From: Victor Julien Date: Mon, 19 Oct 2020 12:11:26 +0000 (+0200) Subject: detect/dns: convert to v2 inspect API X-Git-Tag: suricata-7.0.0-beta1~1979 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=db0665bccc7a8f725164c078c7e805ae0686af84;p=thirdparty%2Fsuricata.git detect/dns: convert to v2 inspect API --- diff --git a/src/detect-dns-opcode.c b/src/detect-dns-opcode.c index a08f254276..bbb58d2cca 100644 --- a/src/detect-dns-opcode.c +++ b/src/detect-dns-opcode.c @@ -74,14 +74,12 @@ static int DetectDnsOpcodeMatch(DetectEngineThreadCtx *det_ctx, return rs_dns_opcode_match(txv, (void *)ctx, flags); } -static int DetectEngineInspectRequestGenericDnsOpcode(ThreadVars *tv, - DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, - const Signature *s, const SigMatchData *smd, - Flow *f, uint8_t flags, void *alstate, - void *txv, uint64_t tx_id) +static int DetectEngineInspectRequestGenericDnsOpcode(DetectEngineCtx *de_ctx, + DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, + const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id) { - return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd, - f, flags, alstate, txv, tx_id); + return DetectEngineInspectGenericList( + NULL, de_ctx, det_ctx, s, engine->smd, f, flags, alstate, txv, tx_id); } void DetectDnsOpcodeRegister(void) @@ -94,13 +92,11 @@ void DetectDnsOpcodeRegister(void) sigmatch_table[DETECT_AL_DNS_OPCODE].AppLayerTxMatch = DetectDnsOpcodeMatch; - DetectAppLayerInspectEngineRegister("dns.opcode", - ALPROTO_DNS, SIG_FLAG_TOSERVER, 0, - DetectEngineInspectRequestGenericDnsOpcode); + DetectAppLayerInspectEngineRegister2("dns.opcode", ALPROTO_DNS, SIG_FLAG_TOSERVER, 0, + DetectEngineInspectRequestGenericDnsOpcode, NULL); - DetectAppLayerInspectEngineRegister("dns.opcode", - ALPROTO_DNS, SIG_FLAG_TOCLIENT, 0, - DetectEngineInspectRequestGenericDnsOpcode); + DetectAppLayerInspectEngineRegister2("dns.opcode", ALPROTO_DNS, SIG_FLAG_TOCLIENT, 0, + DetectEngineInspectRequestGenericDnsOpcode, NULL); dns_opcode_list_id = DetectBufferTypeGetByName("dns.opcode"); } diff --git a/src/detect-dns-query.c b/src/detect-dns-query.c index ef7b3a39d6..5e4b5f1051 100644 --- a/src/detect-dns-query.c +++ b/src/detect-dns-query.c @@ -232,12 +232,10 @@ void DetectDnsQueryRegister (void) g_dns_query_buffer_id = DetectBufferTypeGetByName("dns_query"); /* register these generic engines from here for now */ - DetectAppLayerInspectEngineRegister("dns_request", - ALPROTO_DNS, SIG_FLAG_TOSERVER, 1, - DetectEngineInspectDnsRequest); - DetectAppLayerInspectEngineRegister("dns_response", - ALPROTO_DNS, SIG_FLAG_TOCLIENT, 1, - DetectEngineInspectDnsResponse); + DetectAppLayerInspectEngineRegister2( + "dns_request", ALPROTO_DNS, SIG_FLAG_TOSERVER, 1, DetectEngineInspectDnsRequest, NULL); + DetectAppLayerInspectEngineRegister2("dns_response", ALPROTO_DNS, SIG_FLAG_TOCLIENT, 1, + DetectEngineInspectDnsResponse, NULL); DetectBufferTypeSetDescriptionByName("dns_request", "dns requests"); diff --git a/src/detect-engine-dns.c b/src/detect-engine-dns.c index ec412e3a65..77721b3d41 100644 --- a/src/detect-engine-dns.c +++ b/src/detect-engine-dns.c @@ -47,20 +47,18 @@ #include "util-unittest-helper.h" #include "util-validate.h" -int DetectEngineInspectDnsRequest(ThreadVars *tv, - DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, - const Signature *s, const SigMatchData *smd, - Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id) +int DetectEngineInspectDnsRequest(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, + const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, + uint8_t flags, void *alstate, void *txv, uint64_t tx_id) { - return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd, - f, flags, alstate, txv, tx_id); + return DetectEngineInspectGenericList( + NULL, de_ctx, det_ctx, s, engine->smd, f, flags, alstate, txv, tx_id); } -int DetectEngineInspectDnsResponse(ThreadVars *tv, - DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, - const Signature *s, const SigMatchData *smd, - Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id) +int DetectEngineInspectDnsResponse(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, + const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, + uint8_t flags, void *alstate, void *txv, uint64_t tx_id) { - return DetectEngineInspectGenericList(tv, de_ctx, det_ctx, s, smd, - f, flags, alstate, txv, tx_id); + return DetectEngineInspectGenericList( + NULL, de_ctx, det_ctx, s, engine->smd, f, flags, alstate, txv, tx_id); } diff --git a/src/detect-engine-dns.h b/src/detect-engine-dns.h index 0ffc87c006..ca886e3130 100644 --- a/src/detect-engine-dns.h +++ b/src/detect-engine-dns.h @@ -23,13 +23,11 @@ #ifndef __DETECT_ENGINE_DNS_H__ #define __DETECT_ENGINE_DNS_H__ -int DetectEngineInspectDnsRequest(ThreadVars *tv, - DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, - const Signature *s, const SigMatchData *smd, - Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id); -int DetectEngineInspectDnsResponse(ThreadVars *tv, - DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, - const Signature *s, const SigMatchData *smd, - Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id); +int DetectEngineInspectDnsRequest(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, + const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, + uint8_t flags, void *alstate, void *txv, uint64_t tx_id); +int DetectEngineInspectDnsResponse(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, + const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, + uint8_t flags, void *alstate, void *txv, uint64_t tx_id); #endif /* __DETECT_ENGINE_DNS_H__ */