case APPID_SUCCESS:
return "success";
case APPID_INPROCESS:
- return "inprocess";
+ return "in-process";
case APPID_NEED_REASSEMBLY:
return "need-reassembly";
case APPID_NOT_COMPATIBLE:
case APPID_ENOMEM:
return "error-memory";
}
- return "unknown code";
+ return "unknown-code";
}
const std::string& get_name() const
{ return name; }
+ const std::string& get_log_name() const
+ { return log_name.empty()? name : log_name; }
+
unsigned get_minimum_matches() const
{ return minimum_matches; }
- void set_minimum_matches(unsigned minimumMatches = 0)
- { minimum_matches = minimumMatches; }
-
unsigned int get_precedence() const
{ return precedence; }
bool is_custom_detector() const
{ return custom_detector; }
- void set_custom_detector(bool isCustom = false)
- { this->custom_detector = isCustom; }
-
AppIdDiscovery& get_handler() const
{ return *handler; }
- bool is_client() const
- { return client; }
+ bool is_client() const
+ { return client; }
- virtual LuaStateDescriptor* validate_lua_state(bool /*packet_context*/)
- { return nullptr; }
+ virtual LuaStateDescriptor* validate_lua_state(bool /*packet_context*/)
+ { return nullptr; }
protected:
AppIdDiscovery* handler = nullptr;
- std::string name;
+ std::string name; // unique name to map detector; can be UUID file name for lua-detector
+ std::string log_name; // name from detector package info; can be same as 'name' for c-detector
bool client = false;
bool enabled = true;
bool custom_detector = false;
tcp_patterns =
{
- { (const uint8_t*)TNS_BANNER, TNS_BANNER_LEN, -1, 0, APP_ID_ORACLE_DATABASE },
+ { (const uint8_t*)TNS_BANNER, TNS_BANNER_LEN, 2, 0, APP_ID_ORACLE_DATABASE },
};
appid_registry =
AppIdDiscoveryArgs disco_args(p->data, p->dsize, direction, asd, p);
ret = asd.client_detector->validate(disco_args);
if (appidDebug->is_active())
- LogMessage("AppIdDbg %s %s client detector %s (%d)\n",
- appidDebug->get_debug_session(), asd.client_detector->get_name().c_str(),
+ LogMessage("AppIdDbg %s %s client detector returned %s (%d)\n",
+ appidDebug->get_debug_session(), asd.client_detector->get_log_name().c_str(),
asd.client_detector->get_code_string((APPID_STATUS_CODE)ret), ret);
}
else
AppIdDiscoveryArgs disco_args(p->data, p->dsize, direction, asd, p);
int result = kv->second->validate(disco_args);
if (appidDebug->is_active())
- LogMessage("AppIdDbg %s %s client candidate %s (%d)\n",
- appidDebug->get_debug_session(), kv->second->get_name().c_str(),
+ LogMessage("AppIdDbg %s %s client candidate returned %s (%d)\n",
+ appidDebug->get_debug_session(), kv->second->get_log_name().c_str(),
kv->second->get_code_string((APPID_STATUS_CODE)result), result);
if (result == APPID_SUCCESS)
else
++kv;
}
+ // FIXIT-M - Set client as detected/finished when all candidates fails/empty, US#348064
}
return ret;
}
LuaServiceDetector::LuaServiceDetector(AppIdDiscovery* sdm, const std::string& detector_name,
- IpProtocol protocol)
+ const std::string& logging_name, bool is_custom, unsigned min_match, IpProtocol protocol)
{
handler = sdm;
name = detector_name;
+ log_name = logging_name;
+ custom_detector = is_custom;
+ minimum_matches = min_match;
proto = protocol;
handler->register_detector(name, this, proto);
}
LuaServiceObject::LuaServiceObject(AppIdDiscovery* sdm, const std::string& detector_name,
- IpProtocol protocol, lua_State* L)
+ const std::string& log_name, bool is_custom, IpProtocol protocol, lua_State* L)
{
