From: Victor Julien Date: Sat, 15 Dec 2018 06:57:25 +0000 (+0100) Subject: detect/tls: consolidate validity code X-Git-Tag: suricata-5.0.0-beta1~239 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=998f32f88c044594f0b26a9222e615c2ad43bbe4;p=thirdparty%2Fsuricata.git detect/tls: consolidate validity code --- diff --git a/src/Makefile.am b/src/Makefile.am index 15116d3523..46ef3e604e 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -125,7 +125,6 @@ detect-engine-build.c detect-engine-build.h \ detect-engine-content-inspection.c detect-engine-content-inspection.h \ detect-engine-dcepayload.c detect-engine-dcepayload.h \ detect-engine-dns.c detect-engine-dns.h \ -detect-engine-tls.c detect-engine-tls.h \ detect-engine-modbus.c detect-engine-modbus.h \ detect-engine-enip.c detect-engine-enip.h \ detect-engine-event.c detect-engine-event.h \ diff --git a/src/detect-engine-mpm.c b/src/detect-engine-mpm.c index c76f3b2d19..c7aa845cc3 100644 --- a/src/detect-engine-mpm.c +++ b/src/detect-engine-mpm.c @@ -51,7 +51,6 @@ #include "detect-engine-payload.h" #include "detect-engine-dns.h" -#include "detect-engine-tls.h" #include "stream.h" diff --git a/src/detect-engine-tls.c b/src/detect-engine-tls.c deleted file mode 100644 index 9a4313f24c..0000000000 --- a/src/detect-engine-tls.c +++ /dev/null @@ -1,58 +0,0 @@ -/* Copyright (C) 2016 Open Information Security Foundation - * - * You can copy, redistribute or modify this Program under the terms of - * the GNU General Public License version 2 as published by the Free - * Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * version 2 along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301, USA. - */ - -/** \file - * - * \author Mats Klepsland - * - */ - -#include "suricata-common.h" -#include "suricata.h" -#include "decode.h" - -#include "detect.h" -#include "detect-engine.h" -#include "detect-parse.h" -#include "detect-engine-state.h" -#include "detect-engine-content-inspection.h" -#include "detect-engine-prefilter.h" - -#include "flow-util.h" -#include "util-debug.h" -#include "util-print.h" -#include "flow.h" - -#include "app-layer.h" -#include "app-layer-parser.h" -#include "app-layer-protos.h" -#include "app-layer-ssl.h" -#include "detect-engine-tls.h" - -#include "util-unittest.h" -#include "util-unittest-helper.h" -#include "util-validate.h" - -int DetectEngineInspectTlsValidity(ThreadVars *tv, - DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, - const Signature *s, const SigMatchData *smd, - Flow *f, uint8_t flags, void *alstate, - void *txv, uint64_t tx_id) -{ - return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd, - f, flags, alstate, txv, tx_id); -} diff --git a/src/detect-engine-tls.h b/src/detect-engine-tls.h deleted file mode 100644 index 63d9c77cae..0000000000 --- a/src/detect-engine-tls.h +++ /dev/null @@ -1,31 +0,0 @@ -/* Copyright (C) 2016 Open Information Security Foundation - * - * You can copy, redistribute or modify this Program under the terms of - * the GNU General Public License version 2 as published by the Free - * Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * version 2 along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301, USA. - */ - -/** \file - * - * \author Mats Klepsland - */ - -#ifndef __DETECT_ENGINE_TLS_H__ -#define __DETECT_ENGINE_TLS_H__ - -int DetectEngineInspectTlsValidity(ThreadVars *tv, - DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, - const Signature *s, const SigMatchData *smd, - Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id); - -#endif /* __DETECT_ENGINE_TLS_H__ */ diff --git a/src/detect-tls-cert-validity.c b/src/detect-tls-cert-validity.c index 2ef91e09e1..bd8ce69008 100644 --- a/src/detect-tls-cert-validity.c +++ b/src/detect-tls-cert-validity.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2015 Open Information Security Foundation +/* Copyright (C) 2015-2018 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -35,7 +35,6 @@ #include "detect-content.h" #include "detect-pcre.h" #include "detect-tls-cert-validity.h" -#include "detect-engine-tls.h" #include "flow.h" #include "flow-util.h" @@ -75,6 +74,12 @@ static void TlsValidRegisterTests(void); static void DetectTlsValidityFree(void *); static int g_tls_validity_buffer_id = 0; +static int DetectEngineInspectTlsValidity(ThreadVars *tv, + DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, + const Signature *s, const SigMatchData *smd, + Flow *f, uint8_t flags, void *alstate, + void *txv, uint64_t tx_id); + /** * \brief Registration function for tls validity keywords. */ @@ -127,6 +132,15 @@ void DetectTlsValidityRegister (void) g_tls_validity_buffer_id = DetectBufferTypeGetByName("tls_validity"); } +static int DetectEngineInspectTlsValidity(ThreadVars *tv, + DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, + const Signature *s, const SigMatchData *smd, + Flow *f, uint8_t flags, void *alstate, + void *txv, uint64_t tx_id) +{ + return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd, + f, flags, alstate, txv, tx_id); +} /** * \internal * \brief Function to match validity field in a tls certificate.