From: Shanmugam S (shanms) <shanms@cisco.com>
Date: Wed, 19 Jan 2022 06:02:17 +0000 (+0000)
Subject: Pull request #3190: Quic: Quic stream dependent changes
X-Git-Tag: 3.1.21.0~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=29c977986b9da33f3713dc571b6d637a0c8b35de;p=thirdparty%2Fsnort3.git

Pull request #3190: Quic: Quic stream dependent changes

Merge in SNORT/snort3 from ~KBHANDAN/snort3:quic to master

Squashed commit of the following:

commit 11114860690bc12e4fcfe410ce5406d207db08e2
Author: sunimukh <sunimukh@cisco.com>
Date:   Tue Nov 23 23:23:49 2021 +0530

    Quic: Quic stream dependent changes
---

diff --git a/src/helpers/CMakeLists.txt b/src/helpers/CMakeLists.txt
index 0743bbb70..33059c92f 100644
--- a/src/helpers/CMakeLists.txt
+++ b/src/helpers/CMakeLists.txt
@@ -18,13 +18,13 @@ set (HELPERS_INCLUDES
     literal_search.h
     scratch_allocator.h
     json_stream.h
+    bitop.h
 )
 
 add_library (helpers OBJECT
     ${HELPERS_INCLUDES}
     ${HYPER_SOURCES}
     base64_encoder.cc
-    bitop.h
     boyer_moore_search.cc
     buffer_data.cc
     chunk.cc
diff --git a/src/main/CMakeLists.txt b/src/main/CMakeLists.txt
index c26feb611..97746692d 100644
--- a/src/main/CMakeLists.txt
+++ b/src/main/CMakeLists.txt
@@ -1,5 +1,6 @@
 
 set (INCLUDES
+    analyzer.h
     analyzer_command.h
     policy.h
     reload_tracker.h
@@ -23,7 +24,6 @@ endif ( ENABLE_SHELL )
 
 add_library (main OBJECT
     analyzer.cc
-    analyzer.h
     analyzer_command.cc
     help.cc
     help.h
diff --git a/src/main/analyzer.h b/src/main/analyzer.h
index 18e00e3e0..e2d984763 100644
--- a/src/main/analyzer.h
+++ b/src/main/analyzer.h
@@ -32,6 +32,7 @@
 #include <queue>
 #include <string>
 
+#include "main/snort_types.h"
 #include "thread.h"
 
 class ContextSwitcher;
@@ -74,7 +75,7 @@ public:
         NUM_STATES
     };
 
-    static Analyzer* get_local_analyzer();
+    SO_PUBLIC static Analyzer* get_local_analyzer();
     static ContextSwitcher* get_switcher();
     static void set_main_hook(MainHook_f);
 
@@ -94,7 +95,7 @@ public:
 
     void post_process_packet(snort::Packet*);
     bool process_rebuilt_packet(snort::Packet*, const DAQ_PktHdr_t*, const uint8_t* pkt, uint32_t pktlen);
-    bool inspect_rebuilt(snort::Packet*);
+    SO_PUBLIC bool inspect_rebuilt(snort::Packet*);
     void finalize_daq_message(DAQ_Msg_h, DAQ_Verdict);
     void add_to_retry_queue(DAQ_Msg_h);
 
diff --git a/src/protocols/packet.h b/src/protocols/packet.h
index 3c9816ca0..34bf37128 100644
--- a/src/protocols/packet.h
+++ b/src/protocols/packet.h
@@ -97,6 +97,7 @@ enum PseudoPacketType
 {
     PSEUDO_PKT_IP,
     PSEUDO_PKT_TCP,
+    PSEUDO_PKT_UDP_QUIC,
     PSEUDO_PKT_USER,
     PSEUDO_PKT_DCE_SEG,
     PSEUDO_PKT_DCE_FRAG,
@@ -230,6 +231,9 @@ struct SO_PUBLIC Packet
     bool has_udp_data() const
     { return (proto_bits & PROTO_BIT__UDP) and data and dsize; }
 
+    bool has_udp_quic_data() const
+    { return (pseudo_type == PSEUDO_PKT_UDP_QUIC) and data and dsize; }
+
     /* Get general, non-boolean information */
     PktType type() const
     { return ptrs.get_pkt_type(); } // defined in codec.h
diff --git a/src/service_inspectors/dce_rpc/dce_smb_inspector.cc b/src/service_inspectors/dce_rpc/dce_smb_inspector.cc
index 76f192106..59db3f60c 100644
--- a/src/service_inspectors/dce_rpc/dce_smb_inspector.cc
+++ b/src/service_inspectors/dce_rpc/dce_smb_inspector.cc
@@ -65,7 +65,7 @@ void Dce2Smb::eval(Packet* p)
 
     Profile profile(dce2_smb_pstat_main);
 
-    assert(p->has_tcp_data());
+    assert(p->has_tcp_data() || p->has_udp_quic_data());
     assert(p->flow);
 
     Dce2SmbFlowData* smb_flowdata =
diff --git a/src/stream/paf.h b/src/stream/paf.h
index 685ea1e7d..c4da86f22 100644
--- a/src/stream/paf.h
+++ b/src/stream/paf.h
@@ -25,6 +25,7 @@
 #ifndef PAF_H
 #define PAF_H
 
+#include "main/snort_types.h"
 #include "main/thread.h"
 #include "profiler/profiler_defs.h"
 #include "stream/stream_splitter.h"
@@ -39,7 +40,7 @@ extern THREAD_LOCAL snort::ProfileStats pafPerfStats;
 void* paf_new(unsigned max);     // create new paf config (per policy)
 void paf_delete(void*);  // free config
 
-struct PAF_State     // per session direction
+struct SO_PUBLIC PAF_State     // per session direction
 {
     uint32_t seq;    // stream cursor
     uint32_t pos;    // last flush position
@@ -50,7 +51,7 @@ struct PAF_State     // per session direction
     snort::StreamSplitter::Status paf;  // current scan state
 };
 
-void paf_setup(PAF_State*);  // called at session start
+SO_PUBLIC void paf_setup(PAF_State*);  // called at session start
 void paf_reset(PAF_State*);  // called for do overs
 void paf_clear(PAF_State*);  // called at session end
 
@@ -59,7 +60,7 @@ inline uint32_t paf_position (PAF_State* ps)
     return ps->seq;
 }
 
-inline uint32_t paf_initialized (PAF_State* ps)
+SO_PUBLIC inline uint32_t paf_initialized (PAF_State* ps)
 {
     return ( ps->paf != snort::StreamSplitter::START );
 }
@@ -76,7 +77,7 @@ inline void paf_jump(PAF_State* ps, uint32_t n)
 }
 
 // called on each in order segment
-int32_t paf_check(snort::StreamSplitter* paf_config, PAF_State*, snort::Packet* p,
+SO_PUBLIC int32_t paf_check(snort::StreamSplitter* paf_config, PAF_State*, snort::Packet* p,
     const uint8_t* data, uint32_t len, uint32_t total, uint32_t seq, uint32_t* flags);
 
 #endif