From: Philippe Antoine Date: Mon, 17 Feb 2025 20:41:56 +0000 (+0100) Subject: detect: rename SCSigTableElmt to SCSigTableAppLiteElmt X-Git-Tag: suricata-8.0.0-rc1~442 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=96afdce283c39bc66b33ba844d947c4e23bf458e;p=thirdparty%2Fsuricata.git detect: rename SCSigTableElmt to SCSigTableAppLiteElmt --- diff --git a/examples/plugins/altemplate/src/detect.rs b/examples/plugins/altemplate/src/detect.rs index ed1955a6c9..173a76abbe 100644 --- a/examples/plugins/altemplate/src/detect.rs +++ b/examples/plugins/altemplate/src/detect.rs @@ -25,7 +25,7 @@ use std::os::raw::{c_int, c_void}; use suricata::cast_pointer; use suricata::detect::{ DetectBufferSetActiveList, DetectHelperBufferMpmRegister, DetectHelperGetData, - DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableElmt, + DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SIGMATCH_INFO_STICKY_BUFFER, SIGMATCH_NOOPT, }; use suricata::direction::Direction; @@ -81,7 +81,7 @@ unsafe extern "C" fn template_buffer_get( pub(super) unsafe extern "C" fn detect_template_register() { // TODO create a suricata-verify test // Setup a keyword structure and register it - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"altemplate.buffer\0".as_ptr() as *const libc::c_char, desc: b"Template content modifier to match on the template buffer\0".as_ptr() as *const libc::c_char, diff --git a/plugins/ndpi/ndpi.c b/plugins/ndpi/ndpi.c index 958a1cd0c1..28fbffcec2 100644 --- a/plugins/ndpi/ndpi.c +++ b/plugins/ndpi/ndpi.c @@ -467,8 +467,9 @@ static void EveCallback(ThreadVars *tv, const Packet *p, Flow *f, SCJsonBuilder static void NdpInitRiskKeyword(void) { - /* SCSigTableElmt and DetectHelperKeywordRegister don't yet + /* SCSigTableAppLiteElmt and DetectHelperKeywordRegister don't yet * support all the fields required to register the nDPI keywords, + * missing the (packet) Match callback, * so we'll just register with an empty keyword specifier to get * the ID, then fill in the ID. */ ndpi_protocol_keyword_id = SCDetectHelperNewKeywordId(); diff --git a/rust/cbindgen.toml b/rust/cbindgen.toml index 11e0e6b2ba..7e02d1cbb6 100644 --- a/rust/cbindgen.toml +++ b/rust/cbindgen.toml @@ -86,7 +86,7 @@ include = [ "FtpRequestCommand", "FtpStateValues", "FtpDataStateValues", - "SCSigTableElmt", + "SCSigTableAppLiteElmt", "SCTransformTableElmt", "DataRepType", ] diff --git a/rust/src/applayertemplate/detect.rs b/rust/src/applayertemplate/detect.rs index e7fffb9460..0760d818b0 100644 --- a/rust/src/applayertemplate/detect.rs +++ b/rust/src/applayertemplate/detect.rs @@ -21,7 +21,7 @@ use crate::conf::conf_get_node; /* TEMPLATE_END_REMOVE */ use crate::detect::{ DetectBufferSetActiveList, DetectHelperBufferMpmRegister, DetectHelperGetData, - DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableElmt, + DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SIGMATCH_INFO_STICKY_BUFFER, SIGMATCH_NOOPT, }; use crate::direction::Direction; @@ -84,7 +84,7 @@ pub unsafe extern "C" fn SCDetectTemplateRegister() { /* TEMPLATE_END_REMOVE */ // TODO create a suricata-verify test // Setup a keyword structure and register it - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"template.buffer\0".as_ptr() as *const libc::c_char, desc: b"Template content modifier to match on the template buffer\0".as_ptr() as *const libc::c_char, diff --git a/rust/src/detect/mod.rs b/rust/src/detect/mod.rs index f02eed9074..cf9c384f90 100644 --- a/rust/src/detect/mod.rs +++ b/rust/src/detect/mod.rs @@ -57,17 +57,25 @@ pub trait EnumString { #[repr(C)] #[allow(non_snake_case)] -pub struct SCSigTableElmt { +/// App-layer light version of SigTableElmt +pub struct SCSigTableAppLiteElmt { + /// keyword name pub name: *const libc::c_char, + /// keyword description pub desc: *const libc::c_char, + /// keyword documentation url pub url: *const libc::c_char, + /// flags SIGMATCH_* pub flags: u16, + /// function callback to parse and setup keyword in rule pub Setup: unsafe extern "C" fn( de: *mut c_void, s: *mut c_void, raw: *const std::os::raw::c_char, ) -> c_int, + /// function callback to free structure allocated by setup if any pub Free: Option, + /// function callback to match on an app-layer transaction pub AppLayerTxMatch: Option< unsafe extern "C" fn( de: *mut c_void, @@ -105,7 +113,7 @@ extern "C" { i32, ) -> *mut c_void, ) -> c_int; - pub fn DetectHelperKeywordRegister(kw: *const SCSigTableElmt) -> c_int; + pub fn DetectHelperKeywordRegister(kw: *const SCSigTableAppLiteElmt) -> c_int; pub fn DetectHelperKeywordAliasRegister(kwid: c_int, alias: *const c_char); pub fn DetectHelperBufferRegister( name: *const libc::c_char, alproto: AppProto, toclient: bool, toserver: bool, diff --git a/rust/src/dhcp/detect.rs b/rust/src/dhcp/detect.rs index 362ae0bd6e..563396f307 100644 --- a/rust/src/dhcp/detect.rs +++ b/rust/src/dhcp/detect.rs @@ -25,7 +25,7 @@ use crate::detect::uint::{ }; use crate::detect::{ DetectHelperBufferRegister, DetectHelperKeywordRegister, DetectSignatureSetAppProto, - SCSigTableElmt, SigMatchAppendSMToList, + SCSigTableAppLiteElmt, SigMatchAppendSMToList, }; use std::os::raw::{c_int, c_void}; @@ -166,7 +166,7 @@ unsafe extern "C" fn dhcp_detect_renewaltime_match( #[no_mangle] pub unsafe extern "C" fn