typedef struct AppLayerProtoDetectPMSignature_ {
AppProto alproto;
+ uint8_t direction; /**< direction for midstream */
SigIntId id;
/* \todo Change this into a non-pointer */
DetectContentData *cd;
+ uint16_t pp_min_depth;
+ uint16_t pp_max_depth;
+ ProbingParserFPtr PPFunc;
struct AppLayerProtoDetectPMSignature_ *next;
} AppLayerProtoDetectPMSignature;
typedef struct AppLayerProtoDetectPMCtx_ {
- uint16_t max_len;
+ uint16_t pp_max_len;
uint16_t min_len;
MpmCtx mpm_ctx;
/***** Static Internal Calls: Protocol Retrieval *****/
/** \internal
- * \brief Handle SPM search for Signature */
-static AppProto AppLayerProtoDetectPMMatchSignature(const AppLayerProtoDetectPMSignature *s,
- AppLayerProtoDetectThreadCtx *tctx,
- uint8_t *buf, uint16_t buflen,
- uint8_t ipproto)
+ * \brief Handle SPM search for Signature
+ * \param buflen full size of the input buffer
+ * \param searchlen pattern matching portion of buffer */
+static AppProto AppLayerProtoDetectPMMatchSignature(
+ const AppLayerProtoDetectPMSignature *s,
+ AppLayerProtoDetectThreadCtx *tctx,
+ Flow *f, uint8_t direction,
+ uint8_t *buf, uint16_t buflen, uint16_t searchlen,
+ bool *rflow)
{
SCEnter();
- AppProto proto = ALPROTO_UNKNOWN;
- uint8_t *found = NULL;
- if (s->cd->offset > buflen) {
- SCLogDebug("s->co->offset (%"PRIu16") > buflen (%"PRIu16")",
- s->cd->offset, buflen);
- goto end;
+ if (s->cd->offset > searchlen) {
+ SCLogDebug("s->co->offset (%"PRIu16") > searchlen (%"PRIu16")",
+ s->cd->offset, searchlen);
+ SCReturnUInt(ALPROTO_UNKNOWN);
}
-
- if (s->cd->depth > buflen) {
- SCLogDebug("s->co->depth (%"PRIu16") > buflen (%"PRIu16")",
- s->cd->depth, buflen);
- goto end;
+ if (s->cd->depth > searchlen) {
+ SCLogDebug("s->co->depth (%"PRIu16") > searchlen (%"PRIu16")",
+ s->cd->depth, searchlen);
+ SCReturnUInt(ALPROTO_UNKNOWN);
}
uint8_t *sbuf = buf + s->cd->offset;
- uint16_t sbuflen = s->cd->depth - s->cd->offset;
+ uint16_t ssearchlen = s->cd->depth - s->cd->offset;
SCLogDebug("s->co->offset (%"PRIu16") s->cd->depth (%"PRIu16")",
s->cd->offset, s->cd->depth);
- found = SpmScan(s->cd->spm_ctx, tctx->spm_thread_ctx, sbuf, sbuflen);
- if (found != NULL)
- proto = s->alproto;
-
- end:
- SCReturnUInt(proto);
-}
-
-/** \internal
- * \brief Run Pattern Sigs against buffer
- * \param pm_results[out] AppProto array of size ALPROTO_MAX */
-static AppProto AppLayerProtoDetectPMGetProto(AppLayerProtoDetectThreadCtx *tctx,
- Flow *f,
- uint8_t *buf, uint16_t buflen,
- uint8_t direction,
- uint8_t ipproto,
- AppProto *pm_results)
-{
- SCEnter();
-
- pm_results[0] = ALPROTO_UNKNOWN;
-
- AppLayerProtoDetectPMCtx *pm_ctx;
- MpmThreadCtx *mpm_tctx;
- uint16_t pm_matches = 0;
- uint8_t cnt;
- uint16_t searchlen;
-
- if (f->protomap >= FLOW_PROTO_DEFAULT)
- return ALPROTO_UNKNOWN;
+ uint8_t *found = SpmScan(s->cd->spm_ctx, tctx->spm_thread_ctx,
+ sbuf, ssearchlen);
+ if (found == NULL) {
+ SCReturnUInt(ALPROTO_UNKNOWN);
+ }
- if (direction & STREAM_TOSERVER) {
- pm_ctx = &alpd_ctx.ctx_ipp[f->protomap].ctx_pm[0];
- mpm_tctx = &tctx->mpm_tctx[f->protomap][0];
+ SCLogDebug("matching, s->direction %s, our dir %s",
+ (s->direction & STREAM_TOSERVER) ? "toserver" : "toclient",
+ (direction & STREAM_TOSERVER) ? "toserver" : "toclient");
+ if (s->PPFunc == NULL) {
+ if ((direction & (STREAM_TOSERVER|STREAM_TOCLIENT)) == s->direction) {
+ SCLogDebug("direction is correct");
+ } else {
+ SCLogDebug("direction is wrong, rflow = true");
+ *rflow = true;
+ }
+ /* validate using Probing Parser */
} else {
- pm_ctx = &alpd_ctx.ctx_ipp[f->protomap].ctx_pm[1];
- mpm_tctx = &tctx->mpm_tctx[f->protomap][1];
+ if (s->pp_min_depth > buflen) {
+ SCLogDebug("PP can't be run yet as pp_min_depth %u > buflen %u",
+ s->pp_min_depth, buflen);
+ SCReturnInt(ALPROTO_UNKNOWN);
+ }
+
+ uint8_t rdir = 0;
+ AppProto r = s->PPFunc(f, direction, buf, buflen, &rdir);
+ if (r == s->alproto) {
+ SCLogDebug("found %s/%u, rdir %02x reverse_flow? %s",
+ AppProtoToString(r), r, rdir,
+ (rdir && direction != rdir) ? "true" : "false");
+ *rflow = (rdir && direction != rdir);
+ SCReturnUInt(s->alproto);
+ } else if (r == ALPROTO_FAILED) {
+ SCReturnUInt(ALPROTO_FAILED);
+ } else {
+ /* unknown: lets see if we will try again later */
+ if (s->pp_max_depth < buflen) {
+ SCLogDebug("depth reached and answer inconclusive: fail");
+ SCReturnUInt(ALPROTO_FAILED);
+ }
+ SCReturnUInt(ALPROTO_UNKNOWN);
+ }
}
- if (pm_ctx->mpm_ctx.pattern_cnt == 0)
- goto end;
+ SCReturnUInt(s->alproto);
+}
- searchlen = buflen;
- if (searchlen > pm_ctx->max_len)
- searchlen = pm_ctx->max_len;
+/**
+ * \retval 0 no matches
+ * \retval -1 no matches, mpm depth reached
+ */
+static inline int PMGetProtoInspect(
+ AppLayerProtoDetectThreadCtx *tctx,
+ AppLayerProtoDetectPMCtx *pm_ctx,
+ MpmThreadCtx *mpm_tctx,
+ Flow *f, uint8_t *buf, uint16_t buflen,
+ uint8_t direction, AppProto *pm_results, bool *rflow)
+{
+ int pm_matches = 0;
- uint32_t search_cnt = 0;
+ uint16_t searchlen = MIN(buflen, pm_ctx->mpm_ctx.maxdepth);
+ SCLogDebug("searchlen %u buflen %u", searchlen, buflen);
/* do the mpm search */
- search_cnt = mpm_table[pm_ctx->mpm_ctx.mpm_type].Search(&pm_ctx->mpm_ctx,
- mpm_tctx,
- &tctx->pmq,
- buf, searchlen);
- if (search_cnt == 0)
- goto end;
+ uint32_t search_cnt = mpm_table[pm_ctx->mpm_ctx.mpm_type].Search(
