Switch to using a detection engine ctx.

17 years ago · dc48c58473
parent 171c8c777d
commit dc48c58473
6 changed files with 377 additions and 487 deletions
--- a/src/Makefile.am
+++ b/src/Makefile.am
@ -18,6 +18,7 @@ flow-util.c flow-util.h \
 flow-var.c flow-var.h \
 host.c host.h \
 detect.c detect.h \
+detect-engine.c detect-engine.h \
 detect-siggroup.c detect-siggroup.h \
 detect-parse.c detect-parse.h \
 detect-mpm.c detect-mpm.h \
--- a/src/detect-address.c
+++ b/src/detect-address.c
@ -1095,7 +1095,7 @@ void DetectAddressDataPrint(DetectAddressData *ad) {
        return;

    if (ad->flags & ADDRESS_FLAG_ANY) {
-        printf("ANY\n");
+        printf("ANY");
    } else if (ad->family == AF_INET) {
        struct in_addr in;
        char s[16];
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@ -0,0 +1,27 @@
+/* Copyright (C) 2008 by Victor Julien <victor@inliniac.net> */
+
+#include "vips.h"
+#include "debug.h"
+#include "detect.h"
+#include "flow.h"
+
+#include "detect-parse.h"
+#include "detect-siggroup.h"
+
+#include "detect-address.h"
+
+DetectEngineCtx *DetectEngineCtxInit(void) {
+    DetectEngineCtx *de_ctx;
+
+    de_ctx = malloc(sizeof(DetectEngineCtx));
+    if (de_ctx == NULL) {
+        goto error;
+    }
+
+    memset(de_ctx,0,sizeof(DetectEngineCtx));
+
+    return de_ctx;
+error:
+    return NULL;
+}
+
--- a/src/detect-engine.h
+++ b/src/detect-engine.h
@ -0,0 +1,8 @@
+#ifndef __DETECT_ENGINE_H__
+#define __DETECT_ENGINE_H__
+
+/* prototypes */
+DetectEngineCtx *DetectEngineCtxInit();
+
+#endif /* __DETECT_ENGINE_H__ */
+
--- a/src/detect.c
+++ b/src/detect.c
--- a/src/detect.h
+++ b/src/detect.h
@ -71,6 +71,19 @@ typedef struct SigTableElmt {
    u_int8_t flags;
 } SigTableElmt;

+typedef struct DetectEngineCtx_ {
+    Signature *sig_list;
+    u_int32_t sig_cnt;
+
+    DetectAddressGroupsHead *src_gh[256];
+    DetectAddressGroupsHead *tmp_gh[256];
+
+    u_int32_t mpm_unique, mpm_reuse, mpm_none,
+              mpm_uri_unique, mpm_uri_reuse, mpm_uri_none;
+    u_int32_t gh_unique, gh_reuse;
+
+} DetectEngineCtx;
+
 #define SIGGROUP_PROTO 1
 #define SIGGROUP_SP    2
 #define SIGGROUP_DP    3
@ -187,7 +200,7 @@ void SigTableRegisterTests(void);
 void SigRegisterTests(void);
 void TmModuleDetectRegister (void);

-int SigGroupBuild(Signature *);
+int SigGroupBuild(DetectEngineCtx *);
 int SigGroupCleanup();

 #endif /* __DETECT_H__ */