Pull request #3796: appid: Ensure that TP SSL reinspection is not overwriting SMTPS...

author Sreeja Athirkandathil Narayanan (sathirka) <sathirka@cisco.com>

Thu, 4 May 2023 16:11:21 +0000 (16:11 +0000)

committer Sreeja Athirkandathil Narayanan (sathirka) <sathirka@cisco.com>

Thu, 4 May 2023 16:11:21 +0000 (16:11 +0000)
author Sreeja Athirkandathil Narayanan (sathirka) <sathirka@cisco.com>
Thu, 4 May 2023 16:11:21 +0000 (16:11 +0000)
committer Sreeja Athirkandathil Narayanan (sathirka) <sathirka@cisco.com>
Thu, 4 May 2023 16:11:21 +0000 (16:11 +0000)
diff --git a/src/network_inspectors/appid/detector_plugins/detector_smtp.cc b/src/network_inspectors/appid/detector_plugins/detector_smtp.cc

index 089c8ceb9610eddbba40f9456c2b34ce23a929a9..0439e6971ac86368f5fd072ec399ea27e9be740f 100644 (file)
--- a/src/network_inspectors/appid/detector_plugins/detector_smtp.cc
+++ b/src/network_inspectors/appid/detector_plugins/detector_smtp.cc
@@ -366,7 +366,10 @@ SMTPDetectorData* SmtpClientDetector::get_common_data(AppIdSession& asd)
          data_add(asd, dd, &smtp_free_state);
  
          if (asd.get_session_flags(APPID_SESSION_DECRYPTED))
+        {
              dd->server.state = SMTP_SERVICE_STATE_HELO;
+            dd->client.flags = CLIENT_FLAG_STARTTLS_SUCCESS;
+        }
          else
              dd->server.state = SMTP_SERVICE_STATE_CONNECTION;
  
@@ -605,6 +608,8 @@ done:
      else
          args.asd.clear_session_flags(APPID_SESSION_CLIENT_GETS_SERVER_PACKETS);
      args.asd.set_client_detected();
+    if (args.asd.get_client_id() == APP_ID_SSL_CLIENT)
+        args.asd.set_client_appid_data(APP_ID_SMTPS, args.change_bits);
      return APPID_SUCCESS;
  }
  
@@ -792,6 +797,11 @@ int SmtpServiceDetector::validate(AppIdDiscoveryArgs& args)
          {
              if (!(dd->client.flags & CLIENT_FLAG_STARTTLS_SUCCESS))
                  goto fail;
+            else if (args.asd.get_session_flags(APPID_SESSION_CLIENT_DETECTED))
+            {
+                args.asd.clear_session_flags(APPID_SESSION_CONTINUE);
+                return APPID_SUCCESS;
+            }
              goto inprocess;
          }
          if (!fd->code)
diff --git a/src/network_inspectors/appid/service_plugins/service_ssl.cc b/src/network_inspectors/appid/service_plugins/service_ssl.cc

index e8e05877963eb9998a7d12307246012a2f14c3af..f5aa165d1c38c916a4107064b7980949b2f7de73 100644 (file)
--- a/src/network_inspectors/appid/service_plugins/service_ssl.cc
+++ b/src/network_inspectors/appid/service_plugins/service_ssl.cc
@@ -692,6 +692,7 @@ AppId getSslServiceAppId(short srcPort)
          return APP_ID_HTTPS;
      case 448:
          return APP_ID_DDM_SSL;
+    case 25:
      case 465:
          return APP_ID_SMTPS;
      case 563:
author	Sreeja Athirkandathil Narayanan (sathirka) <sathirka@cisco.com>
	Thu, 4 May 2023 16:11:21 +0000 (16:11 +0000)
committer	Sreeja Athirkandathil Narayanan (sathirka) <sathirka@cisco.com>
	Thu, 4 May 2023 16:11:21 +0000 (16:11 +0000)
src/network_inspectors/appid/detector_plugins/detector_smtp.cc		patch \| blob \| blame \| history
src/network_inspectors/appid/service_plugins/service_ssl.cc		patch \| blob \| blame \| history