rust/parser: Extend Rust parser for event-by-id

Extend the Rust parsing infrastructure with the "get event info by id"
calls. This changeset extends the parser structure, the C-based
registration handlers and the template parser.

rust/src/applayertemplate/template.rs

@@ -430,6 +430,13 @@ pub extern "C" fn rs_template_state_get_event_info(
     return -1;
 }
 
+#[no_mangle]
+pub extern "C" fn rs_template_state_get_event_info_by_id(_event_id: std::os::raw::c_int,
+                                                         _event_name: *mut *const std::os::raw::c_char,
+                                                         _event_type: *mut core::AppLayerEventType
+) -> i8 {
+    return -1;
+}
 #[no_mangle]
 pub extern "C" fn rs_template_state_get_tx_iterator(
     _ipproto: u8,
@@ -530,6 +537,7 @@ pub unsafe extern "C" fn rs_template_register_parser() {
         set_de_state: rs_template_tx_set_detect_state,
         get_events: Some(rs_template_state_get_events),
         get_eventinfo: Some(rs_template_state_get_event_info),
+        get_eventinfo_byid : Some(rs_template_state_get_event_info_by_id),
         localstorage_new: None,
         localstorage_free: None,
         get_tx_mpm_id: None,

rust/src/parser.rs

@@ -30,74 +30,76 @@ use applayer::{AppLayerGetTxIterTuple};
 #[repr(C)]
 pub struct RustParser {
     /// Parser name.
-    pub name:              *const c_char,
+    pub name:               *const c_char,
     /// Default port
-    pub default_port:      *const c_char,
+    pub default_port:       *const c_char,
 
     /// IP Protocol (core::IPPROTO_UDP, core::IPPROTO_TCP, etc.)
-    pub ipproto:           c_int,
+    pub ipproto:            c_int,
 
     /// Probing function, for packets going to server
-    pub probe_ts:          ProbeFn,
+    pub probe_ts:           ProbeFn,
     /// Probing function, for packets going to client
-    pub probe_tc:          ProbeFn,
+    pub probe_tc:           ProbeFn,
 
     /// Minimum frame depth for probing
-    pub min_depth:         u16,
+    pub min_depth:          u16,
     /// Maximum frame depth for probing
-    pub max_depth:         u16,
+    pub max_depth:          u16,
 
     /// Allocation function for a new state
-    pub state_new:         StateAllocFn,
+    pub state_new:          StateAllocFn,
     /// Function called to free a state
-    pub state_free:        StateFreeFn,
+    pub state_free:         StateFreeFn,
 
     /// Parsing function, for packets going to server
-    pub parse_ts:          ParseFn,
+    pub parse_ts:           ParseFn,
     /// Parsing function, for packets going to client
-    pub parse_tc:          ParseFn,
+    pub parse_tc:           ParseFn,
 
     /// Get the current transaction count
-    pub get_tx_count:      StateGetTxCntFn,
+    pub get_tx_count:       StateGetTxCntFn,
     /// Get a transaction
-    pub get_tx:            StateGetTxFn,
+    pub get_tx:             StateGetTxFn,
     /// Function called to free a transaction
-    pub tx_free:           StateTxFreeFn,
+    pub tx_free:            StateTxFreeFn,
     /// Function returning the current transaction completion status
-    pub tx_get_comp_st:    StateGetTxCompletionStatusFn,
+    pub tx_get_comp_st:     StateGetTxCompletionStatusFn,
     /// Function returning the current transaction progress
-    pub tx_get_progress:   StateGetProgressFn,
+    pub tx_get_progress:    StateGetProgressFn,
 
     /// Logged transaction getter function
-    pub get_tx_logged:     Option<GetTxLoggedFn>,
+    pub get_tx_logged:      Option<GetTxLoggedFn>,
     /// Logged transaction setter function
-    pub set_tx_logged:     Option<SetTxLoggedFn>,
+    pub set_tx_logged:      Option<SetTxLoggedFn>,
 
     /// Function called to get a detection state
-    pub get_de_state:      GetDetectStateFn,
+    pub get_de_state:       GetDetectStateFn,
     /// Function called to set a detection state
-    pub set_de_state:      SetDetectStateFn,
+    pub set_de_state:       SetDetectStateFn,
 
     /// Function to get events
-    pub get_events:        Option<GetEventsFn>,
-    /// Function to get an event description
-    pub get_eventinfo:     Option<GetEventInfoFn>,
+    pub get_events:         Option<GetEventsFn>,
+    /// Function to get an event id from a description
+    pub get_eventinfo:      Option<GetEventInfoFn>,
+    /// Function to get an event description from an event id
+    pub get_eventinfo_byid: Option<GetEventInfoByIdFn>,
 
     /// Function to allocate local storage
-    pub localstorage_new:  Option<LocalStorageNewFn>,
+    pub localstorage_new:   Option<LocalStorageNewFn>,
     /// Function to free local storage
-    pub localstorage_free: Option<LocalStorageFreeFn>,
+    pub localstorage_free:  Option<LocalStorageFreeFn>,
 
     /// Function to get transaction MPM ID
-    pub get_tx_mpm_id:     Option<GetTxMpmIDFn>,
+    pub get_tx_mpm_id:      Option<GetTxMpmIDFn>,
     /// Function to set transaction MPM ID
-    pub set_tx_mpm_id:     Option<SetTxMpmIDFn>,
+    pub set_tx_mpm_id:      Option<SetTxMpmIDFn>,
 
     /// Function to get files
-    pub get_files:         Option<GetFilesFn>,
+    pub get_files:          Option<GetFilesFn>,
 
     /// Function to get the TX iterator
-    pub get_tx_iterator:   Option<GetTxIteratorFn>,
+    pub get_tx_iterator:    Option<GetTxIteratorFn>,
 }
 
 
@@ -137,6 +139,7 @@ pub type StateGetProgressFn = extern "C" fn (*mut c_void, u8) -> c_int;
 pub type GetDetectStateFn   = extern "C" fn (*mut c_void) -> *mut DetectEngineState;
 pub type SetDetectStateFn   = extern "C" fn (*mut c_void, &mut DetectEngineState) -> c_int;
 pub type GetEventInfoFn     = extern "C" fn (*const c_char, *mut c_int, *mut AppLayerEventType) -> c_int;
+pub type GetEventInfoByIdFn = extern "C" fn (c_int, *mut *const c_char, *mut AppLayerEventType) -> i8;
 pub type GetEventsFn        = extern "C" fn (*mut c_void) -> *mut AppLayerDecoderEvents;
 pub type GetTxLoggedFn      = extern "C" fn (*mut c_void, *mut c_void) -> u32;
 pub type SetTxLoggedFn      = extern "C" fn (*mut c_void, *mut c_void, u32);

src/app-layer-parser.c

@@ -1410,7 +1410,8 @@ static void ValidateParserProtoDump(AppProto alproto, uint8_t ipproto)
     printf("Optional:\n");
     printf("- LocalStorageAlloc %p LocalStorageFree %p\n", ctx->LocalStorageAlloc, ctx->LocalStorageFree);
     printf("- StateGetTxLogged %p StateSetTxLogged %p\n", ctx->StateGetTxLogged, ctx->StateSetTxLogged);
-    printf("- StateGetEvents %p StateGetEventInfo %p\n", ctx->StateGetEvents, ctx->StateGetEventInfo);
+    printf("- StateGetEvents %p StateGetEventInfo %p StateGetEventInfoById %p\n", ctx->StateGetEvents, ctx->StateGetEventInfo,
+            ctx->StateGetEventInfoById);
 }
 
 #define BOTH_SET(a, b) ((a) != NULL && (b) != NULL)

src/app-layer-register.c

@@ -145,6 +145,10 @@ int AppLayerRegisterParser(const struct AppLayerParser *p, AppProto alproto)
         AppLayerParserRegisterGetEventInfo(p->ip_proto, alproto,
                 p->StateGetEventInfo);
     }
+    if (p->StateGetEventInfoById) {
+        AppLayerParserRegisterGetEventInfoById(p->ip_proto, alproto,
+                p->StateGetEventInfoById);
+    }
     if (p->StateGetEvents) {
         AppLayerParserRegisterGetEventsFunc(p->ip_proto, alproto,
                 p->StateGetEvents);

src/app-layer-register.h

@@ -57,6 +57,8 @@ typedef struct AppLayerParser {
     AppLayerDecoderEvents *(*StateGetEvents)(void *);
     int (*StateGetEventInfo)(const char *event_name,
                              int *event_id, AppLayerEventType *event_type);
+    int (*StateGetEventInfoById)(int event_id, const char **event_name,
+                                  AppLayerEventType *event_type);
 
     void *(*LocalStorageAlloc)(void);
     void (*LocalStorageFree)(void *);