SCDetectDHCPRegister() { - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"dhcp.leasetime\0".as_ptr() as *const libc::c_char, desc: b"match DHCP leasetime\0".as_ptr() as *const libc::c_char, url: b"/rules/dhcp-keywords.html#dhcp-leasetime\0".as_ptr() as *const libc::c_char, @@ -182,7 +182,7 @@ pub unsafe extern "C" fn SCDetectDHCPRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"dhcp.rebinding_time\0".as_ptr() as *const libc::c_char, desc: b"match DHCP rebinding time\0".as_ptr() as *const libc::c_char, url: b"/rules/dhcp-keywords.html#dhcp-rebinding-time\0".as_ptr() as *const libc::c_char, @@ -198,7 +198,7 @@ pub unsafe extern "C" fn SCDetectDHCPRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"dhcp.renewal_time\0".as_ptr() as *const libc::c_char, desc: b"match DHCP renewal time\0".as_ptr() as *const libc::c_char, url: b"/rules/dhcp-keywords.html#dhcp-renewal-time\0".as_ptr() as *const libc::c_char, diff --git a/rust/src/dns/detect.rs b/rust/src/dns/detect.rs index 615772a1f8..3129516ccd 100644 --- a/rust/src/dns/detect.rs +++ b/rust/src/dns/detect.rs @@ -23,7 +23,7 @@ use crate::detect::uint::{ use crate::detect::{ DetectBufferSetActiveList, DetectHelperBufferRegister, DetectHelperGetMultiData, DetectHelperKeywordAliasRegister, DetectHelperKeywordRegister, - DetectHelperMultiBufferProgressMpmRegister, DetectSignatureSetAppProto, SCSigTableElmt, + DetectHelperMultiBufferProgressMpmRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList, SIGMATCH_INFO_STICKY_BUFFER, SIGMATCH_NOOPT, }; use crate::direction::Direction; @@ -366,7 +366,7 @@ unsafe extern "C" fn dns_query_get_data_wrapper( #[no_mangle] pub unsafe extern "C" fn SCDetectDNSRegister() { - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"dns.answer.name\0".as_ptr() as *const libc::c_char, desc: b"DNS answer name sticky buffer\0".as_ptr() as *const libc::c_char, url: b"/rules/dns-keywords.html#dns-answer-name\0".as_ptr() as *const libc::c_char, @@ -387,7 +387,7 @@ pub unsafe extern "C" fn SCDetectDNSRegister() { dns_answer_name_get_data_wrapper, 1, // response complete ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"dns.opcode\0".as_ptr() as *const libc::c_char, desc: b"Match the DNS header opcode flag.\0".as_ptr() as *const libc::c_char, url: b"rules/dns-keywords.html#dns-opcode\0".as_ptr() as *const libc::c_char, @@ -403,7 +403,7 @@ pub unsafe extern "C" fn SCDetectDNSRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"dns.query.name\0".as_ptr() as *const libc::c_char, desc: b"DNS query name sticky buffer\0".as_ptr() as *const libc::c_char, url: b"/rules/dns-keywords.html#dns-query-name\0".as_ptr() as *const libc::c_char, @@ -424,7 +424,7 @@ pub unsafe extern "C" fn SCDetectDNSRegister() { dns_query_name_get_data_wrapper, 1, // request or response complete ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"dns.rcode\0".as_ptr() as *const libc::c_char, desc: b"Match the DNS header rcode flag.\0".as_ptr() as *const libc::c_char, url: b"rules/dns-keywords.html#dns-rcode\0".as_ptr() as *const libc::c_char, @@ -440,7 +440,7 @@ pub unsafe extern "C" fn SCDetectDNSRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"dns.rrtype\0".as_ptr() as *const libc::c_char, desc: b"Match the DNS rrtype in message body.\0".as_ptr() as *const libc::c_char, url: b"rules/dns-keywords.html#dns-rrtype\0".as_ptr() as *const libc::c_char, @@ -456,7 +456,7 @@ pub unsafe extern "C" fn SCDetectDNSRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"dns.query\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match DNS query-buffer\0".as_ptr() as *const libc::c_char, url: b"/rules/dns-keywords.html#dns-query\0".as_ptr() as *const libc::c_char, diff --git a/rust/src/enip/detect.rs b/rust/src/enip/detect.rs index b1217e84c6..cb9b793dc9 100644 --- a/rust/src/enip/detect.rs +++ b/rust/src/enip/detect.rs @@ -36,7 +36,7 @@ use crate::detect::uint::{ }; use crate::detect::{ DetectBufferSetActiveList, DetectHelperBufferMpmRegister, DetectHelperBufferRegister, - DetectHelperGetData, DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableElmt, + DetectHelperGetData, DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList, SIGMATCH_INFO_STICKY_BUFFER, SIGMATCH_NOOPT, }; @@ -1331,7 +1331,7 @@ unsafe extern "C" fn service_name_get_data( } #[no_mangle] pub unsafe extern "C" fn SCDetectEnipRegister() { - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"cip_service\0".as_ptr() as *const libc::c_char, desc: b"match on CIP Service, and optionnally class and attribute\0".as_ptr() as *const libc::c_char, @@ -1348,7 +1348,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.capabilities\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP capabilities\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-capabilities\0".as_ptr() as *const libc::c_char, @@ -1364,7 +1364,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.cip_attribute\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP cip_attribute\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-cip-attribute\0".as_ptr() as *const libc::c_char, @@ -1380,7 +1380,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.cip_class\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP cip_class\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-cip-class\0".as_ptr() as *const libc::c_char, @@ -1396,7 +1396,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.vendor_id\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP vendor_id\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-vendor-id\0".as_ptr() as *const libc::c_char, @@ -1412,7 +1412,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.status\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP status\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-status\0".as_ptr() as *const libc::c_char, @@ -1428,7 +1428,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.state\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP state\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-state\0".as_ptr() as *const libc::c_char, @@ -1444,7 +1444,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.serial\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP serial\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-serial\0".as_ptr() as *const libc::c_char, @@ -1460,7 +1460,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.revision\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP revision\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-revision\0".as_ptr() as *const libc::c_char, @@ -1476,7 +1476,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.protocol_version\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP protocol_version\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-protocol-version\0".as_ptr() as *const libc::c_char, @@ -1492,7 +1492,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.product_code\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP product_code\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-product-code\0".as_ptr() as *const libc::c_char, @@ -1508,7 +1508,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip_command\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP command\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip_command\0".as_ptr() as *const libc::c_char, @@ -1524,7 +1524,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.identity_status\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP identity_status\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-identity-status\0".as_ptr() as *const libc::c_char, @@ -1540,7 +1540,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.device_type\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP device_type\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-device-type\0".as_ptr() as *const libc::c_char, @@ -1556,7 +1556,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.cip_status\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP cip_status\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-cip-status\0".as_ptr() as *const libc::c_char, @@ -1572,7 +1572,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.cip_instance\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP cip_instance\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-cip-instance\0".as_ptr() as *const libc::c_char, @@ -1588,7 +1588,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.cip_extendedstatus\0".as_ptr() as *const libc::c_char, desc: b"rules for detecting EtherNet/IP cip_extendedstatus\0".as_ptr() as *const libc::c_char, @@ -1605,7 +1605,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.product_name\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match EtherNet/IP product name\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-product-name\0".as_ptr() as *const libc::c_char, @@ -1623,7 +1623,7 @@ pub unsafe extern "C" fn SCDetectEnipRegister() { true, product_name_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"enip.service_name\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match EtherNet/IP service name\0".as_ptr() as *const libc::c_char, url: b"/rules/enip-keyword.html#enip-service-name\0".as_ptr() as *const libc::c_char, diff --git a/rust/src/ldap/detect.rs b/rust/src/ldap/detect.rs index 614c289ac9..1a8e3eb8e6 100644 --- a/rust/src/ldap/detect.rs +++ b/rust/src/ldap/detect.rs @@ -23,7 +23,7 @@ use crate::detect::uint::{ use crate::detect::{ DetectBufferSetActiveList, DetectHelperBufferMpmRegister, DetectHelperBufferRegister, DetectHelperGetData, DetectHelperGetMultiData, DetectHelperKeywordRegister, - DetectHelperMultiBufferMpmRegister, DetectSignatureSetAppProto, SCSigTableElmt, + DetectHelperMultiBufferMpmRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList, SIGMATCH_INFO_STICKY_BUFFER, SIGMATCH_NOOPT, }; use crate::ldap::types::{LdapMessage, LdapResultCode, ProtocolOp, ProtocolOpCode}; @@ -691,7 +691,7 @@ unsafe extern "C" fn ldap_tx_get_resp_attribute_type( #[no_mangle] pub unsafe extern "C" fn SCDetectLdapRegister() { - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"ldap.request.operation\0".as_ptr() as *const libc::c_char, desc: b"match LDAP request operation\0".as_ptr() as *const libc::c_char, url: b"/rules/ldap-keywords.html#ldap.request.operation\0".as_ptr() as *const libc::c_char, @@ -707,7 +707,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() { false, //to client true, //to server ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"ldap.responses.operation\0".as_ptr() as *const libc::c_char, desc: b"match LDAP