From: Raza Shafiq (rshafiq) Date: Fri, 19 Jul 2024 20:12:00 +0000 (+0000) Subject: Pull request #4389: flow: added compile-time option to disable tenant_id X-Git-Tag: 3.3.2.0~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=67bf7c8b73412e54ce3f880c7c4c6b3dea560ba6;p=thirdparty%2Fsnort3.git Pull request #4389: flow: added compile-time option to disable tenant_id Merge in SNORT/snort3 from ~RSHAFIQ/snort3:notid to master Squashed commit of the following: commit 59cd8c9d982ced2cc170b3928c5c2a70eee1c40a Author: rshafiq Date: Mon Jul 1 14:08:38 2024 -0400 flow: added compile-time option to disable tenant_id --- diff --git a/cmake/configure_options.cmake b/cmake/configure_options.cmake index f3673f399..8b556cd08 100644 --- a/cmake/configure_options.cmake +++ b/cmake/configure_options.cmake @@ -22,6 +22,7 @@ set ( NO_PROFILER ${DISABLE_SNORT_PROFILER} ) set ( DEEP_PROFILING ${ENABLE_DEEP_PROFILING} ) set ( ENABLE_MEMORY_PROFILER ${ENABLE_MEMORY_PROFILER} ) set ( ENABLE_RULE_PROFILER ${ENABLE_RULE_PROFILER} ) +set ( DISABLE_TENANT_ID ${DISABLE_TENANT_ID} ) if ( ENABLE_LARGE_PCAP ) set ( _FILE_OFFSET_BITS 64 ) diff --git a/cmake/create_options.cmake b/cmake/create_options.cmake index f3c64b5cb..47fa31390 100644 --- a/cmake/create_options.cmake +++ b/cmake/create_options.cmake @@ -18,6 +18,7 @@ option ( ENABLE_STATIC_DAQ "link static DAQ modules" ON ) option ( ENABLE_SHELL "enable shell support" OFF ) option ( ENABLE_UNIT_TESTS "enable unit tests" OFF ) option ( ENABLE_BENCHMARK_TESTS "enable benchmark tests" OFF ) +option ( DISABLE_TENANT_ID "disable tenant ID in the FlowKey structure" OFF ) option ( ENABLE_COREFILES "Prevent Snort from generating core files" ON ) option ( ENABLE_LARGE_PCAP "Enable support for pcaps larger than 2 GB" OFF ) diff --git a/cmake/create_pkg_config.cmake b/cmake/create_pkg_config.cmake index 0d12b026f..300350cbd 100644 --- a/cmake/create_pkg_config.cmake +++ b/cmake/create_pkg_config.cmake @@ -20,6 +20,12 @@ if(ENABLE_MEMORY_PROFILER) set(MEMORY_PROFILER_CPPFLAGS "-DENABLE_MEMORY_PROFILER") endif() +if(DISABLE_TENANT_ID) + set (TENANT_ID_CPPFLAGS "-DDISABLE_TENANT_ID") + message(STATUS "Tenant ID support in FlowKey is disabled") +endif() + + if(ENABLE_RULE_PROFILER) set(RULE_PROFILER_CPPFLAGS "-DENABLE_RULE_PROFILER") endif() diff --git a/config.cmake.h.in b/config.cmake.h.in index 045bb0acd..1da3047b9 100644 --- a/config.cmake.h.in +++ b/config.cmake.h.in @@ -76,6 +76,9 @@ /* enable memory profiler */ #cmakedefine ENABLE_MEMORY_PROFILER 1 +/* disable tenant_id */ +#cmakedefine DISABLE_TENANT_ID 1 + /* enable rule profiler */ #cmakedefine ENABLE_RULE_PROFILER 1 diff --git a/configure_cmake.sh b/configure_cmake.sh index 9b312d6c5..8dc7023a6 100755 --- a/configure_cmake.sh +++ b/configure_cmake.sh @@ -68,6 +68,7 @@ Optional Features: --enable-jemalloc enable using jemalloc for dynamic memory management --enable-jemalloc-static same as --enable-jemalloc but linked statically + --disable-tenant-id disable tenant ID in the FlowKey --enable-luajit-static enable luajit linked statically --enable-appid-third-party enable third party appid @@ -348,6 +349,9 @@ while [ $# -ne 0 ]; do --disable-jemalloc-static) append_cache_entry ENABLE_JEMALLOC BOOL false ;; + --disable-tenant-id) + append_cache_entry DISABLE_TENANT_ID BOOL true + ;; --enable-appid-third-party) ;; --enable-unit-tests) diff --git a/snort.pc.in b/snort.pc.in index d390db817..10f02dcc7 100644 --- a/snort.pc.in +++ b/snort.pc.in @@ -28,5 +28,5 @@ Description: Snort 3.0 Project URL: www.snort.org Version: @VERSION@ Libs: -L${libdir}/snort -Cflags: -I${includedir}/snort @DEEP_PROFILING_CPPFLAGS@ @MEMORY_OVERLOADS_CPPFLAGS@ @MEMORY_PROFILER_CPPFLAGS@ @RULE_PROFILER_CPPFLAGS@ @NO_PROFILER_CPPFLAGS@ @TP_APPID_CPPFLAGS@ @TSC_CPPFLAGS@ +Cflags: -I${includedir}/snort @DEEP_PROFILING_CPPFLAGS@ @MEMORY_OVERLOADS_CPPFLAGS@ @MEMORY_PROFILER_CPPFLAGS@ @RULE_PROFILER_CPPFLAGS@ @NO_PROFILER_CPPFLAGS@ @TP_APPID_CPPFLAGS@ @TSC_CPPFLAGS@ @TENANT_ID_CPPFLAGS@ diff --git a/src/flow/expect_cache.cc b/src/flow/expect_cache.cc index 1c833b2b4..e4aa26ab9 100644 --- a/src/flow/expect_cache.cc +++ b/src/flow/expect_cache.cc @@ -339,7 +339,10 @@ int ExpectCache::add_flow(const Packet *ctrlPkt, PktType type, IpProtocol ip_pro // This code assumes that the expected session is in the opposite direction of the control session // when groups are significant bool reversed_key = key.init(ctrlPkt->context->conf, type, ip_proto, cliIP, cliPort, - srvIP, srvPort, vlanId, mplsId, ctrlPkt->pkth->address_space_id, ctrlPkt->pkth->tenant_id, + srvIP, srvPort, vlanId, mplsId, ctrlPkt->pkth->address_space_id, +#ifndef DISABLE_TENANT_ID + ctrlPkt->pkth->tenant_id, +#endif 0 != (ctrlPkt->pkth->flags & DAQ_PKT_FLAG_SIGNIFICANT_GROUPS), ctrlPkt->pkth->egress_group, ctrlPkt->pkth->ingress_group); bool new_node = false; diff --git a/src/flow/flow.cc b/src/flow/flow.cc index 8d72022cb..de7f2b078 100644 --- a/src/flow/flow.cc +++ b/src/flow/flow.cc @@ -285,7 +285,11 @@ void Flow::free_flow_data() { _daq_pkt_hdr pkthdr = {}; pkthdr.address_space_id = key->addressSpaceId; - pkthdr.tenant_id = tenant; +#ifndef DISABLE_TENANT_ID + pkthdr.tenant_id = key->tenant_id; +#else + pkthdr.tenant_id = 0; +#endif