signature: checks protocol for file.name keyword

By setting the flags as for the filename keyword (not sticky version)

diff --git a/src/detect-filename.c b/src/detect-filename.c
index 7e6fd36d4d9fe2a20807d8a28b5f94a1ea90acce..d737e5b7279ce47bc3a25e38ee0c0a4c26145c34 100644 (file)
--- a/src/detect-filename.c
+++ b/src/detect-filename.c
@@ -349,6 +349,7 @@ static int DetectFilenameSetupSticky(DetectEngineCtx *de_ctx, Signature *s, cons
 {
     if (DetectBufferSetActiveList(s, g_file_name_buffer_id) < 0)
         return -1;
+    s->file_flags |= (FILE_SIG_NEED_FILE | FILE_SIG_NEED_FILENAME);
     return 0;
 }
 
@@ -571,4 +572,4 @@ void DetectFilenameRegisterTests(void)
     UtRegisterTest("DetectFilenameTestParse02", DetectFilenameTestParse02);
     UtRegisterTest("DetectFilenameTestParse03", DetectFilenameTestParse03);
 }
-#endif /* UNITTESTS */
\ No newline at end of file
+#endif /* UNITTESTS */

diff --git a/src/detect-parse.c b/src/detect-parse.c
index b14a15b2e5ea38a9592387f2295c1721b59b5222..3f33f360e8418bf398549c81ea8951c65ed860a2 100644 (file)
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@@ -1857,6 +1857,11 @@ static int SigValidate(DetectEngineCtx *de_ctx, Signature *s)
                     "support file matching", AppProtoToString(s->alproto));
             SCReturnInt(0);
         }
+        if (s->alproto == ALPROTO_HTTP2 && (s->file_flags & FILE_SIG_NEED_FILENAME)) {
+            SCLogError(SC_ERR_NO_FILES_FOR_PROTOCOL,
+                    "protocol HTTP2 doesn't support file name matching");
+            SCReturnInt(0);
+        }
 
         if (s->alproto == ALPROTO_HTTP) {
             AppLayerHtpNeedFileInspection();