From: Mike Stepanek (mstepane) <mstepane@cisco.com>
Date: Tue, 8 May 2018 16:35:08 +0000 (-0400)
Subject: Merge pull request #1216 in SNORT/snort3 from appid_tp_done to master
X-Git-Tag: 3.0.0-245~16
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3ea06dbef7b6385efd00ee5a27a1a86da9418929;p=thirdparty%2Fsnort3.git

Merge pull request #1216 in SNORT/snort3 from appid_tp_done to master

Squashed commit of the following:

commit fbcbd2a12c8819ddd188da1a231d00d1d3fd668a
Author: Shravan Rangaraju <shrarang@cisco.com>
Date:   Sun May 6 15:28:42 2018 -0400

    appid: report when third party appid is done inspecting
---

diff --git a/src/network_inspectors/appid/appid_api.cc b/src/network_inspectors/appid/appid_api.cc
index 0c775ab4e..791c1d3c0 100644
--- a/src/network_inspectors/appid/appid_api.cc
+++ b/src/network_inspectors/appid/appid_api.cc
@@ -197,7 +197,7 @@ bool AppIdApi::is_appid_inspecting_session(Flow& flow)
         if ( asd->common.flow_type == APPID_FLOW_TYPE_NORMAL )
         {
             if ( asd->service_disco_state != APPID_DISCO_STATE_FINISHED ||
-                 !asd->is_third_party_appid_done() ||
+                 !asd->is_tp_appid_done() ||
                  asd->get_session_flags(APPID_SESSION_HTTP_SESSION | APPID_SESSION_CONTINUE) ||
                  (asd->get_session_flags(APPID_SESSION_ENCRYPTED) &&
                   (asd->get_session_flags(APPID_SESSION_DECRYPTED) ||
@@ -246,7 +246,7 @@ bool AppIdApi::is_appid_available(Flow& flow)
         // FIXIT-M: If a third-party module is not available then this
         //          should probably check if an appId has been discovered
         //          by the local AppId module.
-        return asd->is_third_party_appid_available();
+        return asd->is_tp_appid_available();
     }
 
     return false;
@@ -397,7 +397,7 @@ uint32_t AppIdApi::produce_ha_state(Flow& flow, uint8_t* buf)
     if ( asd && ( get_flow_type(flow) == APPID_FLOW_TYPE_NORMAL ) )
     {
         appHA->flags = APPID_HA_FLAGS_APP;
-        if ( asd->is_third_party_appid_available() )
+        if ( asd->is_tp_appid_available() )
             appHA->flags |= APPID_HA_FLAGS_TP_DONE;
         if ( asd->is_service_detected() )
             appHA->flags |= APPID_HA_FLAGS_SVC_DONE;
@@ -521,7 +521,7 @@ bool AppIdApi::is_http_inspection_done(Flow& flow)
 
     if ( AppIdSession* asd = get_appid_session(flow) )
         if ( ( asd->common.flow_type == APPID_FLOW_TYPE_NORMAL ) &&
-             !asd->is_third_party_appid_done() )
+             !asd->is_tp_appid_done() )
             done = false;
 
     return done;
diff --git a/src/network_inspectors/appid/appid_session.cc b/src/network_inspectors/appid/appid_session.cc
index bf9ec1311..5a1ca69ef 100644
--- a/src/network_inspectors/appid/appid_session.cc
+++ b/src/network_inspectors/appid/appid_session.cc
@@ -688,7 +688,7 @@ AppId AppIdSession::pick_service_app_id()
 
         if (service.get_id() > APP_ID_NONE && !deferred)
             return service.get_id();
-        if (is_third_party_appid_available())
+        if (is_tp_appid_available())
         {
             if (tp_app_id > APP_ID_NONE)
                 return tp_app_id;
@@ -725,7 +725,7 @@ AppId AppIdSession::pick_only_service_app_id()
     if (service.get_id() > APP_ID_NONE && !deferred)
         return service.get_id();
 
