Go to the documentation of this file.
96 static int g_http2_match_buffer_id = 0;
97 static int g_http2_header_name_buffer_id = 0;
178 HTTP2StateOpen, SCHttp2TxGetHeaderName, 2);
180 HTTP2StateOpen, SCHttp2TxGetHeaderName, 2);
184 "HTTP2 header name");
206 uint8_t *detect = (uint8_t *)
ctx;
208 return SCHttp2TxHasFrametype(txv,
flags, *detect);
211 static int DetectHTTP2FuncParseFrameType(
const char *
str, uint8_t *ft)
219 int r = SCHttp2ParseFrametype(
str);
220 if (r >= 0 && r <= UINT8_MAX) {
245 if (!DetectHTTP2FuncParseFrameType(
str, &frame_type)) {
246 SCLogError(
"Invalid argument \"%s\" supplied to http2.frametype keyword.",
str);
250 uint8_t *http2ft =
SCCalloc(1,
sizeof(uint8_t));
253 *http2ft = frame_type;
256 g_http2_match_buffer_id) == NULL) {
285 uint32_t *detect = (uint32_t *)
ctx;
287 return SCHttp2TxHasErrorCode(txv,
flags, *detect);
291 static int DetectHTTP2FuncParseErrorCode(
const char *
str, uint32_t *ec)
299 int r = SCHttp2ParseErrorCode(
str);
325 if (!DetectHTTP2FuncParseErrorCode(
str, &error_code)) {
326 SCLogError(
"Invalid argument \"%s\" supplied to http2.errorcode keyword.",
str);
330 uint32_t *http2ec =
SCCalloc(1,
sizeof(uint32_t));
333 *http2ec = error_code;
336 g_http2_match_buffer_id) == NULL) {
366 int value = SCHttp2TxGetNextPriority(txv,
flags, nb);
373 value = SCHttp2TxGetNextPriority(txv,
flags, nb);
398 g_http2_match_buffer_id) == NULL) {
399 SCDetectU8Free(prio);
428 int value = SCHttp2TxGetNextWindow(txv,
flags, nb);
435 value = SCHttp2TxGetNextWindow(txv,
flags, nb);
460 g_http2_match_buffer_id) == NULL) {
475 SCDetectU32Free(ptr);
489 return SCHttp2DetectSizeUpdateCtxMatch(
ctx, txv,
flags);
507 void *su = SCDetectU64Parse(
str);
512 g_http2_match_buffer_id) == NULL) {
527 SCDetectU64Free(ptr);
541 return SCHttp2DetectSettingsCtxMatch(
ctx, txv,
flags);
559 void *http2set = SCHttp2DetectSettingsCtxParse(
str);
560 if (http2set == NULL)
564 g_http2_match_buffer_id) == NULL) {
579 SCHttp2DetectSettingsCtxFree(ptr);
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
#define SIGMATCH_INFO_STICKY_BUFFER
void DetectHTTP2priorityRegisterTests(void)
int DetectU32Match(const uint32_t parg, const DetectUintData_u32 *du32)
SigTableElmt * sigmatch_table
void(* Free)(DetectEngineCtx *, void *)
void DetectHTTP2RegisterTests(void)
DetectUintData_u32 * DetectU32Parse(const char *u32str)
This function is used to parse u32 options passed via some u32 keyword.
void DetectHTTP2priorityFree(DetectEngineCtx *, void *)
this function will free memory associated with uint32_t
main detection engine ctx
@ DETECT_HTTP2_SIZEUPDATE
void DetectBufferTypeSupportsMultiInstance(const char *name)
int(* AppLayerTxMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, void *alstate, void *txv, const Signature *, const SigMatchCtx *)
int ByteExtractStringUint32(uint32_t *res, int base, size_t len, const char *str)
void DetectHTTP2sizeUpdateFree(DetectEngineCtx *, void *)
this function will free memory associated with uint32_t
@ DETECT_HTTP2_HEADERNAME
int SCDetectBufferSetActiveList(DetectEngineCtx *de_ctx, Signature *s, const int list)
#define SIG_FLAG_TOCLIENT
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
int DetectBufferTypeGetByName(const char *name)
DetectUintData_u8 * DetectU8Parse(const char *u8str)
This function is used to parse u8 options passed via some u8 keyword.
#define SIG_FLAG_TOSERVER
void DetectHTTP2sizeUpdateRegisterTests(void)
void DetectHTTP2settingsFree(DetectEngineCtx *, void *)
this function will free memory associated with rust signature context
DetectUintData_u8 DetectU8Data
void DetectHTTP2settingsRegisterTests(void)
int(* Match)(DetectEngineThreadCtx *, Packet *, const Signature *, const SigMatchCtx *)
void DetectHTTP2windowRegisterTests(void)
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
int ByteExtractStringUint8(uint8_t *res, int base, size_t len, const char *str)
int DetectU8Match(const uint8_t parg, const DetectUintData_u8 *du8)
int DetectBufferTypeRegister(const char *name)
void DetectHTTP2windowFree(DetectEngineCtx *, void *)
this function will free memory associated with uint32_t
DetectUintData_u32 DetectU32Data
void DetectHttp2Register(void)
Registration function for HTTP2 keywords.
uint8_t DetectEngineInspectGenericList(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Do the content inspection & validation for a signature.
#define SCLogError(...)
Macro used to log ERROR messages.
void DetectHTTP2errorCodeRegisterTests(void)
void DetectAppLayerInspectEngineRegister(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr Callback, InspectionBufferGetDataPtr GetData)
Registers an app inspection engine.
SigMatch * SigMatchAppendSMToList(DetectEngineCtx *de_ctx, Signature *s, uint16_t type, SigMatchCtx *ctx, const int list)
Append a SigMatch to the list type.
void DetectBufferTypeSetDescriptionByName(const char *name, const char *desc)
void DetectHTTP2frameTypeRegisterTests(void)
this function registers unit tests for DetectHTTP2frameType
void DetectHTTP2errorcodeFree(DetectEngineCtx *, void *)
this function will free memory associated with uint32_t
void DetectAppLayerMultiRegister(const char *name, AppProto alproto, uint32_t dir, int progress, InspectionMultiBufferGetDataPtr GetData, int priority)
void DetectHTTP2frametypeFree(DetectEngineCtx *, void *)
this function will free memory associated with uint8_t
void(* RegisterTests)(void)