"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/network_inspectors/appid/lua_detector_api.cc" between
snort3-3.1.28.0.tar.gz and snort3-3.1.29.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

[ To the main snort source changes report ]

lua_detector_api.cc  (snort3-3.1.28.0):lua_detector_api.cc  (snort3-3.1.29.0)
skipping to change at line 176 skipping to change at line 176
// lua params: // lua params:
// #1 - serviceName/stack - name of service // #1 - serviceName/stack - name of service
// #2 - pValidator/stack - service validator function name // #2 - pValidator/stack - service validator function name
// #3 - pFini/stack - service clean exit function name // #3 - pFini/stack - service clean exit function name
// return - a detector instance or none // return - a detector instance or none
static int service_init(lua_State* L) static int service_init(lua_State* L)
{ {
auto& ud = *UserData<LuaServiceObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaServiceObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
// auto pServiceName = luaL_checkstring(L, 2); // auto pServiceName = luaL_checkstring(L, 2);
auto pValidator = luaL_checkstring(L, 3); auto pValidator = luaL_checkstring(L, 3);
auto pFini = luaL_checkstring(L, 4); auto pFini = luaL_checkstring(L, 4);
lua_getfield(L, LUA_REGISTRYINDEX, ud->lsd.package_info.name.c_str()); lua_getfield(L, LUA_REGISTRYINDEX, ud->lsd.package_info.name.c_str());
lua_getfield(L, -1, pValidator); lua_getfield(L, -1, pValidator);
if (lua_isfunction(L, -1)) if (lua_isfunction(L, -1))
{ {
lua_pop(L, 1); lua_pop(L, 1);
skipping to change at line 989 skipping to change at line 990
LuaStateDescriptor* lsd = ud->validate_lua_state(true); LuaStateDescriptor* lsd = ud->validate_lua_state(true);
unsigned int payloadId = lua_tonumber(L, 2); unsigned int payloadId = lua_tonumber(L, 2);
ud->cd->add_payload(*lsd->ldp.asd, ud->cd->add_payload(*lsd->ldp.asd,
ud->get_odp_ctxt().get_app_info_mgr().get_appid_by_payload_id(payloadId) ); ud->get_odp_ctxt().get_app_info_mgr().get_appid_by_payload_id(payloadId) );
lua_pushnumber(L, 0); lua_pushnumber(L, 0);
return 1; return 1;
} }
/** Add a alpn to service app mapping.
* @param Lua_State* - Lua state variable.
* @param appid/stack - the AppId to map the data to.
* @param alpn - application protocol negotiations string.
*/
static int add_alpn_to_service_mapping(lua_State* L)
{
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false);
if (!init(L))
return 0;
int index = 1;
uint32_t appid = lua_tointeger(L, ++index);
// Verify that alpn is a valid string
const char* tmp_string = lua_tostring(L, ++index);
if (!tmp_string)
{
ErrorMessage("appid: Invalid alpn service string: appid %u.\n", appid);
return 0;
}
const std::string service_name(tmp_string);
const std::string detector_name = ud->get_detector()->get_name();
ud->get_odp_ctxt().get_alpn_matchers().add_alpn_pattern(appid, service_name,
detector_name);
ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(appid);
return 0;
}
/** Add a fp process to client app mapping. /** Add a fp process to client app mapping.
* @param Lua_State* - Lua state variable. * @param Lua_State* - Lua state variable.
