From: Victor Julien Date: Wed, 17 Apr 2019 06:45:36 +0000 (+0200) Subject: detect/dcerpc: cleanup now Rust is mandatory X-Git-Tag: suricata-5.0.0-beta1~46 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e572324c5a43d3694f1c75fb611403f2e56729fe;p=thirdparty%2Fsuricata.git detect/dcerpc: cleanup now Rust is mandatory --- diff --git a/src/detect-dce-iface.c b/src/detect-dce-iface.c index 16714330a3..1ebe47a774 100644 --- a/src/detect-dce-iface.c +++ b/src/detect-dce-iface.c @@ -47,25 +47,18 @@ #include "util-unittest-helper.h" #include "stream-tcp.h" -#ifdef HAVE_RUST #include "rust.h" #include "rust-smb-detect-gen.h" -#endif #define PARSE_REGEX "^\\s*([0-9a-zA-Z]{8}-[0-9a-zA-Z]{4}-[0-9a-zA-Z]{4}-[0-9a-zA-Z]{4}-[0-9a-zA-Z]{12})(?:\\s*,(<|>|=|!)([0-9]{1,5}))?(?:\\s*,(any_frag))?\\s*$" static pcre *parse_regex = NULL; static pcre_extra *parse_regex_study = NULL; -static int DetectDceIfaceMatch(ThreadVars *, DetectEngineThreadCtx *, - Flow *, uint8_t, void *, void *, - const Signature *, const SigMatchCtx *); -#ifdef HAVE_RUST static int DetectDceIfaceMatchRust(ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow *f, uint8_t flags, void *state, void *txv, const Signature *s, const SigMatchCtx *m); -#endif static int DetectDceIfaceSetup(DetectEngineCtx *, Signature *, const char *); static void DetectDceIfaceFree(void *); static void DetectDceIfaceRegisterTests(void); @@ -84,11 +77,7 @@ void DetectDceIfaceRegister(void) { sigmatch_table[DETECT_DCE_IFACE].name = "dce_iface"; sigmatch_table[DETECT_DCE_IFACE].Match = NULL; -#ifdef HAVE_RUST sigmatch_table[DETECT_DCE_IFACE].AppLayerTxMatch = DetectDceIfaceMatchRust; -#else - sigmatch_table[DETECT_DCE_IFACE].AppLayerTxMatch = DetectDceIfaceMatch; -#endif sigmatch_table[DETECT_DCE_IFACE].Setup = DetectDceIfaceSetup; sigmatch_table[DETECT_DCE_IFACE].Free = DetectDceIfaceFree; sigmatch_table[DETECT_DCE_IFACE].RegisterTests = DetectDceIfaceRegisterTests; @@ -246,11 +235,6 @@ static DetectDceIfaceData *DetectDceIfaceArgParse(const char *arg) return NULL; } -DCERPCState *DetectDceGetState(AppProto alproto, void *alstate) -{ - return alstate; -} - /** * \internal * \brief Internal function that compares the dce interface version for this @@ -302,7 +286,7 @@ static int DetectDceIfaceMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, const DetectDceIfaceData *dce_data = (DetectDceIfaceData *)m; DCERPCUuidEntry *item = NULL; - const DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate); + const DCERPCState *dcerpc_state = state; if (dcerpc_state == NULL) { SCLogDebug("No DCERPCState for the flow"); SCReturnInt(0); @@ -356,7 +340,6 @@ end: SCReturnInt(ret); } -#ifdef HAVE_RUST static int DetectDceIfaceMatchRust(ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow *f, uint8_t flags, void *state, void *txv, @@ -381,7 +364,6 @@ static int DetectDceIfaceMatchRust(ThreadVars *t, } SCReturnInt(ret); } -#endif /** * \brief Creates a SigMatch for the "dce_iface" keyword being sent as argument, diff --git a/src/detect-dce-opnum.c b/src/detect-dce-opnum.c index 227369b7b3..cf5c0121b1 100644 --- a/src/detect-dce-opnum.c +++ b/src/detect-dce-opnum.c @@ -48,25 +48,18 @@ #include "util-unittest-helper.h" #include "stream-tcp.h" -#ifdef HAVE_RUST #include "rust.h" #include "rust-smb-detect-gen.h" -#endif #define PARSE_REGEX "^\\s*([0-9]{1,5}(\\s*-\\s*[0-9]{1,5}\\s*)?)(,\\s*[0-9]{1,5}(\\s*-\\s*[0-9]{1,5})?