#define STREAM_SET_FLAGS(ssn, stream, p, flag) { \
flag = 0; \
- if (!(ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED)) {\
+ if (!(stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED)) {\
flag |= STREAM_START; \
} \
if (stream->flags & STREAMTCP_STREAM_FLAG_CLOSE_INITIATED) { \
#define STREAM_SET_INLINE_FLAGS(ssn, stream, p, flag) { \
flag = 0; \
- if (!(ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED)) {\
+ if (!(stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED)) {\
flag |= STREAM_START; \
} \
if (stream->flags & STREAMTCP_STREAM_FLAG_CLOSE_INITIATED) { \
SCLogDebug("sending empty eof message");
/* send EOF to app layer */
STREAM_SET_INLINE_FLAGS(ssn, stream, p, flags);
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
NULL, 0, flags);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
/* if app layer protocol has been detected, then remove all the segments
* which has been previously processed and reassembled */
- } else if ((ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED) &&
+ } else if ((stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED) &&
(seg->flags & SEGMENTTCP_FLAG_RAW_PROCESSED) &&
StreamTcpAppLayerSegmentProcessed(stream, seg)) {
SCLogDebug("segment(%p) of length %"PRIu16" has been processed,"
STREAM_SET_INLINE_FLAGS(ssn, stream, p, flags);
/* process what we have so far */
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
data, data_len, flags);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
/* send gap signal */
STREAM_SET_INLINE_FLAGS(ssn, stream, p, flags);
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
NULL, 0, flags|STREAM_GAP);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
data_len = 0;
/* process what we have so far */
STREAM_SET_INLINE_FLAGS(ssn, stream, p, flags);
BUG_ON(data_len > sizeof(data));
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
data, data_len, flags);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
data_sent += data_len;
/* process what we have so far */
STREAM_SET_INLINE_FLAGS(ssn, stream, p, flags);
BUG_ON(data_len > sizeof(data));
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
data, data_len, flags);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
data_sent += data_len;
/* process what we have so far */
STREAM_SET_INLINE_FLAGS(ssn, stream, p, flags);
BUG_ON(data_len > sizeof(data));
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
data, data_len, flags);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
data_sent += data_len;
SCLogDebug("sending empty eof message");
/* send EOF to app layer */
STREAM_SET_INLINE_FLAGS(ssn, stream, p, flags);
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
NULL, 0, flags);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
}
/* store ra_base_seq in the stream */
- if ((ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED)) {
+ if ((stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED)) {
stream->ra_app_base_seq = ra_base_seq;
}
* which has been previously processed and reassembled
*
* If the stream is in GAP state the app layer flag won't be set */
- if ((ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED) &&
+ if ((stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED) &&
(seg->flags & SEGMENTTCP_FLAG_RAW_PROCESSED) &&
StreamTcpAppLayerSegmentProcessed(stream, seg))
{
seg = next_seg;
continue;
- } else if ((ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED) &&
+ } else if ((stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED) &&
(seg->flags & SEGMENTTCP_FLAG_RAW_PROCESSED) &&
(seg->flags & SEGMENTTCP_FLAG_APPLAYER_PROCESSED))
{
SCLogDebug("sending empty eof message");
/* send EOF to app layer */
STREAM_SET_FLAGS(ssn, stream, p, flags);
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
NULL, 0, flags);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
/* if app layer protocol has been detected, then remove all the segments
which has been previously processed and reassembled */
- if ((ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED) &&
+ if ((stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED) &&
(seg->flags & SEGMENTTCP_FLAG_RAW_PROCESSED) &&
(seg->flags & SEGMENTTCP_FLAG_APPLAYER_PROCESSED))
{
STREAM_SET_FLAGS(ssn, stream, p, flags);
/* process what we have so far */
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
data, data_len, flags);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
data_len = 0;
/* send gap signal */
STREAM_SET_FLAGS(ssn, stream, p, flags);
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
NULL, 0, flags|STREAM_GAP);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
data_len = 0;
/* process what we have so far */
STREAM_SET_FLAGS(ssn, stream, p, flags);
BUG_ON(data_len > sizeof(data));
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
data, data_len, flags);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
data_len = 0;
/* if after the first data chunk we have no alproto yet,
* there is no point in continueing here. */
- if (!(ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED)) {
+ if (!(stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED)) {
SCLogDebug("no alproto after first data chunk");
break;
}
/* process what we have so far */
STREAM_SET_FLAGS(ssn, stream, p, flags);
BUG_ON(data_len > sizeof(data));
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
data, data_len, flags);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
data_len = 0;
/* if after the first data chunk we have no alproto yet,
* there is no point in continueing here. */
- if (!(ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED)) {
+ if (!(stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED)) {
SCLogDebug("no alproto after first data chunk");
break;
}
/* process what we have so far */
STREAM_SET_FLAGS(ssn, stream, p, flags);
BUG_ON(data_len > sizeof(data));
- AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn,
+ AppLayerHandleTCPData(&ra_ctx->dp_ctx, p->flow, ssn, stream,
data, data_len, flags);
PACKET_PROFILING_APP_STORE(&ra_ctx->dp_ctx, p);
}
/* store ra_base_seq in the stream */
- if ((ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED)) {
+ if ((stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED)) {
stream->ra_app_base_seq = ra_base_seq;
}
SCLogDebug("stream->ra_app_base_seq %u", stream->ra_app_base_seq);
#if 0
if (ssn->state <= TCP_ESTABLISHED &&
- !(ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED)) {
+ !(stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED)) {
SCLogDebug("only starting raw reassembly after app layer protocol "
"detection has completed.");
SCReturnInt(0);
* which has been previously processed and reassembled
*
* If the stream is in GAP state the app layer flag won't be set */
- if ((ssn->flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED) &&
+ if ((stream->flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED) &&
(seg->flags & SEGMENTTCP_FLAG_RAW_PROCESSED) &&
((seg->flags & SEGMENTTCP_FLAG_APPLAYER_PROCESSED) ||
(stream->flags & STREAMTCP_STREAM_FLAG_GAP)))
/* Check if we have stream smsgs in queue */
if (ra_ctx->stream_q->len == 0 &&
- !(ssn.flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED)) {
+ !(ssn.client.flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED)) {
printf("there should be a stream smsgs in the queue, as we have detected"
" the app layer protocol and one smsg from toserver side has "
"been sent (10): ");
SCLogDebug("final check");
- if (!(ssn.flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED)) {
- printf("STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED flag should have been set (13): ");
+ if (!(ssn.client.flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED)) {
+ printf("STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED flag should have been set (13): ");
goto end;
}
goto end;
}
#endif
- if (!(ssn.flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED)) {
+ if (!(ssn.client.flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED)) {
printf("app layer detected flag isn't set, it should be (8): ");
goto end;
}
#endif
/* the flag should be set, as the smsg scanned size has crossed the max.
signature size for app proto detection */
- if (! (ssn.flags & STREAMTCP_FLAG_APPPROTO_DETECTION_COMPLETED)) {
+ if (! (ssn.client.flags & STREAMTCP_STREAM_FLAG_APPPROTO_DETECTION_COMPLETED)) {
printf("app layer detected flag is not set, it should be (14): ");
goto end;
}
projects / thirdparty / suricata.git / commitdiff
