use std::os::raw::{c_int, c_void};
use suricata::cast_pointer;
use suricata::detect::{
- helper_keyword_register_sticky_buffer, DetectBufferSetActiveList,
- DetectHelperBufferMpmRegister, DetectHelperGetData, DetectSignatureSetAppProto,
- SigTableElmtStickyBuffer,
+ helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister, DetectHelperGetData,
+ DetectSignatureSetAppProto, SigTableElmtStickyBuffer,
};
use suricata::direction::Direction;
+use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
static mut G_TEMPLATE_BUFFER_BUFFER_ID: c_int = 0;
unsafe extern "C" fn template_buffer_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_TEMPLATE) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_TEMPLATE_BUFFER_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_TEMPLATE_BUFFER_BUFFER_ID) < 0 {
return -1;
}
return 0;
use crate::conf::conf_get_node;
/* TEMPLATE_END_REMOVE */
use crate::detect::{
- helper_keyword_register_sticky_buffer, DetectBufferSetActiveList,
- DetectHelperBufferMpmRegister, DetectHelperGetData, DetectSignatureSetAppProto,
- SigTableElmtStickyBuffer,
+ helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister, DetectHelperGetData,
+ DetectSignatureSetAppProto, SigTableElmtStickyBuffer,
};
use crate::direction::Direction;
use std::os::raw::{c_int, c_void};
+use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
static mut G_TEMPLATE_BUFFER_BUFFER_ID: c_int = 0;
unsafe extern "C" fn template_buffer_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_TEMPLATE) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_TEMPLATE_BUFFER_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_TEMPLATE_BUFFER_BUFFER_ID) < 0 {
return -1;
}
return 0;
use std::ffi::CString;
use crate::core::DetectEngineThreadCtx;
-use suricata_sys::sys::AppProto;
+use suricata_sys::sys::{AppProto, DetectEngineCtx, Signature};
/// EnumString trait that will be implemented on enums that
/// derive StringEnum.
pub url: String,
/// function callback to parse and setup keyword in rule
pub setup: unsafe extern "C" fn(
- de: *mut c_void,
- s: *mut c_void,
+ de: *mut DetectEngineCtx,
+ s: *mut Signature,
raw: *const std::os::raw::c_char,
) -> c_int,
}
pub flags: u16,
/// function callback to parse and setup keyword in rule
pub Setup: unsafe extern "C" fn(
- de: *mut c_void,
- s: *mut c_void,
+ de: *mut DetectEngineCtx,
+ s: *mut Signature,
raw: *const std::os::raw::c_char,
) -> c_int,
/// function callback to free structure allocated by setup if any
/// cbindgen:ignore
extern "C" {
pub fn DetectHelperKeywordSetCleanCString(id: c_int);
- pub fn DetectBufferSetActiveList(de: *mut c_void, s: *mut c_void, bufid: c_int) -> c_int;
pub fn DetectHelperGetData(
de: *mut c_void, transforms: *const c_void, flow: *const c_void, flow_flags: u8,
tx: *const c_void, list_id: c_int,
pub fn DetectHelperBufferRegister(
name: *const libc::c_char, alproto: AppProto, toclient: bool, toserver: bool,
) -> c_int;
- pub fn DetectSignatureSetAppProto(s: *mut c_void, alproto: AppProto) -> c_int;
+ pub fn DetectSignatureSetAppProto(s: *mut Signature, alproto: AppProto) -> c_int;
pub fn SigMatchAppendSMToList(
- de: *mut c_void, s: *mut c_void, kwid: c_int, ctx: *const c_void, bufid: c_int,
+ de: *mut DetectEngineCtx, s: *mut Signature, kwid: c_int, ctx: *const c_void, bufid: c_int,
) -> *mut c_void;
// in detect-engine-helper.h
pub fn DetectHelperMultiBufferMpmRegister(
DetectHelperBufferRegister, DetectHelperKeywordRegister, DetectSignatureSetAppProto,
SCSigTableAppLiteElmt, SigMatchAppendSMToList,
};
+use suricata_sys::sys::{DetectEngineCtx, Signature};
use std::os::raw::{c_int, c_void};
fn dhcp_tx_get_time(tx: &DHCPTransaction, code: u8) -> Option<u64> {
static mut G_DHCP_RENEWAL_TIME_BUFFER_ID: c_int = 0;
unsafe extern "C" fn dhcp_detect_leasetime_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_DHCP) != 0 {
return -1;
}
unsafe extern "C" fn dhcp_detect_rebindingtime_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_DHCP) != 0 {
return -1;
}
unsafe extern "C" fn dhcp_detect_renewaltime_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_DHCP) != 0 {
return -1;
SCDetectU8Parse,
};
use crate::detect::{
- helper_keyword_register_sticky_buffer, DetectBufferSetActiveList, DetectHelperBufferRegister,
+ helper_keyword_register_sticky_buffer, DetectHelperBufferRegister,
DetectHelperKeywordAliasRegister, DetectHelperKeywordRegister,
DetectHelperMultiBufferProgressMpmRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
SigMatchAppendSMToList, SigTableElmtStickyBuffer,
use crate::direction::Direction;
use std::ffi::CStr;
use std::os::raw::{c_int, c_void};
+use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
/// Perform the DNS opcode match.
