From: Shravan Rangarajuvenkata (shrarang) <shrarang@cisco.com>
Date: Tue, 2 Jun 2020 21:58:29 +0000 (+0000)
Subject: Merge pull request #2237 in SNORT/snort3 from ~KAMURTHI/snort3:http2-response-match... 
X-Git-Tag: 3.0.1-5~32
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=730e6c9a7159d35a647ecd05e06556610014030c;p=thirdparty%2Fsnort3.git

Merge pull request #2237 in SNORT/snort3 from ~KAMURTHI/snort3:http2-response-match to master

Squashed commit of the following:

commit d3cdafa9cdead598b4719b49d7c0cb5c7c122143
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date:   Sun May 31 22:15:50 2020 -0400

    appid: Match http2 response to request
---

diff --git a/src/network_inspectors/appid/appid_http_event_handler.cc b/src/network_inspectors/appid/appid_http_event_handler.cc
index a317e1396..0561153e4 100644
--- a/src/network_inspectors/appid/appid_http_event_handler.cc
+++ b/src/network_inspectors/appid/appid_http_event_handler.cc
@@ -64,13 +64,21 @@ void HttpEventHandler::handle(DataEvent& event, Flow* flow)
     AppIdHttpSession* hsession;
     if (http_event->get_is_http2())
     {
-        if (asd->get_prev_http2_raw_packet() != asd->session_packet_count)
+        if (direction == APP_ID_FROM_INITIATOR)
         {
-            asd->delete_all_http_sessions();
-            asd->set_prev_http2_raw_packet(asd->session_packet_count);
+            if (asd->get_prev_http2_raw_packet() != asd->session_packet_count)
+            {
+                asd->delete_all_http_sessions();
+                asd->set_prev_http2_raw_packet(asd->session_packet_count);
+            }
+            hsession = asd->create_http_session(http_event->get_http2_stream_id());
+        }
+        else
+        {
+            hsession = asd->get_matching_http_session(http_event->get_http2_stream_id());
+            if (!hsession)
+                hsession = asd->create_http_session(http_event->get_http2_stream_id());
         }
-
-        hsession = asd->create_http_session(http_event->get_http2_stream_id());
     }
     else
     {
diff --git a/src/network_inspectors/appid/appid_session.cc b/src/network_inspectors/appid/appid_session.cc
index 9a4238d87..39c78c35c 100644
--- a/src/network_inspectors/appid/appid_session.cc
+++ b/src/network_inspectors/appid/appid_session.cc
@@ -1018,6 +1018,16 @@ AppIdHttpSession* AppIdSession::get_http_session(uint32_t stream_index)
         return nullptr;
 }
 
+AppIdHttpSession* AppIdSession::get_matching_http_session(uint32_t stream_id)
+{
+    for (uint32_t stream_index=0; stream_index < hsessions.size(); stream_index++)
+    {
+        if(stream_id == hsessions[stream_index]->get_http2_stream_id())
+            return hsessions[stream_index];
+    }
+    return nullptr;
+}
+
 AppIdDnsSession* AppIdSession::create_dns_session()
 {
     if (dsession)
diff --git a/src/network_inspectors/appid/appid_session.h b/src/network_inspectors/appid/appid_session.h
index 34547c85b..276d3728f 100644
--- a/src/network_inspectors/appid/appid_session.h
+++ b/src/network_inspectors/appid/appid_session.h
@@ -361,6 +361,7 @@ public:
 
     AppIdHttpSession* create_http_session(uint32_t stream_id = 0);
     AppIdHttpSession* get_http_session(uint32_t stream_index = 0);
+    AppIdHttpSession* get_matching_http_session(uint32_t stream_id);
     void delete_all_http_sessions()
     {
         for (auto hsession : hsessions)
diff --git a/src/network_inspectors/appid/test/appid_mock_session.h b/src/network_inspectors/appid/test/appid_mock_session.h
index 52215e22d..08aa8cf70 100644
--- a/src/network_inspectors/appid/test/appid_mock_session.h
+++ b/src/network_inspectors/appid/test/appid_mock_session.h
@@ -283,6 +283,16 @@ AppIdHttpSession* AppIdSession::get_http_session(uint32_t stream_index)
     return nullptr;
 }
 
+AppIdHttpSession* AppIdSession::get_matching_http_session(uint32_t stream_id)
+{
+    for (uint32_t stream_index=0; stream_index < hsessions.size(); stream_index++)
+    {
+        if(stream_id == hsessions[stream_index]->get_http2_stream_id())
+            return hsessions[stream_index];
+    }
+    return nullptr;
+}
+
 AppIdDnsSession* AppIdSession::create_dns_session()
 {
     if ( !dsession )