From: Philippe Antoine Date: Fri, 24 Jan 2025 15:31:01 +0000 (+0100) Subject: snmp: restrict rust visibility X-Git-Tag: suricata-8.0.0-beta1~54 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e3ee922fbfb1143841162453165102e23948ea77;p=thirdparty%2Fsuricata.git snmp: restrict rust visibility --- diff --git a/rust/src/snmp/detect.rs b/rust/src/snmp/detect.rs index 2bd2315ab5..c4aa07bb9d 100644 --- a/rust/src/snmp/detect.rs +++ b/rust/src/snmp/detect.rs @@ -105,7 +105,7 @@ unsafe extern "C" fn snmp_detect_pdutype_free(_de: *mut c_void, ctx: *mut c_void SCDetectU32Free(ctx); } -pub unsafe extern "C" fn snmp_detect_usm_setup( +unsafe extern "C" fn snmp_detect_usm_setup( de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char, ) -> c_int { if DetectSignatureSetAppProto(s, ALPROTO_SNMP) != 0 { @@ -117,7 +117,7 @@ pub unsafe extern "C" fn snmp_detect_usm_setup( return 0; } -pub unsafe extern "C" fn snmp_detect_usm_get( +unsafe extern "C" fn snmp_detect_usm_get( tx: *const c_void, _flow_flags: u8, buffer: *mut *const u8, buffer_len: *mut u32, ) -> bool { let tx = cast_pointer!(tx, SNMPTransaction); @@ -129,7 +129,7 @@ pub unsafe extern "C" fn snmp_detect_usm_get( return false; } -pub unsafe extern "C" fn snmp_detect_usm_get_data( +unsafe extern "C" fn snmp_detect_usm_get_data( de: *mut c_void, transforms: *const c_void, flow: *const c_void, flow_flags: u8, tx: *const c_void, list_id: c_int, ) -> *mut c_void { @@ -144,7 +144,7 @@ pub unsafe extern "C" fn snmp_detect_usm_get_data( ); } -pub unsafe extern "C" fn snmp_detect_community_setup( +unsafe extern "C" fn snmp_detect_community_setup( de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char, ) -> c_int { if DetectSignatureSetAppProto(s, ALPROTO_SNMP) != 0 { @@ -156,7 +156,7 @@ pub unsafe extern "C" fn snmp_detect_community_setup( return 0; } -pub unsafe extern "C" fn snmp_detect_community_get( +unsafe extern "C" fn snmp_detect_community_get( tx: *const c_void, _flow_flags: u8, buffer: *mut *const u8, buffer_len: *mut u32, ) -> bool { let tx = cast_pointer!(tx, SNMPTransaction); @@ -168,7 +168,7 @@ pub unsafe extern "C" fn snmp_detect_community_get( return false; } -pub unsafe extern "C" fn snmp_detect_community_get_data( +unsafe extern "C" fn snmp_detect_community_get_data( de: *mut c_void, transforms: *const c_void, flow: *const c_void, flow_flags: u8, tx: *const c_void, list_id: c_int, ) -> *mut c_void { @@ -182,8 +182,8 @@ pub unsafe extern "C" fn snmp_detect_community_get_data( snmp_detect_community_get, ); } -#[no_mangle] -pub unsafe extern "C" fn SCDetectSNMPRegister() { + +pub(super) unsafe extern "C" fn detect_snmp_register() { let kw = SCSigTableElmt { name: b"snmp.version\0".as_ptr() as *const libc::c_char, desc: b"match SNMP version\0".as_ptr() as *const libc::c_char, diff --git a/rust/src/snmp/log.rs b/rust/src/snmp/log.rs index d9a561b156..f6669c4770 100644 --- a/rust/src/snmp/log.rs +++ b/rust/src/snmp/log.rs @@ -77,8 +77,7 @@ fn snmp_log_response(jsb: &mut JsonBuilder, tx: &SNMPTransaction) -> Result<(), return Ok(()); } -#[no_mangle] -pub unsafe extern "C" fn SCSnmpLogJsonResponse( +pub(super) unsafe extern "C" fn snmp_log_json_response( tx: *const std::os::raw::c_void, jsb: *mut std::os::raw::c_void, ) -> bool { let tx = cast_pointer!(tx, SNMPTransaction); diff --git a/rust/src/snmp/snmp.rs b/rust/src/snmp/snmp.rs index 11f52efa2c..34847eb682 100644 --- a/rust/src/snmp/snmp.rs +++ b/rust/src/snmp/snmp.rs @@ -22,8 +22,8 @@ use crate::flow::Flow; use crate::snmp::snmp_parser::*; use crate::core::{self, *}; use crate::applayer::{self, *}; -use super::log::SCSnmpLogJsonResponse; -use super::detect::SCDetectSNMPRegister; +use super::log::snmp_log_json_response; +use super::detect::detect_snmp_register; use std; use std::ffi::CString; @@ -38,18 +38,18 @@ use suricata_sys::sys::{ }; #[derive(AppLayerEvent)] -pub enum SNMPEvent { +enum SNMPEvent { MalformedData, UnknownSecurityModel, VersionMismatch, } #[derive(Default)] -pub struct SNMPState<'a> { +struct SNMPState<'a> { state_data: AppLayerStateData, /// SNMP protocol version - pub version: u32, + version: u32, /// List of transactions for this session transactions: Vec>, @@ -58,7 +58,7 @@ pub struct SNMPState<'a> { tx_id: u64, } -pub struct SNMPPduInfo<'a> { +pub(super) struct SNMPPduInfo<'a> { pub pdu_type: PduType, pub err: ErrorStatus, @@ -68,7 +68,7 @@ pub struct SNMPPduInfo<'a> { pub vars: Vec>, } -pub struct SNMPTransaction<'a> { +pub(super) struct SNMPTransaction<'a> { /// PDU version pub version: u32, @@ -97,7 +97,7 @@ impl Transaction for SNMPTransaction<'_> { } impl<'a> SNMPState<'a> { - pub fn new() -> SNMPState<'a> { + fn new() -> SNMPState<'a> { Default::default() } } @@ -243,7 +243,7 @@ impl<'a> SNMPState<'a> { } impl<'a> SNMPTransaction<'a> { - pub fn new(direction: Direction, version: u32, id: u64) -> SNMPTransaction<'a> { + fn new(direction: Direction, version: u32, id: u64) -> SNMPTransaction<'a> { SNMPTransaction { version, info: None, @@ -415,10 +415,10 @@ pub unsafe extern "C" fn SCRegisterSnmpParser() { logname: b"JsonSNMPLog\0".as_ptr() as *const std::os::raw::c_char, alproto: ALPROTO_SNMP, dir: SCOutputJsonLogDirection::LOG_DIR_PACKET as u8, - LogTx: Some(SCSnmpLogJsonResponse), + LogTx: Some(snmp_log_json_response), }; SCOutputEvePreRegisterLogger(reg_data); - SigTablePreRegister(SCDetectSNMPRegister); + SigTablePreRegister(detect_snmp_register); if AppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 { // port 161 _ = AppLayerRegisterProtocolDetection(&parser, 1);