From: Victor Julien Date: Sun, 5 Apr 2020 18:00:25 +0000 (+0200) Subject: detect/krb5: use inspect api v2 X-Git-Tag: suricata-7.0.0-beta1~1972 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=67d45f7e3c918abb7868abb4953b621506c8ebdc;p=thirdparty%2Fsuricata.git detect/krb5: use inspect api v2 --- diff --git a/src/detect-krb5-errcode.c b/src/detect-krb5-errcode.c index 8272e6d373..44012f4b1c 100644 --- a/src/detect-krb5-errcode.c +++ b/src/detect-krb5-errcode.c @@ -49,11 +49,9 @@ static void DetectKrb5ErrCodeFree (DetectEngineCtx *, void *); static void DetectKrb5ErrCodeRegisterTests (void); #endif -static int DetectEngineInspectKRB5Generic(ThreadVars *tv, - DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, - const Signature *s, const SigMatchData *smd, - Flow *f, uint8_t flags, void *alstate, - void *txv, uint64_t tx_id); +static int DetectEngineInspectKRB5Generic(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, + const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, + uint8_t flags, void *alstate, void *txv, uint64_t tx_id); static int g_krb5_err_code_list_id = 0; @@ -74,13 +72,12 @@ void DetectKrb5ErrCodeRegister(void) #ifdef UNITTESTS sigmatch_table[DETECT_AL_KRB5_ERRCODE].RegisterTests = DetectKrb5ErrCodeRegisterTests; #endif - DetectAppLayerInspectEngineRegister("krb5_err_code", - ALPROTO_KRB5, SIG_FLAG_TOSERVER, 0, - DetectEngineInspectKRB5Generic); - DetectAppLayerInspectEngineRegister("krb5_err_code", - ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 0, - DetectEngineInspectKRB5Generic); + DetectAppLayerInspectEngineRegister2("krb5_err_code", ALPROTO_KRB5, SIG_FLAG_TOSERVER, 0, + DetectEngineInspectKRB5Generic, NULL); + + DetectAppLayerInspectEngineRegister2("krb5_err_code", ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 0, + DetectEngineInspectKRB5Generic, NULL); /* set up the PCRE for keyword parsing */ DetectSetupParseRegexes(PARSE_REGEX, &parse_regex); @@ -89,14 +86,12 @@ void DetectKrb5ErrCodeRegister(void) SCLogDebug("g_krb5_err_code_list_id %d", g_krb5_err_code_list_id); } -static int DetectEngineInspectKRB5Generic(ThreadVars *tv, - DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, - const Signature *s, const SigMatchData *smd, - Flow *f, uint8_t flags, void *alstate, - void *txv, uint64_t tx_id) +static int DetectEngineInspectKRB5Generic(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, + const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, + uint8_t flags, void *alstate, void *txv, uint64_t tx_id) { - return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd, - f, flags, alstate, txv, tx_id); + return DetectEngineInspectGenericList( + NULL, de_ctx, det_ctx, s, engine->smd, f, flags, alstate, txv, tx_id); } /** @@ -261,4 +256,4 @@ static void DetectKrb5ErrCodeRegisterTests(void) UtRegisterTest("DetectKrb5ErrCodeSignatureTest01", DetectKrb5ErrCodeSignatureTest01); } -#endif /* UNITTESTS */ \ No newline at end of file +#endif /* UNITTESTS */ diff --git a/src/detect-krb5-msgtype.c b/src/detect-krb5-msgtype.c index fa730d88ed..fe0a6355c2 100644 --- a/src/detect-krb5-msgtype.c +++ b/src/detect-krb5-msgtype.c @@ -49,11 +49,9 @@ static void DetectKrb5MsgTypeFree (DetectEngineCtx *, void *); static void DetectKrb5MsgTypeRegisterTests (void); #endif -static int DetectEngineInspectKRB5Generic(ThreadVars *tv, - DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, - const Signature *s, const SigMatchData *smd, - Flow *f, uint8_t flags, void *alstate, - void *txv, uint64_t tx_id); +static int DetectEngineInspectKRB5Generic(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, + const DetectEngineAppInspectionEngine *engine, const Signature *s, Flow *f, uint8_t flags, + void *alstate, void *txv, uint64_t tx_id); static int g_krb5_msg_type_list_id = 0; @@ -74,13 +72,12 @@ void DetectKrb5MsgTypeRegister(void) #ifdef UNITTESTS sigmatch_table[DETECT_AL_KRB5_MSGTYPE].RegisterTests = DetectKrb5MsgTypeRegisterTests; #endif - DetectAppLayerInspectEngineRegister("krb5_msg_type", - ALPROTO_KRB5, SIG_FLAG_TOSERVER, 0, - DetectEngineInspectKRB5Generic); - DetectAppLayerInspectEngineRegister("krb5_msg_type", - ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 0, - DetectEngineInspectKRB5Generic); + DetectAppLayerInspectEngineRegister2("krb5_msg_type", ALPROTO_KRB5, SIG_FLAG_TOSERVER, 0, + DetectEngineInspectKRB5Generic, NULL); + + DetectAppLayerInspectEngineRegister2("krb5_msg_type", ALPROTO_KRB5, SIG_FLAG_TOCLIENT, 0, + DetectEngineInspectKRB5Generic, NULL); /* set up the PCRE for keyword parsing */ DetectSetupParseRegexes(PARSE_REGEX, &parse_regex); @@ -89,14 +86,12 @@ void DetectKrb5MsgTypeRegister(void) SCLogDebug("g_krb5_msg_type_list_id %d", g_krb5_msg_type_list_id); } -static int DetectEngineInspectKRB5Generic(ThreadVars *tv, - DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, - const Signature *s, const SigMatchData *smd, - Flow *f, uint8_t flags, void *alstate, - void *txv, uint64_t tx_id) +static int DetectEngineInspectKRB5Generic(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, + const DetectEngineAppInspectionEngine *engine, const Signature *s, Flow *f, uint8_t flags, + void *alstate, void *txv, uint64_t tx_id) { - return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd, - f, flags, alstate, txv, tx_id); + return DetectEngineInspectGenericList( + NULL, de_ctx, det_ctx, s, engine->smd, f, flags, alstate, txv, tx_id); } /** @@ -259,4 +254,4 @@ static void DetectKrb5MsgTypeRegisterTests(void) UtRegisterTest("DetectKrb5MsgTypeSignatureTest01", DetectKrb5MsgTypeSignatureTest01); } -#endif /* UNITTESTS */ \ No newline at end of file +#endif /* UNITTESTS */