detect/krb5: add krb5.sname and krb5.cname

diff --git a/src/detect-krb5-cname.c b/src/detect-krb5-cname.c
index 2c1a9a8232e6768981cec12181f0b910c1ef6b9e..a37441f052a6affee0f3a7f4840e3f130bc55d46 100644 (file)
--- a/src/detect-krb5-cname.c
+++ b/src/detect-krb5-cname.c
@@ -33,7 +33,6 @@
 
 #include "detect-krb5-cname.h"
 
-#ifdef HAVE_RUST
 #include "rust.h"
 #include "app-layer-krb5.h"
 #include "rust-krb-detect-gen.h"
@@ -47,7 +46,8 @@ struct Krb5PrincipalNameDataArgs {
 
 static int DetectKrb5CNameSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
 {
-    DetectBufferSetActiveList(s, g_krb5_cname_buffer_id);
+    if (DetectBufferSetActiveList(s, g_krb5_cname_buffer_id) < 0)
+        return -1;
 
     if (DetectSignatureSetAppProto(s, ALPROTO_KRB5) != 0)
         return -1;
@@ -192,9 +192,10 @@ static int PrefilterMpmKrb5CNameRegister(DetectEngineCtx *de_ctx,
 
 void DetectKrb5CNameRegister(void)
 {
-    sigmatch_table[DETECT_AL_KRB5_CNAME].name = "krb5_cname";
+    sigmatch_table[DETECT_AL_KRB5_CNAME].name = "krb5.cname";
+    sigmatch_table[DETECT_AL_KRB5_CNAME].alias = "krb5_cname";
     sigmatch_table[DETECT_AL_KRB5_CNAME].Setup = DetectKrb5CNameSetup;
-    sigmatch_table[DETECT_AL_KRB5_CNAME].flags |= SIGMATCH_NOOPT;
+    sigmatch_table[DETECT_AL_KRB5_CNAME].flags |= SIGMATCH_NOOPT|SIGMATCH_INFO_STICKY_BUFFER;
     sigmatch_table[DETECT_AL_KRB5_CNAME].desc = "sticky buffer to match on Kerberos 5 client name";
 
     DetectAppLayerMpmRegister2("krb5_cname", SIG_FLAG_TOCLIENT, 2,
@@ -210,9 +211,3 @@ void DetectKrb5CNameRegister(void)
 
     g_krb5_cname_buffer_id = DetectBufferTypeGetByName("krb5_cname");
 }
-
-#else /* NO RUST */
-
-void DetectKrb5CNameRegister(void) {}
-
-#endif

diff --git a/src/detect-krb5-sname.c b/src/detect-krb5-sname.c
index dd01c7d9635ab3e7461f97d19626191a72d84849..5a919bfb2adea9b83177fbc97ed37245e627ad82 100644 (file)
--- a/src/detect-krb5-sname.c
+++ b/src/detect-krb5-sname.c
@@ -33,7 +33,6 @@
 
 #include "detect-krb5-sname.h"
 
-#ifdef HAVE_RUST
 #include "rust.h"
 #include "app-layer-krb5.h"
 #include "rust-krb-detect-gen.h"
@@ -47,7 +46,8 @@ struct Krb5PrincipalNameDataArgs {
 
 static int DetectKrb5SNameSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
 {
-    DetectBufferSetActiveList(s, g_krb5_sname_buffer_id);
+    if (DetectBufferSetActiveList(s, g_krb5_sname_buffer_id) < 0)
+        return -1;
 
     if (DetectSignatureSetAppProto(s, ALPROTO_KRB5) != 0)
         return -1;
@@ -192,9 +192,10 @@ static int PrefilterMpmKrb5SNameRegister(DetectEngineCtx *de_ctx,
 
 void DetectKrb5SNameRegister(void)
 {
-    sigmatch_table[DETECT_AL_KRB5_SNAME].name = "krb5_sname";
+    sigmatch_table[DETECT_AL_KRB5_SNAME].name = "krb5.sname";
+    sigmatch_table[DETECT_AL_KRB5_SNAME].alias = "krb5_sname";
     sigmatch_table[DETECT_AL_KRB5_SNAME].Setup = DetectKrb5SNameSetup;
-    sigmatch_table[DETECT_AL_KRB5_SNAME].flags |= SIGMATCH_NOOPT;
+    sigmatch_table[DETECT_AL_KRB5_SNAME].flags |= SIGMATCH_NOOPT|SIGMATCH_INFO_STICKY_BUFFER;
     sigmatch_table[DETECT_AL_KRB5_SNAME].desc = "sticky buffer to match on Kerberos 5 server name";
 
     DetectAppLayerMpmRegister2("krb5_sname", SIG_FLAG_TOCLIENT, 2,
@@ -210,9 +211,3 @@ void DetectKrb5SNameRegister(void)
 
     g_krb5_sname_buffer_id = DetectBufferTypeGetByName("krb5_sname");
 }
-
-#else /* NO RUST */
-
-void DetectKrb5SNameRegister(void) {}
-
-#endif