SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER | STREAM_START, chello_buf,
chello_buf_len);
FAIL_IF(r != 0);
- FLOWLOCK_UNLOCK(&f);
ssl_state = f.alstate;
FAIL_IF(ssl_state == NULL);
FAIL_IF(PacketAlertCheck(p, 4));
FAIL_IF(PacketAlertCheck(p, 5));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT,
shello_buf, shello_buf_len);
FAIL_IF(r != 0);
- FLOWLOCK_UNLOCK(&f);
/* do detect */
p->alerts.cnt = 0;
FAIL_IF(PacketAlertCheck(p, 4));
FAIL_IF(!PacketAlertCheck(p, 5));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER,
client_change_cipher_spec_buf,
client_change_cipher_spec_buf_len);
FAIL_IF(r != 0);
- FLOWLOCK_UNLOCK(&f);
/* do detect */
p->alerts.cnt = 0;
FAIL_IF(!PacketAlertCheck(p, 3));
FAIL_IF(PacketAlertCheck(p, 4));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT,
server_change_cipher_spec_buf,
server_change_cipher_spec_buf_len);
FAIL_IF(r != 0);
- FLOWLOCK_UNLOCK(&f);
/* do detect */
p->alerts.cnt = 0;
FAIL_IF(PacketAlertCheck(p, 3));
FAIL_IF(PacketAlertCheck(p, 4));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER,
toserver_app_data_buf, toserver_app_data_buf_len);
FAIL_IF(r != 0);
- FLOWLOCK_UNLOCK(&f);
/* do detect */
p->alerts.cnt = 0;
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, sslbuf1, ssllen1);
FAIL_IF(r != 0);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER,
sslbuf4, ssllen4);
FAIL_IF(r != 0);
- FLOWLOCK_UNLOCK(&f);
SSLState *app_state = f.alstate;
FAIL_IF_NULL(app_state);
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, sslbuf1, ssllen1);
FAIL_IF(r != 0);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER,
sslbuf4, ssllen4);
FAIL_IF(r != 0);
- FLOWLOCK_UNLOCK(&f);
SSLState *app_state = f.alstate;
FAIL_IF_NULL(app_state);
*/
static int DetectTlsFingerprintTest01(void)
{
- DetectEngineCtx *de_ctx = NULL;
- SigMatch *sm = NULL;
-
- de_ctx = DetectEngineCtxInit();
+ DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
FAIL_IF_NULL(de_ctx->sig_list);
/* sm should not be in the MATCH list */
- sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
+ SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
sm = de_ctx->sig_list->sm_lists[g_tls_cert_fingerprint_buffer_id];
FAIL_IF_NOT_NULL(sm->next);
SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
DetectEngineCtxFree(de_ctx);
PASS;
Packet *p1 = NULL;
Packet *p2 = NULL;
Packet *p3 = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc();
de_ctx->mpm_matcher = mpm_default_matcher;
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
"(msg:\"Test tls.cert_fingerprint\"; "
"tls.cert_fingerprint; "
"content:\"4a:a3:66:76:82:cb:6b:23:bb:c3:58:47:23:a4:63:a7:78:a4:a1:18\"; "
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, client_hello,
sizeof(client_hello));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
FAIL_IF(PacketAlertCheck(p1, 1));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT,
server_hello, sizeof(server_hello));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
FAIL_IF(PacketAlertCheck(p2, 1));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT,
certificate, sizeof(certificate));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
*/
static int DetectTlsIssuerTest01(void)
{
- DetectEngineCtx *de_ctx = NULL;
- SigMatch *sm = NULL;
-
- de_ctx = DetectEngineCtxInit();
+ DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
FAIL_IF_NULL(de_ctx->sig_list);
/* sm should not be in the MATCH list */
- sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
+ SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
sm = de_ctx->sig_list->sm_lists[g_tls_cert_issuer_buffer_id];
FAIL_IF_NOT_NULL(sm->next);
SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
DetectEngineCtxFree(de_ctx);
PASS;
Packet *p1 = NULL;
Packet *p2 = NULL;
Packet *p3 = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc();
de_ctx->mpm_matcher = mpm_default_matcher;
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
"(msg:\"Test tls.cert_issuer\"; "
"tls.cert_issuer; content:\"google\"; nocase; "
"sid:1;)");
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, client_hello,
sizeof(client_hello));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
FAIL_IF(PacketAlertCheck(p1, 1));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT,
server_hello, sizeof(server_hello));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
FAIL_IF(PacketAlertCheck(p2, 1));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT,
certificate, sizeof(certificate));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
