void update_allocations(size_t);
void update_deallocations(size_t);
+ Inspector* get_handler() {return handler;}
// return fixed size (could be an approx avg)
// this must be fixed for life of flow data instance
// FIXIT-M: RELOAD - move initialization back to AppIdConfig class constructor
AppInfoManager& AppIdConfig::app_info_mgr = AppInfoManager::get_instance();
+std::array<AppId, APP_ID_PORT_ARRAY_SIZE> AppIdConfig::tcp_port_only = {APP_ID_NONE};
+std::array<AppId, APP_ID_PORT_ARRAY_SIZE> AppIdConfig::udp_port_only = {APP_ID_NONE};
+std::array<AppId, 256> AppIdConfig::ip_protocol = {APP_ID_NONE};
+
AppIdConfig::AppIdConfig(AppIdModuleConfig* config)
: mod_config(config)
net_list_by_zone[ i ] = nullptr;
#endif
- for ( unsigned i = 0; i < 65535; i++ )
- {
- tcp_port_only[ i ] = APP_ID_NONE;
- udp_port_only[ i ] = APP_ID_NONE;
- }
-
- for ( unsigned i = 0; i < 255; i++ )
- ip_protocol[ i ] = APP_ID_NONE;
-
for ( unsigned i = 0; i < APP_ID_PORT_ARRAY_SIZE; i++ )
{
tcp_port_exclusions_src[ i ] = nullptr;
mod_config->safe_search_enabled = enabled;
}
-bool AppIdConfig::init_appid(SnortConfig* sc, AppIdInspector *ins)
+bool AppIdConfig::init_appid(SnortConfig* sc)
{
// FIXIT-M: RELOAD - Get rid of "once" flag
// Handle the if condition in AppIdConfig::init_appid
static bool once = false;
if (!once)
- {
+ {
AppIdConfig::app_info_mgr.init_appid_info_table(mod_config, sc);
HostPortCache::initialize();
HttpPatternMatchers* http_matchers = HttpPatternMatchers::get_instance();
- AppIdDiscovery::initialize_plugins(ins);
+ AppIdDiscovery::initialize_plugins();
init_length_app_cache();
LuaDetectorManager::initialize(*this, 1);
PatternServiceDetector::finalize_service_port_patterns();
AppIdConfig(AppIdModuleConfig*);
~AppIdConfig();
- bool init_appid(snort::SnortConfig*, AppIdInspector*);
+ bool init_appid(snort::SnortConfig*);
static void pterm();
void cleanup();
void show();
NetworkSet* net_list = nullptr;
std::array<NetworkSet*, MAX_ZONES> net_list_by_zone;
#endif
- std::array<AppId, APP_ID_PORT_ARRAY_SIZE> tcp_port_only; // port-only TCP services
- std::array<AppId, APP_ID_PORT_ARRAY_SIZE> udp_port_only; // port-only UDP services
- std::array<AppId, 255> ip_protocol; // non-TCP / UDP protocol services
+
+ //FIXIT-L remove static when reload is supported (once flag removed)
+ static std::array<AppId, APP_ID_PORT_ARRAY_SIZE> tcp_port_only; // port-only TCP services
+ static std::array<AppId, APP_ID_PORT_ARRAY_SIZE> udp_port_only; // port-only UDP services
+ static std::array<AppId, 256> ip_protocol; // non-TCP / UDP protocol services
+
SF_LIST client_app_args; // List of Client App arguments
// for each potential port, an sflist of PortExclusion structs
AppIdPortExclusions tcp_port_exclusions_src;
using namespace snort;
-AppIdDiscovery::AppIdDiscovery(AppIdInspector& ins)
- : inspector(ins)
+AppIdDiscovery::AppIdDiscovery()
{
tcp_patterns = new SearchTool("ac_full", true);
udp_patterns = new SearchTool("ac_full", true);
delete kv.second;
}
-void AppIdDiscovery::initialize_plugins(AppIdInspector* ins)
+void AppIdDiscovery::initialize_plugins()
{
- ServiceDiscovery::get_instance(ins);
- ClientDiscovery::get_instance(ins);
+ ServiceDiscovery::get_instance();
+ ClientDiscovery::get_instance();
}
void AppIdDiscovery::finalize_plugins()
// TMP session and that is not being freed before creating the new one below
if ( !asd || asd->common.flow_type == APPID_FLOW_TYPE_TMP )
{
- *p_asd = asd = AppIdSession::allocate_session(p, protocol, direction, inspector);
