"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/network_inspectors/appid/test/appid_debug_test.cc" between
snort3-3.1.28.0.tar.gz and snort3-3.1.29.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

appid_debug_test.cc  (snort3-3.1.28.0):appid_debug_test.cc  (snort3-3.1.29.0)
skipping to change at line 64 skipping to change at line 64
AppIdInspector() = default; AppIdInspector() = default;
}; };
AppIdConfig::~AppIdConfig() = default; AppIdConfig::~AppIdConfig() = default;
OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { }
AppIdConfig stub_config; AppIdConfig stub_config;
AppIdContext stub_ctxt(stub_config); AppIdContext stub_ctxt(stub_config);
OdpContext stub_odp_ctxt(stub_config, nullptr); OdpContext stub_odp_ctxt(stub_config, nullptr);
AppIdSession::AppIdSession(IpProtocol, const SfIp* ip, uint16_t, AppIdInspector& , AppIdSession::AppIdSession(IpProtocol, const SfIp* ip, uint16_t, AppIdInspector& ,
OdpContext&, uint16_t) : FlowData(0), config(stub_config), OdpContext&, uint32_t) : FlowData(0), config(stub_config),
api(*(new AppIdSessionApi(this, *ip))), odp_ctxt(stub_odp_ctxt) { } api(*(new AppIdSessionApi(this, *ip))), odp_ctxt(stub_odp_ctxt) { }
AppIdSession::~AppIdSession() = default; AppIdSession::~AppIdSession() = default;
// Utility functions // Utility functions
static void SetConstraints(IpProtocol protocol, // use IpProtocol::PROTO_NOT_ SET for "any" static void SetConstraints(IpProtocol protocol, // use IpProtocol::PROTO_NOT_ SET for "any"
const char* sipstr, uint16_t sport, const char* dipstr, uint16_t dport, const char* sipstr, uint16_t sport, const char* dipstr, uint16_t dport,
AppIdDebugSessionConstraints& constraints) AppIdDebugSessionConstraints& constraints)
{ {
if (sipstr) if (sipstr)
skipping to change at line 126 skipping to change at line 126
SfIp sip; SfIp sip;
sip.set("10.1.2.3"); sip.set("10.1.2.3");
SfIp dip; SfIp dip;
AppIdInspector inspector; AppIdInspector inspector;
AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt); AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt);
// This packet... // This packet...
dip.set("10.9.8.7"); dip.set("10.9.8.7");
uint16_t sport = 48620; uint16_t sport = 48620;
uint16_t dport = 80; uint16_t dport = 80;
IpProtocol protocol = IpProtocol::TCP; IpProtocol protocol = IpProtocol::TCP;
uint16_t address_space_id = 0; uint32_t address_space_id = 0;
// The session... // The session...
session.initiator_port = sport; session.initiator_port = sport;
// activate() // activate()
appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport, appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport,
protocol, 4, address_space_id, &session, false); protocol, 4, address_space_id, &session, false);
CHECK_EQUAL(appidDebug->is_active(), true); CHECK_EQUAL(appidDebug->is_active(), true);
// get_debug_session() // get_debug_session()
const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3"; const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3";
CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0); CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0);
skipping to change at line 160 skipping to change at line 160
SfIp sip; SfIp sip;
SfIp dip; SfIp dip;
dip.set("10.1.2.3"); dip.set("10.1.2.3");
AppIdInspector inspector; AppIdInspector inspector;
AppIdSession session(IpProtocol::PROTO_NOT_SET, &dip, 0, inspector, stub_odp _ctxt); AppIdSession session(IpProtocol::PROTO_NOT_SET, &dip, 0, inspector, stub_odp _ctxt);
// This packet... // This packet...
sip.set("10.9.8.7"); // this would be a reply back sip.set("10.9.8.7"); // this would be a reply back
uint16_t sport = 80; uint16_t sport = 80;
uint16_t dport = 48620; uint16_t dport = 48620;
IpProtocol protocol = IpProtocol::TCP; IpProtocol protocol = IpProtocol::TCP;
uint16_t address_space_id = 0; uint32_t address_space_id = 0;
// The session... // The session...
