aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

config/ja3: Eliminate warnings when JA3 is disabled

Browse Source 
This commit eliminates warnings when either ja3, ja4 or both are
disabled.
pull/11055/head
Jeff Lucovsky 10 months ago committed by Victor Julien
parent 14ab9aa763
commit cb56752bf7
6 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File

4
rust/src/ja4.rs
Unescape Escape View File

@ -23,7 +23,9 @@ use digest::Digest;
use libc::c_uchar; use libc::c_uchar;
#[cfg(feature = "ja4")] #[cfg(feature = "ja4")]
use sha2::Sha256; use sha2::Sha256;
use std::{cmp::min, os::raw::c_char}; #[cfg(feature = "ja4")]
use std::cmp::min;
use std::os::raw::c_char;
use tls_parser::{TlsCipherSuiteID, TlsExtensionType, TlsVersion}; use tls_parser::{TlsCipherSuiteID, TlsExtensionType, TlsVersion};
#[derive(Debug, PartialEq)] #[derive(Debug, PartialEq)]

4
src/detect-ja4-hash.c
Unescape Escape View File

@ -46,6 +46,7 @@ static int DetectJA4SetupNoSupport(DetectEngineCtx *a, Signature *b, const char
} }
#endif /* HAVE_JA4 */ #endif /* HAVE_JA4 */
#ifdef HAVE_JA4
static int DetectJa4HashSetup(DetectEngineCtx *, Signature *, const char *); static int DetectJa4HashSetup(DetectEngineCtx *, Signature *, const char *);
static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx,
const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, void *txv,
@ -56,6 +57,7 @@ static InspectionBuffer *Ja4DetectGetHash(DetectEngineThreadCtx *det_ctx,
const int list_id); const int list_id);
static int g_ja4_hash_buffer_id = 0; static int g_ja4_hash_buffer_id = 0;
#endif
/** /**
* \brief Registration function for keyword: ja4.hash * \brief Registration function for keyword: ja4.hash
@ -93,6 +95,7 @@ void DetectJa4HashRegister(void)
#endif /* HAVE_JA4 */ #endif /* HAVE_JA4 */
} }
#ifdef HAVE_JA4
/** /**
* \brief this function setup the ja4.hash modifier keyword used in the rule * \brief this function setup the ja4.hash modifier keyword used in the rule
* *
@ -171,3 +174,4 @@ static InspectionBuffer *Ja4DetectGetHash(DetectEngineThreadCtx *det_ctx,
} }
return buffer; return buffer;
} }
#endif

4
src/detect-tls-ja3-hash.c
Unescape Escape View File

@ -64,6 +64,7 @@ static int DetectJA3SetupNoSupport(DetectEngineCtx *a, Signature *b, const char
} }
#endif #endif
#ifdef HAVE_JA3
static int DetectTlsJa3HashSetup(DetectEngineCtx *, Signature *, const char *); static int DetectTlsJa3HashSetup(DetectEngineCtx *, Signature *, const char *);
static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx,
const DetectEngineTransforms *transforms, const DetectEngineTransforms *transforms,
@ -74,6 +75,7 @@ static void DetectTlsJa3HashSetupCallback(const DetectEngineCtx *de_ctx,
static bool DetectTlsJa3HashValidateCallback(const Signature *s, static bool DetectTlsJa3HashValidateCallback(const Signature *s,
const char **sigerror); const char **sigerror);
static int g_tls_ja3_hash_buffer_id = 0; static int g_tls_ja3_hash_buffer_id = 0;
#endif
/** /**
* \brief Registration function for keyword: ja3_hash * \brief Registration function for keyword: ja3_hash
@ -117,6 +119,7 @@ void DetectTlsJa3HashRegister(void)
#endif /* HAVE_JA3 */ #endif /* HAVE_JA3 */
} }
#ifdef HAVE_JA3
/** /**
* \brief this function setup the ja3.hash modifier keyword used in the rule * \brief this function setup the ja3.hash modifier keyword used in the rule
* *
@ -239,3 +242,4 @@ static void DetectTlsJa3HashSetupCallback(const DetectEngineCtx *de_ctx,
} }
} }
} }
#endif

