From 952cbb563c932a5d2e298019bd30301a53be3d28 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Sun, 26 May 2019 21:09:05 +0200 Subject: [PATCH] app-layer: mandatory tx registration checks All protocols now implement the TX API, so the runtime checks for whether or not a protocol supports the TX API can be removed. --- src/app-layer-parser.c | 39 +++++++++------------------------------ src/app-layer-parser.h | 2 -- src/app-layer.c | 22 ++++++++-------------- src/detect.c | 5 ++--- src/flow-timeout.c | 4 +--- src/output-tx.c | 2 -- 6 files changed, 20 insertions(+), 54 deletions(-) diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c index 7ee3f37c69..e5b29cc75a 100644 --- a/src/app-layer-parser.c +++ b/src/app-layer-parser.c @@ -1177,9 +1177,7 @@ int AppLayerParserParse(ThreadVars *tv, AppLayerParserThreadCtx *alp_tctx, Flow alstate, AppLayerGetProtoName(f->alproto)); } - if (AppLayerParserProtocolIsTxAware(f->proto, alproto)) { - p_tx_cnt = AppLayerParserGetTxCnt(f, f->alstate); - } + p_tx_cnt = AppLayerParserGetTxCnt(f, f->alstate); /* invoke the recursive parser, but only on data. We may get empty msgs on EOF */ if (input_len > 0 || (flags & STREAM_EOF)) { @@ -1237,13 +1235,10 @@ int AppLayerParserParse(ThreadVars *tv, AppLayerParserThreadCtx *alp_tctx, Flow } } - if (AppLayerParserProtocolIsTxAware(f->proto, alproto)) { - if (likely(tv)) { - uint64_t cur_tx_cnt = AppLayerParserGetTxCnt(f, f->alstate); - if (cur_tx_cnt > p_tx_cnt) { - AppLayerIncTxCounter(tv, f, cur_tx_cnt - p_tx_cnt); - } - } + /* get the diff in tx cnt for stats keeping */ + uint64_t cur_tx_cnt = AppLayerParserGetTxCnt(f, f->alstate); + if (cur_tx_cnt > p_tx_cnt && tv) { + AppLayerIncTxCounter(tv, f, cur_tx_cnt - p_tx_cnt); } /* stream truncated, inform app layer */ @@ -1301,14 +1296,6 @@ int AppLayerParserIsTxAware(AppProto alproto) .StateGetProgressCompletionStatus != NULL); } -int AppLayerParserProtocolIsTxAware(uint8_t ipproto, AppProto alproto) -{ - SCEnter(); - int ipproto_map = FlowGetProtoMapping(ipproto); - int r = (alp_ctx.ctxs[ipproto_map][alproto].StateGetTx == NULL) ? 0 : 1; - SCReturnInt(r); -} - int AppLayerParserProtocolIsTxEventAware(uint8_t ipproto, AppProto alproto) { SCEnter(); @@ -1317,14 +1304,6 @@ int AppLayerParserProtocolIsTxEventAware(uint8_t ipproto, AppProto alproto) SCReturnInt(r); } -int AppLayerParserProtocolSupportsTxs(uint8_t ipproto, AppProto alproto) -{ - SCEnter(); - int ipproto_map = FlowGetProtoMapping(ipproto); - int r = (alp_ctx.ctxs[ipproto_map][alproto].StateTransactionFree == NULL) ? 0 : 1; - SCReturnInt(r); -} - int AppLayerParserProtocolHasLogger(uint8_t ipproto, AppProto alproto) { SCEnter(); @@ -1412,6 +1391,7 @@ static void ValidateParserProtoDump(AppProto alproto, uint8_t ipproto) #define BOTH_SET(a, b) ((a) != NULL && (b) != NULL) #define BOTH_SET_OR_BOTH_UNSET(a, b) (((a) == NULL && (b) == NULL) || ((a) != NULL && (b) != NULL)) #define THREE_SET_OR_THREE_UNSET(a, b, c) (((a) == NULL && (b) == NULL && (c) == NULL) || ((a) != NULL && (b) != NULL && (c) != NULL)) +#define THREE_SET(a, b, c) ((a) != NULL && (b) != NULL && (c) != NULL) static void ValidateParserProto(AppProto alproto, uint8_t ipproto) { @@ -1428,7 +1408,7 @@ static void ValidateParserProto(AppProto alproto, uint8_t ipproto) if (!