Merge pull request #1216 in SNORT/snort3 from appid_tp_done to master

Squashed commit of the following:

commit fbcbd2a12c8819ddd188da1a231d00d1d3fd668a
Author: Shravan Rangaraju <shrarang@cisco.com>
Date:   Sun May 6 15:28:42 2018 -0400

    appid: report when third party appid is done inspecting

diff --git a/src/network_inspectors/appid/appid_api.cc b/src/network_inspectors/appid/appid_api.cc
index 0c775ab4e51fa19363fed60ab13997b1270ff7f1..791c1d3c06d234496812b46d380bcad186ae8faf 100644 (file)
--- a/src/network_inspectors/appid/appid_api.cc
+++ b/src/network_inspectors/appid/appid_api.cc
@@ -197,7 +197,7 @@ bool AppIdApi::is_appid_inspecting_session(Flow& flow)
         if ( asd->common.flow_type == APPID_FLOW_TYPE_NORMAL )
         {
             if ( asd->service_disco_state != APPID_DISCO_STATE_FINISHED ||
-                 !asd->is_third_party_appid_done() ||
+                 !asd->is_tp_appid_done() ||
                  asd->get_session_flags(APPID_SESSION_HTTP_SESSION | APPID_SESSION_CONTINUE) ||
                  (asd->get_session_flags(APPID_SESSION_ENCRYPTED) &&
                   (asd->get_session_flags(APPID_SESSION_DECRYPTED) ||
@@ -246,7 +246,7 @@ bool AppIdApi::is_appid_available(Flow& flow)
         // FIXIT-M: If a third-party module is not available then this
         //          should probably check if an appId has been discovered
         //          by the local AppId module.
-        return asd->is_third_party_appid_available();
+        return asd->is_tp_appid_available();
     }
 
     return false;
@@ -397,7 +397,7 @@ uint32_t AppIdApi::produce_ha_state(Flow& flow, uint8_t* buf)
     if ( asd && ( get_flow_type(flow) == APPID_FLOW_TYPE_NORMAL ) )
     {
         appHA->flags = APPID_HA_FLAGS_APP;
-        if ( asd->is_third_party_appid_available() )
+        if ( asd->is_tp_appid_available() )
             appHA->flags |= APPID_HA_FLAGS_TP_DONE;
         if ( asd->is_service_detected() )
             appHA->flags |= APPID_HA_FLAGS_SVC_DONE;
@@ -521,7 +521,7 @@ bool AppIdApi::is_http_inspection_done(Flow& flow)
 
     if ( AppIdSession* asd = get_appid_session(flow) )
         if ( ( asd->common.flow_type == APPID_FLOW_TYPE_NORMAL ) &&
-             !asd->is_third_party_appid_done() )
+             !asd->is_tp_appid_done() )
             done = false;
 
     return done;

diff --git a/src/network_inspectors/appid/appid_session.cc b/src/network_inspectors/appid/appid_session.cc
index bf9ec13116eb1a8e7522cdc320c9f853159b778d..5a1ca69ef2a2fdf3ef11e5c42be6ed44e223c8e2 100644 (file)
--- a/src/network_inspectors/appid/appid_session.cc
+++ b/src/network_inspectors/appid/appid_session.cc
@@ -688,7 +688,7 @@ AppId AppIdSession::pick_service_app_id()
 
         if (service.get_id() > APP_ID_NONE && !deferred)
             return service.get_id();
-        if (is_third_party_appid_available())
+        if (is_tp_appid_available())
         {
             if (tp_app_id > APP_ID_NONE)
                 return tp_app_id;
@@ -725,7 +725,7 @@ AppId AppIdSession::pick_only_service_app_id()
     if (service.get_id() > APP_ID_NONE && !deferred)
         return service.get_id();
 
-    if (is_third_party_appid_available() && tp_app_id > APP_ID_NONE)
+    if (is_tp_appid_available() && tp_app_id > APP_ID_NONE)
         return tp_app_id;
     else if (deferred)
         return service.get_id();
@@ -886,7 +886,7 @@ AppIdDnsSession* AppIdSession::get_dns_session()
     return dsession;
 }
 