session.initiator_port = dport; // session initiator is now dst session.initiator_port = dport; // session initiator is now dst
// activate() // activate()
appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport, appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport,
protocol, 4, address_space_id, &session, false); protocol, 4, address_space_id, &session, false);
CHECK_EQUAL(appidDebug->is_active(), true); CHECK_EQUAL(appidDebug->is_active(), true);
// get_debug_session() // get_debug_session()
const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3"; const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3";
CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0); CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0);
skipping to change at line 196 skipping to change at line 196
SfIp sip; SfIp sip;
sip.set("2001:db8:85a3::8a2e:370:7334"); // IPv6 sip.set("2001:db8:85a3::8a2e:370:7334"); // IPv6
SfIp dip; SfIp dip;
AppIdInspector inspector; AppIdInspector inspector;
AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt); AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt);
// This packet... // This packet...
dip.set("2001:db8:85a3::8a2e:370:7335"); dip.set("2001:db8:85a3::8a2e:370:7335");
uint16_t sport = 1234; uint16_t sport = 1234;
uint16_t dport = 443; uint16_t dport = 443;
IpProtocol protocol = IpProtocol::UDP; // also threw in UDP and address s pace ID for kicks IpProtocol protocol = IpProtocol::UDP; // also threw in UDP and address s pace ID for kicks
uint16_t address_space_id = 100; uint32_t address_space_id = 100;
// The session... // The session...
session.initiator_port = sport; session.initiator_port = sport;
// activate() // activate()
appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport, appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport,
protocol, 6, address_space_id, &session, false); protocol, 6, address_space_id, &session, false);
CHECK_EQUAL(appidDebug->is_active(), true); CHECK_EQUAL(appidDebug->is_active(), true);
// get_debug_session() // get_debug_session()
const char* str = "2001:0db8:85a3:0000:0000:8a2e:0370:7334 1234 -> " const char* str = "2001:0db8:85a3:0000:0000:8a2e:0370:7334 1234 -> "
"2001:0db8:85a3:0000:0000:8a2e:0370:7335 443 17 AS=100 ID=3"; "2001:0db8:85a3:0000:0000:8a2e:0370:7335 443 17 AS=100 ID=3";
skipping to change at line 232 skipping to change at line 232
SfIp sip; SfIp sip;
sip.set("10.1.2.3"); sip.set("10.1.2.3");
SfIp dip; SfIp dip;
AppIdInspector inspector; AppIdInspector inspector;
AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt); AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt);
// This packet... // This packet...
dip.set("10.9.8.7"); dip.set("10.9.8.7");
uint16_t sport = 48620; uint16_t sport = 48620;
uint16_t dport = 80; uint16_t dport = 80;
IpProtocol protocol = IpProtocol::TCP; IpProtocol protocol = IpProtocol::TCP;
uint16_t address_space_id = 0; uint32_t address_space_id = 0;
// The session... // The session...
session.initiator_port = 0; // no initiator port yet (uses IPs) session.initiator_port = 0; // no initiator port yet (uses IPs)
// activate() // activate()
appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport, appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport,
protocol, 4, address_space_id, &session, false); protocol, 4, address_space_id, &session, false);
CHECK_EQUAL(appidDebug->is_active(), true); CHECK_EQUAL(appidDebug->is_active(), true);
// get_debug_session() // get_debug_session()
const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3"; const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3";
CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0); CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0);
skipping to change at line 266 skipping to change at line 266
SfIp sip; SfIp sip;
SfIp dip; SfIp dip;
dip.set("10.1.2.3"); dip.set("10.1.2.3");
AppIdInspector inspector; AppIdInspector inspector;
AppIdSession session(IpProtocol::PROTO_NOT_SET, &dip, 0, inspector, stub_odp _ctxt); AppIdSession session(IpProtocol::PROTO_NOT_SET, &dip, 0, inspector, stub_odp _ctxt);
// This packet... // This packet...
sip.set("10.9.8.7"); sip.set("10.9.8.7");
uint16_t sport = 80; uint16_t sport = 80;
uint16_t dport = 48620; uint16_t dport = 48620;
IpProtocol protocol = IpProtocol::TCP; IpProtocol protocol = IpProtocol::TCP;
uint16_t address_space_id = 0; uint32_t address_space_id = 0;
// The session... // The session...