+ &pm_ctx->mpm_ctx, mpm_tctx, &tctx->pmq,
+ buf, searchlen);
+ if (search_cnt == 0) {
+ if (buflen >= pm_ctx->mpm_ctx.maxdepth)
+ return -1;
+ return 0;
+ }
/* alproto bit field */
uint8_t pm_results_bf[(ALPROTO_MAX / 8) + 1];
/* loop through unique pattern id's. Can't use search_cnt here,
* as that contains all matches, tctx->pmq.pattern_id_array_cnt
* contains only *unique* matches. */
- for (cnt = 0; cnt < tctx->pmq.rule_id_array_cnt; cnt++) {
+ for (uint32_t cnt = 0; cnt < tctx->pmq.rule_id_array_cnt; cnt++) {
const AppLayerProtoDetectPMSignature *s = pm_ctx->map[tctx->pmq.rule_id_array[cnt]];
while (s != NULL) {
AppProto proto = AppLayerProtoDetectPMMatchSignature(s,
- tctx, buf, searchlen, ipproto);
+ tctx, f, direction, buf, buflen, searchlen, rflow);
/* store each unique proto once */
- if (proto != ALPROTO_UNKNOWN &&
+ if (AppProtoIsValid(proto) &&
!(pm_results_bf[proto / 8] & (1 << (proto % 8))) )
{
pm_results[pm_matches++] = proto;
s = s->next;
}
}
-
- end:
+ if (pm_matches == 0 && buflen >= pm_ctx->pp_max_len) {
+ pm_matches = -2;
+ }
PmqReset(&tctx->pmq);
- if (buflen >= pm_ctx->max_len)
+ return pm_matches;
+}
+
+/** \internal
+ * \brief Run Pattern Sigs against buffer
+ * \param direction direction for the patterns
+ * \param pm_results[out] AppProto array of size ALPROTO_MAX */
+static AppProto AppLayerProtoDetectPMGetProto(
+ AppLayerProtoDetectThreadCtx *tctx,
+ Flow *f, uint8_t *buf, uint16_t buflen,
+ uint8_t direction, AppProto *pm_results, bool *rflow)
+{
+ SCEnter();
+
+ pm_results[0] = ALPROTO_UNKNOWN;
+
+ AppLayerProtoDetectPMCtx *pm_ctx;
+ MpmThreadCtx *mpm_tctx;
+ int m = -1;
+
+ if (f->protomap >= FLOW_PROTO_DEFAULT)
+ return ALPROTO_FAILED;
+
+ if (direction & STREAM_TOSERVER) {
+ pm_ctx = &alpd_ctx.ctx_ipp[f->protomap].ctx_pm[0];
+ mpm_tctx = &tctx->mpm_tctx[f->protomap][0];
+ } else {
+ pm_ctx = &alpd_ctx.ctx_ipp[f->protomap].ctx_pm[1];
+ mpm_tctx = &tctx->mpm_tctx[f->protomap][1];
+ }
+ if (likely(pm_ctx->mpm_ctx.pattern_cnt > 0)) {
+ m = PMGetProtoInspect(tctx,
+ pm_ctx, mpm_tctx,
+ f, buf, buflen, direction,
+ pm_results, rflow);
+
+ }
+ /* pattern found, yay */
+ if (m > 0) {
FLOW_SET_PM_DONE(f, direction);
- SCReturnUInt(pm_matches);
+ SCReturnUInt((uint16_t)m);
+
+ /* handle non-found in non-midstream case */
+ } else if (!stream_config.midstream) {
+ /* we can give up if mpm gave no results and its search depth
+ * was reached. */
+ if (m < 0) {
+ FLOW_SET_PM_DONE(f, direction);
+ SCReturnUInt(0);
+ } else if (m == 0) {
+ SCReturnUInt(0);
+ }
+ SCReturnUInt((uint16_t)m);
+
+ /* handle non-found in midstream case */
+ } else if (m <= 0) {
+ if (direction & STREAM_TOSERVER) {
+ pm_ctx = &alpd_ctx.ctx_ipp[f->protomap].ctx_pm[1];
+ mpm_tctx = &tctx->mpm_tctx[f->protomap][1];
+ } else {
+ pm_ctx = &alpd_ctx.ctx_ipp[f->protomap].ctx_pm[0];
+ mpm_tctx = &tctx->mpm_tctx[f->protomap][0];
+ }
+ SCLogDebug("no matches and in midstream mode, lets try the "
+ "*patterns for the other side");
+
+ int om = -1;
+ if (likely(pm_ctx->mpm_ctx.pattern_cnt > 0)) {
+ om = PMGetProtoInspect(tctx,
+ pm_ctx, mpm_tctx,
+ f, buf, buflen, direction,
+ pm_results, rflow);
+ }
+ /* found! */
+ if (om > 0) {
+ FLOW_SET_PM_DONE(f, direction);
+ SCReturnUInt((uint16_t)om);
+
+ /* both sides failed */
+ } else if (om < 0 && m && m < 0) {
+ FLOW_SET_PM_DONE(f, direction);
+ SCReturnUInt(0);
+
+ /* one side still uncertain */
+ } else if (om == 0 || m == 0) {
+ SCReturnUInt(0);
+ }
+ }
+ SCReturnUInt(0);
}
static AppLayerProtoDetectProbingParserPort *AppLayerProtoDetectGetProbingParsers(AppLayerProtoDetectProbingParser *pp,
*
*/
static AppProto AppLayerProtoDetectPPGetProto(Flow *f,
- uint8_t *buf, uint32_t buflen,
- uint8_t ipproto, uint8_t direction)
+ uint8_t *buf, uint32_t buflen,
+ uint8_t ipproto, uint8_t direction,
+ bool *reverse_flow)
{
const AppLayerProtoDetectProbingParserPort *pp_port_dp = NULL;
const AppLayerProtoDetectProbingParserPort *pp_port_sp = NULL;
}
/* run the parser(s) */
+ uint8_t rdir = 0;
pe = pe1;
while (pe != NULL) {
if ((buflen < pe->min_depth) ||
}
if (direction & STREAM_TOSERVER && pe->ProbingParserTs != NULL) {
- alproto = pe->ProbingParserTs(f, buf, buflen);
+ alproto = pe->ProbingParserTs(f, direction, buf, buflen, &rdir);
} else if (pe->ProbingParserTc != NULL) {
- alproto = pe->ProbingParserTc(f, buf, buflen);
+ alproto = pe->ProbingParserTc(f, direction, buf, buflen, &rdir);
}
if (alproto != ALPROTO_UNKNOWN && alproto != ALPROTO_FAILED)
goto end;
}
if (direction & STREAM_TOSERVER && pe->ProbingParserTs != NULL) {
- alproto = pe->ProbingParserTs(f, buf, buflen);
+ alproto = pe->ProbingParserTs(f, direction, buf, buflen, &rdir);
} else if (pe->ProbingParserTc != NULL) {
- alproto = pe->ProbingParserTc(f, buf, buflen);
+ alproto = pe->ProbingParserTc(f, direction, buf, buflen, &rdir);
}
if (alproto != ALPROTO_UNKNOWN && alproto != ALPROTO_FAILED)
goto end;
}
end:
+ if (alproto != ALPROTO_FAILED && alproto != ALPROTO_UNKNOWN &&
+ rdir == (direction & (STREAM_TOSERVER|STREAM_TOCLIENT))) {
+ SCLogDebug("PP found %u, is reverse flow", alproto);
+ *reverse_flow = true;
+ }
+
SCLogDebug("%s, mask is now %08x",
(direction & STREAM_TOSERVER) ? "toserver":"toclient", alproto_masks[0]);
SCReturnUInt(alproto);
}
static int AppLayerProtoDetectPMAddSignature(AppLayerProtoDetectPMCtx *ctx, DetectContentData *cd,