+ *p_asd = asd = AppIdSession::allocate_session(p, protocol, direction, &inspector);
if (p->flow->get_session_flags() & SSNFLAG_MIDSTREAM)
{
asd->set_session_flags(APPID_SESSION_MID);
class AppIdDiscovery
{
public:
- AppIdDiscovery(AppIdInspector& ins);
+ AppIdDiscovery();
virtual ~AppIdDiscovery();
AppIdDiscovery(const AppIdDiscovery&) = delete;
AppIdDiscovery& operator=(const AppIdDiscovery&) = delete;
- static void initialize_plugins(AppIdInspector* ins);
+ static void initialize_plugins();
static void finalize_plugins();
static void release_plugins();
static void tterm();
return &udp_detectors;
}
- AppIdInspector& get_inspector()
- { return inspector; }
-
protected:
- AppIdInspector& inspector;
AppIdDetectors tcp_detectors;
AppIdDetectors udp_detectors;
snort::SearchTool* tcp_patterns = nullptr;
my_seh = SipEventHandler::create();
my_seh->subscribe();
- active_config->init_appid(sc, this);
+ active_config->init_appid(sc);
#ifdef ENABLE_APPID_THIRD_PARTY
if (!TPLibHandler::have_tp())
#include "log/messages.h"
#include "main/snort_config.h"
+#include "managers/inspector_manager.h"
#include "profiler/profiler.h"
#include "protocols/packet.h"
#include "protocols/tcp.h"
}
AppIdSession* AppIdSession::allocate_session(const Packet* p, IpProtocol proto,
- AppidSessionDirection direction,
- AppIdInspector& inspector)
+ AppidSessionDirection direction, AppIdInspector* inspector)
{
uint16_t port = 0;
if ( ( proto == IpProtocol::TCP || proto == IpProtocol::UDP ) && ( p->ptrs.sp != p->ptrs.dp ) )
port = (direction == APP_ID_FROM_INITIATOR) ? p->ptrs.sp : p->ptrs.dp;
- AppIdSession* asd = new AppIdSession(proto, ip, port, inspector);
+ AppIdSession* asd = new AppIdSession(proto, ip, port, *inspector);
asd->flow = p->flow;
asd->stats.first_packet_second = p->pkth->ts.tv_sec;
asd->snort_protocol_id = snortId_for_unsynchronized;
AppIdSession::AppIdSession(IpProtocol proto, const SfIp* ip, uint16_t port,
AppIdInspector& inspector)
: FlowData(inspector_id, &inspector), config(inspector.get_appid_config()),
- protocol(proto), inspector(inspector)
+ protocol(proto)
{
service_ip.clear();
session_id = ++appid_flow_data_id;
AppIdSession* AppIdSession::create_future_session(const Packet* ctrlPkt, const SfIp* cliIp,
uint16_t cliPort, const SfIp* srvIp, uint16_t srvPort, IpProtocol proto,
- SnortProtocolId snort_protocol_id, int /*flags*/, AppIdInspector& inspector)
+ SnortProtocolId snort_protocol_id, int /*flags*/)
{
char src_ip[INET6_ADDRSTRLEN];
char dst_ip[INET6_ADDRSTRLEN];
assert(type != PktType::NONE);
+ AppIdInspector* inspector = (AppIdInspector*)ctrlPkt->flow->flow_data->get_handler();
+ if ((inspector == nullptr) || strcmp(inspector->get_name(), MOD_NAME))
+ inspector = (AppIdInspector*)InspectorManager::get_inspector(MOD_NAME, true);
+
// FIXIT-RC - port parameter passed in as 0 since we may not know client port, verify
- AppIdSession* asd = new AppIdSession(proto, cliIp, 0, inspector);
+ AppIdSession* asd = new AppIdSession(proto, cliIp, 0, *inspector);
asd->common.policyId = asd->config->appIdPolicyId;
if ( Stream::set_snort_protocol_id_expected(ctrlPkt, type, proto, cliIp, cliPort, srvIp,
{
set_client_appid_data(client_id, nullptr, change_bits);
set_payload_appid_data((AppId)payload_id, nullptr, change_bits);
- setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id), inspector);
+ setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id));
}
scan_flags &= ~SCAN_SSL_HOST_FLAG;
