From: Victor Julien Date: Thu, 11 Aug 2022 10:18:28 +0000 (+0200) Subject: tls: don't set 2 events for a single exception X-Git-Tag: suricata-6.0.10~43 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d787558b0f2dc1fd191bb8eb7ab55b739f6c6fe2;p=thirdparty%2Fsuricata.git tls: don't set 2 events for a single exception Keep the more specific ones. (cherry picked from commit e9d63f335542b45123796f42801de730a63e6432) --- diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c index c44b33e1b0..113dd34fae 100644 --- a/src/app-layer-ssl.c +++ b/src/app-layer-ssl.c @@ -1624,7 +1624,6 @@ static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, const uint8_t *input SSLParserHSReset(ssl_state->curr_connp); SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE); - SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); continue; } @@ -2280,10 +2279,7 @@ static struct SSLDecoderResult SSLv3Decode(uint8_t direction, SSLState *ssl_stat SCLogDebug("retval %d", retval); if (retval < 0 || retval > (int)record_len) { DEBUG_VALIDATE_BUG_ON(retval > (int)record_len); - SSLSetEvent(ssl_state, - TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE); - SSLSetEvent(ssl_state, - TLS_DECODER_EVENT_INVALID_SSL_RECORD); + SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE); SCLogDebug("SSLv3ParseHandshakeProtocol returned %d", retval); return SSL_DECODER_ERROR(-1); } @@ -2300,9 +2296,7 @@ static struct SSLDecoderResult SSLv3Decode(uint8_t direction, SSLState *ssl_stat break; } default: - /* \todo fix the event from invalid rule to unknown rule */ SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_TYPE); - SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); SCLogDebug("unsupported record type"); return SSL_DECODER_ERROR(-1); }