detect/dcerpc: cleanup now Rust is mandatory

6 years ago · e572324c5a
parent 50709144f9
commit e572324c5a
3 changed files with 7 additions and 48 deletions
--- a/src/detect-dce-iface.c
+++ b/src/detect-dce-iface.c
@ -47,25 +47,18 @@
 #include "util-unittest-helper.h"
 #include "stream-tcp.h"

-#ifdef HAVE_RUST
 #include "rust.h"
 #include "rust-smb-detect-gen.h"
-#endif

 #define PARSE_REGEX "^\\s*([0-9a-zA-Z]{8}-[0-9a-zA-Z]{4}-[0-9a-zA-Z]{4}-[0-9a-zA-Z]{4}-[0-9a-zA-Z]{12})(?:\\s*,(<|>|=|!)([0-9]{1,5}))?(?:\\s*,(any_frag))?\\s*$"

 static pcre *parse_regex = NULL;
 static pcre_extra *parse_regex_study = NULL;

-static int DetectDceIfaceMatch(ThreadVars *, DetectEngineThreadCtx *,
-        Flow *, uint8_t, void *, void *,
-        const Signature *, const SigMatchCtx *);
-#ifdef HAVE_RUST
 static int DetectDceIfaceMatchRust(ThreadVars *t,
        DetectEngineThreadCtx *det_ctx,
        Flow *f, uint8_t flags, void *state, void *txv,
        const Signature *s, const SigMatchCtx *m);
-#endif
 static int DetectDceIfaceSetup(DetectEngineCtx *, Signature *, const char *);
 static void DetectDceIfaceFree(void *);
 static void DetectDceIfaceRegisterTests(void);
@ -84,11 +77,7 @@ void DetectDceIfaceRegister(void)
 {
    sigmatch_table[DETECT_DCE_IFACE].name = "dce_iface";
    sigmatch_table[DETECT_DCE_IFACE].Match = NULL;
-#ifdef HAVE_RUST
    sigmatch_table[DETECT_DCE_IFACE].AppLayerTxMatch = DetectDceIfaceMatchRust;
-#else
-    sigmatch_table[DETECT_DCE_IFACE].AppLayerTxMatch = DetectDceIfaceMatch;
-#endif
    sigmatch_table[DETECT_DCE_IFACE].Setup = DetectDceIfaceSetup;
    sigmatch_table[DETECT_DCE_IFACE].Free  = DetectDceIfaceFree;
    sigmatch_table[DETECT_DCE_IFACE].RegisterTests = DetectDceIfaceRegisterTests;
@ -246,11 +235,6 @@ static DetectDceIfaceData *DetectDceIfaceArgParse(const char *arg)
    return NULL;
 }

-DCERPCState *DetectDceGetState(AppProto alproto, void *alstate)
-{
-    return alstate;
-}
-
 /**
 * \internal
 * \brief Internal function that compares the dce interface version for this
@ -302,7 +286,7 @@ static int DetectDceIfaceMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx,
    const DetectDceIfaceData *dce_data = (DetectDceIfaceData *)m;

    DCERPCUuidEntry *item = NULL;
-    const DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate);
+    const DCERPCState *dcerpc_state = state;
    if (dcerpc_state == NULL) {
        SCLogDebug("No DCERPCState for the flow");
        SCReturnInt(0);
@ -356,7 +340,6 @@ end:
    SCReturnInt(ret);
 }

-#ifdef HAVE_RUST
 static int DetectDceIfaceMatchRust(ThreadVars *t,
        DetectEngineThreadCtx *det_ctx,
        Flow *f, uint8_t flags, void *state, void *txv,
@ -381,7 +364,6 @@ static int DetectDceIfaceMatchRust(ThreadVars *t,
    }
    SCReturnInt(ret);
 }
-#endif

 /**
 * \brief Creates a SigMatch for the "dce_iface" keyword being sent as argument,
--- a/src/detect-dce-opnum.c
+++ b/src/detect-dce-opnum.c
@ -48,25 +48,18 @@
 #include "util-unittest-helper.h"
 #include "stream-tcp.h"

-#ifdef HAVE_RUST
 #include "rust.h"
 #include "rust-smb-detect-gen.h"
-#endif

 #define PARSE_REGEX "^\\s*([0-9]{1,5}(\\s*-\\s*[0-9]{1,5}\\s*)?)(,\\s*[0-9]{1,5}(\\s*-\\s*[0-9]{1,5})?\\s*)*$"

 static pcre *parse_regex = NULL;
 static pcre_extra *parse_regex_study = NULL;