///
static mut G_DNS_RRTYPE_BUFFER_ID: c_int = 0;
unsafe extern "C" fn dns_opcode_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_DNS) != 0 {
return -1;
}
unsafe extern "C" fn dns_rcode_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_DNS) != 0 {
return -1;
}
unsafe extern "C" fn dns_rrtype_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_DNS) != 0 {
return -1;
}
unsafe extern "C" fn dns_detect_answer_name_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_DNS) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_DNS_ANSWER_NAME_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_DNS_ANSWER_NAME_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn dns_detect_query_name_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_DNS) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_DNS_QUERY_NAME_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_DNS_QUERY_NAME_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn dns_detect_query_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_DNS) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_DNS_QUERY_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_DNS_QUERY_BUFFER_ID) < 0 {
return -1;
}
return 0;
SCDetectU8Match, SCDetectU8Parse,
};
use crate::detect::{
- helper_keyword_register_sticky_buffer, DetectBufferSetActiveList,
- DetectHelperBufferMpmRegister, DetectHelperBufferRegister, DetectHelperGetData,
- DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
- SigMatchAppendSMToList, SigTableElmtStickyBuffer,
+ helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
+ DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
+ DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList,
+ SigTableElmtStickyBuffer,
};
+use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
use crate::direction::Direction;
}
unsafe extern "C" fn cipservice_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn capabilities_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn cip_attribute_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn cip_class_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn vendor_id_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn status_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn state_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn serial_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn revision_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn protocol_version_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn product_code_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn identity_status_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn device_type_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn command_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn cip_status_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn cip_instance_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
unsafe extern "C" fn cip_extendedstatus_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
pub unsafe extern "C" fn product_name_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_ENIP_PRODUCT_NAME_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_ENIP_PRODUCT_NAME_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
pub unsafe extern "C" fn service_name_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_ENIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_ENIP_SERVICE_NAME_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_ENIP_SERVICE_NAME_BUFFER_ID) < 0 {
return -1;
}
return 0;
SCDetectU8Free,
};
use crate::detect::{
- helper_keyword_register_sticky_buffer, DetectBufferSetActiveList,
- DetectHelperBufferMpmRegister, DetectHelperBufferRegister, DetectHelperGetData,
- DetectHelperKeywordRegister, DetectHelperMultiBufferMpmRegister, DetectSignatureSetAppProto,
- SCSigTableAppLiteElmt, SigMatchAppendSMToList, SigTableElmtStickyBuffer,
+ helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
+ DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
+ DetectHelperMultiBufferMpmRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
+ SigMatchAppendSMToList, SigTableElmtStickyBuffer,
};
use crate::ldap::types::{LdapMessage, LdapResultCode, ProtocolOp, ProtocolOpCode};
+use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
use std::collections::VecDeque;
use std::ffi::CStr;
}
unsafe extern "C" fn ldap_detect_request_operation_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_LDAP) != 0 {
return -1;
}
unsafe extern "C" fn ldap_detect_responses_operation_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_LDAP) != 0 {
return -1;
}
unsafe extern "C" fn ldap_detect_responses_count_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_LDAP) != 0 {
return -1;
}
unsafe extern "C" fn ldap_detect_request_dn_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_LDAP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_LDAP_REQUEST_DN_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_LDAP_REQUEST_DN_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn ldap_detect_responses_dn_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_LDAP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_LDAP_RESPONSES_DN_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_LDAP_RESPONSES_DN_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn ldap_detect_responses_result_code_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_LDAP) != 0 {
return -1;
}
unsafe extern "C" fn ldap_detect_responses_msg_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_LDAP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_LDAP_RESPONSES_MSG_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_LDAP_RESPONSES_MSG_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn ldap_detect_request_attibute_type_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_LDAP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_LDAP_REQUEST_ATTRIBUTE_TYPE_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_LDAP_REQUEST_ATTRIBUTE_TYPE_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn ldap_detect_responses_attibute_type_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_LDAP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_LDAP_RESPONSES_ATTRIBUTE_TYPE_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_LDAP_RESPONSES_ATTRIBUTE_TYPE_BUFFER_ID) < 0 {
return -1;
}
return 0;
SCDetectU8Free, SCDetectU8Parse,
};
use crate::detect::{
- helper_keyword_register_sticky_buffer, DetectBufferSetActiveList,
- DetectHelperBufferMpmRegister, DetectHelperBufferRegister, DetectHelperGetData,
- DetectHelperKeywordRegister, DetectHelperMultiBufferMpmRegister, DetectSignatureSetAppProto,
- SCSigTableAppLiteElmt, SigMatchAppendSMToList, SigTableElmtStickyBuffer,
+ helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
+ DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
+ DetectHelperMultiBufferMpmRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
+ SigMatchAppendSMToList, SigTableElmtStickyBuffer,
};
+use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
use nom7::branch::alt;
use nom7::bytes::complete::{is_a, tag};
}
