Project

General

Profile

Actions
Copy link

Feature #4566

open
JF JF

pgsql: add subprotocol-states

Feature #4566: pgsql: add subprotocol-states

Added by Juliana Fajardini Reichow over 4 years ago. Updated 5 months ago.

Status:
In Progress
Priority:
Normal
Assignee:
Juliana Fajardini Reichow
Target version:
9.0.0-beta1
Effort:
Difficulty:
Label:
Protocol

Description

In order to keep adding PostgreSQL support in Suricata, cover sub-protocol states:
- Extended query
- COPY operators
- Replication
- Function call
- Termination

Even though PostgreSQL refers to those as sub-protocols, to Suri, they're more like sub-states, where we'll expect to parse different sets of messages.

These could then be used in some Detect situations as well.

More details about each sub-protocol can be found in the protocol official documentation: https://www.postgresql.org/docs/13/protocol-flow.html

Subtasks 4 (2 open2 closed)

Feature #4854: pgsql: Add COPY subprotocol-stateIn ProgressJuliana Fajardini ReichowActions
Feature #7644: pgsql: add CopyOut subprotocol/modeClosedJuliana Fajardini ReichowActions
Feature #7645: pgsql: add CopyIn subprotocol/modeClosedJuliana Fajardini ReichowActions
Feature #7646: pgsql: add CopyBoth subprotocol/modeAssignedJuliana Fajardini ReichowActions

Related issues 1 (0 open1 closed)

Related to Suricata - Feature #4241: Protocol support: PostgreSQL (pgsql)ClosedJuliana Fajardini ReichowActions

JF Updated by Juliana Fajardini Reichow over 4 years ago Actions
Copy link
 #1

  • Assignee set to Juliana Fajardini Reichow

JF Updated by Juliana Fajardini Reichow over 4 years ago Actions
Copy link
 #2

  • Related to Feature #4241: Protocol support: PostgreSQL (pgsql) added

JF Updated by Juliana Fajardini Reichow over 4 years ago Actions
Copy link
 #3

  • Subject changed from Protocol support: PostgreSQL - add subprotocols to Protocol support: PostgreSQL - add subprotocol-states
  • Description updated (diff)

Updating to better explain what sub-protocols meant, here.

VJ Updated by Victor Julien over 4 years ago Actions
Copy link
 #4

  • Subject changed from Protocol support: PostgreSQL - add subprotocol-states to pgsql: add subprotocol-states

VJ Updated by Victor Julien over 3 years ago Actions
Copy link
 #5

  • Target version changed from 7.0.0-beta1 to 8.0.0-beta1

VJ Updated by Victor Julien about 1 year ago Actions
Copy link
 #6

  • Target version changed from 8.0.0-beta1 to 8.0.0-rc1

JF Updated by Juliana Fajardini Reichow about 1 year ago Actions
Copy link
 #7

Reading and re-reading https://www.postgresql.org/docs/13/protocol-flow.html#PROTOCOL-COPY, I wonder if this shouldn't be veered towards having different modes, that could then accept and process certain kinds of messages -- and if there is any difference in this, or just terminology. Maybe there is, because, for instance, both Simple Query and Extended Query are covered by the command-processing mode.

On the other hand, this may be a level of detail that is only important to the pgsql server to know, and not to Suri... (leaving these thoughts here to keep them saved)

JF Updated by Juliana Fajardini Reichow 10 months ago Actions
Copy link
 #8

  • Status changed from New to In Progress

VJ Updated by Victor Julien 10 months ago Actions
Copy link
 #9

  • Target version changed from 8.0.0-rc1 to 9.0.0-beta1
Actions
Copy link

Also available in: PDF Atom