select_default_policy(pkthdr, sc); } } diff --git a/src/flow/flow.h b/src/flow/flow.h index 4fbb5508b..9f1e46452 100644 --- a/src/flow/flow.h +++ b/src/flow/flow.h @@ -479,7 +479,6 @@ public: // FIXIT-M privatize if possible unsigned inspection_policy_id = 0; unsigned ips_policy_id = 0; unsigned reload_id = 0; - uint32_t tenant = 0; uint32_t default_session_timeout = 0; uint32_t idle_timeout = 0; int32_t client_intf = 0; diff --git a/src/flow/flow_control.cc b/src/flow/flow_control.cc index 34f5a5012..0d83883dc 100644 --- a/src/flow/flow_control.cc +++ b/src/flow/flow_control.cc @@ -332,8 +332,6 @@ static void init_roles(Packet* p, Flow* flow) flow->server_group = p->pkth->egress_group; } - flow->tenant = p->pkth->tenant_id; - flow->flags.app_direction_swapped = false; if ( flow->ssn_state.direction == FROM_CLIENT ) p->packet_flags |= PKT_FROM_CLIENT; diff --git a/src/flow/flow_key.cc b/src/flow/flow_key.cc index ed5685ba9..20c2c3e5f 100644 --- a/src/flow/flow_key.cc +++ b/src/flow/flow_key.cc @@ -233,8 +233,11 @@ bool FlowKey::init( PktType type, IpProtocol ip_proto, const SfIp *srcIP, uint16_t srcPort, const SfIp *dstIP, uint16_t dstPort, - uint16_t vlanId, uint32_t mplsId, - uint32_t addrSpaceId, uint32_t tid, bool significant_groups, + uint16_t vlanId, uint32_t mplsId, uint32_t addrSpaceId, +#ifndef DISABLE_TENANT_ID + uint32_t tid, +#endif + bool significant_groups, int16_t ingress_group, int16_t egress_group) { bool reversed; @@ -258,7 +261,9 @@ bool FlowKey::init( pkt_type = type; ip_protocol = (uint8_t)ip_proto; +#ifndef DISABLE_TENANT_ID tenant_id = tid; +#endif init_vlan(sc, vlanId); init_address_space(sc, addrSpaceId); @@ -301,7 +306,9 @@ bool FlowKey::init( pkt_type = type; ip_protocol = (uint8_t)ip_proto; +#ifndef DISABLE_TENANT_ID tenant_id = pkt_hdr.tenant_id; +#endif init_vlan(sc, vlanId); init_address_space(sc, pkt_hdr.address_space_id); @@ -342,7 +349,9 @@ bool FlowKey::init( } pkt_type = type; +#ifndef DISABLE_TENANT_ID tenant_id = pkt_hdr.tenant_id; +#endif init_vlan(sc, vlanId); init_address_space(sc, pkt_hdr.address_space_id); @@ -387,6 +396,8 @@ unsigned FlowHashKeyOps::do_hash(const unsigned char* k, int) mix(a, b, c); a += d[9]; // addressSpaceId + +#ifndef DISABLE_TENANT_ID b += d[10]; // tenant_id c += d[11]; // port lo & port hi @@ -395,6 +406,15 @@ unsigned FlowHashKeyOps::do_hash(const unsigned char* k, int) a += d[12]; // group lo & group hi b += d[13]; // vlan & padding c += d[14]; // ip_protocol & pkt_type, version, flags +#else + b += d[10]; // port lo & port hi + c += d[11]; // group lo & group hi + + mix(a, b, c); + + b += d[12]; // vlan & padding + c += d[13]; // ip_protocol & pkt_type, version, flags +#endif finalize(a, b, c); diff --git a/src/flow/flow_key.h b/src/flow/flow_key.h index 6a78d205a..dd6383fd4 100644 --- a/src/flow/flow_key.h +++ b/src/flow/flow_key.h @@ -54,7 +54,9 @@ struct SO_PUBLIC FlowKey uint32_t ip_h[4]; /* High IP */ uint32_t mplsLabel; uint32_t addressSpaceId; - uint32_t tenant_id; +#ifndef DISABLE_TENANT_ID + uint32_t tenant_id; // included by default +#endif uint16_t port_l; /* Low Port - 0 if ICMP */ uint16_t port_h; /* High Port - 0 if ICMP */ int16_t group_l; @@ -78,7 +80,11 @@ struct SO_PUBLIC FlowKey const SnortConfig*, PktType, IpProtocol, const snort::SfIp *srcIP, uint16_t srcPort, const snort::SfIp *dstIP, uint16_t dstPort, - uint16_t vlanId, uint32_t mplsId, uint32_t addrSpaceId, uint32_t tid, bool significant_groups, + uint16_t vlanId, uint32_t mplsId, uint32_t addrSpaceId, +#ifndef DISABLE_TENANT_ID + uint32_t tid, +#endif + bool significant_groups, int16_t group_h = DAQ_PKTHDR_UNKNOWN, int16_t group_l = DAQ_PKTHDR_UNKNOWN); bool init( diff --git a/src/flow/ha.cc b/src/flow/ha.cc index b08541a11..f8a99131c 100644 --- a/src/flow/ha.cc +++ b/src/flow/ha.cc @@ -89,7 +89,13 @@ private: bool use_daq_channel; }; + +// Ensure to increment both versions simultaneously to maintain consistency +#ifndef DISABLE_TENANT_ID static constexpr uint8_t HA_MESSAGE_VERSION = 4; +#else +static constexpr uint8_t HA_MESSAGE_VERSION = 5; +#endif // define message size and content constants. static constexpr uint8_t KEY_SIZE_IP6 = sizeof(FlowKey); diff --git a/src/flow/test/flow_control_test.cc b/src/flow/test/flow_control_test.cc index 328f0edd0..a0037668d 100644 --- a/src/flow/test/flow_control_test.cc +++ b/src/flow/test/flow_control_test.cc @@ -98,7 +98,11 @@ bool FlowKey::init( const SfIp*, uint16_t, const SfIp*, uint16_t, uint16_t, uint32_t, - uint32_t, uint32_t, bool, int16_t, int16_t) + uint32_t, +#ifndef DISABLE_TENANT_ID + uint32_t, +#endif + bool, int16_t, int16_t) { return true; } diff --git a/src/flow/test/ha_test.cc b/src/flow/test/ha_test.cc index 07c9d9577..3eb21e125 100644 --- a/src/flow/test/ha_test.cc +++ b/src/flow/test/ha_test.cc @@ -44,7 +44,9 @@ static const FlowKey s_test_key = /* .ip_h = */ { 5, 6, 7, 8 }, /* .mplsLabel = */ 9, /* .addressSpaceId = */ 0, +#ifndef DISABLE_TENANT_ID /* .tenant_id = */ 0, +#endif /* .port_l = */ 10, /* .port_h = */ 11, /* .group_l = */ 0, @@ -66,7 +68,11 @@ static struct __attribute__((__packed__)) TestDeleteMessage { { HA_DELETE_EVENT, HA_MESSAGE_VERSION, +#ifndef DISABLE_TENANT_ID 65, +#else + 61, +#endif KEY_TYPE_IP6 }, s_test_key @@ -82,7 +88,11 @@ static struct __attribute__((__packed__)) TestUpdateMessage { { HA_UPDATE_EVENT, HA_MESSAGE_VERSION, +#ifndef DISABLE_TENANT_ID 77, +#else + 73, +#endif KEY_TYPE_IP6 }, s_test_key, diff --git a/src/loggers/unified2.cc b/src/loggers/unified2.cc index fd3596393..fbb9d3334 100644 --- a/src/loggers/unified2.cc +++ b/src/loggers/unified2.cc @@ -33,6 +33,7 @@ #include "detection/detection_engine.h" #include "events/event.h" +#include "flow/flow_key.h" #include "framework/logger.h" #include "framework/module.h" #include "log/messages.h" @@ -350,9 +351,13 @@ static void AlertExtraData( const IpsContext* c = DetectionEngine::get_context(); Obfuscator* obf = (c and c->packet) ? c->packet->obfuscator : nullptr; uint32_t tenant_id = 0; + +#ifndef DISABLE_TENANT_ID if (flow) - tenant_id = flow->tenant; - else if (c and c->packet) + tenant_id = flow->key->tenant_id; + else +#endif + if (c and c->packet) tenant_id = c->packet->pkth->tenant_id; while ( xid && (xid <= max_count) ) diff --git a/src/network_inspectors/appid/appid_debug.cc b/src/network_inspectors/appid/appid_debug.cc index f862ccf51..efaff36da 100644 --- a/src/network_inspectors/appid/appid_debug.cc +++ b/src/network_inspectors/appid/appid_debug.cc @@ -206,7 +206,12 @@ void AppIdDebug::activate(const Flow *flow, const AppIdSession* session, bool lo // two key->version here to create the proper debug_session string. activate(key->ip_l, key->ip_h, key->port_l, key->port_h, (IpProtocol)(key->ip_protocol), key->version, key->addressSpaceId, session, log_all_sessions, - key->tenant_id, key->group_l, key->group_h, key->flags.group_used); +#ifndef DISABLE_TENANT_ID + key->tenant_id, +#else + 0, +#endif + key->group_l, key->group_h, key->flags.group_used); } void AppIdDebug::set_constraints(const char *desc, diff --git a/src/network_inspectors/appid/appid_ha.cc b/src/network_inspectors/appid/appid_ha.cc index 4900cce4f..a61b77ed7 100644 --- a/src/network_inspectors/appid/appid_ha.cc +++ b/src/network_inspectors/appid/appid_ha.cc @@ -49,7 +49,12 @@ static AppIdSession* create_appid_session(Flow& flow, const FlowKey* key, AppIdSession* asd = new AppIdSession(static_cast(key->ip_protocol), flow.flags.client_initiated ? &flow.client_ip : &flow.server_ip, flow.flags.client_initiated ? flow.client_port : flow.server_port, inspector, - *pkt_thread_odp_ctxt, key->addressSpaceId, key->tenant_id); + *pkt_thread_odp_ctxt, key->addressSpaceId +#ifndef DISABLE_TENANT_ID + ,flow.key->tenant_id +#endif + ); + appid_log(CURRENT_PACKET, TRACE_DEBUG_LEVEL, "high-avail - New AppId session created in consume\n"); flow.set_flow_data(asd); diff --git a/src/network_inspectors/appid/appid_session.cc b/src/network_inspectors/appid/appid_session.cc index e5cf84dcc..26f60442f 100644 --- a/src/network_inspectors/appid/appid_session.cc +++ b/src/network_inspectors/appid/appid_session.cc @@ -116,7 +116,11 @@ AppIdSession* AppIdSession::allocate_session(const Packet* p, IpProtocol proto, port = (direction == APP_ID_FROM_INITIATOR) ? p->ptrs.sp : p->ptrs.dp; AppIdSession* asd = new AppIdSession(proto, ip, port, inspector, odp_context, - p->pkth->address_space_id, p->pkth->tenant_id); + p->pkth->address_space_id +#ifndef DISABLE_TENANT_ID + ,p->pkth->tenant_id +#endif + ); is_session_monitored(asd->flags, p, inspector); asd->flow = p->flow; asd->stats.first_packet_second = p->pkth->ts.tv_sec; @@ -126,9 +130,17 @@ AppIdSession* AppIdSession::allocate_session(const Packet* p, IpProtocol proto, } AppIdSession::AppIdSession(IpProtocol proto, const SfIp* ip, uint16_t port, - AppIdInspector& inspector, OdpContext& odp_ctxt, uint32_t asid, uint32_t tenant_id) + AppIdInspector& inspector, OdpContext& odp_ctxt, uint32_t asid +#ifndef DISABLE_TENANT_ID + ,uint32_t tenant_id +#endif + ) : FlowData(inspector_id, &inspector), config(inspector.get_ctxt().config), - initiator_port(port), tenant_id(tenant_id), asid(asid), protocol(proto), + initiator_port(port), +#ifndef DISABLE_TENANT_ID + tenant_id(tenant_id), +#endif + asid(asid), protocol(proto), api(*(new AppIdSessionApi(this, *ip))), odp_ctxt(odp_ctxt), odp_ctxt_version(odp_ctxt.get_version()), tp_appid_ctxt(pkt_thread_tp_appid_ctxt) @@ -235,7 +247,11 @@ AppIdSession* AppIdSession::create_future_session(const Packet* ctrlPkt, const S // FIXIT-RC - port parameter passed in as 0 since we may not know client port, verify AppIdSession* asd = new AppIdSession(proto, cliIp, 0, *inspector, odp_ctxt, - ctrlPkt->pkth->address_space_id, ctrlPkt->pkth->tenant_id); + ctrlPkt->pkth->address_space_id +#ifndef DISABLE_TENANT_ID + ,ctrlPkt->pkth->tenant_id +#endif + ); is_session_monitored(asd->flags, ctrlPkt, *inspector); if (Stream::set_snort_protocol_id_expected(ctrlPkt, type, proto, cliIp, diff --git a/src/network_inspectors/appid/appid_session.h b/src/network_inspectors/appid/appid_session.h index fe6e2fd11..867e99ca9 100644 --- a/src/network_inspectors/appid/appid_session.h +++ b/src/network_inspectors/appid/appid_session.h @@ -259,7 +259,11 @@ class AppIdSession : public snort::FlowData { public: AppIdSession(IpProtocol, const snort::SfIp*, uint16_t port, AppIdInspector&, - OdpContext&, uint32_t asid, uint32_t tenant_id); + OdpContext&, uint32_t asid +#ifndef