detect/rfb: convert to v2 inspect API

5 years ago · 962230040a
parent b11cc0fbcd
commit 962230040a
2 changed files with 21 additions and 31 deletions
--- a/src/detect-rfb-secresult.c
+++ b/src/detect-rfb-secresult.c
@ -47,11 +47,9 @@ static void RfbSecresultRegisterTests(void);
 #endif
 void DetectRfbSecresultFree(DetectEngineCtx *, void *);

-static int DetectEngineInspectRfbSecresultGeneric(ThreadVars *tv,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
-        const Signature *s, const SigMatchData *smd,
-        Flow *f, uint8_t flags, void *alstate,
-        void *txv, uint64_t tx_id);
+static int DetectEngineInspectRfbSecresultGeneric(DetectEngineCtx *de_ctx,
+        DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine,
+        const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id);

 typedef struct DetectRfbSecresultData_ {
    uint32_t result; /** result code */
@ -73,21 +71,18 @@ void DetectRfbSecresultRegister (void)
 #endif
    DetectSetupParseRegexes(PARSE_REGEX, &parse_regex);

-    DetectAppLayerInspectEngineRegister("rfb.secresult",
-            ALPROTO_RFB, SIG_FLAG_TOCLIENT, 1,
-            DetectEngineInspectRfbSecresultGeneric);
+    DetectAppLayerInspectEngineRegister2("rfb.secresult", ALPROTO_RFB, SIG_FLAG_TOCLIENT, 1,
+            DetectEngineInspectRfbSecresultGeneric, NULL);

    rfb_secresult_id = DetectBufferTypeGetByName("rfb.secresult");
 }

-static int DetectEngineInspectRfbSecresultGeneric(ThreadVars *tv,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
-        const Signature *s, const SigMatchData *smd,
-        Flow *f, uint8_t flags, void *alstate,
-        void *txv, uint64_t tx_id)
+static int DetectEngineInspectRfbSecresultGeneric(DetectEngineCtx *de_ctx,
+        DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine,
+        const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
 {
-    return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd,
-                                          f, flags, alstate, txv, tx_id);
+    return DetectEngineInspectGenericList(
+            NULL, de_ctx, det_ctx, s, engine->smd, f, flags, alstate, txv, tx_id);
 }

 enum {
@ -311,4 +306,4 @@ void RfbSecresultRegisterTests(void)
    UtRegisterTest("RfbSecresultTestParse01", RfbSecresultTestParse01);
    UtRegisterTest("RfbSecresultTestParse02", RfbSecresultTestParse02);
 }
-#endif /* UNITTESTS */
+#endif /* UNITTESTS */
--- a/src/detect-rfb-sectype.c
+++ b/src/detect-rfb-sectype.c
@ -56,11 +56,9 @@ static int DetectRfbSectypeSetup (DetectEngineCtx *, Signature *s, const char *s
 static void DetectRfbSectypeFree(DetectEngineCtx *, void *);
 static int g_rfb_sectype_buffer_id = 0;

-static int DetectEngineInspectRfbSectypeGeneric(ThreadVars *tv,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
-        const Signature *s, const SigMatchData *smd,
-        Flow *f, uint8_t flags, void *alstate,
-        void *txv, uint64_t tx_id);
+static int DetectEngineInspectRfbSectypeGeneric(DetectEngineCtx *de_ctx,
+        DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine,
+        const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id);

 static int DetectRfbSectypeMatch (DetectEngineThreadCtx *, Flow *,
                                   uint8_t, void *, void *, const Signature *,
@ -80,21 +78,18 @@ void DetectRfbSectypeRegister (void)

    DetectSetupParseRegexes(PARSE_REGEX, &parse_regex);

-    DetectAppLayerInspectEngineRegister("rfb.sectype",
-            ALPROTO_RFB, SIG_FLAG_TOSERVER, 1,
-            DetectEngineInspectRfbSectypeGeneric);
+    DetectAppLayerInspectEngineRegister2("rfb.sectype", ALPROTO_RFB, SIG_FLAG_TOSERVER, 1,
+            DetectEngineInspectRfbSectypeGeneric, NULL);

    g_rfb_sectype_buffer_id = DetectBufferTypeGetByName("rfb.sectype");
 }

-static int DetectEngineInspectRfbSectypeGeneric(ThreadVars *tv,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
-        const Signature *s, const SigMatchData *smd,
-        Flow *f, uint8_t flags, void *alstate,
-        void *txv, uint64_t tx_id)
+static int DetectEngineInspectRfbSectypeGeneric(DetectEngineCtx *de_ctx,
+        DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine,
+        const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
 {
-    return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd,
-                                          f, flags, alstate, txv, tx_id);
+    return DetectEngineInspectGenericList(
+            NULL, de_ctx, det_ctx, s, engine->smd, f, flags, alstate, txv, tx_id);
 }

 static inline int SectypeMatch(const uint32_t version,