#include "app-layer-events.h"
#include "util-file.h"
#include "rust.h"
#include "util-config.h"

Include dependency graph for app-layer-parser.h:

Data Structures
struct	AppLayerGetTxIterState

Macros
#define	APP_LAYER_PARSER_NO_INSPECTION BIT_U16(1)

#define	APP_LAYER_PARSER_NO_REASSEMBLY BIT_U16(2)

#define	APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD BIT_U16(3)

#define	APP_LAYER_PARSER_BYPASS_READY BIT_U16(4)

#define	APP_LAYER_PARSER_EOF_TS BIT_U16(5)

#define	APP_LAYER_PARSER_EOF_TC BIT_U16(6)

#define	APP_LAYER_PARSER_SFRAME_TS BIT_U16(9)

#define	APP_LAYER_PARSER_SFRAME_TC BIT_U16(10)

#define	APP_LAYER_PARSER_OPT_ACCEPT_GAPS BIT_U32(0)

#define	APP_LAYER_PARSER_INT_STREAM_DEPTH_SET BIT_U32(0)

#define	APP_LAYER_TX_SKIP_INSPECT_TS BIT_U8(0)

#define	APP_LAYER_TX_SKIP_INSPECT_TC BIT_U8(1)

#define	APP_LAYER_TX_INSPECTED_TS BIT_U8(2)

#define	APP_LAYER_TX_INSPECTED_TC BIT_U8(3)

#define	APP_LAYER_OK (AppLayerResult) { 0, 0, 0 }

#define	APP_LAYER_ERROR (AppLayerResult) { -1, 0, 0 }

#define	APP_LAYER_INCOMPLETE(c, n) (AppLayerResult) { 1, (c), (n) }

Typedefs
typedef struct AppLayerParserThreadCtx_	AppLayerParserThreadCtx

typedef AppLayerResult(*	AppLayerParserFPtr) (Flow f, void protocol_state, AppLayerParserState pstate, StreamSlice stream_slice, void local_storage)
	Prototype for parsing functions. More...

typedef struct AppLayerGetTxIterState	AppLayerGetTxIterState

typedef AppLayerGetTxIterTuple(*	AppLayerGetTxIteratorFunc) (const uint8_t ipproto, const AppProto alproto, void alstate, uint64_t min_tx_id, uint64_t max_tx_id, AppLayerGetTxIterState state)
	tx iterator prototype More...

typedef int(*	AppLayerParserGetFrameIdByNameFn) (const char *frame_name)

typedef const char (	AppLayerParserGetFrameNameByIdFn) (const uint8_t id)

Functions
int	AppLayerParserProtoIsRegistered (uint8_t ipproto, AppProto alproto)

int	AppLayerParserSetup (void)

void	AppLayerParserPostStreamSetup (void)

int	AppLayerParserDeSetup (void)

AppLayerParserThreadCtx *	AppLayerParserThreadCtxAlloc (void)
	Gets a new app layer protocol's parser thread context. More...

void	AppLayerParserThreadCtxFree (AppLayerParserThreadCtx *tctx)
	Destroys the app layer parser thread context obtained using AppLayerParserThreadCtxAlloc(). More...

int	AppLayerParserConfParserEnabled (const char ipproto, const char alproto_name)
	Given a protocol name, checks if the parser is enabled in the conf file. More...

enum ExceptionPolicy	AppLayerErrorGetExceptionPolicy (void)

int	AppLayerParserPreRegister (void(*Register)(void))

int	AppLayerParserRegisterParser (uint8_t ipproto, AppProto alproto, uint8_t direction, AppLayerParserFPtr Parser)
	Register app layer parser for the protocol. More...

void	AppLayerParserRegisterParserAcceptableDataDirection (uint8_t ipproto, AppProto alproto, uint8_t direction)

void	AppLayerParserRegisterOptionFlags (uint8_t ipproto, AppProto alproto, uint32_t flags)

void	AppLayerParserRegisterStateFuncs (uint8_t ipproto, AppProto alproto, void (StateAlloc)(void , AppProto), void(StateFree)(void *))

void	AppLayerParserRegisterLocalStorageFunc (uint8_t ipproto, AppProto proto, void (LocalStorageAlloc)(void), void(LocalStorageFree)(void ))

