Go to the documentation of this file.
60 static void DetectTlsCertsRegisterTests(
void);
71 static int g_tls_certs_buffer_id = 0;
101 DetectEngineInspectTlsCerts, NULL);
151 if (cbdata->
cert == NULL) {
156 if (cbdata->
cert == NULL) {
182 if (buffer == NULL || buffer->
inspect == NULL)
190 NULL, f, (uint8_t *)buffer->
inspect,
205 const void *pectx,
Packet *p,
Flow *f,
void *txv,
206 const uint64_t idx,
const uint8_t
flags)
212 const int list_id = ctx->
list_id;
219 f, &cbdata, list_id);
233 static void PrefilterMpmTlsCertsFree(
void *ptr)
251 mpm_reg->
app_v2.alproto, mpm_reg->
app_v2.tx_min_progress,
252 pectx, PrefilterMpmTlsCertsFree, mpm_reg->
name);
int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
SSLv[2.0|3.[0|1|2|3]] state structure.
#define SIGMATCH_INFO_STICKY_BUFFER
@ DETECT_ENGINE_CONTENT_INSPECTION_MODE_STATE
Container for matching data for a signature group.
struct HtpBodyChunk_ * next
SSLStateConnp server_connp
DetectEngineTransforms transforms
struct DetectBufferMpmRegistery_::@87::@89 app_v2
main detection engine ctx
#define TAILQ_EMPTY(head)
one time registration of keywords at start up
int DetectEngineContentInspection(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, const Signature *s, const SigMatchData *smd, Packet *p, Flow *f, const uint8_t *buffer, uint32_t buffer_len, uint32_t stream_start_offset, uint8_t flags, uint8_t inspection_mode)
Run the actual payload match functions.
#define SIG_FLAG_TOCLIENT
struct PrefilterMpmTlsCerts PrefilterMpmTlsCerts
int(* Setup)(DetectEngineCtx *, Signature *, const char *)
struct DetectEngineAppInspectionEngine_::@84 v2
int DetectBufferTypeGetByName(const char *name)
#define TAILQ_FIRST(head)
#define DETECT_ENGINE_INSPECT_SIG_MATCH
void DetectAppLayerInspectEngineRegister2(const char *name, AppProto alproto, uint32_t dir, int progress, InspectEngineFuncPtr2 Callback2, InspectionBufferGetDataPtr GetData)
register inspect engine at start up time
#define SCReturnPtr(x, type)
void DetectTlsCertsRegister(void)
Registration function for keyword: tls.certs.
uint32_t(* Search)(const struct MpmCtx_ *, struct MpmThreadCtx_ *, PrefilterRuleStore *, const uint8_t *, uint32_t)
uint16_t discontinue_matching
void DetectAppLayerMpmRegister2(const char *name, int direction, int priority, int(*PrefilterRegister)(DetectEngineCtx *de_ctx, SigGroupHead *sgh, MpmCtx *mpm_ctx, const DetectBufferMpmRegistery *mpm_reg, int list_id), InspectionBufferGetDataPtr GetData, AppProto alproto, int tx_min_progress)
register a MPM engine
#define DETECT_CI_FLAGS_SINGLE
SigTableElmt sigmatch_table[DETECT_TBLSIZE]
int inspection_recursion_counter
#define TAILQ_NEXT(elm, field)
void InspectionBufferSetupMulti(InspectionBuffer *buffer, const DetectEngineTransforms *transforms, const uint8_t *data, const uint32_t data_len)
setup the buffer with our initial data
#define DETECT_ENGINE_INSPECT_SIG_NO_MATCH
int PrefilterAppendTxEngine(DetectEngineCtx *de_ctx, SigGroupHead *sgh, void(*PrefilterTxFunc)(DetectEngineThreadCtx *det_ctx, const void *pectx, Packet *p, Flow *f, void *tx, const uint64_t idx, const uint8_t flags), AppProto alproto, int tx_min_progress, void *pectx, void(*FreeFunc)(void *pectx), const char *name)
const DetectEngineTransforms * transforms
const DetectEngineTransforms * transforms
MpmTableElmt mpm_table[MPM_TABLE_SIZE]
InspectionBuffer * InspectionBufferMultipleForListGet(DetectEngineThreadCtx *det_ctx, const int list_id, const uint32_t local_id)
for a InspectionBufferMultipleForList get a InspectionBuffer
int DetectBufferSetActiveList(Signature *s, const int list)
void DetectBufferTypeSetDescriptionByName(const char *name, const char *desc)
void(* RegisterTests)(void)