lua: extend SCFlowAppLayerProto

Change SCFlowAppLayerProto to return 5 values:
<alproto> <alproto_ts> <alproto_tc> <alproto_orig> <alproto_expect>:

alproto: detected protocol
alproto_ts: detected protocol in toserver direction
alproto_tc: detected protocol in toclient direction
alproto_orig: pre-change/upgrade protocol
alproto_expected: expected protocol in change/upgrade

Orig and expect are used when changing and upgrading protocols. In a
SMTP STARTTLS case, orig would normally be set to "smtp" and expect
to "tls".

diff --git a/doc/userguide/output/lua-output.rst b/doc/userguide/output/lua-output.rst
index adef654a05437587777b9f9e6762e649f119d3cf..d9b015972d45d70cb06f778da0940a57a560c0fd 100644 (file)
--- a/doc/userguide/output/lua-output.rst
+++ b/doc/userguide/output/lua-output.rst
@@ -175,7 +175,7 @@ SCFlowTuple
 SCFlowAppLayerProto
 ~~~~~~~~~~~~~~~~~~~
 
-Get alproto as string from the flow. If alproto is not (yet) known, it
+Get alprotos as string from the flow. If a alproto is not (yet) known, it
 returns "unknown".
 
 Example:
@@ -189,6 +189,12 @@ Example:
       end
   end
 
+Returns 5 values: <alproto> <alproto_ts> <alproto_tc> <alproto_orig> <alproto_expect>
+
+Orig and expect are used when changing and upgrading protocols. In a SMTP STARTTLS
+case, orig would normally be set to "smtp" and expect to "tls".
+
+
 SCFlowHasAlerts
 ~~~~~~~~~~~~~~~
 

diff --git a/src/util-lua-common.c b/src/util-lua-common.c
index 2037ef7bbf82497c2bdcff2a892ea8d69141bf05..b6a9c1c1d1bd79c3e150ef9f14b3d400e06b109f 100644 (file)
--- a/src/util-lua-common.c
+++ b/src/util-lua-common.c
@@ -447,14 +447,14 @@ static int LuaCallbackTupleFlow(lua_State *luastate)
 /** \internal
  *  \brief fill lua stack with AppLayerProto
  *  \param luastate the lua state
- *  \param f flow, locked
+ *  \param alproto AppProto to push to stack as string
  *  \retval cnt number of data items placed on the stack
  *
  *  Places: alproto as string (string)
  */
-static int LuaCallbackAppLayerProtoPushToStackFromFlow(lua_State *luastate, const Flow *f)
+static int LuaCallbackAppLayerProtoPushToStackFromFlow(lua_State *luastate, const AppProto alproto)
 {
-    const char *string = AppProtoToString(f->alproto);
+    const char *string = AppProtoToString(alproto);
     if (string == NULL)
         string = "unknown";
     lua_pushstring(luastate, string);
@@ -472,7 +472,11 @@ static int LuaCallbackAppLayerProtoFlow(lua_State *luastate)
     if (f == NULL)
         return LuaCallbackError(luastate, "internal error: no flow");
 
-    r = LuaCallbackAppLayerProtoPushToStackFromFlow(luastate, f);
+    r = LuaCallbackAppLayerProtoPushToStackFromFlow(luastate, f->alproto);
+    r += LuaCallbackAppLayerProtoPushToStackFromFlow(luastate, f->alproto_ts);
+    r += LuaCallbackAppLayerProtoPushToStackFromFlow(luastate, f->alproto_tc);
+    r += LuaCallbackAppLayerProtoPushToStackFromFlow(luastate, f->alproto_orig);
+    r += LuaCallbackAppLayerProtoPushToStackFromFlow(luastate, f->alproto_expect);
 
     return r;
 }