unsafe extern "C" fn unsub_topic_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_MQTT_UNSUB_TOPIC_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_MQTT_UNSUB_TOPIC_BUFFER_ID) < 0 {
return -1;
}
}
unsafe extern "C" fn sub_topic_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_MQTT_SUB_TOPIC_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_MQTT_SUB_TOPIC_BUFFER_ID) < 0 {
return -1;
}
}
unsafe extern "C" fn mqtt_type_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
unsafe extern "C" fn mqtt_reason_code_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
unsafe extern "C" fn mqtt_qos_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
unsafe extern "C" fn mqtt_connack_sessionpresent_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
unsafe extern "C" fn mqtt_pub_topic_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_MQTT_PUB_TOPIC_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_MQTT_PUB_TOPIC_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn mqtt_pub_msg_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_MQTT_PUB_MSG_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_MQTT_PUB_MSG_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn mqtt_protocol_version_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
unsafe extern "C" fn mqtt_flags_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
unsafe extern "C" fn mqtt_conn_flags_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
unsafe extern "C" fn mqtt_conn_willtopic_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_MQTT_CONN_WILLTOPIC_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_MQTT_CONN_WILLTOPIC_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn mqtt_conn_willmsg_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_MQTT_CONN_WILLMSG_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_MQTT_CONN_WILLMSG_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn mqtt_conn_username_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_MQTT_CONN_USERNAME_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_MQTT_CONN_USERNAME_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn mqtt_conn_protocolstring_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_MQTT_CONN_PROTOCOLSTRING_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_MQTT_CONN_PROTOCOLSTRING_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn mqtt_conn_password_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_MQTT_CONN_PASSWORD_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_MQTT_CONN_PASSWORD_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn mqtt_conn_clientid_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_MQTT) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_MQTT_CONN_CLIENTID_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_MQTT_CONN_CLIENTID_BUFFER_ID) < 0 {
return -1;
}
return 0;
detect_match_uint, detect_parse_uint_enum, DetectUintData, SCDetectU32Free, SCDetectU32Parse,
};
use crate::detect::{
- helper_keyword_register_sticky_buffer, DetectBufferSetActiveList,
- DetectHelperBufferMpmRegister, DetectHelperBufferRegister, DetectHelperGetData,
- DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
- SigMatchAppendSMToList, SigTableElmtStickyBuffer,
+ helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
+ DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
+ DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList,
+ SigTableElmtStickyBuffer,
};
use std::ffi::CStr;
use std::os::raw::{c_int, c_void};
use std::ptr;
+use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
unsafe extern "C" fn rfb_name_get_data(
tx: *const c_void, _flags: u8, buffer: *mut *const u8, buffer_len: *mut u32,
static mut G_RFB_SEC_RESULT_BUFFER_ID: c_int = 0;
unsafe extern "C" fn rfb_name_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_RFB) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_RFB_NAME_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_RFB_NAME_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn rfb_sec_type_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_RFB) != 0 {
return -1;
}
unsafe extern "C" fn rfb_sec_result_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_RFB) != 0 {
return -1;
use crate::core::{DetectEngineThreadCtx, STREAM_TOCLIENT, STREAM_TOSERVER};
use crate::detect::{
- helper_keyword_register_sticky_buffer, DetectBufferSetActiveList,
- DetectHelperBufferMpmRegister, DetectHelperGetData, DetectHelperMultiBufferMpmRegister,
- DetectSignatureSetAppProto, SigTableElmtStickyBuffer,
+ helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister, DetectHelperGetData,
+ DetectHelperMultiBufferMpmRegister, DetectSignatureSetAppProto, SigTableElmtStickyBuffer,
};
use crate::direction::Direction;
use crate::sip::sip::{SIPTransaction, ALPROTO_SIP};
use std::os::raw::{c_int, c_void};
use std::ptr;
+use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
static mut G_SDP_ORIGIN_BUFFER_ID: c_int = 0;
static mut G_SDP_SESSION_NAME_BUFFER_ID: c_int = 0;
static mut G_SDP_MEDIA_DESC_ENCRYPTION_KEY_BUFFER_ID: c_int = 0;
unsafe extern "C" fn sdp_session_name_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_SESSION_NAME_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_SESSION_NAME_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_session_info_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_SESSION_INFO_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_SESSION_INFO_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_origin_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_ORIGIN_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_ORIGIN_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_uri_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_URI_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_URI_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_email_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_EMAIL_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_EMAIL_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_phone_number_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_PHONE_NUMBER_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_PHONE_NUMBER_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_conn_data_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_CONNECTION_DATA_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_CONNECTION_DATA_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_bandwidth_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_BANDWIDTH_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_BANDWIDTH_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_time_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_TIME_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_TIME_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_repeat_time_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_REPEAT_TIME_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_REPEAT_TIME_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_timezone_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_TIMEZONE_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_TIMEZONE