rust: bindgen SCAppLayerParserStateIssetFlag

Ticket: 7667

doc/userguide/devguide/extending/app-layer/parser.rst

@@ -35,7 +35,7 @@ In Rust, the callbacks are similar.
     #[no_mangle]
     pub extern "C" fn rs_dns_parse_response_tcp(_flow: *const core::Flow,
             state: *mut std::os::raw::c_void,
-            _pstate: *mut std::os::raw::c_void,
+            _pstate: *mut AppLayerParserState,
             input: *const u8,
             input_len: u32,
             _data: *const std::os::raw::c_void,

examples/plugins/altemplate/src/template.rs

@@ -28,17 +28,19 @@ use std::ffi::CString;
 use std::os::raw::{c_char, c_int, c_void};
 use suricata::applayer::{
     state_get_tx_iterator, AppLayerEvent, AppLayerParserConfParserEnabled,
-    AppLayerParserRegisterLogger, AppLayerParserStateIssetFlag, AppLayerRegisterParser,
-    AppLayerRegisterProtocolDetection, AppLayerResult, AppLayerStateData, AppLayerTxData,
-    RustParser, State, StreamSlice, Transaction, APP_LAYER_PARSER_EOF_TC, APP_LAYER_PARSER_EOF_TS,
-    APP_LAYER_PARSER_OPT_ACCEPT_GAPS,
+    AppLayerParserRegisterLogger, AppLayerRegisterParser, AppLayerRegisterProtocolDetection,
+    AppLayerResult, AppLayerStateData, AppLayerTxData, RustParser, State, StreamSlice, Transaction,
+    APP_LAYER_PARSER_EOF_TC, APP_LAYER_PARSER_EOF_TS, APP_LAYER_PARSER_OPT_ACCEPT_GAPS,
 };
 use suricata::conf::conf_get;
 use suricata::core::{ALPROTO_UNKNOWN, IPPROTO_TCP};
 use suricata::{
     build_slice, cast_pointer, export_state_data_get, export_tx_data_get, SCLogError, SCLogNotice,
 };
-use suricata_sys::sys::{AppProto, Flow, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, Flow, SCAppLayerParserStateIssetFlag,
+    SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 
 static mut TEMPLATE_MAX_TX: usize = 256;
 
@@ -296,10 +298,10 @@ unsafe extern "C" fn template_state_tx_free(state: *mut c_void, tx_id: u64) {
 }
 
 unsafe extern "C" fn template_parse_request(
-    _flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    _flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
-    let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0;
+    let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0;
 
     if eof {
         // If needed, handle EOF, or pass it into the parser.
@@ -320,10 +322,10 @@ unsafe extern "C" fn template_parse_request(
 }
 
 unsafe extern "C" fn template_parse_response(
-    _flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    _flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
-    let _eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0;
+    let _eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0;
     let state = cast_pointer!(state, TemplateState);
 
     if stream_slice.is_gap() {

rust/src/applayer.rs

@@ -29,7 +29,7 @@ use crate::core::StreamingBufferConfig;
 // Make the AppLayerEvent derive macro available to users importing
 // AppLayerEvent from this module.
 pub use suricata_derive::AppLayerEvent;
-use suricata_sys::sys::AppProto;
+use suricata_sys::sys::{AppLayerParserState, AppProto};
 
 /// Cast pointer to a variable, as a mutable reference to an object
 ///
@@ -481,7 +481,7 @@ impl AppLayerGetFileState {
 
 pub type ParseFn      = unsafe extern "C" fn (flow: *mut Flow,
                                        state: *mut c_void,
-                                       pstate: *mut c_void,
+                                       pstate: *mut AppLayerParserState,
                                        stream_slice: StreamSlice,
                                        data: *const c_void) -> AppLayerResult;
 pub type ProbeFn      = unsafe extern "C" fn (flow: *const Flow, flags: u8, input:*const u8, input_len: u32, rdir: *mut u8) -> AppProto;
@@ -537,7 +537,6 @@ pub const APP_LAYER_TX_ACCEPT: u8 = BIT_U8!(4);
 
 /// cbindgen:ignore
 extern "C" {
-    pub fn AppLayerParserStateIssetFlag(state: *mut c_void, flag: u16) -> u16;
     pub fn AppLayerParserSetStreamDepth(ipproto: u8, alproto: AppProto, stream_depth: u32);
     pub fn AppLayerParserConfParserEnabled(ipproto: *const c_char, proto: *const c_char) -> c_int;
     pub fn AppLayerParserRegisterLogger(pproto: u8, alproto: AppProto);

rust/src/applayertemplate/template.rs

@@ -25,7 +25,10 @@ use std;
 use std::collections::VecDeque;
 use std::ffi::CString;
 use std::os::raw::{c_char, c_int, c_void};
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag,
+    SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 
 static mut TEMPLATE_MAX_TX: usize = 256;
 
@@ -283,10 +286,10 @@ unsafe extern "C" fn template_state_tx_free(state: *mut c_void, tx_id: u64) {
 }
 
 unsafe extern "C" fn template_parse_request(
-    _flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    _flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
-    let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0;
+    let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0;
 
     if eof {
         // If needed, handle EOF, or pass it into the parser.
@@ -307,10 +310,10 @@ unsafe extern "C" fn template_parse_request(
 }
 
 unsafe extern "C" fn template_parse_response(
-    _flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    _flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
-    let _eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0;
+    let _eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0;
     let state = cast_pointer!(state, TemplateState);
 
     if stream_slice.is_gap() {

rust/src/bittorrent_dht/bittorrent_dht.rs

@@ -15,8 +15,8 @@
  * 02110-1301, USA.
  */
 
- use suricata_sys::sys::{
-    AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
     SCAppLayerProtoDetectPMRegisterPatternCS,
 };
 
@@ -54,10 +54,10 @@ pub struct BitTorrentDHTTransaction {
 
 impl BitTorrentDHTTransaction {
     pub fn new(direction: Direction) -> Self {
-	Self {
-	    tx_data: AppLayerTxData::for_direction(direction),
-	    ..Default::default()
-	}
+        Self {
+            tx_data: AppLayerTxData::for_direction(direction),
+            ..Default::default()
+        }
     }
 
     /// Set an event on the transaction
@@ -160,35 +160,42 @@ unsafe extern "C" fn state_free(state: *mut std::os::raw::c_void) {
     std::mem::drop(Box::from_raw(state as *mut BitTorrentDHTState));
 }
 
-unsafe extern "C" fn state_tx_free(
-    state: *mut std::os::raw::c_void, tx_id: u64,
-) {
+unsafe extern "C" fn state_tx_free(state: *mut std::os::raw::c_void, tx_id: u64) {
     let state = cast_pointer!(state, BitTorrentDHTState);
     state.free_tx(tx_id);
 }
 
 unsafe extern "C" fn parse_ts(
-    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     return parse(
-        _flow, state, _pstate, stream_slice,
-        _data, Direction::ToServer);
+        _flow,
+        state,
+        _pstate,
+        stream_slice,
+        _data,
+        Direction::ToServer,
+    );
 }
 
 unsafe extern "C" fn parse_tc(
-    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     return parse(
-        _flow, state, _pstate, stream_slice,
-        _data, Direction::ToClient);
+        _flow,
+        state,
+        _pstate,
+        stream_slice,
+        _data,
+        Direction::ToClient,
+    );
 }
 
 unsafe extern "C" fn parse(
-    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
-    stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
-    direction: Direction,
+    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const std::os::raw::c_void, direction: Direction,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, BitTorrentDHTState);
     let buf = stream_slice.as_slice();
@@ -209,9 +216,7 @@ unsafe extern "C" fn state_get_tx(
     }
 }
 
-unsafe extern "C" fn state_get_tx_count(
-    state: *mut std::os::raw::c_void,
-) -> u64 {
+unsafe extern "C" fn state_get_tx_count(state: *mut std::os::raw::c_void) -> u64 {
     let state = cast_pointer!(state, BitTorrentDHTState);
     return state.tx_id;
 }

rust/src/dcerpc/dcerpc.rs

@@ -25,7 +25,7 @@ use nom7::error::{Error, ErrorKind};
 use nom7::number::Endianness;
 use nom7::{Err, IResult, Needed};
 use suricata_sys::sys::{
-    AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
     SCAppLayerProtoDetectPMRegisterPatternCSwPP,
 };
 use std;
@@ -1024,7 +1024,7 @@ fn evaluate_stub_params(
 }
 
 unsafe extern "C" fn parse_request(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
@@ -1048,7 +1048,7 @@ unsafe extern "C" fn parse_request(
 }
 
 unsafe extern "C" fn parse_response(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {

rust/src/dcerpc/dcerpc_udp.rs

@@ -25,7 +25,7 @@ use crate::direction::{Direction, DIR_BOTH};
 use crate::flow::Flow;
 use nom7::Err;
 use suricata_sys::sys::{
-    AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
     SCAppLayerProtoDetectPMRegisterPatternCSwPP,
 };
 use std;
@@ -237,7 +237,7 @@ impl DCERPCUDPState {
 }
 
 unsafe extern "C" fn parse(
-    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {

rust/src/dhcp/dhcp.rs

@@ -15,7 +15,9 @@
  * 02110-1301, USA.
  */
 
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 
 use crate::applayer::{self, *};
 use crate::core::{ALPROTO_UNKNOWN, IPPROTO_UDP};
@@ -224,7 +226,7 @@ unsafe extern "C" fn dhcp_state_get_tx_count(state: *mut std::os::raw::c_void) -
 }
 
 unsafe extern "C" fn dhcp_parse(
-    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, DHCPState);

rust/src/dns/dns.rs

@@ -32,7 +32,8 @@ use crate::frames::Frame;
 use nom7::number::streaming::be_u16;
 use nom7::{Err, IResult};
 use suricata_sys::sys::{
-    AppProto, DetectEngineThreadCtx, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+    AppLayerParserState, AppProto, DetectEngineThreadCtx,
+    SCAppLayerProtoDetectConfProtoDetectionEnabled,
 };
 
 /// DNS record types.
@@ -936,7 +937,7 @@ pub(crate) unsafe extern "C" fn state_tx_free(state: *mut std::os::raw::c_void,
 
 /// C binding parse a DNS request. Returns 1 on success, -1 on failure.
 pub(crate) unsafe extern "C" fn parse_request(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, DNSState);
@@ -945,7 +946,7 @@ pub(crate) unsafe extern "C" fn parse_request(
 }
 
 unsafe extern "C" fn parse_response(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, DNSState);
@@ -955,7 +956,7 @@ unsafe extern "C" fn parse_response(
 
 /// C binding parse a DNS request. Returns 1 on success, -1 on failure.
 unsafe extern "C" fn parse_request_tcp(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, DNSState);
@@ -968,7 +969,7 @@ unsafe extern "C" fn parse_request_tcp(
 }
 
 unsafe extern "C" fn parse_response_tcp(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, DNSState);

rust/src/enip/enip.rs

@@ -29,7 +29,10 @@ use std;
 use std::collections::VecDeque;
 use std::ffi::CString;
 use std::os::raw::{c_char, c_int, c_void};
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag,
+    SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 
 pub(super) static mut ALPROTO_ENIP: AppProto = ALPROTO_UNKNOWN;
 
@@ -493,26 +496,26 @@ unsafe extern "C" fn enip_state_tx_free(state: *mut c_void, tx_id: u64) {
 }
 
 unsafe extern "C" fn enip_parse_request_udp(
-    flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, EnipState);
     state.parse_udp(stream_slice, true, flow)
 }
 
 unsafe extern "C" fn enip_parse_response_udp(
-    flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, EnipState);
     state.parse_udp(stream_slice, false, flow)
 }
 
 unsafe extern "C" fn enip_parse_request_tcp(
-    flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
-    let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0;
+    let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0;
     if eof {
         return AppLayerResult::ok();
     }
@@ -528,10 +531,10 @@ unsafe extern "C" fn enip_parse_request_tcp(
 }
 
 unsafe extern "C" fn enip_parse_response_tcp(
-    flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
-    let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0;
+    let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0;
     if eof {
         return AppLayerResult::ok();
     }

rust/src/http2/http2.rs

@@ -39,7 +39,8 @@ use std::ffi::CString;
 use std::fmt;
 use std::io;
 use suricata_sys::sys::{
-    AppProto, SCAppLayerForceProtocolChange, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+    AppLayerParserState, AppProto, SCAppLayerForceProtocolChange,
+    SCAppLayerProtoDetectConfProtoDetectionEnabled,
 };
 
 static mut ALPROTO_HTTP2: AppProto = ALPROTO_UNKNOWN;
@@ -1463,7 +1464,7 @@ unsafe extern "C" fn http2_state_tx_free(state: *mut std::os::raw::c_void, tx_id
 }
 
 unsafe extern "C" fn http2_parse_ts(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, HTTP2State);
@@ -1471,7 +1472,7 @@ unsafe extern "C" fn http2_parse_ts(
 }
 
 unsafe extern "C" fn http2_parse_tc(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, HTTP2State);

rust/src/ike/ike.rs

@@ -29,10 +29,12 @@ use crate::ike::ikev1::{handle_ikev1, IkeV1Header, Ikev1Container};
 use crate::ike::ikev2::{handle_ikev2, Ikev2Container};
 use crate::ike::parser::*;
 use nom7::Err;
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled};
 use std;
 use std::collections::HashSet;
 use std::ffi::CString;
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 
 #[derive(AppLayerEvent)]
 pub enum IkeEvent {
@@ -126,11 +128,11 @@ impl Transaction for IKETransaction {
 
 impl IKETransaction {
     pub fn new(direction: Direction) -> Self {
-	Self {
-	    direction,
-	    tx_data: applayer::AppLayerTxData::for_direction(direction),
-	    ..Default::default()
-	}
+        Self {
+            direction,
+            tx_data: applayer::AppLayerTxData::for_direction(direction),
+            ..Default::default()
+        }
     }
 