session.initiator_port = 0; // no initiator port yet (uses IPs)... and re versed packet dir from above session.initiator_port = 0; // no initiator port yet (uses IPs)... and re versed packet dir from above
// activate() // activate()
appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport, appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport,
protocol, 4, address_space_id, &session, false); protocol, 4, address_space_id, &session, false);
CHECK_EQUAL(appidDebug->is_active(), true); CHECK_EQUAL(appidDebug->is_active(), true);
// get_debug_session() // get_debug_session()
const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3"; const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3";
CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0); CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0);
skipping to change at line 295 skipping to change at line 295
AppIdDebugSessionConstraints constraints = { }; AppIdDebugSessionConstraints constraints = { };
SetConstraints(IpProtocol::TCP, "10.1.2.3", 0, "10.9.8.7", 80, constraints); SetConstraints(IpProtocol::TCP, "10.1.2.3", 0, "10.9.8.7", 80, constraints);
appidDebug->set_constraints("appid", &constraints); appidDebug->set_constraints("appid", &constraints);
CHECK_EQUAL(appidDebug->is_enabled(), true); CHECK_EQUAL(appidDebug->is_enabled(), true);
SfIp sip; SfIp sip;
SfIp dip; SfIp dip;
uint16_t sport = 0; uint16_t sport = 0;
uint16_t dport = 0; uint16_t dport = 0;
IpProtocol protocol = IpProtocol::PROTO_NOT_SET; IpProtocol protocol = IpProtocol::PROTO_NOT_SET;
uint16_t address_space_id = 0; uint32_t address_space_id = 0;
// activate() // activate()
appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport, appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport,
protocol, 4, address_space_id, nullptr, false); // null session protocol, 4, address_space_id, nullptr, false); // null session
CHECK_EQUAL(appidDebug->is_active(), false); // not active CHECK_EQUAL(appidDebug->is_active(), false); // not active
} }
// Check for null flow pointer (won't activate). // Check for null flow pointer (won't activate).
TEST(appid_debug, null_flow_test) TEST(appid_debug, null_flow_test)
{ {
// set_constraints() // set_constraints()
skipping to change at line 335 skipping to change at line 335
SfIp sip; SfIp sip;
sip.set("10.1.2.3"); sip.set("10.1.2.3");
SfIp dip; SfIp dip;
AppIdInspector inspector; AppIdInspector inspector;
AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt); AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt);
// This packet... // This packet...
dip.set("10.9.8.7"); dip.set("10.9.8.7");
uint16_t sport = 48620; uint16_t sport = 48620;
uint16_t dport = 80; uint16_t dport = 80;
IpProtocol protocol = IpProtocol::UDP; // but this packet is UDP instead IpProtocol protocol = IpProtocol::UDP; // but this packet is UDP instead
uint16_t address_space_id = 0; uint32_t address_space_id = 0;
// The session... // The session...
session.initiator_port = sport; session.initiator_port = sport;
// activate() // activate()
appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport, appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport,
protocol, 4, address_space_id, &session, false); protocol, 4, address_space_id, &session, false);
CHECK_EQUAL(appidDebug->is_active(), false); // not active (no match) CHECK_EQUAL(appidDebug->is_active(), false); // not active (no match)
delete &session.get_api(); delete &session.get_api();
} }
skipping to change at line 365 skipping to change at line 365
SfIp sip; SfIp sip;
sip.set("10.1.2.3"); sip.set("10.1.2.3");
SfIp dip; SfIp dip;
AppIdInspector inspector; AppIdInspector inspector;
AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt); AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt);
// This packet... // This packet...
dip.set("10.9.8.7"); dip.set("10.9.8.7");
uint16_t sport = 48620; uint16_t sport = 48620;
uint16_t dport = 80; uint16_t dport = 80;
IpProtocol protocol = IpProtocol::TCP; IpProtocol protocol = IpProtocol::TCP;
uint16_t address_space_id = 0; uint32_t address_space_id = 0;
// The session... // The session...
