aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

detect/rfb: convert to v2 inspect API

Browse Source
pull/5635/head
Victor Julien 5 years ago
parent b11cc0fbcd
commit 962230040a
2 changed files with 21 additions and 31 deletions
Show Stats Download Patch File Download Diff File

25
src/detect-rfb-secresult.c
Unescape Escape View File

@ -47,11 +47,9 @@ static void RfbSecresultRegisterTests(void);
#endif #endif
void DetectRfbSecresultFree(DetectEngineCtx *, void *); void DetectRfbSecresultFree(DetectEngineCtx *, void *);
static int DetectEngineInspectRfbSecresultGeneric(ThreadVars *tv, static int DetectEngineInspectRfbSecresultGeneric(DetectEngineCtx *de_ctx,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine,
const Signature *s, const SigMatchData *smd, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id);
Flow *f, uint8_t flags, void *alstate,
void *txv, uint64_t tx_id);
typedef struct DetectRfbSecresultData_ { typedef struct DetectRfbSecresultData_ {
uint32_t result; /** result code */ uint32_t result; /** result code */
@ -73,21 +71,18 @@ void DetectRfbSecresultRegister (void)
#endif #endif
DetectSetupParseRegexes(PARSE_REGEX, &parse_regex); DetectSetupParseRegexes(PARSE_REGEX, &parse_regex);
DetectAppLayerInspectEngineRegister("rfb.secresult", DetectAppLayerInspectEngineRegister2("rfb.secresult", ALPROTO_RFB, SIG_FLAG_TOCLIENT, 1,
ALPROTO_RFB, SIG_FLAG_TOCLIENT, 1, DetectEngineInspectRfbSecresultGeneric, NULL);
DetectEngineInspectRfbSecresultGeneric);
rfb_secresult_id = DetectBufferTypeGetByName("rfb.secresult"); rfb_secresult_id = DetectBufferTypeGetByName("rfb.secresult");
} }
static int DetectEngineInspectRfbSecresultGeneric(ThreadVars *tv, static int DetectEngineInspectRfbSecresultGeneric(DetectEngineCtx *de_ctx,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine,
const Signature *s, const SigMatchData *smd, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Flow *f, uint8_t flags, void *alstate,
void *txv, uint64_t tx_id)
{ {
return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd, return DetectEngineInspectGenericList(
f, flags, alstate, txv, tx_id); NULL, de_ctx, det_ctx, s, engine->smd, f, flags, alstate, txv, tx_id);
} }
enum { enum {

25
src/detect-rfb-sectype.c
Unescape Escape View File

@ -56,11 +56,9 @@ static int DetectRfbSectypeSetup (DetectEngineCtx *, Signature *s, const char *s
static void DetectRfbSectypeFree(DetectEngineCtx *, void *); static void DetectRfbSectypeFree(DetectEngineCtx *, void *);
static int g_rfb_sectype_buffer_id = 0; static int g_rfb_sectype_buffer_id = 0;
static int DetectEngineInspectRfbSectypeGeneric(ThreadVars *tv, static int DetectEngineInspectRfbSectypeGeneric(DetectEngineCtx *de_ctx,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine,
const Signature *s, const SigMatchData *smd, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id);
Flow *f, uint8_t flags, void *alstate,
void *txv, uint64_t tx_id);
static int DetectRfbSectypeMatch (DetectEngineThreadCtx *, Flow *, static int DetectRfbSectypeMatch (DetectEngineThreadCtx *, Flow *,
uint8_t, void *, void *, const Signature *, uint8_t, void *, void *, const Signature *,
@ -80,21 +78,18 @@ void DetectRfbSectypeRegister (void)
DetectSetupParseRegexes(PARSE_REGEX, &parse_regex); DetectSetupParseRegexes(PARSE_REGEX, &parse_regex);
DetectAppLayerInspectEngineRegister("rfb.sectype", DetectAppLayerInspectEngineRegister2("rfb.sectype", ALPROTO_RFB, SIG_FLAG_TOSERVER, 1,
ALPROTO_RFB, SIG_FLAG_TOSERVER, 1, DetectEngineInspectRfbSectypeGeneric, NULL);
DetectEngineInspectRfbSectypeGeneric);
g_rfb_sectype_buffer_id = DetectBufferTypeGetByName("rfb.sectype"); g_rfb_sectype_buffer_id = DetectBufferTypeGetByName("rfb.sectype");
} }
static int DetectEngineInspectRfbSectypeGeneric(ThreadVars *tv, static int DetectEngineInspectRfbSectypeGeneric(DetectEngineCtx *de_ctx,
DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine,
const Signature *s, const SigMatchData *smd, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Flow *f, uint8_t flags, void *alstate,
void *txv, uint64_t tx_id)
{ {
return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd, return DetectEngineInspectGenericList(
f, flags, alstate, txv, tx_id); NULL, de_ctx, det_ctx, s, engine->smd, f, flags, alstate, txv, tx_id);
} }
static inline int SectypeMatch(const uint32_t version, static inline int SectypeMatch(const uint32_t version,

Write Preview
Loading…
Cancel
Save