APPINFO_FLAG_DEFER = (1<<7),
APPINFO_FLAG_IGNORE = (1<<8),
- APPINFO_FLAG_SSL_SQUELCH = (1<<9),
- APPINFO_FLAG_PERSISTENT = (1<<10),
- APPINFO_FLAG_TP_CLIENT = (1<<11),
- APPINFO_FLAG_DEFER_PAYLOAD = (1<<12),
- APPINFO_FLAG_CLIENT_DETECTOR_CALLBACK = (1<<13),
- APPINFO_FLAG_SERVICE_DETECTOR_CALLBACK = (1<<14)
+ APPINFO_FLAG_PERSISTENT = (1<<9),
+ APPINFO_FLAG_TP_CLIENT = (1<<10),
+ APPINFO_FLAG_DEFER_PAYLOAD = (1<<11),
+ APPINFO_FLAG_CLIENT_DETECTOR_CALLBACK = (1<<12),
+ APPINFO_FLAG_SERVICE_DETECTOR_CALLBACK = (1<<13)
};
class AppInfoTableEntry
if (tmp_snort_protocol_id != snort_protocol_id)
{
snort_protocol_id = tmp_snort_protocol_id;
- p->flow->ssn_state.snort_protocol_id = tmp_snort_protocol_id;
+ Stream::set_snort_protocol_id(p->flow, tmp_snort_protocol_id);
}
}
void AppIdSession::examine_ssl_metadata(Packet* p, AppidChangeBits& change_bits)
{
- int ret;
AppId client_id = 0;
AppId payload_id = 0;
const char* tls_str = tsession->get_tls_host();
if ((scan_flags & SCAN_SSL_HOST_FLAG) and tls_str)
{
size_t size = strlen(tls_str);
- if ((ret =
- ctxt.get_odp_ctxt().get_ssl_matchers().scan_hostname((const uint8_t*)tls_str, size,
- client_id, payload_id)))
+ if (ctxt.get_odp_ctxt().get_ssl_matchers().scan_hostname((const uint8_t*)tls_str, size,
+ client_id, payload_id))
{
if (client.get_id() == APP_ID_NONE or client.get_id() == APP_ID_SSL_CLIENT)
set_client_appid_data(client_id, change_bits);
set_payload_appid_data(payload_id, change_bits);
- setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id), ctxt.get_odp_ctxt());
}
scan_flags &= ~SCAN_SSL_HOST_FLAG;
}
if ((scan_flags & SCAN_SSL_CERTIFICATE_FLAG) and (tls_str = tsession->get_tls_cname()))
{
size_t size = strlen(tls_str);
- if ((ret = ctxt.get_odp_ctxt().get_ssl_matchers().scan_cname((const uint8_t*)tls_str, size,
- client_id, payload_id)))
+ if (ctxt.get_odp_ctxt().get_ssl_matchers().scan_cname((const uint8_t*)tls_str, size,
+ client_id, payload_id))
{
if (client.get_id() == APP_ID_NONE or client.get_id() == APP_ID_SSL_CLIENT)
set_client_appid_data(client_id, change_bits);
set_payload_appid_data(payload_id, change_bits);
- setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id), ctxt.get_odp_ctxt());
}
scan_flags &= ~SCAN_SSL_CERTIFICATE_FLAG;
}
if ((tls_str = tsession->get_tls_org_unit()))
{
size_t size = strlen(tls_str);
- if ((ret = ctxt.get_odp_ctxt().get_ssl_matchers().scan_cname((const uint8_t*)tls_str, size,
- client_id, payload_id)))
+ if (ctxt.get_odp_ctxt().get_ssl_matchers().scan_cname((const uint8_t*)tls_str, size,
+ client_id, payload_id))
{
set_client_appid_data(client_id, change_bits);
set_payload_appid_data(payload_id, change_bits);
- setSSLSquelch(p, ret, (ret == 1 ? payload_id : client_id), ctxt.get_odp_ctxt());
}
tsession->set_tls_org_unit(nullptr, 0);
}
return false;
}
-bool setSSLSquelch(Packet* p, int type, AppId appId, OdpContext& odp_ctxt)
-{
- if (!odp_ctxt.get_app_info_mgr().get_app_info_flags(appId, APPINFO_FLAG_SSL_SQUELCH))
- return false;
-
- const SfIp* dip = p->ptrs.ip_api.get_dst();
- const SfIp* sip = p->ptrs.ip_api.get_src();
-
- /* FIXIT-E: Passing appId to create_future_session() is incorrect. We
- need to pass the snort_protocol_id associated with appId. */
- AppIdSession* asd = AppIdSession::create_future_session(p, sip, 0, dip, p->ptrs.dp,
- IpProtocol::TCP, appId, 0);
-
- if (asd)
- {
- switch (type)
- {
- case 1:
- asd->payload.set_id(appId);
- break;
- case 2:
- asd->client.set_id(appId);
- asd->client_disco_state = APPID_DISCO_STATE_FINISHED;
- break;
- default:
- return false;
- }
- return true;
- }
- else
- return false;
-}
-
}
unsigned app_info_flags = asd.ctxt.get_odp_ctxt().get_app_info_mgr().get_app_info_flags(tp_app_id,
- APPINFO_FLAG_TP_CLIENT | APPINFO_FLAG_IGNORE | APPINFO_FLAG_SSL_SQUELCH);
+ APPINFO_FLAG_TP_CLIENT | APPINFO_FLAG_IGNORE );
// if the third-party appId must be treated as a client, do it now
if (app_info_flags & APPINFO_FLAG_TP_CLIENT)
asd.client.set_id(*p, asd, direction, tp_app_id, change_bits);
}
- if ((app_info_flags & APPINFO_FLAG_SSL_SQUELCH) and
- asd.get_session_flags(APPID_SESSION_SSL_SESSION) and
- !(asd.scan_flags & SCAN_SSL_HOST_FLAG))
- {
- setSSLSquelch(p, 1, tp_app_id, asd.ctxt.get_odp_ctxt());
- }
-
if ( app_info_flags & APPINFO_FLAG_IGNORE )
{
if (appidDebug->is_active())
projects / thirdparty / snort3.git / commitdiff