     /// Set an event.
@@ -173,7 +175,9 @@ impl IKEState {
     }
 
     pub fn get_tx(&mut self, tx_id: u64) -> Option<&mut IKETransaction> {
-        self.transactions.iter_mut().find(|tx| tx.tx_id == tx_id + 1)
+        self.transactions
+            .iter_mut()
+            .find(|tx| tx.tx_id == tx_id + 1)
     }
 
     pub fn new_tx(&mut self, direction: Direction) -> IKETransaction {
@@ -315,7 +319,7 @@ unsafe extern "C" fn ike_state_tx_free(state: *mut std::os::raw::c_void, tx_id:
 }
 
 unsafe extern "C" fn ike_parse_request(
-    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, IKEState);
@@ -323,7 +327,7 @@ unsafe extern "C" fn ike_parse_request(
 }
 
 unsafe extern "C" fn ike_parse_response(
-    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, IKEState);

rust/src/krb/krb5.rs

@@ -32,7 +32,9 @@ use nom7::number::streaming::be_u32;
 use nom7::{Err, IResult};
 use std;
 use std::ffi::CString;
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 
 #[derive(AppLayerEvent)]
 pub enum KRB5Event {
@@ -449,7 +451,7 @@ unsafe extern "C" fn krb5_probing_parser_tcp(
 }
 
 unsafe extern "C" fn krb5_parse_request(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let buf = stream_slice.as_slice();
@@ -461,7 +463,7 @@ unsafe extern "C" fn krb5_parse_request(
 }
 
 unsafe extern "C" fn krb5_parse_response(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let buf = stream_slice.as_slice();
@@ -473,7 +475,7 @@ unsafe extern "C" fn krb5_parse_response(
 }
 
 unsafe extern "C" fn krb5_parse_request_tcp(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, KRB5State);
@@ -531,7 +533,7 @@ unsafe extern "C" fn krb5_parse_request_tcp(
 }
 
 unsafe extern "C" fn krb5_parse_response_tcp(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, KRB5State);

rust/src/ldap/ldap.rs

@@ -29,7 +29,8 @@ use std::collections::VecDeque;
 use std::ffi::CString;
 use std::os::raw::{c_char, c_int, c_void};
 use suricata_sys::sys::{
-    AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade,
+    AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag,
+    SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade,
 };
 
 use crate::ldap::types::*;
@@ -178,7 +179,8 @@ impl LdapState {
     fn find_request(&mut self, message_id: MessageID) -> Option<&mut LdapTransaction> {
         self.transactions.iter_mut().find(|tx| {
             tx.request
-                .as_ref().is_some_and(|req| req.message_id == message_id)
+                .as_ref()
+                .is_some_and(|req| req.message_id == message_id)
         })
     }
 
@@ -577,11 +579,11 @@ unsafe extern "C" fn ldap_state_tx_free(state: *mut c_void, tx_id: u64) {
 }
 
 unsafe extern "C" fn ldap_parse_request(
-    flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
     if stream_slice.is_empty() {
-        if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 {
+        if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 {
             return AppLayerResult::ok();
         } else {
             return AppLayerResult::err();
@@ -598,11 +600,11 @@ unsafe extern "C" fn ldap_parse_request(
 }
 
 unsafe extern "C" fn ldap_parse_response(
-    flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
     if stream_slice.is_empty() {
-        if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 {
+        if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 {
             return AppLayerResult::ok();
         } else {
             return AppLayerResult::err();
@@ -618,16 +620,16 @@ unsafe extern "C" fn ldap_parse_response(
 }
 
 unsafe extern "C" fn ldap_parse_request_udp(
-    flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, LdapState);
     state.parse_request_udp(flow, stream_slice)
 }
 
 unsafe extern "C" fn ldap_parse_response_udp(
-    flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, LdapState);
     state.parse_response_udp(flow, stream_slice)

rust/src/modbus/modbus.rs

@@ -25,7 +25,10 @@ use sawp::error::ErrorKind as SawpErrorKind;
 use sawp::parser::{Direction, Parse};
 use sawp::probe::{Probe, Status};
 use sawp_modbus::{self, AccessType, ErrorFlags, Flags, Message};
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabledDefault};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag,
+    SCAppLayerProtoDetectConfProtoDetectionEnabledDefault,
+};
 
 pub const REQUEST_FLOOD: usize = 500; // Default unreplied Modbus requests are considered a flood
 pub const MODBUS_PARSER: sawp_modbus::Modbus = sawp_modbus::Modbus { probe_strict: true };
@@ -336,12 +339,12 @@ unsafe extern "C" fn modbus_state_tx_free(state: *mut std::os::raw::c_void, tx_i
 }
 
 unsafe extern "C" fn modbus_parse_request(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let buf = stream_slice.as_slice();
     if buf.is_empty() {
-        if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 {
+        if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 {
             return AppLayerResult::ok();
         } else {
             return AppLayerResult::err();
@@ -353,12 +356,12 @@ unsafe extern "C" fn modbus_parse_request(
 }
 
 unsafe extern "C" fn modbus_parse_response(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let buf = stream_slice.as_slice();
     if buf.is_empty() {
-        if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 {
+        if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 {
             return AppLayerResult::ok();
         } else {
             return AppLayerResult::err();

rust/src/mqtt/mqtt.rs

@@ -30,7 +30,9 @@ use nom7::Err;
 use std;
 use std::collections::VecDeque;
 use std::ffi::CString;
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 
 // Used as a special pseudo packet identifier to denote the first CONNECT
 // packet in a connection. Note that there is no risk of collision with a
@@ -679,7 +681,7 @@ unsafe extern "C" fn mqtt_state_tx_free(state: *mut std::os::raw::c_void, tx_id:
 }
 
 unsafe extern "C" fn mqtt_parse_request(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, MQTTState);
@@ -687,7 +689,7 @@ unsafe extern "C" fn mqtt_parse_request(
 }
 
 unsafe extern "C" fn mqtt_parse_response(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, MQTTState);

rust/src/nfs/nfs.rs

@@ -24,7 +24,7 @@ use std::ffi::CString;
 
 use nom7::{Err, Needed};
 use suricata_sys::sys::{
-    AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
     SCAppLayerProtoDetectPPParseConfPorts, SCAppLayerProtoDetectPPRegister,
 };
 
