aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect/tls: use list util in tests; cleanups

Browse Source
pull/8732/head
Victor Julien 3 years ago
parent ad3088be14
commit 10a1c15ac0
5 changed files with 36 additions and 40 deletions
Show Stats Download Patch File Download Diff File

19
src/tests/detect-tls-cert-fingerprint.c
Unescape Escape View File

@ -32,20 +32,21 @@ static int DetectTlsFingerprintTest01(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
"(msg:\"Testing tls.cert_fingerprint\"; "
"tls.cert_fingerprint; "
"content:\"11:22:33:44:55:66:77:88:99:00:11:22:33:44:55:66:77:88:99:00\"; "
"sid:1;)");
FAIL_IF_NULL(de_ctx->sig_list);
Signature *s = DetectEngineAppendSig(de_ctx,
"alert tls any any -> any any "
"(msg:\"Testing tls.cert_fingerprint\"; "
"tls.cert_fingerprint; "
"content:\"11:22:33:44:55:66:77:88:99:00:11:22:33:44:55:66:77:88:99:00\"; "
"sid:1;)");
FAIL_IF_NULL(s);
/* sm should not be in the MATCH list */
SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
sm = de_ctx->sig_list->sm_lists[g_tls_cert_fingerprint_buffer_id];
sm = DetectBufferGetFirstSigMatch(s, g_tls_cert_fingerprint_buffer_id);
FAIL_IF_NULL(sm);
FAIL_IF(sm->type != DETECT_CONTENT);

14
src/tests/detect-tls-cert-issuer.c
Unescape Escape View File

@ -34,18 +34,18 @@ static int DetectTlsIssuerTest01(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
"(msg:\"Testing tls.cert_issuer\"; "
"tls.cert_issuer; content:\"test\"; sid:1;)");
FAIL_IF_NULL(de_ctx->sig_list);
Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
"(msg:\"Testing tls.cert_issuer\"; "
"tls.cert_issuer; content:\"test\"; sid:1;)");
FAIL_IF_NULL(s);
/* sm should not be in the MATCH list */
SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
sm = de_ctx->sig_list->sm_lists[g_tls_cert_issuer_buffer_id];
sm = DetectBufferGetFirstSigMatch(s, g_tls_cert_issuer_buffer_id);
FAIL_IF_NULL(sm);
FAIL_IF(sm->type != DETECT_CONTENT);

16
src/tests/detect-tls-cert-serial.c
Unescape Escape View File

@ -34,26 +34,24 @@ static int DetectTlsSerialTest01(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
"(msg:\"Testing tls.cert_serial\"; "
"tls.cert_serial; content:\"XX:XX:XX\"; sid:1;)");
FAIL_IF_NULL(de_ctx->sig_list);
Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
"(msg:\"Testing tls.cert_serial\"; "
"tls.cert_serial; content:\"XX:XX:XX\"; sid:1;)");
FAIL_IF_NULL(s);
/* sm should not be in the MATCH list */
SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
sm = de_ctx->sig_list->sm_lists[g_tls_cert_serial_buffer_id];
sm = DetectBufferGetFirstSigMatch(s, g_tls_cert_serial_buffer_id);
FAIL_IF_NULL(sm);
FAIL_IF(sm->type != DETECT_CONTENT);
FAIL_IF_NOT_NULL(sm->next);
SigGroupCleanup(de_ctx);
DetectEngineCtxFree(de_ctx);
PASS;
}

14
src/tests/detect-tls-cert-subject.c
Unescape Escape View File

@ -34,18 +34,18 @@ static int DetectTlsSubjectTest01(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
"(msg:\"Testing tls.cert_subject\"; "
"tls.cert_subject; content:\"test\"; sid:1;)");
FAIL_IF_NULL(de_ctx->sig_list);
Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
"(msg:\"Testing tls.cert_subject\"; "
"tls.cert_subject; content:\"test\"; sid:1;)");
FAIL_IF_NULL(s);
/* sm should not be in the MATCH list */
SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
sm = de_ctx->sig_list->sm_lists[g_tls_cert_subject_buffer_id];
sm = DetectBufferGetFirstSigMatch(s, g_tls_cert_subject_buffer_id);
FAIL_IF_NULL(sm);
FAIL_IF(sm->type != DETECT_CONTENT);

13
src/tests/detect-tls-certs.c
Unescape Escape View File

@ -34,26 +34,23 @@ static int DetectTlsCertsTest01(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
"(msg:\"Testing tls.certs\"; tls.certs; "
"content:\"|01 02 03 04 05|\"; sid:1;)");
Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
"(msg:\"Testing tls.certs\"; tls.certs; "
"content:\"|01 02 03 04 05|\"; sid:1;)");
FAIL_IF_NULL(de_ctx->sig_list);
/* sm should not be in the MATCH list */
SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
sm = de_ctx->sig_list->sm_lists[g_tls_certs_buffer_id];
sm = DetectBufferGetFirstSigMatch(s, g_tls_certs_buffer_id);
FAIL_IF_NULL(sm);
FAIL_IF(sm->type != DETECT_CONTENT);
FAIL_IF_NOT_NULL(sm->next);
SigCleanSignatures(de_ctx);
DetectEngineCtxFree(de_ctx);
PASS;
}

Write Preview
Loading…
Cancel
Save