- AppProto alproto)
+ AppProto alproto, uint8_t direction,
+ ProbingParserFPtr PPFunc,
+ uint16_t pp_min_depth, uint16_t pp_max_depth)
{
SCEnter();
- int ret = 0;
- AppLayerProtoDetectPMSignature *s = SCMalloc(sizeof(*s));
+ AppLayerProtoDetectPMSignature *s = SCCalloc(1, sizeof(*s));
if (unlikely(s == NULL))
- goto error;
- memset(s, 0, sizeof(*s));
+ SCReturnInt(-1);
s->alproto = alproto;
+ s->direction = direction;
s->cd = cd;
+ s->PPFunc = PPFunc;
+ s->pp_min_depth = pp_min_depth;
+ s->pp_max_depth = pp_max_depth;
/* prepend to the list */
s->next = ctx->head;
ctx->head = s;
- goto end;
- error:
- ret = -1;
- end:
- SCReturnInt(ret);
+ SCReturnInt(0);
}
static int AppLayerProtoDetectPMRegisterPattern(uint8_t ipproto, AppProto alproto,
const char *pattern,
uint16_t depth, uint16_t offset,
uint8_t direction,
- uint8_t is_cs)
+ uint8_t is_cs,
+ ProbingParserFPtr PPFunc,
+ uint16_t pp_min_depth, uint16_t pp_max_depth)
{
SCEnter();
AppLayerProtoDetectCtxIpproto *ctx_ipp = &alpd_ctx.ctx_ipp[FlowGetProtoMapping(ipproto)];
AppLayerProtoDetectPMCtx *ctx_pm = NULL;
- DetectContentData *cd;
int ret = 0;
- cd = DetectContentParseEncloseQuotes(alpd_ctx.spm_global_thread_ctx,
- pattern);
+ DetectContentData *cd = DetectContentParseEncloseQuotes(
+ alpd_ctx.spm_global_thread_ctx, pattern);
if (cd == NULL)
goto error;
cd->depth = depth;
else
ctx_pm = (AppLayerProtoDetectPMCtx *)&ctx_ipp->ctx_pm[1];
- if (depth > ctx_pm->max_len)
- ctx_pm->max_len = depth;
+ if (pp_max_depth > ctx_pm->pp_max_len)
+ ctx_pm->pp_max_len = pp_max_depth;
if (depth < ctx_pm->min_len)
ctx_pm->min_len = depth;
/* Finally turn it into a signature and add to the ctx. */
- AppLayerProtoDetectPMAddSignature(ctx_pm, cd, alproto);
+ AppLayerProtoDetectPMAddSignature(ctx_pm, cd, alproto, direction,
+ PPFunc, pp_min_depth, pp_max_depth);
goto end;
error:
AppProto AppLayerProtoDetectGetProto(AppLayerProtoDetectThreadCtx *tctx,
Flow *f,
uint8_t *buf, uint32_t buflen,
- uint8_t ipproto, uint8_t direction)
+ uint8_t ipproto, uint8_t direction,
+ bool *reverse_flow)
{
SCEnter();
SCLogDebug("buflen %u for %s direction", buflen,
if (!FLOW_IS_PM_DONE(f, direction)) {
AppProto pm_results[ALPROTO_MAX];
uint16_t pm_matches = AppLayerProtoDetectPMGetProto(tctx, f,
- buf, buflen,
- direction,
- ipproto,
- pm_results);
+ buf, buflen, direction,
+ pm_results, reverse_flow);
if (pm_matches > 0) {
alproto = pm_results[0];
}
if (!FLOW_IS_PP_DONE(f, direction)) {
+ bool rflow = false;
alproto = AppLayerProtoDetectPPGetProto(f, buf, buflen,
- ipproto, direction);
+ ipproto, direction,
+ &rflow);
if (alproto != ALPROTO_UNKNOWN)
goto end;
+ if (rflow) {
+ *reverse_flow = true;
+ }
}
/* Look if flow can be found in expectation list */
uint8_t direction)
{
SCEnter();
- int r = 0;
- r = AppLayerProtoDetectPMRegisterPattern(ipproto, alproto,
- pattern,
- depth, offset,
- direction,
- 1 /* case-sensitive */);
+ int r = AppLayerProtoDetectPMRegisterPattern(ipproto, alproto,
+ pattern, depth, offset,
+ direction, 1 /* case-sensitive */,
+ NULL, 0, 0);
+ SCReturnInt(r);
+}
+
+int AppLayerProtoDetectPMRegisterPatternCSwPP(uint8_t ipproto, AppProto alproto,
+ const char *pattern, uint16_t depth, uint16_t offset,
+ uint8_t direction,
+ ProbingParserFPtr PPFunc,
+ uint16_t pp_min_depth, uint16_t pp_max_depth)
+{
+ SCEnter();
+ int r = AppLayerProtoDetectPMRegisterPattern(ipproto, alproto,
+ pattern, depth, offset,
+ direction, 1 /* case-sensitive */,
+ PPFunc, pp_min_depth, pp_max_depth);
SCReturnInt(r);
}
uint8_t direction)
{
SCEnter();
- int r = 0;
- r = AppLayerProtoDetectPMRegisterPattern(ipproto, alproto,
- pattern,
- depth, offset,
- direction,
- 0 /* !case-sensitive */);
+ int r = AppLayerProtoDetectPMRegisterPattern(ipproto, alproto,
+ pattern, depth, offset,
+ direction, 0 /* !case-sensitive */,
+ NULL, 0, 0);
SCReturnInt(r);
}
AppLayerProtoDetectUnittestCtxBackup();
AppLayerProtoDetectSetup();
- const char *buf;
- int r = 0;
-
- buf = "HTTP";
+ const char *buf = "HTTP";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_HTTP, buf, 4, 0, STREAM_TOCLIENT);
buf = "GET";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_HTTP, buf, 4, 0, STREAM_TOSERVER);
AppLayerProtoDetectPrepareState();
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 1) {
- printf("Failure - "
- "alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 1\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1) {
- printf("Failure - "
- "alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 1);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1);
- r = 1;
-
- end:
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
static int AppLayerProtoDetectTest02(void)
AppLayerProtoDetectUnittestCtxBackup();
AppLayerProtoDetectSetup();
- int r = 0;
-
const char *buf = "HTTP";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_HTTP, buf, 4, 0, STREAM_TOCLIENT);
buf = "ftp";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_FTP, buf, 4, 0, STREAM_TOCLIENT);
AppLayerProtoDetectPrepareState();
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map != NULL\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2);