@@ -1938,7 +1938,7 @@ extern "C" fn nfs_state_free(state: *mut std::os::raw::c_void) {
 
 /// C binding parse a NFS TCP request. Returns 1 on success, -1 on failure.
 unsafe extern "C" fn nfs_parse_request(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, NFSState);
@@ -1958,7 +1958,7 @@ extern "C" fn nfs_parse_request_tcp_gap(state: &mut NFSState, input_len: u32) ->
 }
 
 unsafe extern "C" fn nfs_parse_response(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, NFSState);
@@ -1979,7 +1979,7 @@ extern "C" fn nfs_parse_response_tcp_gap(state: &mut NFSState, input_len: u32) -
 
 /// C binding to parse an NFS/UDP request. Returns 1 on success, -1 on failure.
 unsafe extern "C" fn nfs_parse_request_udp(
-    f: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    f: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, NFSState);
@@ -1989,7 +1989,7 @@ unsafe extern "C" fn nfs_parse_request_udp(
 }
 
 unsafe extern "C" fn nfs_parse_response_udp(
-    f: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    f: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, NFSState);

rust/src/ntp/ntp.rs

@@ -28,7 +28,9 @@ use std;
 use std::ffi::CString;
 
 use nom7::Err;
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 
 #[derive(AppLayerEvent)]
 pub enum NTPEvent {
@@ -177,7 +179,7 @@ extern "C" fn ntp_state_free(state: *mut std::os::raw::c_void) {
 }
 
 unsafe extern "C" fn ntp_parse_request(
-    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, NTPState);
@@ -188,7 +190,7 @@ unsafe extern "C" fn ntp_parse_request(
 }
 
 unsafe extern "C" fn ntp_parse_response(
-    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, NTPState);

rust/src/pgsql/pgsql.rs

@@ -31,7 +31,8 @@ use std;
 use std::collections::VecDeque;
 use std::ffi::CString;
 use suricata_sys::sys::{
-    AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade,
+    AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag,
+    SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade,
 };
 
 const PGSQL_CONFIG_DEFAULT_STREAM_DEPTH: u32 = 0;
@@ -835,11 +836,11 @@ unsafe extern "C" fn state_tx_free(state: *mut std::os::raw::c_void, tx_id: u64)
 }
 
 unsafe extern "C" fn parse_request(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     if stream_slice.is_empty() {
-        if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 {
+        if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 {
             SCLogDebug!(" Suricata reached `eof`");
             return AppLayerResult::ok();
         } else {
@@ -858,11 +859,11 @@ unsafe extern "C" fn parse_request(
 }
 
 unsafe extern "C" fn parse_response(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     if stream_slice.is_empty() {
-        if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 {
+        if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 {
             return AppLayerResult::ok();
         } else {
             return AppLayerResult::err();

rust/src/pop3/pop3.rs

@@ -29,7 +29,8 @@ use std::collections::VecDeque;
 use std::ffi::CString;
 use std::os::raw::{c_char, c_int, c_void};
 use suricata_sys::sys::{
-    AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade,
+    AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag,
+    SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerRequestProtocolTLSUpgrade,
 };
 
 use sawp::error::Error as SawpError;
@@ -401,10 +402,10 @@ unsafe extern "C" fn pop3_state_tx_free(state: *mut c_void, tx_id: u64) {
 }
 
 unsafe extern "C" fn pop3_parse_request(
-    flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice,
+    flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice,
     _data: *const c_void,
 ) -> AppLayerResult {
-    let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0;
+    let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0;
 
     if eof {
         // If needed, handle EOF, or pass it into the parser.
@@ -425,10 +426,10 @@ unsafe extern "C" fn pop3_parse_request(
 }
 
 unsafe extern "C" fn pop3_parse_response(
-    flow: *mut Flow, state: *mut c_void, pstate: *mut c_void, stream_slice: StreamSlice,
+    flow: *mut Flow, state: *mut c_void, pstate: *mut AppLayerParserState, stream_slice: StreamSlice,
     _data: *const c_void,
 ) -> AppLayerResult {
-    let _eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0;
+    let _eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0;
     let state = cast_pointer!(state, POP3State);
 
     if stream_slice.is_gap() {

rust/src/quic/quic.rs

@@ -33,7 +33,9 @@ use crate::{
 };
 use std::collections::VecDeque;
 use std::ffi::CString;
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 use tls_parser::TlsExtensionType;
 
 static mut ALPROTO_QUIC: AppProto = ALPROTO_UNKNOWN;
@@ -464,7 +466,7 @@ unsafe extern "C" fn quic_probing_parser(
 }
 
 unsafe extern "C" fn quic_parse_tc(
-    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, QuicState);
@@ -478,7 +480,7 @@ unsafe extern "C" fn quic_parse_tc(
 }
 
 unsafe extern "C" fn quic_parse_ts(
-    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    _flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, QuicState);

rust/src/rdp/rdp.rs

@@ -25,7 +25,9 @@ use crate::flow::Flow;
 use crate::rdp::parser::*;
 use crate::direction::Direction;
 use nom7::Err;
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 use std;
 use std::collections::VecDeque;
 use tls_parser::{parse_tls_plaintext, TlsMessage, TlsMessageHandshake, TlsRecordType};
@@ -441,7 +443,7 @@ fn probe_tls_handshake(input: &[u8]) -> bool {
 //
 
 unsafe extern "C" fn rdp_parse_ts(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void
 ) -> AppLayerResult {
@@ -452,7 +454,7 @@ unsafe extern "C" fn rdp_parse_ts(
 }
 
 unsafe extern "C" fn rdp_parse_tc(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void
 ) -> AppLayerResult {

rust/src/rfb/rfb.rs

@@ -21,18 +21,20 @@
 use super::parser;
 use crate::applayer;
 use crate::applayer::*;
-use crate::core::{ALPROTO_UNKNOWN, IPPROTO_TCP, sc_app_layer_parser_trigger_raw_stream_inspection};
+use crate::core::{
+    sc_app_layer_parser_trigger_raw_stream_inspection, ALPROTO_UNKNOWN, IPPROTO_TCP,
+};
 use crate::direction::Direction;
 use crate::flow::Flow;
 use crate::frames::*;
 use nom7::Err;
-use suricata_sys::sys::{
-    AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
-    SCAppLayerProtoDetectPMRegisterPatternCI,
-};
 use std;
 use std::ffi::CString;
 use std::os::raw::c_char;
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+    SCAppLayerProtoDetectPMRegisterPatternCI,
+};
 
 pub(super) static mut ALPROTO_RFB: AppProto = ALPROTO_UNKNOWN;
 