-    if (is_third_party_appid_available() && tp_app_id > APP_ID_NONE)
+    if (is_tp_appid_available() && tp_app_id > APP_ID_NONE)
         return tp_app_id;
     else if (deferred)
         return service.get_id();
@@ -886,7 +886,7 @@ AppIdDnsSession* AppIdSession::get_dns_session()
     return dsession;
 }
 
-bool AppIdSession::is_third_party_appid_done() const
+bool AppIdSession::is_tp_appid_done() const
 {
 #ifdef ENABLE_APPID_THIRD_PARTY
     if (config->have_tp())
@@ -906,7 +906,7 @@ bool AppIdSession::is_third_party_appid_done() const
     return true;
 }
 
-bool AppIdSession::is_third_party_appid_available() const
+bool AppIdSession::is_tp_appid_available() const
 {
 #ifdef ENABLE_APPID_THIRD_PARTY
     if (config->have_tp())
diff --git a/src/network_inspectors/appid/appid_session.h b/src/network_inspectors/appid/appid_session.h
index de7f6590f..cd888e7f8 100644
--- a/src/network_inspectors/appid/appid_session.h
+++ b/src/network_inspectors/appid/appid_session.h
@@ -282,8 +282,8 @@ public:
     AppIdHttpSession* get_http_session();
     AppIdDnsSession* get_dns_session();
 
-    bool is_third_party_appid_done() const;
-    bool is_third_party_appid_available() const;
+    bool is_tp_appid_done() const;
+    bool is_tp_appid_available() const;
 
 private:
     AppIdHttpSession* hsession = nullptr;
diff --git a/src/network_inspectors/appid/client_plugins/client_discovery.cc b/src/network_inspectors/appid/client_plugins/client_discovery.cc
index bb183c3ba..382c1ff46 100644
--- a/src/network_inspectors/appid/client_plugins/client_discovery.cc
+++ b/src/network_inspectors/appid/client_plugins/client_discovery.cc
@@ -341,7 +341,7 @@ bool ClientDiscovery::do_client_discovery(AppIdSession& asd, Packet* p, AppidSes
     {
         if ( p->flow->get_session_flags() & SSNFLAG_MIDSTREAM )
             asd.client_disco_state = APPID_DISCO_STATE_FINISHED;
-        else if ( asd.is_third_party_appid_available()
+        else if ( asd.is_tp_appid_available()
             && ( asd.tp_app_id > APP_ID_NONE && asd.tp_app_id < SF_APPID_MAX ) )
         {
             //tp has positively identified appId, Dig deeper only if sourcefire
@@ -372,7 +372,7 @@ bool ClientDiscovery::do_client_discovery(AppIdSession& asd, Packet* p, AppidSes
            asd.client_disco_state == APPID_DISCO_STATE_DIRECT) &&
          asd.client_disco_state == prevRnaClientState &&
          !asd.get_session_flags(APPID_SESSION_NO_TPI)  &&
-         asd.is_third_party_appid_available() &&
+         asd.is_tp_appid_available() &&
          asd.tp_app_id > APP_ID_NONE && asd.tp_app_id < SF_APPID_MAX)
     {
         entry = asd.app_info_mgr->get_app_info_entry(asd.tp_app_id);
diff --git a/src/network_inspectors/appid/service_plugins/service_discovery.cc b/src/network_inspectors/appid/service_plugins/service_discovery.cc
index d639d91f9..a20092daa 100644
--- a/src/network_inspectors/appid/service_plugins/service_discovery.cc
+++ b/src/network_inspectors/appid/service_plugins/service_discovery.cc
@@ -596,7 +596,7 @@ bool ServiceDiscovery::do_service_discovery(AppIdSession& asd, Packet* p, AppidS
                 asd.service_disco_state = APPID_DISCO_STATE_FINISHED;
             }
         }
-        else if (asd.is_third_party_appid_available())
+        else if (asd.is_tp_appid_available())
         {
             if (asd.tp_app_id > APP_ID_NONE)
             {
@@ -628,7 +628,7 @@ bool ServiceDiscovery::do_service_discovery(AppIdSession& asd, Packet* p, AppidS
     if ( asd.service_disco_state == APPID_DISCO_STATE_STATEFUL &&
          prevRnaServiceState == APPID_DISCO_STATE_STATEFUL &&
          !asd.get_session_flags(APPID_SESSION_NO_TPI) &&
-         asd.is_third_party_appid_available() &&
+         asd.is_tp_appid_available() &&
          asd.tp_app_id > APP_ID_NONE && asd.tp_app_id < SF_APPID_MAX)
     {
         AppInfoTableEntry* entry = asd.app_info_mgr->get_app_info_entry(asd.tp_app_id);
diff --git a/src/network_inspectors/appid/test/appid_mock_session.h b/src/network_inspectors/appid/test/appid_mock_session.h
index 8f654e29d..f3a0d1d5f 100644
--- a/src/network_inspectors/appid/test/appid_mock_session.h
+++ b/src/network_inspectors/appid/test/appid_mock_session.h
@@ -241,12 +241,12 @@ AppIdDnsSession* AppIdSession::get_dns_session()
     return dsession;
 }
 