}
{
set_client_appid_data(client_id, nullptr, change_bits);
set_payload_appid_data((AppId)payload_id, nullptr, change_bits);
- setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id), inspector);
+ setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id));
}
tsession->set_tls_cname(nullptr, 0);
}
{
set_client_appid_data(client_id, nullptr, change_bits);
set_payload_appid_data((AppId)payload_id, nullptr, change_bits);
- setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id), inspector);
+ setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id));
}
tsession->set_tls_org_unit(nullptr, 0);
}
~AppIdSession() override;
static AppIdSession* allocate_session(const snort::Packet*, IpProtocol,
- AppidSessionDirection, AppIdInspector&);
+ AppidSessionDirection, AppIdInspector*);
static AppIdSession* create_future_session(const snort::Packet*, const snort::SfIp*, uint16_t,
const snort::SfIp*,
- uint16_t, IpProtocol, SnortProtocolId, int, AppIdInspector&);
-
- AppIdInspector& get_inspector() const
- { return inspector; }
+ uint16_t, IpProtocol, SnortProtocolId, int);
size_t size_of() override
{ return sizeof(*this); }
static THREAD_LOCAL uint32_t appid_flow_data_id;
AppId application_ids[APP_PROTOID_MAX];
- AppIdInspector& inspector;
bool tp_app_id_deferred = false;
bool tp_payload_app_id_deferred = false;
ClientDiscovery* ClientDiscovery::discovery_manager = nullptr;
THREAD_LOCAL ClientAppMatch* match_free_list = nullptr;
-ClientDiscovery::ClientDiscovery(AppIdInspector& ins)
- : AppIdDiscovery(ins)
+ClientDiscovery::ClientDiscovery()
{
initialize();
}
}
}
-ClientDiscovery& ClientDiscovery::get_instance(AppIdInspector* ins)
+ClientDiscovery& ClientDiscovery::get_instance()
{
if (!discovery_manager)
{
- assert(ins);
- discovery_manager = new ClientDiscovery(*ins);
+ discovery_manager = new ClientDiscovery();
}
return *discovery_manager;
{
public:
~ClientDiscovery() override;
- static ClientDiscovery& get_instance(AppIdInspector* ins = nullptr);
+ static ClientDiscovery& get_instance();
static void release_instance();
void finalize_client_plugins();
AppidSessionDirection direction, AppidChangeBits& change_bits);
private:
- ClientDiscovery(AppIdInspector& ins);
+ ClientDiscovery();
void initialize() override;
void exec_client_detectors(AppIdSession&, snort::Packet*,
AppidSessionDirection direction, AppidChangeBits& change_bits);
#include "appid_debug.h"
#include "appid_inspector.h"
#include "app_info_table.h"
+#include "managers/inspector_manager.h"
#include "protocols/packet.h"
using namespace snort;
{ APP_ID_SIP, APPINFO_FLAG_CLIENT_ADDITIONAL | APPINFO_FLAG_CLIENT_USER },
};
- handler->get_inspector().get_sip_event_handler().set_client(this);
+ SipEventHandler::set_client(this);
handler->register_detector(name, this, proto);
}
AppIdSession* fp = AppIdSession::create_future_session(
pkt, cliIp, cliPort, srvIp, srvPort, proto, app_id,
- APPID_EARLY_SESSION_FLAG_FW_RULE, handler->get_inspector());
+ APPID_EARLY_SESSION_FLAG_FW_RULE);
if ( fp )
{
AppIdSession* fp2 = AppIdSession::create_future_session(
pkt, cliIp, cliPort + 1, srvIp, srvPort + 1, proto, app_id,
- APPID_EARLY_SESSION_FLAG_FW_RULE, handler->get_inspector());
+ APPID_EARLY_SESSION_FLAG_FW_RULE);
if ( fp2 )
{
{ SIP_PORT, IpProtocol::TCP, false }
};
- // FIXIT-RC - detector instance in each packet thread is calling this
- // single sip event handler, last guy end wins, works now because it is
- // all the same but this is not right...