@@ -221,7 +223,10 @@ impl RFBState {
 
                             if let Some(current_transaction) = self.get_current_tx() {
                                 current_transaction.ts_client_protocol_version = Some(request);
-                                sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToServer as i32);
+                                sc_app_layer_parser_trigger_raw_stream_inspection(
+                                    flow,
+                                    Direction::ToServer as i32,
+                                );
                             } else {
                                 debug_validate_fail!(
                                     "no transaction set at protocol selection stage"
@@ -261,7 +266,10 @@ impl RFBState {
                                 current_transaction.ts_security_type_selection = Some(request);
                                 current_transaction.chosen_security_type =
                                     Some(chosen_security_type as u32);
-                                sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToServer as i32);
+                                sc_app_layer_parser_trigger_raw_stream_inspection(
+                                    flow,
+                                    Direction::ToServer as i32,
+                                );
                             } else {
                                 debug_validate_fail!("no transaction set at security type stage");
                             }
@@ -319,7 +327,10 @@ impl RFBState {
 
                         if let Some(current_transaction) = self.get_current_tx() {
                             current_transaction.ts_vnc_response = Some(request);
-                            sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToServer as i32);
+                            sc_app_layer_parser_trigger_raw_stream_inspection(
+                                flow,
+                                Direction::ToServer as i32,
+                            );
                         } else {
                             debug_validate_fail!("no transaction set at security result stage");
                         }
@@ -358,7 +369,10 @@ impl RFBState {
 
                         if let Some(current_transaction) = self.get_current_tx() {
                             current_transaction.ts_client_init = Some(request);
-                            sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToServer as i32);
+                            sc_app_layer_parser_trigger_raw_stream_inspection(
+                                flow,
+                                Direction::ToServer as i32,
+                            );
                         } else {
                             debug_validate_fail!("no transaction set at client init stage");
                         }
@@ -445,7 +459,10 @@ impl RFBState {
 
                             if let Some(current_transaction) = self.get_current_tx() {
                                 current_transaction.tc_server_protocol_version = Some(request);
-                                sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32);
+                                sc_app_layer_parser_trigger_raw_stream_inspection(
+                                    flow,
+                                    Direction::ToClient as i32,
+                                );
                             } else {
                                 debug_validate_fail!("no transaction set but we just set one");
                             }
@@ -495,7 +512,10 @@ impl RFBState {
 
                             if let Some(current_transaction) = self.get_current_tx() {
                                 current_transaction.tc_supported_security_types = Some(request);
-                                sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32);
+                                sc_app_layer_parser_trigger_raw_stream_inspection(
+                                    flow,
+                                    Direction::ToClient as i32,
+                                );
                             } else {
                                 debug_validate_fail!("no transaction set at security type stage");
                             }
@@ -562,7 +582,10 @@ impl RFBState {
                                 current_transaction.tc_server_security_type = Some(request);
                                 current_transaction.chosen_security_type =
                                     Some(chosen_security_type);
-                                sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32);
+                                sc_app_layer_parser_trigger_raw_stream_inspection(
+                                    flow,
+                                    Direction::ToClient as i32,
+                                );
                             } else {
                                 debug_validate_fail!("no transaction set at security type stage");
                             }
@@ -602,7 +625,10 @@ impl RFBState {
 
                         if let Some(current_transaction) = self.get_current_tx() {
                             current_transaction.tc_vnc_challenge = Some(request);
-                            sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32);
+                            sc_app_layer_parser_trigger_raw_stream_inspection(
+                                flow,
+                                Direction::ToClient as i32,
+                            );
                         } else {
                             debug_validate_fail!("no transaction set at auth stage");
                         }
@@ -643,7 +669,10 @@ impl RFBState {
 
                                 if let Some(current_transaction) = self.get_current_tx() {
                                     current_transaction.tc_security_result = Some(request);
-                                    sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32);
+                                    sc_app_layer_parser_trigger_raw_stream_inspection(
+                                        flow,
+                                        Direction::ToClient as i32,
+                                    );
                                 } else {
                                     debug_validate_fail!(
                                         "no transaction set at security result stage"
@@ -683,7 +712,10 @@ impl RFBState {
                         Ok((_rem, request)) => {
                             if let Some(current_transaction) = self.get_current_tx() {
                                 current_transaction.tc_failure_reason = Some(request);
-                                sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32);
+                                sc_app_layer_parser_trigger_raw_stream_inspection(
+                                    flow,
+                                    Direction::ToClient as i32,
+                                );
                             } else {
                                 debug_validate_fail!("no transaction set at failure reason stage");
                             }
@@ -725,7 +757,10 @@ impl RFBState {
 
                             if let Some(current_transaction) = self.get_current_tx() {
                                 current_transaction.tc_server_init = Some(request);
-                                sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32);
+                                sc_app_layer_parser_trigger_raw_stream_inspection(
+                                    flow,
+                                    Direction::ToClient as i32,
+                                );
                                 // connection initialization is complete and parsed
                                 current_transaction.complete = true;
                             } else {
@@ -796,7 +831,7 @@ unsafe extern "C" fn rfb_state_tx_free(state: *mut std::os::raw::c_void, tx_id:
 }
 
 unsafe extern "C" fn rfb_parse_request(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, RFBState);
@@ -804,7 +839,7 @@ unsafe extern "C" fn rfb_parse_request(
 }
 
 unsafe extern "C" fn rfb_parse_response(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, RFBState);

rust/src/sip/sip.rs

@@ -19,19 +19,21 @@
 
 use crate::applayer::{self, *};
 use crate::core;
-use crate::core::{ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP, sc_app_layer_parser_trigger_raw_stream_inspection};
+use crate::core::{
+    sc_app_layer_parser_trigger_raw_stream_inspection, ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP,
+};
 use crate::direction::Direction;
 use crate::flow::Flow;
 use crate::frames::*;
 use crate::sip::parser::*;
 use nom7::Err;
-use suricata_sys::sys::{
-    AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
-    SCAppLayerProtoDetectPMRegisterPatternCS,
-};
 use std;
 use std::collections::VecDeque;
 use std::ffi::CString;
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag,
+    SCAppLayerProtoDetectConfProtoDetectionEnabled, SCAppLayerProtoDetectPMRegisterPatternCS,
+};
 
 // app-layer-frame-documentation tag start: FrameType enum
 #[derive(AppLayerFrameType)]
@@ -185,7 +187,10 @@ impl SIPState {
                         tx.request_line = req_line;
                     }
                     self.transactions.push_back(tx);
-                    sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToServer as i32);
+                    sc_app_layer_parser_trigger_raw_stream_inspection(
+                        flow,
+                        Direction::ToServer as i32,
+                    );
                     let consumed = start.len() - rem.len();
                     start = rem;
 
