aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

rust/ikev2: fix events not being raised in first message

Browse Source 
The `set_event` function requires that the transaction is already
inserted, or the event set is silently lost.
When parsing first IKEv2 message, first insert transaction, prepare
values, and borrow back inserted transaction to update it.
pull/3706/head
Pierre Chifflier 6 years ago committed by Victor Julien
parent 27b0775d27
commit f90733fe3f
1 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File

19
rust/src/ikev2/ikev2.rs
Unescape Escape View File

@ -149,10 +149,14 @@ impl IKEV2State {
// use init_spi as transaction identifier // use init_spi as transaction identifier
tx.xid = hdr.init_spi; tx.xid = hdr.init_spi;
tx.hdr = (*hdr).clone(); tx.hdr = (*hdr).clone();
self.transactions.push(tx);
let mut payload_types = Vec::new();
let mut errors = 0;
let mut notify_types = Vec::new();
match parse_ikev2_payload_list(rem,hdr.next_payload) { match parse_ikev2_payload_list(rem,hdr.next_payload) {
Ok((_,Ok(ref p))) => { Ok((_,Ok(ref p))) => {
for payload in p { for payload in p {
tx.payload_types.push(payload.hdr.next_payload_type); payload_types.push(payload.hdr.next_payload_type);
match payload.content { match payload.content {
IkeV2PayloadContent::Dummy => (), IkeV2PayloadContent::Dummy => (),
IkeV2PayloadContent::SA(ref prop) => { IkeV2PayloadContent::SA(ref prop) => {
@ -172,9 +176,9 @@ impl IKEV2State {
IkeV2PayloadContent::Notify(ref n) => { IkeV2PayloadContent::Notify(ref n) => {
SCLogDebug!("Notify: {:?}", n); SCLogDebug!("Notify: {:?}", n);
if n.notify_type.is_error() { if n.notify_type.is_error() {
tx.errors += 1; errors += 1;
} }
tx.notify_types.push(n.notify_type); notify_types.push(n.notify_type);
}, },
// XXX CertificateRequest // XXX CertificateRequest
// XXX Certificate // XXX Certificate
@ -187,11 +191,16 @@ impl IKEV2State {
}, },
} }
self.connection_state = self.connection_state.advance(payload); self.connection_state = self.connection_state.advance(payload);
if let Some(tx) = self.transactions.last_mut() {
// borrow back tx to update it
tx.payload_types.append(&mut payload_types);
tx.errors = errors;
tx.notify_types.append(&mut notify_types);
}
}; };
}, },
e => { SCLogDebug!("parse_ikev2_payload_with_type: {:?}",e); () }, e => { SCLogDebug!("parse_ikev2_payload_with_type: {:?}",e); () },
} }
self.transactions.push(tx);
1 1
}, },
Err(nom::Err::Incomplete(_)) => { Err(nom::Err::Incomplete(_)) => {
@ -235,6 +244,8 @@ impl IKEV2State {
if let Some(tx) = self.transactions.last_mut() { if let Some(tx) = self.transactions.last_mut() {
let ev = event as u8; let ev = event as u8;
core::sc_app_layer_decoder_events_set_event_raw(&mut tx.events, ev); core::sc_app_layer_decoder_events_set_event_raw(&mut tx.events, ev);
} else {
SCLogDebug!("IKEv2: trying to set event {} on non-existing transaction", event as u32);
} }
} }

Write Preview
Loading…
Cancel
Save