if (asd)
{
+ AppidChangeBits change_bits;
SslPatternMatchers& ssl_matchers = asd->ctxt.get_odp_ctxt().get_ssl_matchers();
- if (common_name)
- ssl_matchers.scan_cname((const uint8_t*)common_name, strlen(common_name), client_id,
- payload_id);
+ if (!asd->tsession)
+ asd->tsession = (TlsSession*)snort_calloc(sizeof(TlsSession));
if (server_name)
+ {
ssl_matchers.scan_hostname((const uint8_t*)server_name, strlen(server_name), client_id,
payload_id);
+ asd->tsession->set_tls_host(server_name, strlen(server_name), change_bits);
+ asd->scan_flags |= SCAN_SSL_HOST_FLAG;
+ }
+
+ if (common_name)
+ {
+ ssl_matchers.scan_cname((const uint8_t*)common_name, strlen(common_name), client_id,
+ payload_id);
+ asd->tsession->set_tls_cname(common_name, strlen(common_name));
+ asd->scan_flags |= SCAN_SSL_CERTIFICATE_FLAG;
+ }
service_id = asd->get_application_ids_service();
if (client_id == APP_ID_NONE)
if (inspector)
{
SslPatternMatchers& ssl_matchers = inspector->get_ctxt().get_odp_ctxt().get_ssl_matchers();
- if (common_name)
- ssl_matchers.scan_cname((const uint8_t*)common_name, strlen(common_name), client_id,
- payload_id);
if (server_name)
ssl_matchers.scan_hostname((const uint8_t*)server_name, strlen(server_name),
client_id, payload_id);
+
+ if (common_name)
+ ssl_matchers.scan_cname((const uint8_t*)common_name, strlen(common_name), client_id,
+ payload_id);
}
}
{ return nullptr; }
}
-bool SslPatternMatchers::scan_hostname(unsigned char const*, unsigned long, AppId& client_id, AppId&)
+bool SslPatternMatchers::scan_hostname(unsigned char const*, unsigned long, AppId& client_id, AppId& payload_id)
{
client_id = APPID_UT_ID + 1;
+ payload_id = APPID_UT_ID + 1;
return true;
}
-bool SslPatternMatchers::scan_cname(unsigned char const*, unsigned long, AppId&, AppId& payload_id)
+bool SslPatternMatchers::scan_cname(unsigned char const*, unsigned long, AppId& client_id, AppId& payload_id)
{
- payload_id = APPID_UT_ID + 1;
+ client_id++;
+ payload_id++;
return true;
}
service = APP_ID_NONE;
client = APP_ID_NONE;
payload = APP_ID_NONE;
- val = appid_api.ssl_app_group_id_lookup(flow, (const char*)APPID_UT_TLS_HOST, (const char*)APPID_UT_TLS_HOST, service, client, payload);
+ val = appid_api.ssl_app_group_id_lookup(flow, (const char*)APPID_UT_TLS_HOST, nullptr, service, client, payload);
CHECK_TRUE(val);
CHECK_EQUAL(client, APPID_UT_ID + 1);
CHECK_EQUAL(payload, APPID_UT_ID + 1);
+ AppidChangeBits change_bits;
+ mock_session->tsession->set_tls_host("www.cisco.com", 13, change_bits);
+ mock_session->tsession->set_tls_cname("www.cisco.com", 13);
+ STRCMP_EQUAL(mock_session->tsession->get_tls_host(), "www.cisco.com");
+ STRCMP_EQUAL(mock_session->tsession->get_tls_cname(), "www.cisco.com");
+ val = appid_api.ssl_app_group_id_lookup(flow, (const char*)APPID_UT_TLS_HOST, (const char*)APPID_UT_TLS_HOST, service, client, payload);
+ CHECK_TRUE(val);
+ CHECK_EQUAL(client, APPID_UT_ID + 2);
+ CHECK_EQUAL(payload, APPID_UT_ID + 2);
+ STRCMP_EQUAL(mock_session->tsession->get_tls_host(), APPID_UT_TLS_HOST);
+ STRCMP_EQUAL(mock_session->tsession->get_tls_cname(), APPID_UT_TLS_HOST);
}
TEST(appid_api, create_appid_session_api)
reinspect_ssl_appid = check_ssl_appid_for_reinspect(tmpAppId, asd.ctxt.get_odp_ctxt());
- if ((field=attribute_data.tls_host(false)) != nullptr)
+ if (asd.tsession->get_tls_host() == nullptr and ((field = attribute_data.tls_host(false)) != nullptr))
{
asd.tsession->set_tls_host(field->c_str(), field->size(), change_bits);
if (reinspect_ssl_appid)
asd.scan_flags |= SCAN_SSL_HOST_FLAG;
}
- if ((field=attribute_data.tls_cname()) != nullptr)
+ if ((asd.tsession->get_tls_cname() == nullptr and (field = attribute_data.tls_cname()) != nullptr))
{
asd.tsession->set_tls_cname(field->c_str(), field->size());
if (reinspect_ssl_appid)
if (reinspect_ssl_appid)
{
- if ((field=attribute_data.tls_org_unit()) != nullptr)
+ if ((field = attribute_data.tls_org_unit()) != nullptr)
{
asd.tsession->set_tls_org_unit(field->c_str(), field->size());
}
projects / thirdparty / snort3.git / commitdiff
