Squashed commit of the following:
commit
544e89030053a04dabdda61e1450eb3b45e8fbf0
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Jun 8 00:06:18 2018 -0400
appid: fix broken appid_api_test.cc
commit
ed4b625f846006702c31afc768fd4892ad75dbbb
Author: Silviu Minut <sminut@cisco.com>
Date: Thu May 31 15:46:37 2018 -0400
appid: port appid unknown fixes from snort2
appid: attempt to fix bug when payload is set to UNKNOWN too early, even though navl would get it on the next packet.
appid: make the code compatible with the latest version of snort2.
{
if ( AppIdSession* asd = get_appid_session(flow) )
{
- if (asd->get_session_flags(APPID_SESSION_NO_TPI))
- return true;
- // FIXIT-M: If a third-party module is not available then this
- // should probably check if an appId has been discovered
- // by the local AppId module.
- return asd->is_tp_appid_available();
- }
+ return ( (asd->service.get_id() != APP_ID_NONE ||
+ asd->payload.get_id() != APP_ID_NONE) &&
+ (asd->is_tp_appid_available() ||
+ asd->get_session_flags(APPID_SESSION_NO_TPI)) );
+ }
return false;
}
AppidSessionDirection direction = APP_ID_FROM_INITIATOR;
AppIdSession* asd = (AppIdSession*)p->flow->get_flow_data(AppIdSession::inspector_id);
- if (!do_pre_discovery(p, &asd, inspector, protocol, direction)) return;
+ if ( !do_pre_discovery(p, &asd, inspector, protocol, direction) ) return;
bool is_discovery_done = do_discovery(p, *asd, protocol, direction);
if (asd.tpsession)
asd.tpsession->reset();
#endif
+ if ( asd.payload.get_id() == APP_ID_NONE)
+ asd.payload.set_id(APP_ID_UNKNOWN);
}
}
}
}
service_disco_state = APPID_DISCO_STATE_FINISHED;
+
+ if ( (is_tp_appid_available() || get_session_flags(APPID_SESSION_NO_TPI) )
+ and payload.get_id() == APP_ID_NONE )
+ payload.set_id(APP_ID_UNKNOWN);
+
set_session_flags(APPID_SESSION_SERVICE_DETECTED);
clear_session_flags(APPID_SESSION_CONTINUE);
}
{
#ifdef ENABLE_APPID_THIRD_PARTY
if ( TPLibHandler::have_tp() &&
- !get_session_flags(APPID_SESSION_NO_TPI) &&
- (!is_tp_appid_done() ||
- get_session_flags(APPID_SESSION_APP_REINSPECT | APPID_SESSION_APP_REINSPECT_SSL)))
+ !get_session_flags(APPID_SESSION_NO_TPI) &&
+ (!is_tp_appid_done() ||
+ get_session_flags(APPID_SESSION_APP_REINSPECT | APPID_SESSION_APP_REINSPECT_SSL)))
return false;
#endif
}
#endif
- return false;
+ return true;
}
{
asd.set_session_flags(APPID_SESSION_SERVICE_DETECTED);
asd.service_disco_state = APPID_DISCO_STATE_FINISHED;
+
+ if ( (asd.is_tp_appid_available() ||
+ asd.get_session_flags(APPID_SESSION_NO_TPI))
+ && asd.payload.get_id() == APP_ID_NONE )
+ asd.payload.set_id(APP_ID_UNKNOWN);
}
}
else if (asd.is_tp_appid_available())
//to stop executing validator after service has been detected by RNA.
if (asd.get_session_flags(APPID_SESSION_SERVICE_DETECTED |
APPID_SESSION_CONTINUE) == APPID_SESSION_SERVICE_DETECTED)
+ {
asd.service_disco_state = APPID_DISCO_STATE_FINISHED;
+ if ( (asd.is_tp_appid_available() ||
+ asd.get_session_flags(APPID_SESSION_NO_TPI)) &&
+ asd.payload.get_id() == APP_ID_NONE )
+ {
+ asd.payload.set_id(APP_ID_UNKNOWN);
+ }
+ }
AppIdDnsSession* dsession = asd.get_dns_session();
if (asd.service.get_id() == APP_ID_DNS && asd.config->mod_config->dns_host_reporting
{
bool val;
val = appid_api.is_appid_available(*flow);
- CHECK_FALSE(val);
+ CHECK_TRUE(val);
mock_session->set_session_flags(APPID_SESSION_NO_TPI);
val = appid_api.is_appid_available(*flow);
CHECK_TRUE(val);
bool AppIdSession::is_tp_appid_available() const
{
- return false;
+ return true;
}
#endif
{
if (asd.get_tp_app_id() == APP_ID_NONE)
asd.set_tp_app_id(APP_ID_UNKNOWN);
- if (asd.payload.get_id() == APP_ID_NONE)
+
+ if ( asd.service_disco_state == APPID_DISCO_STATE_FINISHED && asd.payload.get_id() == APP_ID_NONE )
asd.payload.set_id(APP_ID_UNKNOWN);
if (asd.tpsession)
Packet* p, AppidSessionDirection& direction)
{
if ( !TPLibHandler::have_tp() )
- return true;
+ return true;
AppId tp_app_id = asd.get_tp_app_id();
projects / thirdparty / snort3.git / commitdiff
