From: Philippe Antoine <pantoine@oisf.net>
Date: Mon, 25 Jul 2022 08:33:42 +0000 (+0200)
Subject: detect: config keyword transaction logic fix
X-Git-Tag: suricata-6.0.10~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F8458%2Fhead;p=thirdparty%2Fsuricata.git

detect: config keyword transaction logic fix

When the keyword config:logging disable,type tx is used,
OutputTxLog checks a flag to skip the transaction without logging
it, but AppLayerParserTransactionsCleanup waits for the
transaction to be marked as logged to clean it.

So, OutputTxLog now marks the tx as logged, so that it can
get cleaned away.

Ticket: #5456
(cherry picked from commit 0c0fcc94111b183ae2953f659d14ab2f671fc019)
---

diff --git a/src/output-tx.c b/src/output-tx.c
index ff11b87944..3a7eba9662 100644
--- a/src/output-tx.c
+++ b/src/output-tx.c
@@ -225,6 +225,8 @@ static TmEcode OutputTxLog(ThreadVars *tv, Packet *p, void *thread_data)
         SCLogDebug("tx %p/%"PRIu64" txd %p: log_flags %x", tx, tx_id, txd, txd->config.log_flags);
         if (txd->config.log_flags & BIT_U8(CONFIG_TYPE_TX)) {
             SCLogDebug("SKIP tx %p/%"PRIu64, tx, tx_id);
+            // so that AppLayerParserTransactionsCleanup can clean this tx
+            txd->logged.flags |= logger_expectation;
             goto next_tx;
         }