From: Hui Cao (huica) Date: Mon, 7 Nov 2016 15:12:31 +0000 (-0500) Subject: Merge pull request #696 in SNORT/snort3 from http_more_tests to master X-Git-Tag: 3.0.0-233~199 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a70374db56f2a592402d1dfd46a6771ddc0ae47a;p=thirdparty%2Fsnort3.git Merge pull request #696 in SNORT/snort3 from http_more_tests to master Squashed commit of the following: commit dcd43e7d538a2f5ebc06eae3877b239c64f43cfb Author: shaslad Date: Sat Oct 29 01:42:07 2016 -0400 minor modification related to logs Added missing opera client header pattern and related variables --- diff --git a/src/network_inspectors/appid/app_info_table.cc b/src/network_inspectors/appid/app_info_table.cc index 35e0527f0..20fe5ab78 100644 --- a/src/network_inspectors/appid/app_info_table.cc +++ b/src/network_inspectors/appid/app_info_table.cc @@ -217,7 +217,8 @@ void AppInfoManager::set_app_info_active(AppId appId) if (entry) entry->flags |= APPINFO_FLAG_ACTIVE; else - ErrorMessage("AppInfo: AppId %d is UNKNOWN\n", appId); + DebugFormat(DEBUG_APPID, "AppInfo: AppId %d is UNKNOWN\n", appId); + } void AppInfoManager::load_appid_config(const char* path) diff --git a/src/network_inspectors/appid/detector_plugins/detector_http.cc b/src/network_inspectors/appid/detector_plugins/detector_http.cc index a95ccb3be..3a0fb7abc 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_http.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_http.cc @@ -122,6 +122,7 @@ static const char CURL_PATTERN[] = "curl"; static const char GOOGLE_DESKTOP_PATTERN[] = "Google Desktop"; static const char PICASA_PATTERN[] = "Picasa"; static const char SAFARI_PATTERN[] = "Safari"; +static const char OPERA_PATTERN[] = "Opera"; static const char CHROME_PATTERN[] = "Chrome"; static const char MOBILE_PATTERN[] = "Mobile"; static const char BLACKBERRY_PATTERN[] = "BlackBerry"; @@ -275,6 +276,8 @@ static DetectorHTTPPattern client_agent_patterns[] = sizeof(PICASA_PATTERN)-1, (uint8_t*)PICASA_PATTERN, APP_ID_PICASA,}, { USER_AGENT_HEADER, APP_ID_HTTP, APP_ID_SAFARI, 0, sizeof(SAFARI_PATTERN)-1, (uint8_t*)SAFARI_PATTERN, APP_ID_SAFARI,}, + { USER_AGENT_HEADER, APP_ID_HTTP, APP_ID_OPERA, 0, + sizeof(OPERA_PATTERN)-1, (uint8_t*)OPERA_PATTERN, APP_ID_OPERA,}, { USER_AGENT_HEADER, APP_ID_HTTP, APP_ID_CHROME, 0, sizeof(CHROME_PATTERN)-1, (uint8_t*)CHROME_PATTERN, APP_ID_CHROME,}, { USER_AGENT_HEADER, APP_ID_HTTP, APP_ID_SAFARI_MOBILE_DUMMY, 0, @@ -1735,8 +1738,7 @@ void identify_user_agent(const uint8_t* start, int size, AppId* serviceAppId, Ap char temp_ver[MAX_VERSION_SIZE]; temp_ver[0] = 0; - detectorHttpConfig->client_agent_matcher->find_all((const char*)start, size, &http_pattern_match, - false, (void*)&mp); + detectorHttpConfig->client_agent_matcher->find_all((const char*)start, size, &http_pattern_match, false, (void*)&mp); if (mp) { diff --git a/src/network_inspectors/appid/lua_detector_api.cc b/src/network_inspectors/appid/lua_detector_api.cc index 51c909b16..804417579 100644 --- a/src/network_inspectors/appid/lua_detector_api.cc +++ b/src/network_inspectors/appid/lua_detector_api.cc @@ -1808,6 +1808,8 @@ static int detector_port_only_service(lua_State* L) ud->appid_config->tcp_port_only[port] = appId; else if (protocol == 17) ud->appid_config->udp_port_only[port] = appId; + + AppInfoManager::get_instance().set_app_info_active(appId); return 0; }