From: Philippe Antoine <contact@catenacyber.fr>
Date: Wed, 26 May 2021 08:16:54 +0000 (+0200)
Subject: http2: make http1 rules work on http2 traffic optional
X-Git-Tag: suricata-6.0.3~19
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a61ad9d5fba99a5aee9d50d059db0bf713128556;p=thirdparty%2Fsuricata.git

http2: make http1 rules work on http2 traffic optional
---

diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c
index c1bc185980..b33ef5fda8 100644
--- a/src/app-layer-parser.c
+++ b/src/app-layer-parser.c
@@ -215,10 +215,16 @@ void AppLayerParserStateFree(AppLayerParserState *pstate)
     SCReturn;
 }
 
+bool g_config_http1keywords_http2traffic = false;
+
 int AppLayerParserSetup(void)
 {
     SCEnter();
     memset(&alp_ctx, 0, sizeof(alp_ctx));
+    int value = 0;
+    if (ConfGetBool("app-layer.protocols.http2.http1-rules", &value) == 1 && value == 1) {
+        g_config_http1keywords_http2traffic = true;
+    }
     SCReturnInt(0);
 }
 
diff --git a/src/app-layer-protos.h b/src/app-layer-protos.h
index ff383c1514..36b69ddcfa 100644
--- a/src/app-layer-protos.h
+++ b/src/app-layer-protos.h
@@ -77,11 +77,13 @@ static inline bool AppProtoIsValid(AppProto a)
     return ((a > ALPROTO_UNKNOWN && a < ALPROTO_FAILED));
 }
 
+extern bool g_config_http1keywords_http2traffic;
+
 // wether a signature AppProto matches a flow (or signature) AppProto
 static inline bool AppProtoEquals(AppProto sigproto, AppProto alproto)
 {
-    if (alproto == ALPROTO_HTTP2 && sigproto == ALPROTO_HTTP) {
-        // TODO config option
+    if (alproto == ALPROTO_HTTP2 && g_config_http1keywords_http2traffic &&
+            sigproto == ALPROTO_HTTP) {
         return true;
     }
     return (sigproto == alproto);