From 7da60030f25a4f6028de889fd45eaca431a52257 Mon Sep 17 00:00:00 2001
From: "Oleksandr Stepanov -X (ostepano - SOFTSERVE INC at Cisco)"
 <ostepano@cisco.com>
Date: Wed, 25 Oct 2023 18:50:43 +0000
Subject: [PATCH] Pull request #4062: appid: Lua log function with appiddebug
 check

Merge in SNORT/snort3 from ~OSTEPANO/snort3:lua_log to master

Squashed commit of the following:

commit 8e509beb02cfed13e5fd171896d10159e91b1cbb
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date:   Thu Aug 10 08:18:48 2023 -0400

    appid: Lua log function with appiddebug check
---
 src/network_inspectors/appid/appid_config.cc  | 18 ++++++---
 .../appid/appid_inspector.cc                  |  4 +-
 .../appid/lua_detector_api.cc                 | 40 +++++++++++++++++++
 3 files changed, 55 insertions(+), 7 deletions(-)

diff --git a/src/network_inspectors/appid/appid_config.cc b/src/network_inspectors/appid/appid_config.cc
index f34d30789..0a0e16a5b 100644
--- a/src/network_inspectors/appid/appid_config.cc
+++ b/src/network_inspectors/appid/appid_config.cc
@@ -97,17 +97,17 @@ void AppIdConfig::show() const
 
 void AppIdContext::pterm()
 {
-    if (odp_ctxt)
-    {
-        odp_ctxt->get_app_info_mgr().cleanup_appid_info_table();
-        delete odp_ctxt;
-    }
-
     if (odp_thread_local_ctxt)
     {
         delete odp_thread_local_ctxt;
         odp_thread_local_ctxt = nullptr;
     }
+
+    if (odp_ctxt)
+    {
+        odp_ctxt->get_app_info_mgr().cleanup_appid_info_table();
+        delete odp_ctxt;
+    }
 }
 
 bool AppIdContext::init_appid(SnortConfig* sc, AppIdInspector& inspector)
@@ -126,6 +126,12 @@ bool AppIdContext::init_appid(SnortConfig* sc, AppIdInspector& inspector)
         odp_ctxt->get_service_disco_mgr().initialize(inspector);
         odp_ctxt->set_client_and_service_detectors();
 
+        if (!appidDebug)
+        {
+            appidDebug = new AppIdDebug();
+            appidDebug->set_enabled(config.log_all_sessions);
+        }
+
         odp_thread_local_ctxt->initialize(sc, *this, true);
         odp_ctxt->initialize(inspector);
 
diff --git a/src/network_inspectors/appid/appid_inspector.cc b/src/network_inspectors/appid/appid_inspector.cc
index 59b0fb156..3d547ba41 100644
--- a/src/network_inspectors/appid/appid_inspector.cc
+++ b/src/network_inspectors/appid/appid_inspector.cc
@@ -269,7 +269,8 @@ static void appid_inspector_pterm()
 static void appid_inspector_tinit()
 {
     AppIdPegCounts::init_pegs();
-    appidDebug = new AppIdDebug();
+    if (!appidDebug)
+        appidDebug = new AppIdDebug();
 }
 
 static void appid_inspector_tterm()
@@ -279,6 +280,7 @@ static void appid_inspector_tterm()
     AppIdPegCounts::cleanup_pegs();
     AppIdServiceState::clean();
     delete appidDebug;
+    appidDebug = nullptr;
 }
 
 static Inspector* appid_inspector_ctor(Module* m)
diff --git a/src/network_inspectors/appid/lua_detector_api.cc b/src/network_inspectors/appid/lua_detector_api.cc
index 355bad87a..a73f489d6 100644
--- a/src/network_inspectors/appid/lua_detector_api.cc
+++ b/src/network_inspectors/appid/lua_detector_api.cc
@@ -348,6 +348,45 @@ static int detector_log_message(lua_State* L)
     return 0;
 }
 
+static int detector_log_snort_message(lua_State* L)
+{
+    const auto& name = (*UserData<LuaObject>::check(L, DETECTOR, 1))->get_detector()->get_name();
+
+    unsigned int level = lua_tonumber(L, 2);
+    const char* message = lua_tostring(L, 3);
+
+    switch (level)
+    {
+    case LUA_LOG_CRITICAL:
+        appid_log(nullptr, TRACE_CRITICAL_LEVEL, "%s:%s\n", name.c_str(), message);
+        break;
+
+    case LUA_LOG_ERR:
+        appid_log(nullptr, TRACE_ERROR_LEVEL, "%s:%s\n", name.c_str(), message);
+        break;
+
+    case LUA_LOG_WARN:
+        appid_log(nullptr, TRACE_WARNING_LEVEL, "%s:%s\n", name.c_str(), message);
+        break;
+
+    case LUA_LOG_NOTICE:
+    case LUA_LOG_INFO:
+        if ( !appidDebug or !appidDebug->is_enabled() )
+            return 0;
+        appid_log(nullptr, TRACE_INFO_LEVEL, "AppIdDbg %s:%s\n", name.c_str(), message);
+        break;
+
+    case LUA_LOG_TRACE:
+        appid_log(init(L) ? nullptr : CURRENT_PACKET, TRACE_DEBUG_LEVEL, "%s:%s\n", name.c_str(), message);
+        break;
+
+    default:
+        break;
+    }
+
+    return 0;
+}
+
 /** Add a netbios domain
  *  lua params:
  *    1 - the netbios domain
@@ -3158,6 +3197,7 @@ static const luaL_Reg detector_methods[] =
     { "htons",                    detector_htons },
     { "htonl",                    detector_htonl },
     { "log",                      detector_log_message },
+    { "cLog",                     detector_log_snort_message},
     { "addHttpPattern",           detector_add_http_pattern },
     { "addAppUrl",                detector_add_url_application },
     { "addRTMPUrl",               detector_add_rtmp_url },
-- 
2.47.3