void	AppLayerParserRegisterGetTxFilesFunc (uint8_t ipproto, AppProto alproto, AppLayerGetFileState(GetTxFiles)(void , uint8_t))

void	AppLayerParserRegisterLogger (uint8_t ipproto, AppProto alproto)

void	AppLayerParserRegisterLoggerBits (uint8_t ipproto, AppProto alproto, LoggerId bits)

void	AppLayerParserRegisterGetStateProgressFunc (uint8_t ipproto, AppProto alproto, int(StateGetStateProgress)(void alstate, uint8_t direction))

void	AppLayerParserRegisterTxFreeFunc (uint8_t ipproto, AppProto alproto, void(StateTransactionFree)(void , uint64_t))

void	AppLayerParserRegisterGetTxCnt (uint8_t ipproto, AppProto alproto, uint64_t(StateGetTxCnt)(void alstate))

void	AppLayerParserRegisterGetTx (uint8_t ipproto, AppProto alproto, void (StateGetTx)(void alstate, uint64_t tx_id))

void	AppLayerParserRegisterGetTxIterator (uint8_t ipproto, AppProto alproto, AppLayerGetTxIteratorFunc Func)

void	AppLayerParserRegisterStateProgressCompletionStatus (AppProto alproto, const int ts, const int tc)

void	AppLayerParserRegisterGetEventInfo (uint8_t ipproto, AppProto alproto, int(StateGetEventInfo)(const char event_name, uint8_t event_id, AppLayerEventType event_type))

void	AppLayerParserRegisterGetEventInfoById (uint8_t ipproto, AppProto alproto, int(StateGetEventInfoById)(uint8_t event_id, const char event_name, AppLayerEventType event_type))

void	AppLayerParserRegisterGetFrameFuncs (uint8_t ipproto, AppProto alproto, AppLayerParserGetFrameIdByNameFn GetFrameIdByName, AppLayerParserGetFrameNameByIdFn GetFrameNameById)

void	AppLayerParserRegisterSetStreamDepthFlag (uint8_t ipproto, AppProto alproto, void(SetStreamDepthFlag)(void tx, uint8_t flags))

void	AppLayerParserRegisterTxDataFunc (uint8_t ipproto, AppProto alproto, AppLayerTxData (GetTxData)(void *tx))

void	AppLayerParserRegisterApplyTxConfigFunc (uint8_t ipproto, AppProto alproto, bool(ApplyTxConfig)(void state, void *tx, int mode, AppLayerTxConfig))

void	AppLayerParserRegisterStateDataFunc (uint8_t ipproto, AppProto alproto, AppLayerStateData (GetStateData)(void *state))

AppLayerGetTxIteratorFunc	AppLayerGetTxIterator (const uint8_t ipproto, const AppProto alproto)

void *	AppLayerParserGetProtocolParserLocalStorage (uint8_t ipproto, AppProto alproto)

void	AppLayerParserDestroyProtocolParserLocalStorage (uint8_t ipproto, AppProto alproto, void *local_data)

uint64_t	AppLayerParserGetTransactionLogId (AppLayerParserState *pstate)

void	AppLayerParserSetTransactionLogId (AppLayerParserState *pstate, uint64_t tx_id)

uint64_t	AppLayerParserGetTransactionInspectId (AppLayerParserState *pstate, uint8_t direction)

void	AppLayerParserSetTransactionInspectId (const Flow f, AppLayerParserState pstate, void *alstate, const uint8_t flags, bool tag_txs_as_inspected)

AppLayerDecoderEvents *	AppLayerParserGetDecoderEvents (AppLayerParserState *pstate)

AppLayerDecoderEvents *	AppLayerParserGetEventsByTx (uint8_t ipproto, AppProto alproto, void *tx)

AppLayerGetFileState	AppLayerParserGetTxFiles (const Flow f, void tx, const uint8_t direction)

int	AppLayerParserGetStateProgress (uint8_t ipproto, AppProto alproto, void *alstate, uint8_t direction)
	get the progress value for a tx/protocol More...

