detect/krb5: use inspect api v2

5 years ago · 67d45f7e3c
parent 197f99a134
commit 67d45f7e3c
2 changed files with 28 additions and 38 deletions
--- a/src/detect-krb5-errcode.c
+++ b/src/detect-krb5-errcode.c
@ -49,11 +49,9 @@ static void DetectKrb5ErrCodeFree (DetectEngineCtx *, void *);
 static void DetectKrb5ErrCodeRegisterTests (void);
 #endif

-static int DetectEngineInspectKRB5Generic(ThreadVars *tv,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
-        const Signature *s, const SigMatchData *smd,
-        Flow *f, uint8_t flags, void *alstate,
-        void *txv, uint64_t tx_id);
+static int DetectEngineInspectKRB5Generic(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
+        const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f,
+        uint8_t flags, void *alstate, void *txv, uint64_t tx_id);

 static int g_krb5_err_code_list_id = 0;

@ -74,13 +72,12 @@ void DetectKrb5ErrCodeRegister(void)
 #ifdef UNITTESTS
    sigmatch_table[DETECT_AL_KRB5_ERRCODE].RegisterTests = DetectKrb5ErrCodeRegisterTests;
 #endif
-    DetectAppLayerInspectEngineRegister("krb5_err_code",
-            ALPROTO_KRB5, SIG_FLAG_TOSERVER, 0,
-            DetectEngineInspectKRB5Generic);

-    DetectAppLayerInspectEngineRegister("krb5_err_code",
-            ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 0,
-            DetectEngineInspectKRB5Generic);
+    DetectAppLayerInspectEngineRegister2("krb5_err_code", ALPROTO_KRB5, SIG_FLAG_TOSERVER, 0,
+            DetectEngineInspectKRB5Generic, NULL);
+
+    DetectAppLayerInspectEngineRegister2("krb5_err_code", ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 0,
+            DetectEngineInspectKRB5Generic, NULL);

    /* set up the PCRE for keyword parsing */
    DetectSetupParseRegexes(PARSE_REGEX, &parse_regex);
@ -89,14 +86,12 @@ void DetectKrb5ErrCodeRegister(void)
    SCLogDebug("g_krb5_err_code_list_id %d", g_krb5_err_code_list_id);
 }

-static int DetectEngineInspectKRB5Generic(ThreadVars *tv,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
-        const Signature *s, const SigMatchData *smd,
-        Flow *f, uint8_t flags, void *alstate,
-        void *txv, uint64_t tx_id)
+static int DetectEngineInspectKRB5Generic(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
+        const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f,
+        uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
 {
-    return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd,
-                                          f, flags, alstate, txv, tx_id);
+    return DetectEngineInspectGenericList(
+            NULL, de_ctx, det_ctx, s, engine->smd, f, flags, alstate, txv, tx_id);
 }

 /**
@ -261,4 +256,4 @@ static void DetectKrb5ErrCodeRegisterTests(void)
    UtRegisterTest("DetectKrb5ErrCodeSignatureTest01",
                   DetectKrb5ErrCodeSignatureTest01);
 }
-#endif /* UNITTESTS */
+#endif /* UNITTESTS */
--- a/src/detect-krb5-msgtype.c
+++ b/src/detect-krb5-msgtype.c
@ -49,11 +49,9 @@ static void DetectKrb5MsgTypeFree (DetectEngineCtx *, void *);
 static void DetectKrb5MsgTypeRegisterTests (void);
 #endif

-static int DetectEngineInspectKRB5Generic(ThreadVars *tv,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
-        const Signature *s, const SigMatchData *smd,
-        Flow *f, uint8_t flags, void *alstate,
-        void *txv, uint64_t tx_id);
+static int DetectEngineInspectKRB5Generic(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
+        const DetectEngineAppInspectionEngine *engine, const Signature *s, Flow *f, uint8_t flags,
+        void *alstate, void *txv, uint64_t tx_id);

 static int g_krb5_msg_type_list_id = 0;

@ -74,13 +72,12 @@ void DetectKrb5MsgTypeRegister(void)
 #ifdef UNITTESTS
    sigmatch_table[DETECT_AL_KRB5_MSGTYPE].RegisterTests = DetectKrb5MsgTypeRegisterTests;
 #endif
-    DetectAppLayerInspectEngineRegister("krb5_msg_type",
-            ALPROTO_KRB5, SIG_FLAG_TOSERVER, 0,
-            DetectEngineInspectKRB5Generic);

-    DetectAppLayerInspectEngineRegister("krb5_msg_type",
-            ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 0,
-            DetectEngineInspectKRB5Generic);
+    DetectAppLayerInspectEngineRegister2("krb5_msg_type", ALPROTO_KRB5, SIG_FLAG_TOSERVER, 0,
+            DetectEngineInspectKRB5Generic, NULL);
+
+    DetectAppLayerInspectEngineRegister2("krb5_msg_type", ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 0,
+            DetectEngineInspectKRB5Generic, NULL);

    /* set up the PCRE for keyword parsing */
    DetectSetupParseRegexes(PARSE_REGEX, &parse_regex);
@ -89,14 +86,12 @@ void DetectKrb5MsgTypeRegister(void)
    SCLogDebug("g_krb5_msg_type_list_id %d", g_krb5_msg_type_list_id);
 }

-static int DetectEngineInspectKRB5Generic(ThreadVars *tv,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
-        const Signature *s, const SigMatchData *smd,
-        Flow *f, uint8_t flags, void *alstate,
-        void *txv, uint64_t tx_id)
+static int DetectEngineInspectKRB5Generic(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
+        const DetectEngineAppInspectionEngine *engine, const Signature *s, Flow *f, uint8_t flags,
+        void *alstate, void *txv, uint64_t tx_id)
 {
-    return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd,
-                                          f, flags, alstate, txv, tx_id);
+    return DetectEngineInspectGenericList(
+            NULL, de_ctx, det_ctx, s, engine->smd, f, flags, alstate, txv, tx_id);
 }

 /**
@ -259,4 +254,4 @@ static void DetectKrb5MsgTypeRegisterTests(void)
    UtRegisterTest("DetectKrb5MsgTypeSignatureTest01",
                   DetectKrb5MsgTypeSignatureTest01);
 }
-#endif /* UNITTESTS */
+#endif /* UNITTESTS */