suricata
Data Structures | Typedefs | Enumerations | Functions | Variables
app-layer-smtp.h File Reference
#include "decode-events.h"
#include "util-decode-mime.h"
#include "queue.h"
#include "util-streaming-buffer.h"
#include "rust.h"
Include dependency graph for app-layer-smtp.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  SMTPString_
 
struct  SMTPTransaction_
 
struct  SMTPConfig
 
struct  SMTPState_
 

Typedefs

typedef struct SMTPString_ SMTPString
 
typedef struct SMTPTransaction_ SMTPTransaction
 
typedef struct SMTPConfig SMTPConfig
 
typedef struct SMTPState_ SMTPState
 

Enumerations

enum  {
  SMTP_DECODER_EVENT_INVALID_REPLY, SMTP_DECODER_EVENT_UNABLE_TO_MATCH_REPLY_WITH_REQUEST, SMTP_DECODER_EVENT_MAX_COMMAND_LINE_LEN_EXCEEDED, SMTP_DECODER_EVENT_MAX_REPLY_LINE_LEN_EXCEEDED,
  SMTP_DECODER_EVENT_INVALID_PIPELINED_SEQUENCE, SMTP_DECODER_EVENT_BDAT_CHUNK_LEN_EXCEEDED, SMTP_DECODER_EVENT_NO_SERVER_WELCOME_MESSAGE, SMTP_DECODER_EVENT_TLS_REJECTED,
  SMTP_DECODER_EVENT_DATA_COMMAND_REJECTED, SMTP_DECODER_EVENT_MIME_PARSE_FAILED, SMTP_DECODER_EVENT_MIME_MALFORMED_MSG, SMTP_DECODER_EVENT_MIME_INVALID_BASE64,
  SMTP_DECODER_EVENT_MIME_INVALID_QP, SMTP_DECODER_EVENT_MIME_LONG_LINE, SMTP_DECODER_EVENT_MIME_LONG_ENC_LINE, SMTP_DECODER_EVENT_MIME_LONG_HEADER_NAME,
  SMTP_DECODER_EVENT_MIME_LONG_HEADER_VALUE, SMTP_DECODER_EVENT_MIME_BOUNDARY_TOO_LONG, SMTP_DECODER_EVENT_MIME_LONG_FILENAME, SMTP_DECODER_EVENT_DUPLICATE_FIELDS,
  SMTP_DECODER_EVENT_UNPARSABLE_CONTENT
}
 

Functions

int SMTPProcessDataChunk (const uint8_t *chunk, uint32_t len, MimeDecParseState *state)
 
void * SMTPStateAlloc (void *orig_state, AppProto proto_orig)
 
void RegisterSMTPParsers (void)
 Register the SMTP Protocol parser. More...
 
void SMTPParserCleanup (void)
 Free memory allocated for global SMTP parser state. More...
 
void SMTPParserRegisterTests (void)
 

Variables

SMTPConfig smtp_config
 

Detailed Description

Author
Anoop Saldanha anoop.nosp@m.sald.nosp@m.anha@.nosp@m.gmai.nosp@m.l.com

Definition in file app-layer-smtp.h.

