]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
projects / thirdparty / snort3.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 60d1d41)
Pull request #3397: stream_tcp, pop: add sync_on_start method to StreamSplitter
authorRuss Combs (rucombs) <rucombs@cisco.com>
Wed, 4 May 2022 15:36:05 +0000 (15:36 +0000)
committerRuss Combs (rucombs) <rucombs@cisco.com>
Wed, 4 May 2022 15:36:05 +0000 (15:36 +0000)
Merge in SNORT/snort3 from ~RUCOMBS/snort3:sync_on_start to master

Squashed commit of the following:

commit fcd5a8de59569044555cc7d8bd987506767e53f3
Author: russ <rucombs@cisco.com>
Date:   Tue Apr 26 14:28:15 2022 -0400

    stream_tcp, pop: add sync_on_start method to StreamSplitter

    This is used to force a flush of data from the client when the wizard
    identifies a flow by data from the server. The new virtual defaults
    to false and pop overrides to true to handle the case where jumpy
    clients send a command before the server greeting. Other, similar
    overrides are anticipated.

src/service_inspectors/pop/pop.cc patch | blob | blame | history
src/service_inspectors/pop/pop_paf.h patch | blob | blame | history
src/stream/stream_splitter.h patch | blob | blame | history
src/stream/tcp/tcp_session.cc patch | blob | blame | history

diff --git a/src/service_inspectors/pop/pop.cc b/src/service_inspectors/pop/pop.cc
index 8c9e676345999f7ac0dbc5ac58fe114c29f4ac67..9001bac47ef979834eab31c67d35b030411a6b9e 100644 (file)
--- a/src/service_inspectors/pop/pop.cc
+++ b/src/service_inspectors/pop/pop.cc
@@ -101,9 +101,6 @@ const PegInfo pop_peg_names[] =
 };
 
 
-static void snort_pop(POP_PROTO_CONF* GlobalConf, Packet* p);
-static void POP_ResetState(Flow*);
-
 PopFlowData::PopFlowData() : FlowData(inspector_id)
 {
     memset(&session, 0, sizeof(session));
diff --git a/src/service_inspectors/pop/pop_paf.h b/src/service_inspectors/pop/pop_paf.h
index 51e814083808336556d5be996bed28cdea61a881..ebf7277a0bfe6a06609f9580692a34386faaa373 100644 (file)
--- a/src/service_inspectors/pop/pop_paf.h
+++ b/src/service_inspectors/pop/pop_paf.h
@@ -70,7 +70,11 @@ public:
     Status scan(snort::Packet*, const uint8_t* data, uint32_t len,
         uint32_t flags, uint32_t* fp) override;
 
-    bool is_paf() override { return true; }
+    bool is_paf() override
+    { return true; }
+
+    bool sync_on_start() const override
+    { return true; }
 
 public:
     PopPafData state;
diff --git a/src/stream/stream_splitter.h b/src/stream/stream_splitter.h
index 387cb252bd3bd7f4b5a04bd1bdc4d0ca35ecfbc4..f4106da76077a5edf8184e763dbcc2d26c91769e 100644 (file)
--- a/src/stream/stream_splitter.h
+++ b/src/stream/stream_splitter.h
@@ -80,6 +80,7 @@ public:
         unsigned& copied       // actual data copied (1 <= copied <= len)
         );
 
+    virtual bool sync_on_start() const { return false; }
     virtual bool is_paf() { return false; }
     virtual unsigned max(Flow* = nullptr);
     virtual void go_away() { delete this; }
diff --git a/src/stream/tcp/tcp_session.cc b/src/stream/tcp/tcp_session.cc
index a0b4c3553fdf346b6ad62baa011e15f80588e966..e52073768f99b654190f3eaf57d0822dacd7c3c2 100644 (file)
--- a/src/stream/tcp/tcp_session.cc
+++ b/src/stream/tcp/tcp_session.cc
@@ -133,6 +133,9 @@ void TcpSession::restart(Packet* p)
     {
         talker = &server;
         listener = &client;
+
+        if ( server.get_splitter()->sync_on_start() )
+            flush_tracker(server, p, PKT_FROM_CLIENT, false);
     }
     else
     {
Mirror of https://github.com/snort3/snort3.git