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_FTP) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0].alproto != ALPROTO_FTP\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1]->alproto != ALPROTO_HTTP) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1].alproto != ALPROTO_HTTP\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL);
- r = 1;
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_FTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1]->alproto != ALPROTO_HTTP);
- end:
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
static int AppLayerProtoDetectTest03(void)
AppLayerProtoDetectSetup();
uint8_t l7data[] = "HTTP/1.1 200 OK\r\nServer: Apache/1.0\r\n\r\n";
- const char *buf;
- int r = 0;
- Flow f;
AppProto pm_results[ALPROTO_MAX];
- AppLayerProtoDetectThreadCtx *alpd_tctx;
-
+ memset(pm_results, 0, sizeof(pm_results));
+ Flow f;
memset(&f, 0x00, sizeof(f));
f.protomap = FlowGetProtoMapping(IPPROTO_TCP);
- memset(pm_results, 0, sizeof(pm_results));
- buf = "HTTP";
+ const char *buf = "HTTP";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_HTTP, buf, 4, 0, STREAM_TOCLIENT);
buf = "220 ";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_FTP, buf, 4, 0, STREAM_TOCLIENT);
AppLayerProtoDetectPrepareState();
/* AppLayerProtoDetectGetCtxThread() should be called post AppLayerProtoDetectPrepareState(), since
* it sets internal structures which depends on the above function. */
- alpd_tctx = AppLayerProtoDetectGetCtxThread();
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2\n");
- goto end;
- }
+ AppLayerProtoDetectThreadCtx *alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ FAIL_IF_NULL(alpd_tctx);
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map != NULL\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_FTP) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0].alproto != ALPROTO_FTP\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1]->alproto != ALPROTO_HTTP) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1].alproto != ALPROTO_HTTP\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_FTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1]->alproto != ALPROTO_HTTP);
+ bool rflow = false;
uint32_t cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data, sizeof(l7data),
+ &f, l7data, sizeof(l7data),
STREAM_TOCLIENT,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 1 && pm_results[0] != ALPROTO_HTTP) {
- printf("cnt != 1 && pm_results[0] != AlPROTO_HTTP\n");
- goto end;
- }
-
- r = 1;
+ pm_results, &rflow);
+ FAIL_IF(cnt != 1);
+ FAIL_IF(pm_results[0] != ALPROTO_HTTP);
- end:
- if (alpd_tctx != NULL)
- AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
+ AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
static int AppLayerProtoDetectTest04(void)
AppLayerProtoDetectSetup();
uint8_t l7data[] = "HTTP/1.1 200 OK\r\nServer: Apache/1.0\r\n\r\n";
- const char *buf;
- int r = 0;
Flow f;
- AppProto pm_results[ALPROTO_MAX];
- AppLayerProtoDetectThreadCtx *alpd_tctx;
-
memset(&f, 0x00, sizeof(f));
- f.protomap = FlowGetProtoMapping(IPPROTO_TCP);
-
+ AppProto pm_results[ALPROTO_MAX];
memset(pm_results, 0, sizeof(pm_results));
+ f.protomap = FlowGetProtoMapping(IPPROTO_TCP);
- buf = "200 ";
+ const char *buf = "200 ";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_HTTP, buf, 13, 0, STREAM_TOCLIENT);
AppLayerProtoDetectPrepareState();
/* AppLayerProtoDetectGetCtxThread() should be called post AppLayerProtoDetectPrepareState(), since
* it sets internal structures which depends on the above function. */
- alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ AppLayerProtoDetectThreadCtx *alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ FAIL_IF_NULL(alpd_tctx);
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map != NULL\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_HTTP) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0].alproto != ALPROTO_HTTP\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_HTTP);
+ bool rdir = false;
uint32_t cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data, sizeof(l7data),
- STREAM_TOCLIENT,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 1 && pm_results[0] != ALPROTO_HTTP) {
- printf("cnt != 1 && pm_results[0] != AlPROTO_HTTP\n");
- goto end;
- }
+ &f, l7data, sizeof(l7data), STREAM_TOCLIENT,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 1);
+ FAIL_IF(pm_results[0] != ALPROTO_HTTP);
- r = 1;
-
- end:
- if (alpd_tctx != NULL)
- AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
+ AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
static int AppLayerProtoDetectTest05(void)
AppLayerProtoDetectSetup();
uint8_t l7data[] = "HTTP/1.1 200 OK\r\nServer: Apache/1.0\r\n\r\n<HTML><BODY>Blahblah</BODY></HTML>";
- const char *buf;
- int r = 0;
- Flow f;
AppProto pm_results[ALPROTO_MAX];
- AppLayerProtoDetectThreadCtx *alpd_tctx;
-
+ memset(pm_results, 0, sizeof(pm_results));
+ Flow f;
memset(&f, 0x00, sizeof(f));
f.protomap = FlowGetProtoMapping(IPPROTO_TCP);
- memset(pm_results, 0, sizeof(pm_results));
-
- buf = "HTTP";
+ const char *buf = "HTTP";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_HTTP, buf, 4, 0, STREAM_TOCLIENT);
buf = "220 ";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_FTP, buf, 4, 0, STREAM_TOCLIENT);
AppLayerProtoDetectPrepareState();
/* AppLayerProtoDetectGetCtxThread() should be called post AppLayerProtoDetectPrepareState(), since
* it sets internal structures which depends on the above function. */
- alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ AppLayerProtoDetectThreadCtx *alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ FAIL_IF_NULL(alpd_tctx);
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map != NULL\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_FTP) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0].alproto != ALPROTO_FTP\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1]->alproto != ALPROTO_HTTP) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1].alproto != ALPROTO_HTTP\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_FTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1]->alproto != ALPROTO_HTTP);
+ bool rdir = false;
uint32_t cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data, sizeof(l7data),
- STREAM_TOCLIENT,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 1 && pm_results[0] != ALPROTO_HTTP) {
- printf("cnt != 1 && pm_results[0] != AlPROTO_HTTP\n");
- goto end;
- }
+ &f, l7data, sizeof(l7data),
+ STREAM_TOCLIENT,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 1);
+ FAIL_IF(pm_results[0] != ALPROTO_HTTP);
- r = 1;
-
- end:
- if (alpd_tctx != NULL)
- AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
+ AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
static int AppLayerProtoDetectTest06(void)
AppLayerProtoDetectSetup();
uint8_t l7data[] = "220 Welcome to the OISF FTP server\r\n";
- const char *buf;
- int r = 0;
- Flow f;
AppProto pm_results[ALPROTO_MAX];
- AppLayerProtoDetectThreadCtx *alpd_tctx;
-
+ memset(pm_results, 0, sizeof(pm_results));
+ Flow f;
memset(&f, 0x00, sizeof(f));
f.protomap = FlowGetProtoMapping(IPPROTO_TCP);
- buf = "HTTP";
+ const char *buf = "HTTP";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_HTTP, buf, 4, 0, STREAM_TOCLIENT);
buf = "220 ";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_FTP, buf, 4, 0, STREAM_TOCLIENT);
AppLayerProtoDetectPrepareState();
/* AppLayerProtoDetectGetCtxThread() should be called post AppLayerProtoDetectPrepareState(), since
* it sets internal structures which depends on the above function. */
- alpd_tctx = AppLayerProtoDetectGetCtxThread();
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2\n");
- goto end;
- }
+ AppLayerProtoDetectThreadCtx *alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ FAIL_IF_NULL(alpd_tctx);
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map != NULL\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_FTP) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0].alproto != ALPROTO_FTP\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1]->alproto != ALPROTO_HTTP) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1].alproto != ALPROTO_HTTP\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_FTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[1]->alproto != ALPROTO_HTTP);
+ bool rdir = false;
uint32_t cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data, sizeof(l7data),
- STREAM_TOCLIENT,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 1 && pm_results[0] != ALPROTO_FTP) {
- printf("cnt != 1 && pm_results[0] != AlPROTO_FTP\n");
- goto end;
- }
+ &f, l7data, sizeof(l7data), STREAM_TOCLIENT,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 1);
+ FAIL_IF(pm_results[0] != ALPROTO_FTP);
- r = 1;
-
- end:
- if (alpd_tctx != NULL)
- AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
+ AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
static int AppLayerProtoDetectTest07(void)
AppLayerProtoDetectSetup();
uint8_t l7data[] = "220 Welcome to the OISF HTTP/FTP server\r\n";
- const char *buf;
- int r = 0;
Flow f;
- AppProto pm_results[ALPROTO_MAX];
- AppLayerProtoDetectThreadCtx *alpd_tctx;
-
memset(&f, 0x00, sizeof(f));
f.protomap = FlowGetProtoMapping(IPPROTO_TCP);
-
+ AppProto pm_results[ALPROTO_MAX];
memset(pm_results, 0, sizeof(pm_results));
- buf = "HTTP";
+ const char *buf = "HTTP";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_HTTP, buf, 4, 0, STREAM_TOCLIENT);
AppLayerProtoDetectPrepareState();
/* AppLayerProtoDetectGetCtxThread() should be called post AppLayerProtoDetectPrepareState(), since
* it sets internal structures which depends on the above function. */
- alpd_tctx = AppLayerProtoDetectGetCtxThread();
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2\n");
- goto end;
- }
+ AppLayerProtoDetectThreadCtx *alpd_tctx = AppLayerProtoDetectGetCtxThread();
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map != NULL\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_HTTP) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0].alproto != ALPROTO_HTTP\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_HTTP);
+ bool rdir = false;
uint32_t cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data, sizeof(l7data),
- STREAM_TOCLIENT,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 0) {
- printf("cnt != 0\n");
- goto end;
- }
+ &f, l7data, sizeof(l7data), STREAM_TOCLIENT,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 0);
- r = 1;
-
- end:
- if (alpd_tctx != NULL)
- AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
+ AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
static int AppLayerProtoDetectTest08(void)
0x20, 0x4c, 0x4d, 0x20, 0x30, 0x2e, 0x31, 0x32,
0x00
};
- const char *buf;
- int r = 0;
- Flow f;
