rust/parser: Extend Rust parser for event-by-id

Extend the Rust parsing infrastructure with the "get event info by id" calls. This changeset extends the parser structure, the C-based registration handlers and the template parser.
6 years ago · a5d9d37c34
parent 294d0e8cba
commit a5d9d37c34
5 changed files with 48 additions and 30 deletions
--- a/rust/src/applayertemplate/template.rs
+++ b/rust/src/applayertemplate/template.rs
@ -430,6 +430,13 @@ pub extern "C" fn rs_template_state_get_event_info(
    return -1;
 }
 #[no_mangle]
 pub extern "C" fn rs_template_state_get_event_info_by_id(_event_id: std::os::raw::c_int,
                                                         _event_name: *mut *const std::os::raw::c_char,
                                                         _event_type: *mut core::AppLayerEventType
 ) -> i8 {
    return -1;
 }
 #[no_mangle]
 pub extern "C" fn rs_template_state_get_tx_iterator(
    _ipproto: u8,
@ -530,6 +537,7 @@ pub unsafe extern "C" fn rs_template_register_parser() {
        set_de_state: rs_template_tx_set_detect_state,
        get_events: Some(rs_template_state_get_events),
        get_eventinfo: Some(rs_template_state_get_event_info),
        get_eventinfo_byid : Some(rs_template_state_get_event_info_by_id),
        localstorage_new: None,
        localstorage_free: None,
        get_tx_mpm_id: None,
--- a/rust/src/parser.rs
+++ b/rust/src/parser.rs
@ -30,74 +30,76 @@ use applayer::{AppLayerGetTxIterTuple};
 #[repr(C)]
 pub struct RustParser {
    /// Parser name.
-    pub name:              *const c_char,
+    pub name:               *const c_char,
    /// Default port
-    pub default_port:      *const c_char,
+    pub default_port:       *const c_char,
    /// IP Protocol (core::IPPROTO_UDP, core::IPPROTO_TCP, etc.)
-    pub ipproto:           c_int,
+    pub ipproto:            c_int,
    /// Probing function, for packets going to server
-    pub probe_ts:          ProbeFn,
+    pub probe_ts:           ProbeFn,
    /// Probing function, for packets going to client
-    pub probe_tc:          ProbeFn,
+    pub probe_tc:           ProbeFn,
    /// Minimum frame depth for probing
-    pub min_depth:         u16,
+    pub min_depth:          u16,
    /// Maximum frame depth for probing
-    pub max_depth:         u16,
+    pub max_depth:          u16,
    /// Allocation function for a new state
-    pub state_new:         StateAllocFn,
+    pub state_new:          StateAllocFn,
    /// Function called to free a state
-    pub state_free:        StateFreeFn,
+    pub state_free:         StateFreeFn,
    /// Parsing function, for packets going to server
-    pub parse_ts:          ParseFn,
+    pub parse_ts:           ParseFn,
    /// Parsing function, for packets going to client
-    pub parse_tc:          ParseFn,
+    pub parse_tc:           ParseFn,
    /// Get the current transaction count
-    pub get_tx_count:      StateGetTxCntFn,
+    pub get_tx_count:       StateGetTxCntFn,
    /// Get a transaction
-    pub get_tx:            StateGetTxFn,
+    pub get_tx:             StateGetTxFn,
    /// Function called to free a transaction
-    pub tx_free:           StateTxFreeFn,
+    pub tx_free:            StateTxFreeFn,
    /// Function returning the current transaction completion status
-    pub tx_get_comp_st:    StateGetTxCompletionStatusFn,
+    pub tx_get_comp_st:     StateGetTxCompletionStatusFn,
    /// Function returning the current transaction progress
-    pub tx_get_progress:   StateGetProgressFn,
+    pub tx_get_progress:    StateGetProgressFn,
    /// Logged transaction getter function
-    pub get_tx_logged:     Option<GetTxLoggedFn>,
+    pub get_tx_logged:      Option<GetTxLoggedFn>,
    /// Logged transaction setter function
-    pub set_tx_logged:     Option<SetTxLoggedFn>,
+    pub set_tx_logged:      Option<SetTxLoggedFn>,
    /// Function called to get a detection state
-    pub get_de_state:      GetDetectStateFn,
+    pub get_de_state:       GetDetectStateFn,
