mirror of
https://github.com/zeek/zeek.git
synced 2025-10-16 21:48:21 +00:00
Conn: Move conn_id init and flip to IPBasedConnKey
This loosens the coupling of the script-layer conn_id record and the code in Conn a bit, moving more into the IPBasedConnKey class. I'm not quite sure whether moving the flipping logic is worth it, but assuming Conn could become non-IP in the future, it might.
This commit is contained in:
Arne Welzel
parent
661fa91231
commit
f8eab9e9cf
4 changed files with 94 additions and 31 deletions
47
src/Conn.cc
47
src/Conn.cc
|
|
@ -183,40 +183,11 @@ uint8_t Connection::KeyProto() const { return key->PackedTuple().proto; }
|
|||
|
||||
bool Connection::IsReuse(double t, const u_char* pkt) { return adapter && adapter->IsReuse(t, pkt); }
|
||||
|
||||
namespace {
|
||||
// Flip everything that needs to be flipped in the connection
|
||||
// record that is known on this level. This needs to align
|
||||
// with GetVal() and connection's layout in init-bare.
|
||||
void flip_conn_val(const RecordValPtr& conn_val) {
|
||||
// Flip the the conn_id (c$id).
|
||||
const auto& id_val = conn_val->GetField<zeek::RecordVal>(0);
|
||||
const auto& tmp_addr = id_val->GetField<zeek::AddrVal>(0);
|
||||
const auto& tmp_port = id_val->GetField<zeek::PortVal>(1);
|
||||
id_val->Assign(0, id_val->GetField<zeek::AddrVal>(2));
|
||||
id_val->Assign(1, id_val->GetField<zeek::PortVal>(3));
|
||||
id_val->Assign(2, tmp_addr);
|
||||
id_val->Assign(3, tmp_port);
|
||||
|
||||
// Flip the endpoints within connection.
|
||||
const auto& tmp_endp = conn_val->GetField<zeek::RecordVal>(1);
|
||||
conn_val->Assign(1, conn_val->GetField(2));
|
||||
conn_val->Assign(2, tmp_endp);
|
||||
}
|
||||
} // namespace
|
||||
|
||||
const RecordValPtr& Connection::GetVal() {
|
||||
if ( ! conn_val ) {
|
||||
conn_val = make_intrusive<RecordVal>(id::connection);
|
||||
|
||||
TransportProto prot_type = ConnTransport();
|
||||
|
||||
// XXX this could technically move into IPBasedConnKey.
|
||||
auto id_val = make_intrusive<RecordVal>(id::conn_id);
|
||||
id_val->Assign(0, make_intrusive<AddrVal>(orig_addr));
|
||||
id_val->Assign(1, val_mgr->Port(ntohs(orig_port), prot_type));
|
||||
id_val->Assign(2, make_intrusive<AddrVal>(resp_addr));
|
||||
id_val->Assign(3, val_mgr->Port(ntohs(resp_port), prot_type));
|
||||
id_val->Assign(4, KeyProto());
|
||||
auto* ctx = id_val->GetFieldAs<zeek::RecordVal>(5);
|
||||
|
||||
// Allow customized ConnKeys to augment conn_id and ctx.
|
||||
|
|
@ -333,8 +304,22 @@ void Connection::FlipRoles() {
|
|||
resp_flow_label = orig_flow_label;
|
||||
orig_flow_label = tmp_flow;
|
||||
|
||||
if ( conn_val )
|
||||
flip_conn_val(conn_val);
|
||||
if ( conn_val ) {
|
||||
// Delegate flipping of conn_id and ctx records to the key instance.
|
||||
auto id_val = conn_val->GetField<zeek::RecordVal>(0);
|
||||
auto* ctx = id_val->GetFieldAs<zeek::RecordVal>(5);
|
||||
key->FlipRoles(*id_val, *ctx);
|
||||
|
||||
// Flip the connection's endpoints
|
||||
const auto& tmp_endp = conn_val->GetField<zeek::RecordVal>(1);
|
||||
conn_val->Assign(1, conn_val->GetField(2));
|
||||
conn_val->Assign(2, tmp_endp);
|
||||
}
|
||||
else {
|
||||
// Even we haven't yet allocated a connection value, still need to flip the key's
|
||||
// idea of originator and responder
|
||||
key->FlipRoles();
|
||||
}
|
||||
|
||||
if ( adapter )
|
||||
adapter->FlipRoles();
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue