bindgen: use bindgen to provide Rust bindings to C - v8

configure.ac

@@ -2269,6 +2269,9 @@ fi
        fi
     fi
 
+    AC_PATH_PROG([BINDGEN], [bindgen], [no])
+    AM_CONDITIONAL([HAVE_BINDGEN], [test "x$BINDGEN" != "xno"])
+
     AC_PATH_PROG(CBINDGEN, cbindgen, "no")
     if test "x$CBINDGEN" != "xno"; then
       cbindgen_version=$(cbindgen --version 2>&1 | cut -d' ' -f2-)
@@ -2516,6 +2519,7 @@ AC_SUBST(enable_non_bundled_htp)
 AM_CONDITIONAL([BUILD_SHARED_LIBRARY], [test "x$enable_shared" = "xyes"] && [test "x$can_build_shared_library" = "xyes"])
 
 AC_CONFIG_FILES(Makefile src/Makefile rust/Makefile rust/Cargo.lock rust/Cargo.toml rust/derive/Cargo.toml rust/.cargo/config.toml)
+AC_CONFIG_FILES(rust/sys/Makefile rust/sys/Cargo.toml)
 AC_CONFIG_FILES(qa/Makefile qa/coccinelle/Makefile)
 AC_CONFIG_FILES(rules/Makefile doc/Makefile doc/userguide/Makefile)
 AC_CONFIG_FILES(contrib/Makefile contrib/file_processor/Makefile contrib/file_processor/Action/Makefile contrib/file_processor/Processor/Makefile)

rust/Cargo.toml.in

@@ -7,7 +7,7 @@ edition = "2021"
 rust-version = "1.67.1"
 
 [workspace]
-members = [".", "./derive"]
+members = [".", "./derive", "sys"]
 
 [lib]
 crate-type = ["staticlib", "rlib"]
@@ -68,6 +68,7 @@ hex = "~0.4.3"
 time = "~0.3.36"
 
 suricata-derive = { path = "./derive", version = "@PACKAGE_VERSION@" }
+suricata-sys = { path = "./sys", version = "@PACKAGE_VERSION@" }
 
 suricata-lua-sys = { version = "0.1.0-alpha.5" }
 

rust/Makefile.am

@@ -1,10 +1,14 @@
+SUBDIRS =	sys
+
 EXTRA_DIST =	src derive \
 		.cargo/config.toml.in \
 		cbindgen.toml \
 		dist/rust-bindings.h \
 		vendor \
 		Cargo.toml Cargo.lock \
-		derive/Cargo.toml
+		derive/Cargo.toml \
+		sys \
+		sys/Cargo.toml
 
 if !DEBUG
 RELEASE = --release
@@ -75,14 +79,49 @@ clean-local:
 distclean-local:
 	rm -rf vendor dist
 
+check-bindgen-bindings:
+if HAVE_BINDGEN
+	if test "$(top_srcdir)" = "$(top_builddir)"; then \
+		cp sys/src/sys.rs sys/src/sys.rs.orig; \
+		$(MAKE) update-bindings; \
+		if diff sys/src/sys.rs sys/src/sys.rs.orig > /dev/null 2>&1; then \
+			rm -f sys/src/sys.rs.orig; \
+		else \
+			echo "WARNING: bindgen bindings may be out of date"; \
+		fi \
+	else \
+		echo "Not checking bindings for out of tree build"; \
+	fi
+else
+	@echo "Unable to check bindgen bindings: bindgen not found"
+endif
+
 check:
 	cd $(abs_top_srcdir)/rust && \
 		$(CARGO_ENV) \
 		$(CARGO) test --all $(RELEASE) --features "$(RUST_FEATURES)"
+	$(MAKE) check-bindgen-bindings
 
 vendor:
 	$(CARGO_ENV) $(CARGO) vendor
 
+update-bindings:
+if HAVE_BINDGEN
+	$(BINDGEN) \
+		-o sys/src/sys.rs \
+		--rust-target 1.71 \
+		--disable-header-comment \
+		--default-enum-style rust \
+		--allowlist-type 'AppProto.*' \
+		--allowlist-function 'AppProto.*' \
+		$(abs_top_srcdir)/src/bindgen.h \
+		-- \
+		-DHAVE_CONFIG_H -I../src -I../rust/gen $(CPPFLAGS)
+else
+	@echo "error: bindgen not installed, can't update bindings"
+	exit 1
+endif
+
 if HAVE_CBINDGEN
 gen/rust-bindings.h: $(RUST_SURICATA_LIB)
 	cd $(abs_top_srcdir)/rust && \

rust/src/applayer.rs

@@ -18,7 +18,7 @@
 //! Parser registration functions and common interface module.
 
 use std;
-use crate::core::{self,DetectEngineState,AppLayerEventType,AppProto};
+use crate::core::{self,DetectEngineState,AppLayerEventType};
 use crate::direction::Direction;
 use crate::filecontainer::FileContainer;
 use crate::flow::Flow;
@@ -30,6 +30,7 @@ use crate::core::StreamingBufferConfig;
 // Make the AppLayerEvent derive macro available to users importing
 // AppLayerEvent from this module.
 pub use suricata_derive::AppLayerEvent;
+use suricata_sys::sys::AppProto;
 
 #[repr(C)]
 pub struct StreamSlice {

rust/src/applayertemplate/template.rs

@@ -18,9 +18,10 @@
 use super::parser;
 use crate::applayer::{self, *};
 use crate::conf::conf_get;
-use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::core::{ALPROTO_UNKNOWN, IPPROTO_TCP};
 use crate::flow::Flow;
 use nom7 as nom;
+use suricata_sys::sys::AppProto;
 use std;
 use std::collections::VecDeque;
 use std::ffi::CString;

rust/src/bittorrent_dht/bittorrent_dht.rs

@@ -15,11 +15,13 @@
  * 02110-1301, USA.
  */
 
+use suricata_sys::sys::AppProto;
+
 use crate::applayer::{self, *};
 use crate::bittorrent_dht::parser::{
     parse_bittorrent_dht_packet, BitTorrentDHTError, BitTorrentDHTRequest, BitTorrentDHTResponse,
 };
-use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_UDP};
+use crate::core::{ALPROTO_UNKNOWN, IPPROTO_UDP};
 use crate::direction::Direction;
 use crate::flow::Flow;
 use std::ffi::CString;

rust/src/core.rs

@@ -18,6 +18,8 @@
 //! This module exposes items from the core "C" code to Rust.
 
 use std;
+use suricata_sys::sys::{AppProto, AppProtoEnum};
+
 use crate::filecontainer::*;
 use crate::flow::Flow;
 
@@ -41,11 +43,8 @@ pub const STREAM_GAP:      u8 = 0x10;
 pub const STREAM_DEPTH:    u8 = 0x20;
 pub const STREAM_MIDSTREAM:u8 = 0x40;
 
-// Application layer protocol identifiers (app-layer-protos.h)
-pub type AppProto = u16;
-
-pub const ALPROTO_UNKNOWN : AppProto = 0;
-pub const ALPROTO_FAILED : AppProto = 1;
+pub const ALPROTO_UNKNOWN : AppProto = AppProtoEnum::ALPROTO_UNKNOWN as AppProto;
+pub const ALPROTO_FAILED : AppProto = AppProtoEnum::ALPROTO_FAILED as AppProto;
 
 pub const IPPROTO_TCP : u8 = 6;
 pub const IPPROTO_UDP : u8 = 17;

rust/src/dcerpc/dcerpc.rs

@@ -23,6 +23,7 @@ use crate::flow::Flow;
 use nom7::error::{Error, ErrorKind};
 use nom7::number::Endianness;
 use nom7::{Err, IResult, Needed};
+use suricata_sys::sys::AppProto;
 use std;
 use std::cmp;
 use std::ffi::CString;
@@ -1178,7 +1179,7 @@ pub unsafe extern "C" fn rs_dcerpc_parse_response(
 }
 
 #[no_mangle]
-pub extern "C" fn rs_dcerpc_state_new(_orig_state: *mut std::os::raw::c_void, _orig_proto: core::AppProto) -> *mut std::os::raw::c_void {
+pub extern "C" fn rs_dcerpc_state_new(_orig_state: *mut std::os::raw::c_void, _orig_proto: AppProto) -> *mut std::os::raw::c_void {
     let state = DCERPCState::new();
     let boxed = Box::new(state);
     return Box::into_raw(boxed) as *mut _;

rust/src/dcerpc/dcerpc_udp.rs

@@ -24,6 +24,7 @@ use crate::dcerpc::dcerpc::{
 use crate::direction::{Direction, DIR_BOTH};
 use crate::flow::Flow;
 use nom7::Err;
+use suricata_sys::sys::AppProto;
 use std;
 use std::ffi::CString;
 use std::collections::VecDeque;
@@ -252,7 +253,7 @@ pub extern "C" fn rs_dcerpc_udp_state_free(state: *mut std::os::raw::c_void) {
 }
 
