Pull request #3876: http_inspect: remove stream interface abstraction for http/1...

Merge in SNORT/snort3 from ~ABHPAL/snort3:h3 to master

Squashed commit of the following:

commit 853630ce0e2a0ade2bf425d3382c98a5458a283c
Author: Abhijit Pal(abhpal) <abhpal@cisco.com>
Date:   Mon Jun 12 18:05:42 2023 +0530

    http_inspect: remove stream interface abstraction for http/1.1 flows

diff --git a/src/service_inspectors/http_inspect/http_flow_data.cc b/src/service_inspectors/http_inspect/http_flow_data.cc
index 8473d3c42eb78b89a73215c52159b091e9147a68..5e02206c21ed00ea6e3211ab172a81c85443c3e5 100644 (file)
--- a/src/service_inspectors/http_inspect/http_flow_data.cc
+++ b/src/service_inspectors/http_inspect/http_flow_data.cc
@@ -50,9 +50,8 @@ uint64_t HttpFlowData::instance_count = 0;
 #endif
 
 HttpFlowData::HttpFlowData(Flow* flow, const HttpParaList* params_) :
-    FlowData(inspector_id), params(params_), flow(flow)
+    FlowData(inspector_id), params(params_)
 {
-    static HttpFlowStreamIntf h1_stream;
 #ifdef REG_TEST
     if (HttpTestManager::use_test_output(HttpTestManager::IN_HTTP))
     {
@@ -71,16 +70,15 @@ HttpFlowData::HttpFlowData(Flow* flow, const HttpParaList* params_) :
         HttpModule::increment_peg_counts(PEG_MAX_CONCURRENT_SESSIONS);
 
     if (flow->stream_intf)
-        flow->stream_intf->get_stream_id(flow, hx_stream_id);
-
-    if (valid_hx_stream_id())
     {
-        for_httpx = true;
-        events[0]->suppress_event(HttpEnums::EVENT_LOSS_OF_SYNC);
-        events[1]->suppress_event(HttpEnums::EVENT_LOSS_OF_SYNC);
+        flow->stream_intf->get_stream_id(flow, hx_stream_id);
+        if (hx_stream_id >= 0)
+        {
+            for_httpx = true;
+            events[0]->suppress_event(HttpEnums::EVENT_LOSS_OF_SYNC);
+            events[1]->suppress_event(HttpEnums::EVENT_LOSS_OF_SYNC);
+        }
     }
-    else
-        flow->stream_intf = &h1_stream;
 }
 
 HttpFlowData::~HttpFlowData()
@@ -127,9 +125,6 @@ HttpFlowData::~HttpFlowData()
         discard_list = discard_list->next;
         delete tmp;
     }
-
-    if (!for_httpx)
-        flow->stream_intf = nullptr;
 }
 
 void HttpFlowData::half_reset(SourceId source_id)
@@ -309,29 +304,6 @@ int64_t HttpFlowData::get_hx_stream_id() const
     return hx_stream_id;
 }
 
-bool HttpFlowData::valid_hx_stream_id() const
-{
-    return (hx_stream_id >= 0);
-}
-
-FlowData* HttpFlowStreamIntf::get_stream_flow_data(const Flow* flow)
-{
-    return (HttpFlowData*)flow->get_flow_data(HttpFlowData::inspector_id);
-}
-
-void HttpFlowStreamIntf::set_stream_flow_data(Flow* flow, FlowData* flow_data)
-{
-    flow->set_flow_data(flow_data);
-}
-
-void HttpFlowStreamIntf::get_stream_id(const Flow*, int64_t& stream_id)
-{
-    // HTTP Flows by itself doesn't have any stream id, thus assigning -1 to
-    // indicate invalid value
-    stream_id = -1;
-}
-
-
 #ifdef REG_TEST
 void HttpFlowData::show(FILE* out_file) const
 {

diff --git a/src/service_inspectors/http_inspect/http_flow_data.h b/src/service_inspectors/http_inspect/http_flow_data.h
index 988ab44694ef298ac8ebb793e3f1aaf759671766..30d951a005e1f08377a44e12fb1efe242d2ef7ad 100644 (file)
--- a/src/service_inspectors/http_inspect/http_flow_data.h
+++ b/src/service_inspectors/http_inspect/http_flow_data.h
@@ -85,7 +85,6 @@ public:
     void set_hx_body_state(HttpCommon::SourceId source_id, HttpCommon::HXBodyState state)
     { hx_body_state[source_id] = state; }
 
-    bool valid_hx_stream_id() const;
     int64_t get_hx_stream_id() const;
     bool is_for_httpx() const { return for_httpx; }
 
@@ -217,7 +216,6 @@ private:
     int64_t hx_stream_id = -1;
     HttpCommon::HXBodyState hx_body_state[2] = { HttpCommon::HX_BODY_NOT_COMPLETE,
         HttpCommon::HX_BODY_NOT_COMPLETE };
-    snort::Flow* flow;
 
