suricata
detect-tls-cert-validity.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  DetectTlsValidityData_
 

Macros

#define DETECT_TLS_VALIDITY_EQ   (1) /* equal */
 
#define DETECT_TLS_VALIDITY_LT   (1<<1) /* less than */
 
#define DETECT_TLS_VALIDITY_GT   (1<<2) /* greater than */
 
#define DETECT_TLS_VALIDITY_RA   (1<<3) /* range */
 
#define DETECT_TLS_VALIDITY_EX   (1<<4) /* expired */
 
#define DETECT_TLS_VALIDITY_VA   (1<<5) /* valid */
 
#define DETECT_TLS_TYPE_NOTBEFORE   0
 
#define DETECT_TLS_TYPE_NOTAFTER   1
 

Typedefs

typedef struct DetectTlsValidityData_ DetectTlsValidityData
 

Functions

void DetectTlsValidityRegister (void)
 Registration function for tls validity keywords. More...
 

Detailed Description

Macro Definition Documentation

#define DETECT_TLS_TYPE_NOTAFTER   1

Definition at line 39 of file detect-tls-cert-validity.h.

Referenced by DetectTlsValidityRegister().

#define DETECT_TLS_TYPE_NOTBEFORE   0

Definition at line 38 of file detect-tls-cert-validity.h.

Referenced by DetectTlsValidityRegister().

#define DETECT_TLS_VALIDITY_EQ   (1) /* equal */

Definition at line 27 of file detect-tls-cert-validity.h.

Referenced by DetectTlsValidityRegister().

#define DETECT_TLS_VALIDITY_EX   (1<<4) /* expired */

Definition at line 33 of file detect-tls-cert-validity.h.

Referenced by DetectTlsValidityRegister().

#define DETECT_TLS_VALIDITY_GT   (1<<2) /* greater than */

Definition at line 29 of file detect-tls-cert-validity.h.

Referenced by DetectTlsValidityRegister().

#define DETECT_TLS_VALIDITY_LT   (1<<1) /* less than */

Definition at line 28 of file detect-tls-cert-validity.h.

Referenced by DetectTlsValidityRegister().

#define DETECT_TLS_VALIDITY_RA   (1<<3) /* range */

Definition at line 30 of file detect-tls-cert-validity.h.

Referenced by DetectTlsValidityRegister().

#define DETECT_TLS_VALIDITY_VA   (1<<5) /* valid */

Definition at line 36 of file detect-tls-cert-validity.h.

Referenced by DetectTlsValidityRegister().

Typedef Documentation

Function Documentation

void DetectTlsValidityRegister ( void  )

Registration function for tls validity keywords.

Definition at line 88 of file detect-tls-cert-validity.c.

References ALPROTO_TLS, SigTableElmt_::AppLayerTxMatch, SSLStateConnp_::cert0_not_after, SSLStateConnp_::cert0_not_before, SSLState_::client_connp, SigMatch_::ctx, SigTableElmt_::desc, DETECT_AL_TLS_EXPIRED, DETECT_AL_TLS_NOTAFTER, DETECT_AL_TLS_NOTBEFORE, DETECT_AL_TLS_VALID, DETECT_TLS_TYPE_NOTAFTER, DETECT_TLS_TYPE_NOTBEFORE, DETECT_TLS_VALIDITY_EQ, DETECT_TLS_VALIDITY_EX, DETECT_TLS_VALIDITY_GT, DETECT_TLS_VALIDITY_LT, DETECT_TLS_VALIDITY_RA, DETECT_TLS_VALIDITY_VA, DetectAppLayerInspectEngineRegister(), DetectBufferTypeGetByName(), DetectEngineInspectGenericList(), DetectSetupParseRegexes(), DetectSignatureSetAppProto(), DOC_URL, DOC_VERSION, DetectTlsValidityData_::epoch, DetectTlsValidityData_::epoch2, flags, SigTableElmt_::flags, SigTableElmt_::Free, Flow_::lastts, MAX_SUBSTRINGS, DetectTlsValidityData_::mode, SigTableElmt_::name, PARSE_REGEX, SigTableElmt_::RegisterTests, res, SC_ERR_INVALID_ARGUMENT, SC_ERR_PCRE_GET_SUBSTRING, SC_ERR_PCRE_MATCH, SCCalloc, SCEnter, SCFree, SCLogDebug, SCLogError, SCMalloc, SCMkTimeUtc(), SCReturnInt, SCStringPatternToTime(), SSLState_::server_connp, SigTableElmt_::Setup, SIG_FLAG_TOCLIENT, SIGMATCH_NOOPT, sigmatch_table, SigMatchAlloc(), SigMatchAppendSMToList(), STREAM_TOSERVER, strlcpy(), TLS_STATE_CERT_READY, TlsExpiredRegisterTests(), TlsNotAfterRegisterTests(), TlsNotBeforeRegisterTests(), TlsValidRegisterTests(), tx_id, DetectTlsValidityData_::type, SigMatch_::type, type, unlikely, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the call graph for this function:

Here is the caller graph for this function: