From: Anoop Saldanha <anoopsaldanha@gmail.com>
Date: Sat, 3 Aug 2013 18:33:23 +0000 (+0530)
Subject: Introduce detection parser function pointer.
X-Git-Tag: suricata-2.0beta2~303
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8e8bc49063702fb92387bfaabddd96aca09a6816;p=thirdparty%2Fsuricata.git

Introduce detection parser function pointer.
---

diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c
index 2360e59ea6..12c5e774fd 100644
--- a/src/app-layer-parser.c
+++ b/src/app-layer-parser.c
@@ -1632,9 +1632,7 @@ int AppLayerProtoDetectionEnabled(const char *al_proto)
 
 void AppLayerParseProbingParserPorts(const char *al_proto_name, uint16_t al_proto,
                                      uint16_t min_depth, uint16_t max_depth,
-                                     uint16_t (*ProbingParser)(uint8_t *input,
-                                                               uint32_t input_len,
-                                                               uint32_t *offset))
+                                     ProbingParserFPtr ProbingParser)
 {
     char param[100];
     int r;
@@ -2078,7 +2076,7 @@ static inline void AppLayerInsertNewProbingParser(AppLayerProbingParser **pp,
                                                   char *al_proto_name, uint16_t al_proto,
                                                   uint16_t min_depth, uint16_t max_depth,
                                                   uint8_t flags,
-                                                  uint16_t (*ProbingParser)(uint8_t *input, uint32_t input_len, uint32_t *offset))
+                                                  ProbingParserFPtr ProbingParser)
 {
     /* get the top level ipproto pp */
     AppLayerProbingParser *curr_pp = *pp;
@@ -2248,7 +2246,7 @@ void AppLayerRegisterProbingParser(AlpProtoDetectCtx *ctx,
                                    char *al_proto_name, uint16_t al_proto,
                                    uint16_t min_depth, uint16_t max_depth,
                                    uint8_t flags,
-                                   uint16_t (*ProbingParser)(uint8_t *input, uint32_t input_len, uint32_t *offset))
+                                   ProbingParserFPtr ProbingParser)
 {
     DetectPort *head = NULL;
     DetectPortParse(&head, portstr);
diff --git a/src/app-layer-parser.h b/src/app-layer-parser.h
index 6b16e67c2b..a2dccfefa3 100644
--- a/src/app-layer-parser.h
+++ b/src/app-layer-parser.h
@@ -138,6 +138,9 @@ typedef struct AppLayerParserStateStore_ {
     AppLayerDecoderEvents *decoder_events;
 } AppLayerParserStateStore;
 
+typedef uint16_t (*ProbingParserFPtr)(uint8_t *input, uint32_t input_len,
+                                      uint32_t *offset);
+
 typedef struct AppLayerParserTableElement_ {
     int (*AppLayerParser)(Flow *f, void *protocol_state, AppLayerParserState
                           *parser_state, uint8_t *input, uint32_t input_len,
@@ -162,7 +165,7 @@ typedef struct AppLayerProbingParserElement_ {
     /* the max length of data after which this parser won't be invoked */
     uint32_t max_depth;
     /* the probing parser function */
-    uint16_t (*ProbingParser)(uint8_t *input, uint32_t input_len, uint32_t *offset);
+    ProbingParserFPtr ProbingParser;
 
     struct AppLayerProbingParserElement_ *next;
 } AppLayerProbingParserElement;
@@ -245,7 +248,7 @@ void AppLayerRegisterProbingParser(struct AlpProtoDetectCtx_ *,
                                    char *al_proto_name, uint16_t al_proto,
                                    uint16_t min_depth, uint16_t max_depth,
                                    uint8_t flags,
-                                   uint16_t (*ProbingParser)(uint8_t *input, uint32_t input_len, uint32_t *offset));
+                                   ProbingParserFPtr ProbingParser);
 #ifdef UNITTESTS
 void AppLayerRegisterUnittests(uint16_t proto, void (*RegisterUnittests)(void));
 #endif
@@ -420,6 +423,6 @@ int AppLayerParserEnabled(const char *alproto);
 int AppLayerProtoDetectionEnabled(const char *alproto);
 void AppLayerParseProbingParserPorts(const char *al_proto_name, uint16_t al_proto,
                                      uint16_t min_depth, uint16_t max_depth,
-                                     uint16_t (*ProbingParser)(uint8_t *input, uint32_t input_len, uint32_t *offset));
+                                     ProbingParserFPtr ProbingParser);
 
 #endif /* __APP_LAYER_PARSER_H__ */
diff --git a/src/app-layer.c b/src/app-layer.c
index af298b1b37..474375d7fa 100644
--- a/src/app-layer.c
+++ b/src/app-layer.c
@@ -128,7 +128,11 @@ int AppLayerHandleTCPData(AlpProtoDetectThreadCtx *dp_ctx, Flow *f,
 #endif
 
     SCLogDebug("data_len %u flags %02X", data_len, flags);
-    if (!(f->flags & FLOW_NO_APPLAYER_INSPECTION)) {
+    if (f->flags & FLOW_NO_APPLAYER_INSPECTION) {
+        SCLogDebug("FLOW_AL_NO_APPLAYER_INSPECTION is set");
+        SCReturnInt(r);
+    }
+
         /* if we don't know the proto yet and we have received a stream
          * initializer message, we run proto detection.
          * We receive 2 stream init msgs (one for each direction) but we
@@ -189,9 +193,6 @@ int AppLayerHandleTCPData(AlpProtoDetectThreadCtx *dp_ctx, Flow *f,
                 SCLogDebug(" smsg not start, but no l7 data? Weird");
             }
         }
-    } else {
-        SCLogDebug("FLOW_AL_NO_APPLAYER_INSPECTION is set");
-    }
 
     SCReturnInt(r);
 }