From: Victor Julien <victor@inliniac.net>
Date: Tue, 10 Mar 2015 16:41:03 +0000 (+0100)
Subject: detect-state: implement tx state reset for reload
X-Git-Tag: suricata-2.1beta4~139
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F1375%2Fhead;p=thirdparty%2Fsuricata.git

detect-state: implement tx state reset for reload

In case of Detect Reload, we need to reset active tx' state.
---

diff --git a/src/detect-engine-state.c b/src/detect-engine-state.c
index c19e398f49..6ff91afccd 100644
--- a/src/detect-engine-state.c
+++ b/src/detect-engine-state.c
@@ -984,6 +984,45 @@ void DetectEngineStateReset(DetectEngineStateFlow *state, uint8_t direction)
     return;
 }
 
+/** \brief Reset de state for active tx'
+ *  To be used on detect engine reload.
+ *  \param f write LOCKED flow
+ */
+void DetectEngineStateResetTxs(Flow *f)
+{
+    if (AppLayerParserProtocolSupportsTxs(f->proto, f->alproto)) {
+        void *alstate = FlowGetAppState(f);
+        if (!StateIsValid(f->alproto, alstate)) {
+            return;
+        }
+
+        uint64_t inspect_ts = AppLayerParserGetTransactionInspectId(f->alparser, STREAM_TOCLIENT);
+        uint64_t inspect_tc = AppLayerParserGetTransactionInspectId(f->alparser, STREAM_TOSERVER);
+
+        uint64_t inspect_tx_id = MIN(inspect_ts, inspect_tc);
+
+        uint64_t total_txs = AppLayerParserGetTxCnt(f->proto, f->alproto, alstate);
+
+        for ( ; inspect_tx_id < total_txs; inspect_tx_id++) {
+            void *inspect_tx = AppLayerParserGetTx(f->proto, f->alproto, alstate, inspect_tx_id);
+            if (inspect_tx != NULL) {
+                DetectEngineState *tx_de_state = AppLayerParserGetTxDetectState(f->proto, f->alproto, inspect_tx);
+                if (tx_de_state == NULL) {
+                    continue;
+                }
+
+                tx_de_state->dir_state[0].cnt = 0;
+                tx_de_state->dir_state[0].filestore_cnt = 0;
+                tx_de_state->dir_state[0].flags = 0;
+
+                tx_de_state->dir_state[1].cnt = 0;
+                tx_de_state->dir_state[1].filestore_cnt = 0;
+                tx_de_state->dir_state[1].flags = 0;
+            }
+        }
+    }
+}
+
 /** \brief get string for match enum */
 const char *DeStateMatchResultToString(DeStateMatchResult res)
 {
diff --git a/src/detect-engine-state.h b/src/detect-engine-state.h
index 9a5b7ebab1..464f7180fd 100644
--- a/src/detect-engine-state.h
+++ b/src/detect-engine-state.h
@@ -231,6 +231,8 @@ void DeStateUpdateInspectTransactionId(Flow *f, uint8_t direction);
  */
 void DetectEngineStateReset(DetectEngineStateFlow *state, uint8_t direction);
 
+void DetectEngineStateResetTxs(Flow *f);
+
 void DeStateRegisterTests(void);
 
 #endif /* __DETECT_ENGINE_STATE_H__ */
diff --git a/src/detect.c b/src/detect.c
index 98e3959ce9..2d5ff98224 100644
--- a/src/detect.c
+++ b/src/detect.c
@@ -1201,6 +1201,7 @@ int SigMatchSignatures(ThreadVars *th_v, DetectEngineCtx *de_ctx, DetectEngineTh
 
                 DetectEngineStateReset(pflow->de_state,
                         (STREAM_TOSERVER|STREAM_TOCLIENT));
+                DetectEngineStateResetTxs(pflow);
             }
 
             /* set the iponly stuff */