_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_encryption_key_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_ENCRYPTION_KEY_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_ENCRYPTION_KEY_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_attribute_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_ATTRIBUTE_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_ATTRIBUTE_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_media_desc_media_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_MEDIA_DESC_MEDIA_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_MEDIA_DESC_MEDIA_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_media_desc_session_info_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_MEDIA_DESC_SESSION_INFO_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_MEDIA_DESC_SESSION_INFO_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_media_desc_connection_data_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_MEDIA_DESC_CONNECTION_DATA_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_MEDIA_DESC_CONNECTION_DATA_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sdp_media_desc_encryption_key_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SDP_MEDIA_DESC_ENCRYPTION_KEY_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SDP_MEDIA_DESC_ENCRYPTION_KEY_BUFFER_ID) < 0 {
return -1;
}
return 0;
b"sdp.bandwidth\0".as_ptr() as *const libc::c_char,
b"sdp.bandwidth\0".as_ptr() as *const libc::c_char,
ALPROTO_SIP,
-STREAM_TOSERVER | STREAM_TOCLIENT,
+ STREAM_TOSERVER | STREAM_TOCLIENT,
sip_bandwidth_get_data,
);
let kw = SigTableElmtStickyBuffer {
b"sdp.time\0".as_ptr() as *const libc::c_char,
b"sdp.time\0".as_ptr() as *const libc::c_char,
ALPROTO_SIP,
-STREAM_TOSERVER | STREAM_TOCLIENT,
+ STREAM_TOSERVER | STREAM_TOCLIENT,
sdp_time_get_data,
);
let kw = SigTableElmtStickyBuffer {
b"sdp.repeat_time\0".as_ptr() as *const libc::c_char,
b"sdp.repeat_time\0".as_ptr() as *const libc::c_char,
ALPROTO_SIP,
-STREAM_TOSERVER | STREAM_TOCLIENT,
+ STREAM_TOSERVER | STREAM_TOCLIENT,
sdp_repeat_time_get_data,
);
let kw = SigTableElmtStickyBuffer {
b"sdp.attribute\0".as_ptr() as *const libc::c_char,
b"sdp.attribute\0".as_ptr() as *const libc::c_char,
ALPROTO_SIP,
-STREAM_TOSERVER | STREAM_TOCLIENT,
+ STREAM_TOSERVER | STREAM_TOCLIENT,
sip_attribute_get_data,
);
let kw = SigTableElmtStickyBuffer {
b"sdp.media.media\0".as_ptr() as *const libc::c_char,
b"sdp.media.media\0".as_ptr() as *const libc::c_char,
ALPROTO_SIP,
-STREAM_TOSERVER | STREAM_TOCLIENT,
+ STREAM_TOSERVER | STREAM_TOCLIENT,
sip_media_desc_media_get_data,
);
let kw = SigTableElmtStickyBuffer {
b"sdp.media.media_info\0".as_ptr() as *const libc::c_char,
b"sdp.media.media_info\0".as_ptr() as *const libc::c_char,
ALPROTO_SIP,
-STREAM_TOSERVER | STREAM_TOCLIENT,
+ STREAM_TOSERVER | STREAM_TOCLIENT,
sip_media_desc_session_info_get_data,
);
let kw = SigTableElmtStickyBuffer {
b"sdp.media.connection_data\0".as_ptr() as *const libc::c_char,
b"sdp.media.connection_data\0".as_ptr() as *const libc::c_char,
ALPROTO_SIP,
-STREAM_TOSERVER | STREAM_TOCLIENT,
+ STREAM_TOSERVER | STREAM_TOCLIENT,
sip_media_desc_connection_data_get_data,
);
let kw = SigTableElmtStickyBuffer {
b"sdp.media.encryption_key\0".as_ptr() as *const libc::c_char,
b"sdp.media.encryption_key\0".as_ptr() as *const libc::c_char,
ALPROTO_SIP,
-STREAM_TOSERVER | STREAM_TOCLIENT,
+ STREAM_TOSERVER | STREAM_TOCLIENT,
sip_media_desc_encryption_key_get_data,
);
}
use crate::core::{DetectEngineThreadCtx, STREAM_TOCLIENT, STREAM_TOSERVER};
use crate::detect::{
- helper_keyword_register_sticky_buffer, DetectBufferSetActiveList,
- DetectHelperBufferMpmRegister, DetectHelperGetData, DetectHelperMultiBufferMpmRegister,
- DetectSignatureSetAppProto, SigTableElmtStickyBuffer,
+ helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister, DetectHelperGetData,
+ DetectHelperMultiBufferMpmRegister, DetectSignatureSetAppProto, SigTableElmtStickyBuffer,
};
use crate::direction::Direction;
use crate::sip::sip::{SIPTransaction, ALPROTO_SIP};
use std::os::raw::{c_int, c_void};
use std::ptr;
+use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
static mut G_SIP_PROTOCOL_BUFFER_ID: c_int = 0;
static mut G_SIP_STAT_CODE_BUFFER_ID: c_int = 0;
}
unsafe extern "C" fn sip_protocol_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SIP_PROTOCOL_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SIP_PROTOCOL_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sip_stat_code_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SIP_STAT_CODE_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SIP_STAT_CODE_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sip_stat_msg_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SIP_STAT_MSG_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SIP_STAT_MSG_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sip_request_line_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SIP_REQUEST_LINE_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SIP_REQUEST_LINE_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sip_response_line_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SIP_RESPONSE_LINE_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SIP_RESPONSE_LINE_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sip_from_hdr_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SIP_FROM_HDR_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SIP_FROM_HDR_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sip_to_hdr_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SIP_TO_HDR_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SIP_TO_HDR_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sip_via_hdr_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SIP_VIA_HDR_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SIP_VIA_HDR_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sip_ua_hdr_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SIP_UA_HDR_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SIP_UA_HDR_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sip_content_type_hdr_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SIP_CONTENT_TYPE_HDR_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SIP_CONTENT_TYPE_HDR_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn sip_content_length_hdr_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SIP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SIP_CONTENT_LENGTH_HDR_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SIP_CONTENT_LENGTH_HDR_BUFFER_ID) < 0 {
return -1;
}
return 0;
use super::snmp::{SNMPTransaction, ALPROTO_SNMP};
use crate::detect::uint::{DetectUintData, SCDetectU32Free, SCDetectU32Match, SCDetectU32Parse};
use crate::detect::{
- helper_keyword_register_sticky_buffer, DetectBufferSetActiveList,
- DetectHelperBufferMpmRegister, DetectHelperBufferRegister, DetectHelperGetData,
- DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
- SigMatchAppendSMToList, SigTableElmtStickyBuffer,
+ helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
+ DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
+ DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList,
+ SigTableElmtStickyBuffer,
};
use std::os::raw::{c_int, c_void};
+use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
static mut G_SNMP_VERSION_KW_ID: c_int = 0;
static mut G_SNMP_VERSION_BUFFER_ID: c_int = 0;
static mut G_SNMP_COMMUNITY_BUFFER_ID: c_int = 0;
unsafe extern "C" fn snmp_detect_version_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SNMP) != 0 {
return -1;
}
unsafe extern "C" fn snmp_detect_pdutype_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SNMP) != 0 {
return -1;
}
unsafe extern "C" fn snmp_detect_usm_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SNMP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SNMP_USM_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SNMP_USM_BUFFER_ID) < 0 {
return -1;
}
return 0;
}
unsafe extern "C" fn snmp_detect_community_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_SNMP) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_SNMP_COMMUNITY_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_SNMP_COMMUNITY_BUFFER_ID) < 0 {
return -1;
}
return 0;
SCDetectU32Match, SCDetectU32Parse, SCDetectU8Free, SCDetectU8Match,
};
use crate::detect::{
- helper_keyword_register_sticky_buffer, DetectBufferSetActiveList,
- DetectHelperBufferMpmRegister, DetectHelperBufferRegister, DetectHelperGetData,
- DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt,
- SigMatchAppendSMToList, SigTableElmtStickyBuffer,
+ helper_keyword_register_sticky_buffer, DetectHelperBufferMpmRegister,
+ DetectHelperBufferRegister, DetectHelperGetData, DetectHelperKeywordRegister,
+ DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList,
+ SigTableElmtStickyBuffer,
};
use crate::websocket::parser::WebSocketOpcode;
+use suricata_sys::sys::{DetectEngineCtx, SCDetectBufferSetActiveList, Signature};
use nom7::branch::alt;
use nom7::bytes::complete::{is_a, tag};
static mut G_WEBSOCKET_PAYLOAD_BUFFER_ID: c_int = 0;
unsafe extern "C" fn websocket_detect_opcode_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_WEBSOCKET) != 0 {
return -1;
}
unsafe extern "C" fn websocket_detect_mask_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_WEBSOCKET) != 0 {
return -1;
}
unsafe extern "C" fn websocket_detect_flags_setup(
- de: *mut c_void, s: *mut c_void, raw: *const libc::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, raw: *const libc::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_WEBSOCKET) != 0 {
return -1;
}
pub unsafe extern "C" fn websocket_detect_payload_setup(
- de: *mut c_void, s: *mut c_void, _raw: *const std::os::raw::c_char,
+ de: *mut DetectEngineCtx, s: *mut Signature, _raw: *const std::os::raw::c_char,
) -> c_int {
if DetectSignatureSetAppProto(s, ALPROTO_WEBSOCKET) != 0 {
return -1;
}
- if DetectBufferSetActiveList(de, s, G_WEBSOCKET_PAYLOAD_BUFFER_ID) < 0 {
+ if SCDetectBufferSetActiveList(de, s, G_WEBSOCKET_PAYLOAD_BUFFER_ID) < 0 {
return -1;
}
return 0;
KeywordsRegister: ::std::option::Option<unsafe extern "C" fn()>,
) -> ::std::os::raw::c_int;
}
+#[repr(C)]
+#[derive(Debug, Copy, Clone)]
+pub struct DetectEngineCtx_ {
+ _unused: [u8; 0],
+}
+pub type DetectEngineCtx = DetectEngineCtx_;
+#[repr(C)]
+#[derive(Debug, Copy, Clone)]
+pub struct Signature_ {
+ _unused: [u8; 0],
+}
+pub type Signature = Signature_;
+extern "C" {
+ pub fn SCDetectBufferSetActiveList(
+ de_ctx: *mut DetectEngineCtx, s: *mut Signature, list: ::std::os::raw::c_int,
+ ) -> ::std::os::raw::c_int;
+}
#[doc = " Structure of a configuration parameter."]
#[repr(C)]
#[derive(Debug, Copy, Clone)]
#include "stdint.h"
#include "stdbool.h"
+#define WARN_UNUSED
+
#include "app-layer-protos.h"
#include "suricata-plugin.h"
#include "output-eve-bindgen.h"
#include "detect-engine-register.h"
+#include "detect-engine-buffer.h"
#include "conf.h"
{
if (DetectSignatureSetAppProto(s, ALPROTO_DCERPC) < 0)
return -1;
- if (DetectBufferSetActiveList(de_ctx, s, g_dce_stub_data_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_dce_stub_data_buffer_id) < 0)
return -1;
return 0;
}
if (DetectSignatureSetAppProto(s, ALPROTO_DNP3) != 0)
return -1;
- if (DetectBufferSetActiveList(de_ctx, s, g_dnp3_data_buffer_id) != 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_dnp3_data_buffer_id) != 0)
return -1;
SCReturnInt(0);
static int DetectSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str, int id)
{
- if (DetectBufferSetActiveList(de_ctx, s, id) < 0) {
+ if (SCDetectBufferSetActiveList(de_ctx, s, id) < 0) {
return -1;
}
if (DetectSignatureSetAppProto(s, ALPROTO_DNS) < 0) {
static int DetectSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, detect_buffer_id) < 0) {
+ if (SCDetectBufferSetActiveList(de_ctx, s, detect_buffer_id) < 0) {
return -1;
}
if (DetectSignatureSetAppProto(s, ALPROTO_DNS) < 0) {
static int DetectMimeEmailFromSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_mime_email_from_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_mime_email_from_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
static int DetectMimeEmailSubjectSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_mime_email_subject_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_mime_email_subject_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
static int DetectMimeEmailToSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_mime_email_to_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_mime_email_to_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
static int DetectMimeEmailCcSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_mime_email_cc_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_mime_email_cc_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
static int DetectMimeEmailDateSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_mime_email_date_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_mime_email_date_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
static int DetectMimeEmailMessageIdSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_mime_email_message_id_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_mime_email_message_id_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
static int DetectMimeEmailXMailerSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_mime_email_x_mailer_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_mime_email_x_mailer_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
static int DetectMimeEmailUrlSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_mime_email_url_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_mime_email_url_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
static int DetectMimeEmailReceivedSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_mime_email_received_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_mime_email_received_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
kw.name = "email.from";
kw.desc = "'From' field from an email";
kw.url = "/rules/email-keywords.html#email.from";
- kw.Setup = (int (*)(void *, void *, const char *))DetectMimeEmailFromSetup;
+ kw.Setup = DetectMimeEmailFromSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_mime_email_from_buffer_id =
kw.name = "email.subject";
kw.desc = "'Subject' field from an email";
kw.url = "/rules/email-keywords.html#email.subject";
- kw.Setup = (int (*)(void *, void *, const char *))DetectMimeEmailSubjectSetup;
+ kw.Setup = DetectMimeEmailSubjectSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_mime_email_subject_buffer_id = DetectHelperBufferMpmRegister("email.subject",
kw.name = "email.to";
kw.desc = "'To' field from an email";
kw.url = "/rules/email-keywords.html#email.to";
- kw.Setup = (int (*)(void *, void *, const char *))DetectMimeEmailToSetup;
+ kw.Setup = DetectMimeEmailToSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_mime_email_to_buffer_id =
kw.name = "email.cc";
kw.desc = "'Cc' field from an email";
kw.url = "/rules/email-keywords.html#email.cc";
- kw.Setup = (int (*)(void *, void *, const char *))DetectMimeEmailCcSetup;
+ kw.Setup = DetectMimeEmailCcSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_mime_email_cc_buffer_id =
kw.name = "email.date";
kw.desc = "'Date' field from an email";
kw.url = "/rules/email-keywords.html#email.date";
- kw.Setup = (int (*)(void *, void *, const char *))DetectMimeEmailDateSetup;
+ kw.Setup = DetectMimeEmailDateSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_mime_email_date_buffer_id =
kw.name = "email.message_id";
kw.desc = "'Message-Id' field from an email";
kw.url = "/rules/email-keywords.html#email.message_id";
- kw.Setup = (int (*)(void *, void *, const char *))DetectMimeEmailMessageIdSetup;
+ kw.Setup = DetectMimeEmailMessageIdSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_mime_email_message_id_buffer_id = DetectHelperBufferMpmRegister("email.message_id",
kw.name = "email.x_mailer";
kw.desc = "'X-Mailer' field from an email";
kw.url = "/rules/email-keywords.html#email.x_mailer";
- kw.Setup = (int (*)(void *, void *, const char *))DetectMimeEmailXMailerSetup;
+ kw.Setup = DetectMimeEmailXMailerSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_mime_email_x_mailer_buffer_id = DetectHelperBufferMpmRegister("email.x_mailer",
kw.name = "email.url";
kw.desc = "'Url' extracted from an email";
kw.url = "/rules/email-keywords.html#email.url";
- kw.Setup = (int (*)(void *, void *, const char *))DetectMimeEmailUrlSetup;
+ kw.Setup = DetectMimeEmailUrlSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_mime_email_url_buffer_id = DetectHelperMultiBufferMpmRegister(
kw.name = "email.received";
kw.desc = "'Received' field from an email";
kw.url = "/rules/email-keywords.html#email.received";
- kw.Setup = (int (*)(void *, void *, const char *))DetectMimeEmailReceivedSetup;
+ kw.Setup = DetectMimeEmailReceivedSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_mime_email_received_buffer_id = DetectHelperMultiBufferMpmRegister("email.received",
#include "detect-parse.h"
#include "detect-engine-buffer.h"
-int DetectBufferSetActiveList(DetectEngineCtx *de_ctx, Signature *s, const int list)
+int SCDetectBufferSetActiveList(DetectEngineCtx *de_ctx, Signature *s, const int list)
{
BUG_ON(s->init_data == NULL);
#ifndef SURICATA_DETECT_ENGINE_BUFFER_H
#define SURICATA_DETECT_ENGINE_BUFFER_H
-#include "detect.h"
+// types from detect.h with only forward declarations for bindgen
+// could be #ifndef SURICATA_BINDGEN_H #include "detect.h" #endif
+typedef struct DetectEngineCtx_ DetectEngineCtx;
+typedef struct Signature_ Signature;
+typedef struct SigMatch_ SigMatch;
-int WARN_UNUSED DetectBufferSetActiveList(DetectEngineCtx *de_ctx, Signature *s, const int list);
+int WARN_UNUSED SCDetectBufferSetActiveList(DetectEngineCtx *de_ctx, Signature *s, const int list);
int DetectBufferGetActiveList(DetectEngineCtx *de_ctx, Signature *s);
SigMatch *DetectBufferGetFirstSigMatch(const Signature *s, const uint32_t buf_id);
SigMatch *DetectBufferGetLastSigMatch(const Signature *s, const uint32_t buf_id);
return -1;
}
- if (DetectBufferSetActiveList(de_ctx, s, DetectBufferTypeGetByName("file_data")) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, DetectBufferTypeGetByName("file_data")) < 0)
return -1;
s->init_data->init_flags |= SIG_FLAG_INIT_FILEDATA;
SCLogError("file.magic failed to setup direction");
return -1;
}
- if (DetectBufferSetActiveList(de_ctx, s, g_file_magic_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_file_magic_buffer_id) < 0)
return -1;
if (de_ctx->filemagic_thread_ctx_id == -1) {
SCLogError("file.name failed to setup direction");
return -1;
}
- if (DetectBufferSetActiveList(de_ctx, s, g_file_name_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_file_name_buffer_id) < 0)
return -1;
s->file_flags |= (FILE_SIG_NEED_FILE | FILE_SIG_NEED_FILENAME);
return 0;
if (buffer_id < 0)
return -1;
- if (DetectBufferSetActiveList(de_ctx, s, buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, buffer_id) < 0)
return -1;
FrameConfigEnable(keyword_alproto, frame_type);
static int DetectFtpCommandDataSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_ftp_cmd_data_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_ftp_cmd_data_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_FTP) < 0)
static int DetectFtpCommandSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_ftp_cmd_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_ftp_cmd_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_FTP) < 0)
static int DetectFtpReplySetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_ftp_reply_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_ftp_reply_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_FTP) < 0)
*/
static int DetectHttpClientBodySetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_client_body_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_client_body_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
*/
static int DetectHttpCookieSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_cookie_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_cookie_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
*/
static int DetectHttpHeaderNamesSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
*/
static int DetectHttpHeaderSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_header_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_header_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
static int DetectHTTPRequestHeaderSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_request_header_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_request_header_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) != 0)
static int DetectHTTPResponseHeaderSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_response_header_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_response_header_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) != 0)
return -1;
}
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
return -1;
s->init_data->init_flags &= ~SIG_FLAG_INIT_FORCE_TOSERVER;
*/
static int DetectHttpHostSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_host_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_host_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
*/