* @param appid/stack - the AppId to map the fp data to * @param appid/stack - the AppId to map the fp data to
* @param process_name/stack - encrypted fingerprint process name * @param process_name/stack - encrypted fingerprint process name
* @param process_score - encrypted fingerprint process_score * @param process_score - encrypted fingerprint process_score
*/ */
static int add_process_to_client_mapping(lua_State* L) static int add_process_to_client_mapping(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
uint32_t appid = lua_tointeger(L, ++index); uint32_t appid = lua_tointeger(L, ++index);
// Verify that process_name is a valid string // Verify that process_name is a valid string
const char* tmp_string = lua_tostring(L, ++index); const char* tmp_string = lua_tostring(L, ++index);
if (!tmp_string) if (!tmp_string)
{ {
ErrorMessage("appid: Invalid eve process_name string: appid %u.\n", appi d); ErrorMessage("appid: Invalid eve process_name string: appid %u.\n", appi d);
return 0; return 0;
skipping to change at line 1057 skipping to change at line 1092
lua_pushvalue(L, -1); lua_pushvalue(L, -1);
df->userDataRef = luaL_ref(L, LUA_REGISTRYINDEX); df->userDataRef = luaL_ref(L, LUA_REGISTRYINDEX);
return 1; return 1;
} }
static int detector_add_http_pattern(lua_State* L) static int detector_add_http_pattern(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
enum httpPatternType pat_type = (enum httpPatternType)lua_tointeger(L, ++ind ex); enum httpPatternType pat_type = (enum httpPatternType)lua_tointeger(L, ++ind ex);
if (pat_type < HTTP_PAYLOAD or pat_type > HTTP_URL) if (pat_type < HTTP_PAYLOAD or pat_type > HTTP_URL)
{ {
ErrorMessage("Invalid HTTP pattern type."); ErrorMessage("Invalid HTTP pattern type.");
return 0; return 0;
} }
skipping to change at line 1099 skipping to change at line 1135
return 0; return 0;
} }
// for Lua this looks something like: addSSLCertPattern(<appId>, '<pattern strin g>') // for Lua this looks something like: addSSLCertPattern(<appId>, '<pattern strin g>')
static int detector_add_ssl_cert_pattern(lua_State* L) static int detector_add_ssl_cert_pattern(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
uint8_t type = lua_tointeger(L, ++index); uint8_t type = lua_tointeger(L, ++index);
AppId app_id = (AppId)lua_tointeger(L, ++index); AppId app_id = (AppId)lua_tointeger(L, ++index);
size_t pattern_size = 0; size_t pattern_size = 0;
const char* tmp_string = lua_tolstring(L, ++index, &pattern_size); const char* tmp_string = lua_tolstring(L, ++index, &pattern_size);
if (!tmp_string or !pattern_size) if (!tmp_string or !pattern_size)
{ {
ErrorMessage("Invalid SSL Host pattern string"); ErrorMessage("Invalid SSL Host pattern string");
skipping to change at line 1126 skipping to change at line 1163
return 0; return 0;
} }
// for Lua this looks something like: addDNSHostPattern(<appId>, '<pattern strin g>') // for Lua this looks something like: addDNSHostPattern(<appId>, '<pattern strin g>')
static int detector_add_dns_host_pattern(lua_State* L) static int detector_add_dns_host_pattern(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
uint8_t type = lua_tointeger(L, ++index); uint8_t type = lua_tointeger(L, ++index);
AppId app_id = (AppId)lua_tointeger(L, ++index); AppId app_id = (AppId)lua_tointeger(L, ++index);
size_t pattern_size = 0; size_t pattern_size = 0;
const char* tmp_string = lua_tolstring(L, ++index, &pattern_size); const char* tmp_string = lua_tolstring(L, ++index, &pattern_size);
if (!tmp_string or !pattern_size) if (!tmp_string or !pattern_size)
{ {
skipping to change at line 1152 skipping to change at line 1190
ud->get_odp_ctxt().get_dns_matchers().add_host_pattern(pattern_str, pattern_ size, type, app_id); ud->get_odp_ctxt().get_dns_matchers().add_host_pattern(pattern_str, pattern_ size, type, app_id);
return 0; return 0;
} }