    /// Function called to set a detection state
-    pub set_de_state:      SetDetectStateFn,
+    pub set_de_state:       SetDetectStateFn,
    /// Function to get events
-    pub get_events:        Option<GetEventsFn>,
+    pub get_events:         Option<GetEventsFn>,
-    /// Function to get an event description
+    /// Function to get an event id from a description
-    pub get_eventinfo:     Option<GetEventInfoFn>,
+    pub get_eventinfo:      Option<GetEventInfoFn>,
    /// Function to get an event description from an event id
    pub get_eventinfo_byid: Option<GetEventInfoByIdFn>,
    /// Function to allocate local storage
-    pub localstorage_new:  Option<LocalStorageNewFn>,
+    pub localstorage_new:   Option<LocalStorageNewFn>,
    /// Function to free local storage
-    pub localstorage_free: Option<LocalStorageFreeFn>,
+    pub localstorage_free:  Option<LocalStorageFreeFn>,
    /// Function to get transaction MPM ID
-    pub get_tx_mpm_id:     Option<GetTxMpmIDFn>,
+    pub get_tx_mpm_id:      Option<GetTxMpmIDFn>,
    /// Function to set transaction MPM ID
-    pub set_tx_mpm_id:     Option<SetTxMpmIDFn>,
+    pub set_tx_mpm_id:      Option<SetTxMpmIDFn>,
    /// Function to get files
-    pub get_files:         Option<GetFilesFn>,
+    pub get_files:          Option<GetFilesFn>,
    /// Function to get the TX iterator
-    pub get_tx_iterator:   Option<GetTxIteratorFn>,
+    pub get_tx_iterator:    Option<GetTxIteratorFn>,
 }
@ -137,6 +139,7 @@ pub type StateGetProgressFn = extern "C" fn (*mut c_void, u8) -> c_int;
 pub type GetDetectStateFn   = extern "C" fn (*mut c_void) -> *mut DetectEngineState;
 pub type SetDetectStateFn   = extern "C" fn (*mut c_void, &mut DetectEngineState) -> c_int;
 pub type GetEventInfoFn     = extern "C" fn (*const c_char, *mut c_int, *mut AppLayerEventType) -> c_int;
 pub type GetEventInfoByIdFn = extern "C" fn (c_int, *mut *const c_char, *mut AppLayerEventType) -> i8;
 pub type GetEventsFn        = extern "C" fn (*mut c_void) -> *mut AppLayerDecoderEvents;
 pub type GetTxLoggedFn      = extern "C" fn (*mut c_void, *mut c_void) -> u32;
 pub type SetTxLoggedFn      = extern "C" fn (*mut c_void, *mut c_void, u32);
--- a/src/app-layer-parser.c
+++ b/src/app-layer-parser.c
@ -1410,7 +1410,8 @@ static void ValidateParserProtoDump(AppProto alproto, uint8_t ipproto)
    printf("Optional:\n");
    printf("- LocalStorageAlloc %p LocalStorageFree %p\n", ctx->LocalStorageAlloc, ctx->LocalStorageFree);
    printf("- StateGetTxLogged %p StateSetTxLogged %p\n", ctx->StateGetTxLogged, ctx->StateSetTxLogged);
-    printf("- StateGetEvents %p StateGetEventInfo %p\n", ctx->StateGetEvents, ctx->StateGetEventInfo);
+    printf("- StateGetEvents %p StateGetEventInfo %p StateGetEventInfoById %p\n", ctx->StateGetEvents, ctx->StateGetEventInfo,
            ctx->StateGetEventInfoById);
 }
 #define BOTH_SET(a, b) ((a) != NULL && (b) != NULL)
--- a/src/app-layer-register.c
+++ b/src/app-layer-register.c
@ -145,6 +145,10 @@ int AppLayerRegisterParser(const struct AppLayerParser *p, AppProto alproto)
        AppLayerParserRegisterGetEventInfo(p->ip_proto, alproto,
                p->StateGetEventInfo);
    }
    if (p->StateGetEventInfoById) {
        AppLayerParserRegisterGetEventInfoById(p->ip_proto, alproto,
                p->StateGetEventInfoById);
    }
    if (p->StateGetEvents) {
        AppLayerParserRegisterGetEventsFunc(p->ip_proto, alproto,
                p->StateGetEvents);
--- a/src/app-layer-register.h
+++ b/src/app-layer-register.h
@ -57,6 +57,8 @@ typedef struct AppLayerParser {
    AppLayerDecoderEvents *(*StateGetEvents)(void *);
    int (*StateGetEventInfo)(const char *event_name,
                             int *event_id, AppLayerEventType *event_type);
    int (*StateGetEventInfoById)(int event_id, const char **event_name,
                                  AppLayerEventType *event_type);
    void *(*LocalStorageAlloc)(void);
    void (*LocalStorageFree)(void *);