diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml index 396325912ad9..7cb13dbd7450 100644 --- a/.github/workflows/builds.yml +++ b/.github/workflows/builds.yml @@ -93,8 +93,10 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen-cli \ cargo-vendor \ cbindgen \ + clang-devel \ diffutils \ numactl-devel \ dpdk-devel \ @@ -250,7 +252,9 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen \ cbindgen \ + clang-devel \ diffutils \ numactl-devel \ dpdk-devel \ @@ -344,6 +348,7 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen \ cargo-vendor \ cbindgen \ diffutils \ @@ -491,12 +496,14 @@ jobs: - name: Install system packages run: | - yum -y install dnf-plugins-core + yum -y install dnf-plugins-core epel-release yum config-manager --set-enabled powertools yum -y install \ autoconf \ automake \ + bindgen \ cargo-vendor \ + clang-devel \ diffutils \ numactl-devel \ dpdk-devel \ @@ -593,7 +600,9 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen \ cargo-vendor \ + clang-devel \ diffutils \ numactl-devel \ dpdk-devel \ @@ -684,6 +693,7 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen \ cbindgen \ ccache \ clang \ @@ -781,6 +791,7 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen \ cargo \ cbindgen \ ccache \ @@ -880,9 +891,11 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen \ cargo \ cbindgen \ ccache \ + clang-devel \ diffutils \ file-devel \ gcc \ @@ -977,6 +990,7 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen \ cargo \ cbindgen \ ccache \ @@ -1071,9 +1085,11 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen \ cargo \ cbindgen \ ccache \ + clang-devel \ diffutils \ file-devel \ gcc \ @@ -1155,6 +1171,7 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen \ cargo \ cbindgen \ ccache \ @@ -1253,6 +1270,7 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen \ cargo \ cbindgen \ clang \ @@ -1375,6 +1393,7 @@ jobs: apt -y install \ autoconf \ automake \ + bindgen \ build-essential \ cargo \ cbindgen \ @@ -1448,6 +1467,7 @@ jobs: apt update apt -y install \ libpcre2-dev \ + bindgen \ build-essential \ autoconf \ automake \ @@ -1573,6 +1593,7 @@ jobs: apt update apt -y install \ libpcre2-dev \ + bindgen \ build-essential \ autoconf \ automake \ @@ -1678,6 +1699,7 @@ jobs: apt update apt -y install \ libpcre2-dev \ + bindgen \ build-essential \ autoconf \ automake \ @@ -1815,6 +1837,7 @@ jobs: apt update apt -y install \ libpcre2-dev \ + bindgen \ build-essential \ autoconf \ automake \ @@ -1902,6 +1925,7 @@ jobs: apt update apt -y install \ libpcre2-dev \ + bindgen \ build-essential \ autoconf \ automake \ @@ -2005,6 +2029,7 @@ jobs: apt update apt -y install \ libpcre2-dev \ + bindgen \ build-essential \ autoconf \ automake \ @@ -2139,6 +2164,7 @@ jobs: zlib1g-dev \ exuberant-ctags \ dpdk-dev + - run: cargo install --root /usr --force --debug bindgen-cli - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 @@ -2257,6 +2283,7 @@ jobs: apt update apt -y install \ libpcre2-dev \ + bindgen \ build-essential \ autoconf \ automake \ @@ -2341,6 +2368,7 @@ jobs: afl \ afl-clang \ libpcre2-dev \ + bindgen \ build-essential \ autoconf \ automake \ @@ -2406,6 +2434,7 @@ jobs: sudo apt update sudo apt -y install \ libpcre2-dev \ + bindgen \ build-essential \ autoconf \ automake \ @@ -2545,6 +2574,7 @@ jobs: apt update apt -y install \ libpcre2-dev \ + bindgen \ build-essential \ autoconf \ automake \ @@ -2552,6 +2582,7 @@ jobs: git \ jq \ libtool \ + libclang-dev \ libpcap-dev \ libnet1-dev \ libyaml-0-2 \ @@ -2643,6 +2674,7 @@ jobs: apt -y install \ autoconf \ automake \ + bindgen \ build-essential \ cmake \ curl \ @@ -2650,6 +2682,7 @@ jobs: git \ jq \ make \ + libclang-dev \ libpcre3 \ libpcre3-dbg \ libpcre3-dev \ @@ -2746,6 +2779,7 @@ jobs: apt -y install \ autoconf \ automake \ + bindgen \ build-essential \ cargo \ cmake \ @@ -2753,6 +2787,7 @@ jobs: git \ jq \ make \ + libclang-dev \ libpcre3 \ libpcre3-dbg \ libpcre3-dev \ @@ -2827,6 +2862,7 @@ jobs: apt -y install \ autoconf \ automake \ + bindgen \ build-essential \ cmake \ curl \ @@ -2834,6 +2870,7 @@ jobs: git \ jq \ make \ + libclang-dev \ libpcre3 \ libpcre3-dbg \ libpcre3-dev \ @@ -2917,6 +2954,7 @@ jobs: curl \ git \ jq \ + libclang-dev \ libpcre2-dev \ libpcap-dev \ libnet1-dev \ @@ -2944,6 +2982,8 @@ jobs: - name: Install Rust run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain $RUST_VERSION_KNOWN -y - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH + - name: Install bindgen + run: cargo install bindgen-cli - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 @@ -2990,6 +3030,7 @@ jobs: curl \ git \ jq \ + libclang-dev \ libpcre2-dev \ libpcap-dev \ libnet1-dev \ @@ -3015,6 +3056,8 @@ jobs: - name: Install Rust run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain $RUST_VERSION_KNOWN -y - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH + - name: Install bindgen + run: cargo install bindgen-cli - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 @@ -3115,11 +3158,13 @@ jobs: with: msystem: MINGW64 update: true - install: git mingw-w64-x86_64-toolchain automake1.16 automake-wrapper autoconf libtool libyaml-devel pcre2-devel jansson-devel make mingw-w64-x86_64-libyaml mingw-w64-x86_64-pcre2 mingw-w64-x86_64-rust mingw-w64-x86_64-jansson unzip p7zip python-setuptools mingw-w64-x86_64-python-yaml mingw-w64-x86_64-jq mingw-w64-x86_64-libxml2 + install: git mingw-w64-x86_64-toolchain mingw-w64-x86_64-clang automake1.16 automake-wrapper autoconf libtool libyaml-devel pcre2-devel jansson-devel make mingw-w64-x86_64-libyaml mingw-w64-x86_64-pcre2 mingw-w64-x86_64-rust mingw-w64-x86_64-jansson unzip p7zip python-setuptools mingw-w64-x86_64-python-yaml mingw-w64-x86_64-jq mingw-w64-x86_64-libxml2 # hack: install our own cbindgen system wide as we can't get the # preinstalled one to be picked up by configure - name: cbindgen run: cargo install --root /usr --force --debug --version 0.24.3 cbindgen + - name: bindgen + run: cargo install --root /usr --force --debug bindgen-cli - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 @@ -3171,11 +3216,13 @@ jobs: with: msystem: MINGW64 update: true - install: git mingw-w64-x86_64-toolchain automake1.16 automake-wrapper autoconf libtool libyaml-devel pcre2-devel jansson-devel make mingw-w64-x86_64-libyaml mingw-w64-x86_64-pcre2 mingw-w64-x86_64-rust mingw-w64-x86_64-jansson unzip p7zip python-setuptools mingw-w64-x86_64-python-yaml mingw-w64-x86_64-jq mingw-w64-x86_64-libxml2 libpcap-devel mingw-w64-x86_64-libpcap + install: git mingw-w64-x86_64-toolchain mingw-w64-x86_64-clang automake1.16 automake-wrapper autoconf libtool libyaml-devel pcre2-devel jansson-devel make mingw-w64-x86_64-libyaml mingw-w64-x86_64-pcre2 mingw-w64-x86_64-rust mingw-w64-x86_64-jansson unzip p7zip python-setuptools mingw-w64-x86_64-python-yaml mingw-w64-x86_64-jq mingw-w64-x86_64-libxml2 libpcap-devel mingw-w64-x86_64-libpcap # hack: install our own cbindgen system wide as we can't get the # preinstalled one to be picked up by configure - name: cbindgen run: cargo install --root /usr --force --debug --version 0.24.3 cbindgen + - name: bindgen + run: cargo install --root /usr --force --debug bindgen-cli - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 @@ -3215,11 +3262,13 @@ jobs: with: msystem: MINGW64 update: true - install: git mingw-w64-x86_64-toolchain automake1.16 automake-wrapper autoconf libtool libyaml-devel pcre2-devel jansson-devel make mingw-w64-x86_64-libyaml mingw-w64-x86_64-pcre2 mingw-w64-x86_64-rust mingw-w64-x86_64-jansson unzip p7zip python-setuptools mingw-w64-x86_64-python-yaml mingw-w64-x86_64-jq mingw-w64-x86_64-libxml2 libpcap-devel mingw-w64-x86_64-libpcap + install: git mingw-w64-x86_64-toolchain mingw-w64-x86_64-clang automake1.16 automake-wrapper autoconf libtool libyaml-devel pcre2-devel jansson-devel make mingw-w64-x86_64-libyaml mingw-w64-x86_64-pcre2 mingw-w64-x86_64-rust mingw-w64-x86_64-jansson unzip p7zip python-setuptools mingw-w64-x86_64-python-yaml mingw-w64-x86_64-jq mingw-w64-x86_64-libxml2 libpcap-devel mingw-w64-x86_64-libpcap # hack: install our own cbindgen system wide as we can't get the # preinstalled one to be picked up by configure - name: cbindgen run: cargo install --root /usr --force --debug --version 0.24.3 cbindgen + - name: bindgen + run: cargo install --root /usr --force --debug bindgen-cli - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 @@ -3275,6 +3324,8 @@ jobs: dnf -y install \ autoconf \ automake \ + bindgen \ + clang-devel \ diffutils \ numactl-devel \ dpdk-devel \ diff --git a/configure.ac b/configure.ac index 93e728fc2246..e2b23f796f70 100644 --- a/configure.ac +++ b/configure.ac @@ -2270,6 +2270,11 @@ fi fi fi + AC_PATH_PROG([BINDGEN], [bindgen], [no]) + if test "x$BINDGEN" = "xno"; then + AC_MSG_ERROR([bindgen required]) + fi + AC_PATH_PROG(CBINDGEN, cbindgen, "no") if test "x$CBINDGEN" != "xno"; then cbindgen_version=$(cbindgen --version 2>&1 | cut -d' ' -f2-) diff --git a/rust/Makefile.am b/rust/Makefile.am index d53eb97090e1..76ef170a97e6 100644 --- a/rust/Makefile.am +++ b/rust/Makefile.am @@ -38,16 +38,23 @@ if HAVE_CYGPATH CARGO_ENV = @rustup_home@ \ CARGO_HOME="$(CARGO_HOME)" \ CARGO_TARGET_DIR="$(e_rustdir)/target" \ - SURICATA_LUA_SYS_HEADER_DST="$(e_rustdir)/gen" + SURICATA_LUA_SYS_HEADER_DST="$(e_rustdir)/gen" \ + TOP_BUILDDIR=$(abs_top_builddir) \ + TOP_SRCDIR=$(abs_top_srcdir) \ + RUST_GENDIR=$(e_rustdir)/gen else CARGO_ENV = @rustup_home@ \ CARGO_HOME="$(CARGO_HOME)" \ CARGO_TARGET_DIR="$(abs_top_builddir)/rust/target" \ - SURICATA_LUA_SYS_HEADER_DST="$(abs_top_builddir)/rust/gen" + SURICATA_LUA_SYS_HEADER_DST="$(abs_top_builddir)/rust/gen" \ + TOP_BUILDDIR=$(abs_top_builddir) \ + TOP_SRCDIR=$(abs_top_srcdir) \ + RUST_GENDIR=$(abs_top_builddir)/rust/gen endif all-local: Cargo.toml mkdir -p $(abs_top_builddir)/rust/gen + $(MAKE) gen/bindings.rs cd $(abs_top_srcdir)/rust && \ $(CARGO_ENV) \ $(CARGO) build $(RELEASE) $(NIGHTLY_ARGS) \ @@ -83,6 +90,32 @@ check: vendor: $(CARGO_ENV) $(CARGO) vendor +gen/bindgen.h: $(abs_top_srcdir)/src/app-layer-types.h \ + $(abs_top_srcdir)/src/app-layer-protos.h + rm -f $@ + mkdir -p gen +if HAVE_CYGPATH + for header in $^; do \ + echo "#include \"`cygpath -am $$header`\"" >> gen/bindgen.h; \ + done +else + for header in $^; do \ + echo "#include \"$$header\"" >> gen/bindgen.h; \ + done +endif + +gen/bindings.rs: gen/bindgen.h + rm -f $@ + $(BINDGEN) \ + -o $@ \ + --allowlist-type 'AppProto.*' \ + --allowlist-type 'SCAppLayer.*' \ + --rustified-enum SCAppLayerEventType \ + --rustified-enum AppProtoEnum \ + ./gen/bindgen.h \ + -- \ + -DHAVE_CONFIG_H -I../src $(CPPFLAGS) + if HAVE_CBINDGEN gen/rust-bindings.h: $(RUST_SURICATA_LIB) cd $(abs_top_srcdir)/rust && \ @@ -92,8 +125,11 @@ else gen/rust-bindings.h: endif -doc: - CARGO_HOME=$(CARGO_HOME) $(CARGO) doc --all-features --no-deps +doc: gen/bindings.rs + CARGO_HOME=$(CARGO_HOME) \ + $(CARGO_ENV) \ + SURICATA_LUA_SYS_HEADER_DST="" $(CARGO) doc \ + --all-features --no-deps if HAVE_CBINDGEN dist/rust-bindings.h: diff --git a/rust/derive/src/applayerevent.rs b/rust/derive/src/applayerevent.rs index 1b1a3f86ee9c..52373a497cbb 100644 --- a/rust/derive/src/applayerevent.rs +++ b/rust/derive/src/applayerevent.rs @@ -89,7 +89,7 @@ pub fn derive_app_layer_event(input: TokenStream) -> TokenStream { unsafe extern "C" fn get_event_info( event_name: *const std::os::raw::c_char, event_id: *mut u8, - event_type: *mut #crate_id::core::AppLayerEventType, + event_type: *mut #crate_id::sys::SCAppLayerEventType, ) -> std::os::raw::c_int { #crate_id::applayer::get_event_info::<#name>(event_name, event_id, event_type) } @@ -97,7 +97,7 @@ pub fn derive_app_layer_event(input: TokenStream) -> TokenStream { unsafe extern "C" fn get_event_info_by_id( event_id: u8, event_name: *mut *const std::os::raw::c_char, - event_type: *mut #crate_id::core::AppLayerEventType, + event_type: *mut #crate_id::sys::SCAppLayerEventType, ) -> std::os::raw::c_int { #crate_id::applayer::get_event_info_by_id::<#name>(event_id, event_name, event_type) } diff --git a/rust/src/applayer.rs b/rust/src/applayer.rs index ac9800d63439..091aa408c111 100644 --- a/rust/src/applayer.rs +++ b/rust/src/applayer.rs @@ -18,13 +18,16 @@ //! Parser registration functions and common interface module. use std; -use crate::core::{self,DetectEngineState,Flow,AppLayerEventType,AppProto,Direction}; +use crate::core::{self,DetectEngineState,Flow,Direction}; use crate::filecontainer::FileContainer; +use crate::sys::SCAppLayerEventType; use std::os::raw::{c_void,c_char,c_int}; use crate::core::SC; use std::ffi::CStr; use crate::core::StreamingBufferConfig; +pub use crate::sys::AppProto; + // Make the AppLayerEvent derive macro available to users importing // AppLayerEvent from this module. pub use suricata_derive::AppLayerEvent; @@ -374,7 +377,7 @@ pub struct RustParser { /// Function to get an event id from a description pub get_eventinfo: Option, /// Function to get an event description from an event id - pub get_eventinfo_byid: Option, + pub get_eventinfo_byid: crate::sys::SCAppLayerStateGetEventInfoByIdFn, /// Function to allocate local storage pub localstorage_new: Option, @@ -444,8 +447,8 @@ pub type StateTxFreeFn = unsafe extern "C" fn (*mut c_void, u64); pub type StateGetTxFn = unsafe extern "C" fn (*mut c_void, u64) -> *mut c_void; pub type StateGetTxCntFn = unsafe extern "C" fn (*mut c_void) -> u64; pub type StateGetProgressFn = unsafe extern "C" fn (*mut c_void, u8) -> c_int; -pub type GetEventInfoFn = unsafe extern "C" fn (*const c_char, event_id: *mut u8, *mut AppLayerEventType) -> c_int; -pub type GetEventInfoByIdFn = unsafe extern "C" fn (event_id: u8, *mut *const c_char, *mut AppLayerEventType) -> c_int; +pub type GetEventInfoFn = unsafe extern "C" fn (*const c_char, event_id: *mut u8, *mut SCAppLayerEventType) -> c_int; +pub type GetEventInfoByIdFn = unsafe extern "C" fn (event_id: u8, *mut *const c_char, *mut SCAppLayerEventType) -> c_int; pub type LocalStorageNewFn = extern "C" fn () -> *mut c_void; pub type LocalStorageFreeFn = extern "C" fn (*mut c_void); pub type GetTxFilesFn = unsafe extern "C" fn (*mut c_void, u8) -> AppLayerGetFileState; @@ -583,13 +586,13 @@ pub trait AppLayerEvent { unsafe extern "C" fn get_event_info( event_name: *const std::os::raw::c_char, event_id: *mut u8, - event_type: *mut core::AppLayerEventType, + event_type: *mut SCAppLayerEventType, ) -> std::os::raw::c_int; unsafe extern "C" fn get_event_info_by_id( event_id: u8, event_name: *mut *const std::os::raw::c_char, - event_type: *mut core::AppLayerEventType, + event_type: *mut SCAppLayerEventType, ) -> std::os::raw::c_int; } @@ -612,7 +615,7 @@ pub trait AppLayerEvent { pub unsafe fn get_event_info( event_name: *const std::os::raw::c_char, event_id: *mut u8, - event_type: *mut core::AppLayerEventType, + event_type: *mut SCAppLayerEventType, ) -> std::os::raw::c_int { if event_name.is_null() { return -1; @@ -624,7 +627,7 @@ pub unsafe fn get_event_info( return -1; } }; - *event_type = core::AppLayerEventType::APP_LAYER_EVENT_TYPE_TRANSACTION; + *event_type = SCAppLayerEventType::APP_LAYER_EVENT_TYPE_TRANSACTION; *event_id = event; return 0; } @@ -635,11 +638,11 @@ pub unsafe fn get_event_info( pub unsafe fn get_event_info_by_id( event_id: u8, event_name: *mut *const std::os::raw::c_char, - event_type: *mut core::AppLayerEventType, + event_type: *mut SCAppLayerEventType, ) -> std::os::raw::c_int { if let Some(e) = T::from_id(event_id) { *event_name = e.to_cstring().as_ptr() as *const std::os::raw::c_char; - *event_type = core::AppLayerEventType::APP_LAYER_EVENT_TYPE_TRANSACTION; + *event_type = SCAppLayerEventType::APP_LAYER_EVENT_TYPE_TRANSACTION; return 0; } return -1; diff --git a/rust/src/core.rs b/rust/src/core.rs index a628b300384a..3807e6e0429d 100644 --- a/rust/src/core.rs +++ b/rust/src/core.rs @@ -21,18 +21,12 @@ use std; use crate::filecontainer::*; use crate::debug_validate_fail; +pub use crate::sys::{AppProto, AppProtoEnum}; + /// Opaque C types. pub enum DetectEngineState {} pub enum AppLayerDecoderEvents {} -#[repr(C)] -#[derive(Debug, PartialEq, Eq, Clone, Copy)] -#[allow(non_camel_case_types)] -pub enum AppLayerEventType { - APP_LAYER_EVENT_TYPE_TRANSACTION = 1, - APP_LAYER_EVENT_TYPE_PACKET = 2, -} - pub const STREAM_START: u8 = 0x01; pub const STREAM_EOF: u8 = 0x02; pub const STREAM_TOSERVER: u8 = 0x04; @@ -105,11 +99,8 @@ impl From for u8 { } } -// Application layer protocol identifiers (app-layer-protos.h) -pub type AppProto = u16; - -pub const ALPROTO_UNKNOWN : AppProto = 0; -pub static mut ALPROTO_FAILED : AppProto = 0; // updated during init +pub const ALPROTO_UNKNOWN : AppProto = AppProtoEnum::ALPROTO_UNKNOWN as u16; +pub const ALPROTO_FAILED : AppProto = AppProtoEnum::ALPROTO_FAILED as u16; pub const IPPROTO_TCP : u8 = 6; pub const IPPROTO_UDP : u8 = 17; @@ -252,7 +243,6 @@ pub fn init_ffi(context: &'static SuricataContext) { unsafe { SC = Some(context); - ALPROTO_FAILED = StringToAppProto("failed\0".as_ptr()); } } diff --git a/rust/src/dhcp/dhcp.rs b/rust/src/dhcp/dhcp.rs index 5b6f4b4a085a..b6ea86a0d249 100644 --- a/rust/src/dhcp/dhcp.rs +++ b/rust/src/dhcp/dhcp.rs @@ -17,12 +17,13 @@ use crate::applayer::{self, *}; use crate::core; -use crate::core::{ALPROTO_UNKNOWN, AppProto, Flow, IPPROTO_UDP}; +use crate::core::{ALPROTO_UNKNOWN, Flow, IPPROTO_UDP}; use crate::dhcp::parser::*; +use crate::sys::AppProtoEnum; use std; use std::ffi::CString; -pub(super) static mut ALPROTO_DHCP: AppProto = ALPROTO_UNKNOWN; +pub(super) static ALPROTO_DHCP: AppProto = AppProtoEnum::ALPROTO_DHCP as AppProto; static DHCP_MIN_FRAME_LEN: u32 = 232; @@ -305,10 +306,9 @@ pub unsafe extern "C" fn rs_dhcp_register_parser() { let ip_proto_str = CString::new("udp").unwrap(); if AppLayerProtoDetectConfProtoDetectionEnabled(ip_proto_str.as_ptr(), parser.name) != 0 { - let alproto = AppLayerRegisterProtocolDetection(&parser, 1); - ALPROTO_DHCP = alproto; + AppLayerRegisterProtocolDetection(&parser, 1); if AppLayerParserConfParserEnabled(ip_proto_str.as_ptr(), parser.name) != 0 { - let _ = AppLayerRegisterParser(&parser, alproto); + let _ = AppLayerRegisterParser(&parser, ALPROTO_DHCP); } } else { SCLogDebug!("Protocol detector and parser disabled for DHCP."); diff --git a/rust/src/ftp/event.rs b/rust/src/ftp/event.rs index cc327369d875..a7edc1688176 100644 --- a/rust/src/ftp/event.rs +++ b/rust/src/ftp/event.rs @@ -15,7 +15,7 @@ * 02110-1301, USA. */ -use crate::core::AppLayerEventType; +use crate::sys::SCAppLayerEventType; use std::os::raw::{c_char, c_int}; #[derive(Debug, PartialEq, Eq, AppLayerEvent)] @@ -33,7 +33,7 @@ pub enum FtpEvent { /// Unsafe as called from C. #[no_mangle] pub unsafe extern "C" fn ftp_get_event_info( - event_name: *const c_char, event_id: *mut u8, event_type: *mut AppLayerEventType, + event_name: *const c_char, event_id: *mut u8, event_type: *mut SCAppLayerEventType, ) -> c_int { crate::applayer::get_event_info::(event_name, event_id, event_type) } @@ -44,7 +44,7 @@ pub unsafe extern "C" fn ftp_get_event_info( /// Unsafe as called from C. #[no_mangle] pub unsafe extern "C" fn ftp_get_event_info_by_id( - event_id: u8, event_name: *mut *const c_char, event_type: *mut AppLayerEventType, + event_id: u8, event_name: *mut *const c_char, event_type: *mut SCAppLayerEventType, ) -> c_int { crate::applayer::get_event_info_by_id::(event_id, event_name, event_type) as c_int } diff --git a/rust/src/ldap/ldap.rs b/rust/src/ldap/ldap.rs index 4c9c3947d7a8..4fea91547658 100644 --- a/rust/src/ldap/ldap.rs +++ b/rust/src/ldap/ldap.rs @@ -469,7 +469,7 @@ fn probe(input: &[u8], direction: Direction, rdir: *mut u8) -> AppProto { Ok((_, msg)) => { let ldap_msg = LdapMessage::from(msg); if ldap_msg.is_unknown() { - return unsafe { ALPROTO_FAILED }; + return ALPROTO_FAILED; } if direction == Direction::ToServer && !ldap_msg.is_request() { unsafe { @@ -487,7 +487,7 @@ fn probe(input: &[u8], direction: Direction, rdir: *mut u8) -> AppProto { return ALPROTO_UNKNOWN; } Err(_e) => { - return unsafe { ALPROTO_FAILED }; + return ALPROTO_FAILED; } } } diff --git a/rust/src/lib.rs b/rust/src/lib.rs index 7b389f7b88fe..aa8bfef9ff56 100644 --- a/rust/src/lib.rs +++ b/rust/src/lib.rs @@ -135,3 +135,6 @@ pub mod ldap; #[allow(unused_imports)] pub use suricata_lua_sys; + +// Generated Rust bindings from C. +pub mod sys; diff --git a/rust/src/modbus/modbus.rs b/rust/src/modbus/modbus.rs index 0d0c73371ef0..9401fc6922d0 100644 --- a/rust/src/modbus/modbus.rs +++ b/rust/src/modbus/modbus.rs @@ -281,7 +281,7 @@ pub extern "C" fn rs_modbus_probe( match MODBUS_PARSER.probe(slice, Direction::Unknown) { Status::Recognized => unsafe { ALPROTO_MODBUS }, Status::Incomplete => ALPROTO_UNKNOWN, - Status::Unrecognized => unsafe { ALPROTO_FAILED }, + Status::Unrecognized => ALPROTO_FAILED, } } diff --git a/rust/src/ntp/ntp.rs b/rust/src/ntp/ntp.rs index ae723bbb21cd..e17648c4c960 100644 --- a/rust/src/ntp/ntp.rs +++ b/rust/src/ntp/ntp.rs @@ -259,7 +259,7 @@ pub extern "C" fn ntp_probing_parser(_flow: *const Flow, return ALPROTO_UNKNOWN; }, Err(_) => { - return unsafe{ALPROTO_FAILED}; + return ALPROTO_FAILED; }, } } diff --git a/rust/src/smb/smb.rs b/rust/src/smb/smb.rs index 901ed2a23927..838c402f7af5 100644 --- a/rust/src/smb/smb.rs +++ b/rust/src/smb/smb.rs @@ -55,6 +55,7 @@ use crate::smb::session::*; use crate::smb::events::*; use crate::smb::files::*; use crate::smb::smb2_ioctl::*; +use crate::sys::SCAppLayerEventType; #[derive(AppLayerFrameType)] pub enum SMBFrameType { @@ -2154,7 +2155,7 @@ fn smb_probe_tcp(flags: u8, slice: &[u8], rdir: *mut u8, begins: bool) -> AppPro } } SCLogDebug!("no smb"); - unsafe { return ALPROTO_FAILED; } + return ALPROTO_FAILED; } // probing confirmation parser @@ -2254,7 +2255,7 @@ pub unsafe extern "C" fn rs_smb_get_tx_data( pub unsafe extern "C" fn rs_smb_state_get_event_info_by_id( event_id: u8, event_name: *mut *const std::os::raw::c_char, - event_type: *mut AppLayerEventType, + event_type: *mut SCAppLayerEventType, ) -> std::os::raw::c_int { SMBEvent::get_event_info_by_id(event_id, event_name, event_type) } @@ -2263,7 +2264,7 @@ pub unsafe extern "C" fn rs_smb_state_get_event_info_by_id( pub unsafe extern "C" fn rs_smb_state_get_event_info( event_name: *const std::os::raw::c_char, event_id: *mut u8, - event_type: *mut AppLayerEventType, + event_type: *mut SCAppLayerEventType, ) -> std::os::raw::c_int { SMBEvent::get_event_info(event_name, event_id, event_type) } diff --git a/rust/src/sys.rs b/rust/src/sys.rs new file mode 100644 index 000000000000..e77bc5632830 --- /dev/null +++ b/rust/src/sys.rs @@ -0,0 +1,21 @@ +/* Copyright (C) 2024 Open Information Security Foundation + * + * You can copy, redistribute or modify this Program under the terms of + * the GNU General Public License version 2 as published by the Free + * Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * version 2 along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +#![allow(non_camel_case_types)] +//include!(concat!(env!("OUT_DIR"), "/bindings.rs")); +//include!("../gen/bindings.rs"); +include!(concat!(env!("RUST_GENDIR"), "/bindings.rs")); diff --git a/src/Makefile.am b/src/Makefile.am index b0f841cfd0c2..5e0d2578cb49 100755 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -42,6 +42,7 @@ noinst_HEADERS = \ app-layer-ssh.h \ app-layer-ssl.h \ app-layer-tftp.h \ + app-layer-types.h \ app-layer-imap.h \ build-info.h \ conf.h \ diff --git a/src/app-layer-dnp3.c b/src/app-layer-dnp3.c index c995667ee0e3..6b7a4d1ce781 100644 --- a/src/app-layer-dnp3.c +++ b/src/app-layer-dnp3.c @@ -1432,7 +1432,7 @@ static int DNP3GetAlstateProgress(void *tx, uint8_t direction) * \brief App-layer support. */ static int DNP3StateGetEventInfo( - const char *event_name, uint8_t *event_id, AppLayerEventType *event_type) + const char *event_name, uint8_t *event_id, SCAppLayerEventType *event_type) { if (SCAppLayerGetEventIdByName(event_name, dnp3_decoder_event_table, event_id) == 0) { *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION; @@ -1445,7 +1445,7 @@ static int DNP3StateGetEventInfo( * \brief App-layer support. */ static int DNP3StateGetEventInfoById( - uint8_t event_id, const char **event_name, AppLayerEventType *event_type) + uint8_t event_id, const char **event_name, SCAppLayerEventType *event_type) { *event_name = SCMapEnumValueToName(event_id, dnp3_decoder_event_table); if (*event_name == NULL) { diff --git a/src/app-layer-events.c b/src/app-layer-events.c index eb32ea394671..87d72d890c89 100644 --- a/src/app-layer-events.c +++ b/src/app-layer-events.c @@ -23,6 +23,7 @@ */ #include "app-layer-events.h" +#include "rust.h" #include "util-enum.h" int SCAppLayerGetEventIdByName(const char *event_name, SCEnumCharMap *table, uint8_t *event_id) @@ -61,7 +62,7 @@ SCEnumCharMap app_layer_event_pkt_table[ ] = { }; int AppLayerGetEventInfoById( - uint8_t event_id, const char **event_name, AppLayerEventType *event_type) + uint8_t event_id, const char **event_name, SCAppLayerEventType *event_type) { *event_name = SCMapEnumValueToName(event_id, app_layer_event_pkt_table); if (*event_name == NULL) { @@ -165,7 +166,7 @@ SCEnumCharMap det_ctx_event_table[] = { }; int DetectEngineGetEventInfo( - const char *event_name, uint8_t *event_id, AppLayerEventType *event_type) + const char *event_name, uint8_t *event_id, SCAppLayerEventType *event_type) { if (SCAppLayerGetEventIdByName(event_name, det_ctx_event_table, event_id) == 0) { *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION; diff --git a/src/app-layer-events.h b/src/app-layer-events.h index 7b4e5e06d075..c33db5db3e26 100644 --- a/src/app-layer-events.h +++ b/src/app-layer-events.h @@ -26,14 +26,14 @@ #define SURICATA_APP_LAYER_EVENTS_H /* contains fwd declaration of AppLayerDecoderEvents_ */ -#include "decode.h" -#include "rust.h" +#include "suricata-common.h" +#include "app-layer-types.h" #include "util-enum.h" /** * \brief Data structure to store app layer decoder events. */ -struct AppLayerDecoderEvents_ { +typedef struct AppLayerDecoderEvents_ { /* array of events */ uint8_t *events; /* number of events in the above buffer */ @@ -42,7 +42,7 @@ struct AppLayerDecoderEvents_ { uint8_t events_buffer_size; /* last logged */ uint8_t event_last_logged; -}; +} AppLayerDecoderEvents; /* app layer pkt level events */ enum { @@ -57,7 +57,7 @@ enum { int AppLayerGetPktEventInfo(const char *event_name, uint8_t *event_id); int AppLayerGetEventInfoById( - uint8_t event_id, const char **event_name, AppLayerEventType *event_type); + uint8_t event_id, const char **event_name, SCAppLayerEventType *event_type); void AppLayerDecoderEventsSetEventRaw(AppLayerDecoderEvents **sevents, uint8_t event); static inline int AppLayerDecoderEventsIsEventSet( @@ -78,7 +78,7 @@ static inline int AppLayerDecoderEventsIsEventSet( void AppLayerDecoderEventsResetEvents(AppLayerDecoderEvents *events); void AppLayerDecoderEventsFreeEvents(AppLayerDecoderEvents **events); int DetectEngineGetEventInfo( - const char *event_name, uint8_t *event_id, AppLayerEventType *event_type); + const char *event_name, uint8_t *event_id, SCAppLayerEventType *event_type); int SCAppLayerGetEventIdByName(const char *event_name, SCEnumCharMap *table, uint8_t *event_id); #endif /* SURICATA_APP_LAYER_EVENTS_H */ diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c index 4acc105bab9a..810fe4ac83df 100644 --- a/src/app-layer-htp.c +++ b/src/app-layer-htp.c @@ -2705,7 +2705,7 @@ void *HtpGetTxForH2(void *alstate) } static int HTPStateGetEventInfo( - const char *event_name, uint8_t *event_id, AppLayerEventType *event_type) + const char *event_name, uint8_t *event_id, SCAppLayerEventType *event_type) { if (SCAppLayerGetEventIdByName(event_name, http_decoder_event_table, event_id) == 0) { *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION; @@ -2715,7 +2715,7 @@ static int HTPStateGetEventInfo( } static int HTPStateGetEventInfoById( - uint8_t event_id, const char **event_name, AppLayerEventType *event_type) + uint8_t event_id, const char **event_name, SCAppLayerEventType *event_type) { *event_name = SCMapEnumValueToName(event_id, http_decoder_event_table); if (*event_name == NULL) { diff --git a/src/app-layer-parser.c b/src/app-layer-parser.c index d1cacc572f40..d6028a085fee 100644 --- a/src/app-layer-parser.c +++ b/src/app-layer-parser.c @@ -94,9 +94,9 @@ typedef struct AppLayerParserProtoCtx_ int complete_ts; int complete_tc; int (*StateGetEventInfoById)( - uint8_t event_id, const char **event_name, AppLayerEventType *event_type); + uint8_t event_id, const char **event_name, SCAppLayerEventType *event_type); int (*StateGetEventInfo)( - const char *event_name, uint8_t *event_id, AppLayerEventType *event_type); + const char *event_name, uint8_t *event_id, SCAppLayerEventType *event_type); AppLayerStateData *(*GetStateData)(void *state); AppLayerTxData *(*GetTxData)(void *tx); @@ -530,9 +530,8 @@ void AppLayerParserRegisterStateProgressCompletionStatus( alp_ctx.ctxs[FLOW_PROTO_DEFAULT][alproto].complete_tc = tc; } -void AppLayerParserRegisterGetEventInfoById(uint8_t ipproto, AppProto alproto, - int (*StateGetEventInfoById)( - uint8_t