+ init_lsd(&lsd, detector_name, L);
+
if (init(L))
{
- sd = new LuaServiceDetector(sdm,detector_name,protocol);
+ sd = new LuaServiceDetector(sdm, detector_name,
+ log_name, is_custom, lsd.package_info.minimum_matches, protocol);
}
else
{
sd = (ServiceDetector*)ad;
}
- init_lsd(&lsd, detector_name, L);
UserData<LuaServiceObject>::push(L, DETECTOR, this);
lua_pushvalue(L, -1);
}
LuaClientDetector::LuaClientDetector(AppIdDiscovery* cdm, const std::string& detector_name,
- IpProtocol protocol)
+ const std::string& logging_name, bool is_custom, unsigned min_match, IpProtocol protocol)
{
handler = cdm;
name = detector_name;
+ log_name = logging_name;
+ custom_detector = is_custom;
+ minimum_matches = min_match;
proto = protocol;
handler->register_detector(name, this, proto);
}
LuaClientObject::LuaClientObject(AppIdDiscovery* cdm, const std::string& detector_name,
- IpProtocol protocol, lua_State* L)
+ const std::string& log_name, bool is_custom, IpProtocol protocol, lua_State* L)
{
+ init_lsd(&lsd, detector_name, L);
+
if (init(L))
{
- cd = new LuaClientDetector(cdm, detector_name, protocol);
+ cd = new LuaClientDetector(cdm, detector_name,
+ log_name, is_custom, lsd.package_info.minimum_matches, protocol);
}
else
{
cd = (ClientDetector*)ad;
}
- init_lsd(&lsd, detector_name, L);
UserData<LuaClientObject>::push(L, DETECTOR, this);
lua_pushvalue(L, -1);
class LuaServiceDetector : public ServiceDetector
{
public:
- LuaServiceDetector(AppIdDiscovery* sdm, const std::string& detector_name, IpProtocol protocol);
+ LuaServiceDetector(AppIdDiscovery* sdm, const std::string& detector_name,
+ const std::string& log_name, bool is_custom, unsigned min_match, IpProtocol protocol);
int validate(AppIdDiscoveryArgs&) override;
};
class LuaClientDetector : public ClientDetector
{
public:
- LuaClientDetector(AppIdDiscovery* cdm, const std::string& detector_name, IpProtocol protocol);
+ LuaClientDetector(AppIdDiscovery* cdm, const std::string& detector_name,
+ const std::string& log_name, bool is_custom, unsigned min_match, IpProtocol protocol);
int validate(AppIdDiscoveryArgs&) override;
-
};
{
public:
ServiceDetector* sd;
- LuaServiceObject(AppIdDiscovery* cdm, const std::string& detector_name, IpProtocol protocol,
- lua_State* L);
+ LuaServiceObject(AppIdDiscovery* sdm, const std::string& detector_name,
+ const std::string& log_name, bool is_custom, IpProtocol protocol, lua_State* L);
ServiceDetector* get_detector()
{ return sd; }
};
{
public:
ClientDetector* cd;
- LuaClientObject(AppIdDiscovery* cdm, const std::string& detector_name, IpProtocol protocol,
- lua_State* L);
+ LuaClientObject(AppIdDiscovery* cdm, const std::string& detector_name,
+ const std::string& log_name, bool is_custom, IpProtocol protocol, lua_State* L);
ClientDetector* get_detector()
{ return cd; }
};
}
// Leaves 1 value (the Detector userdata) at the top of the stack when succeeds
-static LuaObject* create_lua_detector(lua_State* L, const char* detectorName, bool is_custom)
+static LuaObject* create_lua_detector(lua_State* L, const char* detector_name, bool is_custom)
{
- std::string detector_name;
+ std::string log_name;
IpProtocol proto = IpProtocol::PROTO_NOT_SET;
Lua::ManageStack mgr(L);
- lua_getfield(L, LUA_REGISTRYINDEX, detectorName);
+ lua_getfield(L, LUA_REGISTRYINDEX, detector_name);
lua_getfield(L, -1, "DetectorPackageInfo");
if (!lua_istable(L, -1))
{
if (init(L)) // for control thread only
ErrorMessage("Error - appid: can not read DetectorPackageInfo table from %s\n",
- detectorName);
+ detector_name);
if (!lua_isnil(L, -1)) // pop DetectorPackageInfo index if it was pushed
lua_pop(L, 1);
return nullptr;
}
- if (!get_lua_field(L, -1, "name", detector_name))
+ if (!get_lua_field(L, -1, "name", log_name))
{
if (init(L))
ErrorMessage("Error - appid: can not read DetectorPackageInfo field 'name' from %s\n",
- detectorName);
+ detector_name);
lua_pop(L, 1);
return nullptr;
}
{
if (init(L))
ErrorMessage("Error - appid: can not read DetectorPackageInfo field 'proto' from %s\n",
- detectorName);
+ detector_name);
lua_pop(L, 1);
return nullptr;
}
lua_getfield(L, -1, "client");
if ( lua_istable(L, -1) )
{
- LuaClientObject* lco = new LuaClientObject(&ClientDiscovery::get_instance(),
- detectorName, proto, L);
- lco->cd->set_custom_detector(is_custom);
- return lco;
+ return new LuaClientObject(&ClientDiscovery::get_instance(),
+ detector_name, log_name, is_custom, proto, L);
}
else
{
lua_getfield(L, -1, "server");
if ( lua_istable(L, -1) )
{
- LuaServiceObject* lso = new LuaServiceObject(&ServiceDiscovery::get_instance(),
- detectorName, proto, L);
- lso->sd->set_custom_detector(is_custom);
- return lso;
+ return new LuaServiceObject(&ServiceDiscovery::get_instance(),
+ detector_name, log_name, is_custom, proto, L);
}
else if (init(L))
ErrorMessage("Error - appid: can not read DetectorPackageInfo field"
- " 'client' or 'server' from %s\n", detectorName);
+ " 'client' or 'server' from %s\n", detector_name);
lua_pop(L, 1); // pop server table
}
got_incompatible_service = true;
asd.service_search_state = SESSION_SERVICE_SEARCH_STATE::PENDING;
if (appidDebug->is_active())
- LogMessage("AppIdDbg %s %s service detector %s (%d)\n",
- appidDebug->get_debug_session(), asd.service_detector->get_name().c_str(),
+ LogMessage("AppIdDbg %s %s service detector returned %s (%d)\n",
+ appidDebug->get_debug_session(), asd.service_detector->get_log_name().c_str(),
asd.service_detector->get_code_string((APPID_STATUS_CODE)ret), ret);
}
/* Try to find detectors based on ports and patterns. */
result = service->validate(args);
if ( appidDebug->is_active() )
- LogMessage("AppIdDbg %s %s service candidate %s (%d)\n",
- appidDebug->get_debug_session(), service->get_name().c_str(),
+ LogMessage("AppIdDbg %s %s service candidate returned %s (%d)\n",
+ appidDebug->get_debug_session(), service->get_log_name().c_str(),
service->get_code_string((APPID_STATUS_CODE)result), result);
if ( result == APPID_SUCCESS )
{
AppIdDetector* ad = new TestDetector;
STRCMP_EQUAL(ad->get_code_string(APPID_SUCCESS), "success");
- STRCMP_EQUAL(ad->get_code_string(APPID_INPROCESS), "inprocess");
+ STRCMP_EQUAL(ad->get_code_string(APPID_INPROCESS), "in-process");
STRCMP_EQUAL(ad->get_code_string(APPID_NEED_REASSEMBLY), "need-reassembly");
STRCMP_EQUAL(ad->get_code_string(APPID_NOT_COMPATIBLE), "not-compatible");
STRCMP_EQUAL(ad->get_code_string(APPID_INVALID_CLIENT), "invalid-client");
STRCMP_EQUAL(ad->get_code_string(APPID_EINVALID), "error-invalid");
STRCMP_EQUAL(ad->get_code_string(APPID_ENOMEM), "error-memory");
STRCMP_EQUAL(ad->get_code_string(APPID_SUCCESS), "success");
- STRCMP_EQUAL(ad->get_code_string((APPID_STATUS_CODE)123), "unknown code");
+ STRCMP_EQUAL(ad->get_code_string((APPID_STATUS_CODE)123), "unknown-code");
delete ad;
}
projects / thirdparty / snort3.git / commitdiff