responses operation\0".as_ptr() as *const libc::c_char, url: b"/rules/ldap-keywords.html#ldap.responses.operation\0".as_ptr() @@ -724,7 +724,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() { true, //to client false, //to server ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"ldap.responses.count\0".as_ptr() as *const libc::c_char, desc: b"match number of LDAP responses\0".as_ptr() as *const libc::c_char, url: b"/rules/ldap-keywords.html#ldap.responses.count\0".as_ptr() as *const libc::c_char, @@ -740,7 +740,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() { true, //to client false, //to server ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"ldap.request.dn\0".as_ptr() as *const libc::c_char, desc: b"match request LDAPDN\0".as_ptr() as *const libc::c_char, url: b"/rules/ldap-keywords.html#ldap.request.dn\0".as_ptr() as *const libc::c_char, @@ -758,7 +758,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() { true, //to server ldap_detect_request_dn_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"ldap.responses.dn\0".as_ptr() as *const libc::c_char, desc: b"match responses LDAPDN\0".as_ptr() as *const libc::c_char, url: b"/rules/ldap-keywords.html#ldap.responses.dn\0".as_ptr() as *const libc::c_char, @@ -776,7 +776,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() { false, //to server ldap_detect_responses_dn_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"ldap.responses.result_code\0".as_ptr() as *const libc::c_char, desc: b"match LDAPResult code\0".as_ptr() as *const libc::c_char, url: b"/rules/ldap-keywords.html#ldap.responses.result_code\0".as_ptr() @@ -793,7 +793,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() { true, //to client false, //to server ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"ldap.responses.message\0".as_ptr() as *const libc::c_char, desc: b"match LDAPResult message for responses\0".as_ptr() as *const libc::c_char, url: b"/rules/ldap-keywords.html#ldap.responses.message\0".as_ptr() as *const libc::c_char, @@ -811,7 +811,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() { false, //to server ldap_detect_responses_msg_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"ldap.request.attribute_type\0".as_ptr() as *const libc::c_char, desc: b"match request LDAP attribute type\0".as_ptr() as *const libc::c_char, url: b"/rules/ldap-keywords.html#ldap.request.attribute_type\0".as_ptr() @@ -830,7 +830,7 @@ pub unsafe extern "C" fn SCDetectLdapRegister() { true, //to server ldap_detect_request_attribute_type_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"ldap.responses.attribute_type\0".as_ptr() as *const libc::c_char, desc: b"match LDAP responses attribute type\0".as_ptr() as *const libc::c_char, url: b"/rules/ldap-keywords.html#ldap.responses.attribute_type\0".as_ptr() diff --git a/rust/src/mqtt/detect.rs b/rust/src/mqtt/detect.rs index 647699e937..97d4f0d2ee 100644 --- a/rust/src/mqtt/detect.rs +++ b/rust/src/mqtt/detect.rs @@ -24,7 +24,7 @@ use crate::detect::uint::{ use crate::detect::{ DetectBufferSetActiveList, DetectHelperBufferMpmRegister, DetectHelperBufferRegister, DetectHelperGetData, DetectHelperGetMultiData, DetectHelperKeywordRegister, - DetectHelperMultiBufferMpmRegister, DetectSignatureSetAppProto, SCSigTableElmt, + DetectHelperMultiBufferMpmRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList, SIGMATCH_INFO_STICKY_BUFFER, SIGMATCH_NOOPT, }; @@ -1101,7 +1101,7 @@ unsafe extern "C" fn mqtt_conn_clientid_get_data( #[no_mangle] pub unsafe extern "C" fn SCDetectMqttRegister() { let keyword_name = b"mqtt.unsubscribe.topic\0".as_ptr() as *const libc::c_char; - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: keyword_name, desc: b"sticky buffer to match MQTT UNSUBSCRIBE topic\0".as_ptr() as *const libc::c_char, url: b"/rules/mqtt-keywords.html#mqtt-unsubscribe-topic\0".as_ptr() as *const libc::c_char, @@ -1127,7 +1127,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { unsub_topic_get_data_wrapper, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.type\0".as_ptr() as *const libc::c_char, desc: b"match MQTT control packet type\0".as_ptr() as *const libc::c_char, url: b"/rules/mqtt-keywords.html#mqtt-type\0".as_ptr() as *const libc::c_char, @@ -1145,7 +1145,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { ); let keyword_name = b"mqtt.subscribe.topic\0".as_ptr() as *const libc::c_char; - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: keyword_name, desc: b"sticky buffer to match MQTT SUBSCRIBE topic\0".as_ptr() as *const libc::c_char, url: b"/rules/mqtt-keywords.html#mqtt-subscribe-topic\0".as_ptr() as *const libc::c_char, @@ -1171,7 +1171,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { sub_topic_get_data_wrapper, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.reason_code\0".as_ptr() as *const libc::c_char, desc: b"match MQTT 5.0+ reason code\0".as_ptr() as *const libc::c_char, //TODO alias "mqtt.connack.return_code" @@ -1188,7 +1188,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.connack.session_present\0".as_ptr() as *const libc::c_char, desc: b"match MQTT CONNACK session present flag\0".as_ptr() as *const libc::c_char, url: b"/rules/mqtt-keywords.html#mqtt-connack-session-present\0".as_ptr() @@ -1205,7 +1205,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { true, false, // only to client ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.qos\0".as_ptr() as *const libc::c_char, desc: b"match MQTT fixed header QOS level\0".as_ptr() as *const libc::c_char, //TODO alias "mqtt.connack.return_code" @@ -1222,7 +1222,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { false, // only to server true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.publish.topic\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the MQTT PUBLISH topic\0".as_ptr() as *const libc::c_char, url: b"mqtt-keywords.html#mqtt-publish-topic\0".as_ptr() as *const libc::c_char, @@ -1240,7 +1240,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { true, mqtt_pub_topic_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.publish.message\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the MQTT PUBLISH message\0".as_ptr() as *const libc::c_char, @@ -1259,7 +1259,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { true, mqtt_pub_msg_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.protocol_version\0".as_ptr() as *const libc::c_char, desc: b"match MQTT protocol version\0".as_ptr() as *const libc::c_char, url: b"/rules/mqtt-keywords.html#mqtt-protocol-version\0".as_ptr() as *const libc::c_char, @@ -1275,7 +1275,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { false, // only to server true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.flags\0".as_ptr() as *const libc::c_char, desc: b"match MQTT fixed header flags\0".as_ptr() as *const libc::c_char, url: b"/rules/mqtt-keywords.html#mqtt-flags\0".as_ptr() as *const libc::c_char, @@ -1291,7 +1291,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { false, // only to server true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.connect.flags\0".as_ptr() as *const libc::c_char, desc: b"match MQTT CONNECT variable header flags\0".as_ptr() as *const libc::c_char, url: b"/rules/mqtt-keywords.html#mqtt-connect-flags\0".as_ptr() as *const libc::c_char, @@ -1307,7 +1307,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { false, // only to server true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.connect.willtopic\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the MQTT CONNECT will topic\0".as_ptr() as *const libc::c_char, @@ -1326,7 +1326,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { true, mqtt_conn_willtopic_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.connect.willmessage\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the MQTT CONNECT will message\0".as_ptr() as *const libc::c_char, @@ -1345,7 +1345,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { true, mqtt_conn_willmsg_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.connect.username\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the MQTT CONNECT username\0".as_ptr() as *const libc::c_char, @@ -1364,7 +1364,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { true, mqtt_conn_username_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.connect.protocol_string\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the MQTT CONNECT protocol string\0".as_ptr() as *const libc::c_char, @@ -1383,7 +1383,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { true, mqtt_conn_protocolstring_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.connect.password\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the MQTT CONNECT password\0".as_ptr() as *const libc::c_char, @@ -1402,7 +1402,7 @@ pub unsafe extern "C" fn SCDetectMqttRegister() { true, mqtt_conn_password_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"mqtt.connect.clientid\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the MQTT CONNECT clientid\0".as_ptr() as *const libc::c_char, diff --git a/rust/src/rfb/detect.rs b/rust/src/rfb/detect.rs index bbbb81f0c7..19d428c357 100644 --- a/rust/src/rfb/detect.rs +++ b/rust/src/rfb/detect.rs @@ -25,7 +25,7 @@ use crate::detect::uint::{ }; use crate::detect::{ DetectBufferSetActiveList, DetectHelperBufferMpmRegister, DetectHelperBufferRegister, - DetectHelperGetData, DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableElmt, + DetectHelperGetData, DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList, SIGMATCH_INFO_STICKY_BUFFER, SIGMATCH_NOOPT, }; use std::ffi::CStr; @@ -188,7 +188,7 @@ unsafe extern "C" fn rfb_sec_result_free(_de: *mut c_void, ctx: *mut c_void) { #[no_mangle] pub unsafe extern "C" fn SCDetectRfbRegister() { - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"rfb.name\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the RFB desktop name\0".as_ptr() as *const libc::c_char, url: b"/rules/rfb-keywords.html#rfb-name\0".as_ptr() as *const libc::c_char, @@ -206,7 +206,7 @@ pub unsafe extern "C" fn SCDetectRfbRegister() { false, rfb_name_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"rfb.sectype\0".as_ptr() as *const libc::c_char, desc: b"match RFB security type\0".as_ptr() as *const libc::c_char, url: b"/rules/rfb-keywords.html#rfb-sectype\0".as_ptr() as *const libc::c_char, @@ -222,7 +222,7 @@ pub unsafe extern "C" fn SCDetectRfbRegister() { false, // only to server true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"rfb.secresult\0".as_ptr() as *const