http2: make http1 rules work on http2 traffic optional

diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c
index c1bc185980446d32ef95d2873679d5a3390b6f52..b33ef5fda8b7ccb67c46517e5f19b7cb9da72bb7 100644 (file)
--- a/src/app-layer-parser.c
+++ b/src/app-layer-parser.c
@@ -215,10 +215,16 @@ void AppLayerParserStateFree(AppLayerParserState *pstate)
     SCReturn;
 }
 
+bool g_config_http1keywords_http2traffic = false;
+
 int AppLayerParserSetup(void)
 {
     SCEnter();
     memset(&alp_ctx, 0, sizeof(alp_ctx));
+    int value = 0;
+    if (ConfGetBool("app-layer.protocols.http2.http1-rules", &value) == 1 && value == 1) {
+        g_config_http1keywords_http2traffic = true;
+    }
     SCReturnInt(0);
 }
 

diff --git a/src/app-layer-protos.h b/src/app-layer-protos.h
index ff383c15149927b243bf62664db98d08d3f2cb7c..36b69ddcfa92d2801a0dbf8599da3ba7a77b7208 100644 (file)
--- a/src/app-layer-protos.h
+++ b/src/app-layer-protos.h
@@ -77,11 +77,13 @@ static inline bool AppProtoIsValid(AppProto a)
     return ((a > ALPROTO_UNKNOWN && a < ALPROTO_FAILED));
 }
 
+extern bool g_config_http1keywords_http2traffic;
+
 // wether a signature AppProto matches a flow (or signature) AppProto
 static inline bool AppProtoEquals(AppProto sigproto, AppProto alproto)
 {
-    if (alproto == ALPROTO_HTTP2 && sigproto == ALPROTO_HTTP) {
-        // TODO config option
+    if (alproto == ALPROTO_HTTP2 && g_config_http1keywords_http2traffic &&
+            sigproto == ALPROTO_HTTP) {
         return true;
     }
     return (sigproto == alproto);