(BOTH_SET(ctx->StateFree, ctx->StateAlloc))) { goto bad; } - if (!(THREE_SET_OR_THREE_UNSET(ctx->StateGetTx, ctx->StateGetTxCnt, ctx->StateTransactionFree))) { + if (!(THREE_SET(ctx->StateGetTx, ctx->StateGetTxCnt, ctx->StateTransactionFree))) { goto bad; } /* special case: StateGetProgressCompletionStatus is used from 'default'. */ @@ -1445,11 +1425,9 @@ static void ValidateParserProto(AppProto alproto, uint8_t ipproto) if (!(BOTH_SET(ctx->GetTxDetectState, ctx->SetTxDetectState))) { goto bad; } -/* TODO: not yet mandatory to use StateHasTxDetectState - if (!(THREE_SET_OR_THREE_UNSET(ctx->GetTxDetectState, ctx->SetTxDetectState, ctx->StateHasTxDetectState))) { + if (!(BOTH_SET_OR_BOTH_UNSET(ctx->GetTxDetectState, ctx->SetTxDetectState))) { goto bad; } -*/ return; bad: @@ -1459,6 +1437,7 @@ bad: #undef BOTH_SET #undef BOTH_SET_OR_BOTH_UNSET #undef THREE_SET_OR_THREE_UNSET +#undef THREE_SET static void ValidateParser(AppProto alproto) { diff --git a/src/app-layer-parser.h b/src/app-layer-parser.h index b69af7a8e1..ab3e5e2941 100644 --- a/src/app-layer-parser.h +++ b/src/app-layer-parser.h @@ -229,9 +229,7 @@ int AppLayerParserParse(ThreadVars *tv, AppLayerParserThreadCtx *tctx, Flow *f, void AppLayerParserSetEOF(AppLayerParserState *pstate); bool AppLayerParserHasDecoderEvents(AppLayerParserState *pstate); int AppLayerParserIsTxAware(AppProto alproto); -int AppLayerParserProtocolIsTxAware(uint8_t ipproto, AppProto alproto); int AppLayerParserProtocolIsTxEventAware(uint8_t ipproto, AppProto alproto); -int AppLayerParserProtocolSupportsTxs(uint8_t ipproto, AppProto alproto); int AppLayerParserProtocolHasLogger(uint8_t ipproto, AppProto alproto); LoggerId AppLayerParserProtocolGetLoggerBits(uint8_t ipproto, AppProto alproto); void AppLayerParserTriggerRawStreamReassembly(Flow *f, int direction); diff --git a/src/app-layer.c b/src/app-layer.c index 99d8a0111f..848c30643c 100644 --- a/src/app-layer.c +++ b/src/app-layer.c @@ -886,20 +886,16 @@ void AppLayerSetupCounters() snprintf(applayer_counter_names[ipproto_map][alproto].name, sizeof(applayer_counter_names[ipproto_map][alproto].name), "%s%s%s", str, alproto_str, ipproto_suffix); - if (AppLayerParserProtocolIsTxAware(ipprotos[ipproto], alproto)) { - snprintf(applayer_counter_names[ipproto_map][alproto].tx_name, - sizeof(applayer_counter_names[ipproto_map][alproto].tx_name), - "%s%s%s", tx_str, alproto_str, ipproto_suffix); - } + snprintf(applayer_counter_names[ipproto_map][alproto].tx_name, + sizeof(applayer_counter_names[ipproto_map][alproto].tx_name), + "%s%s%s", tx_str, alproto_str, ipproto_suffix); } else { snprintf(applayer_counter_names[ipproto_map][alproto].name, sizeof(applayer_counter_names[ipproto_map][alproto].name), "%s%s", str, alproto_str); - if (AppLayerParserProtocolIsTxAware(ipprotos[ipproto], alproto)) { - snprintf(applayer_counter_names[ipproto_map][alproto].tx_name, - sizeof(applayer_counter_names[ipproto_map][alproto].tx_name), - "%s%s", tx_str, alproto_str); - } + snprintf(applayer_counter_names[ipproto_map][alproto].tx_name, + sizeof(applayer_counter_names[ipproto_map][alproto].tx_name), + "%s%s", tx_str, alproto_str); } } else