|
suricata
|
|
suricata
|
#include "suricata-common.h"#include "threads.h"#include "debug.h"#include "decode.h"#include "detect.h"#include "detect-parse.h"#include "detect-engine.h"#include "detect-engine-mpm.h"#include "detect-engine-state.h"#include "flow.h"#include "flow-var.h"#include "flow-util.h"#include "util-debug.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "app-layer.h"#include "app-layer-ssl.h"#include "detect-tls.h"#include "stream-tcp.h"
Go to the source code of this file.
Macros | |
| #define | PARSE_REGEX "^([A-z0-9\\s\\-\\.=,\\*@]+|\"[A-z0-9\\s\\-\\.=,\\*@]+\")\\s*$" |
| Regex for parsing "id" option, matching number or "number". More... | |
| #define | PARSE_REGEX_FINGERPRINT "^([A-z0-9\\:\\*]+|\"[A-z0-9\\:\\* ]+\")\\s*$" |
| #define | MAX_SUBSTRINGS 30 |
| #define | MAX_SUBSTRINGS 30 |
| #define | MAX_SUBSTRINGS 30 |
Functions | |
| void | DetectTlsRegister (void) |
| Registration function for keyword: tls.version. More... | |
Implements the tls.* keywords
Definition in file detect-tls.c.
| #define MAX_SUBSTRINGS 30 |
Referenced by DetectTlsRegister().
| #define MAX_SUBSTRINGS 30 |
| #define MAX_SUBSTRINGS 30 |
| #define PARSE_REGEX "^([A-z0-9\\s\\-\\.=,\\*@]+|\"[A-z0-9\\s\\-\\.=,\\*@]+\")\\s*$" |
Regex for parsing "id" option, matching number or "number".
Definition at line 67 of file detect-tls.c.
Referenced by DetectTlsRegister().
| #define PARSE_REGEX_FINGERPRINT "^([A-z0-9\\:\\*]+|\"[A-z0-9\\:\\* ]+\")\\s*$" |
Definition at line 68 of file detect-tls.c.
Referenced by DetectTlsRegister().
| void DetectTlsRegister | ( | void | ) |
Registration function for keyword: tls.version.
Definition at line 116 of file detect-tls.c.
References SigTableElmt_::alias, ALPROTO_TLS, SigTableElmt_::AppLayerTxMatch, SSLStateConnp_::cert0_fingerprint, SSLStateConnp_::cert0_issuerdn, SSLStateConnp_::cert0_subject, SSLStateConnp_::cert_log_flag, SSLState_::client_connp, SigMatch_::ctx, SigTableElmt_::desc, DETECT_AL_TLS_FINGERPRINT, DETECT_AL_TLS_ISSUERDN, DETECT_AL_TLS_STORE, DETECT_AL_TLS_SUBJECT, DETECT_CONTENT_NEGATED, DETECT_SM_LIST_POSTMATCH, DetectAppLayerInspectEngineRegister(), DetectBufferTypeRegister(), DetectSetupParseRegexes(), DetectSignatureSetAppProto(), DOC_URL, DOC_VERSION, DetectTlsData_::fingerprint, DetectTlsData_::flags, flags, Signature_::flags, SigTableElmt_::flags, Packet_::flow, FlowGetAppState(), SigTableElmt_::Free, Signature_::init_data, DetectTlsData_::issuerdn, m, SigTableElmt_::Match, MAX_SUBSTRINGS, SigTableElmt_::name, SignatureInitData_::negated, PARSE_REGEX, PARSE_REGEX_FINGERPRINT, SigTableElmt_::RegisterTests, res, SC_ERR_MEM_ALLOC, SC_ERR_PCRE_GET_SUBSTRING, SC_ERR_PCRE_MATCH, SCEnter, SCFree, SCLogDebug, SCLogError, SCMalloc, SCReturnInt, SCStrdup, SSLState_::server_connp, SigTableElmt_::Setup, SIG_FLAG_TLSSTORE, SIG_FLAG_TOCLIENT, SIGMATCH_HANDLE_NEGATION, SIGMATCH_NOOPT, SIGMATCH_QUOTES_MANDATORY, sigmatch_table, SigMatchAlloc(), SigMatchAppendSMToList(), SSL_TLS_LOG_PEM, str, STREAM_TOSERVER, DetectTlsData_::subject, TLS_STATE_CERT_READY, SigMatch_::type, unlikely, and SigTableElmt_::url.
Referenced by SigTableSetup().
1.8.11