From: Oleksandr Stepanov -X (ostepano - SOFTSERVE INC at Cisco) <ostepano@cisco.com>
Date: Tue, 24 Sep 2024 18:39:27 +0000 (+0000)
Subject: Pull request #4451: binder: change binding to have single service
X-Git-Tag: 3.3.7.0~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1ffe195518f7d58b78852a34dc5592a3804544d1;p=thirdparty%2Fsnort3.git

Pull request #4451: binder: change binding to have single service

Merge in SNORT/snort3 from ~OSTEPANO/snort3:binder_service to master

Squashed commit of the following:

commit 14207b6c9c45c1eac1494a04589a3891195d3a3d
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date:   Wed Sep 18 13:04:28 2024 -0400

    binder: change binding to have single service
---

diff --git a/src/network_inspectors/binder/bind_module.cc b/src/network_inspectors/binder/bind_module.cc
index 1f8c095be..d69a3f8d4 100644
--- a/src/network_inspectors/binder/bind_module.cc
+++ b/src/network_inspectors/binder/bind_module.cc
@@ -124,7 +124,7 @@ static const Parameter binder_when_params[] =
       "use the given configuration on one or any end of a session" },
 
     { "service", Parameter::PT_STRING, nullptr, nullptr,
-      "space separated list of services" },
+      "name of service to match" },
 
     { nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr }
 };
@@ -245,7 +245,7 @@ bool BinderModule::set(const char* fqn, Value& v, SnortConfig*)
     // both
     if ( !strcmp(fqn, "binder.when.service") )
     {
-        binding.when.parse_service(v.get_string());
+        binding.when.svc = v.get_string();
         binding.when.add_criteria(BindWhen::Criteria::BWC_SVC);
     }
     else if ( !strcmp(fqn, "binder.use.service") )
@@ -488,7 +488,7 @@ bool BinderModule::end(const char* fqn, int idx, SnortConfig* sc)
 void BinderModule::add(const char* svc, const char* type)
 {
     binding.clear();
-    binding.when.parse_service(svc);
+    binding.when.svc = svc;
     binding.when.add_criteria(BindWhen::Criteria::BWC_SVC);
     binding.use.type = type;
     binding.use.name = type;
diff --git a/src/network_inspectors/binder/binder.cc b/src/network_inspectors/binder/binder.cc
index cab438ebc..5481d0215 100644
--- a/src/network_inspectors/binder/binder.cc
+++ b/src/network_inspectors/binder/binder.cc
@@ -201,7 +201,7 @@ static std::string to_string(const BindWhen& bw)
     }
 
     if (bw.has_criteria(BindWhen::Criteria::BWC_SVC))
-        when += " service = " + bw.get_service_list() + ",";
+        when += " service = " + bw.svc + ",";
 
     if (bw.has_criteria(BindWhen::Criteria::BWC_SPLIT_NETS))
     {
diff --git a/src/network_inspectors/binder/binding.cc b/src/network_inspectors/binder/binding.cc
index 9519343e4..bac7f5a0f 100644
--- a/src/network_inspectors/binder/binding.cc
+++ b/src/network_inspectors/binder/binding.cc
@@ -45,7 +45,7 @@ void Binding::clear()
     when.ips_id_user = 0;
     when.protos = PROTO_BIT__ANY_TYPE;
     when.role = BindWhen::BR_EITHER;
-    when.svc_list.clear();
+    when.svc.clear();
 
     if (when.src_nets)
     {
@@ -587,7 +587,7 @@ inline bool Binding::check_service(const Flow& flow) const
     if (!flow.service)
         return false;
 
-    return when.svc_list.find(flow.service) != when.svc_list.end();
+    return when.svc == flow.service;
 }
 
 inline bool Binding::check_service(const char* service) const
@@ -597,7 +597,7 @@ inline bool Binding::check_service(const char* service) const
     if (!when.has_criteria(BindWhen::Criteria::BWC_SVC))
         return false;
 
-    return when.svc_list.find(service) != when.svc_list.end();
+    return when.svc == service;
 }
 
 inline bool Binding::check_service() const
diff --git a/src/network_inspectors/binder/binding.h b/src/network_inspectors/binder/binding.h
index d96d4bd70..bc27133fb 100644
--- a/src/network_inspectors/binder/binding.h
+++ b/src/network_inspectors/binder/binding.h
@@ -21,7 +21,6 @@
 #define BINDING_H
 
 #include <string>
-#include <sstream>
 
 #include "main/policy.h"
 #include "sfip/sf_ipvar.h"
@@ -43,6 +42,7 @@ struct BindWhen
     unsigned ips_id_user;
     unsigned protos;
     Role role;
+    std::string svc;
 
     sfip_var_t* src_nets;
     sfip_var_t* dst_nets;
@@ -52,8 +52,6 @@ struct BindWhen
     PortBitSet src_ports;
     PortBitSet dst_ports;
 
-    std::unordered_set<std::string> svc_list;
-
     std::unordered_set<int32_t> src_intfs;
     std::unordered_set<int32_t> dst_intfs;
 
@@ -87,28 +85,6 @@ struct BindWhen
     { criteria_flags |= flags; }
     bool has_criteria(uint16_t flags) const
     { return (criteria_flags & flags) == flags; }
-
-    void parse_service(const std::string& service)
-    {
-        if (service.find(" ") == std::string::npos)
-        {
-            svc_list.emplace(service);
-            return;
-        }
-
-        std::string buf;
-        std::stringstream ss(service);
-        while(getline(ss, buf, ' '))
-            svc_list.emplace(buf);
-    }
-
-    std::string get_service_list() const
-    {
-        std::string res;
-        for(const auto& entry : svc_list)
-            res += entry;
-        return res;
-    }
 };
 
 struct BindUse