From: Pierre Chifflier Date: Fri, 16 Mar 2018 06:50:12 +0000 (+0100) Subject: SMB: simplify code X-Git-Tag: suricata-4.1.0-beta1~38 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=576b8ef7227133d97cb3632f11d8e954a0166754;p=thirdparty%2Fsuricata.git SMB: simplify code --- diff --git a/rust/src/smb/auth.rs b/rust/src/smb/auth.rs index 8ec2b9bcab..4d9c898429 100644 --- a/rust/src/smb/auth.rs +++ b/rust/src/smb/auth.rs @@ -15,16 +15,16 @@ * 02110-1301, USA. */ -use smb::kerberos_parser::krb5_parser; +use smb::kerberos_parser::krb5_parser::parse_ap_req; use smb::kerberos_parser::krb5::{ApReq,Realm,PrincipalName}; use log::*; use smb::ntlmssp_records::*; use smb::smb::*; -use nom; -use nom::{IResult, ErrorKind}; +use nom::{IResult, ErrorKind, le_u16}; use der_parser; +use der_parser::parse_der_oid; #[derive(Debug,PartialEq)] pub struct Kerberos5Ticket { @@ -50,22 +50,17 @@ fn parse_kerberos5_request(blob: &[u8]) -> IResult<&[u8], ApReq> IResult::Incomplete(needed) => { return IResult::Incomplete(needed); }, IResult::Error(err) => { return IResult::Error(err); }, }; - let (rem, base_o) = match der_parser::parse_der_oid(blob) { - IResult::Done(rem, o) => (rem, o), - IResult::Incomplete(needed) => { return IResult::Incomplete(needed); }, - IResult::Error(err) => { return IResult::Error(err); }, - }; - SCLogDebug!("parse_kerberos5_request: base_o {:?}", base_o); - - // not DER encoded 2 byte length field - let (rem, tok_id) = match nom::le_u16(rem) { - IResult::Done(rem, o) => (rem, o), - IResult::Incomplete(needed) => { return IResult::Incomplete(needed); }, - IResult::Error(err) => { return IResult::Error(err); }, - }; - SCLogDebug!("parse_kerberos5_request: tok_id {}", tok_id); - - krb5_parser::parse_ap_req(rem) + do_parse!( + blob, + base_o: parse_der_oid >> + tok_id: le_u16 >> + ap_req: parse_ap_req >> + ({ + SCLogDebug!("parse_kerberos5_request: base_o {:?}", base_o.as_oid()); + SCLogDebug!("parse_kerberos5_request: tok_id {}", tok_id); + ap_req + }) + ) } diff --git a/rust/src/smb/log.rs b/rust/src/smb/log.rs index 12d2af9dd9..734b13e57a 100644 --- a/rust/src/smb/log.rs +++ b/rust/src/smb/log.rs @@ -42,12 +42,10 @@ fn fuid_to_string(fuid: &Vec) -> String { if fuid_len == 16 { guid_to_string(fuid) } else if fuid_len == 2 { - let o = format!("{:02x}{:02x}", fuid[1], fuid[0]); - o.to_string() + format!("{:02x}{:02x}", fuid[1], fuid[0]) } else if fuid_len == 6 { let pure_fid = &fuid[0..2]; - let o = format!("{:02x}{:02x}", pure_fid[1], pure_fid[0]); - o.to_string() + format!("{:02x}{:02x}", pure_fid[1], pure_fid[0]) } else { "".to_string() } @@ -76,13 +74,8 @@ fn smb_common_header(state: &SMBState, tx: &SMBTransaction) -> Json js.set_string("dialect", &dialect); } else { let dialect = match &state.dialect_vec { - &Some(ref d) => { - match str::from_utf8(&d) { - Ok(v) => v, - Err(_) => "invalid", - } - }, - &None => { "unknown" }, + &Some(ref d) => str::from_utf8(&d).unwrap_or("invalid"), + &None => "unknown", }; js.set_string("dialect", &dialect); } diff --git a/rust/src/smb/smb1_records.rs b/rust/src/smb/smb1_records.rs index baceac64e7..c4f9d395bd 100644 --- a/rust/src/smb/smb1_records.rs +++ b/rust/src/smb/smb1_records.rs @@ -31,13 +31,11 @@ fn smb_get_unicode_string_with_offset(i: &[u8], offset: usize) -> IResult<&[u8], /// take a string, unicode or ascii based on record pub fn smb1_get_string<'a>(i: &'a[u8], r: &SmbRecord, offset: usize) -> IResult<&'a[u8], Vec> { - do_parse!(i, - u: value!(r.has_unicode_support()) - >> s: switch!(value!(u), - true => apply!(smb_get_unicode_string_with_offset, offset) | - false => call!(smb_get_ascii_string)) - >> ( s ) - ) + if r.has_unicode_support() { + smb_get_unicode_string_with_offset(i, offset) + } else { + smb_get_ascii_string(i) + } } #[derive(Debug,PartialEq)]