From: Russ Combs (rucombs) <rucombs@cisco.com>
Date: Mon, 1 Apr 2019 00:36:56 +0000 (-0400)
Subject: Merge pull request #1501 in SNORT/snort3 from ~VIROEMER/snort3:ssl_count_disabled... 
X-Git-Tag: 3.0.0-251~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b37ba6fa22fb8645e5ea4c2e529a2cae284652d9;p=thirdparty%2Fsnort3.git

Merge pull request #1501 in SNORT/snort3 from ~VIROEMER/snort3:ssl_count_disabled to master

Squashed commit of the following:

commit feadce72ee24492a12455f0bd2c765554e339d65
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Wed Jan 30 14:53:31 2019 -0500

    ssl: Count calls to disable_content for ssl sessions
---

diff --git a/src/service_inspectors/ssl/ssl_inspector.cc b/src/service_inspectors/ssl/ssl_inspector.cc
index 535ac8d38..33bb8ff49 100644
--- a/src/service_inspectors/ssl/ssl_inspector.cc
+++ b/src/service_inspectors/ssl/ssl_inspector.cc
@@ -192,6 +192,7 @@ static inline uint32_t SSLPP_process_alert(
         !(new_flags & SSL_HEARTBEAT_SEEN))
     {
         DetectionEngine::disable_content(packet);
+        sslstats.disabled++;
     }
 
     /* Need to negate the application flags from the opposing side. */
@@ -238,6 +239,7 @@ static inline uint32_t SSLPP_process_app(SSL_PROTO_CONF* config, uint32_t ssn_fl
         else if (!(new_flags & SSL_HEARTBEAT_SEEN))
         {
             DetectionEngine::disable_content(packet);
+            sslstats.disabled++;
         }
     }
 
@@ -264,6 +266,7 @@ static inline void SSLPP_process_other(SSL_PROTO_CONF* config, SSLData* sd, uint
         else if (!(new_flags & SSL_HEARTBEAT_SEEN))
         {
             DetectionEngine::disable_content(packet);
+            sslstats.disabled++;
         }
     }
     else
@@ -345,6 +348,7 @@ static void snort_ssl(SSL_PROTO_CONF* config, Packet* p)
         if (!(new_flags & SSL_HEARTBEAT_SEEN))
         {
             DetectionEngine::disable_content(p);
+            sslstats.disabled++;
         }
 
         sd->ssn_flags |= new_flags;