tls: don't set 2 events for a single exception

Keep the more specific ones.

(cherry picked from commit e9d63f335542b45123796f42801de730a63e6432)

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index c44b33e1b0f8dbc8afe1b3b1d75c9a1b06b41808..113dd34fae2995d198014b6066b4951816463322 100644 (file)
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -1624,7 +1624,6 @@ static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, const uint8_t *input
 
             SSLParserHSReset(ssl_state->curr_connp);
             SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE);
-            SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD);
             continue;
         }
 
@@ -2280,10 +2279,7 @@ static struct SSLDecoderResult SSLv3Decode(uint8_t direction, SSLState *ssl_stat
             SCLogDebug("retval %d", retval);
             if (retval < 0 || retval > (int)record_len) {
                 DEBUG_VALIDATE_BUG_ON(retval > (int)record_len);
-                SSLSetEvent(ssl_state,
-                        TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE);
-                SSLSetEvent(ssl_state,
-                        TLS_DECODER_EVENT_INVALID_SSL_RECORD);
+                SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE);
                 SCLogDebug("SSLv3ParseHandshakeProtocol returned %d", retval);
                 return SSL_DECODER_ERROR(-1);
             }
@@ -2300,9 +2296,7 @@ static struct SSLDecoderResult SSLv3Decode(uint8_t direction, SSLState *ssl_stat
             break;
         }
         default:
-            /* \todo fix the event from invalid rule to unknown rule */
             SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_TYPE);
-            SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD);
             SCLogDebug("unsupported record type");
             return SSL_DECODER_ERROR(-1);
     }