diff --git a/rust/Cargo.lock.in b/rust/Cargo.lock.in index 498aba94f973..698413e33f30 100644 --- a/rust/Cargo.lock.in +++ b/rust/Cargo.lock.in @@ -85,7 +85,7 @@ dependencies = [ "nom", "num-traits 0.2.19", "rusticata-macros", - "thiserror", + "thiserror 1.0.68", "time", ] @@ -452,13 +452,13 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "ldap-parser" -version = "0.4.0" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "798f8bf8793bb624e6b840f1c73949949709f9301dc63ddb236e9230674575c9" +checksum = "d9fde2bd93cf7db2fdba06379826baee0d5414ea093c8c1946701b5a6df046d3" dependencies = [ "asn1-rs", "rusticata-macros", - "thiserror", + "thiserror 2.0.10", ] [[package]] @@ -778,7 +778,7 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1ebace6889caf889b4d3f76becee12e90353f2b8c7d875534a71e5742f8f6f83" dependencies = [ - "thiserror", + "thiserror 1.0.68", "toml", ] @@ -961,7 +961,7 @@ dependencies = [ "asn1-rs", "nom", "rusticata-macros", - "thiserror", + "thiserror 1.0.68", ] [[package]] @@ -1121,7 +1121,16 @@ version = "1.0.68" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "02dd99dc800bbb97186339685293e1cc5d9df1f8fae2d0aecd9ff1c77efea892" dependencies = [ - "thiserror-impl", + "thiserror-impl 1.0.68", +] + +[[package]] +name = "thiserror" +version = "2.0.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a3ac7f54ca534db81081ef1c1e7f6ea8a3ef428d2fc069097c079443d24124d3" +dependencies = [ + "thiserror-impl 2.0.10", ] [[package]] @@ -1135,6 +1144,17 @@ dependencies = [ "syn 2.0.87", ] +[[package]] +name = "thiserror-impl" +version = "2.0.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e9465d30713b56a37ede7185763c3492a91be2f5fa68d958c44e41ab9248beb" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.87", +] + [[package]] name = "time" version = "0.3.36" @@ -1254,7 +1274,7 @@ dependencies = [ "nom", "oid-registry", "rusticata-macros", - "thiserror", + "thiserror 1.0.68", "time", ] diff --git a/rust/Cargo.toml.in b/rust/Cargo.toml.in index eaeacff8356e..8fad5fee77e3 100644 --- a/rust/Cargo.toml.in +++ b/rust/Cargo.toml.in @@ -62,7 +62,7 @@ lazy_static = "~1.4.0" base64 = "~0.22.1" bendy = { version = "~0.3.3", default-features = false } asn1-rs = { version = "~0.6.1" } -ldap-parser = { version = "~0.4.0" } +ldap-parser = { version = "~0.4.1" } hex = "~0.4.3" time = "~0.3.36" diff --git a/rust/src/ldap/ldap.rs b/rust/src/ldap/ldap.rs index 1d6032f091f0..44c4eeedc3aa 100644 --- a/rust/src/ldap/ldap.rs +++ b/rust/src/ldap/ldap.rs @@ -193,11 +193,7 @@ impl LdapState { if self.request_gap { match ldap_parse_msg(input) { - Ok((_, msg)) => { - let ldap_msg = LdapMessage::from(msg); - if ldap_msg.is_unknown() { - return AppLayerResult::err(); - } + Ok((_, _msg)) => { AppLayerResult::ok(); } Err(_e) => { @@ -264,11 +260,7 @@ impl LdapState { if self.response_gap { match ldap_parse_msg(input) { - Ok((_, msg)) => { - let ldap_msg = LdapMessage::from(msg); - if ldap_msg.is_unknown() { - return AppLayerResult::err(); - } + Ok((_, _msg)) => { AppLayerResult::ok(); } Err(_e) => { @@ -518,9 +510,6 @@ fn probe(input: &[u8], direction: Direction, rdir: *mut u8) -> AppProto { match ldap_parse_msg(input) { Ok((_, msg)) => { let ldap_msg = LdapMessage::from(msg); - if ldap_msg.is_unknown() { - return ALPROTO_FAILED; - } if direction == Direction::ToServer && !ldap_msg.is_request() { unsafe { *rdir = Direction::ToClient.into(); diff --git a/rust/src/ldap/types.rs b/rust/src/ldap/types.rs index 901201b4a35e..575eb705966d 100644 --- a/rust/src/ldap/types.rs +++ b/rust/src/ldap/types.rs @@ -256,6 +256,11 @@ pub struct CompareRequest { pub ava: AttributeValueAssertion, } +#[derive(Clone, Debug, Eq, PartialEq)] +pub struct AbandonRequest { + pub message_id: u32, +} + #[derive(Clone, Debug, Eq, PartialEq)] pub struct ExtendedRequest { pub request_name: LdapOID, @@ -297,7 +302,7 @@ pub enum ProtocolOp { ExtendedRequest(ExtendedRequest), ExtendedResponse(ExtendedResponse), IntermediateResponse(IntermediateResponse), - Unknown, + AbandonRequest(AbandonRequest), } impl Display for ProtocolOp { @@ -320,10 +325,10 @@ impl Display for ProtocolOp { ProtocolOp::ModDnResponse(_) => write!(f, "mod_dn_response"), ProtocolOp::CompareRequest(_) => write!(f, "compare_request"), ProtocolOp::CompareResponse(_) => write!(f, "compare_response"), + ProtocolOp::AbandonRequest(_) => write!(f, "abandon_request"), ProtocolOp::ExtendedRequest(_) => write!(f, "extended_request"), ProtocolOp::ExtendedResponse(_) => write!(f, "extended_response"), ProtocolOp::IntermediateResponse(_) => write!(f, "intermediate_response"), - ProtocolOp::Unknown => write!(f, "unknown"), } } } @@ -376,7 +381,7 @@ impl From> for LdapMessage { ldap_parser::ldap::ProtocolOp::IntermediateResponse(msg) => { Self::from_intermediate_response(msg) } - ldap_parser::ldap::ProtocolOp::AbandonRequest(_) => ProtocolOp::Unknown, + ldap_parser::ldap::ProtocolOp::AbandonRequest(msg) => Self::from_abandon_request(msg), }; let controls = ldap_msg.controls.map(|ctls| { ctls.iter() @@ -397,13 +402,6 @@ impl From> for LdapMessage { } impl LdapMessage { - pub fn is_unknown(&self) -> bool { - match self.protocol_op { - ProtocolOp::Unknown => return true, - _ => return false, - } - } - pub fn is_request(&self) -> bool { match self.protocol_op { ProtocolOp::BindRequest(_) @@ -414,7 +412,7 @@ impl LdapMessage { | ProtocolOp::DelRequest(_) | ProtocolOp::ModDnRequest(_) | ProtocolOp::CompareRequest(_) - | ProtocolOp::Unknown // AbandonRequest + | ProtocolOp::AbandonRequest(_) | ProtocolOp::ExtendedRequest(_) => { return true; } @@ -589,6 +587,10 @@ impl LdapMessage { }) } + fn from_abandon_request(msg: ldap_parser::ldap::MessageID) -> ProtocolOp { + ProtocolOp::AbandonRequest(AbandonRequest {message_id: msg.0}) + } + fn from_extended_request(msg: ldap_parser::ldap::ExtendedRequest) -> ProtocolOp { ProtocolOp::ExtendedRequest(ExtendedRequest { request_name: LdapOID(msg.request_name.0.to_string()),