uint64_t	AppLayerParserGetTxCnt (const Flow , void alstate)

void *	AppLayerParserGetTx (uint8_t ipproto, AppProto alproto, void *alstate, uint64_t tx_id)

int	AppLayerParserGetStateProgressCompletionStatus (AppProto alproto, uint8_t direction)

int	AppLayerParserGetEventInfo (uint8_t ipproto, AppProto alproto, const char event_name, uint8_t event_id, AppLayerEventType *event_type)

int	AppLayerParserGetEventInfoById (uint8_t ipproto, AppProto alproto, uint8_t event_id, const char *event_name, AppLayerEventType event_type)

uint64_t	AppLayerParserGetTransactionActive (const Flow f, AppLayerParserState pstate, uint8_t direction)

uint8_t	AppLayerParserGetFirstDataDir (uint8_t ipproto, AppProto alproto)

bool	AppLayerParserSupportsFiles (uint8_t ipproto, AppProto alproto)

AppLayerTxData *	AppLayerParserGetTxData (uint8_t ipproto, AppProto alproto, void *tx)

uint8_t	AppLayerParserGetTxDetectProgress (AppLayerTxData *txd, const uint8_t dir)

AppLayerStateData *	AppLayerParserGetStateData (uint8_t ipproto, AppProto alproto, void *state)

void	AppLayerParserApplyTxConfig (uint8_t ipproto, AppProto alproto, void state, void tx, enum ConfigAction mode, AppLayerTxConfig)

int	AppLayerParserParse (ThreadVars tv, AppLayerParserThreadCtx tctx, Flow f, AppProto alproto, uint8_t flags, const uint8_t input, uint32_t input_len)

void	AppLayerParserSetEOF (AppLayerParserState *pstate)

bool	AppLayerParserHasDecoderEvents (AppLayerParserState *pstate)

int	AppLayerParserProtocolHasLogger (uint8_t ipproto, AppProto alproto)

LoggerId	AppLayerParserProtocolGetLoggerBits (uint8_t ipproto, AppProto alproto)

void	AppLayerParserTriggerRawStreamReassembly (Flow *f, int direction)

void	AppLayerParserSetStreamDepth (uint8_t ipproto, AppProto alproto, uint32_t stream_depth)

uint32_t	AppLayerParserGetStreamDepth (const Flow *f)

void	AppLayerParserSetStreamDepthFlag (uint8_t ipproto, AppProto alproto, void *state, uint64_t tx_id, uint8_t flags)

int	AppLayerParserIsEnabled (AppProto alproto)
	simple way to globally test if a alproto is registered and fully enabled in the configuration. More...

int	AppLayerParserGetFrameIdByName (uint8_t ipproto, AppProto alproto, const char *name)

const char *	AppLayerParserGetFrameNameById (uint8_t ipproto, AppProto alproto, const uint8_t id)

void	AppLayerParserStateProtoCleanup (uint8_t protomap, AppProto alproto, void alstate, AppLayerParserState pstate)

void	AppLayerParserStateCleanup (const Flow f, void alstate, AppLayerParserState *pstate)

void	AppLayerParserRegisterProtocolParsers (void)

void	AppLayerParserStateSetFlag (AppLayerParserState *pstate, uint16_t flag)

uint16_t	AppLayerParserStateIssetFlag (AppLayerParserState *pstate, uint16_t flag)

AppLayerParserState *	AppLayerParserStateAlloc (void)

void	AppLayerParserStateFree (AppLayerParserState *pstate)

void	AppLayerParserTransactionsCleanup (Flow *f, const uint8_t pkt_dir)
	remove obsolete (inspected and logged) transactions More...

void	AppLayerParserRegisterProtocolUnittests (uint8_t ipproto, AppProto alproto, void(*RegisterUnittests)(void))

void	AppLayerParserRegisterUnittests (void)

void	UTHAppLayerParserStateGetIds (void ptr, uint64_t i1, uint64_t i2, uint64_t log, uint64_t *min)

void	AppLayerFramesFreeContainer (Flow *f)

void	FileApplyTxFlags (const AppLayerTxData txd, const uint8_t direction, File file)

Detailed Description

Author: Victor Julien victo.nosp@m.r@in.nosp@m.linia.nosp@m.c.ne.nosp@m.t; Anoop Saldanha anoop.nosp@m.sald.nosp@m.anha@.nosp@m.gmai.nosp@m.l.com

Definition in file app-layer-parser.h.

Macro Definition Documentation

◆ APP_LAYER_ERROR

#define APP_LAYER_ERROR (AppLayerResult) { -1, 0, 0 }

parser has hit an unrecoverable error. Returning this to the API leads to no further calls to the parser.