-bool AppIdSession::is_third_party_appid_done() const
+bool AppIdSession::is_tp_appid_done() const
 {
 #ifdef ENABLE_APPID_THIRD_PARTY
     if (config->have_tp())
@@ -906,7 +906,7 @@ bool AppIdSession::is_third_party_appid_done() const
     return true;
 }
 
-bool AppIdSession::is_third_party_appid_available() const
+bool AppIdSession::is_tp_appid_available() const
 {
 #ifdef ENABLE_APPID_THIRD_PARTY
     if (config->have_tp())

diff --git a/src/network_inspectors/appid/appid_session.h b/src/network_inspectors/appid/appid_session.h
index de7f6590f1657fb38ee0816daabc993572a7d445..cd888e7f81edc5e85e7bec7be6989e943c8ef5da 100644 (file)
--- a/src/network_inspectors/appid/appid_session.h
+++ b/src/network_inspectors/appid/appid_session.h
@@ -282,8 +282,8 @@ public:
     AppIdHttpSession* get_http_session();
     AppIdDnsSession* get_dns_session();
 
-    bool is_third_party_appid_done() const;
-    bool is_third_party_appid_available() const;
+    bool is_tp_appid_done() const;
+    bool is_tp_appid_available() const;
 
 private:
     AppIdHttpSession* hsession = nullptr;

diff --git a/src/network_inspectors/appid/client_plugins/client_discovery.cc b/src/network_inspectors/appid/client_plugins/client_discovery.cc
index bb183c3bac6726e53bb5533ea62c034b1298e97a..382c1ff46df9b13223779157e016041d1dff0c31 100644 (file)
--- a/src/network_inspectors/appid/client_plugins/client_discovery.cc
+++ b/src/network_inspectors/appid/client_plugins/client_discovery.cc
@@ -341,7 +341,7 @@ bool ClientDiscovery::do_client_discovery(AppIdSession& asd, Packet* p, AppidSes
     {
         if ( p->flow->get_session_flags() & SSNFLAG_MIDSTREAM )
             asd.client_disco_state = APPID_DISCO_STATE_FINISHED;
-        else if ( asd.is_third_party_appid_available()
+        else if ( asd.is_tp_appid_available()
             && ( asd.tp_app_id > APP_ID_NONE && asd.tp_app_id < SF_APPID_MAX ) )
         {
             //tp has positively identified appId, Dig deeper only if sourcefire
@@ -372,7 +372,7 @@ bool ClientDiscovery::do_client_discovery(AppIdSession& asd, Packet* p, AppidSes
            asd.client_disco_state == APPID_DISCO_STATE_DIRECT) &&
          asd.client_disco_state == prevRnaClientState &&
          !asd.get_session_flags(APPID_SESSION_NO_TPI)  &&
-         asd.is_third_party_appid_available() &&
+         asd.is_tp_appid_available() &&
          asd.tp_app_id > APP_ID_NONE && asd.tp_app_id < SF_APPID_MAX)
     {
         entry = asd.app_info_mgr->get_app_info_entry(asd.tp_app_id);

diff --git a/src/network_inspectors/appid/service_plugins/service_discovery.cc b/src/network_inspectors/appid/service_plugins/service_discovery.cc
index d639d91f9ca9caa17985657978ea102943054adf..a20092daa74b65bc1708e6d4dc76b8c319681343 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_discovery.cc
+++ b/src/network_inspectors/appid/service_plugins/service_discovery.cc
@@ -596,7 +596,7 @@ bool ServiceDiscovery::do_service_discovery(AppIdSession& asd, Packet* p, AppidS
                 asd.service_disco_state = APPID_DISCO_STATE_FINISHED;
             }
         }
-        else if (asd.is_third_party_appid_available())
+        else if (asd.is_tp_appid_available())
         {
             if (asd.tp_app_id > APP_ID_NONE)
             {
@@ -628,7 +628,7 @@ bool ServiceDiscovery::do_service_discovery(AppIdSession& asd, Packet* p, AppidS
     if ( asd.service_disco_state == APPID_DISCO_STATE_STATEFUL &&
          prevRnaServiceState == APPID_DISCO_STATE_STATEFUL &&
          !asd.get_session_flags(APPID_SESSION_NO_TPI) &&
-         asd.is_third_party_appid_available() &&
+         asd.is_tp_appid_available() &&
          asd.tp_app_id > APP_ID_NONE && asd.tp_app_id < SF_APPID_MAX)
     {
         AppInfoTableEntry* entry = asd.app_info_mgr->get_app_info_entry(asd.tp_app_id);

