http2: there is no status msg in HTTP2

author Philippe Antoine <contact@catenacyber.fr>

Mon, 26 Apr 2021 12:40:33 +0000 (14:40 +0200)

committer Victor Julien <victor@inliniac.net>

Tue, 18 May 2021 10:10:29 +0000 (12:10 +0200)
author Philippe Antoine <contact@catenacyber.fr>
Mon, 26 Apr 2021 12:40:33 +0000 (14:40 +0200)
committer Victor Julien <victor@inliniac.net>
Tue, 18 May 2021 10:10:29 +0000 (12:10 +0200)
diff --git a/src/detect-http-stat-msg.c b/src/detect-http-stat-msg.c

index 70f2c2acd8857cb4805d1b5686070dcab96a4090..44952331e78605a28ae31c4d2566e2b39d001212 100644 (file)
--- a/src/detect-http-stat-msg.c
+++ b/src/detect-http-stat-msg.c
@@ -71,9 +71,6 @@ static int g_http_stat_msg_buffer_id = 0;
  static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx,
          const DetectEngineTransforms *transforms, Flow *_f,
          const uint8_t _flow_flags, void *txv, const int list_id);
-static InspectionBuffer *GetData2(DetectEngineThreadCtx *det_ctx,
-        const DetectEngineTransforms *transforms, Flow *_f, const uint8_t _flow_flags, void *txv,
-        const int list_id);
  static int DetectHttpStatMsgSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str);
  
  /**
@@ -105,12 +102,6 @@ void DetectHttpStatMsgRegister (void)
      DetectAppLayerMpmRegister2("http_stat_msg", SIG_FLAG_TOCLIENT, 3, PrefilterGenericMpmRegister,
              GetData, ALPROTO_HTTP1, HTP_RESPONSE_LINE);
  
-    DetectAppLayerInspectEngineRegister2("http_stat_msg", ALPROTO_HTTP2, SIG_FLAG_TOCLIENT,
-            HTTP2StateDataServer, DetectEngineInspectBufferGeneric, GetData2);
-
-    DetectAppLayerMpmRegister2("http_stat_msg", SIG_FLAG_TOCLIENT, 2, PrefilterGenericMpmRegister,
-            GetData2, ALPROTO_HTTP2, HTTP2StateDataServer);
-
      DetectBufferTypeSetDescriptionByName("http_stat_msg",
              "http response status message");
  
@@ -147,7 +138,7 @@ static int DetectHttpStatMsgSetupSticky(DetectEngineCtx *de_ctx, Signature *s, c
  {
      if (DetectBufferSetActiveList(s, g_http_stat_msg_buffer_id) < 0)
          return -1;
-    if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
+    if (DetectSignatureSetAppProto(s, ALPROTO_HTTP1) < 0)
          return -1;
      return 0;
  }
@@ -175,29 +166,6 @@ static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx,
      return buffer;
  }
  
-static InspectionBuffer *GetData2(DetectEngineThreadCtx *det_ctx,
-        const DetectEngineTransforms *transforms, Flow *_f, const uint8_t _flow_flags, void *txv,
-        const int list_id)
-{
-    SCEnter();
-
-    InspectionBuffer *buffer = InspectionBufferGet(det_ctx, list_id);
-    if (buffer->inspect == NULL) {
-        uint32_t b_len = 0;
-        const uint8_t *b = NULL;
-
-        if (rs_http2_tx_get_status(txv, &b, &b_len) != 1)
-            return NULL;
-        if (b == NULL || b_len == 0)
-            return NULL;
-
-        InspectionBufferSetup(det_ctx, list_id, buffer, b, b_len);
-        InspectionBufferApplyTransforms(buffer, transforms);
-    }
-
-    return buffer;
-}
-
  #ifdef UNITTESTS
  #include "tests/detect-http-stat-msg.c"
  #endif /* UNITTESTS */
author	Philippe Antoine <contact@catenacyber.fr>
	Mon, 26 Apr 2021 12:40:33 +0000 (14:40 +0200)
committer	Victor Julien <victor@inliniac.net>
	Tue, 18 May 2021 10:10:29 +0000 (12:10 +0200)