DISABLE_TENANT_ID + ,uint32_t tenant_id +#endif + ); ~AppIdSession() override; static AppIdSession* allocate_session(const snort::Packet*, IpProtocol, @@ -274,7 +278,9 @@ public: std::unordered_map flow_data; uint64_t flags = 0; uint16_t initiator_port = 0; +#ifndef DISABLE_TENANT_ID uint32_t tenant_id = 0; +#endif uint32_t asid = 0; uint16_t session_packet_count = 0; diff --git a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h index b765143eb..e7054d14e 100644 --- a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h +++ b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h @@ -20,6 +20,10 @@ #ifndef DETECTOR_PLUGINS_MOCK_H #define DETECTOR_PLUGINS_MOCK_H +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + #include "log/messages.h" #include "utils/stats.h" @@ -153,7 +157,11 @@ AppIdConfig stub_config; AppIdContext stub_ctxt(stub_config); OdpContext stub_odp_ctxt(stub_config, nullptr); AppIdSession::AppIdSession(IpProtocol, const SfIp* ip, uint16_t, AppIdInspector& inspector, - OdpContext& odpctxt, uint32_t, uint32_t) : snort::FlowData(inspector_id, (snort::Inspector*)&inspector), + OdpContext& odpctxt, uint32_t +#ifndef DISABLE_TENANT_ID + ,uint32_t +#endif + ) : snort::FlowData(inspector_id, (snort::Inspector*)&inspector), config(stub_config), api(*(new AppIdSessionApi(this, *ip))), odp_ctxt(odpctxt) { this->set_session_flags(APPID_SESSION_DISCOVER_APP); diff --git a/src/network_inspectors/appid/detector_plugins/test/detector_sip_test.cc b/src/network_inspectors/appid/detector_plugins/test/detector_sip_test.cc index f916e9922..4fea16b12 100644 --- a/src/network_inspectors/appid/detector_plugins/test/detector_sip_test.cc +++ b/src/network_inspectors/appid/detector_plugins/test/detector_sip_test.cc @@ -130,7 +130,11 @@ void SipPatternMatchers::finalize_patterns(OdpContext&) AppIdSession* AppIdSession::allocate_session(snort::Packet const*, IpProtocol, AppidSessionDirection, AppIdInspector&, OdpContext& odp_ctxt) { - session = new AppIdSession(IpProtocol::IP, &sfip, 0, appid_inspector, odp_ctxt, 0, 0); + session = new AppIdSession(IpProtocol::IP, &sfip, 0, appid_inspector, odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 // tenant_id +#endif + ); return session; } diff --git a/src/network_inspectors/appid/detector_plugins/test/http_url_patterns_test.cc b/src/network_inspectors/appid/detector_plugins/test/http_url_patterns_test.cc index 8a600e13d..1eb926e8a 100644 --- a/src/network_inspectors/appid/detector_plugins/test/http_url_patterns_test.cc +++ b/src/network_inspectors/appid/detector_plugins/test/http_url_patterns_test.cc @@ -43,7 +43,11 @@ static Packet pkt; static SfIp sfip; static AppIdModule appid_mod; static AppIdInspector appid_inspector(appid_mod); -static AppIdSession session(IpProtocol::IP, &sfip, 0, appid_inspector, odpctxt, 0, 0); +static AppIdSession session(IpProtocol::IP, &sfip, 0, appid_inspector, odpctxt, 0 +#ifndef DISABLE_TENANT_ID +,0 +#endif +); static AppIdHttpSession mock_hsession(session, 0); static ChpMatchDescriptor cmd_test; static MatchedCHPAction mchp; diff --git a/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h b/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h index a76a6a976..e8e62dd97 100644 --- a/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h +++ b/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h @@ -23,6 +23,10 @@ #include "appid_module.h" #include "appid_peg_counts.h" +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + #define APPID_UT_ID 1492 namespace snort @@ -162,7 +166,11 @@ AppIdContext stub_ctxt(stub_config); static OdpContext stub_odp_ctxt(stub_config, nullptr); OdpContext* AppIdContext::odp_ctxt = &stub_odp_ctxt; AppIdSession::AppIdSession(IpProtocol, const SfIp* ip, uint16_t, AppIdInspector& inspector, - OdpContext&, uint16_t) : snort::FlowData(inspector_id, (snort::Inspector*)&inspector), + OdpContext& +#ifndef DISABLE_TENANT_ID + ,uint16_t +#endif + ) : snort::FlowData(inspector_id, (snort::Inspector*)&inspector), config(stub_config), api(*(new AppIdSessionApi(this, *ip))), odp_ctxt(stub_odp_ctxt) { } AppIdSession::~AppIdSession() = default; DiscoveryFilter::~DiscoveryFilter(){} diff --git a/src/network_inspectors/appid/test/appid_api_test.cc b/src/network_inspectors/appid/test/appid_api_test.cc index 31e8a4b1f..8bd858870 100644 --- a/src/network_inspectors/appid/test/appid_api_test.cc +++ b/src/network_inspectors/appid/test/appid_api_test.cc @@ -222,7 +222,11 @@ TEST_GROUP(appid_api) mock_init_appid_pegs(); SfIp ip; mock_session = new AppIdSession(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, - dummy_appid_inspector.get_ctxt().get_odp_ctxt(), 0, 0); + dummy_appid_inspector.get_ctxt().get_odp_ctxt(), 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); pkt_thread_odp_ctxt = &mock_session->get_odp_ctxt(); flow = new Flow; flow->set_flow_data(mock_session); diff --git a/src/network_inspectors/appid/test/appid_debug_test.cc b/src/network_inspectors/appid/test/appid_debug_test.cc index 3275eb06d..076391513 100644 --- a/src/network_inspectors/appid/test/appid_debug_test.cc +++ b/src/network_inspectors/appid/test/appid_debug_test.cc @@ -75,7 +75,11 @@ AppIdConfig stub_config; AppIdContext stub_ctxt(stub_config); OdpContext