Typedef Documentation

◆ SMTPConfig

typedef struct SMTPConfig SMTPConfig

◆ SMTPState

typedef struct SMTPState_ SMTPState

◆ SMTPString

typedef struct SMTPString_ SMTPString

◆ SMTPTransaction

typedef struct SMTPTransaction_ SMTPTransaction

Enumeration Type Documentation

◆ anonymous enum

anonymous enum
Enumerator
SMTP_DECODER_EVENT_INVALID_REPLY 
SMTP_DECODER_EVENT_UNABLE_TO_MATCH_REPLY_WITH_REQUEST 
SMTP_DECODER_EVENT_MAX_COMMAND_LINE_LEN_EXCEEDED 
SMTP_DECODER_EVENT_MAX_REPLY_LINE_LEN_EXCEEDED 
SMTP_DECODER_EVENT_INVALID_PIPELINED_SEQUENCE 
SMTP_DECODER_EVENT_BDAT_CHUNK_LEN_EXCEEDED 
SMTP_DECODER_EVENT_NO_SERVER_WELCOME_MESSAGE 
SMTP_DECODER_EVENT_TLS_REJECTED 
SMTP_DECODER_EVENT_DATA_COMMAND_REJECTED 
SMTP_DECODER_EVENT_MIME_PARSE_FAILED 
SMTP_DECODER_EVENT_MIME_MALFORMED_MSG 
SMTP_DECODER_EVENT_MIME_INVALID_BASE64 
SMTP_DECODER_EVENT_MIME_INVALID_QP 
SMTP_DECODER_EVENT_MIME_LONG_LINE 
SMTP_DECODER_EVENT_MIME_LONG_ENC_LINE 
SMTP_DECODER_EVENT_MIME_LONG_HEADER_NAME 
SMTP_DECODER_EVENT_MIME_LONG_HEADER_VALUE 
SMTP_DECODER_EVENT_MIME_BOUNDARY_TOO_LONG 
SMTP_DECODER_EVENT_MIME_LONG_FILENAME 
SMTP_DECODER_EVENT_DUPLICATE_FIELDS 
SMTP_DECODER_EVENT_UNPARSABLE_CONTENT 

Definition at line 33 of file app-layer-smtp.h.

Function Documentation

◆ RegisterSMTPParsers()

void RegisterSMTPParsers ( void  )

Register the SMTP Protocol parser.

Definition at line 1786 of file app-layer-smtp.c.

References ALPROTO_SMTP, AppLayerProtoDetectConfProtoDetectionEnabled(), and AppLayerProtoDetectRegisterProtocol().

Referenced by AppLayerParserRegisterProtocolParsers().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ SMTPParserCleanup()

void SMTPParserCleanup ( void  )

Free memory allocated for global SMTP parser state.

Definition at line 1843 of file app-layer-smtp.c.

Referenced by AppLayerParserDeSetup().

Here is the caller graph for this function:

◆ SMTPParserRegisterTests()

void SMTPParserRegisterTests ( void  )

Definition at line 5311 of file app-layer-smtp.c.

References UtRegisterTest().

Here is the call graph for this function:

◆ SMTPProcessDataChunk()

int SMTPProcessDataChunk ( const uint8_t *  chunk,
uint32_t  len,
MimeDecParseState state 
)

Definition at line 408 of file app-layer-smtp.c.

References Flow_::alstate, MimeDecParseState::body_begin, SMTPConfig::content_inspect_min_size, MimeDecEntity::ctnt_flags, CTNT_IS_ATTACHMENT, MimeDecStackNode::data, MimeDecParseState::data, FILE_STORE, FILE_USE_DETECT, FileContainerAlloc(), FileFlowToFlags(), MimeDecEntity::filename, MimeDecEntity::filename_len, FileOpenFileWithId(), flags, len, MIME_DEC_ERR_DATA, MIME_DEC_ERR_MEM, MIME_DEC_OK, Flow_::protoctx, SMTPConfig::sbcfg, SC_ERR_MEM_ALLOC, SCEnter, SCLogDebug, SCLogDebugEnabled(), SCLogError, SCReturnInt, smtp_config, MimeDecParseState::stack, STREAM_TOSERVER, StreamTcpReassemblySetMinInspectDepth(), and MimeDecStack::top.

Here is the call graph for this function:

◆ SMTPStateAlloc()

void* SMTPStateAlloc ( void *  orig_state,
AppProto  proto_orig 
)

Definition at line 1443 of file app-layer-smtp.c.

References SMTPState_::cmds, SMTPState_::cmds_buffer_len, SCFree, SCMalloc, SMTP_COMMAND_BUFFER_STEPS, TAILQ_INIT, and unlikely.

Variable Documentation

◆ smtp_config

SMTPConfig smtp_config

Definition at line 240 of file app-layer-smtp.c.

Referenced by SMTPProcessDataChunk().