Definition at line 66 of file app-layer-parser.h.

◆ APP_LAYER_INCOMPLETE

#define APP_LAYER_INCOMPLETE	(	c,
		n
	)	(AppLayerResult) { 1, (c), (n) }

parser needs more data. Through 'c' it will indicate how many of the input bytes it has consumed. Through 'n' it will indicate how many more bytes it needs before getting called again.

Note: consumed (c) should never be more than the input len needed (n) + consumed (c) should be more than the input len

Definition at line 74 of file app-layer-parser.h.

◆ APP_LAYER_OK

#define APP_LAYER_OK (AppLayerResult) { 0, 0, 0 }

parser has successfully processed in the input, and has consumed all of it.

Definition at line 62 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_BYPASS_READY

#define APP_LAYER_PARSER_BYPASS_READY BIT_U16(4)

Definition at line 39 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_EOF_TC

#define APP_LAYER_PARSER_EOF_TC BIT_U16(6)

Definition at line 41 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_EOF_TS

#define APP_LAYER_PARSER_EOF_TS BIT_U16(5)

Definition at line 40 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_INT_STREAM_DEPTH_SET

#define APP_LAYER_PARSER_INT_STREAM_DEPTH_SET BIT_U32(0)

Definition at line 49 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_NO_INSPECTION

#define APP_LAYER_PARSER_NO_INSPECTION BIT_U16(1)

Definition at line 36 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD

#define APP_LAYER_PARSER_NO_INSPECTION_PAYLOAD BIT_U16(3)

Definition at line 38 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_NO_REASSEMBLY

#define APP_LAYER_PARSER_NO_REASSEMBLY BIT_U16(2)

Definition at line 37 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_OPT_ACCEPT_GAPS

#define APP_LAYER_PARSER_OPT_ACCEPT_GAPS BIT_U32(0)

Definition at line 47 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_SFRAME_TC

#define APP_LAYER_PARSER_SFRAME_TC BIT_U16(10)

Definition at line 44 of file app-layer-parser.h.

◆ APP_LAYER_PARSER_SFRAME_TS

#define APP_LAYER_PARSER_SFRAME_TS BIT_U16(9)

Definition at line 43 of file app-layer-parser.h.

◆ APP_LAYER_TX_INSPECTED_TC

#define APP_LAYER_TX_INSPECTED_TC BIT_U8(3)

Definition at line 58 of file app-layer-parser.h.

◆ APP_LAYER_TX_INSPECTED_TS

#define APP_LAYER_TX_INSPECTED_TS BIT_U8(2)

is tx fully inspected?

Definition at line 57 of file app-layer-parser.h.

◆ APP_LAYER_TX_SKIP_INSPECT_TC

#define APP_LAYER_TX_SKIP_INSPECT_TC BIT_U8(1)

Definition at line 55 of file app-layer-parser.h.

◆ APP_LAYER_TX_SKIP_INSPECT_TS

#define APP_LAYER_TX_SKIP_INSPECT_TS BIT_U8(0)

should inspection be skipped in that direction

Definition at line 54 of file app-layer-parser.h.

Typedef Documentation

◆ AppLayerGetTxIteratorFunc

typedef AppLayerGetTxIterTuple(* AppLayerGetTxIteratorFunc) (const uint8_t ipproto, const AppProto alproto, void *alstate, uint64_t min_tx_id, uint64_t max_tx_id, AppLayerGetTxIterState *state)

tx iterator prototype

Definition at line 127 of file app-layer-parser.h.

◆ AppLayerGetTxIterState

typedef struct AppLayerGetTxIterState AppLayerGetTxIterState

◆ AppLayerParserFPtr

typedef AppLayerResult(* AppLayerParserFPtr) (Flow *f, void *protocol_state, AppLayerParserState *pstate, StreamSlice stream_slice, void *local_storage)

Prototype for parsing functions.

Definition at line 116 of file app-layer-parser.h.

◆ AppLayerParserGetFrameIdByNameFn

typedef int(* AppLayerParserGetFrameIdByNameFn) (const char *frame_name)

Definition at line 134 of file app-layer-parser.h.

◆ AppLayerParserGetFrameNameByIdFn

typedef const char*(* AppLayerParserGetFrameNameByIdFn) (const uint8_t id)

Definition at line 135 of file app-layer-parser.h.