stub_odp_ctxt(stub_config, nullptr); AppIdSession::AppIdSession(IpProtocol, const SfIp* ip, uint16_t, AppIdInspector&, - OdpContext&, uint32_t, uint32_t) : FlowData(0), config(stub_config), + OdpContext&, uint32_t +#ifndef DISABLE_TENANT_ID + ,uint32_t +#endif + ) : FlowData(0), config(stub_config), api(*(new AppIdSessionApi(this, *ip))), odp_ctxt(stub_odp_ctxt) { } AppIdSession::~AppIdSession() = default; @@ -131,7 +135,11 @@ TEST(appid_debug, basic_test) sip.set("10.1.2.3"); SfIp dip; AppIdInspector inspector; - AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // This packet... dip.set("10.9.8.7"); uint16_t sport = 48620; @@ -165,7 +173,11 @@ TEST(appid_debug, reverse_direction_activate_test) SfIp dip; dip.set("10.1.2.3"); AppIdInspector inspector; - AppIdSession session(IpProtocol::PROTO_NOT_SET, &dip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession session(IpProtocol::PROTO_NOT_SET, &dip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // This packet... sip.set("10.9.8.7"); // this would be a reply back uint16_t sport = 80; @@ -201,7 +213,11 @@ TEST(appid_debug, ipv6_test) sip.set("2001:db8:85a3::8a2e:370:7334"); // IPv6 SfIp dip; AppIdInspector inspector; - AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // This packet... dip.set("2001:db8:85a3::8a2e:370:7335"); uint16_t sport = 1234; @@ -237,7 +253,11 @@ TEST(appid_debug, no_initiator_port_test) sip.set("10.1.2.3"); SfIp dip; AppIdInspector inspector; - AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // This packet... dip.set("10.9.8.7"); uint16_t sport = 48620; @@ -271,7 +291,11 @@ TEST(appid_debug, no_initiator_port_reversed_test) SfIp dip; dip.set("10.1.2.3"); AppIdInspector inspector; - AppIdSession session(IpProtocol::PROTO_NOT_SET, &dip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession session(IpProtocol::PROTO_NOT_SET, &dip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // This packet... sip.set("10.9.8.7"); uint16_t sport = 80; @@ -340,7 +364,11 @@ TEST(appid_debug, no_match_test) sip.set("10.1.2.3"); SfIp dip; AppIdInspector inspector; - AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // This packet... dip.set("10.9.8.7"); uint16_t sport = 48620; @@ -370,7 +398,11 @@ TEST(appid_debug, all_constraints_test) sip.set("10.1.2.3"); SfIp dip; AppIdInspector inspector; - AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // This packet... dip.set("10.9.8.7"); uint16_t sport = 48620; @@ -404,7 +436,11 @@ TEST(appid_debug, just_proto_test) sip.set("10.1.2.3"); SfIp dip; AppIdInspector inspector; - AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // This packet... dip.set("10.9.8.7"); uint16_t sport = 48620; @@ -438,7 +474,11 @@ TEST(appid_debug, just_ip_test) sip.set("10.1.2.3"); SfIp dip; AppIdInspector inspector; - AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // This packet... dip.set("10.9.8.7"); uint16_t sport = 48620; @@ -472,7 +512,11 @@ TEST(appid_debug, just_port_test) sip.set("10.1.2.3"); SfIp dip; AppIdInspector inspector; - AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // This packet... dip.set("10.9.8.7"); uint16_t sport = 48620; diff --git a/src/network_inspectors/appid/test/appid_detector_test.cc b/src/network_inspectors/appid/test/appid_detector_test.cc index b97b99781..0066da0b2 100644 --- a/src/network_inspectors/appid/test/appid_detector_test.cc +++ b/src/network_inspectors/appid/test/appid_detector_test.cc @@ -71,7 +71,11 @@ TEST_GROUP(appid_detector_tests) { SfIp ip; mock_session = new AppIdSession(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, - dummy_appid_inspector.get_ctxt().get_odp_ctxt(), 0, 0); + dummy_appid_inspector.get_ctxt().get_odp_ctxt(), 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); flow = new Flow; flow->set_flow_data(mock_session); } diff --git a/src/network_inspectors/appid/test/appid_discovery_test.cc b/src/network_inspectors/appid/test/appid_discovery_test.cc index f6f7fbeb1..4e8e577b6 100644 --- a/src/network_inspectors/appid/test/appid_discovery_test.cc +++ b/src/network_inspectors/appid/test/appid_discovery_test.cc @@ -396,7 +396,11 @@ TEST(appid_discovery_tests, event_published_when_ignoring_flow) AppIdModule app_module; AppIdInspector ins(app_module); AppIdContext& app_ctxt = ins.get_ctxt(); - AppIdSession* asd = new AppIdSession(IpProtocol::TCP, &ip, 21, ins, app_ctxt.get_odp_ctxt(), 0, 0); + AppIdSession* asd = new AppIdSession(IpProtocol::TCP, &ip, 21, ins, app_ctxt.get_odp_ctxt(), 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); asd->flags |= APPID_SESSION_SPECIAL_MONITORED | APPID_SESSION_DISCOVER_USER | APPID_SESSION_DISCOVER_APP; Flow* flow = new Flow; @@ -432,7 +436,11 @@ TEST(appid_discovery_tests, event_published_when_processing_flow) AppIdModule app_module; AppIdInspector ins(app_module); AppIdContext& app_ctxt = ins.get_ctxt(); - AppIdSession* asd = new AppIdSession(IpProtocol::TCP, &ip, 21, ins, app_ctxt.get_odp_ctxt(), 0, 0); + AppIdSession* asd = new AppIdSession(IpProtocol::TCP, &ip, 21, ins, app_ctxt.get_odp_ctxt(), 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); asd->flags |= APPID_SESSION_SPECIAL_MONITORED | APPID_SESSION_DISCOVER_USER | APPID_SESSION_DISCOVER_APP; Flow* flow = new Flow; @@ -458,7 +466,11 @@ TEST(appid_discovery_tests, change_bits_for_client_version) AppIdInspector ins(app_module); SfIp ip; AppIdContext app_ctxt(app_config); - AppIdSession* asd = new AppIdSession(IpProtocol::TCP, &ip, 21, ins, app_ctxt.get_odp_ctxt(), 0, 0); + AppIdSession* asd = new AppIdSession(IpProtocol::TCP, &ip, 21, ins, app_ctxt.get_odp_ctxt(), 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); const char* version = "3.0"; asd->set_client_version(version, change_bits); @@ -494,7 +506,11 @@ TEST(appid_discovery_tests, change_bits_for_non_http_appid) AppIdModule app_module; AppIdInspector ins(app_module); AppIdContext& app_ctxt = ins.get_ctxt(); - AppIdSession* asd = new AppIdSession(IpProtocol::TCP, &ip, 21, ins, app_ctxt.get_odp_ctxt(), 0, 0); + AppIdSession* asd = new AppIdSession(IpProtocol::TCP, &ip, 21, ins, app_ctxt.get_odp_ctxt(), 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); asd->flags |= APPID_SESSION_SPECIAL_MONITORED | APPID_SESSION_DISCOVER_USER | APPID_SESSION_DISCOVER_APP; Flow* flow = new Flow; diff --git a/src/network_inspectors/appid/test/appid_eve_process_event_handler_test.cc b/src/network_inspectors/appid/test/appid_eve_process_event_handler_test.cc index e345a7679..4edbf3f0e 100644 --- a/src/network_inspectors/appid/test/appid_eve_process_event_handler_test.cc +++ b/src/network_inspectors/appid/test/appid_eve_process_event_handler_test.cc @@ -119,7 +119,11 @@ TEST_GROUP(appid_eve_process_event_handler_tests) void setup() override { SfIp ip; - session = new AppIdSession(IpProtocol::TCP, &ip, 0, dummy_appid_inspector, stub_odp_ctxt, 0, 0); + session = new AppIdSession(IpProtocol::TCP, &ip, 0, dummy_appid_inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); pkt_thread_odp_ctxt = &stub_odp_ctxt; appidDebug = new AppIdDebug(); appidDebug->activate(nullptr, nullptr, false); diff --git a/src/network_inspectors/appid/test/appid_http_event_test.cc b/src/network_inspectors/appid/test/appid_http_event_test.cc index eb2d98e2f..91f06c112 100644 --- a/src/network_inspectors/appid/test/appid_http_event_test.cc +++ b/src/network_inspectors/appid/test/appid_http_event_test.cc @@ -294,7 +294,11 @@ TEST_GROUP(appid_http_event) { flow = new Flow; SfIp ip; - mock_session = new AppIdSession(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, stub_odp_ctxt, 0, 0); + mock_session = new AppIdSession(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); pkt_thread_odp_ctxt = &mock_session->get_odp_ctxt(); mock_session->create_http_session(); flow->set_flow_data(mock_session); diff --git a/src/network_inspectors/appid/test/appid_http_session_test.cc b/src/network_inspectors/appid/test/appid_http_session_test.cc index ff64eb9ce..e18290971 100644 --- a/src/network_inspectors/appid/test/appid_http_session_test.cc +++ b/src/network_inspectors/appid/test/appid_http_session_test.cc @@ -117,7 +117,11 @@ static Flow flow; // AppIdSession mock functions AppIdSession::AppIdSession(IpProtocol, const SfIp* ip, uint16_t, AppIdInspector& inspector, - OdpContext&, uint32_t, uint32_t) : FlowData(inspector_id, &inspector), config(stub_config), + OdpContext&, uint32_t +#ifndef DISABLE_TENANT_ID + ,uint32_t +#endif + ) : FlowData(inspector_id, &inspector), config(stub_config), api(*(new AppIdSessionApi(this, *ip))), odp_ctxt(stub_odp_ctxt) {} @@ -190,7 +194,11 @@ TEST_GROUP(appid_http_session) void setup() override { SfIp sfip; - session = new AppIdSession(IpProtocol::IP, &sfip, 0, dummy_appid_inspector, stub_odp_ctxt, 0, 0); + session = new AppIdSession(IpProtocol::IP, &sfip, 0, dummy_appid_inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); session->flow = &flow; mock_hsession = new AppIdHttpSession(*session, 0); appidDebug = new AppIdDebug(); diff --git a/src/network_inspectors/appid/test/appid_mock_session.h b/src/network_inspectors/appid/test/appid_mock_session.h index f65bd5bc6..40b648383 100644 --- a/src/network_inspectors/appid/test/appid_mock_session.h +++ b/src/network_inspectors/appid/test/appid_mock_session.h @@ -21,6 +21,10 @@ #ifndef APPID_MOCK_SESSION_H #define APPID_MOCK_SESSION_H +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + #include "flow/ha.h" #include "appid_dns_session.h" @@ -80,7 +84,11 @@ static AppIdConfig stub_config; static OdpContext stub_odp_ctxt(stub_config, nullptr); OdpContext* AppIdContext::odp_ctxt = &stub_odp_ctxt; AppIdSession::AppIdSession(IpProtocol proto, const SfIp* ip, uint16_t, AppIdInspector& inspector, - OdpContext&, uint32_t, uint32_t) : FlowData(inspector_id, &inspector), config(stub_config), + OdpContext&, uint32_t +#ifndef DISABLE_TENANT_ID + ,uint32_t +#endif + ) : FlowData(inspector_id, &inspector), config(stub_config), protocol(proto), api(*(new AppIdSessionApi(this, *ip))), odp_ctxt(stub_odp_ctxt) { this->set_session_flags(APPID_SESSION_DISCOVER_APP | APPID_SESSION_SPECIAL_MONITORED); diff --git a/src/network_inspectors/appid/test/appid_session_api_test.cc b/src/network_inspectors/appid/test/appid_session_api_test.cc index 5ada0ec6f..2a54ff1c1 100644 --- a/src/network_inspectors/appid/test/appid_session_api_test.cc +++ b/src/network_inspectors/appid/test/appid_session_api_test.cc @@ -74,7 +74,11 @@ TEST_GROUP(appid_session_api) AppidChangeBits change_bits; SfIp ip{}; - mock_session = new AppIdSession(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0, 0); + mock_session = new AppIdSession(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); mock_session->flow = &flow; pkt_thread_odp_ctxt = &mock_session->get_odp_ctxt(); mock_session->set_ss_application_ids(APPID_UT_ID, APPID_UT_ID, APPID_UT_ID, @@ -117,7 +121,11 @@ TEST(appid_session_api, get_client_app_id) TEST(appid_session_api, get_client_app_id_with_eve_for_http2) { SfIp ip{}; - AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0, 0); + AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); asd.flow = &flow; AppidChangeBits change_bits; asd.set_ss_application_ids(APP_ID_HTTP2, APPID_UT_ID, APPID_UT_ID, APPID_UT_ID, APPID_UT_ID, change_bits); @@ -167,7 +175,11 @@ TEST(appid_session_api, get_referred_app_id) TEST(appid_session_api, get_app_id) { SfIp ip{}; - AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0, 0); + AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); asd.flow = &flow; AppidChangeBits change_bits; asd.set_application_ids_service(APP_ID_HTTP2, change_bits); @@ -196,7 +208,11 @@ TEST(appid_session_api, get_app_id) TEST(appid_session_api, get_app_id_with_eve_for_http2) { SfIp ip{}; - AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0, 0); + AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); asd.flow = &flow; AppidChangeBits change_bits; asd.set_application_ids_service(APP_ID_HTTP2, change_bits); @@ -289,7 +305,11 @@ TEST(appid_session_api, get_app_id_with_eve_for_http2) TEST(appid_session_api, get_first_stream_appids_for_http2) { SfIp ip{}; - AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0, 0); + AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); asd.flow = &flow; AppidChangeBits change_bits; asd.set_application_ids_service(APP_ID_HTTP2, change_bits); @@ -437,7 +457,11 @@ TEST(appid_session_api, get_client_info) TEST(appid_session_api, get_client_info_http2) { SfIp ip{}; - AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0, 0); + AppIdSession asd(IpProtocol::TCP, &ip, 1492, dummy_appid_inspector, odpctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); asd.flow = &flow; AppidChangeBits change_bits; asd.set_ss_application_ids(APP_ID_HTTP2, APPID_UT_ID + 1, APPID_UT_ID, APPID_UT_ID, APPID_UT_ID, change_bits); diff --git a/src/network_inspectors/appid/test/service_state_test.cc b/src/network_inspectors/appid/test/service_state_test.cc index 658f03f6f..6b1bcd843 100644 --- a/src/network_inspectors/appid/test/service_state_test.cc +++ b/src/network_inspectors/appid/test/service_state_test.cc @@ -108,7 +108,11 @@ AppIdConfig stub_config; AppIdContext stub_ctxt(stub_config); OdpContext stub_odp_ctxt(stub_config, nullptr); AppIdSession::AppIdSession(IpProtocol, const SfIp* ip, uint16_t, AppIdInspector&, - OdpContext&, uint32_t, uint32_t) : FlowData(0), config(stub_config), + OdpContext&, uint32_t +#ifndef DISABLE_TENANT_ID + ,uint32_t +#endif + ) : FlowData(0), config(stub_config), api(*(new AppIdSessionApi(this, *ip))), odp_ctxt(stub_odp_ctxt) { } AppIdSession::~AppIdSession() = default; AppIdDiscovery::~AppIdDiscovery() = default; @@ -195,7 +199,11 @@ TEST(service_state_tests, set_service_id_failed) AppIdInspector inspector; SfIp client_ip; client_ip.set("1.2.3.4"); - AppIdSession asd(IpProtocol::PROTO_NOT_SET, &client_ip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession asd(IpProtocol::PROTO_NOT_SET, &client_ip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // Testing 3+ failures to exceed STATE_ID_NEEDED_DUPE_DETRACT_COUNT with valid_count = 0 sds.set_state(ServiceState::VALID); @@ -215,7 +223,11 @@ TEST(service_state_tests, set_service_id_failed_with_valid) AppIdInspector inspector; SfIp client_ip; client_ip.set("1.2.3.4"); - AppIdSession asd(IpProtocol::PROTO_NOT_SET, &client_ip, 0, inspector, stub_odp_ctxt, 0, 0); + AppIdSession asd(IpProtocol::PROTO_NOT_SET, &client_ip, 0, inspector, stub_odp_ctxt, 0 +#ifndef DISABLE_TENANT_ID + ,0 +#endif + ); // Testing 3+ failures to exceed STATE_ID_NEEDED_DUPE_DETRACT_COUNT with valid_count > 1 sds.set_state(ServiceState::VALID); diff --git a/src/network_inspectors/binder/binding.cc b/src/network_inspectors/binder/binding.cc index 2b548007f..bac7f5a0f 100644 --- a/src/network_inspectors/binder/binding.cc +++ b/src/network_inspectors/binder/binding.cc @@ -564,7 +564,11 @@ inline bool Binding::check_tenant(const Flow& flow) const if (!when.has_criteria(BindWhen::Criteria::BWC_TENANTS)) return true; - return when.tenants.count(flow.tenant) != 0; +#ifndef DISABLE_TENANT_ID + return when.tenants.count(flow.key->tenant_id) != 0; +#else + return when.tenants.count(0) != 0; +#endif } inline bool Binding::check_tenant(const Packet* p) const diff --git a/src/network_inspectors/extractor/extractor_http_event_handler.cc b/src/network_inspectors/extractor/extractor_http_event_handler.cc index 4b3e27111..22d8232f6 100644 --- a/src/network_inspectors/extractor/extractor_http_event_handler.cc +++ b/src/network_inspectors/extractor/extractor_http_event_handler.cc @@ -24,6 +24,7 @@ #include "extractor_event_handlers.h" #include "detection/detection_engine.h" +#include "flow/flow_key.h" #include "framework/value.h" #include "profiler/profiler.h" #include "pub_sub/http_transaction_end_event.h" @@ -210,8 +211,15 @@ void HttpExtractorEventHandler::handle(DataEvent& event, Flow* flow) { // cppcheck-suppress unreadVariable Profile profile(extractor_perf_stats); + uint32_t tid; - if (tenant_id != flow->tenant) +#ifndef DISABLE_TENANT_ID + tid = flow->key->tenant_id; +#else + tid = 0; +#endif + + if (tenant_id != tid) return; Packet* p = DetectionEngine::get_current_packet(); diff --git a/src/packet_io/packet_constraints.cc b/src/packet_io/packet_constraints.cc index 7fd2e29c9..0e3a9757a 100644 --- a/src/packet_io/packet_constraints.cc +++ b/src/packet_io/packet_constraints.cc @@ -26,6 +26,7 @@ #include #include +#include "flow/flow_key.h" #include "protocols/packet.h" namespace { @@ -127,7 +128,12 @@ bool PacketConstraints::flow_match(const Flow& f) const return false; return match_constraints(*this, f.client_ip, f.server_ip, f.client_port, - f.server_port, f.tenant); + f.server_port, +#ifndef DISABLE_TENANT_ID + f.key->tenant_id); +#else + 0); +#endif } #ifdef UNIT_TEST diff --git a/src/service_inspectors/dce_rpc/dce_smb2.h b/src/service_inspectors/dce_rpc/dce_smb2.h index fa3108cfb..7458253ca 100644 --- a/src/service_inspectors/dce_rpc/dce_smb2.h +++ b/src/service_inspectors/dce_rpc/dce_smb2.h @@ -22,6 +22,10 @@ #ifndef DCE_SMB2_H #define DCE_SMB2_H +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + #include "dce_db.h" #include "dce_smb.h" #include "hash/lru_cache_shared.h" @@ -237,8 +241,10 @@ struct Smb2SidHashKey uint16_t vlan_tag = 0; uint16_t dport = 0; uint64_t sid = 0; +#ifndef DISABLE_TENANT_ID uint32_t tenant_id = 0; uint32_t padding2 = 0; // NOTE: If this changes, change do_hash too +#endif bool operator==(const Smb2SidHashKey& other) const { @@ -256,8 +262,11 @@ struct Smb2SidHashKey addressSpaceId == other.addressSpaceId and vlan_tag == other.vlan_tag and sid == other.sid and - dport == other.dport and - tenant_id == other.tenant_id ); + dport == other.dport +#ifndef DISABLE_TENANT_ID + and tenant_id == other.tenant_id +#endif + ); } }; PADDING_GUARD_END @@ -305,8 +314,9 @@ private: a += d[12]; // sid[0] b += d[13]; // sid[1] +#ifndef DISABLE_TENANT_ID c += d[14]; // tenant_id - +#endif // padding2 is ignored. finalize(a, b, c); diff --git a/src/service_inspectors/dce_rpc/dce_smb2_utils.cc b/src/service_inspectors/dce_rpc/dce_smb2_utils.cc index 10ef2ba8d..29f3023ab 100644 --- a/src/service_inspectors/dce_rpc/dce_smb2_utils.cc +++ b/src/service_inspectors/dce_rpc/dce_smb2_utils.cc @@ -49,7 +49,9 @@ Smb2SidHashKey get_key(uint64_t sid) key.addressSpaceId = flow->key->addressSpaceId; key.vlan_tag = flow->key->vlan_tag; key.sid = sid; +#ifndef DISABLE_TENANT_ID key.tenant_id = flow->key->tenant_id; +#endif } return key; } diff --git a/src/stream/icmp/icmp_session.cc b/src/stream/icmp/icmp_session.cc index dc7fbc318..15f74c990 100644 --- a/src/stream/icmp/icmp_session.cc +++ b/src/stream/icmp/icmp_session.cc @@ -151,8 +151,9 @@ static int ProcessIcmpUnreach(Packet* p) skey.padding = skey.flags.padding_bits = 0; skey.flags.group_used = p->is_inter_group_flow(); skey.init_groups(p->pkth->ingress_group, p->pkth->egress_group, reversed); +#ifndef DISABLE_TENANT_ID skey.tenant_id = p->pkth->tenant_id; - +#endif switch (p->type()) { case PktType::TCP: diff --git a/src/stream/stream.cc b/src/stream/stream.cc index 8a4aaf48a..cd20d669a 100644 --- a/src/stream/stream.cc +++ b/src/stream/stream.cc @@ -93,14 +93,20 @@ Flow* Stream::get_flow( const SfIp* srcIP, uint16_t srcPort, const SfIp* dstIP, uint16_t dstPort, uint16_t vlan, uint32_t mplsId, uint32_t addressSpaceId, - uint32_t tenant_id, bool significant_groups, +#ifndef DISABLE_TENANT_ID + uint32_t tenant_id, +#endif + bool significant_groups, int16_t ingress_group, int16_t egress_group) { FlowKey key; const SnortConfig* sc = SnortConfig::get_conf(); - key.init(sc, type, proto, srcIP, srcPort, dstIP, dstPort, vlan, mplsId, - addressSpaceId, tenant_id, significant_groups, ingress_group, egress_group); + key.init(sc, type, proto, srcIP, srcPort, dstIP, dstPort, vlan, mplsId, addressSpaceId, +#ifndef DISABLE_TENANT_ID + tenant_id, +#endif + significant_groups, ingress_group, egress_group); return get_flow(&key); } diff --git a/src/stream/stream.h b/src/stream/stream.h index 53023fc41..02c8b57b4 100644 --- a/src/stream/stream.h +++ b/src/stream/stream.h @@ -202,7 +202,10 @@ public: PktType type, IpProtocol proto, const snort::SfIp* a1, uint16_t p1, const snort::SfIp* a2, uint16_t p2, uint16_t vlanId, uint32_t mplsId, uint32_t addrSpaceId, - uint32_t tenant_id, bool significant_groups, int16_t ingress_group = DAQ_PKTHDR_UNKNOWN, +#ifndef DISABLE_TENANT_ID + uint32_t tenant_id, +#endif + bool significant_groups, int16_t ingress_group = DAQ_PKTHDR_UNKNOWN, int16_t egress_group = DAQ_PKTHDR_UNKNOWN); static Flow* get_flow( diff --git a/src/stream/tcp/tcp_normalizers.cc b/src/stream/tcp/tcp_normalizers.cc index 7b0f306a4..fafe0a6ef 100644 --- a/src/stream/tcp/tcp_normalizers.cc +++ b/src/stream/tcp/tcp_normalizers.cc @@ -506,6 +506,8 @@ bool TcpNormalizerMissed3whs::validate_rst( int TcpNormalizerMissed3whs::handle_paws( TcpNormalizerState& tns, TcpSegmentDescriptor& tsd) { + UNUSED(tsd); + UNUSED(tns); return ACTION_NOTHING; }