 #[no_mangle]
-pub extern "C" fn rs_dcerpc_udp_state_new(_orig_state: *mut std::os::raw::c_void, _orig_proto: core::AppProto) -> *mut std::os::raw::c_void {
+pub extern "C" fn rs_dcerpc_udp_state_new(_orig_state: *mut std::os::raw::c_void, _orig_proto: AppProto) -> *mut std::os::raw::c_void {
     let state = DCERPCUDPState::new();
     let boxed = Box::new(state);
     return Box::into_raw(boxed) as *mut _;
@@ -313,7 +314,7 @@ fn probe(input: &[u8]) -> (bool, bool) {
 }
 
 pub unsafe extern "C" fn rs_dcerpc_probe_udp(_f: *const Flow, direction: u8, input: *const u8,
-                                      len: u32, rdir: *mut u8) -> core::AppProto
+                                      len: u32, rdir: *mut u8) -> AppProto
 {
     SCLogDebug!("Probing the packet for DCERPC/UDP");
     if len == 0 || input.is_null() {

rust/src/detect/mod.rs

@@ -31,9 +31,10 @@ pub mod uri;
 pub mod tojson;
 pub mod vlan;
 
-use crate::core::AppProto;
 use std::os::raw::{c_int, c_void};
 
+use suricata_sys::sys::AppProto;
+
 /// EnumString trait that will be implemented on enums that
 /// derive StringEnum.
 pub trait EnumString<T> {

rust/src/dhcp/dhcp.rs

@@ -15,8 +15,10 @@
  * 02110-1301, USA.
  */
 
+use suricata_sys::sys::AppProto;
+
 use crate::applayer::{self, *};
-use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_UDP};
+use crate::core::{ALPROTO_UNKNOWN, IPPROTO_UDP};
 use crate::dhcp::parser::*;
 use crate::flow::Flow;
 use std;

rust/src/dns/dns.rs

@@ -30,6 +30,7 @@ use crate::frames::Frame;
 
 use nom7::number::streaming::be_u16;
 use nom7::{Err, IResult};
+use suricata_sys::sys::AppProto;
 
 /// DNS record types.
 pub const DNS_RECORD_TYPE_A: u16 = 1;

rust/src/enip/enip.rs

@@ -20,14 +20,15 @@ use super::parser;
 use crate::applayer::{self, *};
 use crate::conf::conf_get;
 use crate::core::{
-    AppProto, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP,
+    ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP,
     STREAM_TOCLIENT, STREAM_TOSERVER,
 };
 use crate::detect::EnumString;
 use crate::direction::Direction;
 use crate::flow::Flow;
 use crate::frames::Frame;
 use nom7 as nom;
+use suricata_sys::sys::AppProto;
 use std;
 use std::collections::VecDeque;
 use std::ffi::CString;

rust/src/http2/http2.rs

@@ -32,6 +32,7 @@ use crate::frames::Frame;
 use crate::dns::dns::{dns_parse_request, dns_parse_response, DNSTransaction};
 
 use nom7::Err;
+use suricata_sys::sys::AppProto;
 use std;
 use std::collections::VecDeque;
 use std::ffi::CString;

rust/src/ike/ike.rs

@@ -29,6 +29,7 @@ use crate::ike::ikev1::{handle_ikev1, IkeV1Header, Ikev1Container};
 use crate::ike::ikev2::{handle_ikev2, Ikev2Container};
 use crate::ike::parser::*;
 use nom7::Err;
+use suricata_sys::sys::AppProto;
 use std;
 use std::collections::HashSet;
 use std::ffi::CString;

rust/src/krb/krb5.rs

@@ -26,9 +26,10 @@ use der_parser::ber::Class;
 use kerberos_parser::krb5_parser;
 use kerberos_parser::krb5::{EncryptionType,ErrorCode,MessageType,PrincipalName,Realm,KrbError};
 use asn1_rs::FromDer;
+use suricata_sys::sys::AppProto;
 use crate::applayer::{self, *};
 use crate::core;
-use crate::core::{AppProto,ALPROTO_FAILED,ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP};
+use crate::core::{ALPROTO_FAILED,ALPROTO_UNKNOWN, IPPROTO_TCP, IPPROTO_UDP};
 use crate::direction::Direction;
 use crate::flow::Flow;
 

rust/src/ldap/ldap.rs

@@ -24,6 +24,7 @@ use crate::direction::Direction;
 use crate::flow::Flow;
 use crate::frames::*;
 use nom7 as nom;
+use suricata_sys::sys::AppProto;
 use std;
 use std::collections::VecDeque;
 use std::ffi::CString;