◆ AppLayerParserThreadCtx

typedef struct AppLayerParserThreadCtx_ AppLayerParserThreadCtx

Definition at line 81 of file app-layer-parser.h.

Function Documentation

◆ AppLayerErrorGetExceptionPolicy()

enum ExceptionPolicy AppLayerErrorGetExceptionPolicy ( void )

Definition at line 151 of file app-layer-parser.c.

◆ AppLayerFramesFreeContainer()

void AppLayerFramesFreeContainer ( Flow * f )

Definition at line 170 of file app-layer-parser.c.

References Flow_::alparser, and AppLayerParserState_::frames.

◆ AppLayerGetTxIterator()

AppLayerGetTxIteratorFunc AppLayerGetTxIterator	(	const uint8_t	ipproto,
		const AppProto	alproto
	)

Definition at line 677 of file app-layer-parser.c.

Referenced by AppLayerParserSetTransactionInspectId().

Here is the caller graph for this function:

◆ AppLayerParserApplyTxConfig()

void AppLayerParserApplyTxConfig	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	state,
		void *	tx,
		enum ConfigAction	mode,
		AppLayerTxConfig
	)

Definition at line 1181 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserConfParserEnabled()

int AppLayerParserConfParserEnabled	(	const char *	ipproto,
		const char *	alproto_name
	)

Given a protocol name, checks if the parser is enabled in the conf file.

Parameters

alproto_name Name of the app layer protocol.

Return values

1	If enabled.
0	If disabled.

Given a protocol name, checks if the parser is enabled in the conf file.

Definition at line 338 of file app-layer-parser.c.

References ConfGetNode(), ConfValIsFalse(), ConfValIsTrue(), FatalError, RunmodeIsUnittests(), SCEnter, SCLogDebug, SCLogError, SCReturnInt, and ConfNode_::val.

Referenced by HTPFreeConfig().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ AppLayerParserDeSetup()

int AppLayerParserDeSetup ( void )

Definition at line 278 of file app-layer-parser.c.

References SCEnter, and SCFree.

Referenced by AppLayerDeSetup().

Here is the caller graph for this function:

◆ AppLayerParserDestroyProtocolParserLocalStorage()

void AppLayerParserDestroyProtocolParserLocalStorage	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	local_data
	)

Definition at line 630 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserThreadCtxFree().

Here is the caller graph for this function:

◆ AppLayerParserGetDecoderEvents()

AppLayerDecoderEvents* AppLayerParserGetDecoderEvents ( AppLayerParserState * pstate )

Definition at line 825 of file app-layer-parser.c.

References AppLayerParserState_::decoder_events, SCEnter, and SCReturnPtr.

Referenced by AppLayerParserHasDecoderEvents().

Here is the caller graph for this function:

◆ AppLayerParserGetEventInfo()

int AppLayerParserGetEventInfo	(	uint8_t	ipproto,
		AppProto	alproto,
		const char *	event_name,
		uint8_t *	event_id,
		AppLayerEventType *	event_type
	)

Definition at line 1104 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserGetEventInfoById()

int AppLayerParserGetEventInfoById	(	uint8_t	ipproto,
		AppProto	alproto,
		uint8_t	event_id,
		const char **	event_name,
		AppLayerEventType *	event_type
	)

Definition at line 1116 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserGetEventsByTx()

AppLayerDecoderEvents* AppLayerParserGetEventsByTx	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	tx
	)

Definition at line 833 of file app-layer-parser.c.

References AppLayerParserGetTxData(), AppLayerDecoderEvents_::events, SCEnter, and SCReturnPtr.

Here is the call graph for this function:

◆ AppLayerParserGetFirstDataDir()

uint8_t AppLayerParserGetFirstDataDir	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 1129 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserGetFrameIdByName()

int AppLayerParserGetFrameIdByName	(	uint8_t	ipproto,
		AppProto	alproto,
		const char *	name
	)

Definition at line 1578 of file app-layer-parser.c.

◆ AppLayerParserGetFrameNameById()

const char* AppLayerParserGetFrameNameById	(	uint8_t	ipproto,
		AppProto	alproto,
		const uint8_t	id
	)

Definition at line 1587 of file app-layer-parser.c.

Referenced by DetectRunFrameInspectRule(), and FrameJsonLogOneFrame().

