From: Victor Julien <victor@inliniac.net>
Date: Sat, 15 Oct 2016 16:47:42 +0000 (+0200)
Subject: detect: dns & tls lists in engine
X-Git-Tag: suricata-4.0.0-beta1~415
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=747dbf92ce78783bf93cf7ce65b9dfd174bf8943;p=thirdparty%2Fsuricata.git

detect: dns & tls lists in engine
---

diff --git a/src/detect-engine-dns.c b/src/detect-engine-dns.c
index 4b15996195..7269b378ea 100644
--- a/src/detect-engine-dns.c
+++ b/src/detect-engine-dns.c
@@ -86,7 +86,7 @@ int DetectEngineInspectDnsQueryName(ThreadVars *tv,
         //PrintRawDataFp(stdout, buffer, buffer_len);
 
         r = DetectEngineContentInspection(de_ctx, det_ctx,
-                s, s->sm_lists[DETECT_SM_LIST_DNSQUERYNAME_MATCH],
+                s, sm,
                 f, buffer, buffer_len, 0,
                 DETECT_ENGINE_CONTENT_INSPECTION_MODE_STATE, NULL);
         if (r == 1)
diff --git a/src/detect-engine-tls.c b/src/detect-engine-tls.c
index e488fd3301..3e5b458d2e 100644
--- a/src/detect-engine-tls.c
+++ b/src/detect-engine-tls.c
@@ -114,8 +114,7 @@ int DetectEngineInspectTlsSni(ThreadVars *tv,
     buffer = (uint8_t *)ssl_state->client_connp.sni;
     buffer_len = strlen(ssl_state->client_connp.sni);
 
-    cnt = DetectEngineContentInspection(de_ctx, det_ctx, s,
-            s->sm_lists[DETECT_SM_LIST_TLSSNI_MATCH],
+    cnt = DetectEngineContentInspection(de_ctx, det_ctx, s, sm,
             f, buffer, buffer_len, 0,
             DETECT_ENGINE_CONTENT_INSPECTION_MODE_STATE, NULL);
 
@@ -190,8 +189,7 @@ int DetectEngineInspectTlsIssuer(ThreadVars *tv,
     buffer = (uint8_t *)ssl_state->server_connp.cert0_issuerdn;
     buffer_len = strlen(ssl_state->server_connp.cert0_issuerdn);
 
-    cnt = DetectEngineContentInspection(de_ctx, det_ctx, s,
-            s->sm_lists[DETECT_SM_LIST_TLSISSUER_MATCH],
+    cnt = DetectEngineContentInspection(de_ctx, det_ctx, s, sm,
             f, buffer, buffer_len, 0,
             DETECT_ENGINE_CONTENT_INSPECTION_MODE_STATE, NULL);
 
@@ -266,8 +264,7 @@ int DetectEngineInspectTlsSubject(ThreadVars *tv,
     buffer = (uint8_t *)ssl_state->server_connp.cert0_subject;
     buffer_len = strlen(ssl_state->server_connp.cert0_subject);
 
-    cnt = DetectEngineContentInspection(de_ctx, det_ctx, s,
-            s->sm_lists[DETECT_SM_LIST_TLSSUBJECT_MATCH],
+    cnt = DetectEngineContentInspection(de_ctx, det_ctx, s, sm,
             f, buffer, buffer_len, 0,
             DETECT_ENGINE_CONTENT_INSPECTION_MODE_STATE, NULL);
 
diff --git a/src/detect-engine.c b/src/detect-engine.c
index 0fc7dd5499..40d32d3ad3 100644
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@@ -188,6 +188,16 @@ int DetectEngineAppInspectionEngine2Signature(Signature *s)
             case DETECT_SM_LIST_HRHHDMATCH:
             case DETECT_SM_LIST_HCDMATCH:
             case DETECT_SM_LIST_HUADMATCH:
+
+            case DETECT_SM_LIST_DNSQUERYNAME_MATCH:
+            //case DETECT_SM_LIST_DNSRESPONSE_MATCH:
+            //case DETECT_SM_LIST_DNSRESPONSE_MATCH:
+
+            case DETECT_SM_LIST_TLSSNI_MATCH:
+            case DETECT_SM_LIST_TLSISSUER_MATCH:
+            case DETECT_SM_LIST_TLSSUBJECT_MATCH:
+            //case DETECT_SM_LIST_TLSVALIDITY_MATCH:
+
                 new_engine->sm = s->sm_lists[new_engine->sm_list];
                 s->sm_lists[new_engine->sm_list] = NULL;
                 s->sm_lists_tail[new_engine->sm_list] = NULL;