*/
static int DetectTlsSerialTest01(void)
{
- DetectEngineCtx *de_ctx = NULL;
- SigMatch *sm = NULL;
-
- de_ctx = DetectEngineCtxInit();
+ DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
FAIL_IF_NULL(de_ctx->sig_list);
/* sm should not be in the MATCH list */
- sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
+ SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
sm = de_ctx->sig_list->sm_lists[g_tls_cert_serial_buffer_id];
FAIL_IF_NOT_NULL(sm->next);
SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
DetectEngineCtxFree(de_ctx);
PASS;
Packet *p1 = NULL;
Packet *p2 = NULL;
Packet *p3 = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc();
de_ctx->mpm_matcher = mpm_default_matcher;
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
"(msg:\"Test tls.cert_serial\"; "
"tls.cert_serial; "
"content:\"5C:19:B7:B1:32:3B:1C:A1\"; "
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, client_hello,
sizeof(client_hello));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
FAIL_IF(PacketAlertCheck(p1, 1));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT,
server_hello, sizeof(server_hello));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
FAIL_IF(PacketAlertCheck(p2, 1));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT,
certificate, sizeof(certificate));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
*/
static int DetectTlsSubjectTest01(void)
{
- DetectEngineCtx *de_ctx = NULL;
- SigMatch *sm = NULL;
-
- de_ctx = DetectEngineCtxInit();
+ DetectEngineCtx *de_ctx = DetectEngineCtxInit();
FAIL_IF_NULL(de_ctx);
de_ctx->flags |= DE_QUIET;
FAIL_IF_NULL(de_ctx->sig_list);
/* sm should not be in the MATCH list */
- sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
+ SigMatch *sm = de_ctx->sig_list->sm_lists[DETECT_SM_LIST_MATCH];
FAIL_IF_NOT_NULL(sm);
sm = de_ctx->sig_list->sm_lists[g_tls_cert_subject_buffer_id];
FAIL_IF_NOT_NULL(sm->next);
SigGroupCleanup(de_ctx);
- SigCleanSignatures(de_ctx);
DetectEngineCtxFree(de_ctx);
PASS;
Packet *p1 = NULL;
Packet *p2 = NULL;
Packet *p3 = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc();
de_ctx->mpm_matcher = mpm_default_matcher;
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
"(msg:\"Test tls.cert_subject\"; "
"tls.cert_subject; content:\"google\"; nocase; "
"sid:1;)");
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, client_hello,
sizeof(client_hello));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
FAIL_IF(PacketAlertCheck(p1, 1));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT,
server_hello, sizeof(server_hello));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
FAIL_IF(PacketAlertCheck(p2, 1));
- FLOWLOCK_WRLOCK(&f);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT,
certificate, sizeof(certificate));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
Packet *p1 = NULL;
Packet *p2 = NULL;
Packet *p3 = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc();
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
- "(msg:\"Test tls_cert_notbefore\"; "
- "tls_cert_notbefore:<2016-07-20; sid:1;)");
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ "(msg:\"Test tls_cert_notbefore\"; "
+ "tls_cert_notbefore:<2016-07-20; sid:1;)");
FAIL_IF_NULL(s);
s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
Packet *p1 = NULL;
Packet *p2 = NULL;
Packet *p3 = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc();
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
- "(msg:\"Test tls_cert_expired\"; "
- "tls_cert_expired; sid:1;)");
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ "(msg:\"Test tls_cert_expired\"; "
+ "tls_cert_expired; sid:1;)");
FAIL_IF_NULL(s);
SigGroupBuild(de_ctx);
Packet *p1 = NULL;
Packet *p2 = NULL;
Packet *p3 = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc();
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
- "(msg:\"Test tls_cert_valid\"; "
- "tls_cert_valid; sid:1;)");
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ "(msg:\"Test tls_cert_valid\"; "
+ "tls_cert_valid; sid:1;)");
FAIL_IF_NULL(s);
SigGroupBuild(de_ctx);
Flow f;
SSLState *ssl_state = NULL;
Packet *p = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
TcpSession ssn;
de_ctx->mpm_matcher = mpm_default_matcher;
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
"(msg:\"Test ja3.hash\"; ja3.hash; "
"content:\"e7eca2baf4458d095b7f45da28c16c34\"; "
"sid:1;)");
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, buf, sizeof(buf));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
ssl_state = f.alstate;
Flow f;
SSLState *ssl_state = NULL;
- Packet *p = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
TcpSession ssn;
memset(&f, 0, sizeof(Flow));
memset(&ssn, 0, sizeof(TcpSession));
- p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP,
- "192.168.1.5", "192.168.1.1",
- 41424, 443);
+ Packet *p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP,
+ "192.168.1.5", "192.168.1.1",
+ 41424, 443);
FLOW_INITIALIZE(&f);
f.protoctx = (void *)&ssn;
de_ctx->mpm_matcher = mpm_default_matcher;
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
"(msg:\"Test ja3.hash\"; ja3.hash; "
"content:\"bc6c386f480ee97b9d9e52d472b772d8\"; "
"sid:1;)");
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, buf, sizeof(buf));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
ssl_state = f.alstate;
Flow f;
SSLState *ssl_state = NULL;
- Packet *p = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
TcpSession ssn;
memset(&f, 0, sizeof(Flow));
memset(&ssn, 0, sizeof(TcpSession));
- p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP,
- "192.168.1.5", "192.168.1.1",
- 41424, 443);
+ Packet *p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP,
+ "192.168.1.5", "192.168.1.1",
+ 41424, 443);
FLOW_INITIALIZE(&f);
f.protoctx = (void *)&ssn;
de_ctx->mpm_matcher = mpm_default_matcher;
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
"(msg:\"Test ja3.string\"; ja3.string; "
"content:\"-65-68-69-102-103-104-105-106-107-132-135-255,0,,\"; "
"sid:1;)");
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, buf, sizeof(buf));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
ssl_state = f.alstate;
Flow f;
SSLState *ssl_state = NULL;
- Packet *p = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
TcpSession ssn;
memset(&f, 0, sizeof(Flow));
memset(&ssn, 0, sizeof(TcpSession));
- p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP,
- "192.168.1.5", "192.168.1.1",
- 41424, 443);
+ Packet *p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP,
+ "192.168.1.5", "192.168.1.1",
+ 41424, 443);
FLOW_INITIALIZE(&f);
f.protoctx = (void *)&ssn;
de_ctx->mpm_matcher = mpm_default_matcher;
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
- "(msg:\"Test tls.sni option\"; "
- "tls.sni; content:\"google.com\"; sid:1;)");
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ "(msg:\"Test tls.sni option\"; "
+ "tls.sni; content:\"google.com\"; sid:1;)");
FAIL_IF_NULL(s);
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, buf, sizeof(buf));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
ssl_state = f.alstate;
Flow f;
SSLState *ssl_state = NULL;
- Packet *p = NULL;
- Signature *s = NULL;
ThreadVars tv;
DetectEngineThreadCtx *det_ctx = NULL;
TcpSession ssn;
memset(&f, 0, sizeof(Flow));
memset(&ssn, 0, sizeof(TcpSession));
- p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP,
- "192.168.1.5", "192.168.1.1",
- 41424, 443);
+ Packet *p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP,
+ "192.168.1.5", "192.168.1.1",
+ 41424, 443);
FLOW_INITIALIZE(&f);
f.protoctx = (void *)&ssn;
de_ctx->mpm_matcher = mpm_default_matcher;
de_ctx->flags |= DE_QUIET;
- s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
- "(msg:\"Test tls.sni option\"; "
- "tls.sni; content:\"google\"; nocase; "
- "pcre:\"/google\\.com$/i\"; sid:1;)");
+ Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
+ "(msg:\"Test tls.sni option\"; "
+ "tls.sni; content:\"google\"; nocase; "
+ "pcre:\"/google\\.com$/i\"; sid:1;)");
FAIL_IF_NULL(s);
s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any "
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, buf, sizeof(buf));
- FLOWLOCK_UNLOCK(&f);
FAIL_IF(r != 0);
ssl_state = f.alstate;
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, tlsbuf1, tlslen1);
FAIL_IF(r != 0);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER,
tlsbuf4, tlslen4);
FAIL_IF(r != 0);
- FLOWLOCK_UNLOCK(&f);
SSLState *ssl_state = f.alstate;
FAIL_IF_NULL(ssl_state);
SigGroupBuild(de_ctx);
DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx);
- FLOWLOCK_WRLOCK(&f);
int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS,
STREAM_TOSERVER, tlsbuf1, tlslen1);
FAIL_IF(r != 0);
r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER,
tlsbuf4, tlslen4);
FAIL_IF(r != 0);
- FLOWLOCK_UNLOCK(&f);
SSLState *ssl_state = f.alstate;
FAIL_IF_NULL(ssl_state);
projects / thirdparty / suricata.git / commitdiff