\\s*)*$" static pcre *parse_regex = NULL; static pcre_extra *parse_regex_study = NULL; -static int DetectDceOpnumMatch(ThreadVars *, DetectEngineThreadCtx *, - Flow *, uint8_t, void *, void *, - const Signature *, const SigMatchCtx *); -#ifdef HAVE_RUST static int DetectDceOpnumMatchRust(ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow *f, uint8_t flags, void *state, void *txv, const Signature *s, const SigMatchCtx *m); -#endif static int DetectDceOpnumSetup(DetectEngineCtx *, Signature *, const char *); static void DetectDceOpnumFree(void *); static void DetectDceOpnumRegisterTests(void); @@ -79,11 +72,7 @@ void DetectDceOpnumRegister(void) { sigmatch_table[DETECT_DCE_OPNUM].name = "dce_opnum"; sigmatch_table[DETECT_DCE_OPNUM].Match = NULL; -#ifdef HAVE_RUST sigmatch_table[DETECT_DCE_OPNUM].AppLayerTxMatch = DetectDceOpnumMatchRust; -#else - sigmatch_table[DETECT_DCE_OPNUM].AppLayerTxMatch = DetectDceOpnumMatch; -#endif sigmatch_table[DETECT_DCE_OPNUM].Setup = DetectDceOpnumSetup; sigmatch_table[DETECT_DCE_OPNUM].Free = DetectDceOpnumFree; sigmatch_table[DETECT_DCE_OPNUM].RegisterTests = DetectDceOpnumRegisterTests; @@ -265,7 +254,7 @@ static int DetectDceOpnumMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, DetectDceOpnumData *dce_data = (DetectDceOpnumData *)m; DetectDceOpnumRange *dor = dce_data->range; - DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate); + DCERPCState *dcerpc_state = state; if (dcerpc_state == NULL) { SCLogDebug("No DCERPCState for the flow"); SCReturnInt(0); @@ -288,7 +277,6 @@ static int DetectDceOpnumMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, SCReturnInt(0); } -#ifdef HAVE_RUST static int DetectDceOpnumMatchRust(ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow *f, uint8_t flags, void *state, void *txv, @@ -324,7 +312,6 @@ static int DetectDceOpnumMatchRust(ThreadVars *t, SCReturnInt(0); } -#endif /** * \brief Creates a SigMatch for the "dce_opnum" keyword being sent as argument, diff --git a/src/detect-dce-stub-data.c b/src/detect-dce-stub-data.c index 1e60f6bd2b..60d4f8bc61 100644 --- a/src/detect-dce-stub-data.c +++ b/src/detect-dce-stub-data.c @@ -54,10 +54,8 @@ #include "stream-tcp.h" -#ifdef HAVE_RUST #include "rust.h" #include "rust-smb-detect-gen.h" -#endif #define BUFFER_NAME "dce_stub_data" #define KEYWORD_NAME "dce_stub_data" @@ -85,17 +83,14 @@ static void PrefilterTxDceStubDataRequest(DetectEngineThreadCtx *det_ctx, uint8_t *buffer; uint32_t buffer_len; -#ifdef HAVE_RUST if (f->alproto == ALPROTO_SMB) { if (rs_smb_tx_get_stub_data(txv, STREAM_TOSERVER, &buffer, &buffer_len) != 1) { SCLogDebug("have no data!"); return; } SCLogDebug("have data!"); - } else -#endif - { - DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate); + } else { + DCERPCState *dcerpc_state = f->alstate; if (dcerpc_state == NULL) return; @@ -143,17 +138,14 @@ static void PrefilterTxDceStubDataResponse(DetectEngineThreadCtx *det_ctx, uint8_t *buffer; uint32_t buffer_len; -#ifdef HAVE_RUST if (f->alproto == ALPROTO_SMB) { if (rs_smb_tx_get_stub_data(txv, STREAM_TOCLIENT, &buffer, &buffer_len) != 1) { SCLogDebug("have no data!"); return; } SCLogDebug("have data!"); - } else -#endif - { - DCERPCState *dcerpc_state = DetectDceGetState(f->alproto, f->alstate); + } else { + DCERPCState *dcerpc_state = f->alstate; if (dcerpc_state == NULL) return; @@ -192,16 +184,14 @@ static int InspectEngineDceStubData(ThreadVars *tv, uint8_t *buffer = NULL; DCERPCState *dcerpc_state = NULL; -#ifdef HAVE_RUST if (f->alproto == ALPROTO_SMB) { uint8_t dir = flags & (STREAM_TOSERVER|STREAM_TOCLIENT); if (rs_smb_tx_get_stub_data(tx, dir, &buffer, &buffer_len) != 1) goto end; SCLogDebug("have data!"); } else -#endif { - dcerpc_state = DetectDceGetState(f->alproto, f->alstate); + dcerpc_state = alstate; if (dcerpc_state == NULL) goto end;