static int DetectHttpHostRawSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_raw_host_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_raw_host_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
*/
static int DetectHttpMethodSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_method_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_method_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
static int DetectHttpProtocolSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
*/
static int DetectHttpRawHeaderSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_raw_header_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_raw_header_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
*/
static int DetectHttpRequestLineSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_request_line_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_request_line_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
*/
static int DetectHttpResponseLineSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_response_line_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_response_line_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
*/
static int DetectHttpServerBodySetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
static int DetectHttpStartSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP1) < 0)
*/
static int DetectHttpStatCodeSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_stat_code_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_stat_code_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
*/
static int DetectHttpStatMsgSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_stat_msg_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_stat_msg_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
*/
static int DetectHttpUserAgentSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_ua_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_ua_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
*/
static int DetectHttpUriSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_uri_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_uri_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
*/
static int DetectHttpRawUriSetupSticky(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http_raw_uri_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http_raw_uri_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP) < 0)
return -1;
static int DetectHTTP2headerNameSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_http2_header_name_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_http2_header_name_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_HTTP2) != 0)
s->proto.flags |= DETECT_PROTO_IPV4;
s->flags |= SIG_FLAG_REQUIRE_PACKET;
- if (DetectBufferSetActiveList(de_ctx, s, g_icmpv4hdr_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_icmpv4hdr_buffer_id) < 0)
return -1;
return 0;
s->flags |= SIG_FLAG_REQUIRE_PACKET;
- if (DetectBufferSetActiveList(de_ctx, s, g_icmpv6hdr_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_icmpv6hdr_buffer_id) < 0)
return -1;
return 0;
static int DetectKeyExchangeSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_key_exchange_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_key_exchange_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_IKE) < 0)
static int DetectNonceSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_nonce_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_nonce_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_IKE) < 0)
static int DetectSpiInitiatorSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_initiator_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_initiator_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_IKE) < 0)
static int DetectSpiResponderSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_responder_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_responder_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_IKE) < 0)
static int DetectIkeVendorSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_ike_vendor_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_ike_vendor_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_IKE) < 0)
return -1;
s->flags |= SIG_FLAG_REQUIRE_PACKET;
- if (DetectBufferSetActiveList(de_ctx, s, g_ipv4hdr_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_ipv4hdr_buffer_id) < 0)
return -1;
return 0;
s->flags |= SIG_FLAG_REQUIRE_PACKET;
- if (DetectBufferSetActiveList(de_ctx, s, g_ipv6hdr_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_ipv6hdr_buffer_id) < 0)
return -1;
return 0;
*/
static int DetectJa4HashSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_ja4_hash_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_ja4_hash_buffer_id) < 0)
return -1;
AppProto alprotos[] = { ALPROTO_TLS, ALPROTO_QUIC, ALPROTO_UNKNOWN };
static int DetectKrb5CNameSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_krb5_cname_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_krb5_cname_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_KRB5) != 0)
static int DetectKrb5SNameSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_krb5_sname_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_krb5_sname_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_KRB5) != 0)
static int DetectQuicCyuHashSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_QUIC) < 0)
static int DetectQuicCyuStringSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_QUIC) < 0)
*/
static int DetectQuicSniSetup(DetectEngineCtx *de_ctx, Signature *s, const char *rawstr)
{
- if (DetectBufferSetActiveList(de_ctx, s, quic_sni_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, quic_sni_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_QUIC) < 0)
*/
static int DetectQuicUaSetup(DetectEngineCtx *de_ctx, Signature *s, const char *rawstr)
{
- if (DetectBufferSetActiveList(de_ctx, s, quic_ua_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, quic_ua_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_QUIC) < 0)
*/
static int DetectQuicVersionSetup(DetectEngineCtx *de_ctx, Signature *s, const char *rawstr)
{
- if (DetectBufferSetActiveList(de_ctx, s, quic_version_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, quic_version_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_QUIC) < 0)
static int DetectSipMethodSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SIP) < 0)
static int DetectSipUriSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SIP) < 0)
static int DetectSmbNtlmsspUserSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_smb_nltmssp_user_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_smb_nltmssp_user_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMB) < 0)
static int DetectSmbNtlmsspDomainSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_smb_nltmssp_domain_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_smb_nltmssp_domain_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMB) < 0)
static int DetectSmbNamedPipeSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_smb_named_pipe_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_smb_named_pipe_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMB) < 0)
static int DetectSmbShareSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_smb_share_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_smb_share_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMB) < 0)
static int DetectSmtpHeloSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_smtp_helo_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_smtp_helo_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
static int DetectSmtpMailFromSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_smtp_mail_from_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_smtp_mail_from_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
static int DetectSmtpRcptToSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_smtp_rcpt_to_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_smtp_rcpt_to_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SMTP) < 0)
kw.name = "smtp.helo";
kw.desc = "SMTP helo buffer";
kw.url = "/rules/smtp-keywords.html#smtp-helo";
- kw.Setup = (int (*)(void *, void *, const char *))DetectSmtpHeloSetup;
+ kw.Setup = DetectSmtpHeloSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_smtp_helo_buffer_id =
kw.name = "smtp.mail_from";
kw.desc = "SMTP mail from buffer";
kw.url = "/rules/smtp-keywords.html#smtp-mail-from";
- kw.Setup = (int (*)(void *, void *, const char *))DetectSmtpMailFromSetup;
+ kw.Setup = DetectSmtpMailFromSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_smtp_mail_from_buffer_id =
kw.name = "smtp.rcpt_to";
kw.desc = "SMTP rcpt to buffer";
kw.url = "/rules/smtp-keywords.html#smtp-rcpt-to";
- kw.Setup = (int (*)(void *, void *, const char *))DetectSmtpRcptToSetup;
+ kw.Setup = DetectSmtpRcptToSetup;
kw.flags = SIGMATCH_NOOPT | SIGMATCH_INFO_STICKY_BUFFER;
DetectHelperKeywordRegister(&kw);
g_smtp_rcpt_to_buffer_id = DetectHelperMultiBufferMpmRegister(
*/
static int DetectSshHasshServerStringSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_ssh_hassh_server_string_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_ssh_hassh_server_string_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SSH) < 0)
*/
static int DetectSshHasshServerSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_ssh_hassh_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_ssh_hassh_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SSH) < 0)
*/
static int DetectSshHasshStringSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_ssh_hassh_string_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_ssh_hassh_string_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SSH) < 0)
*/
static int DetectSshHasshSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_ssh_hassh_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_ssh_hassh_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SSH) < 0)
static int DetectSshProtocolSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SSH) < 0)
static int DetectSshSoftwareSetup(DetectEngineCtx *de_ctx, Signature *s, const char *arg)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_SSH) < 0)
s->flags |= SIG_FLAG_REQUIRE_PACKET;
- if (DetectBufferSetActiveList(de_ctx, s, g_tcphdr_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tcphdr_buffer_id) < 0)
return -1;
return 0;
*/
static int DetectTlsAlpnSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_alpn_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_alpn_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
static int DetectTlsFingerprintSetup(DetectEngineCtx *de_ctx, Signature *s,
const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_cert_fingerprint_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_cert_fingerprint_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
*/
static int DetectTlsIssuerSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_cert_issuer_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_cert_issuer_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
*/
static int DetectTlsSerialSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_cert_serial_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_cert_serial_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
*/
static int DetectTlsSubjectSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_cert_subject_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_cert_subject_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
static int DetectTlsCertsSetup(DetectEngineCtx *de_ctx, Signature *s,
const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_certs_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_certs_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
*/
static int DetectTlsJa3HashSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_ja3_hash_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_ja3_hash_buffer_id) < 0)
return -1;
AppProto alprotos[] = { ALPROTO_TLS, ALPROTO_QUIC, ALPROTO_UNKNOWN };
*/
static int DetectTlsJa3StringSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_ja3_str_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_ja3_str_buffer_id) < 0)
return -1;
AppProto alprotos[] = { ALPROTO_TLS, ALPROTO_QUIC, ALPROTO_UNKNOWN };
*/
static int DetectTlsJa3SHashSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_ja3s_hash_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_ja3s_hash_buffer_id) < 0)
return -1;
AppProto alprotos[] = { ALPROTO_TLS, ALPROTO_QUIC, ALPROTO_UNKNOWN };
*/
static int DetectTlsJa3SStringSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_ja3s_str_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_ja3s_str_buffer_id) < 0)
return -1;
AppProto alprotos[] = { ALPROTO_TLS, ALPROTO_QUIC, ALPROTO_UNKNOWN };
*/
static int DetectTlsRandomTimeSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_random_time_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_random_time_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
*/
static int DetectTlsRandomBytesSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_random_bytes_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_random_bytes_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
*/
static int DetectTlsRandomSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_random_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_random_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
*/
static int DetectTlsSniSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_sni_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_sni_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
*/
static int DetectTlsSubjectAltNameSetup(DetectEngineCtx *de_ctx, Signature *s, const char *str)
{
- if (DetectBufferSetActiveList(de_ctx, s, g_tls_subjectaltname_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_tls_subjectaltname_buffer_id) < 0)
return -1;
if (DetectSignatureSetAppProto(s, ALPROTO_TLS) < 0)
s->flags |= SIG_FLAG_REQUIRE_PACKET;
- if (DetectBufferSetActiveList(de_ctx, s, g_udphdr_buffer_id) < 0)
+ if (SCDetectBufferSetActiveList(de_ctx, s, g_udphdr_buffer_id) < 0)
return -1;
return 0;
projects / thirdparty / suricata.git / commitdiff