static int detector_add_ssl_cname_pattern(lua_State* L) static int detector_add_ssl_cname_pattern(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
uint8_t type = lua_tointeger(L, ++index); uint8_t type = lua_tointeger(L, ++index);
AppId app_id = (AppId)lua_tointeger(L, ++index); AppId app_id = (AppId)lua_tointeger(L, ++index);
size_t pattern_size = 0; size_t pattern_size = 0;
const char* tmp_string = lua_tolstring(L, ++index, &pattern_size); const char* tmp_string = lua_tolstring(L, ++index, &pattern_size);
if (!tmp_string or !pattern_size) if (!tmp_string or !pattern_size)
{ {
skipping to change at line 1179 skipping to change at line 1218
ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(app_id); ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(app_id);
return 0; return 0;
} }
static int detector_add_host_port_application(lua_State* L) static int detector_add_host_port_application(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
SfIp ip_address; SfIp ip_address;
int index = 1; int index = 1;
uint8_t type = lua_tointeger(L, ++index); uint8_t type = lua_tointeger(L, ++index);
AppId app_id = (AppId)lua_tointeger(L, ++index); AppId app_id = (AppId)lua_tointeger(L, ++index);
size_t ipaddr_size = 0; size_t ipaddr_size = 0;
const char* ip_str= lua_tolstring(L, ++index, &ipaddr_size); const char* ip_str= lua_tolstring(L, ++index, &ipaddr_size);
if (!ip_str or !ipaddr_size or !convert_string_to_address(ip_str, &ip_addres s)) if (!ip_str or !ipaddr_size or !convert_string_to_address(ip_str, &ip_addres s))
{ {
skipping to change at line 1258 skipping to change at line 1298
} }
return 0; return 0;
} }
static int detector_add_content_type_pattern(lua_State* L) static int detector_add_content_type_pattern(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
size_t stringSize = 0; size_t stringSize = 0;
int index = 1; int index = 1;
const char* tmp_string = lua_tolstring(L, ++index, &stringSize); const char* tmp_string = lua_tolstring(L, ++index, &stringSize);
if (!tmp_string or !stringSize) if (!tmp_string or !stringSize)
{ {
ErrorMessage("Invalid HTTP Header string"); ErrorMessage("Invalid HTTP Header string");
return 0; return 0;
} }
skipping to change at line 1286 skipping to change at line 1327
ud->get_odp_ctxt().get_http_matchers().insert_content_type_pattern(detector) ; ud->get_odp_ctxt().get_http_matchers().insert_content_type_pattern(detector) ;
ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(appId); ud->get_odp_ctxt().get_app_info_mgr().set_app_info_active(appId);
return 0; return 0;
} }
static int detector_add_ssh_client_pattern(lua_State* L) static int detector_add_ssh_client_pattern(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
size_t string_size = 0; size_t string_size = 0;
int index = 1; int index = 1;
const char* tmp_string = lua_tolstring(L, ++index, &string_size); const char* tmp_string = lua_tolstring(L, ++index, &string_size);
if (!tmp_string || !string_size) if (!tmp_string || !string_size)
{ {
ErrorMessage("Invalid SSH Client string"); ErrorMessage("Invalid SSH Client string");
return 0; return 0;
} }
skipping to change at line 1478 skipping to change at line 1520
return -1; return -1;
} }
return 0; return 0;
} }
static int detector_chp_create_application(lua_State* L) static int detector_chp_create_application(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
AppId appId = lua_tointeger(L, ++index); AppId appId = lua_tointeger(L, ++index);
AppId appIdInstance = CHP_APPID_SINGLE_INSTANCE(appId); // Last instance for the old API AppId appIdInstance = CHP_APPID_SINGLE_INSTANCE(appId); // Last instance for the old API
unsigned app_type_flags = lua_tointeger(L, ++index); unsigned app_type_flags = lua_tointeger(L, ++index);
int num_matches = lua_tointeger(L, ++index); int num_matches = lua_tointeger(L, ++index);
// We only want one of these for each appId. // We only want one of these for each appId.