Here is the caller graph for this function:

◆ AppLayerParserGetProtocolParserLocalStorage()

void* AppLayerParserGetProtocolParserLocalStorage	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 618 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserThreadCtxAlloc().

Here is the caller graph for this function:

◆ AppLayerParserGetStateData()

AppLayerStateData* AppLayerParserGetStateData	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	state
	)

Definition at line 1170 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserGetStateProgress()

int AppLayerParserGetStateProgress	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	alstate,
		uint8_t	flags
	)

get the progress value for a tx/protocol

If the stream is disrupted, we return the 'completion' value.

Definition at line 1067 of file app-layer-parser.c.

References flags, IS_DISRUPTED, SCEnter, and unlikely.

Referenced by AppLayerParserSetTransactionInspectId(), DetectEngineInspectBufferGeneric(), DetectEngineInspectFiledata(), and DetectEngineInspectMultiBufferGeneric().

Here is the caller graph for this function:

◆ AppLayerParserGetStateProgressCompletionStatus()

int AppLayerParserGetStateProgressCompletionStatus	(	AppProto	alproto,
		uint8_t	direction
	)

Definition at line 1096 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserSetTransactionInspectId().

Here is the caller graph for this function:

◆ AppLayerParserGetStreamDepth()

uint32_t AppLayerParserGetStreamDepth ( const Flow * f )

Definition at line 1559 of file app-layer-parser.c.

References SCReturnInt.

◆ AppLayerParserGetTransactionActive()

uint64_t AppLayerParserGetTransactionActive	(	const Flow *	f,
		AppLayerParserState *	pstate,
		uint8_t	direction
	)

Definition at line 1136 of file app-layer-parser.c.

References AppLayerParserState_::inspect_id, AppLayerParserState_::log_id, and SCEnter.

Referenced by FlowNeedsReassembly().

Here is the caller graph for this function:

◆ AppLayerParserGetTransactionInspectId()

uint64_t AppLayerParserGetTransactionInspectId	(	AppLayerParserState *	pstate,
		uint8_t	direction
	)

Definition at line 702 of file app-layer-parser.c.

References DEBUG_VALIDATE_BUG_ON, AppLayerParserState_::inspect_id, SCEnter, and SCReturnCT.

Referenced by AppLayerParserSetTransactionInspectId().

Here is the caller graph for this function:

◆ AppLayerParserGetTransactionLogId()

uint64_t AppLayerParserGetTransactionLogId ( AppLayerParserState * pstate )

Definition at line 685 of file app-layer-parser.c.

References AppLayerParserState_::log_id, SCEnter, and SCReturnCT.

◆ AppLayerParserGetTx()

void* AppLayerParserGetTx	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	alstate,
		uint64_t	tx_id
	)

Definition at line 1089 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserSetStreamDepthFlag().

Here is the caller graph for this function:

◆ AppLayerParserGetTxCnt()

uint64_t AppLayerParserGetTxCnt	(	const Flow *	,
		void *	alstate
	)

Definition at line 1082 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserSetTransactionInspectId(), and FlowNeedsReassembly().

Here is the caller graph for this function:

◆ AppLayerParserGetTxData()

AppLayerTxData* AppLayerParserGetTxData	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	tx
	)

Definition at line 1163 of file app-layer-parser.c.

References SCEnter.

Referenced by AppLayerParserGetEventsByTx(), AppLayerParserSetTransactionInspectId(), and DetectRunStoreStateTx().

Here is the caller graph for this function:

◆ AppLayerParserGetTxDetectProgress()

uint8_t AppLayerParserGetTxDetectProgress	(	AppLayerTxData *	txd,
		const uint8_t	dir
	)

inline

Definition at line 713 of file app-layer-parser.c.

◆ AppLayerParserGetTxFiles()

AppLayerGetFileState AppLayerParserGetTxFiles	(	const Flow *	f,
		void *	tx,
		const uint8_t	direction
	)

Definition at line 849 of file app-layer-parser.c.

References SCEnter.

Referenced by DetectEngineInspectFiledata(), and DetectFileInspectGeneric().

Here is the caller graph for this function:

◆ AppLayerParserHasDecoderEvents()

bool AppLayerParserHasDecoderEvents ( AppLayerParserState * pstate )

Definition at line 1493 of file app-layer-parser.c.