- // Does this still apply?
-
- handler->get_inspector().get_sip_event_handler().set_service(this);
+ SipEventHandler::set_service(this);
handler->register_detector(name, this, proto);
}
const Packet* p = sip_event.get_packet();
IpProtocol protocol = p->is_tcp() ? IpProtocol::TCP : IpProtocol::UDP;
AppidSessionDirection direction = p->is_from_client() ? APP_ID_FROM_INITIATOR : APP_ID_FROM_RESPONDER;
- asd = AppIdSession::allocate_session(p, protocol, direction,
- client->get_handler().get_inspector());
+ AppIdInspector* inspector = (AppIdInspector*) InspectorManager::get_inspector(MOD_NAME, true);
+ asd = AppIdSession::allocate_session(p, protocol, direction, inspector);
}
AppidChangeBits change_bits;
return new SipEventHandler;
}
- void set_client(SipUdpClientDetector* cd) { SipEventHandler::client = cd; }
- void set_service(SipServiceDetector* sd) { SipEventHandler::service = sd; }
-
+ static void set_client(SipUdpClientDetector* cd) { SipEventHandler::client = cd; }
+ static void set_service(SipServiceDetector* sd) { SipEventHandler::service = sd; }
+
void subscribe()
{ snort::DataBus::subscribe(SIP_EVENT_TYPE_SIP_DIALOG_KEY, this); }
// Stubs for inspectors
unsigned AppIdSession::inspector_id = 0;
AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector& inspector)
- : snort::FlowData(inspector_id, (snort::Inspector*)&inspector), inspector(inspector) { }
+ : snort::FlowData(inspector_id, (snort::Inspector*)&inspector) { }
AppIdSession::~AppIdSession() = default;
AppIdHttpSession::AppIdHttpSession(AppIdSession& asd)
: asd(asd)
uint16_t port = lua_tointeger(L, ++index);
uint8_t protocol = lua_tointeger(L, ++index);
- AppIdConfig* config = ud->get_detector()->get_handler().get_inspector().get_appid_config();
if (port == 0)
- config->ip_protocol[protocol] = appId;
+ AppIdConfig::ip_protocol[protocol] = appId;
else if (protocol == 6)
- config->tcp_port_only[port] = appId;
+ AppIdConfig::tcp_port_only[port] = appId;
else if (protocol == 17)
- config->udp_port_only[port] = appId;
+ AppIdConfig::udp_port_only[port] = appId;
AppInfoManager::get_instance().set_app_info_active(appId);
AppIdSession* fp = AppIdSession::create_future_session(lsd->ldp.pkt, &client_addr,
client_port, &server_addr, server_port, proto, snort_protocol_id,
- APPID_EARLY_SESSION_FLAG_FW_RULE, ud->get_detector()->get_handler().get_inspector());
+ APPID_EARLY_SESSION_FLAG_FW_RULE);
if (fp)
{
fp->service.set_id(service_id);
LuaDetectorManager::add_detector_flow(detector_flow);
detector_flow->asd = AppIdSession::create_future_session(lsd->ldp.pkt, &saddr, sport,
- &daddr, dport, proto, 0, 0, ud->get_handler().get_inspector());
+ &daddr, dport, proto, 0, 0);
if (!detector_flow->asd)
{
static ServiceDetector* ftp_service;
ServiceDiscovery* ServiceDiscovery::discovery_manager = nullptr;
-ServiceDiscovery::ServiceDiscovery(AppIdInspector& ins)
- : AppIdDiscovery(ins)
+ServiceDiscovery::ServiceDiscovery()
{
initialize();
}
-ServiceDiscovery& ServiceDiscovery::get_instance(AppIdInspector* ins)
+ServiceDiscovery& ServiceDiscovery::get_instance()
{
if (!discovery_manager)
{
- assert(ins);
