Merge pull request #2328 in SNORT/snort3 from ~KAMURTHI/snort3:http_url_matching...

author Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>

Fri, 17 Jul 2020 22:28:05 +0000 (22:28 +0000)

committer Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>

Fri, 17 Jul 2020 22:28:05 +0000 (22:28 +0000)
author Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>
Fri, 17 Jul 2020 22:28:05 +0000 (22:28 +0000)
committer Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>
Fri, 17 Jul 2020 22:28:05 +0000 (22:28 +0000)
diff --git a/src/network_inspectors/appid/appid_http_session.cc b/src/network_inspectors/appid/appid_http_session.cc

index 45527687d07dc29ae58525f1a37214f7c2c425c4..67d0327f4b068a8d1fdafeaf1cf2fcc3ff9413b7 100644 (file)
--- a/src/network_inspectors/appid/appid_http_session.cc
+++ b/src/network_inspectors/appid/appid_http_session.cc
@@ -590,7 +590,8 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
  
          /* Scan Via Header for squid */
          const std::string* via = meta_data[MISC_VIA_FID];
-        if ( !asd.get_tp_payload_app_id() and !payload.get_id() and (asd.scan_flags & SCAN_HTTP_VIA_FLAG) and via )
+        if ( !asd.get_tp_payload_app_id() and payload.get_id() <= APP_ID_NONE and
+            (asd.scan_flags & SCAN_HTTP_VIA_FLAG) and via )
          {
              AppId payload_id = http_matchers.get_appid_by_pattern(via->c_str(), via->size(),
                  nullptr);
@@ -632,7 +633,7 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
      // Scan Content-Type Header for multimedia types and scan contents
      const std::string* content_type = meta_data[RSP_CONTENT_TYPE_FID];
      if ( (asd.scan_flags & SCAN_HTTP_CONTENT_TYPE_FLAG)
-         and content_type and !asd.get_tp_payload_app_id() and !payload.get_id())
+         and content_type and !asd.get_tp_payload_app_id() and payload.get_id() <= APP_ID_NONE)
      {
          AppId payload_id = http_matchers.get_appid_by_content_type(content_type->c_str(),
              content_type->size());
@@ -714,7 +715,8 @@ int AppIdHttpSession::process_http_packet(AppidSessionDirection direction,
          }
      }
      if (payload.get_id() <=APP_ID_NONE and is_payload_processed and
-        asd.service.get_id()== APP_ID_HTTP2)
+        (asd.service.get_id()== APP_ID_HTTP2 or (asd.service.get_id()== APP_ID_HTTP and
+        asd.is_tp_appid_available())))
          set_payload(APP_ID_UNKNOWN, change_bits);
  
      asd.clear_http_flags();
diff --git a/src/network_inspectors/appid/test/appid_http_session_test.cc b/src/network_inspectors/appid/test/appid_http_session_test.cc

index 3cf94db5d9babe8046e981b16ea445dcdf0c088b..3ee5faa0b5e9346b86969765aa196414f62ded07 100644 (file)
--- a/src/network_inspectors/appid/test/appid_http_session_test.cc
+++ b/src/network_inspectors/appid/test/appid_http_session_test.cc
@@ -133,6 +133,11 @@ bool AppIdSession::is_payload_appid_set() const
      return true;
  }
  
+bool AppIdSession::is_tp_appid_available() const
+{
+    return true;
+}
+
  // AppIdDebug mock functions
  void AppIdDebug::activate(const uint32_t*, const uint32_t*, uint16_t,
      uint16_t, IpProtocol, const int, uint16_t, const AppIdSession*, bool)
author	Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>
	Fri, 17 Jul 2020 22:28:05 +0000 (22:28 +0000)
committer	Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>
	Fri, 17 Jul 2020 22:28:05 +0000 (22:28 +0000)
src/network_inspectors/appid/appid_http_session.cc		patch \| blob \| blame \| history
src/network_inspectors/appid/test/appid_http_session_test.cc		patch \| blob \| blame \| history