AppProto pm_results[ALPROTO_MAX];
- AppLayerProtoDetectThreadCtx *alpd_tctx;
-
+ memset(pm_results, 0, sizeof(pm_results));
+ Flow f;
memset(&f, 0x00, sizeof(f));
f.protomap = FlowGetProtoMapping(IPPROTO_TCP);
- memset(pm_results, 0, sizeof(pm_results));
-
- buf = "|ff|SMB";
+ const char *buf = "|ff|SMB";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_SMB, buf, 8, 4, STREAM_TOCLIENT);
AppLayerProtoDetectPrepareState();
/* AppLayerProtoDetectGetCtxThread() should be called post AppLayerProtoDetectPrepareState(), since
* it sets internal structures which depends on the above function. */
- alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ AppLayerProtoDetectThreadCtx *alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ FAIL_IF_NULL(alpd_tctx);
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map != NULL\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_SMB) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0].alproto != ALPROTO_SMB\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_SMB);
+ bool rdir = false;
uint32_t cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data, sizeof(l7data),
- STREAM_TOCLIENT,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 1 && pm_results[0] != ALPROTO_SMB) {
- printf("cnt != 1 && pm_results[0] != AlPROTO_SMB\n");
- goto end;
- }
+ &f, l7data, sizeof(l7data), STREAM_TOCLIENT,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 1);
+ FAIL_IF(pm_results[0] != ALPROTO_SMB);
- r = 1;
-
- end:
- if (alpd_tctx != NULL)
- AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
+ AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
static int AppLayerProtoDetectTest09(void)
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x02, 0x02
};
- const char *buf;
- int r = 0;
- Flow f;
AppProto pm_results[ALPROTO_MAX];
- AppLayerProtoDetectThreadCtx *alpd_tctx;
-
+ memset(pm_results, 0, sizeof(pm_results));
+ Flow f;
memset(&f, 0x00, sizeof(f));
f.protomap = FlowGetProtoMapping(IPPROTO_TCP);
- memset(pm_results, 0, sizeof(pm_results));
-
- buf = "|fe|SMB";
+ const char *buf = "|fe|SMB";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_SMB2, buf, 8, 4, STREAM_TOCLIENT);
AppLayerProtoDetectPrepareState();
/* AppLayerProtoDetectGetCtxThread() should be called post AppLayerProtoDetectPrepareState(), since
* it sets internal structures which depends on the above function. */
- alpd_tctx = AppLayerProtoDetectGetCtxThread();
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map != NULL\n");
- goto end;
- }
+ AppLayerProtoDetectThreadCtx *alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ FAIL_IF_NULL(alpd_tctx);
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_SMB2) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0].alproto != ALPROTO_SMB2\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_SMB2);
+ bool rdir = false;
uint32_t cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data, sizeof(l7data),
- STREAM_TOCLIENT,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 1 && pm_results[0] != ALPROTO_SMB2) {
- printf("cnt != 1 && pm_results[0] != AlPROTO_SMB2\n");
- goto end;
- }
-
- r = 1;
+ &f, l7data, sizeof(l7data), STREAM_TOCLIENT,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 1);
+ FAIL_IF(pm_results[0] != ALPROTO_SMB2);
- end:
- if (alpd_tctx != NULL)
- AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
+ AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
static int AppLayerProtoDetectTest10(void)
0xeb, 0x1c, 0xc9, 0x11, 0x9f, 0xe8, 0x08, 0x00,
0x2b, 0x10, 0x48, 0x60, 0x02, 0x00, 0x00, 0x00
};
- const char *buf;
- int r = 0;
- Flow f;
AppProto pm_results[ALPROTO_MAX];
- AppLayerProtoDetectThreadCtx *alpd_tctx;
-
+ memset(pm_results, 0, sizeof(pm_results));
+ Flow f;
memset(&f, 0x00, sizeof(f));
f.protomap = FlowGetProtoMapping(IPPROTO_TCP);
- memset(pm_results, 0, sizeof(pm_results));
-
- buf = "|05 00|";
+ const char *buf = "|05 00|";
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_DCERPC, buf, 4, 0, STREAM_TOCLIENT);
AppLayerProtoDetectPrepareState();
/* AppLayerProtoDetectGetCtxThread() should be called post AppLayerProtoDetectPrepareState(), since
* it sets internal structures which depends on the above function. */
- alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ AppLayerProtoDetectThreadCtx *alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ FAIL_IF_NULL(alpd_tctx);
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 2\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map != NULL\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_DCERPC) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0].alproto != ALPROTO_DCERPC\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 0);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_DCERPC);
+ bool rdir = false;
uint32_t cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data, sizeof(l7data),
- STREAM_TOCLIENT,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 1 && pm_results[0] != ALPROTO_DCERPC) {
- printf("cnt != 1 && pm_results[0] != AlPROTO_DCERPC\n");
- goto end;
- }
+ &f, l7data, sizeof(l7data), STREAM_TOCLIENT,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 1);
+ FAIL_IF(pm_results[0] != ALPROTO_DCERPC);
- r = 1;
-
- end:
- if (alpd_tctx != NULL)
- AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
+ AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
/**
uint8_t l7data[] = "CONNECT www.ssllabs.com:443 HTTP/1.0\r\n";
uint8_t l7data_resp[] = "HTTP/1.1 405 Method Not Allowed\r\n";
- int r = 0;
- Flow f;
AppProto pm_results[ALPROTO_MAX];
- AppLayerProtoDetectThreadCtx *alpd_tctx;
-
+ memset(pm_results, 0, sizeof(pm_results));
+ Flow f;
memset(&f, 0x00, sizeof(f));
f.protomap = FlowGetProtoMapping(IPPROTO_TCP);
- memset(pm_results, 0, sizeof(pm_results));
-
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_HTTP, "HTTP", 4, 0, STREAM_TOSERVER);
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_HTTP, "GET", 3, 0, STREAM_TOSERVER);
AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_HTTP, "PUT", 3, 0, STREAM_TOSERVER);
AppLayerProtoDetectPrepareState();
/* AppLayerProtoDetectGetCtxThread() should be called post AppLayerProtoDetectPrepareState(), since
* it sets internal structures which depends on the above function. */
- alpd_tctx = AppLayerProtoDetectGetCtxThread();
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 7) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 7\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map == NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map != NULL\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map != NULL\n");
- goto end;
- }
-
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[0]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[1]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[2]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[3]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[4]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[5]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[6]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_HTTP)
- {
- printf("failure 1\n");
- goto end;
- }
-
- memset(pm_results, 0, sizeof(pm_results));
+ AppLayerProtoDetectThreadCtx *alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ FAIL_IF_NULL(alpd_tctx);
+
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].max_pat_id != 7);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].max_pat_id != 1);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map == NULL);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map == NULL);
+
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[0]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[1]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[2]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[3]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[4]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[5]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[0].map[6]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_TCP].ctx_pm[1].map[0]->alproto != ALPROTO_HTTP);
+
+ bool rdir = false;
uint32_t cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data, sizeof(l7data),
- STREAM_TOSERVER,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 1 && pm_results[0] != ALPROTO_HTTP) {
- printf("l7data - cnt != 1 && pm_results[0] != AlPROTO_HTTP\n");
- goto end;
- }
+ &f, l7data, sizeof(l7data), STREAM_TOSERVER,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 1);
+ FAIL_IF(pm_results[0] != ALPROTO_HTTP);
memset(pm_results, 0, sizeof(pm_results));
cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data_resp, sizeof(l7data_resp),
- STREAM_TOCLIENT,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 1 && pm_results[0] != ALPROTO_HTTP) {
- printf("l7data_resp - cnt != 1 && pm_results[0] != AlPROTO_HTTP\n");
- goto end;
- }
+ &f, l7data_resp, sizeof(l7data_resp), STREAM_TOCLIENT,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 1);
+ FAIL_IF(pm_results[0] != ALPROTO_HTTP);
- r = 1;
-
- end:
- if (alpd_tctx != NULL)
- AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
+ AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
/**
uint8_t l7data[] = "CONNECT www.ssllabs.com:443 HTTP/1.0\r\n";
uint8_t l7data_resp[] = "HTTP/1.1 405 Method Not Allowed\r\n";
- int r = 0;
- Flow f;
AppProto pm_results[ALPROTO_MAX];
- AppLayerProtoDetectThreadCtx *alpd_tctx;
- uint32_t cnt;
+ Flow f;
memset(&f, 0x00, sizeof(f));
f.protomap = FlowGetProtoMapping(IPPROTO_TCP);
AppLayerProtoDetectPrepareState();
/* AppLayerProtoDetectGetCtxThread() should be called post AppLayerProtoDetectPrepareState(), since
* it sets internal structures which depends on the above function. */
- alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ AppLayerProtoDetectThreadCtx *alpd_tctx = AppLayerProtoDetectGetCtxThread();
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].max_pat_id != 7) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].max_pat_id != 7\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[1].max_pat_id != 1) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[1].max_pat_id != 1\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].max_pat_id != 7);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[1].max_pat_id != 1);
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[0]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[1]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[2]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[3]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[4]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[5]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[6]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[1].map[0]->alproto != ALPROTO_HTTP)
