To reduce Packet size.
Ticket: #6938.
return -1;
}
- p->esph = (ESPHdr *)pkt;
+ (void)PacketSetESP(p, pkt);
p->payload = (uint8_t *)pkt + sizeof(ESPHdr);
p->payload_len = len - sizeof(ESPHdr);
return TM_ECODE_FAILED;
}
if (unlikely(DecodeESPPacket(tv, p, pkt, len) < 0)) {
- CLEAR_ESP_PACKET(p);
+ PacketClearL4(p);
return TM_ECODE_FAILED;
}
- SCLogDebug("ESP spi: %" PRIu32 " sequence: %" PRIu32, ESP_GET_SPI(p), ESP_GET_SEQUENCE(p));
+ SCLogDebug("ESP spi: %" PRIu32 " sequence: %" PRIu32, ESP_GET_SPI(PacketGetESP(p)),
+ ESP_GET_SEQUENCE(PacketGetESP(p)));
FlowSetupPacket(p);
FAIL_IF(p->proto != IPPROTO_ESP);
FAIL_IF(p->payload_len != sizeof(raw_esp) - ESP_HEADER_LEN);
- FAIL_IF(ESP_GET_SPI(p) != 0x7b);
- FAIL_IF(ESP_GET_SEQUENCE(p) != 0x08);
+ FAIL_IF(ESP_GET_SPI(PacketGetESP(p)) != 0x7b);
+ FAIL_IF(ESP_GET_SEQUENCE(PacketGetESP(p)) != 0x08);
SCFree(p);
FAIL_IF(p->proto != IPPROTO_ESP);
FAIL_IF(p->payload_len != sizeof(raw_esp) - ESP_HEADER_LEN);
FAIL_IF(memcmp(p->payload, raw_esp + ESP_HEADER_LEN, p->payload_len) != 0);
- FAIL_IF(ESP_GET_SPI(p) != 0x7b);
- FAIL_IF(ESP_GET_SEQUENCE(p) != 0x08);
+ FAIL_IF(ESP_GET_SPI(PacketGetESP(p)) != 0x7b);
+ FAIL_IF(ESP_GET_SEQUENCE(PacketGetESP(p)) != 0x08);
SCFree(p);
/** \brief size of the ESP header */
#define ESP_HEADER_LEN 8
-#define ESP_GET_RAW_SPI(esph) SCNtohl((esph)->spi)
-#define ESP_GET_RAW_SEQUENCE(esph) SCNtohl((esph)->sequence)
-
/** \brief Get the spi field off a packet */
-#define ESP_GET_SPI(p) ESP_GET_RAW_SPI(p->esph)
-
+#define ESP_GET_SPI(esph) SCNtohl((esph)->spi)
/** \brief Get the sequence field off a packet */
-#define ESP_GET_SEQUENCE(p) ESP_GET_RAW_SEQUENCE(p->esph)
+#define ESP_GET_SEQUENCE(esph) SCNtohl((esph)->sequence)
/** \brief ESP Header */
typedef struct ESPHdr_ {
uint32_t sequence; /** < ESP sequence number */
} __attribute__((__packed__)) ESPHdr;
-#define CLEAR_ESP_PACKET(p) \
- { \
- (p)->esph = NULL; \
- } \
- while (0)
-
void DecodeESPRegisterTests(void);
#endif /* SURICATA_DECODE_ESP_H */
PACKET_L4_UNKNOWN = 0,
PACKET_L4_SCTP,
PACKET_L4_GRE,
+ PACKET_L4_ESP,
};
struct PacketL4 {
union L4Hdrs {
SCTPHdr *sctph;
GREHdr *greh;
+ ESPHdr *esph;
} hdrs;
};
TCPHdr *tcph;
UDPHdr *udph;
- ESPHdr *esph;
ICMPV4Hdr *icmpv4h;
ICMPV6Hdr *icmpv6h;
PPPOESessionHdr *pppoesh;
return p->l4.type == PACKET_L4_GRE;
}
+static inline ESPHdr *PacketSetESP(Packet *p, const uint8_t *buf)
+{
+ DEBUG_VALIDATE_BUG_ON(p->l4.type != PACKET_L4_UNKNOWN);
+ p->l4.type = PACKET_L4_ESP;
+ p->l4.hdrs.esph = (ESPHdr *)buf;
+ return p->l4.hdrs.esph;
+}
+
+static inline const ESPHdr *PacketGetESP(const Packet *p)
+{
+ DEBUG_VALIDATE_BUG_ON(p->l4.type != PACKET_L4_ESP);
+ return p->l4.hdrs.esph;
+}
+
+static inline bool PacketIsESP(const Packet *p)
+{
+ return p->l4.type == PACKET_L4_ESP;
+}
+
/** \brief Structure to hold thread specific data for all decode modules */
typedef struct DecodeThreadVars_
{
return CmpAddrs(f_src, p_src) && CmpAddrs(f_dst, p_dst) && f->proto == p->proto &&
f->recursion_level == p->recursion_level && CmpVlanIds(f->vlan_id, p->vlan_id) &&
- f->esp.spi == ESP_GET_SPI(p) && (f->livedev == p->livedev || g_livedev_mask == 0);
+ f->esp.spi == ESP_GET_SPI(PacketGetESP(p)) &&
+ (f->livedev == p->livedev || g_livedev_mask == 0);
}
void FlowSetupPacket(Packet *p)
{
if (p->proto == IPPROTO_ICMP) {
return FlowCompareICMPv4(f, p);
- } else if (p->proto == IPPROTO_ESP) {
+ } else if (PacketIsESP(p)) {
return FlowCompareESP(f, p);
} else {
return CmpFlowPacket(f, p);
} else if (PacketIsSCTP(p)) {
f->sp = p->sp;
f->dp = p->dp;
- } else if (p->esph != NULL) {
- f->esp.spi = ESP_GET_SPI(p);
+ } else if (PacketIsESP(p)) {
+ f->esp.spi = ESP_GET_SPI(PacketGetESP(p));
} else {
/* nothing to do for this IP proto. */
SCLogDebug("no special setup for IP proto %u", p->proto);
if (p->udph != NULL) {
CLEAR_UDP_PACKET(p);
}
- if (p->esph != NULL) {
- CLEAR_ESP_PACKET(p);
- }
if (p->icmpv4h != NULL) {
CLEAR_ICMPV4_PACKET(p);
}
projects / thirdparty / suricata.git / commitdiff
