From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Tue, 11 Jun 2019 22:56:59 +0000 (-0400)
Subject: rust/snmp: Support get-info-by-id
X-Git-Tag: suricata-5.0.0-rc1~254
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6911cc01add013123513b927c64b09bb4dcee153;p=thirdparty%2Fsuricata.git

rust/snmp: Support get-info-by-id
---

diff --git a/rust/src/snmp/snmp.rs b/rust/src/snmp/snmp.rs
index 86bbc928a9..f39eb7c526 100644
--- a/rust/src/snmp/snmp.rs
+++ b/rust/src/snmp/snmp.rs
@@ -39,6 +39,16 @@ pub enum SNMPEvent {
     UnknownSecurityModel,
 }
 
+impl SNMPEvent {
+    fn from_i32(value: i32) -> Option<SNMPEvent> {
+        match value {
+            0 => Some(SNMPEvent::MalformedData),
+            1 => Some(SNMPEvent::UnknownSecurityModel),
+            _ => None,
+        }
+    }
+}
+
 pub struct SNMPState {
     /// SNMP protocol version
     pub version: u32,
@@ -438,6 +448,27 @@ pub extern "C" fn rs_snmp_state_get_events(tx: *mut std::os::raw::c_void)
     return tx.events;
 }
 
+#[no_mangle]
+pub extern "C" fn rs_snmp_state_get_event_info_by_id(event_id: std::os::raw::c_int,
+                                                     event_name: *mut *const std::os::raw::c_char,
+                                                     event_type: *mut core::AppLayerEventType)
+                                                     -> i8
+{
+    if let Some(e) = SNMPEvent::from_i32(event_id as i32) {
+        let estr = match e {
+            SNMPEvent::MalformedData         => { "malformed_data\0" },
+            SNMPEvent::UnknownSecurityModel  => { "unknown_security_model\0" },
+        };
+        unsafe{
+            *event_name = estr.as_ptr() as *const std::os::raw::c_char;
+            *event_type = core::APP_LAYER_EVENT_TYPE_TRANSACTION;
+        };
+        0
+    } else {
+        -1
+    }
+}
+
 #[no_mangle]
 pub extern "C" fn rs_snmp_state_get_event_info(event_name: *const std::os::raw::c_char,
                                               event_id: *mut std::os::raw::c_int,
@@ -557,34 +588,35 @@ const PARSER_NAME : &'static [u8] = b"snmp\0";
 pub unsafe extern "C" fn rs_register_snmp_parser() {
     let default_port = CString::new("161").unwrap();
     let mut parser = RustParser {
-        name              : PARSER_NAME.as_ptr() as *const std::os::raw::c_char,
-        default_port      : default_port.as_ptr(),
-        ipproto           : core::IPPROTO_UDP,
-        probe_ts          : rs_snmp_probing_parser,
-        probe_tc          : rs_snmp_probing_parser,
-        min_depth         : 0,
-        max_depth         : 16,
-        state_new         : rs_snmp_state_new,
-        state_free        : rs_snmp_state_free,
-        tx_free           : rs_snmp_state_tx_free,
-        parse_ts          : rs_snmp_parse_request,
-        parse_tc          : rs_snmp_parse_response,
-        get_tx_count      : rs_snmp_state_get_tx_count,
-        get_tx            : rs_snmp_state_get_tx,
-        tx_get_comp_st    : rs_snmp_state_progress_completion_status,
-        tx_get_progress   : rs_snmp_tx_get_alstate_progress,
-        get_tx_logged     : Some(rs_snmp_tx_get_logged),
-        set_tx_logged     : Some(rs_snmp_tx_set_logged),
-        get_de_state      : rs_snmp_state_get_tx_detect_state,
-        set_de_state      : rs_snmp_state_set_tx_detect_state,
-        get_events        : Some(rs_snmp_state_get_events),
-        get_eventinfo     : Some(rs_snmp_state_get_event_info),
-        localstorage_new  : None,
-        localstorage_free : None,
-        get_tx_mpm_id     : None,
-        set_tx_mpm_id     : None,
-        get_files         : None,
-        get_tx_iterator   : None,
+        name               : PARSER_NAME.as_ptr() as *const std::os::raw::c_char,
+        default_port       : default_port.as_ptr(),
+        ipproto            : core::IPPROTO_UDP,
+        probe_ts           : rs_snmp_probing_parser,
+        probe_tc           : rs_snmp_probing_parser,
+        min_depth          : 0,
+        max_depth          : 16,
+        state_new          : rs_snmp_state_new,
+        state_free         : rs_snmp_state_free,
+        tx_free            : rs_snmp_state_tx_free,
+        parse_ts           : rs_snmp_parse_request,
+        parse_tc           : rs_snmp_parse_response,
+        get_tx_count       : rs_snmp_state_get_tx_count,
+        get_tx             : rs_snmp_state_get_tx,
+        tx_get_comp_st     : rs_snmp_state_progress_completion_status,
+        tx_get_progress    : rs_snmp_tx_get_alstate_progress,
+        get_tx_logged      : Some(rs_snmp_tx_get_logged),
+        set_tx_logged      : Some(rs_snmp_tx_set_logged),
+        get_de_state       : rs_snmp_state_get_tx_detect_state,
+        set_de_state       : rs_snmp_state_set_tx_detect_state,
+        get_events         : Some(rs_snmp_state_get_events),
+        get_eventinfo      : Some(rs_snmp_state_get_event_info),
+        get_eventinfo_byid : Some(rs_snmp_state_get_event_info_by_id),
+        localstorage_new   : None,
+        localstorage_free  : None,
+        get_tx_mpm_id      : None,
+        set_tx_mpm_id      : None,
+        get_files          : None,
+        get_tx_iterator    : None,
     };
     let ip_proto_str = CString::new("udp").unwrap();
     if AppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 {
@@ -604,6 +636,6 @@ pub unsafe extern "C" fn rs_register_snmp_parser() {
             let _ = AppLayerRegisterParser(&parser, alproto);
         }
     } else {
-        SCLogDebug!("Protocol detecter and parser disabled for SNMP.");
+        SCLogDebug!("Protocol detector and parser disabled for SNMP.");
     }
 }