appId must be treated as a client, do it now
-                unsigned app_info_flags = asd.app_info_mgr->get_app_info_flags(tp_app_id,
+                unsigned app_info_flags = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_flags(tp_app_id,
                     APPINFO_FLAG_TP_CLIENT | APPINFO_FLAG_IGNORE | APPINFO_FLAG_SSL_SQUELCH);
 
                 if ( app_info_flags & APPINFO_FLAG_TP_CLIENT )
@@ -725,7 +725,7 @@ bool do_tp_discovery(ThirdPartyAppIdContext& tp_appid_ctxt, AppIdSession& asd, I
                     asd.get_session_flags(APPID_SESSION_SSL_SESSION) and
                     !(asd.scan_flags & SCAN_SSL_HOST_FLAG))
                 {
-                    setSSLSquelch(p, 1, tp_app_id);
+                    setSSLSquelch(p, 1, tp_app_id, asd.ctxt.get_odp_ctxt());
                 }
 
                 if ( app_info_flags & APPINFO_FLAG_IGNORE )
@@ -824,8 +824,8 @@ bool do_tp_discovery(ThirdPartyAppIdContext& tp_appid_ctxt, AppIdSession& asd, I
                         asd.service.set_port_service_id(portAppId);
                         if (appidDebug->is_active())
                         {
-                            const char *service_name = AppInfoManager::get_instance().get_app_name(tp_app_id);
-                            const char *port_service_name = AppInfoManager::get_instance().get_app_name(asd.service.get_port_service_id());
+                            const char *service_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(tp_app_id);
+                            const char *port_service_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(asd.service.get_port_service_id());
                             LogMessage("AppIdDbg %s SSL is service %s (%d), portServiceAppId %s (%d)\n",
                                 appidDebug->get_debug_session(),
                                 service_name ? service_name : "unknown", tp_app_id,
@@ -838,7 +838,7 @@ bool do_tp_discovery(ThirdPartyAppIdContext& tp_appid_ctxt, AppIdSession& asd, I
                         tp_app_id = portAppId;
                         if (appidDebug->is_active())
                         {
-                            const char *app_name = AppInfoManager::get_instance().get_app_name(tp_app_id);
+                            const char *app_name = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_name(tp_app_id);
                             LogMessage("AppIdDbg %s SSL is %s (%d)\n", appidDebug->get_debug_session(),
                                 app_name ? app_name : "unknown", tp_app_id);
                         }

diff --git a/src/network_inspectors/appid/tp_lib_handler.cc b/src/network_inspectors/appid/tp_lib_handler.cc
index be938aacd261c3e878e341c0ef2165b61f095e1b..d3186519ee7fb275a419c24aaba7e237a919a136 100644 (file)
--- a/src/network_inspectors/appid/tp_lib_handler.cc
+++ b/src/network_inspectors/appid/tp_lib_handler.cc
@@ -117,7 +117,7 @@ ThirdPartyAppIdContext* TPLibHandler::create_tp_appid_ctxt(const AppIdConfig& co
         return nullptr;
     }
 
-    if ( (tp_appid_ctxt->api_version() != THIRD_PARTY_APP_ID_API_VERSION)
+    if ( (tp_appid_ctxt->api_version() != THIRD_PARTY_APPID_API_VERSION)
         || (tp_appid_ctxt->module_name().empty()) )
     {
         ErrorMessage("Ignoring incomplete 3rd party AppID module (%s, %u, %s)!\n",