ldap: implement abandon request

Ticket: #7477
OISF · Jan 14, 2025 · edfe0cc · edfe0cc
1 parent 770a759
commit edfe0cc
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 24 deletions.
diff --git a/rust/src/ldap/ldap.rs b/rust/src/ldap/ldap.rs
@@ -193,11 +193,7 @@ impl LdapState {
 
         if self.request_gap {
             match ldap_parse_msg(input) {
-                Ok((_, msg)) => {
-                    let ldap_msg = LdapMessage::from(msg);
-                    if ldap_msg.is_unknown() {
-                        return AppLayerResult::err();
-                    }
+                Ok((_, _msg)) => {
                     AppLayerResult::ok();
                 }
                 Err(_e) => {
@@ -264,11 +260,7 @@ impl LdapState {
 
         if self.response_gap {
             match ldap_parse_msg(input) {
-                Ok((_, msg)) => {
-                    let ldap_msg = LdapMessage::from(msg);
-                    if ldap_msg.is_unknown() {
-                        return AppLayerResult::err();
-                    }
+                Ok((_, _msg)) => {
                     AppLayerResult::ok();
                 }
                 Err(_e) => {
@@ -518,9 +510,6 @@ fn probe(input: &[u8], direction: Direction, rdir: *mut u8) -> AppProto {
     match ldap_parse_msg(input) {
         Ok((_, msg)) => {
             let ldap_msg = LdapMessage::from(msg);
-            if ldap_msg.is_unknown() {
-                return ALPROTO_FAILED;
-            }
             if direction == Direction::ToServer && !ldap_msg.is_request() {
                 unsafe {
                     *rdir = Direction::ToClient.into();

diff --git a/rust/src/ldap/types.rs b/rust/src/ldap/types.rs
@@ -256,6 +256,11 @@ pub struct CompareRequest {
     pub ava: AttributeValueAssertion,
 }
 
+#[derive(Clone, Debug, Eq, PartialEq)]
+pub struct AbandonRequest {
+    pub message_id: u32,
+}
+
 #[derive(Clone, Debug, Eq, PartialEq)]
 pub struct ExtendedRequest {
     pub request_name: LdapOID,
@@ -297,7 +302,7 @@ pub enum ProtocolOp {
     ExtendedRequest(ExtendedRequest),
     ExtendedResponse(ExtendedResponse),
     IntermediateResponse(IntermediateResponse),
-    Unknown,
+    AbandonRequest(AbandonRequest),
 }
 
 impl Display for ProtocolOp {
@@ -320,10 +325,10 @@ impl Display for ProtocolOp {
             ProtocolOp::ModDnResponse(_) => write!(f, "mod_dn_response"),
             ProtocolOp::CompareRequest(_) => write!(f, "compare_request"),
             ProtocolOp::CompareResponse(_) => write!(f, "compare_response"),
+            ProtocolOp::AbandonRequest(_) => write!(f, "abandon_request"),
             ProtocolOp::ExtendedRequest(_) => write!(f, "extended_request"),
             ProtocolOp::ExtendedResponse(_) => write!(f, "extended_response"),
             ProtocolOp::IntermediateResponse(_) => write!(f, "intermediate_response"),
-            ProtocolOp::Unknown => write!(f, "unknown"),
         }
     }
 }
@@ -376,7 +381,7 @@ impl From<ldap_parser::ldap::LdapMessage<'_>> for LdapMessage {
             ldap_parser::ldap::ProtocolOp::IntermediateResponse(msg) => {
                 Self::from_intermediate_response(msg)
             }
-            ldap_parser::ldap::ProtocolOp::AbandonRequest(_) => ProtocolOp::Unknown,
+            ldap_parser::ldap::ProtocolOp::AbandonRequest(msg) => Self::from_abandon_request(msg),
         };
         let controls = ldap_msg.controls.map(|ctls| {
             ctls.iter()
@@ -397,13 +402,6 @@ impl From<ldap_parser::ldap::LdapMessage<'_>> for LdapMessage {
 }
 
 impl LdapMessage {
-    pub fn is_unknown(&self) -> bool {
-        match self.protocol_op {
-            ProtocolOp::Unknown => return true,
-            _ => return false,
-        }
-    }
-
     pub fn is_request(&self) -> bool {
         match self.protocol_op {
             ProtocolOp::BindRequest(_)
@@ -414,7 +412,7 @@ impl LdapMessage {
             | ProtocolOp::DelRequest(_)
             | ProtocolOp::ModDnRequest(_)
             | ProtocolOp::CompareRequest(_)
-            | ProtocolOp::Unknown // AbandonRequest
+            | ProtocolOp::AbandonRequest(_)
             | ProtocolOp::ExtendedRequest(_) => {
                 return true;
             }
@@ -589,6 +587,10 @@ impl LdapMessage {
         })
     }
 
+    fn from_abandon_request(msg: ldap_parser::ldap::MessageID) -> ProtocolOp {
+        ProtocolOp::AbandonRequest(AbandonRequest {message_id: msg.0})
+    }
+
     fn from_extended_request(msg: ldap_parser::ldap::ExtendedRequest) -> ProtocolOp {
         ProtocolOp::ExtendedRequest(ExtendedRequest {
             request_name: LdapOID(msg.request_name.0.to_string()),