Project

General

Profile

Actions
Copy link

Feature #4566

open

pgsql: add subprotocol-states

Added by Juliana Fajardini Reichow almost 4 years ago. Updated 8 days ago.

Status:
In Progress
Priority:
Normal
Assignee:
Juliana Fajardini Reichow
Target version:
9.0.0-beta1
Effort:
Difficulty:
Label:
Protocol

Description

In order to keep adding PostgreSQL support in Suricata, cover sub-protocol states:
- Extended query
- COPY operators
- Replication
- Function call
- Termination

Even though PostgreSQL refers to those as sub-protocols, to Suri, they're more like sub-states, where we'll expect to parse different sets of messages.

These could then be used in some Detect situations as well.

More details about each sub-protocol can be found in the protocol official documentation: https://www.postgresql.org/docs/13/protocol-flow.html

Subtasks 4 (2 open2 closed)

Feature #4854: pgsql: Add COPY subprotocol-stateIn ProgressJuliana Fajardini ReichowActions
Feature #7644: pgsql: add CopyOut subprotocol/modeClosedJuliana Fajardini ReichowActions
Feature #7645: pgsql: add CopyIn subprotocol/modeClosedJuliana Fajardini ReichowActions
Feature #7646: pgsql: add CopyBoth subprotocol/modeNewJuliana Fajardini ReichowActions

Related issues 1 (0 open1 closed)

Related to Suricata - Feature #4241: Protocol support: PostgreSQL (pgsql)ClosedJuliana Fajardini ReichowActions
Actions
Copy link
 #1

Updated by Juliana Fajardini Reichow almost 4 years ago

  • Assignee set to Juliana Fajardini Reichow
Actions
Copy link
 #2

Updated by Juliana Fajardini Reichow almost 4 years ago

  • Related to Feature #4241: Protocol support: PostgreSQL (pgsql) added
Actions
Copy link
 #3

Updated by Juliana Fajardini Reichow over 3 years ago

  • Subject changed from Protocol support: PostgreSQL - add subprotocols to Protocol support: PostgreSQL - add subprotocol-states
  • Description updated (diff)

Updating to better explain what sub-protocols meant, here.

Actions
Copy link
 #4

Updated by Victor Julien over 3 years ago

  • Subject changed from Protocol support: PostgreSQL - add subprotocol-states to pgsql: add subprotocol-states
Actions
Copy link
 #5

Updated by Victor Julien over 2 years ago

  • Target version changed from 7.0.0-beta1 to 8.0.0-beta1
Actions
Copy link
 #6

Updated by Victor Julien 3 months ago

  • Target version changed from 8.0.0-beta1 to 8.0.0-rc1
Actions
Copy link
 #7

Updated by Juliana Fajardini Reichow 3 months ago

Reading and re-reading https://www.postgresql.org/docs/13/protocol-flow.html#PROTOCOL-COPY, I wonder if this shouldn't be veered towards having different modes, that could then accept and process certain kinds of messages -- and if there is any difference in this, or just terminology. Maybe there is, because, for instance, both Simple Query and Extended Query are covered by the command-processing mode.

On the other hand, this may be a level of detail that is only important to the pgsql server to know, and not to Suri... (leaving these thoughts here to keep them saved)

Actions
Copy link
 #8

Updated by Juliana Fajardini Reichow 21 days ago

  • Status changed from New to In Progress
Actions
Copy link
 #9

Updated by Victor Julien 21 days ago

  • Target version changed from 8.0.0-rc1 to 9.0.0-beta1
Actions
Copy link

Also available in: Atom PDF