(flags & STREAM_TOSERVER) ? "toserver" : "toclient");
AppProto alproto = ALPROTO_UNKNOWN;
- AppProto pm_alproto = ALPROTO_UNKNOWN;
if (!FLOW_IS_PM_DONE(f, flags)) {
AppProto pm_results[g_alproto_max];
FLOW_RESET_PP_DONE(f, reverse_dir);
}
}
-
- /* HACK: if detected protocol is dcerpc/udp, we run PP as well
- * to avoid misdetecting DNS as DCERPC. */
- if (!(ipproto == IPPROTO_UDP && alproto == ALPROTO_DCERPC))
- goto end;
-
- pm_alproto = alproto;
-
- /* fall through */
+ SCReturnUInt(alproto);
}
}
if (!FLOW_IS_PP_DONE(f, flags)) {
- bool rflow = false;
- alproto = AppLayerProtoDetectPPGetProto(f, buf, buflen, ipproto, flags, &rflow);
+ DEBUG_VALIDATE_BUG_ON(*reverse_flow);
+ alproto = AppLayerProtoDetectPPGetProto(f, buf, buflen, ipproto, flags, reverse_flow);
if (AppProtoIsValid(alproto)) {
- if (rflow) {
- *reverse_flow = true;
- }
- goto end;
+ SCReturnUInt(alproto);
}
}
/* Look if flow can be found in expectation list */
if (!FLOW_IS_PE_DONE(f, flags)) {
+ DEBUG_VALIDATE_BUG_ON(*reverse_flow);
alproto = AppLayerProtoDetectPEGetProto(f, flags);
}
- end:
- if (!AppProtoIsValid(alproto))
- alproto = pm_alproto;
-
SCReturnUInt(alproto);
}
projects / thirdparty / suricata.git / commitdiff