skipping to change at line 1630 skipping to change at line 1673
odp_ctxt.get_http_matchers().remove_http_patterns_for_id(appIdInstance); odp_ctxt.get_http_matchers().remove_http_patterns_for_id(appIdInstance);
return 0; return 0;
} }
static int detector_add_chp_action(lua_State* L) static int detector_add_chp_action(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
HttpFieldIds ptype; HttpFieldIds ptype;
size_t psize; size_t psize;
char* pattern; char* pattern;
ActionType action; ActionType action;
char* action_data; char* action_data;
int index = 1; int index = 1;
// Parameter 1 // Parameter 1
AppId appId = lua_tointeger(L, ++index); AppId appId = lua_tointeger(L, ++index);
skipping to change at line 1721 skipping to change at line 1765
lua_pushnumber(L, appIdInstance); lua_pushnumber(L, appIdInstance);
return 1; return 1;
} }
static int detector_add_chp_multi_action(lua_State* L) static int detector_add_chp_multi_action(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
HttpFieldIds ptype; HttpFieldIds ptype;
size_t psize; size_t psize;
char* pattern; char* pattern;
ActionType action; ActionType action;
char* action_data; char* action_data;
int index = 1; int index = 1;
// Parameter 1 // Parameter 1
AppId appIdInstance = lua_tointeger(L, ++index); AppId appIdInstance = lua_tointeger(L, ++index);
skipping to change at line 1767 skipping to change at line 1812
return add_chp_pattern_action(appIdInstance, key_pattern, ptype, psize, patt ern, return add_chp_pattern_action(appIdInstance, key_pattern, ptype, psize, patt ern,
action, action_data, ud->get_odp_ctxt()); action, action_data, ud->get_odp_ctxt());
} }
static int detector_port_only_service(lua_State* L) static int detector_port_only_service(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
AppId appId = lua_tointeger(L, ++index); AppId appId = lua_tointeger(L, ++index);
uint16_t port = lua_tointeger(L, ++index); uint16_t port = lua_tointeger(L, ++index);
IpProtocol protocol; IpProtocol protocol;
if (toipprotocol(L, ++index, protocol)) if (toipprotocol(L, ++index, protocol))
return 0; return 0;
if (port == 0) if (port == 0)
skipping to change at line 1913 skipping to change at line 1959
lua_pushnumber(L, 0); lua_pushnumber(L, 0);
return 1; return 1;
} }
static int detector_add_url_application(lua_State* L) static int detector_add_url_application(lua_State* L)
{ {
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
uint32_t service_id = lua_tointeger(L, ++index); uint32_t service_id = lua_tointeger(L, ++index);
uint32_t client_id = lua_tointeger(L, ++index); uint32_t client_id = lua_tointeger(L, ++index);
lua_tointeger(L, ++index); //client_id_type lua_tointeger(L, ++index); //client_id_type
uint32_t payload_id = lua_tointeger(L, ++index); uint32_t payload_id = lua_tointeger(L, ++index);
lua_tointeger(L, ++index); // payload_type lua_tointeger(L, ++index); // payload_type
/* Verify that host pattern is a valid string */ /* Verify that host pattern is a valid string */
skipping to change at line 2006 skipping to change at line 2053
app_info_manager.set_app_info_active(appId); app_info_manager.set_app_info_active(appId);
return 0; return 0;
} }
static int detector_add_rtmp_url(lua_State* L) static int detector_add_rtmp_url(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
uint32_t service_id = lua_tointeger(L, ++index); uint32_t service_id = lua_tointeger(L, ++index);
uint32_t client_id = lua_tointeger(L, ++index); uint32_t client_id = lua_tointeger(L, ++index);
lua_tointeger(L, ++index); // client_id_type lua_tointeger(L, ++index); // client_id_type
uint32_t payload_id = lua_tointeger(L, ++index); uint32_t payload_id = lua_tointeger(L, ++index);
lua_tointeger(L, ++index); // payload_type lua_tointeger(L, ++index); // payload_type
/* Verify that host pattern is a valid string */ /* Verify that host pattern is a valid string */
