pub type AppProto = u16;
pub const ALPROTO_UNKNOWN : AppProto = 0;
-pub static mut ALPROTO_FAILED : AppProto = 0; // updated during init
+pub const ALPROTO_FAILED : AppProto = 1;
pub const IPPROTO_TCP : u8 = 6;
pub const IPPROTO_UDP : u8 = 17;
{
unsafe {
SC = Some(context);
- ALPROTO_FAILED = StringToAppProto("failed\0".as_ptr());
}
}
Ok((_, msg)) => {
let ldap_msg = LdapMessage::from(msg);
if ldap_msg.is_unknown() {
- return unsafe { ALPROTO_FAILED };
+ return ALPROTO_FAILED;
}
if direction == Direction::ToServer && !ldap_msg.is_request() {
unsafe {
return ALPROTO_UNKNOWN;
}
Err(_e) => {
- return unsafe { ALPROTO_FAILED };
+ return ALPROTO_FAILED;
}
}
}
match MODBUS_PARSER.probe(slice, Direction::Unknown) {
Status::Recognized => unsafe { ALPROTO_MODBUS },
Status::Incomplete => ALPROTO_UNKNOWN,
- Status::Unrecognized => unsafe { ALPROTO_FAILED },
+ Status::Unrecognized => ALPROTO_FAILED,
}
}
return ALPROTO_UNKNOWN;
},
Err(_) => {
- return unsafe{ALPROTO_FAILED};
+ return ALPROTO_FAILED;
},
}
}
}
}
SCLogDebug!("no smb");
- unsafe { return ALPROTO_FAILED; }
+ return ALPROTO_FAILED;
}
// probing confirmation parser
{
SCEnter();
- if (!(alproto > ALPROTO_UNKNOWN && alproto < ALPROTO_FAILED)) {
+ if (!AppProtoIsValid(alproto)) {
FatalError("Unknown protocol detected - %u", alproto);
}
const AppProtoStringTuple AppProtoStrings[ALPROTO_MAX] = {
{ ALPROTO_UNKNOWN, "unknown" },
+ { ALPROTO_FAILED, "failed" },
{ ALPROTO_HTTP1, "http1" },
{ ALPROTO_FTP, "ftp" },
{ ALPROTO_SMTP, "smtp" },
{ ALPROTO_BITTORRENT_DHT, "bittorrent-dht" },
{ ALPROTO_POP3, "pop3" },
{ ALPROTO_HTTP, "http" },
- { ALPROTO_FAILED, "failed" },
};
const char *AppProtoToString(AppProto alproto)
enum AppProtoEnum {
ALPROTO_UNKNOWN = 0,
+ /* used by the probing parser when alproto detection fails
+ * permanently for that particular stream */
+ // Update of this value should be reflected in rust, where we also define it
+ ALPROTO_FAILED = 1,
+
+ // Beginning of real/normal protocols
ALPROTO_HTTP1,
ALPROTO_FTP,
ALPROTO_SMTP,
// HTTP for any version (ALPROTO_HTTP1 (version 1) or ALPROTO_HTTP2)
ALPROTO_HTTP,
- /* used by the probing parser when alproto detection fails
- * permanently for that particular stream */
- ALPROTO_FAILED,
/* keep last */
ALPROTO_MAX,
};
static inline bool AppProtoIsValid(AppProto a)
{
- return ((a > ALPROTO_UNKNOWN && a < ALPROTO_FAILED));
+ return ((a > ALPROTO_FAILED && a < ALPROTO_MAX));
}
// whether a signature AppProto matches a flow (or signature) AppProto
if (p == NULL)
FatalError("Call to %s with NULL pointer.", __FUNCTION__);
- if (alproto == ALPROTO_UNKNOWN || alproto >= ALPROTO_FAILED)
+ if (!AppProtoIsValid(alproto))
FatalError("Unknown or invalid AppProto '%s'.", p->name);
BUG_ON(strcmp(p->name, AppProtoToString(alproto)) != 0);
/* per alproto to set is_last_for_progress per alproto because the inspect
* loop skips over engines that are not the correct alproto */
- for (AppProto a = 1; a < ALPROTO_FAILED; a++) {
+ for (AppProto a = ALPROTO_FAILED + 1; a < ALPROTO_MAX; a++) {
int last_tx_progress = 0;
bool last_tx_progress_set = false;
PrefilterEngine *prev_engine = NULL;
}
SCLogDebug("name %s id %d", name, sm_list);
- if ((alproto >= ALPROTO_FAILED) || (!(dir == SIG_FLAG_TOSERVER || dir == SIG_FLAG_TOCLIENT)) ||
+ if ((alproto == ALPROTO_FAILED) || (!(dir == SIG_FLAG_TOSERVER || dir == SIG_FLAG_TOCLIENT)) ||
(sm_list < DETECT_SM_LIST_MATCH) || (sm_list >= SHRT_MAX) ||
(progress < 0 || progress >= SHRT_MAX) || (Callback == NULL)) {
SCLogError("Invalid arguments");
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
{
- if (alproto == ALPROTO_UNKNOWN ||
- alproto >= ALPROTO_FAILED) {
+ if (!AppProtoIsValid(alproto)) {
SCLogError("invalid alproto %u", alproto);
return -1;
}
/* count ticks for app layer */
uint64_t app_total = 0;
- for (AppProto i = 1; i < ALPROTO_FAILED; i++) {
+ for (AppProto i = 0; i < ALPROTO_MAX; i++) {
const PktProfilingAppData *pdt = &p->profile->app[i];
if (p->proto == IPPROTO_TCP) {
projects / thirdparty / suricata.git / commitdiff
