{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
-
de_ctx->flags |= DE_QUIET;
- de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
- "(msg:\"Testing tls.cert_fingerprint\"; "
- "tls.cert_fingerprint; "
- "content:\"11:22:33:44:55:66:77:88:99:00:11:22:33:44:55:66:77:88:99:00\"; "
- "sid:1;)");
- FAIL_IF_NULL(de_ctx->sig_list);
+
+ Signature *s = DetectEngineAppendSig(de_ctx,
+ "alert tls any any -> any any "
+ "(msg:\"Testing tls.cert_fingerprint\"; "
+ "tls.cert_fingerprint; "
+ "content:\"11:22:33:44:55:66:77:88:99:00:11:22:33:44:55:66:77:88:99:00\"; "
+ "sid:1;)");
+ FAIL_IF_NULL(s);
/* sm should not be in the MATCH list */
- SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
+ SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
- sm = de_ctx->sig_list->sm_lists[g_tls_cert_fingerprint_buffer_id];
+ sm = DetectBufferGetFirstSigMatch(s, g_tls_cert_fingerprint_buffer_id);
FAIL_IF_NULL(sm);
FAIL_IF(sm->type != DETECT_CONTENT);
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
-
de_ctx->flags |= DE_QUIET;
- de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
- "(msg:\"Testing tls.cert_issuer\"; "
- "tls.cert_issuer; content:\"test\"; sid:1;)");
- FAIL_IF_NULL(de_ctx->sig_list);
+
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ "(msg:\"Testing tls.cert_issuer\"; "
+ "tls.cert_issuer; content:\"test\"; sid:1;)");
+ FAIL_IF_NULL(s);
/* sm should not be in the MATCH list */
- SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
+ SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
- sm = de_ctx->sig_list->sm_lists[g_tls_cert_issuer_buffer_id];
+ sm = DetectBufferGetFirstSigMatch(s, g_tls_cert_issuer_buffer_id);
FAIL_IF_NULL(sm);
FAIL_IF(sm->type != DETECT_CONTENT);
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
-
de_ctx->flags |= DE_QUIET;
- de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
- "(msg:\"Testing tls.cert_serial\"; "
- "tls.cert_serial; content:\"XX:XX:XX\"; sid:1;)");
- FAIL_IF_NULL(de_ctx->sig_list);
+
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ "(msg:\"Testing tls.cert_serial\"; "
+ "tls.cert_serial; content:\"XX:XX:XX\"; sid:1;)");
+ FAIL_IF_NULL(s);
/* sm should not be in the MATCH list */
- SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
+ SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
- sm = de_ctx->sig_list->sm_lists[g_tls_cert_serial_buffer_id];
+ sm = DetectBufferGetFirstSigMatch(s, g_tls_cert_serial_buffer_id);
FAIL_IF_NULL(sm);
FAIL_IF(sm->type != DETECT_CONTENT);
FAIL_IF_NOT_NULL(sm->next);
- SigGroupCleanup(de_ctx);
DetectEngineCtxFree(de_ctx);
-
PASS;
}
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
-
de_ctx->flags |= DE_QUIET;
- de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
- "(msg:\"Testing tls.cert_subject\"; "
- "tls.cert_subject; content:\"test\"; sid:1;)");
- FAIL_IF_NULL(de_ctx->sig_list);
+
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ "(msg:\"Testing tls.cert_subject\"; "
+ "tls.cert_subject; content:\"test\"; sid:1;)");
+ FAIL_IF_NULL(s);
/* sm should not be in the MATCH list */
- SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
+ SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
- sm = de_ctx->sig_list->sm_lists[g_tls_cert_subject_buffer_id];
+ sm = DetectBufferGetFirstSigMatch(s, g_tls_cert_subject_buffer_id);
FAIL_IF_NULL(sm);
FAIL_IF(sm->type != DETECT_CONTENT);
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
-
de_ctx->flags |= DE_QUIET;
- de_ctx->sig_list = SigInit(de_ctx, "alert tls any any -> any any "
- "(msg:\"Testing tls.certs\"; tls.certs; "
- "content:\"|01 02 03 04 05|\"; sid:1;)");
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ "(msg:\"Testing tls.certs\"; tls.certs; "
+ "content:\"|01 02 03 04 05|\"; sid:1;)");
FAIL_IF_NULL(de_ctx->sig_list);
/* sm should not be in the MATCH list */
- SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
+ SigMatch *sm = s->init_data->smlists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
- sm = de_ctx->sig_list->sm_lists[g_tls_certs_buffer_id];
+ sm = DetectBufferGetFirstSigMatch(s, g_tls_certs_buffer_id);
FAIL_IF_NULL(sm);
FAIL_IF(sm->type != DETECT_CONTENT);
FAIL_IF_NOT_NULL(sm->next);
- SigCleanSignatures(de_ctx);
DetectEngineCtxFree(de_ctx);
-
PASS;
}
projects / thirdparty / suricata.git / commitdiff
