p_macs = new list<HostMac>(macs.begin(), macs.end());
}
-bool HostTracker::add_service(Port port, IpProtocol proto, AppId appid, bool inferred_appid)
+bool HostTracker::add_service(Port port, IpProtocol proto, AppId appid, bool inferred_appid, bool* added)
{
host_tracker_stats.service_adds++;
std::lock_guard<std::mutex> lck(host_tracker_lock);
{
s.appid = appid;
s.inferred_appid = inferred_appid;
+ if (added)
+ *added = true;
}
return true;
}
}
services.emplace_back( HostApplication{port, proto, appid, inferred_appid} );
+ if (added)
+ *added = true;
+
return true;
}
// Appid may not be identified always. Inferred means dynamic/runtime
// appid detected from one flow to another flow such as BitTorrent.
bool add_service(Port port, IpProtocol proto,
- AppId appid = APP_ID_NONE, bool inferred_appid = false);
+ AppId appid = APP_ID_NONE, bool inferred_appid = false, bool* added = nullptr);
AppId get_appid(Port port, IpProtocol proto, bool inferred_only = false, bool allow_port_wildcard = false);
*p_asd = asd = AppIdSession::allocate_session(p, protocol, direction, &inspector);
if (p->flow->get_session_flags() & SSNFLAG_MIDSTREAM)
{
- asd->set_session_flags(APPID_SESSION_MID);
+ flow_flags |= APPID_SESSION_MID;
if (appidDebug->is_active())
LogMessage("AppIdDbg %s New AppId mid-stream session\n",
appidDebug->get_debug_session());
if(tun_dest)
{
ip = &(tun_dest->ip);
- port = tun_dest->port;
+ port = tun_dest->port;
}
else
{
if (!hv and check_dynamic)
{
+ std::lock_guard<std::mutex> lck(AppIdSession::inferred_svcs_lock);
+ if (!asd.is_inferred_svcs_ver_updated())
+ return false;
+
auto ht = host_cache.find(*ip);
if (ht)
{
unsigned AppIdSession::inspector_id = 0;
THREAD_LOCAL uint32_t AppIdSession::appid_flow_data_id = 0;
+std::mutex AppIdSession::inferred_svcs_lock;
+uint16_t AppIdSession::inferred_svcs_ver = 0;
const uint8_t* service_strstr(const uint8_t* haystack, unsigned haystack_len,
const uint8_t* needle, unsigned needle_len)
#define APPID_SESSION_H
#include <map>
+#include <mutex>
#include <string>
#include <unordered_map>
snort::SEARCH_SUPPORT_TYPE search_support_type = snort::UNKNOWN_SEARCH_ENGINE;
bool in_expected_cache = false;
static unsigned inspector_id;
+ static std::mutex inferred_svcs_lock;
+
static void init() { inspector_id = FlowData::create_flow_data_id(); }
void set_session_flags(uint64_t flags) { common.flags |= flags; }
return tp_payload_app_id;
}
+ inline uint16_t is_inferred_svcs_ver_updated()
+ {
+ if (my_inferred_svcs_ver == inferred_svcs_ver)
+ return false;
+ my_inferred_svcs_ver = inferred_svcs_ver;
+ return true;
+ }
+
+ static inline void incr_inferred_svcs_ver()
+ {
+ inferred_svcs_ver++;
+ if (inferred_svcs_ver == 0)
+ inferred_svcs_ver++;
+ }
+
private:
AppIdHttpSession* hsession = nullptr;
AppIdDnsSession* dsession = nullptr;
// appId determined by 3rd party library
AppId tp_app_id = APP_ID_NONE;
AppId tp_payload_app_id = APP_ID_NONE;
+
+ uint16_t my_inferred_svcs_ver = 0;
+ static uint16_t inferred_svcs_ver;
};
static inline bool is_svc_http_type(AppId serviceId)
return 0;
}
- if ( !host_cache[ip_addr]->add_service(port, proto, appid, true) )
+ bool added = false;
+ std::lock_guard<std::mutex> lck(AppIdSession::inferred_svcs_lock);
+ if ( !host_cache[ip_addr]->add_service(port, proto, appid, true, &added) )
ErrorMessage("%s:Failed to add host tracker service\n",__func__);
+ if (added)
+ AppIdSession::incr_inferred_svcs_ver();
return 0;
}
APPID_UT_SERVICE_VERSION };
unsigned AppIdSession::inspector_id = 0;
+std::mutex AppIdSession::inferred_svcs_lock;
+uint16_t AppIdSession::inferred_svcs_ver = 0;
class MockAppIdDnsSession : public AppIdDnsSession
{
projects / thirdparty / snort3.git / commitdiff