- discovery_manager = new ServiceDiscovery(*ins);
+ discovery_manager = new ServiceDiscovery();
}
return *discovery_manager;
class ServiceDiscovery : public AppIdDiscovery
{
public:
- static ServiceDiscovery& get_instance(AppIdInspector* ins = nullptr);
+ static ServiceDiscovery& get_instance();
static void release_instance();
void finalize_service_patterns();
static int add_ftp_service_state(AppIdSession&);
void release_thread_resources();
private:
- ServiceDiscovery(AppIdInspector& ins);
+ ServiceDiscovery();
void initialize() override;
void get_next_service(const snort::Packet*, const AppidSessionDirection dir, AppIdSession&);
void get_port_based_services(IpProtocol, uint16_t port, AppIdSession&);
ftp_data_snort_protocol_id = SnortConfig::get_conf()->proto_ref->find("ftp-data");
AppIdSession* fp = AppIdSession::create_future_session(pkt, cliIp, cliPort, srvIp, srvPort,
- proto, ftp_data_snort_protocol_id, flags, handler->get_inspector());
+ proto, ftp_data_snort_protocol_id, flags);
if (fp) // initialize data session
{
dip = args.pkt->ptrs.ip_api.get_dst();
sip = args.pkt->ptrs.ip_api.get_src();
AppIdSession* pf = AppIdSession::create_future_session(args.pkt, dip, 0, sip, (uint16_t)port,
- IpProtocol::TCP, rexec_snort_protocol_id, APPID_EARLY_SESSION_FLAG_FW_RULE, handler->get_inspector());
+ IpProtocol::TCP, rexec_snort_protocol_id, APPID_EARLY_SESSION_FLAG_FW_RULE);
if (pf)
{
ServiceREXECData* tmp_rd = (ServiceREXECData*)snort_calloc(
AppIdSession* pf = AppIdSession::create_future_session(
pkt, dip, 0, sip, (uint16_t)tmp,
- (IpProtocol)ntohl((uint32_t)rd->proto), sunrpc_snort_protocol_id, 0,
- handler->get_inspector());
+ (IpProtocol)ntohl((uint32_t)rd->proto), sunrpc_snort_protocol_id, 0);
if (pf)
{
pf->add_flow_data_id((uint16_t)tmp, this);
const snort::SfIp* dip = args.pkt->ptrs.ip_api.get_dst();
const snort::SfIp* sip = args.pkt->ptrs.ip_api.get_src();
AppIdSession* pf = AppIdSession::create_future_session(args.pkt, dip, 0, sip,
- (uint16_t)port, IpProtocol::TCP, rsh_error_snort_protocol_id, APPID_EARLY_SESSION_FLAG_FW_RULE,
- handler->get_inspector());
+ (uint16_t)port, IpProtocol::TCP, rsh_error_snort_protocol_id, APPID_EARLY_SESSION_FLAG_FW_RULE);
if (pf)
{
pf->client_disco_state = APPID_DISCO_STATE_FINISHED;
const snort::SfIp* dip = args.pkt->ptrs.ip_api.get_dst();
const snort::SfIp* sip = args.pkt->ptrs.ip_api.get_src();
AppIdSession* pf = AppIdSession::create_future_session(args.pkt, dip, 0, sip,
- args.pkt->ptrs.sp, args.asd.protocol, snmp_snort_protocol_id, 0, handler->get_inspector());
+ args.pkt->ptrs.sp, args.asd.protocol, snmp_snort_protocol_id, 0);
if (pf)
{
tmp_sd = (ServiceSNMPData*)snort_calloc(sizeof(ServiceSNMPData));
ssl_patterns_free(&service_ssl_config.DetectorSSLCnamePatternList);
}
-bool setSSLSquelch(Packet* p, int type, AppId appId, AppIdInspector& inspector)
+bool setSSLSquelch(Packet* p, int type, AppId appId)
{
if (!AppInfoManager::get_instance().get_app_info_flags(appId, APPINFO_FLAG_SSL_SQUELCH))
return false;
// FIXIT-H: Passing appId to create_future_session() is incorrect. We
// need to pass the snort_protocol_id associated with appId.
