"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/dynamic-preprocessors/appid/service_plugins/service_rpc.c" between
snort-2.9.16.1.tar.gz and snort-2.9.17.tar.gz

About: Snort is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

service_rpc.c  (snort-2.9.16.1):service_rpc.c  (snort-2.9.17)
skipping to change at line 234 skipping to change at line 234
{APP_ID_SUN_RPC, APPINFO_FLAG_SERVICE_ADDITIONAL | APPINFO_FLAG_SERVICE_UDP_ REVERSED} {APP_ID_SUN_RPC, APPINFO_FLAG_SERVICE_ADDITIONAL | APPINFO_FLAG_SERVICE_UDP_ REVERSED}
}; };
static int16_t app_id = 0; static int16_t app_id = 0;
static int rpc_init(const InitServiceAPI * const init_api) static int rpc_init(const InitServiceAPI * const init_api)
{ {
struct rpcent *rpc; struct rpcent *rpc;
RPCProgram *prog; RPCProgram *prog;
#ifdef TARGET_BASED
app_id = init_api->dpd->addProtocolReference("sunrpc"); app_id = init_api->dpd->addProtocolReference("sunrpc");
#endif
if (!rpc_programs) if (!rpc_programs)
{ {
while ((rpc = getrpcent())) while ((rpc = getrpcent()))
{ {
if (rpc->r_name) if (rpc->r_name)
{ {
prog = calloc(1, sizeof(RPCProgram)); prog = calloc(1, sizeof(RPCProgram));
if (prog) if (prog)
{ {
skipping to change at line 405 skipping to change at line 407
return SERVICE_NOMATCH; return SERVICE_NOMATCH;
pmr = (ServiceRPCPortmapReply *)data; pmr = (ServiceRPCPortmapReply *)data;
if (pmr->port) if (pmr->port)
{ {
sfaddr_t *sip; sfaddr_t *sip;
sfaddr_t *dip; sfaddr_t *dip;
dip = GET_DST_IP(pkt); dip = GET_DST_IP(pkt);
sip = GET_SRC_IP(pkt); sip = GET_SRC_IP(pkt);
tmp = ntohl(pmr->port); tmp = ntohl(pmr->port);
#ifdef TARGET_BASED
pf = rpc_service_mod.api->flow_new(flowp, pkt, dip, 0, s ip, (uint16_t)tmp, (uint8_t)ntohl(rd->proto), app_id, 0); pf = rpc_service_mod.api->flow_new(flowp, pkt, dip, 0, s ip, (uint16_t)tmp, (uint8_t)ntohl(rd->proto), app_id, 0);
if (pf) if (pf)
{ {
rpc_service_mod.api->data_add_id(pf, (uint16_t)tmp, rpc_service_mod.api->data_add_id(pf, (uint16_t)tmp,
flowp->proto==IPPRO TO_TCP ? &tcp_svc_element:&svc_element); flowp->proto==IPPRO TO_TCP ? &tcp_svc_element:&svc_element);
pf->rnaServiceState = RNA_STATE_STATEFUL; pf->rnaServiceState = RNA_STATE_STATEFUL;
setAppIdFlag(pf, setAppIdFlag(pf,
getAppIdFlag(flowp, getAppIdFlag(flowp,
APPID_SESSION_RESPONDER_MO NITORED | APPID_SESSION_RESPONDER_MO NITORED |
APPID_SESSION_INITIATOR_MO NITORED | APPID_SESSION_INITIATOR_MO NITORED |
APPID_SESSION_SPECIAL_MONI TORED | APPID_SESSION_SPECIAL_MONI TORED |
APPID_SESSION_RESPONDER_CH ECKED | APPID_SESSION_RESPONDER_CH ECKED |
APPID_SESSION_INITIATOR_CH ECKED | APPID_SESSION_INITIATOR_CH ECKED |
APPID_SESSION_DISCOVER_APP | APPID_SESSION_DISCOVER_APP |
APPID_SESSION_DISCOVER_USE R)); APPID_SESSION_DISCOVER_USE R));
} }
#endif
} }
break; break;
default: default:
break; break;
} }
*pname = "portmap"; *pname = "portmap";
break; break;
default: default:
rprog = FindRPCProgram(rd->program); rprog = FindRPCProgram(rd->program);
if (rprog && rprog->name) *pname = rprog->name; if (rprog && rprog->name) *pname = rprog->name;
 End of changes. 4 change blocks. 
0 lines changed or deleted 4 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)