Go to the documentation of this file.
40 static int g_krb5_sname_buffer_id = 0;
72 const uint8_t *b = NULL;
74 if (rs_krb5_tx_get_sname(cbdata->
txv, cbdata->
local_id, &b, &b_len) != 1) {
78 if (b == NULL || b_len == 0) {
91 void *alstate,
void *txv, uint64_t tx_id)
93 uint32_t local_id = 0;
103 GetKrb5SNameData(det_ctx, transforms, f, &cbdata, engine->
sm_list);
104 if (buffer == NULL || buffer->
inspect == NULL)
139 const int list_id = ctx->
list_id;
141 uint32_t local_id = 0;
161 static void PrefilterMpmKrb5NameFree(
void *ptr)
177 mpm_reg->
app_v2.alproto, mpm_reg->
app_v2.tx_min_progress,
178 pectx, PrefilterMpmKrb5NameFree, mpm_reg->
name);
197 "Kerberos 5 ticket server name");
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
#define SIGMATCH_INFO_STICKY_BUFFER
Container for matching data for a signature group.
int DetectBufferSetActiveList(DetectEngineCtx *de_ctx, Signature *s, const int list)
main detection engine ctx
void DetectBufferTypeSupportsMultiInstance(const char *name)
one time registration of keywords at start up
struct DetectBufferMpmRegistry_::@88::@90 app_v2
#define SIG_FLAG_TOCLIENT
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
DetectEngineTransforms transforms
int DetectBufferTypeGetByName(const char *name)
void InspectionBufferSetupMultiEmpty(InspectionBuffer *buffer)
setup the buffer empty
#define DETECT_ENGINE_INSPECT_SIG_MATCH
@ DETECT_ENGINE_CONTENT_INSPECTION_MODE_STATE
void DetectAppLayerMpmRegister(const char *name, int direction, int priority, PrefilterRegisterFunc PrefilterRegister, InspectionBufferGetDataPtr GetData, AppProto alproto, int tx_min_progress)
register a MPM engine
#define SCReturnPtr(x, type)
Data structures and function prototypes for keeping state for the detection engine.
uint32_t(* Search)(const struct MpmCtx_ *, struct MpmThreadCtx_ *, PrefilterRuleStore *, const uint8_t *, uint32_t)
struct DetectEngineAppInspectionEngine_::@85 v2
const DetectEngineTransforms * transforms
struct AppLayerTxData AppLayerTxData
#define PREFILTER_PROFILING_ADD_BYTES(det_ctx, bytes)
#define DETECT_CI_FLAGS_SINGLE
void DetectKrb5SNameRegister(void)
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
void InspectionBufferSetupMulti(InspectionBuffer *buffer, const DetectEngineTransforms *transforms, const uint8_t *data, const uint32_t data_len)
setup the buffer with our initial data
int PrefilterAppendTxEngine(DetectEngineCtx *de_ctx, SigGroupHead *sgh, PrefilterTxFn PrefilterTxFunc, AppProto alproto, int tx_min_progress, void *pectx, void(*FreeFunc)(void *pectx), const char *name)
#define DETECT_ENGINE_INSPECT_SIG_NO_MATCH
const DetectEngineTransforms * transforms
MpmTableElmt mpm_table[MPM_TABLE_SIZE]
InspectionBuffer * InspectionBufferMultipleForListGet(DetectEngineThreadCtx *det_ctx, const int list_id, const uint32_t local_id)
for a InspectionBufferMultipleForList get a InspectionBuffer
struct PrefilterMpmKrb5Name PrefilterMpmKrb5Name
void DetectAppLayerInspectEngineRegister(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr Callback, InspectionBufferGetDataPtr GetData)
register inspect engine at start up time
bool DetectEngineContentInspectionBuffer(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const Signature *s, const SigMatchData *smd, Packet *p, Flow *f, const InspectionBuffer *b, const enum DetectContentInspectionType inspection_mode)
wrapper around DetectEngineContentInspectionInternal to return true/false only
void DetectBufferTypeSetDescriptionByName(const char *name, const char *desc)