session.initiator_port = sport; session.initiator_port = sport;
// activate() // activate()
appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport, appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport,
protocol, 4, address_space_id, &session, false); protocol, 4, address_space_id, &session, false);
CHECK_EQUAL(appidDebug->is_active(), true); CHECK_EQUAL(appidDebug->is_active(), true);
// get_debug_session() // get_debug_session()
const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3"; const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3";
CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0); CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0);
skipping to change at line 399 skipping to change at line 399
SfIp sip; SfIp sip;
sip.set("10.1.2.3"); sip.set("10.1.2.3");
SfIp dip; SfIp dip;
AppIdInspector inspector; AppIdInspector inspector;
AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt); AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt);
// This packet... // This packet...
dip.set("10.9.8.7"); dip.set("10.9.8.7");
uint16_t sport = 48620; uint16_t sport = 48620;
uint16_t dport = 80; uint16_t dport = 80;
IpProtocol protocol = IpProtocol::TCP; IpProtocol protocol = IpProtocol::TCP;
uint16_t address_space_id = 0; uint32_t address_space_id = 0;
// The session... // The session...
session.initiator_port = sport; session.initiator_port = sport;
// activate() // activate()
appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport, appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport,
protocol, 4, address_space_id, &session, false); protocol, 4, address_space_id, &session, false);
CHECK_EQUAL(appidDebug->is_active(), true); CHECK_EQUAL(appidDebug->is_active(), true);
// get_debug_session() // get_debug_session()
const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3"; const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3";
CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0); CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0);
skipping to change at line 433 skipping to change at line 433
SfIp sip; SfIp sip;
sip.set("10.1.2.3"); sip.set("10.1.2.3");
SfIp dip; SfIp dip;
AppIdInspector inspector; AppIdInspector inspector;
AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt); AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt);
// This packet... // This packet...
dip.set("10.9.8.7"); dip.set("10.9.8.7");
uint16_t sport = 48620; uint16_t sport = 48620;
uint16_t dport = 80; uint16_t dport = 80;
IpProtocol protocol = IpProtocol::TCP; IpProtocol protocol = IpProtocol::TCP;
uint16_t address_space_id = 0; uint32_t address_space_id = 0;
// The session... // The session...
session.initiator_port = sport; session.initiator_port = sport;
// activate() // activate()
appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport, appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport,
protocol, 4, address_space_id, &session, false); protocol, 4, address_space_id, &session, false);
CHECK_EQUAL(appidDebug->is_active(), true); CHECK_EQUAL(appidDebug->is_active(), true);
// get_debug_session() // get_debug_session()
const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3"; const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3";
CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0); CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0);
skipping to change at line 467 skipping to change at line 467
SfIp sip; SfIp sip;
sip.set("10.1.2.3"); sip.set("10.1.2.3");
SfIp dip; SfIp dip;
AppIdInspector inspector; AppIdInspector inspector;
AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt); AppIdSession session(IpProtocol::PROTO_NOT_SET, &sip, 0, inspector, stub_odp _ctxt);
// This packet... // This packet...
dip.set("10.9.8.7"); dip.set("10.9.8.7");
uint16_t sport = 48620; uint16_t sport = 48620;
uint16_t dport = 80; uint16_t dport = 80;
IpProtocol protocol = IpProtocol::TCP; IpProtocol protocol = IpProtocol::TCP;
uint16_t address_space_id = 0; uint32_t address_space_id = 0;
// The session... // The session...
session.initiator_port = sport; session.initiator_port = sport;
// activate() // activate()
appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport, appidDebug->activate(sip.get_ip6_ptr(), dip.get_ip6_ptr(), sport, dport,
protocol, 4, address_space_id, &session, false); protocol, 4, address_space_id, &session, false);
CHECK_EQUAL(appidDebug->is_active(), true); CHECK_EQUAL(appidDebug->is_active(), true);
// get_debug_session() // get_debug_session()
const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3"; const char* str = "10.1.2.3 48620 -> 10.9.8.7 80 6 AS=0 ID=3";
CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0); CHECK_TRUE(strcmp(appidDebug->get_debug_session(), str) == 0);
 End of changes. 12 change blocks. 
12 lines changed or deleted 12 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)