skipping to change at line 2099 skipping to change at line 2147
return 0; return 0;
} }
/*Lua should inject patterns in <clientAppId, clientVersion, multi-Pattern> form at. */ /*Lua should inject patterns in <clientAppId, clientVersion, multi-Pattern> form at. */
static int detector_add_sip_user_agent(lua_State* L) static int detector_add_sip_user_agent(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
uint32_t client_app = lua_tointeger(L, ++index); uint32_t client_app = lua_tointeger(L, ++index);
const char* client_version = lua_tostring(L, ++index); const char* client_version = lua_tostring(L, ++index);
if (!client_version) if (!client_version)
{ {
ErrorMessage("Invalid sip client version string."); ErrorMessage("Invalid sip client version string.");
return 0; return 0;
} }
skipping to change at line 2218 skipping to change at line 2267
ud->cd->add_payload(*lsd->ldp.asd, payload_id); ud->cd->add_payload(*lsd->ldp.asd, payload_id);
lua_pushnumber(L, 0); lua_pushnumber(L, 0);
return 1; return 1;
} }
static int add_http_pattern(lua_State* L) static int add_http_pattern(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
/* Verify valid pattern type */ /* Verify valid pattern type */
enum httpPatternType pat_type = (enum httpPatternType)lua_tointeger(L, ++ind ex); enum httpPatternType pat_type = (enum httpPatternType)lua_tointeger(L, ++ind ex);
if (pat_type < HTTP_PAYLOAD or pat_type > HTTP_URL) if (pat_type < HTTP_PAYLOAD or pat_type > HTTP_URL)
{ {
ErrorMessage("Invalid HTTP pattern type."); ErrorMessage("Invalid HTTP pattern type.");
return 0; return 0;
} }
skipping to change at line 2257 skipping to change at line 2307
} }
return 0; return 0;
} }
static int add_url_pattern(lua_State* L) static int add_url_pattern(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
uint32_t service_id = lua_tointeger(L, ++index); uint32_t service_id = lua_tointeger(L, ++index);
uint32_t client_id = lua_tointeger(L, ++index); uint32_t client_id = lua_tointeger(L, ++index);
uint32_t payload_id = lua_tointeger(L, ++index); uint32_t payload_id = lua_tointeger(L, ++index);
/* Verify that host pattern is a valid string */ /* Verify that host pattern is a valid string */
size_t host_pattern_size = 0; size_t host_pattern_size = 0;
uint8_t* host_pattern = nullptr; uint8_t* host_pattern = nullptr;
skipping to change at line 2350 skipping to change at line 2401
* @param patternLength/stack - length of pattern * @param patternLength/stack - length of pattern
* @param offset/stack - offset into packet payload where matching should start. * @param offset/stack - offset into packet payload where matching should start.
* @param appId/stack - App ID to use for this detector. * @param appId/stack - App ID to use for this detector.
* @return int - Number of elements on stack, which is always 0. * @return int - Number of elements on stack, which is always 0.
*/ */
static int add_port_pattern_client(lua_State* L) static int add_port_pattern_client(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
size_t patternSize = 0; size_t patternSize = 0;
int index = 1; int index = 1;
IpProtocol protocol; IpProtocol protocol;
if (toipprotocol(L, ++index, protocol)) if (toipprotocol(L, ++index, protocol))
return 0; return 0;
uint16_t port = 0; // port = lua_tonumber(L, ++index); FIXIT-RC - why commented out? uint16_t port = 0; // port = lua_tonumber(L, ++index); FIXIT-RC - why commented out?
const char* pattern = lua_tolstring(L, ++index, &patternSize); const char* pattern = lua_tolstring(L, ++index, &patternSize);
skipping to change at line 2404 skipping to change at line 2456
* @param patternLength/stack - length of pattern * @param patternLength/stack - length of pattern
* @param offset/stack - offset into packet payload where matching should start. * @param offset/stack - offset into packet payload where matching should start.
