-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rust/sip: register parser for tcp v7 #9483
Conversation
Accepts valid characters as defined in RFC3261.
This patch lets the parser to work over tcp protocol, taking care of handling data before calling the request/response parsers. Ticket OISF#3351.
This patch permits to set a direction when a new transaction is created in order to avoid 'signature shadowing' as reported by Eric Leblond in commit 5aaf507
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #9483 +/- ##
==========================================
- Coverage 82.18% 82.16% -0.03%
==========================================
Files 968 968
Lines 274199 274336 +137
==========================================
+ Hits 225363 225406 +43
- Misses 48836 48930 +94
Flags with carried forward coverage won't be shown. Click here to find out more. |
@@ -50,6 +50,7 @@ vars: | |||
GENEVE_PORTS: 6081 | |||
VXLAN_PORTS: 4789 | |||
TEREDO_PORTS: 3544 | |||
SIP_PORTS: "[5060, 5061]" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is meant to be used in signatures, right ?
git grep SIP_PORTS
does not yield anything else
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes, that's right.
if AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) > 0 { | ||
return AppLayerResult::ok(); | ||
} else { | ||
return AppLayerResult::err(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How can we end up here ? stream_slice.is_empty() && AppLayerParserStateIssetFlag(pstate, APP_LAYER_PARSER_EOF_TS) == 0
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not really sure it's needed actually, but I thought that it would be good to check if eof is reached.
Maybe commit message |
Where should we document this change @jufajardini ? upgrade section ? |
It's meant to be |
(Sorry for the belated answer, I obviously missed this.) I think that:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks Giuseppe. Still need some nit and a bit of doc
Since 8 development is now started, we can get this in when you're ready. |
Replaced by #9880 |
Make sure these boxes are signed before submitting your Pull Request -- thank you.
Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/3351
Describe changes:
Provide values to any of the below to override the defaults.
To use a pull request use a branch name like
pr/N
whereN
is thepull request number.
Alternatively,
SV_BRANCH
may also be a link to anOISF/suricata-verify pull-request.