dcerpc: support AppLayerTxData

rust/src/dcerpc/dcerpc.rs

@@ -17,7 +17,7 @@
 
 use std::mem::transmute;
 
-use crate::applayer::AppLayerResult;
+use crate::applayer::{AppLayerResult, AppLayerTxData};
 use crate::core;
 use crate::dcerpc::parser;
 use crate::log::*;
@@ -248,9 +248,8 @@ pub struct DCERPCState {
     pub query_completed: bool,
     pub data_needed_for_dir: u8,
     pub prev_dir: u8,
-    pub detect_flags_ts: u64,
-    pub detect_flags_tc: u64,
     pub de_state: Option<*mut core::DetectEngineState>,
+    pub tx_data: AppLayerTxData,
 }
 
 impl DCERPCState {
@@ -270,9 +269,8 @@ impl DCERPCState {
             query_completed: false,
             data_needed_for_dir: core::STREAM_TOSERVER,
             prev_dir: core::STREAM_TOSERVER,
-            detect_flags_ts: 0,
-            detect_flags_tc: 0,
             de_state: None,
+            tx_data: AppLayerTxData::new(),
         };
     }
 
@@ -937,26 +935,12 @@ pub extern "C" fn rs_dcerpc_get_alstate_progress_completion_status(_direction: u
 }
 
 #[no_mangle]
-pub extern "C" fn rs_dcerpc_get_tx_detect_flags(vtx: *mut std::os::raw::c_void, dir: u8) -> u64 {
+pub extern "C" fn rs_dcerpc_get_tx_data(
-    let state = cast_pointer!(vtx, DCERPCState);
+    tx: *mut std::os::raw::c_void)
-    if dir & core::STREAM_TOSERVER != 0 {
+    -> *mut AppLayerTxData
-        return state.detect_flags_ts;
+{
-    }
+    let tx = cast_pointer!(tx, DCERPCState);
-    state.detect_flags_tc
+    return &mut tx.tx_data;
-}
-
-#[no_mangle]
-pub extern "C" fn rs_dcerpc_set_tx_detect_flags(
-    vtx: *mut std::os::raw::c_void,
-    dir: u8,
-    flags: u64,
-) {
-    let state = cast_pointer!(vtx, DCERPCState);
-    if dir & core::STREAM_TOSERVER != 0 {
-        state.detect_flags_ts = flags;
-    } else {
-        state.detect_flags_tc = flags;
-    }
 }
 
 #[no_mangle]

src/app-layer-dcerpc.c

@@ -126,16 +126,6 @@ static int DCERPCGetAlstateProgress(void *tx, uint8_t direction)
     return rs_dcerpc_get_alstate_progress(tx, direction);
 }
 
-static void DCERPCSetTxDetectFlags(void *vtx, uint8_t dir, uint64_t flags)
-{
-    return rs_dcerpc_set_tx_detect_flags(vtx, dir, flags);
-}
-
-static uint64_t DCERPCGetTxDetectFlags(void *vtx, uint8_t dir)
-{
-    return rs_dcerpc_get_tx_detect_flags(vtx, dir);
-}
-
 static int DCERPCRegisterPatternsForProtocolDetection(void)
 {
     if (AppLayerProtoDetectPMRegisterPatternCS(IPPROTO_TCP, ALPROTO_DCERPC,
@@ -182,6 +172,7 @@ void RegisterDCERPCParsers(void)
                                                DCERPCGetTxDetectState, DCERPCSetTxDetectState);
 
         AppLayerParserRegisterGetTx(IPPROTO_TCP, ALPROTO_DCERPC, DCERPCGetTx);
+        AppLayerParserRegisterTxDataFunc(IPPROTO_TCP, ALPROTO_DCERPC, rs_dcerpc_get_tx_data);
 
         AppLayerParserRegisterGetTxCnt(IPPROTO_TCP, ALPROTO_DCERPC, DCERPCGetTxCnt);
 
@@ -189,8 +180,6 @@ void RegisterDCERPCParsers(void)
 
         AppLayerParserRegisterGetStateProgressCompletionStatus(ALPROTO_DCERPC,
                                                                DCERPCGetAlstateProgressCompletionStatus);
-        AppLayerParserRegisterDetectFlagsFuncs(IPPROTO_TCP, ALPROTO_DCERPC,
-                DCERPCGetTxDetectFlags, DCERPCSetTxDetectFlags);
     } else {
         SCLogInfo("Parsed disabled for %s protocol. Protocol detection"
                   "still on.", proto_name);