is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.
| ftpp_si.c (snort-2.9.16.1) | : | ftpp_si.c (snort-2.9.17) |
|---|
| | |
| skipping to change at line 60 | | skipping to change at line 60 |
|---|
| | |
| #ifdef HAVE_CONFIG_H | | #ifdef HAVE_CONFIG_H |
| #include "config.h" | | #include "config.h" |
| #endif | | #endif |
| | |
| #include "ftpp_return_codes.h" | | #include "ftpp_return_codes.h" |
| #include "ftpp_ui_config.h" | | #include "ftpp_ui_config.h" |
| #include "ftpp_ui_client_lookup.h" | | #include "ftpp_ui_client_lookup.h" |
| #include "ftpp_ui_server_lookup.h" | | #include "ftpp_ui_server_lookup.h" |
| #include "ftpp_si.h" | | #include "ftpp_si.h" |
|
| | #include "spp_ftptelnet.h" |
| #include "stream_api.h" | | #include "stream_api.h" |
| #include "snort_ftptelnet.h" | | #include "snort_ftptelnet.h" |
| #include "sfPolicyUserData.h" | | #include "sfPolicyUserData.h" |
| #include "ssl_include.h" | | #include "ssl_include.h" |
| | |
| #ifndef WIN32 | | #ifndef WIN32 |
| # include <ctype.h> | | # include <ctype.h> |
| #endif | | #endif |
| | |
| extern tSfPolicyUserContextId ftp_telnet_config; | | extern tSfPolicyUserContextId ftp_telnet_config; |
| | |
| skipping to change at line 129 | | skipping to change at line 130 |
|---|
| (ssn->global_conf != ftp_telnet_config)) | | (ssn->global_conf != ftp_telnet_config)) |
| { | | { |
| sfPolicyUserDataClear (ssn->global_conf, ssn->policy_id); | | sfPolicyUserDataClear (ssn->global_conf, ssn->policy_id); |
| FTPTelnetFreeConfig(pPolicyConfig); | | FTPTelnetFreeConfig(pPolicyConfig); |
| | |
| if (sfPolicyUserPolicyGetActive(ssn->global_conf) == 0) | | if (sfPolicyUserPolicyGetActive(ssn->global_conf) == 0) |
| FTPTelnetFreeConfigs(ssn->global_conf); | | FTPTelnetFreeConfigs(ssn->global_conf); |
| } | | } |
| } | | } |
| | |
|
| | ftp_telnet_stats.telnet_sessions--; |
| | ftp_telnet_stats.heap_memory -= sizeof(TELNET_SESSION); |
| | |
| free(ssn); | | free(ssn); |
| } | | } |
| | |
| /* | | /* |
| * Function: TelnetResetSession(TELNET_SESSION *Session) | | * Function: TelnetResetSession(TELNET_SESSION *Session) |
| * | | * |
| * Purpose: This function resets all the variables that need to be | | * Purpose: This function resets all the variables that need to be |
| * initialized for a new Session. I've tried to keep this to | | * initialized for a new Session. I've tried to keep this to |
| * a minimum, so we don't have to worry about initializing big | | * a minimum, so we don't have to worry about initializing big |
| * structures. | | * structures. |
| | |
| skipping to change at line 187 | | skipping to change at line 191 |
|---|
| * | | * |
| */ | | */ |
| static int TelnetStatefulSessionInspection(SFSnortPacket *p, | | static int TelnetStatefulSessionInspection(SFSnortPacket *p, |
| FTPTELNET_GLOBAL_CONF *GlobalConf, | | FTPTELNET_GLOBAL_CONF *GlobalConf, |
| TELNET_SESSION **TelnetSession, | | TELNET_SESSION **TelnetSession, |
| FTPP_SI_INPUT *SiInput) | | FTPP_SI_INPUT *SiInput) |
| { | | { |
| if (p->stream_session) | | if (p->stream_session) |
| { | | { |
| TELNET_SESSION *NewSession = (TELNET_SESSION *)calloc(1, sizeof(TELNET_S
ESSION)); | | TELNET_SESSION *NewSession = (TELNET_SESSION *)calloc(1, sizeof(TELNET_S
ESSION)); |
|
| | |
| | ftp_telnet_stats.telnet_sessions++; |