AppIdSession* asd = AppIdSession::create_future_session(
- p, sip, 0, dip, p->ptrs.dp, IpProtocol::TCP, appId, 0, inspector);
+ p, sip, 0, dip, p->ptrs.dp, IpProtocol::TCP, appId, 0);
if ( asd )
{
int ssl_add_cert_pattern(uint8_t*, size_t, uint8_t, AppId);
int ssl_add_cname_pattern(uint8_t*, size_t, uint8_t, AppId);
void ssl_detector_free_patterns();
-bool setSSLSquelch(snort::Packet*, int type, AppId, AppIdInspector& inspector);
+bool setSSLSquelch(snort::Packet*, int type, AppId);
#endif
dip = args.pkt->ptrs.ip_api.get_dst();
sip = args.pkt->ptrs.ip_api.get_src();
pf = AppIdSession::create_future_session(args.pkt, dip, 0, sip,
- args.pkt->ptrs.sp, args.asd.protocol, tftp_snort_protocol_id, APPID_EARLY_SESSION_FLAG_FW_RULE,
- handler->get_inspector());
+ args.pkt->ptrs.sp, args.asd.protocol, tftp_snort_protocol_id, APPID_EARLY_SESSION_FLAG_FW_RULE);
if (pf)
{
data_add(*pf, tmp_td, &snort_free);
};
AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector& inspector)
- : FlowData(0), inspector(inspector) { }
+ : FlowData(0) { }
AppIdSession::~AppIdSession() = default;
// Utility functions
void AppIdSession::examine_ssl_metadata(Packet*, AppidChangeBits&) {}
void AppIdSession::update_encrypted_app_id(AppId) {}
AppIdSession* AppIdSession::allocate_session(const Packet*, IpProtocol,
- AppidSessionDirection, AppIdInspector&)
+ AppidSessionDirection, AppIdInspector*)
{
return nullptr;
}
ServiceDetector*, ServiceDiscoveryState*) { return 0; }
int ServiceDiscovery::add_service_port(AppIdDetector*,
const ServiceDetectorPort&) { return APPID_EINVALID; }
-ServiceDiscovery::ServiceDiscovery(AppIdInspector& ins)
- : AppIdDiscovery(ins) {}
+ServiceDiscovery::ServiceDiscovery() {}
void ServiceDiscovery::release_instance() {}
void ServiceDiscovery::release_thread_resources() {}
static AppIdModule* s_app_module = nullptr;
static AppIdInspector* s_ins = nullptr;
static ServiceDiscovery* s_discovery_manager = nullptr;
-ServiceDiscovery& ServiceDiscovery::get_instance(AppIdInspector*)
+ServiceDiscovery& ServiceDiscovery::get_instance()
{
if (!s_discovery_manager)
- s_discovery_manager = new ServiceDiscovery(*s_ins);
+ s_discovery_manager = new ServiceDiscovery();
return *s_discovery_manager;
}
// Stubs for ClientDiscovery
-ClientDiscovery::ClientDiscovery(AppIdInspector& ins)
- : AppIdDiscovery(ins) {}
+ClientDiscovery::ClientDiscovery(){}
ClientDiscovery::~ClientDiscovery() {}
void ClientDiscovery::initialize() {}
void ClientDiscovery::finalize_client_plugins() {}
void ClientDiscovery::release_instance() {}
void ClientDiscovery::release_thread_resources() {}
static ClientDiscovery* c_discovery_manager = nullptr;
-ClientDiscovery& ClientDiscovery::get_instance(AppIdInspector*)
+ClientDiscovery& ClientDiscovery::get_instance()
{
if (!c_discovery_manager)
- c_discovery_manager = new ClientDiscovery(*s_ins);
+ c_discovery_manager = new ClientDiscovery();