References AppLayerParserGetDecoderEvents(), AppLayerDecoderEvents_::cnt, AppLayerParserState_::decoder_events, and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserIsEnabled()

int AppLayerParserIsEnabled ( AppProto alproto )

simple way to globally test if a alproto is registered and fully enabled in the configuration.

Definition at line 1511 of file app-layer-parser.c.

References FLOW_PROTO_APPLAYER_MAX.

◆ AppLayerParserParse()

int AppLayerParserParse	(	ThreadVars *	tv,
		AppLayerParserThreadCtx *	alp_tctx,
		Flow *	f,
		AppProto	alproto,
		uint8_t	flags,
		const uint8_t *	input,
		uint32_t	input_len
	)

Return values

int	-1 in case of unrecoverable error. App-layer tracking stops for this flow.
int	0 ok: we did not update app_progress
int	1 ok: we updated app_progress

Definition at line 1271 of file app-layer-parser.c.

References Flow_::alparser, BUG_ON, FlowGetProtoMapping(), Flow_::proto, Flow_::protomap, and SCEnter.

Referenced by LLVMFuzzerTestOneInput().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ AppLayerParserPostStreamSetup()

void AppLayerParserPostStreamSetup ( void )

Definition at line 265 of file app-layer-parser.c.

References FLOW_PROTO_DEFAULT, and g_alproto_max.

Referenced by PreRunInit().

Here is the caller graph for this function:

◆ AppLayerParserPreRegister()

int AppLayerParserPreRegister ( void(*)(void) Register )

Definition at line 1705 of file app-layer-parser.c.

◆ AppLayerParserProtocolGetLoggerBits()

LoggerId AppLayerParserProtocolGetLoggerBits	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 1529 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserProtocolHasLogger()

int AppLayerParserProtocolHasLogger	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 1521 of file app-layer-parser.c.

References FlowGetProtoMapping(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserProtoIsRegistered()

int AppLayerParserProtoIsRegistered	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 222 of file app-layer-parser.c.

References FlowGetProtoMapping().

Here is the call graph for this function:

◆ AppLayerParserRegisterApplyTxConfigFunc()

void AppLayerParserRegisterApplyTxConfigFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		bool()(void state, void *tx, int mode, AppLayerTxConfig)	ApplyTxConfig
	)

Definition at line 596 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetEventInfo()

void AppLayerParserRegisterGetEventInfo	(	uint8_t	ipproto,
		AppProto	alproto,
		int()(const char event_name, uint8_t event_id, AppLayerEventType event_type)	StateGetEventInfo
	)

Definition at line 565 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetEventInfoById()

void AppLayerParserRegisterGetEventInfoById	(	uint8_t	ipproto,
		AppProto	alproto,
		int()(uint8_t event_id, const char event_name, AppLayerEventType event_type)	StateGetEventInfoById
	)

Definition at line 543 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetFrameFuncs()

void AppLayerParserRegisterGetFrameFuncs	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerParserGetFrameIdByNameFn	GetFrameIdByName,
		AppLayerParserGetFrameNameByIdFn	GetFrameNameById
	)

Definition at line 555 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetStateProgressFunc()

void AppLayerParserRegisterGetStateProgressFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		int()(void alstate, uint8_t direction)	StateGetStateProgress
	)

Definition at line 480 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTx()

void AppLayerParserRegisterGetTx	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	StateGetTx)(void *alstate, uint64_t tx_id
	)

Definition at line 510 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTxCnt()

void AppLayerParserRegisterGetTxCnt	(	uint8_t	ipproto,
		AppProto	alproto,
		uint64_t()(void alstate)	StateGetTxCnt
	)

Definition at line 500 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTxFilesFunc()

void AppLayerParserRegisterGetTxFilesFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerGetFileState()(void , uint8_t)	GetTxFiles
	)

Definition at line 452 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterGetTxIterator()

void AppLayerParserRegisterGetTxIterator	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerGetTxIteratorFunc	Func
	)

Definition at line 520 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterLocalStorageFunc()

void AppLayerParserRegisterLocalStorageFunc	(	uint8_t	ipproto,
		AppProto	proto,
		void ()(void)	LocalStorageAlloc,
		void()(void )	LocalStorageFree
	)

Definition at line 440 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterLogger()

void AppLayerParserRegisterLogger	(	uint8_t	ipproto,
		AppProto	alproto
	)

Definition at line 471 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterLoggerBits()

void AppLayerParserRegisterLoggerBits	(	uint8_t	ipproto,
		AppProto	alproto,
		LoggerId	bits
	)

Definition at line 462 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterOptionFlags()

void AppLayerParserRegisterOptionFlags	(	uint8_t	ipproto,
		AppProto	alproto,
		uint32_t	flags
	)

Definition at line 419 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterParser()

int AppLayerParserRegisterParser	(	uint8_t	ipproto,
		AppProto	alproto,
		uint8_t	direction,
		AppLayerParserFPtr	Parser
	)

Register app layer parser for the protocol.

