From: Steve Chew (stechew) <stechew@cisco.com>
Date: Tue, 27 Aug 2019 20:28:22 +0000 (-0400)
Subject: Merge pull request #1719 in SNORT/snort3 from ~SBAIGAL/snort3:wiz_restart to master
X-Git-Tag: 3.0.0-260~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=add5391de638a7861ac08a082a41b6e46b2d41b5;p=thirdparty%2Fsnort3.git

Merge pull request #1719 in SNORT/snort3 from ~SBAIGAL/snort3:wiz_restart to master

Squashed commit of the following:

commit 614ef5ef2ffb2a683bd8574c5f6a124f42e17544
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date:   Fri Aug 2 14:18:37 2019 -0400

    binder: updated change_service event to support service reset via wizard

    removed switch to wizard event and use null service to reset
---

diff --git a/src/network_inspectors/binder/binder.cc b/src/network_inspectors/binder/binder.cc
index aa5612493..0f309e120 100644
--- a/src/network_inspectors/binder/binder.cc
+++ b/src/network_inspectors/binder/binder.cc
@@ -745,19 +745,49 @@ void Binder::handle_flow_service_change( Flow* flow )
 
     assert(flow);
 
-    Inspector* ins = find_gadget(flow);
-
-    if ( flow->gadget != ins )
+    Inspector* ins = nullptr;
+    if (flow->service)
     {
+        ins = find_gadget(flow);
+        if ( flow->gadget != ins )
+        {
+            if ( flow->gadget )
+                flow->clear_gadget();
+            if ( ins )
+            {
+                flow->set_gadget(ins);
+                flow->ssn_state.snort_protocol_id = ins->get_service();
+            }
+            else
+                flow->ssn_state.snort_protocol_id = UNKNOWN_PROTOCOL_ID;
+        }
+    }
+    else
+    {
+        // reset to wizard when serviec is not specified
+        unsigned sz = bindings.size();
+        for ( unsigned i = 0; i < sz; i++ )
+        {
+            Binding* pb = bindings[i];
+            if ( pb->use.ips_index or pb->use.inspection_index or pb->use.network_index )
+                continue;
+
+            if ( pb->use.what == BindUse::BW_WIZARD )
+            {
+                ins = (Inspector*)pb->use.object;
+                break;
+            }
+        }
+
         if ( flow->gadget )
             flow->clear_gadget();
+        if ( flow->clouseau )
+            flow->clear_clouseau();
         if ( ins )
         {
-            flow->set_gadget(ins);
-            flow->ssn_state.snort_protocol_id = ins->get_service();
+            flow->set_clouseau(ins);
         }
-        else
-            flow->ssn_state.snort_protocol_id = UNKNOWN_PROTOCOL_ID;
+        flow->ssn_state.snort_protocol_id = UNKNOWN_PROTOCOL_ID;
     }
 
     // If there is no inspector bound to this flow after the service change, see if there's at least