]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
projects / thirdparty / snort3.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3c60f88)
Pull request #5001: appid: allow out-of-order packet inspection in TP
authorOleksandr Stepanov -X (ostepano - SOFTSERVE INC at Cisco) <ostepano@cisco.com>
Tue, 9 Dec 2025 14:11:02 +0000 (14:11 +0000)
committerChris Sherwin (chsherwi) <chsherwi@cisco.com>
Tue, 9 Dec 2025 14:11:02 +0000 (14:11 +0000)
Merge in SNORT/snort3 from ~OSTEPANO/snort3:tp_http_request_len to master

Squashed commit of the following:

commit aa0c0de17168228c169f7f3a358cedf4f2e9a70a
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date:   Wed Nov 19 13:47:05 2025 -0500

    appid: allow out-of-order packet inspection in TP

src/network_inspectors/appid/tp_appid_utils.cc patch | blob | blame | history

diff --git a/src/network_inspectors/appid/tp_appid_utils.cc b/src/network_inspectors/appid/tp_appid_utils.cc
index 881de3c453f4191991cbed35128636522f72f04f..4b63f34f37260665a033d2cc054267c9bb2c83bb 100644 (file)
--- a/src/network_inspectors/appid/tp_appid_utils.cc
+++ b/src/network_inspectors/appid/tp_appid_utils.cc
@@ -101,7 +101,7 @@ static inline void process_http_session(const Packet& p, AppIdSession& asd,
 
         if (spdyRequestScheme && spdyRequestHost && spdyRequestPath )
         {
-            string* url;
+            const string* url;
             if (asd.get_session_flags(APPID_SESSION_DECRYPTED)
                 && *spdyRequestScheme == "http")
             {
@@ -503,7 +503,7 @@ static void set_tp_reinspect(AppIdSession& asd, const Packet* p, AppidSessionDir
 {
     // restart inspection by 3rd party
     if (!asd.tp_reinspect_by_initiator and (direction == APP_ID_FROM_INITIATOR) and
-        check_reinspect(p, asd) and p->packet_flags & PKT_STREAM_ORDER_OK)
+        check_reinspect(p, asd) and ((p->packet_flags & PKT_STREAM_ORDER_OK) or asd.get_odp_ctxt().inspect_ooo_flows))
     {
         asd.tp_reinspect_by_initiator = true;
         asd.set_session_flags(APPID_SESSION_APP_REINSPECT);
@@ -555,7 +555,7 @@ bool do_tp_discovery(ThirdPartyAppIdContext& tp_appid_ctxt, AppIdSession& asd, I
     if (!p->dsize and !asd.get_odp_ctxt().tp_allow_probes)
         return false;
 
-    bool process_packet = (protocol != IpProtocol::TCP or (p->packet_flags & PKT_STREAM_ORDER_OK) or
+    bool process_packet = (protocol != IpProtocol::TCP or ((p->packet_flags & PKT_STREAM_ORDER_OK) or asd.get_odp_ctxt().inspect_ooo_flows) or
         asd.get_odp_ctxt().tp_allow_probes);
 
     if (!process_packet)
Mirror of https://github.com/snort3/snort3.git