]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
Pull request #4433: stream_tcp: Do not set global normalizer policy config when proxy...
authorDavis McPherson -X (davmcphe - XORIANT CORPORATION at Cisco) <davmcphe@cisco.com>
Tue, 24 Sep 2024 18:28:49 +0000 (18:28 +0000)
committerSteven Baigal (sbaigal) <sbaigal@cisco.com>
Tue, 24 Sep 2024 18:28:49 +0000 (18:28 +0000)
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:start_proxy_config_fix to master

Squashed commit of the following:

commit 7568e72e147ef564ed2ac545f700e25f86823a98
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Tue Sep 10 08:40:34 2024 -0400

    stream_tcp: Do not overwrite global normalizer policy config option when proxy mode is enabled

    stream_tcp: add assert to verify configured normalizer policy is valid

src/stream/tcp/tcp_session.cc

index e202f96b4f3ebf57bcb66cfb4b8920d176c30c7f..2bfffd190f5be28330765a1a2bf7d7bde1544903 100644 (file)
@@ -289,6 +289,8 @@ void TcpSession::check_flow_missed_3whs()
 
 void TcpSession::set_os_policy()
 {
+    assert(tcp_config->policy <= StreamPolicy::OS_VISTA);
+
     StreamPolicy client_os_policy = flow->ssn_policy ?
         static_cast<StreamPolicy>( flow->ssn_policy ) : tcp_config->policy;
 
@@ -1346,9 +1348,8 @@ void TcpSession::start_proxy()
     if ( PacketTracer::is_active() )
         PacketTracer::log("Stream TCP normalization policy set to Proxy mode. Normalizations will be skipped\n");
 
-    tcp_config->policy = StreamPolicy::OS_PROXY;
-    client.normalizer.init(tcp_config->policy, this, &client, &server);
-    server.normalizer.init(tcp_config->policy, this, &server, &client);
+    client.normalizer.init(StreamPolicy::OS_PROXY, this, &client, &server);
+    server.normalizer.init(StreamPolicy::OS_PROXY, this, &server, &client);
     ++tcpStats.proxy_mode_flows;
 }