| | if (ftp_telnet_stats.telnet_sessions > ftp_telnet_stats.max_telnet_sessi |
| | ons) |
| | ftp_telnet_stats.max_telnet_sessions = ftp_telnet_stats.telnet_sessi |
| | ons; |
| | |
| | ftp_telnet_stats.heap_memory += sizeof(TELNET_SESSION); |
| | |
| tSfPolicyId policy_id = _dpd.getNapRuntimePolicy(); | | tSfPolicyId policy_id = _dpd.getNapRuntimePolicy(); |
| | |
| if (NewSession == NULL) | | if (NewSession == NULL) |
| { | | { |
| DynamicPreprocessorFatalMessage("Failed to allocate memory for " | | DynamicPreprocessorFatalMessage("Failed to allocate memory for " |
| "new Telnet session.\n"); | | "new Telnet session.\n"); |
| } | | } |
| | |
| TelnetResetSession(NewSession); | | TelnetResetSession(NewSession); |
| | |
| | |
| skipping to change at line 685 | | skipping to change at line 696 |
|---|
| sfPolicyUserDataClear (ssn->global_conf, ssn->policy_id); | | sfPolicyUserDataClear (ssn->global_conf, ssn->policy_id); |
| FTPTelnetFreeConfig(pPolicyConfig); | | FTPTelnetFreeConfig(pPolicyConfig); |
| | |
| if (sfPolicyUserPolicyGetActive(ssn->global_conf) == 0) | | if (sfPolicyUserPolicyGetActive(ssn->global_conf) == 0) |
| FTPTelnetFreeConfigs(ssn->global_conf); | | FTPTelnetFreeConfigs(ssn->global_conf); |
| } | | } |
| } | | } |
| | |
| if (ssn->filename) | | if (ssn->filename) |
| { | | { |
|
| | ftp_telnet_stats.heap_memory -= (strlen(ssn->filename) + 1); |
| free(ssn->filename); | | free(ssn->filename); |
| } | | } |
| | |
| if ( ssl_cb ) | | if ( ssl_cb ) |
| ssl_cb->session_free(ssn->flow_id); | | ssl_cb->session_free(ssn->flow_id); |
| | |
|
| | ftp_telnet_stats.ftp_sessions--; |
| | ftp_telnet_stats.heap_memory -= sizeof(FTP_SESSION); |
| | #ifdef TARGET_BASED |
| FTP_DATA_SESSION *datassn = ssn->datassn; | | FTP_DATA_SESSION *datassn = ssn->datassn; |
| if(datassn && (ssn == datassn->ftpssn)) | | if(datassn && (ssn == datassn->ftpssn)) |
| datassn->ftpssn = NULL; | | datassn->ftpssn = NULL; |
| free(ssn); | | free(ssn); |
|
| | #endif |
| } | | } |
| | |
| #ifdef TARGET_BASED | | #ifdef TARGET_BASED |
| /* Function: FTPDataSessionNew | | /* Function: FTPDataSessionNew |
| * | | * |
| * Create an ftp-data session from a packet | | * Create an ftp-data session from a packet |
| */ | | */ |
| FTP_DATA_SESSION * FTPDataSessionNew(SFSnortPacket *p) | | FTP_DATA_SESSION * FTPDataSessionNew(SFSnortPacket *p) |
| { | | { |
| FTP_DATA_SESSION *ftpdata = calloc(1, sizeof *ftpdata); | | FTP_DATA_SESSION *ftpdata = calloc(1, sizeof *ftpdata); |
| | |
| skipping to change at line 719 | | skipping to change at line 735 |
|---|
| ftpdata->ft_ssn.proto = FTPP_SI_PROTO_FTP_DATA; | | ftpdata->ft_ssn.proto = FTPP_SI_PROTO_FTP_DATA; |
| ftpdata->flow_id = 0; | | ftpdata->flow_id = 0; |
| | |
| /* Get the ftp-ctrl session key */ | | /* Get the ftp-ctrl session key */ |
| ftpdata->ftp_key = _dpd.sessionAPI->get_session_key(p); | | ftpdata->ftp_key = _dpd.sessionAPI->get_session_key(p); |
| | |
| if (!ftpdata->ftp_key) | | if (!ftpdata->ftp_key) |
| { | | { |
| free(ftpdata); | | free(ftpdata); |
| ftpdata = NULL; | | ftpdata = NULL; |
|
| | return ftpdata; |
| } | | } |
| | |
|
| | ftp_telnet_stats.ftp_data_sessions++; |
| | if (ftp_telnet_stats.ftp_data_sessions > ftp_telnet_stats.max_ftp_data_sessi |
| | ons) |
| | ftp_telnet_stats.max_ftp_data_sessions = ftp_telnet_stats.ftp_data_sessi |