@@ -281,7 +286,10 @@ impl SIPState {
                         tx.response_line = resp_line;
                     }
                     self.transactions.push_back(tx);
-                    sc_app_layer_parser_trigger_raw_stream_inspection(flow, Direction::ToClient as i32);
+                    sc_app_layer_parser_trigger_raw_stream_inspection(
+                        flow,
+                        Direction::ToClient as i32,
+                    );
                     let consumed = start.len() - rem.len();
                     start = rem;
 
@@ -440,7 +448,7 @@ extern "C" fn sip_tx_get_alstate_progress(
 pub static mut ALPROTO_SIP: AppProto = ALPROTO_UNKNOWN;
 
 unsafe extern "C" fn sip_parse_request(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, SIPState);
@@ -448,11 +456,11 @@ unsafe extern "C" fn sip_parse_request(
 }
 
 unsafe extern "C" fn sip_parse_request_tcp(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     if stream_slice.is_empty() {
-        if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 {
+        if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 {
             return AppLayerResult::ok();
         } else {
             return AppLayerResult::err();
@@ -464,7 +472,7 @@ unsafe extern "C" fn sip_parse_request_tcp(
 }
 
 unsafe extern "C" fn sip_parse_response(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, _pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, SIPState);
@@ -472,11 +480,11 @@ unsafe extern "C" fn sip_parse_response(
 }
 
 unsafe extern "C" fn sip_parse_response_tcp(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     if stream_slice.is_empty() {
-        if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 {
+        if SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0 {
             return AppLayerResult::ok();
         } else {
             return AppLayerResult::err();

rust/src/smb/smb.rs

@@ -35,7 +35,7 @@ use nom7::error::{make_error, ErrorKind};
 
 use lru::LruCache;
 use suricata_sys::sys::{
-    AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
     SCAppLayerProtoDetectPMRegisterPatternCSwPP, SCAppLayerProtoDetectPPParseConfPorts,
     SCAppLayerProtoDetectPPRegister,
 };
@@ -2009,7 +2009,7 @@ extern "C" fn smb_state_free(state: *mut std::os::raw::c_void) {
 /// C binding parse a SMB request. Returns 1 on success, -1 on failure.
 unsafe extern "C" fn smb_parse_request_tcp(flow: *mut Flow,
                                        state: *mut ffi::c_void,
-                                       _pstate: *mut std::os::raw::c_void,
+                                       _pstate: *mut AppLayerParserState,
                                        stream_slice: StreamSlice,
                                        _data: *const std::os::raw::c_void,
                                        )
@@ -2044,7 +2044,7 @@ extern "C" fn smb_parse_request_tcp_gap(
 
 unsafe extern "C" fn smb_parse_response_tcp(flow: *mut Flow,
                                         state: *mut ffi::c_void,
-                                        _pstate: *mut std::os::raw::c_void,
+                                        _pstate: *mut AppLayerParserState,
                                         stream_slice: StreamSlice,
                                         _data: *const ffi::c_void,
                                         )

rust/src/snmp/snmp.rs

@@ -33,7 +33,7 @@ use der_parser::der::parse_der_sequence;
 use nom7::{Err, IResult};
 use nom7::error::{ErrorKind, make_error};
 use suricata_sys::sys::{
-    AppProto, AppProtoNewProtoFromString, EveJsonTxLoggerRegistrationData,
+    AppLayerParserState, AppProto, AppProtoNewProtoFromString, EveJsonTxLoggerRegistrationData,
     SCAppLayerProtoDetectConfProtoDetectionEnabled, SCOutputEvePreRegisterLogger,
     SCOutputJsonLogDirection, SCSigTablePreRegister,
 };
@@ -273,7 +273,7 @@ extern "C" fn snmp_state_free(state: *mut std::os::raw::c_void) {
 
 unsafe extern "C" fn snmp_parse_request(_flow: *mut Flow,
                                        state: *mut std::os::raw::c_void,
-                                       _pstate: *mut std::os::raw::c_void,
+                                       _pstate: *mut AppLayerParserState,
                                        stream_slice: StreamSlice,
                                        _data: *const std::os::raw::c_void,
                                        ) -> AppLayerResult {
@@ -283,7 +283,7 @@ unsafe extern "C" fn snmp_parse_request(_flow: *mut Flow,
 
 unsafe extern "C" fn snmp_parse_response(_flow: *mut Flow,
                                        state: *mut std::os::raw::c_void,
-                                       _pstate: *mut std::os::raw::c_void,
+                                       _pstate: *mut AppLayerParserState,
                                        stream_slice: StreamSlice,
                                        _data: *const std::os::raw::c_void,
                                        ) -> AppLayerResult {

rust/src/ssh/ssh.rs

@@ -25,7 +25,7 @@ use nom7::Err;
 use std::ffi::CString;
 use std::sync::atomic::{AtomicBool, Ordering};
 use suricata_sys::sys::{
-    AppLayerParserState_, AppProto, SCAppLayerParserStateSetFlag,
+    AppLayerParserState, AppProto, SCAppLayerParserStateSetFlag,
     SCAppLayerProtoDetectConfProtoDetectionEnabled,
 };
 
@@ -139,7 +139,7 @@ impl SSHState {
     }
 
     fn parse_record(
-        &mut self, mut input: &[u8], resp: bool, pstate: *mut std::os::raw::c_void,
+        &mut self, mut input: &[u8], resp: bool, pstate: *mut AppLayerParserState,
         flow: *const Flow, stream_slice: &StreamSlice,
     ) -> AppLayerResult {
         let (hdr, ohdr) = if !resp {
@@ -239,11 +239,7 @@ impl SSHState {
 
                                 if flags != 0 {
                                     unsafe {
-                                        // TODO a later bindgen should prove that this cast is useless
-                                        SCAppLayerParserStateSetFlag(
-                                            pstate as *mut AppLayerParserState_,
-                                            flags,
-                                        );
+                                        SCAppLayerParserStateSetFlag(pstate, flags);
                                     }
                                 }
                             }
@@ -336,7 +332,7 @@ impl SSHState {
     }
 
     fn parse_banner(
-        &mut self, input: &[u8], resp: bool, pstate: *mut std::os::raw::c_void, flow: *const Flow,
+        &mut self, input: &[u8], resp: bool, pstate: *mut AppLayerParserState, flow: *const Flow,
         stream_slice: &StreamSlice,
     ) -> AppLayerResult {
         let hdr = if !resp {
@@ -461,7 +457,7 @@ extern "C" fn ssh_state_tx_free(_state: *mut std::os::raw::c_void, _tx_id: u64)
 }
 
 unsafe extern "C" fn ssh_parse_request(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = &mut cast_pointer!(state, SSHState);
@@ -476,7 +472,7 @@ unsafe extern "C" fn ssh_parse_request(
 }
 