Return values

0	On success.
-1	On failure.

Definition at line 396 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterParserAcceptableDataDirection()

void AppLayerParserRegisterParserAcceptableDataDirection	(	uint8_t	ipproto,
		AppProto	alproto,
		uint8_t	direction
	)

Definition at line 408 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterProtocolParsers()

void AppLayerParserRegisterProtocolParsers ( void )

POP3

Definition at line 1721 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterProtocolUnittests()

void AppLayerParserRegisterProtocolUnittests	(	uint8_t	ipproto,
		AppProto	alproto,
		void(*)(void)	RegisterUnittests
	)

Definition at line 1801 of file app-layer-parser.c.

Referenced by RegisterIKEParsers(), and RegisterModbusParsers().

Here is the caller graph for this function:

◆ AppLayerParserRegisterSetStreamDepthFlag()

void AppLayerParserRegisterSetStreamDepthFlag	(	uint8_t	ipproto,
		AppProto	alproto,
		void()(void tx, uint8_t flags)	SetStreamDepthFlag
	)

Definition at line 606 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterStateDataFunc()

void AppLayerParserRegisterStateDataFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerStateData ()(void *state)	GetStateData
	)

Definition at line 586 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterStateFuncs()

void AppLayerParserRegisterStateFuncs	(	uint8_t	ipproto,
		AppProto	alproto,
		void ()(void *, AppProto)	StateAlloc,
		void()(void )	StateFree
	)

Definition at line 429 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterStateProgressCompletionStatus()

void AppLayerParserRegisterStateProgressCompletionStatus	(	AppProto	alproto,
		const int	ts,
		const int	tc
	)

Definition at line 528 of file app-layer-parser.c.

References BUG_ON, and ts.

◆ AppLayerParserRegisterTxDataFunc()

void AppLayerParserRegisterTxDataFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		AppLayerTxData ()(void *tx)	GetTxData
	)

Definition at line 576 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterTxFreeFunc()

void AppLayerParserRegisterTxFreeFunc	(	uint8_t	ipproto,
		AppProto	alproto,
		void()(void , uint64_t)	StateTransactionFree
	)

Definition at line 490 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserRegisterUnittests()

void AppLayerParserRegisterUnittests ( void )

Definition at line 1809 of file app-layer-parser.c.

References ctx, FLOW_PROTO_DEFAULT, g_alproto_max, and SCEnter.

◆ AppLayerParserSetEOF()

void AppLayerParserSetEOF ( AppLayerParserState * pstate )

Definition at line 1477 of file app-layer-parser.c.

References APP_LAYER_PARSER_EOF_TC, APP_LAYER_PARSER_EOF_TS, AppLayerParserStateSetFlag(), SCEnter, SCLogDebug, and SCReturn.

Here is the call graph for this function:

◆ AppLayerParserSetStreamDepth()

void AppLayerParserSetStreamDepth	(	uint8_t	ipproto,
		AppProto	alproto,
		uint32_t	stream_depth
	)

Definition at line 1548 of file app-layer-parser.c.

References SCEnter.

◆ AppLayerParserSetStreamDepthFlag()

void AppLayerParserSetStreamDepthFlag	(	uint8_t	ipproto,
		AppProto	alproto,
		void *	state,
		uint64_t	tx_id,
		uint8_t	flags
	)

Definition at line 1564 of file app-layer-parser.c.

References AppLayerParserGetTx(), and SCEnter.

Here is the call graph for this function:

◆ AppLayerParserSetTransactionInspectId()

void AppLayerParserSetTransactionInspectId	(	const Flow *	f,
		AppLayerParserState *	pstate,
		void *	alstate,
		const uint8_t	flags,
		bool	tag_txs_as_inspected
	)