| | ons; |
| | |
| | ftp_telnet_stats.heap_memory += (sizeof (*ftpdata) + sizeof(StreamSessionKey |
| | )); |
| | |
| return ftpdata; | | return ftpdata; |
| } | | } |
| | |
| /* | | /* |
| * Function: FTPDataSessionFree | | * Function: FTPDataSessionFree |
| * | | * |
| * Free an ftp-data session | | * Free an ftp-data session |
| */ | | */ |
| void FTPDataSessionFree(void *p_ssn) | | void FTPDataSessionFree(void *p_ssn) |
| { | | { |
| | |
| skipping to change at line 749 | | skipping to change at line 772 |
|---|
| ftpssn->datassn = NULL; | | ftpssn->datassn = NULL; |
| | |
| /* ftp-data key shouldn't exist without this but */ | | /* ftp-data key shouldn't exist without this but */ |
| if (ssn->ftp_key) | | if (ssn->ftp_key) |
| { | | { |
| free(ssn->ftp_key); | | free(ssn->ftp_key); |
| } | | } |
| | |
| if (ssn->filename) | | if (ssn->filename) |
| { | | { |
|
| | ftp_telnet_stats.heap_memory -= (strlen(ssn->filename) + 1); |
| free(ssn->filename); | | free(ssn->filename); |
| } | | } |
| | |
| if ( ssl_cb ) | | if ( ssl_cb ) |
| ssl_cb->session_free(ssn->flow_id); | | ssl_cb->session_free(ssn->flow_id); |
| | |
|
| | ftp_telnet_stats.ftp_data_sessions--; |
| | ftp_telnet_stats.heap_memory -= sizeof(FTP_DATA_SESSION); |
| | |
| free(ssn); | | free(ssn); |
| } | | } |
| | |
| /* Function: FTPDataDirection | | /* Function: FTPDataDirection |
| * | | * |
| * Return true if packet is from the "sending" host | | * Return true if packet is from the "sending" host |
| * Return false if packet is from the "receiving" host | | * Return false if packet is from the "receiving" host |
| */ | | */ |
| bool FTPDataDirection(SFSnortPacket *p, FTP_DATA_SESSION *ftpdata) | | bool FTPDataDirection(SFSnortPacket *p, FTP_DATA_SESSION *ftpdata) |
| { | | { |
| | |
| skipping to change at line 862 | | skipping to change at line 889 |
|---|
| FTP_SERVER_PROTO_CONF *ServerConf; | | FTP_SERVER_PROTO_CONF *ServerConf; |
| int iRet; | | int iRet; |
| | |
| iRet = FTPInitConf(p, GlobalConf, &ClientConf, &ServerConf, SiInput, piI
nspectMode); | | iRet = FTPInitConf(p, GlobalConf, &ClientConf, &ServerConf, SiInput, piI
nspectMode); |
| if (iRet) | | if (iRet) |
| return iRet; | | return iRet; |
| | |
| if (*piInspectMode) | | if (*piInspectMode) |
| { | | { |
| FTP_SESSION *NewSession = (FTP_SESSION *)calloc(1, sizeof(FTP_SESSIO
N)); | | FTP_SESSION *NewSession = (FTP_SESSION *)calloc(1, sizeof(FTP_SESSIO
N)); |
|
| | |
| | ftp_telnet_stats.ftp_sessions++; |
| | if (ftp_telnet_stats.ftp_sessions > ftp_telnet_stats.max_ftp_session |
| | s) |
| | ftp_telnet_stats.max_ftp_sessions = ftp_telnet_stats.ftp_session |
| | s; |
| | |
| | ftp_telnet_stats.heap_memory += sizeof(FTP_SESSION); |
| | |
| tSfPolicyId policy_id = _dpd.getNapRuntimePolicy(); | | tSfPolicyId policy_id = _dpd.getNapRuntimePolicy(); |
| | |
| if (NewSession == NULL) | | if (NewSession == NULL) |
| { | | { |
| DynamicPreprocessorFatalMessage("Failed to allocate memory for " | | DynamicPreprocessorFatalMessage("Failed to allocate memory for " |
| "new FTP session.\n"); | | "new FTP session.\n"); |
| } | | } |
| | |
| FTPResetSession(NewSession); | | FTPResetSession(NewSession); |
| | |
| | | |
| End of changes. 11 change blocks. |
|---|
| 0 lines changed or deleted | | 41 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 