Dynamic alprotos : make SNMP totally dynamic #12402
Conversation
CID 1640392 Would happen only if we reached 15 protocols handling files
Ticket: 5053 Do not asume that we know the number of alprotos at the end of AppLayerNamesSetup, but make arrays allocated by later AppLayerProtoDetectSetup dynamic so that it can be reallocated from AppLayerParserRegisterProtocolParsers This helps have a single entry point for a protocol like SNMP
So that we do not have to know g_alproto_max to register dynamically a new protocol from its name
and cast and also remove unneeded mut
Ticket: 5053
Loggers do not change transactions, they read only.
|
Already quite a few things going on here, so stopping here before adding the example of a template plugin Let me know if this should be split into multiple PRs |
| @@ -37,7 +37,7 @@ fn tftp_log_request(tx: &mut TFTPTransaction, | |||
| } | |||
|
|
|||
| #[no_mangle] | |||
| pub extern "C" fn rs_tftp_log_json_request(tx: &mut TFTPTransaction, | |||
| pub extern "C" fn rs_tftp_log_json_request(tx: &TFTPTransaction, | |||
There was a problem hiding this comment.
@jasonish thoughts about this ?
| @@ -1683,7 +1696,6 @@ static void ValidateParserProto(AppProto alproto, uint8_t ipproto) | |||
| } | |||
| #undef BOTH_SET | |||
| #undef BOTH_SET_OR_BOTH_UNSET | |||
| #undef THREE_SET_OR_THREE_UNSET | |||
There was a problem hiding this comment.
was never defined :-p
|
|
||
| // Also defined in output.h | ||
| // canot use JsonBuilder as it is not #[repr(C)] | ||
| pub type EveJsonSimpleTxLogFunc = unsafe extern "C" fn(*const c_void, *mut c_void) -> bool; |
There was a problem hiding this comment.
Should cbindgen export types that are function prototypes ?
| @@ -63,6 +63,7 @@ typedef struct SCAppLayerPlugin_ { | |||
| void (*KeywordsRegister)(void); | |||
| char *logname; | |||
| char *confname; | |||
| uint8_t dir; | |||
There was a problem hiding this comment.
Wondering if we should we EveJsonTxLoggerRegistrationData
| @@ -472,12 +472,49 @@ pub type ApplyTxConfigFn = unsafe extern "C" fn (*mut c_void, *mut c_void, c_int | |||
| pub type GetFrameIdByName = unsafe extern "C" fn(*const c_char) -> c_int; | |||
| pub type GetFrameNameById = unsafe extern "C" fn(u8) -> *const c_char; | |||
|
|
|||
| // Also defined in output-json.h | |||
There was a problem hiding this comment.
@jasonish what do you think about this ?
I do not like to see this defined twice
There was a problem hiding this comment.
Can you get the C to use this? In some cases there will be no way around it, at least not without bindgen to output C types, and cbindgen to output Rust types. But currently some things just can't include "rust.h" to get the types as rust.h might have a dependency.
There was a problem hiding this comment.
Can you get the C to use this?
I did not manage
But currently some things just can't include "rust.h" to get the types as rust.h might have a dependency.
Indeed the problem
I will try again a bit more
| // Also defined in output.h | ||
| #[repr(C)] | ||
| #[allow(non_snake_case)] | ||
| pub struct EveJsonTxLoggerRegistrationData { |
There was a problem hiding this comment.
I do not like to see it defined twice neither
|
ERROR: ERROR: QA failed on TREX_GENERIC_suri_cfg. Pipeline 24229 |
|
Next in #12406 |
Link to ticket: https://redmine.openinfosecfoundation.org/issues/
https://redmine.openinfosecfoundation.org/issues/5053
Describe changes:
Follow up on #12383