rust/src/modbus/modbus.rs

@@ -15,7 +15,7 @@
 * 02110-1301, USA.
 */
 use crate::applayer::{self, *};
-use crate::core::{AppProto, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::core::{ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP};
 use crate::flow::Flow;
 
 use std::ffi::CString;
@@ -25,6 +25,7 @@ use sawp::error::ErrorKind as SawpErrorKind;
 use sawp::parser::{Direction, Parse};
 use sawp::probe::{Probe, Status};
 use sawp_modbus::{self, AccessType, ErrorFlags, Flags, Message};
+use suricata_sys::sys::AppProto;
 
 pub const REQUEST_FLOOD: usize = 500; // Default unreplied Modbus requests are considered a flood
 pub const MODBUS_PARSER: sawp_modbus::Modbus = sawp_modbus::Modbus { probe_strict: true };

rust/src/mqtt/mqtt.rs

@@ -27,6 +27,7 @@ use crate::direction::Direction;
 use crate::flow::Flow;
 use crate::frames::*;
 use nom7::Err;
+use suricata_sys::sys::AppProto;
 use std;
 use std::collections::VecDeque;
 use std::ffi::CString;

rust/src/nfs/nfs.rs

@@ -23,6 +23,7 @@ use std::collections::HashMap;
 use std::ffi::CString;
 
 use nom7::{Err, Needed};
+use suricata_sys::sys::AppProto;
 
 use crate::applayer;
 use crate::applayer::*;

rust/src/ntp/ntp.rs

@@ -21,13 +21,14 @@ extern crate ntp_parser;
 use self::ntp_parser::*;
 use crate::applayer::{self, *};
 use crate::core;
-use crate::core::{AppProto, ALPROTO_FAILED, ALPROTO_UNKNOWN};
+use crate::core::{ALPROTO_FAILED, ALPROTO_UNKNOWN};
 use crate::direction::Direction;
 use crate::flow::Flow;
 use std;
 use std::ffi::CString;
 
 use nom7::Err;
+use suricata_sys::sys::AppProto;
 
 #[derive(AppLayerEvent)]
 pub enum NTPEvent {

rust/src/pgsql/pgsql.rs

@@ -22,10 +22,11 @@
 use super::parser::{self, ConsolidatedDataRowPacket, PgsqlBEMessage, PgsqlFEMessage};
 use crate::applayer::*;
 use crate::conf::*;
-use crate::core::{AppProto, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, *};
+use crate::core::{ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_TCP, *};
 use crate::direction::Direction;
 use crate::flow::Flow;
 use nom7::{Err, IResult};
+use suricata_sys::sys::AppProto;
 use std;
 use std::collections::VecDeque;
 use std::ffi::CString;

rust/src/quic/quic.rs

@@ -22,9 +22,10 @@ use super::{
     parser::{quic_pkt_num, QuicData, QuicHeader, QuicType},
 };
 use crate::{applayer::{self, *}, direction::Direction, flow::Flow};
-use crate::core::{AppProto, ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_UDP};
+use crate::core::{ALPROTO_FAILED, ALPROTO_UNKNOWN, IPPROTO_UDP};
 use std::collections::VecDeque;
 use std::ffi::CString;
+use suricata_sys::sys::AppProto;
 use tls_parser::TlsExtensionType;
 
 static mut ALPROTO_QUIC: AppProto = ALPROTO_UNKNOWN;

rust/src/rdp/rdp.rs

@@ -20,10 +20,11 @@
 //! RDP application layer
 
 use crate::applayer::{self, *};
-use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::core::{ALPROTO_UNKNOWN, IPPROTO_TCP};
 use crate::flow::Flow;
 use crate::rdp::parser::*;
 use nom7::Err;
+use suricata_sys::sys::AppProto;
 use std;
 use std::collections::VecDeque;
 use tls_parser::{parse_tls_plaintext, TlsMessage, TlsMessageHandshake, TlsRecordType};

rust/src/rfb/rfb.rs

@@ -21,11 +21,12 @@
 use super::parser;
 use crate::applayer;
 use crate::applayer::*;
-use crate::core::{AppProto, ALPROTO_UNKNOWN, IPPROTO_TCP};
+use crate::core::{ALPROTO_UNKNOWN, IPPROTO_TCP};
 use crate::direction::Direction;
 use crate::flow::Flow;
 use crate::frames::*;
 use nom7::Err;
+use suricata_sys::sys::AppProto;
 use std;
 use std::ffi::CString;
 use std::os::raw::c_char;