61 static bool DetectHttpRawHeaderValidateCallback(
const Signature *s,
const char **sigerror);
62 static int g_http_raw_header_buffer_id = 0;
65 const uint8_t flow_flags,
void *txv,
const int list_id);
106 PrefilterMpmHttpHeaderRawRequestRegister, NULL,
ALPROTO_HTTP1,
109 PrefilterMpmHttpHeaderRawResponseRegister, NULL,
ALPROTO_HTTP1,
126 DetectHttpRawHeaderValidateCallback);
168 static bool DetectHttpRawHeaderValidateCallback(
const Signature *s,
const char **sigerror)
171 *sigerror =
"http_raw_header signature "
172 "without a flow direction. Use flow:to_server for "
173 "inspecting request headers or flow:to_client for "
174 "inspecting response headers.";
184 const uint8_t flow_flags,
void *txv,
const int list_id)
188 htp_tx_t *tx = (htp_tx_t *)txv;
194 const bool ts = ((flow_flags & STREAM_TOSERVER) != 0);
195 const uint8_t *data =
ts ?
199 const uint32_t data_len =
ts ?
216 const uint8_t *b = NULL;
218 if (rs_http2_tx_get_headers_raw(txv, flow_flags, &b, &b_len) != 1)
220 if (b == NULL || b_len == 0)
253 const int list_id = ctx->
list_id;
256 flags, txv, list_id);
261 const uint8_t *data = buffer->
inspect;
266 if (data != NULL && data_len >= mpm_ctx->
minlen) {
268 &det_ctx->
mtcu, &det_ctx->
pmq, data, data_len);
286 PrefilterMpmHttpHeaderRaw(det_ctx, pectx, p, f, txv, idx, _txd,
flags);
290 static void PrefilterMpmHttpHeaderRawFree(
void *ptr)
310 mpm_reg->
app_v2.alproto, HTP_REQUEST_HEADERS+1,
311 pectx, PrefilterMpmHttpHeaderRawFree, mpm_reg->
pname);
318 pectx =
SCCalloc(1,
sizeof(*pectx));
326 mpm_reg->
app_v2.alproto, HTP_REQUEST_TRAILER+1,
327 pectx, PrefilterMpmHttpHeaderRawFree, mpm_reg->
pname);
349 mpm_reg->
app_v2.alproto, HTP_RESPONSE_HEADERS,
350 pectx, PrefilterMpmHttpHeaderRawFree, mpm_reg->
pname);
357 pectx =
SCCalloc(1,
sizeof(*pectx));
365 mpm_reg->
app_v2.alproto, HTP_RESPONSE_TRAILER,
366 pectx, PrefilterMpmHttpHeaderRawFree, mpm_reg->
pname);