From ff70e0cca0a57011d2073d3fe05a2006b7ffb868 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Thu, 7 Jul 2016 10:33:28 +0200 Subject: [PATCH] mpm tls: remove unused function args --- src/detect-engine-tls.c | 50 ++++++++++++++--------------------- src/detect-tls-cert-issuer.h | 2 +- src/detect-tls-cert-subject.h | 2 +- src/detect-tls-sni.h | 3 +-- src/detect.c | 6 ++--- 5 files changed, 26 insertions(+), 37 deletions(-) diff --git a/src/detect-engine-tls.c b/src/detect-engine-tls.c index 25891671d0..940833106c 100644 --- a/src/detect-engine-tls.c +++ b/src/detect-engine-tls.c @@ -57,14 +57,12 @@ */ static inline uint32_t TlsSniPatternSearch(DetectEngineThreadCtx *det_ctx, const uint8_t *buffer, - const uint32_t buffer_len, - const uint8_t flags) + const uint32_t buffer_len) { SCEnter(); uint32_t ret = 0; - DEBUG_VALIDATE_BUG_ON(flags & STREAM_TOCLIENT); DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_tlssni_ctx_ts == NULL); if (buffer_len >= det_ctx->sgh->mpm_tlssni_ctx_ts->minlen) { @@ -86,8 +84,8 @@ static inline uint32_t TlsSniPatternSearch(DetectEngineThreadCtx *det_ctx, * * \retval cnt Number of matches */ -uint32_t DetectTlsSniInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, - SSLState *ssl_state, uint8_t flags) +uint32_t DetectTlsSniInspectMpm(DetectEngineThreadCtx *det_ctx, + SSLState *ssl_state) { SCEnter(); @@ -101,7 +99,7 @@ uint32_t DetectTlsSniInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, buffer = (uint8_t *)ssl_state->client_connp.sni; buffer_len = strlen(ssl_state->client_connp.sni); - cnt = TlsSniPatternSearch(det_ctx, buffer, buffer_len, flags); + cnt = TlsSniPatternSearch(det_ctx, buffer, buffer_len); SCReturnUInt(cnt); } @@ -147,23 +145,20 @@ int DetectEngineInspectTlsSni(ThreadVars *tv, DetectEngineCtx *de_ctx, /** * \brief TLS issuer match -- searches for one pattern per signature. * - * \param det_ctx Detection engine thread ctx - * \param hrh Buffer to inspect - * \param hrh_len Buffer length - * \param flags Flags + * \param det_ctx Detection engine thread ctx + * \param buffer Buffer to inspect + * \param buffer_len Buffer length * * \retval ret Number of matches */ static inline uint32_t TlsIssuerPatternSearch(DetectEngineThreadCtx *det_ctx, const uint8_t *buffer, - const uint32_t buffer_len, - const uint8_t flags) + const uint32_t buffer_len) { SCEnter(); uint32_t ret = 0; - DEBUG_VALIDATE_BUG_ON(flags & STREAM_TOSERVER); DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_tlsissuer_ctx_ts == NULL); if (buffer_len >= det_ctx->sgh->mpm_tlsissuer_ctx_ts->minlen) { @@ -180,13 +175,12 @@ static inline uint32_t TlsIssuerPatternSearch(DetectEngineThreadCtx *det_ctx, * * \param det_ctx Detection engine thread ctx * \param f Locked flow - * \param dns_state Initialized dns state - * \param flags Flags + * \param ssl_state Initialized ssl state * * \retval cnt Number of matches */ uint32_t DetectTlsIssuerInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, - SSLState *ssl_state, uint8_t flags) + SSLState *ssl_state) { SCEnter(); @@ -200,7 +194,7 @@ uint32_t DetectTlsIssuerInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, buffer = (uint8_t *)ssl_state->server_connp.cert0_issuerdn; buffer_len = strlen(ssl_state->server_connp.cert0_issuerdn); - cnt = TlsIssuerPatternSearch(det_ctx, buffer, buffer_len, flags); + cnt = TlsIssuerPatternSearch(det_ctx, buffer, buffer_len); SCReturnUInt(cnt); } @@ -224,7 +218,7 @@ int DetectEngineInspectTlsIssuer(ThreadVars *tv, DetectEngineCtx *de_ctx, uint64_t tx_id) { uint8_t *buffer; - uint16_t buffer_len; + uint32_t buffer_len; int cnt = 0; SSLState *ssl_state = (SSLState *)alstate; @@ -246,23 +240,20 @@ int DetectEngineInspectTlsIssuer(ThreadVars *tv, DetectEngineCtx *de_ctx, /** * \brief TLS subject match -- searches for one pattern per signature. * - * \param det_ctx Detection engine thread ctx - * \param hrh Buffer to inspect - * \param hrh_len Buffer length - * \param flags Flags + * \param det_ctx Detection engine thread ctx + * \param buffer Buffer to inspect + * \param buffer_len Buffer length * * \retval ret Number of matches */ static inline uint32_t TlsSubjectPatternSearch(DetectEngineThreadCtx *det_ctx, const uint8_t *buffer, - const uint32_t buffer_len, - const uint8_t flags) + const uint32_t buffer_len) { SCEnter(); uint32_t ret = 0; - DEBUG_VALIDATE_BUG_ON(flags & STREAM_TOSERVER); DEBUG_VALIDATE_BUG_ON(det_ctx->sgh->mpm_tlssubject_ctx_ts == NULL); if (buffer_len >= det_ctx->sgh->mpm_tlssubject_ctx_ts->minlen) { @@ -279,13 +270,12 @@ static inline uint32_t TlsSubjectPatternSearch(DetectEngineThreadCtx *det_ctx, * * \param det_ctx Detection engine thread ctx * \param f Locked flow - * \param dns_state Initialized dns state - * \param flags Flags + * \param ssl_state Initialized ssl state * * \retval cnt Number of matches */ uint32_t DetectTlsSubjectInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, - SSLState *ssl_state, uint8_t flags) + SSLState *ssl_state) { SCEnter(); @@ -299,7 +289,7 @@ uint32_t DetectTlsSubjectInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, buffer = (uint8_t *)ssl_state->server_connp.cert0_subject; buffer_len = strlen(ssl_state->server_connp.cert0_subject); - cnt = TlsSubjectPatternSearch(det_ctx, buffer, buffer_len, flags); + cnt = TlsSubjectPatternSearch(det_ctx, buffer, buffer_len); SCReturnUInt(cnt); } @@ -323,7 +313,7 @@ int DetectEngineInspectTlsSubject(ThreadVars *tv, DetectEngineCtx *de_ctx, uint64_t tx_id) { uint8_t *buffer; - uint16_t buffer_len; + uint32_t buffer_len; int cnt = 0; SSLState *ssl_state = (SSLState *)alstate; diff --git a/src/detect-tls-cert-issuer.h b/src/detect-tls-cert-issuer.h index 8febf749f1..a0b0846f7e 100644 --- a/src/detect-tls-cert-issuer.h +++ b/src/detect-tls-cert-issuer.h @@ -28,6 +28,6 @@ void DetectTlsIssuerRegister(void); uint32_t DetectTlsIssuerInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, - SSLState *ssl_state, uint8_t flags); + SSLState *ssl_state); #endif /* __DETECT_TLS_ISSUER_H__ */ diff --git a/src/detect-tls-cert-subject.h b/src/detect-tls-cert-subject.h index e8fd1d3f99..2edce96c86 100644 --- a/src/detect-tls-cert-subject.h +++ b/src/detect-tls-cert-subject.h @@ -28,6 +28,6 @@ void DetectTlsSubjectRegister(void); uint32_t DetectTlsSubjectInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, - SSLState *ssl_state, uint8_t flags); + SSLState *ssl_state); #endif /* __DETECT_TLS_SUBJECT_H__ */ diff --git a/src/detect-tls-sni.h b/src/detect-tls-sni.h index 8e6d93086c..a3117906c1 100644 --- a/src/detect-tls-sni.h +++ b/src/detect-tls-sni.h @@ -27,7 +27,6 @@ #include "app-layer-ssl.h" void DetectTlsSniRegister(void); -uint32_t DetectTlsSniInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, - SSLState *ssl_state, uint8_t flags); +uint32_t DetectTlsSniInspectMpm(DetectEngineThreadCtx *det_ctx, SSLState *ssl_state); #endif /* __DETECT_TLS_SNI_H__ */ diff --git a/src/detect.c b/src/detect.c index 3907a0a6e3..3ce90ff6f4 100644 --- a/src/detect.c +++ b/src/detect.c @@ -1042,18 +1042,18 @@ static inline void DetectMpmPrefilter(DetectEngineCtx *de_ctx, if (p->flowflags & FLOW_PKT_TOSERVER) { if (det_ctx->sgh->flags & SIG_GROUP_HEAD_MPM_TLSSNI) { PACKET_PROFILING_DETECT_START(p, PROF_DETECT_MPM_TLSSNI); - DetectTlsSniInspectMpm(det_ctx, p->flow, alstate, flags); + DetectTlsSniInspectMpm(det_ctx, alstate); PACKET_PROFILING_DETECT_END(p, PROF_DETECT_MPM_TLSSNI); } } else if (p->flowflags & FLOW_PKT_TOCLIENT) { if (det_ctx->sgh->flags & SIG_GROUP_HEAD_MPM_TLSISSUER) { PACKET_PROFILING_DETECT_START(p, PROF_DETECT_MPM_TLSISSUER); - DetectTlsIssuerInspectMpm(det_ctx, p->flow, alstate, flags); + DetectTlsIssuerInspectMpm(det_ctx, p->flow, alstate); PACKET_PROFILING_DETECT_END(p, PROF_DETECT_MPM_TLSISSUER); } if (det_ctx->sgh->flags & SIG_GROUP_HEAD_MPM_TLSSUBJECT) { PACKET_PROFILING_DETECT_START(p, PROF_DETECT_MPM_TLSSUBJECT); - DetectTlsSubjectInspectMpm(det_ctx, p->flow, alstate, flags); + DetectTlsSubjectInspectMpm(det_ctx, p->flow, alstate); PACKET_PROFILING_DETECT_END(p, PROF_DETECT_MPM_TLSSUBJECT); } }