-bool AppIdSession::is_third_party_appid_done() const
+bool AppIdSession::is_tp_appid_done() const
 {
     return true;
 }
 
-bool AppIdSession::is_third_party_appid_available() const
+bool AppIdSession::is_tp_appid_available() const
 {
     return false;
 }
diff --git a/src/network_inspectors/appid/tp_appid_utils.cc b/src/network_inspectors/appid/tp_appid_utils.cc
index 8719a602b..9c7563e03 100644
--- a/src/network_inspectors/appid/tp_appid_utils.cc
+++ b/src/network_inspectors/appid/tp_appid_utils.cc
@@ -67,17 +67,10 @@ static bool contains(const vector<Type_t>& vec, const ValType_t& val)
     return false;
 }
 
-// FIXIT-L bogus placeholder for this func, need to find out what it should do
-static inline bool is_appid_done(const ThirdPartyAppIDSession* tpsession)
-{
-    UNUSED(tpsession);
-    return false;
-}
-
 static inline bool check_reinspect(const Packet* p, const AppIdSession& asd)
 {
     return p->dsize && !asd.get_session_flags(APPID_SESSION_NO_TPI) &&
-        asd.get_session_flags(APPID_SESSION_HTTP_SESSION) && is_appid_done(asd.tpsession);
+        asd.get_session_flags(APPID_SESSION_HTTP_SESSION) && asd.is_tp_appid_done();
 }
 
 static inline int check_ssl_appid_for_reinspect(AppId app_id)
@@ -629,7 +622,7 @@ bool do_discovery(AppIdSession& asd, IpProtocol protocol,
     /*** Start of third-party processing. ***/
     if ( asd.config->have_tp()
         && !asd.get_session_flags(APPID_SESSION_NO_TPI)
-        && (!is_appid_done(asd.tpsession)
+        && (!asd.is_tp_appid_done()
         || asd.get_session_flags(APPID_SESSION_APP_REINSPECT
         | APPID_SESSION_APP_REINSPECT_SSL)))
     {
@@ -756,7 +749,7 @@ bool do_discovery(AppIdSession& asd, IpProtocol protocol,
                     if (asd.payload.get_id() == APP_ID_HTTP_SSL_TUNNEL)
                         snort_app_id = APP_ID_SSL;
 
-                    if (asd.is_third_party_appid_available() && asd.tp_app_id ==
+                    if (asd.is_tp_appid_available() && asd.tp_app_id ==
                         APP_ID_HTTP
                         && !asd.get_session_flags(APPID_SESSION_APP_REINSPECT))
                     {