* @param appId/stack - App ID to use for this detector. * @param appId/stack - App ID to use for this detector.
* @return int - Number of elements on stack, which is always 0. * @return int - Number of elements on stack, which is always 0.
*/ */
static int add_port_pattern_service(lua_State* L) static int add_port_pattern_service(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
size_t patternSize = 0; size_t patternSize = 0;
int index = 1; int index = 1;
IpProtocol protocol; IpProtocol protocol;
if (toipprotocol(L, ++index, protocol)) if (toipprotocol(L, ++index, protocol))
return 0; return 0;
uint16_t port = lua_tonumber(L, ++index); uint16_t port = lua_tonumber(L, ++index);
const char* pattern = lua_tolstring(L, ++index, &patternSize); const char* pattern = lua_tolstring(L, ++index, &patternSize);
skipping to change at line 2439 skipping to change at line 2492
return 0; return 0;
} }
/*Lua should inject patterns in <clientAppId, clientVersion, multi-Pattern> form at. */ /*Lua should inject patterns in <clientAppId, clientVersion, multi-Pattern> form at. */
static int detector_add_sip_server(lua_State* L) static int detector_add_sip_server(lua_State* L)
{ {
auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1); auto& ud = *UserData<LuaObject>::check(L, DETECTOR, 1);
// Verify detector user data and that we are NOT in packet context // Verify detector user data and that we are NOT in packet context
ud->validate_lua_state(false); ud->validate_lua_state(false);
if (!init(L)) return 0; if (!init(L))
return 0;
int index = 1; int index = 1;
uint32_t client_app = lua_tointeger(L, ++index); uint32_t client_app = lua_tointeger(L, ++index);
const char* client_version = lua_tostring(L, ++index); const char* client_version = lua_tostring(L, ++index);
if (!client_version) if (!client_version)
{ {
ErrorMessage("Invalid sip client version string."); ErrorMessage("Invalid sip client version string.");
return 0; return 0;
} }
skipping to change at line 2727 skipping to change at line 2781
{ "client_getServiceId", service_get_service_id }, { "client_getServiceId", service_get_service_id },
/*client service API */ /*client service API */
{ "client_addApp", client_add_application }, { "client_addApp", client_add_application },
{ "client_addInfo", client_add_info }, { "client_addInfo", client_add_info },
{ "client_addUser", client_add_user }, { "client_addUser", client_add_user },
{ "client_addPayload", client_add_payload }, { "client_addPayload", client_add_payload },
/* add client mapping for process name derived by fingerprinting */ /* add client mapping for process name derived by fingerprinting */
{ "addProcessToClientMapping", add_process_to_client_mapping }, { "addProcessToClientMapping", add_process_to_client_mapping },
{ "addAlpnToServiceMapping", add_alpn_to_service_mapping },
//HTTP Multi Pattern engine //HTTP Multi Pattern engine
{ "CHPCreateApp", detector_chp_create_application }, { "CHPCreateApp", detector_chp_create_application },
{ "CHPAddAction", detector_add_chp_action }, { "CHPAddAction", detector_add_chp_action },
{ "CHPMultiCreateApp", detector_create_chp_multi_application }, // mu ltiple detectors, { "CHPMultiCreateApp", detector_create_chp_multi_application }, // mu ltiple detectors,
// sa me appId // sa me appId
{ "CHPMultiAddAction", detector_add_chp_multi_action }, { "CHPMultiAddAction", detector_add_chp_multi_action },
{ "portOnlyService", detector_port_only_service }, { "portOnlyService", detector_port_only_service },
 End of changes. 23 change blocks. 
21 lines changed or deleted 77 lines changed or added
To the C++ Programs section of the snort source changes report or the top of this page
Mainly generated by pkgdiff using rfcdiff
Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)