4
src/detect-tls-ja3-string.c
Unescape Escape View File

@ -64,12 +64,14 @@ static int DetectJA3SetupNoSupport(DetectEngineCtx *a, Signature *b, const char
} }
#endif /* HAVE_JA3 */ #endif /* HAVE_JA3 */
#ifdef HAVE_JA3
static int DetectTlsJa3StringSetup(DetectEngineCtx *, Signature *, const char *); static int DetectTlsJa3StringSetup(DetectEngineCtx *, Signature *, const char *);
static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx,
const DetectEngineTransforms *transforms, const DetectEngineTransforms *transforms,
Flow *f, const uint8_t flow_flags, Flow *f, const uint8_t flow_flags,
void *txv, const int list_id); void *txv, const int list_id);
static int g_tls_ja3_str_buffer_id = 0; static int g_tls_ja3_str_buffer_id = 0;
#endif
/** /**
* \brief Registration function for keyword: ja3.string * \brief Registration function for keyword: ja3.string
@ -107,6 +109,7 @@ void DetectTlsJa3StringRegister(void)
#endif /* HAVE_JA3 */ #endif /* HAVE_JA3 */
} }
#ifdef HAVE_JA3
/** /**
* \brief this function setup the ja3.string modifier keyword used in the rule * \brief this function setup the ja3.string modifier keyword used in the rule
* *
@ -164,3 +167,4 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx,
return buffer; return buffer;
} }
#endif

4
src/detect-tls-ja3s-hash.c
Unescape Escape View File

@ -64,6 +64,7 @@ static int DetectJA3SetupNoSupport(DetectEngineCtx *a, Signature *b, const char
} }
#endif /* HAVE_JA3 */ #endif /* HAVE_JA3 */
#ifdef HAVE_JA3
static int DetectTlsJa3SHashSetup(DetectEngineCtx *, Signature *, const char *); static int DetectTlsJa3SHashSetup(DetectEngineCtx *, Signature *, const char *);
static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx,
const DetectEngineTransforms *transforms, const DetectEngineTransforms *transforms,
@ -74,6 +75,7 @@ static void DetectTlsJa3SHashSetupCallback(const DetectEngineCtx *de_ctx,
static bool DetectTlsJa3SHashValidateCallback(const Signature *s, static bool DetectTlsJa3SHashValidateCallback(const Signature *s,
const char **sigerror); const char **sigerror);
static int g_tls_ja3s_hash_buffer_id = 0; static int g_tls_ja3s_hash_buffer_id = 0;
#endif
/** /**
* \brief Registration function for keyword: ja3s.hash * \brief Registration function for keyword: ja3s.hash
@ -116,6 +118,7 @@ void DetectTlsJa3SHashRegister(void)
#endif /* HAVE_JA3 */ #endif /* HAVE_JA3 */
} }
#ifdef HAVE_JA3
/** /**
* \brief this function setup the ja3s.hash modifier keyword used in the rule * \brief this function setup the ja3s.hash modifier keyword used in the rule
* *
@ -237,3 +240,4 @@ static void DetectTlsJa3SHashSetupCallback(const DetectEngineCtx *de_ctx,
} }
} }
} }
#endif

4
src/detect-tls-ja3s-string.c
Unescape Escape View File

@ -64,12 +64,14 @@ static int DetectJA3SetupNoSupport(DetectEngineCtx *a, Signature *b, const char
} }
#endif /* HAVE_JA3 */ #endif /* HAVE_JA3 */
#ifdef HAVE_JA3
static int DetectTlsJa3SStringSetup(DetectEngineCtx *, Signature *, const char *); static int DetectTlsJa3SStringSetup(DetectEngineCtx *, Signature *, const char *);
static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx,
const DetectEngineTransforms *transforms, const DetectEngineTransforms *transforms,
Flow *f, const uint8_t flow_flags, Flow *f, const uint8_t flow_flags,
void *txv, const int list_id); void *txv, const int list_id);
static int g_tls_ja3s_str_buffer_id = 0; static int g_tls_ja3s_str_buffer_id = 0;
#endif
/** /**
* \brief Registration function for keyword: ja3s.string * \brief Registration function for keyword: ja3s.string
@ -107,6 +109,7 @@ void DetectTlsJa3SStringRegister(void)
#endif /* HAVE_JA3 */ #endif /* HAVE_JA3 */
} }
#ifdef HAVE_JA3
/** /**
* \brief this function setup the ja3s.string modifier keyword used in the rule * \brief this function setup the ja3s.string modifier keyword used in the rule
* *
@ -164,3 +167,4 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx,
return buffer; return buffer;
} }
#endif

Write Preview
Loading…
Cancel
Save