]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
Pull request #3289: http_inspect: remove feature to disable raw detection upon flow...
authorTom Peters (thopeter) <thopeter@cisco.com>
Fri, 25 Feb 2022 16:32:26 +0000 (16:32 +0000)
committerTom Peters (thopeter) <thopeter@cisco.com>
Fri, 25 Feb 2022 16:32:26 +0000 (16:32 +0000)
Merge in SNORT/snort3 from ~THOPETER/snort3:nhttp162 to master

Squashed commit of the following:

commit 0cdbe45898e0b4302bdf0a012067c591f3a9ba83
Author: Tom Peters <thopeter@cisco.com>
Date:   Wed Feb 2 15:38:52 2022 -0500

    http_inspect: remove feature to disable raw detection upon flow depth

src/service_inspectors/http_inspect/http_enum.h
src/service_inspectors/http_inspect/http_flow_data.cc
src/service_inspectors/http_inspect/http_flow_data.h
src/service_inspectors/http_inspect/http_inspect.cc
src/service_inspectors/http_inspect/http_msg_section.cc
src/service_inspectors/http_inspect/http_stream_splitter_scan.cc

index beb11bc039d5a096392f79de725b547ff733b3b4..054ad68a8c6b84a3af6eff07043e17aa85bcc020 100755 (executable)
@@ -53,8 +53,6 @@ enum SectionType { SEC_DISCARD = -19, SEC_ABORT = -18, SEC__NOT_COMPUTE=-14, SEC
     SEC_REQUEST = 2, SEC_STATUS, SEC_HEADER, SEC_BODY_CL, SEC_BODY_CHUNK, SEC_TRAILER,
     SEC_BODY_OLD, SEC_BODY_H2 };
 
-enum DetectionStatus { DET_REACTIVATING = 1, DET_ON, DET_DEACTIVATING, DET_OFF };
-
 // HTTP rule options.
 // Lower portion is message buffers available to clients.
 // That part must remain synchronized with HttpApi::classic_buffer_names[]
index c5b98df68bf2685e1c3a7032ebffa7b7a5e47b85..9b93710537c1933210004b23dfaf2ddcb4428249 100644 (file)
@@ -158,7 +158,6 @@ void HttpFlowData::half_reset(SourceId source_id)
     file_depth_remaining[source_id] = STAT_NOT_PRESENT;
     detect_depth_remaining[source_id] = STAT_NOT_PRESENT;
     publish_depth_remaining[source_id] = STAT_NOT_PRESENT;
-    detection_status[source_id] = DET_REACTIVATING;
 
     compression[source_id] = CMP_NONE;
     gzip_state[source_id] = GZIP_TBD;
@@ -212,7 +211,6 @@ void HttpFlowData::trailer_prep(SourceId source_id)
         delete compress_stream[source_id];
         compress_stream[source_id] = nullptr;
     }
-    detection_status[source_id] = DET_REACTIVATING;
 }
 
 void HttpFlowData::garbage_collect()
index 2dbea4dbeb48fb9572afc8c928783a28d1c3d5ce..1a5d21d85ed6d5006be27be9bc82bb7721d713a6 100644 (file)
@@ -151,7 +151,6 @@ private:
     int64_t data_length[2] = { HttpCommon::STAT_NOT_PRESENT, HttpCommon::STAT_NOT_PRESENT };
     uint32_t section_size_target[2] = { 0, 0 };
     HttpEnums::CompressId compression[2] = { HttpEnums::CMP_NONE, HttpEnums::CMP_NONE };
-    HttpEnums::DetectionStatus detection_status[2] = { HttpEnums::DET_ON, HttpEnums::DET_ON };
     bool stretch_section_to_packet[2] = { false, false };
     bool accelerated_blocking[2] = { false, false };
 
index fbb373d333690dbb88f196a42ac1e608786e2b6a..51c78e091956a6075c79ae7ce34b7027f32fc93b 100755 (executable)
@@ -682,23 +682,6 @@ void HttpInspect::clear(Packet* p)
     current_section->clear();
     HttpTransaction* current_transaction = current_section->get_transaction();
 
-    const SourceId source_id = current_section->get_source_id();
-
-    // FIXIT-M This check may not apply to the transaction attached to the packet
-    // in case of offload.
-    if (session_data->detection_status[source_id] == DET_DEACTIVATING)
-    {
-        if (source_id == SRC_CLIENT)
-        {
-            p->flow->set_to_server_detection(false);
-        }
-        else
-        {
-            p->flow->set_to_client_detection(false);
-        }
-        session_data->detection_status[source_id] = DET_OFF;
-    }
-
     current_transaction->garbage_collect();
     session_data->garbage_collect();
 
index 486539b8ba3e99324055155e8734c164f03c212a..b12cbfff7a05f78a4a8ce6938f74a66d10c7f935 100644 (file)
@@ -92,13 +92,6 @@ void HttpMsgSection::update_depth() const
     const int64_t& detect_depth_remaining = session_data->detect_depth_remaining[source_id];
     const int32_t& publish_depth_remaining = session_data->publish_depth_remaining[source_id];
 
-    if ((detect_depth_remaining <= 0) &&
-        (session_data->detection_status[source_id] == DET_ON) &&
-        !session_data->for_http2)
-    {
-        session_data->detection_status[source_id] = DET_DEACTIVATING;
-    }
-
     const unsigned target_size = (session_data->compression[source_id] == CMP_NONE) ?
         SnortConfig::get_conf()->max_pdu : GZIP_BLOCK_SIZE;
 
index 422e635773c31e57f779e15c9bdaedc7c3a3dfc4..21ace0227d60c5499b038e17cfd3dea8de0b102d 100644 (file)
@@ -220,19 +220,6 @@ StreamSplitter::Status HttpStreamSplitter::scan(Packet* pkt, const uint8_t* data
 
     HttpModule::increment_peg_counts(PEG_SCAN);
 
-    if (session_data->detection_status[source_id] == DET_REACTIVATING)
-    {
-        if (source_id == SRC_CLIENT)
-        {
-            flow->set_to_server_detection(true);
-        }
-        else
-        {
-            flow->set_to_client_detection(true);
-        }
-        session_data->detection_status[source_id] = DET_ON;
-    }
-
     // Check for 0.9 response message
     if ((type == SEC_STATUS) &&
         (session_data->expected_trans_num[SRC_SERVER] == session_data->zero_nine_expected))