-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2016 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
Flow *, uint8_t, void *,
const Signature *, const SigMatchData *);
static int DetectSslStateSetup(DetectEngineCtx *, Signature *, char *);
-void DetectSslStateRegisterTests(void);
-void DetectSslStateFree(void *);
+static void DetectSslStateRegisterTests(void);
+static void DetectSslStateFree(void *);
/**
* \brief Registers the keyword handlers for the "ssl_state" keyword.
* \retval ssd Pointer to DetectSslStateData on succese.
* \retval NULL On failure.
*/
-DetectSslStateData *DetectSslStateParse(char *arg)
+static DetectSslStateData *DetectSslStateParse(char *arg)
{
#define MAX_SUBSTRINGS 30
int ret = 0, res = 0;
* \retval 0 On success.
* \retval -1 On failure.
*/
-int DetectSslStateSetup(DetectEngineCtx *de_ctx, Signature *s, char *arg)
+static int DetectSslStateSetup(DetectEngineCtx *de_ctx, Signature *s, char *arg)
{
DetectSslStateData *ssd = NULL;
SigMatch *sm = NULL;
+ if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
+ SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS,
+ "Rule contains conflicting keywords. Have non-tls alproto "
+ "set for a rule containing \"ssl_state\" keyword");
+ goto error;
+ }
ssd = DetectSslStateParse(arg);
if (ssd == NULL)
goto error;
sm->type = DETECT_AL_SSL_STATE;
sm->ctx = (SigMatchCtx*)ssd;
- if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
- SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS,
- "Rule contains conflicting keywords. Have non-tls alproto "
- "set for a rule containing \"ssl_state\" keyword");
- goto error;
- }
s->alproto = ALPROTO_TLS;
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
*
* \param ptr pointer to the data to be freed.
*/
-void DetectSslStateFree(void *ptr)
+static void DetectSslStateFree(void *ptr)
{
if (ptr != NULL)
SCFree(ptr);
#ifdef UNITTESTS
-int DetectSslStateTest01(void)
+static int DetectSslStateTest01(void)
{
DetectSslStateData *ssd = DetectSslStateParse("client_hello");
FAIL_IF_NULL(ssd);
PASS;
}
-int DetectSslStateTest02(void)
+static int DetectSslStateTest02(void)
{
DetectSslStateData *ssd = DetectSslStateParse("server_hello , client_hello");
FAIL_IF_NULL(ssd);
PASS;
}
-int DetectSslStateTest03(void)
+static int DetectSslStateTest03(void)
{
DetectSslStateData *ssd = DetectSslStateParse("server_hello , client_keyx , "
"client_hello");
PASS;
}
-int DetectSslStateTest04(void)
+static int DetectSslStateTest04(void)
{
DetectSslStateData *ssd = DetectSslStateParse("server_hello , client_keyx , "
"client_hello , server_keyx , "
PASS;
}
-int DetectSslStateTest05(void)
+static int DetectSslStateTest05(void)
{
DetectSslStateData *ssd = DetectSslStateParse(", server_hello , client_keyx , "
"client_hello , server_keyx , "
PASS;
}
-int DetectSslStateTest06(void)
+static int DetectSslStateTest06(void)
{
DetectSslStateData *ssd = DetectSslStateParse("server_hello , client_keyx , "
"client_hello , server_keyx , "
* \brief Test that the "|" character still works as a separate for
* compatibility with older Suricata rules.
*/
-int DetectSslStateTest08(void)
+static int DetectSslStateTest08(void)
{
DetectSslStateData *ssd = DetectSslStateParse("server_hello|client_hello");
FAIL_IF_NULL(ssd);
/**
* \test Test parsing of negated states.
*/
-int DetectSslStateTestParseNegate(void)
+static int DetectSslStateTestParseNegate(void)
{
DetectSslStateData *ssd = DetectSslStateParse("!client_hello");
FAIL_IF_NULL(ssd);
#endif /* UNITTESTS */
-void DetectSslStateRegisterTests(void)
+static void DetectSslStateRegisterTests(void)
{
#ifdef UNITTESTS
UtRegisterTest("DetectSslStateTest01", DetectSslStateTest01);
UtRegisterTest("DetectSslStateTestParseNegate",
DetectSslStateTestParseNegate);
#endif
-
return;
}
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2016 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
Flow *, uint8_t, void *,
const Signature *, const SigMatchData *);
static int DetectSslVersionSetup(DetectEngineCtx *, Signature *, char *);
-void DetectSslVersionRegisterTests(void);
-void DetectSslVersionFree(void *);
+static void DetectSslVersionRegisterTests(void);
+static void DetectSslVersionFree(void *);
/**
* \brief Registration function for keyword: ssl_version
* \retval ssl pointer to DetectSslVersionData on success
* \retval NULL on failure
*/
-DetectSslVersionData *DetectSslVersionParse(char *str)
+static DetectSslVersionData *DetectSslVersionParse(char *str)
{
DetectSslVersionData *ssl = NULL;
#define MAX_SUBSTRINGS 30
DetectSslVersionData *ssl = NULL;
SigMatch *sm = NULL;
+ if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
+ SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
+ goto error;
+ }
+
ssl = DetectSslVersionParse(str);
if (ssl == NULL)
goto error;
sm->type = DETECT_AL_SSL_VERSION;
sm->ctx = (void *)ssl;
- if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
- SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
- goto error;
- }
-
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
s->alproto = ALPROTO_TLS;
* \test DetectSslVersionTestParse01 is a test to make sure that we parse the
* "ssl_version" option correctly when given valid ssl_version option
*/
-int DetectSslVersionTestParse01(void)
+static int DetectSslVersionTestParse01(void)
{
DetectSslVersionData *ssl = NULL;
ssl = DetectSslVersionParse("SSlv3");
* "ssl_version" option correctly when given an invalid ssl_version option
* it should return ssl = NULL
*/
-int DetectSslVersionTestParse02(void)
+static int DetectSslVersionTestParse02(void)
{
DetectSslVersionData *ssl = NULL;
ssl = DetectSslVersionParse("2.5");
* \test DetectSslVersionTestParse03 is a test to make sure that we parse the
* "ssl_version" options correctly when given valid ssl_version options
*/
-int DetectSslVersionTestParse03(void)
+static int DetectSslVersionTestParse03(void)
{
DetectSslVersionData *ssl = NULL;
ssl = DetectSslVersionParse("SSlv3,tls1.0, !tls1.2");
/**
* \brief this function registers unit tests for DetectSslVersion
*/
-void DetectSslVersionRegisterTests(void)
+static void DetectSslVersionRegisterTests(void)
{
#ifdef UNITTESTS /* UNITTESTS */
UtRegisterTest("DetectSslVersionTestParse01", DetectSslVersionTestParse01);
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2016 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
Flow *, uint8_t, void *,
const Signature *, const SigMatchData *);
static int DetectTlsVersionSetup (DetectEngineCtx *, Signature *, char *);
-void DetectTlsVersionRegisterTests(void);
-void DetectTlsVersionFree(void *);
+static void DetectTlsVersionRegisterTests(void);
+static void DetectTlsVersionFree(void *);
/**
* \brief Registration function for keyword: tls.version
* \retval id_d pointer to DetectTlsVersionData on success
* \retval NULL on failure
*/
-DetectTlsVersionData *DetectTlsVersionParse (char *str)
+static DetectTlsVersionData *DetectTlsVersionParse (char *str)
{
uint16_t temp;
DetectTlsVersionData *tls = NULL;
DetectTlsVersionData *tls = NULL;
SigMatch *sm = NULL;
+ if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
+ SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
+ goto error;
+ }
+
tls = DetectTlsVersionParse(str);
- if (tls == NULL) goto error;
+ if (tls == NULL)
+ goto error;
/* Okay so far so good, lets get this into a SigMatch
* and put it in the Signature. */
sm->type = DETECT_AL_TLS_VERSION;
sm->ctx = (void *)tls;
- if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
- SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
- goto error;
- }
-
SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
s->alproto = ALPROTO_TLS;
return 0;
error:
- if (tls != NULL) DetectTlsVersionFree(tls);
- if (sm != NULL) SCFree(sm);
+ if (tls != NULL)
+ DetectTlsVersionFree(tls);
+ if (sm != NULL)
+ SCFree(sm);
return -1;
}
*
* \param id_d pointer to DetectTlsVersionData
*/
-void DetectTlsVersionFree(void *ptr)
+static void DetectTlsVersionFree(void *ptr)
{
DetectTlsVersionData *id_d = (DetectTlsVersionData *)ptr;
SCFree(id_d);
* \test DetectTlsVersionTestParse01 is a test to make sure that we parse the "id"
* option correctly when given valid id option
*/
-int DetectTlsVersionTestParse01 (void)
+static int DetectTlsVersionTestParse01 (void)
{
DetectTlsVersionData *tls = NULL;
tls = DetectTlsVersionParse("1.0");
* option correctly when given an invalid id option
* it should return id_d = NULL
*/
-int DetectTlsVersionTestParse02 (void)
+static int DetectTlsVersionTestParse02 (void)
{
DetectTlsVersionData *tls = NULL;
tls = DetectTlsVersionParse("2.5");
/**
* \brief this function registers unit tests for DetectTlsVersion
*/
-void DetectTlsVersionRegisterTests(void)
+static void DetectTlsVersionRegisterTests(void)
{
#ifdef UNITTESTS /* UNITTESTS */
UtRegisterTest("DetectTlsVersionTestParse01", DetectTlsVersionTestParse01);
projects / thirdparty / suricata.git / commitdiff
