From 3485e57953cde55c34678cdc68c6210b61ebdc98 Mon Sep 17 00:00:00 2001
From: Victor Julien <vjulien@oisf.net>
Date: Mon, 20 Jan 2025 13:05:32 +0100
Subject: [PATCH] detect: reuse hook based generic lists

---
 src/detect-dns-query.c         | 10 ----------
 src/detect-tls-cert-validity.c |  2 +-
 src/detect-tls-certs.c         |  5 +----
 3 files changed, 2 insertions(+), 15 deletions(-)

diff --git a/src/detect-dns-query.c b/src/detect-dns-query.c
index 5d3a7a5c4c..ef73d58418 100644
--- a/src/detect-dns-query.c
+++ b/src/detect-dns-query.c
@@ -107,16 +107,6 @@ void DetectDnsQueryRegister (void)
     DetectBufferTypeSupportsMultiInstance("dns_query");
 
     g_dns_query_buffer_id = DetectBufferTypeGetByName("dns_query");
-
-    /* register these generic engines from here for now */
-    DetectAppLayerInspectEngineRegister(
-            "dns_request", ALPROTO_DNS, SIG_FLAG_TOSERVER, 1, DetectEngineInspectGenericList, NULL);
-    DetectAppLayerInspectEngineRegister("dns_response", ALPROTO_DNS, SIG_FLAG_TOCLIENT, 1,
-            DetectEngineInspectGenericList, NULL);
-
-    DetectBufferTypeSetDescriptionByName("dns_request",
-            "dns requests");
-    DetectBufferTypeSetDescriptionByName("dns_response", "dns responses");
 }
 
 
diff --git a/src/detect-tls-cert-validity.c b/src/detect-tls-cert-validity.c
index 9e858dc851..0af00a56a6 100644
--- a/src/detect-tls-cert-validity.c
+++ b/src/detect-tls-cert-validity.c
@@ -123,7 +123,7 @@ void DetectTlsValidityRegister (void)
 
     DetectSetupParseRegexes(PARSE_REGEX, &parse_regex);
 
-    g_tls_validity_buffer_id = DetectBufferTypeGetByName("tls_validity");
+    g_tls_validity_buffer_id = DetectBufferTypeGetByName("tls:server_cert_done:generic");
 }
 
 /**
diff --git a/src/detect-tls-certs.c b/src/detect-tls-certs.c
index 90193df5d7..fdf2f5a90f 100644
--- a/src/detect-tls-certs.c
+++ b/src/detect-tls-certs.c
@@ -157,7 +157,7 @@ static int DetectTlsCertsSetup(DetectEngineCtx *de_ctx, Signature *s,
 }
 
 static int g_tls_cert_buffer_id = 0;
-#define BUFFER_NAME  "tls_validity"
+#define BUFFER_NAME  "tls:server_cert_done:generic"
 #define KEYWORD_ID   DETECT_TLS_CHAIN_LEN
 #define KEYWORD_NAME "tls.cert_chain_len"
 #define KEYWORD_DESC "match TLS certificate chain length"
@@ -252,9 +252,6 @@ void DetectTlsCertChainLenRegister(void)
     sigmatch_table[KEYWORD_ID].Setup = DetectTLSCertChainLenSetup;
     sigmatch_table[KEYWORD_ID].Free = DetectTLSCertChainLenFree;
 
-    DetectAppLayerInspectEngineRegister(BUFFER_NAME, ALPROTO_TLS, SIG_FLAG_TOCLIENT,
-            TLS_STATE_SERVER_CERT_DONE, DetectEngineInspectGenericList, NULL);
-
     g_tls_cert_buffer_id = DetectBufferTypeGetByName(BUFFER_NAME);
 }
 
-- 
2.47.2