Go to the documentation of this file.
39 #define PARSE_REGEX "^\\s*([A-z0-9\\.]+|\"[A-z0-9_\\.]+\")\\s*$"
44 uint8_t,
void *,
void *,
const Signature *,
49 static void DetectKrb5ErrCodeRegisterTests (
void);
52 static int g_krb5_err_code_list_id = 0;
82 SCLogDebug(
"g_krb5_err_code_list_id %d", g_krb5_err_code_list_id);
107 ret = rs_krb5_tx_get_errcode(
txv, &err_code);
132 pcre2_match_data *match = NULL;
135 SCLogError(
"parse error, ret %" PRId32
"", ret);
139 pcre2len =
sizeof(arg1);
140 res = pcre2_substring_copy_bynumber(match, 1, (PCRE2_UCHAR8 *)arg1, &pcre2len);
142 SCLogError(
"pcre2_substring_copy_bynumber failed");
150 (
const char *)arg1) < 0) {
153 pcre2_match_data_free(match);
158 pcre2_match_data_free(match);
184 krb5d = DetectKrb5ErrCodeParse(krb5str);
193 sm->
ctx = (
void *)krb5d;
201 DetectKrb5ErrCodeFree(
de_ctx, krb5d);
223 static int DetectKrb5ErrCodeParseTest01 (
void)
228 DetectKrb5ErrCodeFree(NULL, krb5d);
232 static int DetectKrb5ErrCodeSignatureTest01 (
void)
247 static void DetectKrb5ErrCodeRegisterTests(
void)
249 UtRegisterTest(
"DetectKrb5ErrCodeParseTest01", DetectKrb5ErrCodeParseTest01);
251 DetectKrb5ErrCodeSignatureTest01);
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
#define FAIL_IF_NULL(expr)
Fail a test if expression evaluates to NULL.
void SigMatchAppendSMToList(Signature *s, SigMatch *new, const int list)
Append a SigMatch to the list type.
void(* Free)(DetectEngineCtx *, void *)
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
main detection engine ctx
void DetectEngineCtxFree(DetectEngineCtx *)
Free a DetectEngineCtx::
int(* AppLayerTxMatch)(DetectEngineThreadCtx *, Flow *, uint8_t flags, void *alstate, void *txv, const Signature *, const SigMatchCtx *)
int DetectParsePcreExec(DetectParseRegex *parse_regex, pcre2_match_data **match, const char *str, int start_offset, int options)
int StringParseInt32(int32_t *res, int base, size_t len, const char *str)
Signature * DetectEngineAppendSig(DetectEngineCtx *, const char *)
Parse and append a Signature into the Detection Engine Context signature list.
#define SIG_FLAG_TOCLIENT
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
#define SIG_FLAG_TOSERVER
#define PASS
Pass the test.
void DetectKrb5ErrCodeRegister(void)
Registration function for krb5_err_code: keyword.
void DetectSetupParseRegexes(const char *parse_str, DetectParseRegex *detect_parse)
#define PARSE_REGEX
Regex for parsing our keyword options.
void DetectAppLayerInspectEngineRegister2(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr2 Callback2, InspectionBufferGetDataPtr GetData)
register inspect engine at start up time
int(* Match)(DetectEngineThreadCtx *, Packet *, const Signature *, const SigMatchCtx *)
SigMatch * SigMatchAlloc(void)
Used to start a pointer to SigMatch context Should never be dereferenced without casting to something...
#define FAIL_IF(expr)
Fail a test if expression evaluates to true.
int DetectBufferTypeRegister(const char *name)
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
uint8_t DetectEngineInspectGenericList(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
Do the content inspection & validation for a signature.
#define SCLogError(...)
Macro used to log ERROR messages.
a single match condition for a signature
DetectEngineCtx * DetectEngineCtxInit(void)
void(* RegisterTests)(void)