detect: reuse hook based generic lists

author Victor Julien <vjulien@oisf.net>

Mon, 20 Jan 2025 12:05:32 +0000 (13:05 +0100)

committer Victor Julien <victor@inliniac.net>

Mon, 7 Apr 2025 20:04:13 +0000 (22:04 +0200)
author Victor Julien <vjulien@oisf.net>
Mon, 20 Jan 2025 12:05:32 +0000 (13:05 +0100)
committer Victor Julien <victor@inliniac.net>
Mon, 7 Apr 2025 20:04:13 +0000 (22:04 +0200)
diff --git a/src/detect-dns-query.c b/src/detect-dns-query.c

index 5d3a7a5c4c44b69695270375a087fb2418b138c5..ef73d58418c7499b93729a46d36be74291143953 100644 (file)
--- a/src/detect-dns-query.c
+++ b/src/detect-dns-query.c
@@ -107,16 +107,6 @@ void DetectDnsQueryRegister (void)
      DetectBufferTypeSupportsMultiInstance("dns_query");
  
      g_dns_query_buffer_id = DetectBufferTypeGetByName("dns_query");
-
-    /* register these generic engines from here for now */
-    DetectAppLayerInspectEngineRegister(
-            "dns_request", ALPROTO_DNS, SIG_FLAG_TOSERVER, 1, DetectEngineInspectGenericList, NULL);
-    DetectAppLayerInspectEngineRegister("dns_response", ALPROTO_DNS, SIG_FLAG_TOCLIENT, 1,
-            DetectEngineInspectGenericList, NULL);
-
-    DetectBufferTypeSetDescriptionByName("dns_request",
-            "dns requests");
-    DetectBufferTypeSetDescriptionByName("dns_response", "dns responses");
  }
  
  
diff --git a/src/detect-tls-cert-validity.c b/src/detect-tls-cert-validity.c

index 9e858dc85112953f9f77b2c719662776d95f68b5..0af00a56a67698d08458838d3cfed90f17530388 100644 (file)
--- a/src/detect-tls-cert-validity.c
+++ b/src/detect-tls-cert-validity.c
@@ -123,7 +123,7 @@ void DetectTlsValidityRegister (void)
  
      DetectSetupParseRegexes(PARSE_REGEX, &parse_regex);
  
-    g_tls_validity_buffer_id = DetectBufferTypeGetByName("tls_validity");
+    g_tls_validity_buffer_id = DetectBufferTypeGetByName("tls:server_cert_done:generic");
  }
  
  /**
diff --git a/src/detect-tls-certs.c b/src/detect-tls-certs.c

index 90193df5d73f3b013e8307e904fc390978ea7093..fdf2f5a90fab79f8aad84cdc93fe6fc3877ab909 100644 (file)
--- a/src/detect-tls-certs.c
+++ b/src/detect-tls-certs.c
@@ -157,7 +157,7 @@ static int DetectTlsCertsSetup(DetectEngineCtx *de_ctx, Signature *s,
  }
  
  static int g_tls_cert_buffer_id = 0;
-#define BUFFER_NAME  "tls_validity"
+#define BUFFER_NAME  "tls:server_cert_done:generic"
  #define KEYWORD_ID   DETECT_TLS_CHAIN_LEN
  #define KEYWORD_NAME "tls.cert_chain_len"
  #define KEYWORD_DESC "match TLS certificate chain length"
@@ -252,9 +252,6 @@ void DetectTlsCertChainLenRegister(void)
      sigmatch_table[KEYWORD_ID].Setup = DetectTLSCertChainLenSetup;
      sigmatch_table[KEYWORD_ID].Free = DetectTLSCertChainLenFree;
  
-    DetectAppLayerInspectEngineRegister(BUFFER_NAME, ALPROTO_TLS, SIG_FLAG_TOCLIENT,
-            TLS_STATE_SERVER_CERT_DONE, DetectEngineInspectGenericList, NULL);
-
      g_tls_cert_buffer_id = DetectBufferTypeGetByName(BUFFER_NAME);
  }
author	Victor Julien <vjulien@oisf.net>
	Mon, 20 Jan 2025 12:05:32 +0000 (13:05 +0100)
committer	Victor Julien <victor@inliniac.net>
	Mon, 7 Apr 2025 20:04:13 +0000 (22:04 +0200)
src/detect-dns-query.c		patch \| blob \| blame \| history
src/detect-tls-cert-validity.c		patch \| blob \| blame \| history
src/detect-tls-certs.c		patch \| blob \| blame \| history