libc::c_char, desc: b"match RFB security result\0".as_ptr() as *const libc::c_char, url: b"/rules/rfb-keywords.html#rfb-secresult\0".as_ptr() as *const libc::c_char, diff --git a/rust/src/sdp/detect.rs b/rust/src/sdp/detect.rs index 6630b5b2b9..21874899c8 100644 --- a/rust/src/sdp/detect.rs +++ b/rust/src/sdp/detect.rs @@ -20,7 +20,7 @@ use crate::detect::{ DetectBufferSetActiveList, DetectHelperBufferMpmRegister, DetectHelperGetData, DetectHelperGetMultiData, DetectHelperKeywordRegister, DetectHelperMultiBufferMpmRegister, - DetectSignatureSetAppProto, SCSigTableElmt, SIGMATCH_NOOPT, + DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SIGMATCH_NOOPT, }; use crate::direction::Direction; use crate::sip::sip::{SIPTransaction, ALPROTO_SIP}; @@ -889,7 +889,7 @@ unsafe extern "C" fn sip_media_desc_encryption_key_get_data( #[no_mangle] pub unsafe extern "C" fn SCDetectSdpRegister() { - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.session_name\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP session name field\0".as_ptr() as *const libc::c_char, @@ -908,7 +908,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_session_name_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.session_info\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP session info field\0".as_ptr() as *const libc::c_char, @@ -927,7 +927,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_session_info_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.origin\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP origin field\0".as_ptr() as *const libc::c_char, url: b"/rules/sdp-keywords.html#sdp-origin\0".as_ptr() as *const libc::c_char, @@ -945,7 +945,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_origin_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.uri\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP uri field\0".as_ptr() as *const libc::c_char, url: b"/rules/sdp-keywords.html#sdp-uri\0".as_ptr() as *const libc::c_char, @@ -963,7 +963,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_uri_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.email\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP email field\0".as_ptr() as *const libc::c_char, url: b"/rules/sdp-keywords.html#sdp-email\0".as_ptr() as *const libc::c_char, @@ -981,7 +981,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_email_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.phone_number\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP phone number field\0".as_ptr() as *const libc::c_char, @@ -1000,7 +1000,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_phone_number_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.connection_data\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP connection data field\0".as_ptr() as *const libc::c_char, @@ -1019,7 +1019,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_conn_data_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.bandwidth\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP bandwidth field\0".as_ptr() as *const libc::c_char, @@ -1038,7 +1038,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_bandwidth_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.time\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP time field\0".as_ptr() as *const libc::c_char, url: b"/rules/sdp-keywords.html#time\0".as_ptr() as *const libc::c_char, @@ -1056,7 +1056,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_time_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.repeat_time\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP repeat time field\0".as_ptr() as *const libc::c_char, @@ -1075,7 +1075,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_repeat_time_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.timezone\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP timezone field\0".as_ptr() as *const libc::c_char, url: b"/rules/sdp-keywords.html#timezone\0".as_ptr() as *const libc::c_char, @@ -1093,7 +1093,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_timezone_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.encryption_key\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP encryption key field\0".as_ptr() as *const libc::c_char, @@ -1112,7 +1112,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_encryption_key_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.attribute\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP attribute field\0".as_ptr() as *const libc::c_char, @@ -1131,7 +1131,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_attribute_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.media.media\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP media subfield of the media_description field\0" .as_ptr() as *const libc::c_char, @@ -1150,7 +1150,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_media_desc_media_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.media.media_info\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP session info subfield of the media_description field\0".as_ptr() as *const libc::c_char, @@ -1169,7 +1169,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_media_desc_session_info_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.media.connection_data\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP connection data subfield of the media_description field\0".as_ptr() as *const libc::c_char, @@ -1188,7 +1188,7 @@ pub unsafe extern "C" fn SCDetectSdpRegister() { true, sdp_media_desc_connection_data_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sdp.media.encryption_key\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SDP encryption key subfield of the media_description field\0".as_ptr() as *const libc::c_char, diff --git a/rust/src/sip/detect.rs b/rust/src/sip/detect.rs index c8f3b92f10..e26e2bdf32 100644 --- a/rust/src/sip/detect.rs +++ b/rust/src/sip/detect.rs @@ -21,7 +21,7 @@ use crate::direction::Direction; use crate::detect::{ DetectBufferSetActiveList, DetectHelperBufferMpmRegister, DetectHelperGetData, DetectHelperGetMultiData, DetectHelperKeywordRegister, DetectHelperMultiBufferMpmRegister, - DetectSignatureSetAppProto, SCSigTableElmt, SIGMATCH_NOOPT, + DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SIGMATCH_NOOPT, }; use crate::sip::sip::{SIPTransaction, ALPROTO_SIP}; use std::os::raw::{c_int, c_void}; @@ -579,7 +579,7 @@ unsafe extern "C" fn sip_content_length_hdr_get_data( } #[no_mangle] pub unsafe extern "C" fn SCDetectSipRegister() { - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sip.protocol\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SIP protocol\0".as_ptr() as *const libc::c_char, url: b"/rules/sip-keywords.html#sip-protocol\0".as_ptr() as *const libc::c_char, @@ -597,7 +597,7 @@ pub unsafe extern "C" fn SCDetectSipRegister() { true, sip_protocol_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sip.stat_code\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SIP status code\0".as_ptr() as *const libc::c_char, url: b"/rules/sip-keywords.html#sip-stat-code\0".as_ptr() as *const libc::c_char, @@ -615,7 +615,7 @@ pub unsafe extern "C" fn SCDetectSipRegister() { false, sip_stat_code_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sip.stat_msg\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SIP status message\0".as_ptr() as *const libc::c_char, url: b"/rules/sip-keywords.html#sip-stat-msg\0".as_ptr() as *const libc::c_char, @@ -633,7 +633,7 @@ pub unsafe extern "C" fn SCDetectSipRegister() { false, sip_stat_msg_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sip.request_line\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SIP request line\0".as_ptr() as *const libc::c_char, url: b"/rules/sip-keywords.html#sip-request-line\0".as_ptr() as *const libc::c_char, @@ -651,7 +651,7 @@ pub unsafe extern "C" fn SCDetectSipRegister() { true, sip_request_line_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sip.response_line\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SIP response line\0".as_ptr() as *const libc::c_char, url: b"/rules/sip-keywords.html#sip-response-line\0".as_ptr() as *const libc::c_char, @@ -669,7 +669,7 @@ pub unsafe extern "C" fn SCDetectSipRegister() { false, sip_response_line_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sip.from\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SIP From header\0".as_ptr() as *const libc::c_char, url: b"/rules/sip-keywords.html#sip-from\0".as_ptr() as *const libc::c_char, @@ -687,7 +687,7 @@ pub unsafe extern "C" fn SCDetectSipRegister() { true, sip_from_hdr_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sip.to\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SIP To header\0".as_ptr() as *const libc::c_char, url: b"/rules/sip-keywords.html#sip-to\0".as_ptr() as *const libc::c_char, @@ -705,7 +705,7 @@ pub unsafe extern "C" fn SCDetectSipRegister() { true, sip_to_hdr_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sip.via\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SIP Via header\0".as_ptr() as *const libc::c_char, url: b"/rules/sip-keywords.html#sip-via\0".as_ptr() as *const libc::c_char, @@ -723,7 +723,7 @@ pub unsafe extern "C" fn SCDetectSipRegister() { true, sip_via_hdr_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sip.user_agent\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SIP User-Agent header\0".as_ptr() as *const libc::c_char, @@ -742,7 +742,7 @@ pub unsafe extern "C" fn SCDetectSipRegister() { true, sip_ua_hdr_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sip.content_type\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SIP Content-Type header\0".as_ptr() as *const libc::c_char, @@ -761,7 +761,7 @@ pub unsafe extern "C" fn SCDetectSipRegister() { true, sip_content_type_hdr_get, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"sip.content_length\0".as_ptr() as *const libc::c_char, desc: b"sticky buffer to match on the SIP Content-Length header\0".as_ptr() as *const libc::c_char, diff --git a/rust/src/snmp/detect.rs b/rust/src/snmp/detect.rs index c4aa07bb9d..1c09b49280 100644 --- a/rust/src/snmp/detect.rs +++ b/rust/src/snmp/detect.rs @@ -23,7 +23,7 @@ use crate::detect::uint::{ }; use crate::detect::{ DetectBufferSetActiveList, DetectHelperBufferMpmRegister, DetectHelperBufferRegister, - DetectHelperGetData, DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableElmt, + DetectHelperGetData, DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList, SIGMATCH_INFO_STICKY_BUFFER, SIGMATCH_NOOPT, }; use std::os::raw::{c_int, c_void}; @@ -184,7 +184,7 @@ unsafe extern "C" fn snmp_detect_community_get_data( } pub(super) unsafe extern "C" fn detect_snmp_register() { - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"snmp.version\0".as_ptr() as *const libc::c_char, desc: b"match SNMP version\0".as_ptr() as *const libc::c_char, url: b"/rules/snmp-keywords.html#snmp-version\0".as_ptr() as *const libc::c_char, @@ -201,7 +201,7 @@ pub(super) unsafe extern "C" fn detect_snmp_register() { true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"snmp.pdu_type\0".as_ptr() as *const libc::c_char, desc: b"match SNMP PDU type\0".as_ptr() as *const libc::c_char, url: b"/rules/snmp-keywords.html#snmp-pdu-type\0".as_ptr() as *const libc::c_char, @@ -218,7 +218,7 @@ pub(super) unsafe extern "C" fn detect_snmp_register() { true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"snmp.usm\0".as_ptr() as *const libc::c_char, desc: b"SNMP content modifier to match on the SNMP usm\0".as_ptr() as *const libc::c_char, url: b"/rules/snmp-keywords.html#snmp-usm\0".as_ptr() as *const libc::c_char, @@ -237,7 +237,7 @@ pub(super) unsafe extern "C" fn detect_snmp_register() { snmp_detect_usm_get_data, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"snmp.community\0".as_ptr() as *const libc::c_char, desc: b"SNMP content modifier to match on the SNMP community\0".as_ptr() as *const libc::c_char, diff --git a/rust/src/websocket/detect.rs b/rust/src/websocket/detect.rs index 908e4fb6a5..82cdd184a9 100644 --- a/rust/src/websocket/detect.rs +++ b/rust/src/websocket/detect.rs @@ -22,7 +22,7 @@ use crate::detect::uint::{ }; use crate::detect::{ DetectBufferSetActiveList, DetectHelperBufferMpmRegister, DetectHelperBufferRegister, - DetectHelperGetData, DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableElmt, + DetectHelperGetData, DetectHelperKeywordRegister, DetectSignatureSetAppProto, SCSigTableAppLiteElmt, SigMatchAppendSMToList, SIGMATCH_INFO_STICKY_BUFFER, SIGMATCH_NOOPT, }; use crate::websocket::parser::WebSocketOpcode; @@ -278,7 +278,7 @@ pub unsafe extern "C" fn websocket_detect_payload_get_data( #[no_mangle] pub unsafe extern "C" fn SCDetectWebsocketRegister() { - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"websocket.opcode\0".as_ptr() as *const libc::c_char, desc: b"match WebSocket opcode\0".as_ptr() as *const libc::c_char, url: b"/rules/websocket-keywords.html#websocket-opcode\0".as_ptr() as *const libc::c_char, @@ -294,7 +294,7 @@ pub unsafe extern "C" fn SCDetectWebsocketRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"websocket.mask\0".as_ptr() as *const libc::c_char, desc: b"match WebSocket mask\0".as_ptr() as *const libc::c_char, url: b"/rules/websocket-keywords.html#websocket-mask\0".as_ptr() as *const libc::c_char, @@ -310,7 +310,7 @@ pub unsafe extern "C" fn SCDetectWebsocketRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"websocket.flags\0".as_ptr() as *const libc::c_char, desc: b"match WebSocket flags\0".as_ptr() as *const libc::c_char, url: b"/rules/websocket-keywords.html#websocket-flags\0".as_ptr() as *const libc::c_char, @@ -326,7 +326,7 @@ pub unsafe extern "C" fn SCDetectWebsocketRegister() { true, true, ); - let kw = SCSigTableElmt { + let kw = SCSigTableAppLiteElmt { name: b"websocket.payload\0".as_ptr() as *const libc::c_char, desc: b"match WebSocket payload\0".as_ptr() as *const libc::c_char, url: b"/rules/websocket-keywords.html#websocket-payload\0".as_ptr() as *const libc::c_char, diff --git a/src/detect-email.c b/src/detect-email.c index 385c166dd3..87310f28c8 100644 --- a/src/detect-email.c +++ b/src/detect-email.c @@ -357,7 +357,7 @@ static InspectionBuffer *GetMimeEmailReceivedData(DetectEngineThreadCtx *det_ctx void DetectEmailRegister(void) { - SCSigTableElmt kw = { 0 }; + SCSigTableAppLiteElmt kw = { 0 }; kw.name = "email.from"; kw.desc = "'From' field from an email"; diff --git a/src/detect-engine-helper.c b/src/detect-engine-helper.c index 3a4fc493b6..921981f365 100644 --- a/src/detect-engine-helper.c +++ b/src/detect-engine-helper.c @@ -120,7 +120,7 @@ int SCDetectHelperNewKeywordId(void) return DETECT_TBLSIZE_IDX - 1; } -int DetectHelperKeywordRegister(const SCSigTableElmt *kw) +int DetectHelperKeywordRegister(const SCSigTableAppLiteElmt *kw) { int keyword_id = SCDetectHelperNewKeywordId(); if (keyword_id < 0) { diff --git a/src/detect-engine-helper.h b/src/detect-engine-helper.h index e85305259d..5524cc0018 100644 --- a/src/detect-engine-helper.h +++ b/src/detect-engine-helper.h @@ -30,7 +30,7 @@ int SCDetectHelperNewKeywordId(void); -int DetectHelperKeywordRegister(const SCSigTableElmt *kw); +int DetectHelperKeywordRegister(const SCSigTableAppLiteElmt *kw); void DetectHelperKeywordAliasRegister(int kwid, const char *alias); int DetectHelperBufferRegister(const char *name, AppProto alproto, bool toclient, bool toserver); diff --git a/src/detect-smtp.c b/src/detect-smtp.c index 332a766d34..23b6c4635f 100644 --- a/src/detect-smtp.c +++ b/src/detect-smtp.c @@ -136,7 +136,7 @@ static InspectionBuffer *GetSmtpRcptToData(DetectEngineThreadCtx *det_ctx, void SCDetectSMTPRegister(void) { - SCSigTableElmt kw = { 0 }; + SCSigTableAppLiteElmt kw = { 0 }; kw.name = "smtp.helo"; kw.desc = "SMTP helo buffer"; kw.url = "/rules/smtp-keywords.html#smtp-helo";