suricata
detect-tls-certs.c File Reference
#include "suricata-common.h"
#include "threads.h"
#include "decode.h"
#include "detect.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-mpm.h"
#include "detect-engine-prefilter.h"
#include "detect-engine-content-inspection.h"
#include "detect-content.h"
#include "detect-pcre.h"
#include "detect-tls-certs.h"
#include "detect-engine-uint.h"
#include "flow.h"
#include "flow-util.h"
#include "flow-var.h"
#include "util-debug.h"
#include "util-spm.h"
#include "util-print.h"
#include "stream-tcp.h"
#include "app-layer.h"
#include "app-layer-ssl.h"
#include "util-profiling.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "tests/detect-tls-certs.c"
Include dependency graph for detect-tls-certs.c:

Go to the source code of this file.

Data Structures

struct  TlsCertsGetDataArgs
 
struct  PrefilterMpmTlsCerts
 

Macros

#define BUFFER_NAME   "tls_validity"
 
#define KEYWORD_ID   DETECT_AL_TLS_CHAIN_LEN
 
#define KEYWORD_NAME   "tls.cert_chain_len"
 
#define KEYWORD_DESC   "match TLS certificate chain length"
 
#define KEYWORD_URL   "/rules/tls-keywords.html#tls-cert-chain-len"
 

Typedefs

typedef struct PrefilterMpmTlsCerts PrefilterMpmTlsCerts
 

Functions

void DetectTlsCertsRegister (void)
 Registration function for keyword: tls.certs. More...
 
void DetectTlsCertChainLenRegister (void)
 

Detailed Description

Author
Mats Klepsland mats..nosp@m.klep.nosp@m.sland.nosp@m.@gma.nosp@m.il.co.nosp@m.m

Implements support for tls.certs keyword.

Definition in file detect-tls-certs.c.

Macro Definition Documentation

◆ BUFFER_NAME

#define BUFFER_NAME   "tls_validity"

Definition at line 253 of file detect-tls-certs.c.

◆ KEYWORD_DESC

#define KEYWORD_DESC   "match TLS certificate chain length"

Definition at line 256 of file detect-tls-certs.c.

◆ KEYWORD_ID

#define KEYWORD_ID   DETECT_AL_TLS_CHAIN_LEN

Definition at line 254 of file detect-tls-certs.c.

◆ KEYWORD_NAME

#define KEYWORD_NAME   "tls.cert_chain_len"

Definition at line 255 of file detect-tls-certs.c.

◆ KEYWORD_URL

#define KEYWORD_URL   "/rules/tls-keywords.html#tls-cert-chain-len"

Definition at line 257 of file detect-tls-certs.c.

Typedef Documentation

◆ PrefilterMpmTlsCerts

Function Documentation

◆ DetectTlsCertChainLenRegister()

void DetectTlsCertChainLenRegister ( void  )

Definition at line 343 of file detect-tls-certs.c.

References SigTableElmt_::AppLayerTxMatch, SigTableElmt_::desc, KEYWORD_DESC, KEYWORD_ID, KEYWORD_NAME, KEYWORD_URL, SigTableElmt_::name, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the caller graph for this function:

◆ DetectTlsCertsRegister()

void DetectTlsCertsRegister ( void  )

Registration function for keyword: tls.certs.

Definition at line 85 of file detect-tls-certs.c.

References SigTableElmt_::desc, DETECT_AL_TLS_CERTS, SigTableElmt_::name, SigTableElmt_::Setup, sigmatch_table, and SigTableElmt_::url.

Referenced by SigTableSetup().

Here is the caller graph for this function: