const uint8_t _flow_flags, void *txv, const int list_id);
static int DetectHttpStatMsgSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str);
+static InspectionBuffer *GetData2(DetectEngineThreadCtx *det_ctx,
+ const DetectEngineTransforms *transforms, Flow *_f, const uint8_t _flow_flags, void *txv,
+ const int list_id)
+{
+ InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id);
+ if (buffer->inspect == NULL) {
+ InspectionBufferSetup(det_ctx, list_id, buffer, (const uint8_t *)"", 0);
+ InspectionBufferApplyTransforms(buffer, transforms);
+ }
+
+ return buffer;
+}
+
/**
* \brief Registration function for keyword: http_stat_msg
*/
DetectAppLayerMpmRegister2("http_stat_msg", SIG_FLAG_TOCLIENT, 3, PrefilterGenericMpmRegister,
GetData, ALPROTO_HTTP1, HTP_RESPONSE_LINE);
+ DetectAppLayerInspectEngineRegister2("http_stat_msg", ALPROTO_HTTP2, SIG_FLAG_TOCLIENT,
+ HTTP2StateDataServer, DetectEngineInspectBufferGeneric, GetData2);
+ DetectAppLayerMpmRegister2("http_stat_msg", SIG_FLAG_TOCLIENT, 2, PrefilterGenericMpmRegister,
+ GetData2, ALPROTO_HTTP2, HTTP2StateDataServer);
+
DetectBufferTypeSetDescriptionByName("http_stat_msg",
"http response status message");
{
if (DetectBufferSetActiveList(de_ctx, s, g_http_stat_msg_buffer_id) < 0)
return -1;
- if (DetectSignatureSetAppProto(s, ALPROTO_HTTP1) < 0)
+ if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
return 0;
}