From: Bhargava Jandhyala (bjandhya) Date: Mon, 13 Sep 2021 05:44:54 +0000 (+0000) Subject: Merge pull request #3055 in SNORT/snort3 from ~BSACHDEV/snort3:old_commit to master X-Git-Tag: 3.1.13.0~15 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bad9c7eaff87d6d96c0e35ff8565827319eeb2a6;p=thirdparty%2Fsnort3.git Merge pull request #3055 in SNORT/snort3 from ~BSACHDEV/snort3:old_commit to master Squashed commit of the following: commit e739ce037ad55f14198c92d5d2537bca5b3cdcfa Author: bsachdev Date: Thu Sep 9 11:14:37 2021 -0400 Revert "Merge pull request #2916 in SNORT/snort3 from ~DIPANDIT/snort3:flow_from_file_context to master" This reverts commit 1c499b3816b3f1435d2b56f5ee0912bd0586cc68. --- diff --git a/src/file_api/file_cache.cc b/src/file_api/file_cache.cc index 045bb5612..e0f8a73b6 100644 --- a/src/file_api/file_cache.cc +++ b/src/file_api/file_cache.cc @@ -209,11 +209,7 @@ FileContext* FileCache::get_file(Flow* flow, uint64_t file_id, bool to_create, hashKey.padding[0] = hashKey.padding[1] = hashKey.padding[2] = 0; FileContext* file = find(hashKey, timeout); if (to_create and !file) - { file = add(hashKey, timeout); - if (file) - file->set_processing_flow(flow); - } return file; } @@ -271,7 +267,6 @@ bool FileCache::apply_verdict(Packet* p, FileContext* file_ctx, FileVerdict verd bool resume, FilePolicyBase* policy) { Flow* flow = p->flow; - Flow* processing_flow = file_ctx->get_processing_flow(); Active* act = p->active; struct timeval now = {0, 0}; struct timeval add_time; @@ -289,7 +284,7 @@ bool FileCache::apply_verdict(Packet* p, FileContext* file_ctx, FileVerdict verd return false; case FILE_VERDICT_LOG: if (resume) - policy->log_file_action(processing_flow, file_ctx, FILE_RESUME_LOG); + policy->log_file_action(flow, file_ctx, FILE_RESUME_LOG); return false; case FILE_VERDICT_BLOCK: // can't block session inside a session @@ -328,7 +323,7 @@ bool FileCache::apply_verdict(Packet* p, FileContext* file_ctx, FileVerdict verd } if (resume) - policy->log_file_action(processing_flow, file_ctx, FILE_RESUME_BLOCK); + policy->log_file_action(flow, file_ctx, FILE_RESUME_BLOCK); else file_ctx->verdict = FILE_VERDICT_LOG; @@ -377,7 +372,7 @@ bool FileCache::apply_verdict(Packet* p, FileContext* file_ctx, FileVerdict verd "apply_verdict:FILE_VERDICT_PENDING with action retry\n"); if (resume) - policy->log_file_action(processing_flow, file_ctx, FILE_RESUME_BLOCK); + policy->log_file_action(flow, file_ctx, FILE_RESUME_BLOCK); else if (store_verdict(flow, file_ctx, lookup_timeout) != 0) { FILE_DEBUG(file_trace, DEFAULT_TRACE_OPTION_ID, TRACE_DEBUG_LEVEL, p, @@ -405,7 +400,7 @@ bool FileCache::apply_verdict(Packet* p, FileContext* file_ctx, FileVerdict verd FILE_DEBUG(file_trace, DEFAULT_TRACE_OPTION_ID, TRACE_DEBUG_LEVEL, p, "apply_verdict:Resume block file\n"); file_ctx->log_file_event(flow, policy); - policy->log_file_action(processing_flow, file_ctx, FILE_RESUME_BLOCK); + policy->log_file_action(flow, file_ctx, FILE_RESUME_BLOCK); } else if (file_ctx->is_cacheable()) { @@ -436,9 +431,7 @@ FileVerdict FileCache::cached_verdict_lookup(Packet* p, FileInfo* file, if (file_found) { - // file_found might be a new context, set the flow here - file_found->set_processing_flow(flow); - //Query the file policy in case verdict has been changed + /*Query the file policy in case verdict has been changed*/ verdict = check_verdict(p, file_found, policy); FILE_DEBUG(file_trace, DEFAULT_TRACE_OPTION_ID, TRACE_DEBUG_LEVEL, p, "cached_verdict_lookup:Verdict received from cached_verdict_lookup %d\n", verdict); diff --git a/src/file_api/file_flows.cc b/src/file_api/file_flows.cc index 2fc2d9fc0..0ff474364 100644 --- a/src/file_api/file_flows.cc +++ b/src/file_api/file_flows.cc @@ -198,7 +198,6 @@ FileContext* FileFlows::find_main_file_context(FilePosition pos, FileDirection d } context = new FileContext; - context->set_processing_flow(flow); main_context = context; context->check_policy(flow, dir, file_policy); @@ -255,8 +254,6 @@ FileContext* FileFlows::get_file_context( else { context = new FileContext; - context->set_processing_flow(flow); - partially_processed_contexts[multi_file_processing_id] = context; FILE_DEBUG(file_trace, DEFAULT_TRACE_OPTION_ID, TRACE_DEBUG_LEVEL, GET_CURRENT_PACKET, "get_file_context:creating new context\n"); diff --git a/src/file_api/file_lib.cc b/src/file_api/file_lib.cc index 5afae3b5d..516591500 100644 --- a/src/file_api/file_lib.cc +++ b/src/file_api/file_lib.cc @@ -116,7 +116,6 @@ void FileInfo::copy(const FileInfo& other) file_capture_enabled = other.file_capture_enabled; file_state = other.file_state; pending_expire_time = other.pending_expire_time; - processing_flow = other.processing_flow; // only one copy of file capture file_capture = nullptr; } @@ -317,7 +316,7 @@ void FileContext::log_file_event(Flow* flow, FilePolicyBase* policy) } if (policy and log_needed) - policy->log_file_action(processing_flow, this, FILE_ACTION_DEFAULT); + policy->log_file_action(flow, this, FILE_ACTION_DEFAULT); if ( config->trace_type ) print(std::cout); diff --git a/src/file_api/file_lib.h b/src/file_api/file_lib.h index bd1a9528b..d250f3aa1 100644 --- a/src/file_api/file_lib.h +++ b/src/file_api/file_lib.h @@ -85,8 +85,6 @@ public: FileVerdict verdict = FILE_VERDICT_UNKNOWN; bool processing_complete = false; struct timeval pending_expire_time = {0, 0}; - void set_processing_flow(Flow* flow) { processing_flow = flow; } - Flow* get_processing_flow() { return processing_flow; } protected: std::string file_name; @@ -97,7 +95,6 @@ protected: uint8_t* sha256 = nullptr; uint64_t file_id = 0; FileCapture* file_capture = nullptr; - Flow* processing_flow = nullptr; bool file_type_enabled = false; bool file_signature_enabled = false; bool file_capture_enabled = false;