From: Tom DeCanio <decanio.tom@gmail.com>
Date: Tue, 7 Oct 2014 22:44:06 +0000 (-0700)
Subject: app-layer-smtp: move old smtp-mime section in suricata.yaml into
X-Git-Tag: suricata-2.1beta2~34
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e5c36952d65d27b39359c970d0b9f0c6ef69de3b;p=thirdparty%2Fsuricata.git

app-layer-smtp: move old smtp-mime section in suricata.yaml into
app-layer-protocols.smtp.mine section and update code to accomodate.
---

diff --git a/src/app-layer-smtp.c b/src/app-layer-smtp.c
index 475a21e3e4..e0fd88d8cf 100644
--- a/src/app-layer-smtp.c
+++ b/src/app-layer-smtp.c
@@ -218,7 +218,7 @@ typedef struct SMTPConfig {
 static SMTPConfig smtp_config = { 0, { 0, 0, 0, 0 } };
 
 /**
- * \brief Configure SMTP Mime Decoder by parsing out 'smtp-mime' section of YAML
+ * \brief Configure SMTP Mime Decoder by parsing out mime section of YAML
  * config file
  *
  * \return none
@@ -229,7 +229,7 @@ static void SMTPConfigure(void) {
     int ret = 0, val;
     intmax_t imval;
 
-    ConfNode *config = ConfGetNode("smtp-mime");
+    ConfNode *config = ConfGetNode("app-layer.protocols.smtp.mime");
     if (config != NULL) {
 
         ret = ConfGetChildValueBool(config, "decode-mime", &val);
@@ -1171,7 +1171,7 @@ static int SMTPRegisterPatternsForProtocolDetection(void)
 }
 
 /**
- * \brief Register the SMPT Protocol parser.
+ * \brief Register the SMTP Protocol parser.
  */
 void RegisterSMTPParsers(void)
 {
diff --git a/suricata.yaml.in b/suricata.yaml.in
index 12230ff14d..29dacf4db0 100644
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -1159,6 +1159,25 @@ app-layer:
       enabled: yes
     smtp:
       enabled: yes
+      # Configure SMTP-MIME Decoder
+      mime:
+        # Decode MIME messages from SMTP transactions
+        # (may be resource intensive)
+        # This field supercedes all others because it turns the entire
+        # process on or off
+        decode-mime: yes
+
+        # Decode MIME entity bodies (ie. base64, quoted-printable, etc.)
+        decode-base64: yes
+        decode-quoted-printable: yes
+
+        # Maximum bytes per header data value stored in the data structure
+        # (default is 2000)
+        header-value-depth: 2000
+
+        # Extract URLs and save in state data structure
+        extract-urls: yes
+
     imap:
       enabled: detection-only
     msn:
@@ -1295,23 +1314,6 @@ app-layer:
            #    double-decode-path: no
            #    double-decode-query: no
 
-# Configure SMTP-MIME Decoder enhancements
-smtp-mime:
-
-  # Decode MIME messages from SMTP transactions (may be resource intensive)
-  # This field supercedes all others because it turns the entire process on or off
-  decode-mime: yes
-
-  # Decode MIME entity bodies (ie. base64, quoted-printable, etc.)
-  decode-base64: yes
-  decode-quoted-printable: yes
-
-  # Maximum bytes per header data value stored in the data structure (default is 2000)
-  header-value-depth: 2000
-
-  # Extract URLs and save in state data structure
-  extract-urls: yes
-
 # Profiling settings. Only effective if Suricata has been built with the
 # the --enable-profiling configure flag.
 #