diff --git a/src/network_inspectors/appid/test/appid_mock_session.h b/src/network_inspectors/appid/test/appid_mock_session.h
index 8f654e29d4ba11a4ed85a4a8b9b08d2c80a17225..f3a0d1d5f196f67327bdd88bc0b0e932216228e3 100644 (file)
--- a/src/network_inspectors/appid/test/appid_mock_session.h
+++ b/src/network_inspectors/appid/test/appid_mock_session.h
@@ -241,12 +241,12 @@ AppIdDnsSession* AppIdSession::get_dns_session()
     return dsession;
 }
 
-bool AppIdSession::is_third_party_appid_done() const
+bool AppIdSession::is_tp_appid_done() const
 {
     return true;
 }
 
-bool AppIdSession::is_third_party_appid_available() const
+bool AppIdSession::is_tp_appid_available() const
 {
     return false;
 }

diff --git a/src/network_inspectors/appid/tp_appid_utils.cc b/src/network_inspectors/appid/tp_appid_utils.cc
index 8719a602ba0d8ed09f22295ff85029d62ec4a49a..9c7563e032972b4aa9433dab22ef3c7aa633b791 100644 (file)
--- a/src/network_inspectors/appid/tp_appid_utils.cc
+++ b/src/network_inspectors/appid/tp_appid_utils.cc
@@ -67,17 +67,10 @@ static bool contains(const vector<Type_t>& vec, const ValType_t& val)
     return false;
 }
 
-// FIXIT-L bogus placeholder for this func, need to find out what it should do
-static inline bool is_appid_done(const ThirdPartyAppIDSession* tpsession)
-{
-    UNUSED(tpsession);
-    return false;
-}
-
 static inline bool check_reinspect(const Packet* p, const AppIdSession& asd)
 {
     return p->dsize && !asd.get_session_flags(APPID_SESSION_NO_TPI) &&
-        asd.get_session_flags(APPID_SESSION_HTTP_SESSION) && is_appid_done(asd.tpsession);
+        asd.get_session_flags(APPID_SESSION_HTTP_SESSION) && asd.is_tp_appid_done();
 }
 
 static inline int check_ssl_appid_for_reinspect(AppId app_id)
@@ -629,7 +622,7 @@ bool do_discovery(AppIdSession& asd, IpProtocol protocol,
     /*** Start of third-party processing. ***/
     if ( asd.config->have_tp()
         && !asd.get_session_flags(APPID_SESSION_NO_TPI)
-        && (!is_appid_done(asd.tpsession)
+        && (!asd.is_tp_appid_done()
         || asd.get_session_flags(APPID_SESSION_APP_REINSPECT
         | APPID_SESSION_APP_REINSPECT_SSL)))
     {
@@ -756,7 +749,7 @@ bool do_discovery(AppIdSession& asd, IpProtocol protocol,
                     if (asd.payload.get_id() == APP_ID_HTTP_SSL_TUNNEL)
                         snort_app_id = APP_ID_SSL;
 
-                    if (asd.is_third_party_appid_available() && asd.tp_app_id ==
+                    if (asd.is_tp_appid_available() && asd.tp_app_id ==
                         APP_ID_HTTP
                         && !asd.get_session_flags(APPID_SESSION_APP_REINSPECT))
                     {