aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect/tls.version: allow using rule hook

Browse Source 
tls.version isn't hooked to a specific state by default. Allow it
to register at the rule hook.
pull/12979/head
Victor Julien 8 months ago committed by Victor Julien
parent 4071acd659
commit 95ed975cca
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File

8
src/detect-tls-version.c
Unescape Escape View File

@ -240,11 +240,15 @@ static int DetectTlsVersionSetup (DetectEngineCtx *de_ctx, Signature *s, const c
if (tls == NULL)
goto error;
/* keyword supports multiple hooks, so attach to the hook specified in the rule. */
int list = g_tls_generic_list_id;
/* Okay so far so good, lets get this into a SigMatch
* and put it in the Signature. */
if (s->init_data->hook.type == SIGNATURE_HOOK_TYPE_APP) {
list = s->init_data->hook.sm_list;
}
if (SigMatchAppendSMToList(
de_ctx, s, DETECT_TLS_VERSION, (SigMatchCtx *)tls, g_tls_generic_list_id) == NULL) {
if (SigMatchAppendSMToList(de_ctx, s, DETECT_TLS_VERSION, (SigMatchCtx *)tls, list) == NULL) {
goto error;
}

Write Preview
Loading…
Cancel
Save