Merge pull request #696 in SNORT/snort3 from http_more_tests to master

Squashed commit of the following:

commit dcd43e7d538a2f5ebc06eae3877b239c64f43cfb
Author: shaslad <shaslad@cisco.com>
Date:   Sat Oct 29 01:42:07 2016 -0400

    minor modification related to logs

    Added missing opera client header pattern and related variables

diff --git a/src/network_inspectors/appid/app_info_table.cc b/src/network_inspectors/appid/app_info_table.cc
index 35e0527f0d2bf6c635edf4b3b77e3dcb33672c77..20fe5ab78e349d42c717a51b79c50b032ec64ff5 100644 (file)
--- a/src/network_inspectors/appid/app_info_table.cc
+++ b/src/network_inspectors/appid/app_info_table.cc
@@ -217,7 +217,8 @@ void AppInfoManager::set_app_info_active(AppId appId)
     if (entry)
         entry->flags |= APPINFO_FLAG_ACTIVE;
     else
-        ErrorMessage("AppInfo: AppId %d is UNKNOWN\n", appId);
+        DebugFormat(DEBUG_APPID, "AppInfo: AppId %d is UNKNOWN\n", appId);
+
 }
 
 void AppInfoManager::load_appid_config(const char* path)

diff --git a/src/network_inspectors/appid/detector_plugins/detector_http.cc b/src/network_inspectors/appid/detector_plugins/detector_http.cc
index a95ccb3be864b4ad43b4cdd0c56e47ebcf903d34..3a0fb7abca043c1fb1f50b26c31d48fb3192e24e 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_http.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_http.cc
@@ -122,6 +122,7 @@ static const char CURL_PATTERN[] = "curl";
 static const char GOOGLE_DESKTOP_PATTERN[] = "Google Desktop";
 static const char PICASA_PATTERN[] = "Picasa";
 static const char SAFARI_PATTERN[] = "Safari";
+static const char OPERA_PATTERN[] = "Opera";
 static const char CHROME_PATTERN[] = "Chrome";
 static const char MOBILE_PATTERN[] = "Mobile";
 static const char BLACKBERRY_PATTERN[] = "BlackBerry";
@@ -275,6 +276,8 @@ static DetectorHTTPPattern client_agent_patterns[] =
       sizeof(PICASA_PATTERN)-1, (uint8_t*)PICASA_PATTERN, APP_ID_PICASA,},
     { USER_AGENT_HEADER, APP_ID_HTTP, APP_ID_SAFARI, 0,
       sizeof(SAFARI_PATTERN)-1, (uint8_t*)SAFARI_PATTERN, APP_ID_SAFARI,},
+    { USER_AGENT_HEADER, APP_ID_HTTP, APP_ID_OPERA, 0,
+      sizeof(OPERA_PATTERN)-1, (uint8_t*)OPERA_PATTERN, APP_ID_OPERA,},
     { USER_AGENT_HEADER, APP_ID_HTTP, APP_ID_CHROME, 0,
       sizeof(CHROME_PATTERN)-1, (uint8_t*)CHROME_PATTERN, APP_ID_CHROME,},
     { USER_AGENT_HEADER, APP_ID_HTTP, APP_ID_SAFARI_MOBILE_DUMMY, 0,
@@ -1735,8 +1738,7 @@ void identify_user_agent(const uint8_t* start, int size, AppId* serviceAppId, Ap
     char temp_ver[MAX_VERSION_SIZE];
     temp_ver[0] = 0;
 
-    detectorHttpConfig->client_agent_matcher->find_all((const char*)start, size, &http_pattern_match,
-        false, (void*)&mp);
+    detectorHttpConfig->client_agent_matcher->find_all((const char*)start, size, &http_pattern_match, false, (void*)&mp);
 
     if (mp)
     {

diff --git a/src/network_inspectors/appid/lua_detector_api.cc b/src/network_inspectors/appid/lua_detector_api.cc
index 51c909b1630f7c6071519a76c7919e32f3a26986..8044175792df0ae3a6ddb13a2eef735934ec24fe 100644 (file)
--- a/src/network_inspectors/appid/lua_detector_api.cc
+++ b/src/network_inspectors/appid/lua_detector_api.cc
@@ -1808,6 +1808,8 @@ static int detector_port_only_service(lua_State* L)
         ud->appid_config->tcp_port_only[port] = appId;
     else if (protocol == 17)
         ud->appid_config->udp_port_only[port] = appId;
+    
+    AppInfoManager::get_instance().set_app_info_active(appId);
 
     return 0;
 }