-static int DetectDceOpnumMatch(ThreadVars *, DetectEngineThreadCtx *,
-        Flow *, uint8_t, void *, void *,
-        const Signature *, const SigMatchCtx *);
-#ifdef HAVE_RUST
 static int DetectDceOpnumMatchRust(ThreadVars *t,
                        DetectEngineThreadCtx *det_ctx,
                        Flow *f, uint8_t flags, void *state, void *txv,
                        const Signature *s, const SigMatchCtx *m);
-#endif
 static int DetectDceOpnumSetup(DetectEngineCtx *, Signature *, const char *);
 static void DetectDceOpnumFree(void *);
 static void DetectDceOpnumRegisterTests(void);
@ -79,11 +72,7 @@ void DetectDceOpnumRegister(void)
 {
    sigmatch_table[DETECT_DCE_OPNUM].name = "dce_opnum";
    sigmatch_table[DETECT_DCE_OPNUM].Match = NULL;
-#ifdef HAVE_RUST
    sigmatch_table[DETECT_DCE_OPNUM].AppLayerTxMatch = DetectDceOpnumMatchRust;
-#else
-    sigmatch_table[DETECT_DCE_OPNUM].AppLayerTxMatch = DetectDceOpnumMatch;
-#endif
    sigmatch_table[DETECT_DCE_OPNUM].Setup = DetectDceOpnumSetup;
    sigmatch_table[DETECT_DCE_OPNUM].Free  = DetectDceOpnumFree;
    sigmatch_table[DETECT_DCE_OPNUM].RegisterTests = DetectDceOpnumRegisterTests;
@ -265,7 +254,7 @@ static int DetectDceOpnumMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx,
    DetectDceOpnumData *dce_data = (DetectDceOpnumData *)m;
    DetectDceOpnumRange *dor = dce_data->range;

-    DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate);
+    DCERPCState *dcerpc_state = state;
    if (dcerpc_state == NULL) {
        SCLogDebug("No DCERPCState for the flow");
        SCReturnInt(0);
@ -288,7 +277,6 @@ static int DetectDceOpnumMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx,
    SCReturnInt(0);
 }

-#ifdef HAVE_RUST
 static int DetectDceOpnumMatchRust(ThreadVars *t,
                        DetectEngineThreadCtx *det_ctx,
                        Flow *f, uint8_t flags, void *state, void *txv,
@ -324,7 +312,6 @@ static int DetectDceOpnumMatchRust(ThreadVars *t,

    SCReturnInt(0);
 }
-#endif

 /**
 * \brief Creates a SigMatch for the "dce_opnum" keyword being sent as argument,
--- a/src/detect-dce-stub-data.c
+++ b/src/detect-dce-stub-data.c
@ -54,10 +54,8 @@

 #include "stream-tcp.h"

-#ifdef HAVE_RUST
 #include "rust.h"
 #include "rust-smb-detect-gen.h"
-#endif

 #define BUFFER_NAME "dce_stub_data"
 #define KEYWORD_NAME "dce_stub_data"
@ -85,17 +83,14 @@ static void PrefilterTxDceStubDataRequest(DetectEngineThreadCtx *det_ctx,
    uint8_t *buffer;
    uint32_t buffer_len;

-#ifdef HAVE_RUST
    if (f->alproto == ALPROTO_SMB) {
        if (rs_smb_tx_get_stub_data(txv, STREAM_TOSERVER, &buffer, &buffer_len) != 1) {
            SCLogDebug("have no data!");
            return;
        }
        SCLogDebug("have data!");
-    } else
-#endif
-    {
-        DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate);
+    } else {
+        DCERPCState *dcerpc_state = f->alstate;
        if (dcerpc_state == NULL)
            return;

@ -143,17 +138,14 @@ static void PrefilterTxDceStubDataResponse(DetectEngineThreadCtx *det_ctx,
    uint8_t *buffer;
    uint32_t buffer_len;

-#ifdef HAVE_RUST
    if (f->alproto == ALPROTO_SMB) {
        if (rs_smb_tx_get_stub_data(txv, STREAM_TOCLIENT, &buffer, &buffer_len) != 1) {
            SCLogDebug("have no data!");
            return;
        }
        SCLogDebug("have data!");
-    } else
-#endif
-    {
-        DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate);
+    } else {
+        DCERPCState *dcerpc_state = f->alstate;
        if (dcerpc_state == NULL)
            return;

@ -192,16 +184,14 @@ static int InspectEngineDceStubData(ThreadVars *tv,
    uint8_t *buffer = NULL;
    DCERPCState *dcerpc_state = NULL;

-#ifdef HAVE_RUST
    if (f->alproto == ALPROTO_SMB) {
        uint8_t dir = flags & (STREAM_TOSERVER|STREAM_TOCLIENT);
        if (rs_smb_tx_get_stub_data(tx, dir, &buffer, &buffer_len) != 1)
            goto end;
        SCLogDebug("have data!");
    } else
-#endif
    {
-        dcerpc_state = DetectDceGetState(f->alproto, f->alstate);
+        dcerpc_state = alstate;
        if (dcerpc_state == NULL)
            goto end;