if (alproto == ALPROTO_FAILED) { snprintf(applayer_counter_names[ipproto_map][alproto].name, @@ -927,10 +923,8 @@ void AppLayerRegisterThreadCounters(ThreadVars *tv) applayer_counters[ipproto_map][alproto].counter_id = StatsRegisterCounter(applayer_counter_names[ipproto_map][alproto].name, tv); - if (AppLayerParserProtocolIsTxAware(ipprotos[ipproto], alproto)) { - applayer_counters[ipproto_map][alproto].counter_tx_id = - StatsRegisterCounter(applayer_counter_names[ipproto_map][alproto].tx_name, tv); - } + applayer_counters[ipproto_map][alproto].counter_tx_id = + StatsRegisterCounter(applayer_counter_names[ipproto_map][alproto].tx_name, tv); } else if (alproto == ALPROTO_FAILED) { applayer_counters[ipproto_map][alproto].counter_id = StatsRegisterCounter(applayer_counter_names[ipproto_map][alproto].name, tv); diff --git a/src/detect.c b/src/detect.c index db49012120..3540ef2228 100644 --- a/src/detect.c +++ b/src/detect.c @@ -998,7 +998,7 @@ static inline void DetectRunPostRules( DetectRunScratchpad *scratch) { /* see if we need to increment the inspect_id and reset the de_state */ - if (pflow && pflow->alstate && AppLayerParserProtocolSupportsTxs(p->proto, scratch->alproto)) { + if (pflow && pflow->alstate) { PACKET_PROFILING_DETECT_START(p, PROF_DETECT_TX_UPDATE); DeStateUpdateInspectTransactionId(pflow, scratch->flow_flags, (scratch->sgh == NULL)); PACKET_PROFILING_DETECT_END(p, PROF_DETECT_TX_UPDATE); @@ -1627,8 +1627,7 @@ static void DetectFlow(ThreadVars *tv, * update the inspect_id forward. So test for the condition here, * and call the update code if necessary. */ const int pass = ((p->flow->flags & FLOW_NOPACKET_INSPECTION)); - const AppProto alproto = FlowGetAppProtocol(p->flow); - if (pass && AppLayerParserProtocolSupportsTxs(p->proto, alproto)) { + if (pass) { uint8_t flags; if (p->flowflags & FLOW_PKT_TOSERVER) { flags = STREAM_TOSERVER; diff --git a/src/flow-timeout.c b/src/flow-timeout.c index 2619fdf56d..3e07ab5d11 100644 --- a/src/flow-timeout.c +++ b/src/flow-timeout.c @@ -302,9 +302,7 @@ int FlowForceReassemblyNeedReassembly(Flow *f, int *server, int *client) } /* if app layer still needs some love, push through */ - if (f->alproto != ALPROTO_UNKNOWN && f->alstate != NULL && - AppLayerParserProtocolSupportsTxs(f->proto, f->alproto)) - { + if (f->alproto != ALPROTO_UNKNOWN && f->alstate != NULL) { const uint64_t total_txs = AppLayerParserGetTxCnt(f, f->alstate); if (AppLayerParserGetTransactionActive(f, f->alparser, STREAM_TOCLIENT) < total_txs) diff --git a/src/output-tx.c b/src/output-tx.c index c51103f3f1..a780d6ee59 100644 --- a/src/output-tx.c +++ b/src/output-tx.c @@ -143,8 +143,6 @@ static TmEcode OutputTxLog(ThreadVars *tv, Packet *p, void *thread_data) const uint8_t ipproto = f->proto; const AppProto alproto = f->alproto; - if (AppLayerParserProtocolIsTxAware(p->proto, alproto) == 0) - goto end; if (AppLayerParserProtocolHasLogger(p->proto, alproto) == 0) goto end; const LoggerId logger_expectation = AppLayerParserProtocolGetLoggerBits(p->proto, alproto);