devguide/transactions: update & refine diagrams

- DNS sequence diagram was incorrect (transactions should be unidirectional). After changing it, it made sense to rename the file. Adjusted spacing, too. Updated transactions.rst accordingly. - TLS sequence diagram was refined to illustrate how Suricata actually implements the protocol.
4 years ago · d6c5dfacc7
parent 84311ab151
commit d6c5dfacc7
3 changed files with 22 additions and 11 deletions
--- a/doc/devguide/extending/app-layer/img/DnsRequestUnidirectionalTransaction.msc
+++ b/doc/devguide/extending/app-layer/img/DnsRequestUnidirectionalTransaction.msc
@ -9,7 +9,8 @@ msc {

    # Message Flow
    a =>> b [ label = "DNS Request" ];
-    b =>> a [ label = "DNS Response" ];
+    --- [ label = "Transaction 1 Completed" ];
    |||;
-    --- [ label = "Transaction Completed" ];
+    b =>> a [ label = "DNS Response" ];
+    --- [ label = "Transaction 2 Completed" ];
 }
--- a/doc/devguide/extending/app-layer/img/TlsHandshake.msc
+++ b/doc/devguide/extending/app-layer/img/TlsHandshake.msc
@ -5,17 +5,27 @@ msc {
    arcgradient = "10";

    # Entities
-    a [ label = "Client" ], b [ label = "Server"];
+    a [ label = "Client" ], b [ label = "Server" ];

    # Message Flow
-    a =>> b [ label = "ClientHello"];
-    b =>> a [ label = "ServerHello"];
-    b =>> a [ label = "ServerCertificate"];
-    b =>> a [ label = "ServerHello Done"];
-    a =>> b [ label = "ClientCertificate"];
-    a =>> b [ label = "ClientKeyExchange"];
+    # TLS_STATE_IN_PROGRESS = 0,
+    a abox b [ label = "TLS_STATE_IN_PROGRESS" ];
+    a =>> b [ label = "ClientHello" ];
+    b =>> a [ label = "ServerHello" ];
+    b =>> a [ label = "ServerCertificate" ];
+    b =>> a [ label = "ServerHello Done" ];
+
+    a =>> b [ label = "ClientCertificate" ];
+    # TLS_STATE_CERT_READY = 1,
+    a abox b [ label = "TLS_STATE_CERT_READY" ];
+    a =>> b [ label = "ClientKeyExchange" ];
+
    a =>> b [ label = "Finished" ];
    b =>> a [ label = "Finished" ];
-
+    # TLS_HANDSHAKE_DONE = 2,
+    a abox b [ label = "TLS_HANDSHAKE_DONE" ];
+    ...;
+    # TLS_STATE_FINISHED = 3
+    a abox b [ label = "TLS_STATE_FINISHED" ];
    --- [ label = "Transaction Completed" ];
 }
--- a/doc/devguide/extending/app-layer/transactions.rst
+++ b/doc/devguide/extending/app-layer/transactions.rst
@ -216,7 +216,7 @@ Sequence Diagrams

 A DNS transaction in Suricata can be considered unidirectional:

-.. image:: img/DnsRequestUnidirectionalTransaction.png
+.. image:: img/DnsUnidirectionalTransactions.png
  :width: 600
  :alt: A sequence diagram with two entities, Client and Server, with an arrow going from the Client to the Server, labeled "DNS Request". After that, there is a dotted line labeled "Transaction Completed".