From: Victor Julien Date: Thu, 11 Aug 2022 10:18:28 +0000 (+0200) Subject: tls: don't set 2 events for a single exception X-Git-Tag: suricata-7.0.0-beta1~199 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e9d63f335542b45123796f42801de730a63e6432;p=thirdparty%2Fsuricata.git tls: don't set 2 events for a single exception Keep the more specific ones. --- diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c index e09905ba18..31ff59fc20 100644 --- a/src/app-layer-ssl.c +++ b/src/app-layer-ssl.c @@ -1636,7 +1636,6 @@ static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, const uint8_t *input SSLParserHSReset(ssl_state->curr_connp); SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE); - SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); continue; } @@ -2316,10 +2315,7 @@ static struct SSLDecoderResult SSLv3Decode(uint8_t direction, SSLState *ssl_stat SCLogDebug("retval %d", retval); if (retval < 0 || retval > (int)record_len) { DEBUG_VALIDATE_BUG_ON(retval > (int)record_len); - SSLSetEvent(ssl_state, - TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE); - SSLSetEvent(ssl_state, - TLS_DECODER_EVENT_INVALID_SSL_RECORD); + SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE); SCLogDebug("SSLv3ParseHandshakeProtocol returned %d", retval); return SSL_DECODER_ERROR(-1); } @@ -2338,9 +2334,7 @@ static struct SSLDecoderResult SSLv3Decode(uint8_t direction, SSLState *ssl_stat break; } default: - /* \todo fix the event from invalid rule to unknown rule */ SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_TYPE); - SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); SCLogDebug("unsupported record type"); return SSL_DECODER_ERROR(-1); }