return *c_discovery_manager;
}
bool ClientDiscovery::do_client_discovery(AppIdSession&, Packet*,
// AppIdSession mock functions
AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector& inspector)
- : FlowData(inspector_id, &inspector), inspector(inspector)
+ : FlowData(inspector_id, &inspector)
{
}
};
AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector& inspector)
- : FlowData(inspector_id, &inspector), inspector(inspector)
+ : FlowData(inspector_id, &inspector)
{
common.flow_type = APPID_FLOW_TYPE_NORMAL;
service_port = APPID_UT_SERVICE_PORT;
void AppIdDebug::activate(const Flow*, const AppIdSession*, bool) { active = true; }
AppIdSession::AppIdSession(IpProtocol, const SfIp*, uint16_t, AppIdInspector& inspector)
- : FlowData(0), inspector(inspector) {}
+ : FlowData(0) {}
AppIdSession::~AppIdSession() = default;
-AppIdDiscovery::AppIdDiscovery(AppIdInspector& ins) : inspector(ins) {}
+AppIdDiscovery::AppIdDiscovery() {}
AppIdDiscovery::~AppIdDiscovery() {}
void AppIdDiscovery::register_detector(const std::string&, AppIdDetector*, IpProtocol) {}
void AppIdDiscovery::add_pattern_data(AppIdDetector*, SearchTool*, int, const uint8_t* const,
ServiceDetector*, ServiceDiscoveryState*) { return 0; }
int ServiceDiscovery::add_service_port(AppIdDetector*,
const ServiceDetectorPort&) { return APPID_EINVALID; }
-ServiceDiscovery::ServiceDiscovery(AppIdInspector& ins)
- : AppIdDiscovery(ins) {}
+ServiceDiscovery::ServiceDiscovery() {}
-ServiceDiscovery& ServiceDiscovery::get_instance(AppIdInspector* ins)
+ServiceDiscovery& ServiceDiscovery::get_instance()
{
- static ServiceDiscovery discovery_manager(*ins);
+ static ServiceDiscovery discovery_manager;
return discovery_manager;
}
TEST(service_state_tests, select_detector_by_brute_force)
{
ServiceDiscoveryState sds;
- AppIdInspector ins;
- ServiceDiscovery::get_instance(&ins);
+ ServiceDiscovery::get_instance();
// Testing end of brute-force walk for supported and unsupported protocols
test_log[0] = '\0';
AppIdInspector inspector;
AppIdSession asd(IpProtocol::PROTO_NOT_SET, nullptr, 0, inspector);
SfIp client_ip;
- AppIdInspector ins;
- ServiceDiscovery::get_instance(&ins);
+ ServiceDiscovery::get_instance();
// Testing 3+ failures to exceed STATE_ID_NEEDED_DUPE_DETRACT_COUNT with valid_count = 0
client_ip.set("1.2.3.4");
AppIdInspector inspector;
AppIdSession asd(IpProtocol::PROTO_NOT_SET, nullptr, 0, inspector);
SfIp client_ip;
- AppIdInspector ins;
- ServiceDiscovery::get_instance(&ins);
+ ServiceDiscovery::get_instance();
// Testing 3+ failures to exceed STATE_ID_NEEDED_DUPE_DETRACT_COUNT with valid_count > 1
client_ip.set("1.2.3.4");
asd.get_session_flags(APPID_SESSION_SSL_SESSION) and
!(asd.scan_flags & SCAN_SSL_HOST_FLAG))
{
- setSSLSquelch(p, 1, tp_app_id, asd.get_inspector());
+ setSSLSquelch(p, 1, tp_app_id);
}
if ( app_info_flags & APPINFO_FLAG_IGNORE )
projects / thirdparty / snort3.git / commitdiff
