|
suricata
|
|
suricata
|
#include "suricata-common.h"#include "threads.h"#include "debug.h"#include "decode.h"#include "detect.h"#include "detect-parse.h"#include "detect-engine.h"#include "detect-engine-mpm.h"#include "detect-content.h"#include "detect-pcre.h"#include "detect-tls-cert-validity.h"#include "flow.h"#include "flow-util.h"#include "flow-var.h"#include "stream-tcp.h"#include "app-layer.h"#include "app-layer-ssl.h"#include "util-time.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "tests/detect-tls-cert-validity.c"
Go to the source code of this file.
Macros | |
| #define | PARSE_REGEX "^\\s*(<|>)?\\s*([ -:TW0-9]+)\\s*(?:(<>)\\s*([ -:TW0-9]+))?\\s*$" |
| #define | MAX_SUBSTRINGS 30 |
Functions | |
| void | DetectTlsValidityRegister (void) |
| Registration function for tls validity keywords. More... | |
Implements tls certificate validity keywords
Definition in file detect-tls-cert-validity.c.
| #define MAX_SUBSTRINGS 30 |
Referenced by DetectTlsValidityRegister().
| #define PARSE_REGEX "^\\s*(<|>)?\\s*([ -:TW0-9]+)\\s*(?:(<>)\\s*([ -:TW0-9]+))?\\s*$" |
[tls_notbefore|tls_notafter]:[<|>]<date string>="">[<><date string>="">];
Definition at line 55 of file detect-tls-cert-validity.c.
Referenced by DetectTlsValidityRegister().
| void DetectTlsValidityRegister | ( | void | ) |
Registration function for tls validity keywords.
Definition at line 88 of file detect-tls-cert-validity.c.
References ALPROTO_TLS, SigTableElmt_::AppLayerTxMatch, SSLStateConnp_::cert0_not_after, SSLStateConnp_::cert0_not_before, SSLState_::client_connp, SigMatch_::ctx, SigTableElmt_::desc, DETECT_AL_TLS_EXPIRED, DETECT_AL_TLS_NOTAFTER, DETECT_AL_TLS_NOTBEFORE, DETECT_AL_TLS_VALID, DETECT_TLS_TYPE_NOTAFTER, DETECT_TLS_TYPE_NOTBEFORE, DETECT_TLS_VALIDITY_EQ, DETECT_TLS_VALIDITY_EX, DETECT_TLS_VALIDITY_GT, DETECT_TLS_VALIDITY_LT, DETECT_TLS_VALIDITY_RA, DETECT_TLS_VALIDITY_VA, DetectAppLayerInspectEngineRegister(), DetectBufferTypeGetByName(), DetectEngineInspectGenericList(), DetectSetupParseRegexes(), DetectSignatureSetAppProto(), DOC_URL, DOC_VERSION, DetectTlsValidityData_::epoch, DetectTlsValidityData_::epoch2, flags, SigTableElmt_::flags, SigTableElmt_::Free, Flow_::lastts, MAX_SUBSTRINGS, DetectTlsValidityData_::mode, SigTableElmt_::name, PARSE_REGEX, SigTableElmt_::RegisterTests, res, SC_ERR_INVALID_ARGUMENT, SC_ERR_PCRE_GET_SUBSTRING, SC_ERR_PCRE_MATCH, SCCalloc, SCEnter, SCFree, SCLogDebug, SCLogError, SCMalloc, SCMkTimeUtc(), SCReturnInt, SCStringPatternToTime(), SSLState_::server_connp, SigTableElmt_::Setup, SIG_FLAG_TOCLIENT, SIGMATCH_NOOPT, sigmatch_table, SigMatchAlloc(), SigMatchAppendSMToList(), STREAM_TOSERVER, strlcpy(), TLS_STATE_CERT_READY, TlsExpiredRegisterTests(), TlsNotAfterRegisterTests(), TlsNotBeforeRegisterTests(), TlsValidRegisterTests(), tx_id, DetectTlsValidityData_::type, SigMatch_::type, type, unlikely, and SigTableElmt_::url.
Referenced by SigTableSetup().
1.8.11