Fix dcerpc unittest, add comments.

src/app-layer-dcerpc-common.h

@@ -108,26 +108,26 @@ typedef struct DCERPCHdr_ {
 #define DCERPC_HDR_LEN 16
 
 typedef struct DCERPCHdrUdp_ {
-    uint8_t rpc_vers; /* 4 RPC protocol major version (4 LSB only)*/
-    uint8_t type;       /* Packet type (5 LSB only) */
-    uint8_t flags1;     /* Packet flags */
-    uint8_t flags2;     /* Packet flags */
-    uint8_t drep[3];    /* Data representation format label */
-    uint8_t serial_hi;  /* High byte of serial number */
+    uint8_t rpc_vers;   /**< 4 RPC protocol major version (4 LSB only)*/
+    uint8_t type;       /**< Packet type (5 LSB only) */
+    uint8_t flags1;     /**< Packet flags */
+    uint8_t flags2;     /**< Packet flags */
+    uint8_t drep[3];    /**< Data representation format label */
+    uint8_t serial_hi;  /**< High byte of serial number */
     uint8_t objectuuid[16];
     uint8_t interfaceuuid[16];
     uint8_t activityuuid[16];
-    uint32_t server_boot;/* Server boot time */
-    uint32_t if_vers;    /* Interface version */
-    uint32_t seqnum;     /* Sequence number */
-    uint16_t opnum;      /* Operation number */
-    uint16_t ihint;      /* Interface hint */
-    uint16_t ahint;      /* Activity hint */
-    uint16_t fraglen;        /* Length of packet body */
-    uint16_t fragnum;    /* Fragment number */
-    uint8_t auth_proto; /* Authentication protocol identifier*/
-    uint8_t serial_lo;  /* Low byte of serial number */
-}DCERPCHdrUdp;
+    uint32_t server_boot;   /**< Server boot time */
+    uint32_t if_vers;   /**< Interface version */
+    uint32_t seqnum;    /**< Sequence number */
+    uint16_t opnum;     /**< Operation number */
+    uint16_t ihint;     /**< Interface hint */
+    uint16_t ahint;     /**< Activity hint */
+    uint16_t fraglen;   /**< Length of packet body */
+    uint16_t fragnum;   /**< Fragment number */
+    uint8_t auth_proto; /**< Authentication protocol identifier*/
+    uint8_t serial_lo;  /**< Low byte of serial number */
+} DCERPCHdrUdp;
 
 #define DCERPC_UDP_HDR_LEN 80
 
@@ -186,16 +186,16 @@ typedef struct DCERPC_ {
 } DCERPC;
 
 typedef struct DCERPCUDP_ {
-     DCERPCHdrUdp dcerpchdrudp;
-     DCERPCBindBindAck dcerpcbindbindack;
-     DCERPCRequest dcerpcrequest;
-     DCERPCResponse dcerpcresponse;
-     uint16_t bytesprocessed;
-     uint16_t fraglenleft;
-     uint8_t *frag_data;
-     DCERPCUuidEntry *uuid_entry;
-     TAILQ_HEAD(, uuid_entry) uuid_list;
-}DCERPCUDP;
+    DCERPCHdrUdp dcerpchdrudp;
+    DCERPCBindBindAck dcerpcbindbindack;
+    DCERPCRequest dcerpcrequest;
+    DCERPCResponse dcerpcresponse;
+    uint16_t bytesprocessed;
+    uint16_t fraglenleft;
+    uint8_t *frag_data;
+    DCERPCUuidEntry *uuid_entry;
+    TAILQ_HEAD(, uuid_entry) uuid_list;
+} DCERPCUDP;
 
 /** First fragment */
 #define PFC_FIRST_FRAG           0x01

src/app-layer-dcerpc-udp.c

@@ -1,6 +1,5 @@
 /*
  * Copyright (c) 2009, 2010 Open Information Security Foundation
- * app-layer-dcerpc-udp.c
  *
  * \author Kirby Kuehl <kkuehl@gmail.com>
  */
@@ -9,6 +8,9 @@
 
 #include "debug.h"
 #include "decode.h"
+
+#include "flow-util.h"
+
 #include "threads.h"
 
 #include "util-print.h"
@@ -908,9 +910,10 @@ int DCERPCUDPParserTest01(void) {
 	memset(&f, 0, sizeof(f));
 	memset(&ssn, 0, sizeof(ssn));
 	f.protoctx = (void *)&ssn;
+    FLOW_INITIALIZE(&f);
 