- {
- printf("failure 1\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[0]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[1]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[2]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[3]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[4]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[5]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[6]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[1].map[0]->alproto != ALPROTO_HTTP);
memset(pm_results, 0, sizeof(pm_results));
- cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data, sizeof(l7data),
- STREAM_TOSERVER,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 0) {
- printf("l7data - cnt != 0\n");
- goto end;
- }
+ bool rdir = false;
+ uint32_t cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
+ &f, l7data, sizeof(l7data), STREAM_TOSERVER,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 0);
memset(pm_results, 0, sizeof(pm_results));
cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data_resp, sizeof(l7data_resp),
- STREAM_TOCLIENT,
- IPPROTO_TCP,
- pm_results);
- if (cnt != 0) {
- printf("l7data_resp - cnt != 0\n");
- goto end;
- }
+ &f, l7data_resp, sizeof(l7data_resp), STREAM_TOCLIENT,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 0);
- r = 1;
-
- end:
- if (alpd_tctx != NULL)
- AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
+ AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
/**
uint8_t l7data[] = "CONNECT www.ssllabs.com:443 HTTP/1.0\r\n";
uint8_t l7data_resp[] = "HTTP/1.1 405 Method Not Allowed\r\n";
- int r = 0;
- Flow f;
AppProto pm_results[ALPROTO_MAX];
- AppLayerProtoDetectThreadCtx *alpd_tctx;
uint32_t cnt;
-
+ Flow f;
memset(&f, 0x00, sizeof(f));
f.protomap = FlowGetProtoMapping(IPPROTO_UDP);
AppLayerProtoDetectPrepareState();
/* AppLayerProtoDetectGetCtxThread() should be called post AppLayerProtoDetectPrepareState(), since
* it sets internal structures which depends on the above function. */
- alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ AppLayerProtoDetectThreadCtx *alpd_tctx = AppLayerProtoDetectGetCtxThread();
+ FAIL_IF_NULL(alpd_tctx);
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].max_pat_id != 7) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].max_pat_id != 7\n");
- goto end;
- }
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[1].max_pat_id != 1) {
- printf("alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[1].max_pat_id != 1\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].max_pat_id != 7);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[1].max_pat_id != 1);
- if (alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[0]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[1]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[2]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[3]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[4]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[5]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[6]->alproto != ALPROTO_HTTP ||
- alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[1].map[0]->alproto != ALPROTO_HTTP)
- {
- printf("failure 1\n");
- goto end;
- }
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[0]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[1]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[2]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[3]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[4]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[5]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[0].map[6]->alproto != ALPROTO_HTTP);
+ FAIL_IF(alpd_ctx.ctx_ipp[FLOW_PROTO_UDP].ctx_pm[1].map[0]->alproto != ALPROTO_HTTP);
memset(pm_results, 0, sizeof(pm_results));
+ bool rdir = false;
cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data, sizeof(l7data),
- STREAM_TOSERVER,
- IPPROTO_UDP,
- pm_results);
- if (cnt != 1 && pm_results[0] != ALPROTO_HTTP) {
- printf("l7data - cnt != 0\n");
- goto end;
- }
+ &f, l7data, sizeof(l7data), STREAM_TOSERVER,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 1);
+ FAIL_IF(pm_results[0] != ALPROTO_HTTP);
memset(pm_results, 0, sizeof(pm_results));
cnt = AppLayerProtoDetectPMGetProto(alpd_tctx,
- &f,
- l7data_resp, sizeof(l7data_resp),
- STREAM_TOCLIENT,
- IPPROTO_UDP,
- pm_results);
- if (cnt != 1 && pm_results[0] != ALPROTO_HTTP) {
- printf("l7data_resp - cnt != 0\n");
- goto end;
- }
+ &f, l7data_resp, sizeof(l7data_resp), STREAM_TOCLIENT,
+ pm_results, &rdir);
+ FAIL_IF(cnt != 1);
+ FAIL_IF(pm_results[0] != ALPROTO_HTTP);
- r = 1;
-
- end:
- if (alpd_tctx != NULL)
- AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
+ AppLayerProtoDetectDestroyCtxThread(alpd_tctx);
AppLayerProtoDetectDeSetup();
AppLayerProtoDetectUnittestCtxRestore();
- return r;
+ PASS;
}
typedef struct AppLayerProtoDetectPPTestDataElement_ {
return result;
}
-static uint16_t ProbingParserDummyForTesting(Flow *f,
+static uint16_t ProbingParserDummyForTesting(Flow *f, uint8_t direction,
uint8_t *input,
- uint32_t input_len)
+ uint32_t input_len, uint8_t *rdir)
{
return 0;
}
projects / thirdparty / suricata.git / commitdiff