 unsafe extern "C" fn ssh_parse_response(
-    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut std::os::raw::c_void,
+    flow: *mut Flow, state: *mut std::os::raw::c_void, pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice, _data: *const std::os::raw::c_void,
 ) -> AppLayerResult {
     let state = &mut cast_pointer!(state, SSHState);

rust/src/telnet/telnet.rs

@@ -22,7 +22,10 @@ use crate::flow::Flow;
 use crate::frames::*;
 use std::ffi::CString;
 use nom7::IResult;
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerParserStateIssetFlag,
+    SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 use super::parser;
 
 static mut ALPROTO_TELNET: AppProto = ALPROTO_UNKNOWN;
@@ -417,11 +420,11 @@ unsafe extern "C" fn telnet_state_tx_free(
 unsafe extern "C" fn telnet_parse_request(
     flow: *mut Flow,
     state: *mut std::os::raw::c_void,
-    pstate: *mut std::os::raw::c_void,
+    pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void
 ) -> AppLayerResult {
-    let eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0;
+    let eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0;
 
     if eof {
         // If needed, handle EOF, or pass it into the parser.
@@ -444,11 +447,11 @@ unsafe extern "C" fn telnet_parse_request(
 unsafe extern "C" fn telnet_parse_response(
     flow: *mut Flow,
     state: *mut std::os::raw::c_void,
-    pstate: *mut std::os::raw::c_void,
+    pstate: *mut AppLayerParserState,
     stream_slice: StreamSlice,
     _data: *const std::os::raw::c_void
 ) -> AppLayerResult {
-    let _eof = AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0;
+    let _eof = SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) > 0;
     let state = cast_pointer!(state, TelnetState);
 
     if stream_slice.is_gap() {

rust/src/websocket/websocket.rs

@@ -30,7 +30,9 @@ use nom7::Needed;
 
 use flate2::Decompress;
 use flate2::FlushDecompress;
-use suricata_sys::sys::{AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled};
+use suricata_sys::sys::{
+    AppLayerParserState, AppProto, SCAppLayerProtoDetectConfProtoDetectionEnabled,
+};
 
 use std;
 use std::collections::VecDeque;
@@ -344,16 +346,16 @@ unsafe extern "C" fn websocket_state_tx_free(state: *mut c_void, tx_id: u64) {
 }
 
 unsafe extern "C" fn websocket_parse_request(
-    flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, WebSocketState);
     state.parse(stream_slice, Direction::ToServer, flow)
 }
 
 unsafe extern "C" fn websocket_parse_response(
-    flow: *mut Flow, state: *mut c_void, _pstate: *mut c_void, stream_slice: StreamSlice,
-    _data: *const c_void,
+    flow: *mut Flow, state: *mut c_void, _pstate: *mut AppLayerParserState,
+    stream_slice: StreamSlice, _data: *const c_void,
 ) -> AppLayerResult {
     let state = cast_pointer!(state, WebSocketState);
     state.parse(stream_slice, Direction::ToClient, flow)

rust/sys/src/sys.rs

@@ -698,3 +698,6 @@ pub type AppLayerParserState = AppLayerParserState_;
 extern "C" {
     pub fn SCAppLayerParserStateSetFlag(pstate: *mut AppLayerParserState, flag: u16);
 }
+extern "C" {
+    pub fn SCAppLayerParserStateIssetFlag(pstate: *mut AppLayerParserState, flag: u16) -> u16;
+}

src/app-layer-ftp.c

@@ -422,7 +422,7 @@ static AppLayerResult FTPParseRequest(Flow *f, void *ftp_state, AppLayerParserSt
     const uint8_t *input = StreamSliceGetData(&stream_slice);
     uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
 
-    if (input == NULL && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) {
+    if (input == NULL && SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) {
         SCReturnStruct(APP_LAYER_OK);
     } else if (input == NULL || input_len == 0) {
         SCReturnStruct(APP_LAYER_ERROR);
@@ -986,8 +986,8 @@ static AppLayerResult FTPDataParse(Flow *f, FtpDataState *ftpdata_state,
     const uint8_t *input = StreamSliceGetData(&stream_slice);
     uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
     const bool eof = (direction & STREAM_TOSERVER)
-                             ? AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) != 0
-                             : AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) != 0;
+                             ? SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) != 0
+                             : SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) != 0;
 
     SCTxDataUpdateFileFlags(&ftpdata_state->tx_data, ftpdata_state->state_data.file_flags);
     if (ftpdata_state->tx_data.file_tx == 0)

src/app-layer-htp.c

@@ -823,9 +823,8 @@ static AppLayerResult HTPHandleRequestData(Flow *f, void *htp_state, AppLayerPar
     }
 
     /* if the TCP connection is closed, then close the HTTP connection */
-    if (AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) &&
-        !(hstate->flags & HTP_FLAG_STATE_CLOSED_TS))
-    {
+    if (SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) &&
+            !(hstate->flags & HTP_FLAG_STATE_CLOSED_TS)) {
         htp_connp_request_close(hstate->connp, &ts);
         hstate->flags |= HTP_FLAG_STATE_CLOSED_TS;
         SCLogDebug("stream eof encountered, closing htp handle for ts");
@@ -938,9 +937,8 @@ static AppLayerResult HTPHandleResponseData(Flow *f, void *htp_state, AppLayerPa
     }
 
     /* if we the TCP connection is closed, then close the HTTP connection */
-    if (AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) &&
-        !(hstate->flags & HTP_FLAG_STATE_CLOSED_TC))
-    {
+    if (SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC) &&
+            !(hstate->flags & HTP_FLAG_STATE_CLOSED_TC)) {
         htp_connp_close(hstate->connp, &ts);
         hstate->flags |= HTP_FLAG_STATE_CLOSED_TC;
     }

src/app-layer-parser.c

@@ -1826,8 +1826,8 @@ void SCAppLayerParserStateSetFlag(AppLayerParserState *pstate, uint16_t flag)
     SCReturn;
 }
 
-/* coccinelle: AppLayerParserStateIssetFlag():2,2:APP_LAYER_PARSER_ */
-uint16_t AppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint16_t flag)
+/* coccinelle: SCAppLayerParserStateIssetFlag():2,2:APP_LAYER_PARSER_ */
+uint16_t SCAppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint16_t flag)
 {
     SCEnter();
     SCReturnUInt(pstate->flags & flag);

src/app-layer-parser.h

@@ -303,7 +303,7 @@ void AppLayerParserStateCleanup(const Flow *f, void *alstate, AppLayerParserStat
 void AppLayerParserRegisterProtocolParsers(void);
 
 void SCAppLayerParserStateSetFlag(AppLayerParserState *pstate, uint16_t flag);
-uint16_t AppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint16_t flag);
+uint16_t SCAppLayerParserStateIssetFlag(AppLayerParserState *pstate, uint16_t flag);
 