 #ifdef REG_TEST
     static uint64_t instance_count;
@@ -227,13 +225,5 @@ private:
 #endif
 };
 
-class HttpFlowStreamIntf : public snort::StreamFlowIntf
-{
-public:
-    snort::FlowData* get_stream_flow_data(const snort::Flow* flow) override;
-    void set_stream_flow_data(snort::Flow* flow, snort::FlowData* flow_data) override;
-    void get_stream_id(const snort::Flow* flow, int64_t& stream_id) override;
-};
-
 #endif
 

diff --git a/src/service_inspectors/http_inspect/http_inspect.cc b/src/service_inspectors/http_inspect/http_inspect.cc
index ae4f3e6b3a5c5f5eb2fbf88608693b4dfb62bf2f..4517a39e927821cc8749e237b045d6ef47438e9e 100755 (executable)
--- a/src/service_inspectors/http_inspect/http_inspect.cc
+++ b/src/service_inspectors/http_inspect/http_inspect.cc
@@ -453,12 +453,15 @@ HttpFlowData* HttpInspect::http_get_flow_data(const Flow* flow)
     if (flow->stream_intf)
         return (HttpFlowData*)flow->stream_intf->get_stream_flow_data(flow);
     else
-        return nullptr;
+        return (HttpFlowData*)flow->get_flow_data(HttpFlowData::inspector_id);
 }
 
 void HttpInspect::http_set_flow_data(Flow* flow, HttpFlowData* flow_data)
 {
-    flow->stream_intf->set_stream_flow_data(flow, flow_data);
+    if (flow->stream_intf)
+        flow->stream_intf->set_stream_flow_data(flow, flow_data);
+    else
+        flow->set_flow_data(flow_data);
 }
 
 void HttpInspect::eval(Packet* p)

diff --git a/src/service_inspectors/http_inspect/http_inspect.h b/src/service_inspectors/http_inspect/http_inspect.h
index 3b7dd770af5bd11cf6cb36895ee9370ee48cb047..397d3df0595710666a548c6ac7833056fe743874 100644 (file)
--- a/src/service_inspectors/http_inspect/http_inspect.h
+++ b/src/service_inspectors/http_inspect/http_inspect.h
@@ -39,6 +39,7 @@
 
 class HttpApi;
 class HttpParam;
+class HttpIpsOption;
 
 class HttpInspect : public HttpInspectBase
 {
@@ -96,6 +97,7 @@ public:
 private:
     friend HttpApi;
     friend HttpStreamSplitter;
+    friend HttpIpsOption;
 
     HttpStreamSplitter splitter[2] = { { true, this }, { false, this } };
 

diff --git a/src/service_inspectors/http_inspect/http_stream_splitter_scan.cc b/src/service_inspectors/http_inspect/http_stream_splitter_scan.cc
index 55b4f0506e1e0f43e26aa0aa19057148182ef39e..63bd0e1c3cc2c64f5b0934a4c7bc169fc483189a 100644 (file)
--- a/src/service_inspectors/http_inspect/http_stream_splitter_scan.cc
+++ b/src/service_inspectors/http_inspect/http_stream_splitter_scan.cc
@@ -140,9 +140,7 @@ StreamSplitter::Status HttpStreamSplitter::scan(Flow* flow, const uint8_t* data,
     // This is the session state information we share with HttpInspect and store with stream. A
     // session is defined by a TCP connection. Since scan() is the first to see a new TCP
     // connection the new flow data object is created here.
-    HttpFlowData* session_data = nullptr;
-    if (flow->stream_intf)
-        session_data = (HttpFlowData*)flow->stream_intf->get_stream_flow_data(flow);
+    HttpFlowData* session_data = HttpInspect::http_get_flow_data(flow);
 
     if (session_data == nullptr)
     {

diff --git a/src/service_inspectors/http_inspect/ips_http.cc b/src/service_inspectors/http_inspect/ips_http.cc
index ac74eaa017f4e5e3c14f29894dea395361202d0b..f9d35f6e529a5af49b062997554c33c559844298 100644 (file)
--- a/src/service_inspectors/http_inspect/ips_http.cc
+++ b/src/service_inspectors/http_inspect/ips_http.cc
@@ -97,9 +97,7 @@ HttpInspect const* HttpIpsOption::eval_helper(Packet* p)
     if (!p->flow || !p->flow->gadget || (HttpInspect::get_latest_is(p) == PS_NONE))
         return nullptr;
 
-    assert(p->flow->stream_intf);
-    const HttpFlowData* const hi_flow_data =
-        (HttpFlowData*)p->flow->stream_intf->get_stream_flow_data(p->flow);
+    const HttpFlowData* const hi_flow_data = HttpInspect::http_get_flow_data(p->flow);
 
     const HttpInspect* const hi = (hi_flow_data->is_for_httpx()) ?
         (HttpInspect*)(p->flow->assistant_gadget) : (HttpInspect*)(p->flow->gadget);