tls: don't set 2 events for a single exception

Keep the more specific ones.

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index e09905ba18816100e23288b7f77c5be3b855271b..31ff59fc20fec95fb8a105586f0af1ac1f3b45bf 100644 (file)
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -1636,7 +1636,6 @@ static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, const uint8_t *input
 
             SSLParserHSReset(ssl_state->curr_connp);
             SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE);
-            SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD);
             continue;
         }
 
@@ -2316,10 +2315,7 @@ static struct SSLDecoderResult SSLv3Decode(uint8_t direction, SSLState *ssl_stat
             SCLogDebug("retval %d", retval);
             if (retval < 0 || retval > (int)record_len) {
                 DEBUG_VALIDATE_BUG_ON(retval > (int)record_len);
-                SSLSetEvent(ssl_state,
-                        TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE);
-                SSLSetEvent(ssl_state,
-                        TLS_DECODER_EVENT_INVALID_SSL_RECORD);
+                SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE);
                 SCLogDebug("SSLv3ParseHandshakeProtocol returned %d", retval);
                 return SSL_DECODER_ERROR(-1);
             }
@@ -2338,9 +2334,7 @@ static struct SSLDecoderResult SSLv3Decode(uint8_t direction, SSLState *ssl_stat
             break;
         }
         default:
-            /* \todo fix the event from invalid rule to unknown rule */
             SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_TYPE);
-            SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD);
             SCLogDebug("unsupported record type");
             return SSL_DECODER_ERROR(-1);
     }