event_id, const char **event_name, AppLayerEventType *event_type)) +void AppLayerParserRegisterGetEventInfoById( + uint8_t ipproto, AppProto alproto, SCAppLayerStateGetEventInfoByIdFn StateGetEventInfoById) { SCEnter(); @@ -554,7 +553,7 @@ void AppLayerParserRegisterGetFrameFuncs(uint8_t ipproto, AppProto alproto, void AppLayerParserRegisterGetEventInfo(uint8_t ipproto, AppProto alproto, int (*StateGetEventInfo)( - const char *event_name, uint8_t *event_id, AppLayerEventType *event_type)) + const char *event_name, uint8_t *event_id, SCAppLayerEventType *event_type)) { SCEnter(); @@ -1100,7 +1099,7 @@ int AppLayerParserGetStateProgressCompletionStatus(AppProto alproto, } int AppLayerParserGetEventInfo(uint8_t ipproto, AppProto alproto, const char *event_name, - uint8_t *event_id, AppLayerEventType *event_type) + uint8_t *event_id, SCAppLayerEventType *event_type) { SCEnter(); const int ipproto_map = FlowGetProtoMapping(ipproto); @@ -1110,7 +1109,7 @@ int AppLayerParserGetEventInfo(uint8_t ipproto, AppProto alproto, const char *ev } int AppLayerParserGetEventInfoById(uint8_t ipproto, AppProto alproto, uint8_t event_id, - const char **event_name, AppLayerEventType *event_type) + const char **event_name, SCAppLayerEventType *event_type) { SCEnter(); const int ipproto_map = FlowGetProtoMapping(ipproto); diff --git a/src/app-layer-parser.h b/src/app-layer-parser.h index 58ad4333563c..f607f614a07f 100644 --- a/src/app-layer-parser.h +++ b/src/app-layer-parser.h @@ -196,10 +196,10 @@ void AppLayerParserRegisterStateProgressCompletionStatus( AppProto alproto, const int ts, const int tc); void AppLayerParserRegisterGetEventInfo(uint8_t ipproto, AppProto alproto, int (*StateGetEventInfo)( - const char *event_name, uint8_t *event_id, AppLayerEventType *event_type)); + const char *event_name, uint8_t *event_id, SCAppLayerEventType *event_type)); void AppLayerParserRegisterGetEventInfoById(uint8_t ipproto, AppProto alproto, int (*StateGetEventInfoById)( - uint8_t event_id, const char **event_name, AppLayerEventType *event_type)); + uint8_t event_id, const char **event_name, SCAppLayerEventType *event_type)); void AppLayerParserRegisterGetFrameFuncs(uint8_t ipproto, AppProto alproto, AppLayerParserGetFrameIdByNameFn GetFrameIdByName, AppLayerParserGetFrameNameByIdFn GetFrameNameById); @@ -239,9 +239,9 @@ uint64_t AppLayerParserGetTxCnt(const Flow *, void *alstate); void *AppLayerParserGetTx(uint8_t ipproto, AppProto alproto, void *alstate, uint64_t tx_id); int AppLayerParserGetStateProgressCompletionStatus(AppProto alproto, uint8_t direction); int AppLayerParserGetEventInfo(uint8_t ipproto, AppProto alproto, const char *event_name, - uint8_t *event_id, AppLayerEventType *event_type); + uint8_t *event_id, SCAppLayerEventType *event_type); int AppLayerParserGetEventInfoById(uint8_t ipproto, AppProto alproto, uint8_t event_id, - const char **event_name, AppLayerEventType *event_type); + const char **event_name, SCAppLayerEventType *event_type); uint64_t AppLayerParserGetTransactionActive(const Flow *f, AppLayerParserState *pstate, uint8_t direction); diff --git a/src/app-layer-protos.h b/src/app-layer-protos.h index 10b8959772c4..fdb3fba1b9a1 100644 --- a/src/app-layer-protos.h +++ b/src/app-layer-protos.h @@ -25,6 +25,8 @@ #ifndef SURICATA_APP_LAYER_PROTOS_H #define SURICATA_APP_LAYER_PROTOS_H +#include "suricata-common.h" + enum AppProtoEnum { ALPROTO_UNKNOWN = 0, ALPROTO_HTTP1, diff --git a/src/app-layer-register.h b/src/app-layer-register.h index 6f489c73e248..76b9d9b1549e 100644 --- a/src/app-layer-register.h +++ b/src/app-layer-register.h @@ -52,9 +52,9 @@ typedef struct AppLayerParser { int (*StateGetProgress)(void *alstate, uint8_t direction); int (*StateGetEventInfo)( - const char *event_name, uint8_t *event_id, AppLayerEventType *event_type); + const char *event_name, uint8_t *event_id, SCAppLayerEventType *event_type); int (*StateGetEventInfoById)( - uint8_t event_id, const char **event_name, AppLayerEventType *event_type); + uint8_t event_id, const char **event_name, SCAppLayerEventType *event_type); void *(*LocalStorageAlloc)(void); void (*LocalStorageFree)(void *); diff --git a/src/app-layer-smtp.c b/src/app-layer-smtp.c index ec4799605cbd..0ee54616a7c2 100644 --- a/src/app-layer-smtp.c +++ b/src/app-layer-smtp.c @@ -1645,7 +1645,7 @@ static void SMTPFreeMpmState(void) } static int SMTPStateGetEventInfo( - const char *event_name, uint8_t *event_id, AppLayerEventType *event_type) + const char *event_name, uint8_t *event_id, SCAppLayerEventType *event_type) { if (SCAppLayerGetEventIdByName(event_name, smtp_decoder_event_table, event_id) == 0) { *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION; @@ -1655,7 +1655,7 @@ static int SMTPStateGetEventInfo( } static int SMTPStateGetEventInfoById( - uint8_t event_id, const char **event_name, AppLayerEventType *event_type) + uint8_t event_id, const char **event_name, SCAppLayerEventType *event_type) { *event_name = SCMapEnumValueToName(event_id, smtp_decoder_event_table); if (*event_name == NULL) { diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c index 05ba2239b281..335dceb8d229 100644 --- a/src/app-layer-ssl.c +++ b/src/app-layer-ssl.c @@ -2981,7 +2981,7 @@ static const char *SSLStateGetFrameNameById(const uint8_t frame_id) } static int SSLStateGetEventInfo( - const char *event_name, uint8_t *event_id, AppLayerEventType *event_type) + const char *event_name, uint8_t *event_id, SCAppLayerEventType *event_type) { if (SCAppLayerGetEventIdByName(event_name, tls_decoder_event_table, event_id) == 0) { *event_type = APP_LAYER_EVENT_TYPE_TRANSACTION; @@ -2991,7 +2991,7 @@ static int SSLStateGetEventInfo( } static int SSLStateGetEventInfoById( - uint8_t event_id, const char **event_name, AppLayerEventType *event_type) + uint8_t event_id, const char **event_name, SCAppLayerEventType *event_type) { *event_name = SCMapEnumValueToName(event_id, tls_decoder_event_table); if (*event_name == NULL) { diff --git a/src/app-layer-tftp.c b/src/app-layer-tftp.c index 4a9b41176af2..caa23c5c23ba 100644 --- a/src/app-layer-tftp.c +++ b/src/app-layer-tftp.c @@ -63,7 +63,7 @@ static void TFTPStateTxFree(void *state, uint64_t tx_id) } static int TFTPStateGetEventInfo( - const char *event_name, uint8_t *event_id, AppLayerEventType *event_type) + const char *event_name, uint8_t *event_id, SCAppLayerEventType *event_type) { return -1; } diff --git a/src/app-layer-types.h b/src/app-layer-types.h new file mode 100644 index 000000000000..08f8ed526f67 --- /dev/null +++ b/src/app-layer-types.h @@ -0,0 +1,31 @@ +/* Copyright (C) 2024 Open Information Security Foundation + * + * You can copy, redistribute or modify this Program under the terms of + * the GNU General Public License version 2 as published by the Free + * Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * version 2 along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +#ifndef SURICATA_APP_LAYER_TYPES_H +#define SURICATA_APP_LAYER_TYPES_H + +#include + +typedef enum SCAppLayerEventType { + APP_LAYER_EVENT_TYPE_TRANSACTION = 1, + APP_LAYER_EVENT_TYPE_PACKET = 2, +} SCAppLayerEventType; + +typedef int (*SCAppLayerStateGetEventInfoByIdFn)( + uint8_t event_id, const char **event_name, SCAppLayerEventType *event_type); + +#endif /* !SURICATA_APP_LAYER_TYPES_H */ diff --git a/src/decode.h b/src/decode.h index f36c41a8422e..ac784389ad27 100644 --- a/src/decode.h +++ b/src/decode.h @@ -94,16 +94,14 @@ enum PktSrcEnum { #include "util-validate.h" +#include "app-layer-events.h" + /* forward declarations */ struct DetectionEngineThreadCtx_; typedef struct AppLayerThreadCtx_ AppLayerThreadCtx; struct PktPool_; -/* declare these here as they are called from the - * PACKET_RECYCLE and PACKET_CLEANUP macro's. */ -typedef struct AppLayerDecoderEvents_ AppLayerDecoderEvents; - /* Address */ typedef struct Address_ { char family; diff --git a/src/detect-app-layer-event.c b/src/detect-app-layer-event.c index ce10c289d317..6fbcbfe5cf48 100644 --- a/src/detect-app-layer-event.c +++ b/src/detect-app-layer-event.c @@ -141,8 +141,8 @@ static int DetectAppLayerEventPktMatch(DetectEngineThreadCtx *det_ctx, aled->event_id); } -static DetectAppLayerEventData *DetectAppLayerEventParsePkt(const char *arg, - AppLayerEventType *event_type) +static DetectAppLayerEventData *DetectAppLayerEventParsePkt( + const char *arg, SCAppLayerEventType *event_type) { uint8_t event_id = 0; if (AppLayerGetPktEventInfo(arg, &event_id) != 0) { @@ -193,7 +193,7 @@ static int DetectAppLayerEventSetup(DetectEngineCtx *de_ctx, Signature *s, const while (*arg != '\0' && isspace((unsigned char)*arg)) arg++; - AppLayerEventType event_type; + SCAppLayerEventType event_type; DetectAppLayerEventData *data = NULL; if (strchr(arg, '.') == NULL) { diff --git a/src/output-json-anomaly.c b/src/output-json-anomaly.c index 00f82fa3685e..ae8faf9a3503 100644 --- a/src/output-json-anomaly.c +++ b/src/output-json-anomaly.c @@ -181,7 +181,7 @@ static int AnomalyAppLayerDecoderEventJson(ThreadVars *tv, JsonAnomalyLogThread const char *event_name = NULL; uint8_t event_code = decoder_events->events[i]; - AppLayerEventType event_type; + SCAppLayerEventType event_type; int r; if (is_pktlayer) { r = AppLayerGetEventInfoById(event_code, &event_name, &event_type); diff --git a/src/rust.h b/src/rust.h index 03cff24c8d26..251254e351a1 100644 --- a/src/rust.h +++ b/src/rust.h @@ -21,6 +21,8 @@ // hack for include orders cf SCSha256 typedef struct HttpRangeContainerBlock HttpRangeContainerBlock; #include "rust-context.h" +#include "app-layer-events.h" +#include "app-layer-types.h" #include "rust-bindings.h" #define JB_SET_STRING(jb, key, val) jb_set_formatted((jb), "\"" key "\":\"" val "\"")