 	StreamTcpInitConfig(TRUE);
-	StreamL7DataPtrInit(&ssn);
+	FlowL7DataPtrInit(&f);
 
 	int r = AppLayerParse(&f, ALPROTO_DCERPC_UDP, STREAM_TOSERVER|STREAM_START, dcerpcrequest, requestlen);
 	if (r != 0) {
@@ -919,34 +922,28 @@ int DCERPCUDPParserTest01(void) {
 		goto end;
 	}
 
-	DCERPCUDPState *dcerpc_state = ssn.aldata[AlpGetStateIdx(ALPROTO_DCERPC_UDP)];
+	DCERPCUDPState *dcerpc_state = f.aldata[AlpGetStateIdx(ALPROTO_DCERPC_UDP)];
 	if (dcerpc_state == NULL) {
 		printf("no dcerpc state: ");
 		result = 0;
 		goto end;
 	}
 
-	if (dcerpc_state->dcerpc.rpc_vers != 4) {
+	if (dcerpc_state->dcerpc.dcerpchdrudp.rpc_vers != 4) {
 		printf("expected dcerpc version 0x04, got 0x%02x : ",
-				dcerpc_state->dcerpc.rpc_vers);
-		result = 0;
-		goto end;
-	}
-
-	if (dcerpc_state->dcerpc.ptype != REQUEST) {
-		printf("expected dcerpc type 0x%02x , got 0x%02x : ", REQUEST, dcerpc_state->dcerpc.ptype);
+				dcerpc_state->dcerpc.dcerpchdrudp.rpc_vers);
 		result = 0;
 		goto end;
 	}
 
-	if (dcerpc_state->dcerpc.fraglen != 1392) {
-		printf("expected dcerpc fraglen 0x%02x , got 0x%02x : ", 1392, dcerpc_state->dcerpc.fraglen);
+	if (dcerpc_state->dcerpc.dcerpchdrudp.fraglen != 1392) {
+		printf("expected dcerpc fraglen 0x%02x , got 0x%02x : ", 1392, dcerpc_state->dcerpc.dcerpchdrudp.fraglen);
 		result = 0;
 		goto end;
 	}
 
-	if (dcerpc_state->dcerpc.opnum != 4) {
-		printf("expected dcerpc opnum 0x%02x , got 0x%02x : ", 4, dcerpc_state->dcerpc.opnum);
+	if (dcerpc_state->dcerpc.dcerpchdrudp.opnum != 4) {
+		printf("expected dcerpc opnum 0x%02x , got 0x%02x : ", 4, dcerpc_state->dcerpc.dcerpchdrudp.opnum);
 		result = 0;
 		goto end;
 	}
@@ -956,13 +953,12 @@ int DCERPCUDPParserTest01(void) {
 	}
 
 end:
-	StreamL7DataPtrFree(&ssn);
+	FlowL7DataPtrFree(&f);
 	StreamTcpFreeConfig(TRUE);
 	return result;
 }
 
 void DCERPCUDPParserRegisterTests(void) {
-	printf("DCERPCUDPParserRegisterTests\n");
 	UtRegisterTest("DCERPCUDPParserTest01", DCERPCUDPParserTest01, 1);
 }
 #endif

src/app-layer-dcerpc-udp.h

@@ -1,12 +1,12 @@
 /*
  * Copyright (c) 2009,2010 Open Information Security Foundation
- * app-layer-dcerpc.h
  *
  * \author Kirby Kuehl <kkuehl@gmail.com>
  */
 
-#ifndef APPLAYERDCERPCUDP_H_
-#define APPLAYERDCERPCUDP_H_
+#ifndef __APP_LAYER_DCERPC_UDP_H__
+#define __APP_LAYER_DCERPC_UDP_H__
+
 #include "app-layer-protos.h"
 #include "app-layer-parser.h"
 #include "app-layer-dcerpc-common.h"
@@ -15,16 +15,16 @@
 #include "util-byte.h"
 
 typedef struct DCERPCUDPState_ {
-     DCERPCUDP dcerpc;
-     uint16_t bytesprocessed;
-     uint16_t fraglenleft;
-     uint8_t *frag_data;
-     DCERPCUuidEntry *uuid_entry;
-     TAILQ_HEAD(, DCERPCUuidEntry_) uuid_list;
-}DCERPCUDPState;
+    DCERPCUDP dcerpc;
+    uint16_t bytesprocessed;
+    uint16_t fraglenleft;
+    uint8_t *frag_data;
+    DCERPCUuidEntry *uuid_entry;
+    TAILQ_HEAD(, DCERPCUuidEntry_) uuid_list;
+} DCERPCUDPState;
 
 void RegisterDCERPCUDPParsers(void);
 void DCERPCUDPParserTests(void);
 void DCERPCUDPParserRegisterTests(void);
 
-#endif /* APPLAYERDCERPCUDP_H_ */
+#endif /* __APP_LAYER_DCERPC_UDP_H__ */