private:
bool add_deleted_comment_to_table(std::string table_name, std::string option);
bool add_deleted_comment_to_defaults(std::string option);
- bool add_option_to_all(std::string option, const bool val);
- bool add_option_to_all(std::string option, const int val);
+ bool add_option_to_all(std::string option, const bool val, bool co_only);
+ bool add_option_to_all(std::string option, const int val, bool co_only);
bool add_option_to_type(std::string type, std::string option, std::string value);
bool add_option_to_type(std::string type, std::string option);
- bool parse_int_and_add_to_all(std::string opt_name, std::istringstream& stream);
+ bool parse_int_and_add_to_all(std::string opt_name, std::istringstream& stream, bool co_only);
bool parse_string_and_add_to_type(std::string type, std::string opt_name,
std::istringstream& stream);
};
return tmpval;
}
-bool Dcerpc::add_option_to_all(std::string option, const bool val)
+bool Dcerpc::add_option_to_all(std::string option, const bool val, bool co_only)
{
bool tmpval = true;
for (auto type : transport)
{
+ if (co_only && (type.compare("udp") == 0))
+ continue;
tmpval = add_option_to_table(table_api, "dce_" + type, option, val);
for (int i=0; i < DcerpcServer::get_binding_id(); i++)
{
return tmpval;
}
-bool Dcerpc::add_option_to_all(std::string option, const int val)
+bool Dcerpc::add_option_to_all(std::string option, const int val, bool co_only)
{
bool tmpval = true;
for (auto type : transport)
{
+ if (co_only && (type.compare("udp") == 0))
+ continue;
tmpval = add_option_to_table(table_api, "dce_" + type, option, val);
for (int i=0; i < DcerpcServer::get_binding_id(); i++)
{
return tmpval;
}
-bool Dcerpc::parse_int_and_add_to_all(std::string opt_name, std::istringstream& stream)
+bool Dcerpc::parse_int_and_add_to_all(std::string opt_name, std::istringstream& stream, bool
+ co_only)
{
int val;
if (stream >> val)
{
- return add_option_to_all(opt_name, val);
+ return add_option_to_all(opt_name, val, co_only);
}
return false;
tmpval = eat_option(data_stream);
}
else if (!keyword.compare("disable_defrag"))
- tmpval = add_option_to_all("disable_defrag", true);
+ tmpval = add_option_to_all("disable_defrag", true, false);
else if (!keyword.compare("max_frag_len"))
- tmpval = parse_int_and_add_to_all("max_frag_len", data_stream);
+ tmpval = parse_int_and_add_to_all("max_frag_len", data_stream, false);
else if (!keyword.compare("events"))
{
}
}
else if (!keyword.compare("reassemble_threshold"))
- tmpval = parse_int_and_add_to_all("reassemble_threshold", data_stream);
+ tmpval = parse_int_and_add_to_all("reassemble_threshold", data_stream, true);
else if (!keyword.compare("disabled"))
tmpval = add_deleted_comment_to_defaults("disabled");
DCE_DETECT_LIST_STATE__END,
};
-std::string transport[2] = { "smb", "tcp" };
+std::string transport[3] = { "smb", "tcp", "udp" };
std::map <std::string, std::vector<uint16_t> > default_ports
{
{ "smb", { 139, 445 }
},
{ "tcp", { 135 }
+ },
+ { "udp", { 135 }
}
};
{ "smb", { 1025 }
},
{ "tcp", { 1026 }
+ },
+ { "udp", { 1027 }
}
};
table_api.close_table();
for (auto type : transport)
{
+ if (type.compare("udp") == 0)
+ continue;
tmpval = add_option_to_table(table_api,table_name[type], "reassemble_threshold",
std::stoi(val)) && tmpval;
}
return true;
}
-bool DcerpcServer::add_option_to_all_transports(std::string option, std::string value)
+bool DcerpcServer::add_option_to_transports(std::string option, std::string value, bool co_only)
{
bool retval = true;
for (auto type: transport)
{
+ if (co_only && (type.compare("udp") == 0))
+ continue;
table_api.open_table(table_name[type]);
retval = table_api.add_option(option, value) && retval;
table_api.close_table();
Binder bind_tcp(table_api);
Binder bind_smb(table_api);
+ Binder bind_udp(table_api);
std::map<std::string, Binder*> bind;
bind["smb"] = &bind_smb;
bind["tcp"] = &bind_tcp;
+ bind["udp"] = &bind_udp;
for (auto type : transport)
{
- bind[type]->set_when_proto("tcp"); // FIXIT-M once dce_udp is ported
+ bind[type]->set_when_proto("tcp");
bind[type]->set_use_type("dce_" + type);
}
+ bind["udp"]->set_when_proto("udp");
if (!(data_stream >> keyword))
return false;
if (policy.back() == ',')
policy.pop_back();
- tmpval = add_option_to_all_transports("policy", policy);
+ tmpval = add_option_to_transports("policy", policy, true);
}
else if (!keyword.compare("detect"))
{
{
namespace dce
{
-extern std::string transport[2];
+extern std::string transport[3];
class DcerpcServer : public ConversionState
{
bool init_new_tables(bool is_default);
bool parse_nets(std::istringstream& data_stream, std::map<std::string,
Binder*> bind);
- bool add_option_to_all_transports(std::string option, std::string value);
+ bool add_option_to_transports(std::string option, std::string value, bool co_only);
std::map<std::string, bool> detect_ports_set;
std::map<std::string, bool> autodetect_ports_set;
std::map<std::string, std::string> table_name;
projects / thirdparty / snort3.git / commitdiff