 AppLayerParserState *AppLayerParserStateAlloc(void);
 void AppLayerParserStateFree(AppLayerParserState *pstate);

src/app-layer-smtp.c

@@ -1391,9 +1391,9 @@ static AppLayerResult SMTPParse(uint8_t direction, Flow *f, SMTPState *state,
     uint32_t input_len = StreamSliceGetDataLen(&stream_slice);
 
     if (input_buf == NULL &&
-            ((direction == 0 && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) ||
+            ((direction == 0 && SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) ||
                     (direction == 1 &&
-                            AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)))) {
+                            SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)))) {
         SCReturnStruct(APP_LAYER_OK);
     } else if (input_buf == NULL || input_len == 0) {
         SCReturnStruct(APP_LAYER_OK);

src/app-layer-ssh.c

@@ -1151,7 +1151,7 @@ static int SSHParserTest18(void)
     void *tx = SCSshStateGetTx(ssh_state, 0);
     FAIL_IF(SCSshTxGetFlags(tx, STREAM_TOCLIENT) != SshStateFinished);
 
-    FAIL_IF(!(AppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_NO_INSPECTION)));
+    FAIL_IF(!(SCAppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_NO_INSPECTION)));
 
     UTHFreePacket(p);
     StreamTcpUTClearSession(&ssn);

src/app-layer-ssl.c

@@ -2669,9 +2669,9 @@ static AppLayerResult SSLDecode(Flow *f, uint8_t direction, void *alstate,
     int32_t input_len = (int32_t)StreamSliceGetDataLen(&stream_slice);
 
     if ((input == NULL || input_len == 0) &&
-            ((direction == 0 && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) ||
+            ((direction == 0 && SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) ||
                     (direction == 1 &&
-                            AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)))) {
+                            SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)))) {
         /* flag session as finished if APP_LAYER_PARSER_EOF is set */
         if (direction == 0)
             UpdateClientState(ssl_state, TLS_STATE_CLIENT_FINISHED);
@@ -2795,8 +2795,8 @@ static AppLayerResult SSLDecode(Flow *f, uint8_t direction, void *alstate,
     }
 
     /* flag session as finished if APP_LAYER_PARSER_EOF is set */
-    if (AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) &&
-        AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)) {
+    if (SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) &&
+            SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TC)) {
         /* update both sides to keep existing behavior */
         UpdateClientState(ssl_state, TLS_STATE_CLIENT_FINISHED);
         UpdateServerState(ssl_state, TLS_STATE_SERVER_FINISHED);

src/app-layer-tftp.c

@@ -98,7 +98,7 @@ static AppLayerResult TFTPParseRequest(Flow *f, void *state, AppLayerParserState
 
     /* Likely connection closed, we can just return here. */
     if ((input == NULL || input_len == 0) &&
-        AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) {
+            SCAppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS)) {
         SCReturnStruct(APP_LAYER_OK);
     }
 

src/detect.c

@@ -164,7 +164,7 @@ static void DetectRun(ThreadVars *th_v,
             }
             const TcpSession *ssn = p->flow->protoctx;
             bool setting_nopayload = p->flow->alparser &&
-                                     AppLayerParserStateIssetFlag(
+                                     SCAppLayerParserStateIssetFlag(
                                              p->flow->alparser, APP_LAYER_PARSER_NO_INSPECTION) &&
                                      !(p->flags & PKT_NOPAYLOAD_INSPECTION);
             // we may be right after disabling app-layer (ssh)

src/flow-worker.c

@@ -381,7 +381,7 @@ static inline void FlowWorkerStreamTCPUpdate(ThreadVars *tv, FlowWorkerThreadDat
     // this is the first packet that sets no payload inspection
     bool setting_nopayload =
             p->flow->alparser &&
-            AppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_NO_INSPECTION) &&
+            SCAppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_NO_INSPECTION) &&
             !(p->flags & PKT_NOPAYLOAD_INSPECTION);
     if (FlowChangeProto(p->flow) || setting_nopayload) {
         StreamTcpDetectLogFlush(tv, fw->stream_thread, p->flow, p, &fw->pq);

src/output-json-frame.c

@@ -351,11 +351,11 @@ static int FrameJson(ThreadVars *tv, JsonFrameLogThread *aft, const Packet *p)
         frames = &frames_container->toserver;
         SCLogDebug("TOSERVER base %" PRIu64 ", app %" PRIu64, STREAM_BASE_OFFSET(stream),
                 STREAM_APP_PROGRESS(stream));
-        eof |= AppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_EOF_TS) != 0;
+        eof |= SCAppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_EOF_TS) != 0;
     } else {
         stream = &ssn->server;
         frames = &frames_container->toclient;
-        eof |= AppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_EOF_TC) != 0;
+        eof |= SCAppLayerParserStateIssetFlag(p->flow->alparser, APP_LAYER_PARSER_EOF_TC) != 0;
     }
     eof |= last_pseudo;
     SCLogDebug("eof %s", eof ? "true" : "false");

src/output-tx.c

@@ -380,8 +380,8 @@ static TmEcode OutputTxLog(ThreadVars *tv, Packet *p, void *thread_data)
     SCLogDebug("pcap_cnt %" PRIu64, p->pcap_cnt);
 
     const bool last_pseudo = (p->flowflags & FLOW_PKT_LAST_PSEUDO) != 0;
-    const bool ts_eof = AppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TS) != 0;
-    const bool tc_eof = AppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TC) != 0;
+    const bool ts_eof = SCAppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TS) != 0;
+    const bool tc_eof = SCAppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TC) != 0;
 
     const bool eof = last_pseudo || (ts_eof && tc_eof);
     SCLogDebug("eof %d last_pseudo %d ts_eof %d tc_eof %d", eof, last_pseudo, ts_eof, tc_eof);

src/tests/fuzz/fuzz_applayerparserparse.c

@@ -159,10 +159,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
             }
             flags &= ~(STREAM_START);
             if (f->alparser &&
-                   (((flags & STREAM_TOSERVER) != 0 &&
-                     AppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TS)) ||
-                    ((flags & STREAM_TOCLIENT) != 0 &&
-                     AppLayerParserStateIssetFlag(f->alparser, APP_LAYER_PARSER_EOF_TC)))) {
+                    (((flags & STREAM_TOSERVER) != 0 && SCAppLayerParserStateIssetFlag(f->alparser,
+                                                                APP_LAYER_PARSER_EOF_TS)) ||
+                            ((flags & STREAM_TOCLIENT) != 0 &&
+                                    SCAppLayerParserStateIssetFlag(
+                                            f->alparser, APP_LAYER_PARSER_EOF_TC)))) {
                 //no final chunk
                 alsize = 0;
                 break;