#include "util-unittest-helper.h"
#include "stream-tcp.h"
-#ifdef HAVE_RUST
#include "rust.h"
#include "rust-smb-detect-gen.h"
-#endif
#define PARSE_REGEX "^\\s*([0-9a-zA-Z]{8}-[0-9a-zA-Z]{4}-[0-9a-zA-Z]{4}-[0-9a-zA-Z]{4}-[0-9a-zA-Z]{12})(?:\\s*,(<|>|=|!)([0-9]{1,5}))?(?:\\s*,(any_frag))?\\s*$"
static pcre *parse_regex = NULL;
static pcre_extra *parse_regex_study = NULL;
-static int DetectDceIfaceMatch(ThreadVars *, DetectEngineThreadCtx *,
- Flow *, uint8_t, void *, void *,
- const Signature *, const SigMatchCtx *);
-#ifdef HAVE_RUST
static int DetectDceIfaceMatchRust(ThreadVars *t,
DetectEngineThreadCtx *det_ctx,
Flow *f, uint8_t flags, void *state, void *txv,
const Signature *s, const SigMatchCtx *m);
-#endif
static int DetectDceIfaceSetup(DetectEngineCtx *, Signature *, const char *);
static void DetectDceIfaceFree(void *);
static void DetectDceIfaceRegisterTests(void);
{
sigmatch_table[DETECT_DCE_IFACE].name = "dce_iface";
sigmatch_table[DETECT_DCE_IFACE].Match = NULL;
-#ifdef HAVE_RUST
sigmatch_table[DETECT_DCE_IFACE].AppLayerTxMatch = DetectDceIfaceMatchRust;
-#else
- sigmatch_table[DETECT_DCE_IFACE].AppLayerTxMatch = DetectDceIfaceMatch;
-#endif
sigmatch_table[DETECT_DCE_IFACE].Setup = DetectDceIfaceSetup;
sigmatch_table[DETECT_DCE_IFACE].Free = DetectDceIfaceFree;
sigmatch_table[DETECT_DCE_IFACE].RegisterTests = DetectDceIfaceRegisterTests;
return NULL;
}
-DCERPCState *DetectDceGetState(AppProto alproto, void *alstate)
-{
- return alstate;
-}
-
/**
* \internal
* \brief Internal function that compares the dce interface version for this
const DetectDceIfaceData *dce_data = (DetectDceIfaceData *)m;
DCERPCUuidEntry *item = NULL;
- const DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate);
+ const DCERPCState *dcerpc_state = state;
if (dcerpc_state == NULL) {
SCLogDebug("No DCERPCState for the flow");
SCReturnInt(0);
SCReturnInt(ret);
}
-#ifdef HAVE_RUST
static int DetectDceIfaceMatchRust(ThreadVars *t,
DetectEngineThreadCtx *det_ctx,
Flow *f, uint8_t flags, void *state, void *txv,
}
SCReturnInt(ret);
}
-#endif
/**
* \brief Creates a SigMatch for the "dce_iface" keyword being sent as argument,
#include "util-unittest-helper.h"
#include "stream-tcp.h"
-#ifdef HAVE_RUST
#include "rust.h"
#include "rust-smb-detect-gen.h"
-#endif
#define PARSE_REGEX "^\\s*([0-9]{1,5}(\\s*-\\s*[0-9]{1,5}\\s*)?)(,\\s*[0-9]{1,5}(\\s*-\\s*[0-9]{1,5})?\\s*)*$"
static pcre *parse_regex = NULL;
static pcre_extra *parse_regex_study = NULL;
-static int DetectDceOpnumMatch(ThreadVars *, DetectEngineThreadCtx *,
- Flow *, uint8_t, void *, void *,
- const Signature *, const SigMatchCtx *);
-#ifdef HAVE_RUST
static int DetectDceOpnumMatchRust(ThreadVars *t,
DetectEngineThreadCtx *det_ctx,
Flow *f, uint8_t flags, void *state, void *txv,
const Signature *s, const SigMatchCtx *m);
-#endif
static int DetectDceOpnumSetup(DetectEngineCtx *, Signature *, const char *);
static void DetectDceOpnumFree(void *);
static void DetectDceOpnumRegisterTests(void);
{
sigmatch_table[DETECT_DCE_OPNUM].name = "dce_opnum";
sigmatch_table[DETECT_DCE_OPNUM].Match = NULL;
-#ifdef HAVE_RUST
sigmatch_table[DETECT_DCE_OPNUM].AppLayerTxMatch = DetectDceOpnumMatchRust;
-#else
- sigmatch_table[DETECT_DCE_OPNUM].AppLayerTxMatch = DetectDceOpnumMatch;
-#endif
sigmatch_table[DETECT_DCE_OPNUM].Setup = DetectDceOpnumSetup;
sigmatch_table[DETECT_DCE_OPNUM].Free = DetectDceOpnumFree;
sigmatch_table[DETECT_DCE_OPNUM].RegisterTests = DetectDceOpnumRegisterTests;
DetectDceOpnumData *dce_data = (DetectDceOpnumData *)m;
DetectDceOpnumRange *dor = dce_data->range;
- DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate);
+ DCERPCState *dcerpc_state = state;
if (dcerpc_state == NULL) {
SCLogDebug("No DCERPCState for the flow");
SCReturnInt(0);
SCReturnInt(0);
}
-#ifdef HAVE_RUST
static int DetectDceOpnumMatchRust(ThreadVars *t,
DetectEngineThreadCtx *det_ctx,
Flow *f, uint8_t flags, void *state, void *txv,
SCReturnInt(0);
}
-#endif
/**
* \brief Creates a SigMatch for the "dce_opnum" keyword being sent as argument,
#include "stream-tcp.h"
-#ifdef HAVE_RUST
#include "rust.h"
#include "rust-smb-detect-gen.h"
-#endif
#define BUFFER_NAME "dce_stub_data"
#define KEYWORD_NAME "dce_stub_data"
uint8_t *buffer;
uint32_t buffer_len;
-#ifdef HAVE_RUST
if (f->alproto == ALPROTO_SMB) {
if (rs_smb_tx_get_stub_data(txv, STREAM_TOSERVER, &buffer, &buffer_len) != 1) {
SCLogDebug("have no data!");
return;
}
SCLogDebug("have data!");
- } else
-#endif
- {
- DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate);
+ } else {
+ DCERPCState *dcerpc_state = f->alstate;
if (dcerpc_state == NULL)
return;
uint8_t *buffer;
uint32_t buffer_len;
-#ifdef HAVE_RUST
if (f->alproto == ALPROTO_SMB) {
if (rs_smb_tx_get_stub_data(txv, STREAM_TOCLIENT, &buffer, &buffer_len) != 1) {
SCLogDebug("have no data!");
return;
}
SCLogDebug("have data!");
- } else
-#endif
- {
- DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate);
+ } else {
+ DCERPCState *dcerpc_state = f->alstate;
if (dcerpc_state == NULL)
return;
uint8_t *buffer = NULL;
DCERPCState *dcerpc_state = NULL;
-#ifdef HAVE_RUST
if (f->alproto == ALPROTO_SMB) {
uint8_t dir = flags & (STREAM_TOSERVER|STREAM_TOCLIENT);
if (rs_smb_tx_get_stub_data(tx, dir, &buffer, &buffer_len) != 1)
goto end;
SCLogDebug("have data!");
} else
-#endif
{
- dcerpc_state = DetectDceGetState(f->alproto, f->alstate);
+ dcerpc_state = alstate;
if (dcerpc_state == NULL)
goto end;
projects / thirdparty / suricata.git / commitdiff
