suricata
|
#include "suricata-common.h"
#include "threads.h"
#include "debug.h"
#include "decode.h"
#include "detect.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "detect-engine-mpm.h"
#include "detect-engine-state.h"
#include "flow.h"
#include "flow-var.h"
#include "flow-util.h"
#include "util-debug.h"
#include "util-unittest.h"
#include "util-unittest-helper.h"
#include "app-layer.h"
#include "app-layer-ssl.h"
#include "detect-tls.h"
#include "stream-tcp.h"
Go to the source code of this file.
Macros | |
#define | PARSE_REGEX "^([A-z0-9\\s\\-\\.=,\\*@]+|\"[A-z0-9\\s\\-\\.=,\\*@]+\")\\s*$" |
Regex for parsing "id" option, matching number or "number". More... | |
#define | PARSE_REGEX_FINGERPRINT "^([A-z0-9\\:\\*]+|\"[A-z0-9\\:\\* ]+\")\\s*$" |
#define | MAX_SUBSTRINGS 30 |
#define | MAX_SUBSTRINGS 30 |
#define | MAX_SUBSTRINGS 30 |
Functions | |
void | DetectTlsRegister (void) |
Registration function for keyword: tls.version. More... | |
Implements the tls.* keywords
Definition in file detect-tls.c.
#define MAX_SUBSTRINGS 30 |
Referenced by DetectTlsRegister().
#define MAX_SUBSTRINGS 30 |
#define MAX_SUBSTRINGS 30 |
#define PARSE_REGEX "^([A-z0-9\\s\\-\\.=,\\*@]+|\"[A-z0-9\\s\\-\\.=,\\*@]+\")\\s*$" |
Regex for parsing "id" option, matching number or "number".
Definition at line 67 of file detect-tls.c.
Referenced by DetectTlsRegister().
#define PARSE_REGEX_FINGERPRINT "^([A-z0-9\\:\\*]+|\"[A-z0-9\\:\\* ]+\")\\s*$" |
Definition at line 68 of file detect-tls.c.
Referenced by DetectTlsRegister().
void DetectTlsRegister | ( | void | ) |
Registration function for keyword: tls.version.
Definition at line 116 of file detect-tls.c.
References SigTableElmt_::alias, ALPROTO_TLS, SigTableElmt_::alternative, SigTableElmt_::AppLayerTxMatch, SSLStateConnp_::cert0_fingerprint, SSLStateConnp_::cert0_issuerdn, SSLStateConnp_::cert0_subject, SSLStateConnp_::cert_log_flag, SSLState_::client_connp, SigMatch_::ctx, SigTableElmt_::desc, DETECT_AL_TLS_CERT_FINGERPRINT, DETECT_AL_TLS_CERT_ISSUER, DETECT_AL_TLS_CERT_SUBJECT, DETECT_AL_TLS_FINGERPRINT, DETECT_AL_TLS_ISSUERDN, DETECT_AL_TLS_STORE, DETECT_AL_TLS_SUBJECT, DETECT_CONTENT_NEGATED, DETECT_SM_LIST_POSTMATCH, DetectAppLayerInspectEngineRegister(), DetectBufferTypeRegister(), DetectSetupParseRegexes(), DetectSignatureSetAppProto(), DOC_URL, DOC_VERSION, DetectTlsData_::fingerprint, DetectTlsData_::flags, flags, Signature_::flags, SigTableElmt_::flags, Packet_::flow, FlowGetAppState(), SigTableElmt_::Free, Signature_::init_data, DetectTlsData_::issuerdn, m, SigTableElmt_::Match, MAX_SUBSTRINGS, SigTableElmt_::name, SignatureInitData_::negated, PARSE_REGEX, PARSE_REGEX_FINGERPRINT, SigTableElmt_::RegisterTests, res, SC_ERR_MEM_ALLOC, SC_ERR_PCRE_GET_SUBSTRING, SC_ERR_PCRE_MATCH, SCEnter, SCFree, SCLogDebug, SCLogError, SCMalloc, SCReturnInt, SCStrdup, SSLState_::server_connp, SigTableElmt_::Setup, SIG_FLAG_TLSSTORE, SIG_FLAG_TOCLIENT, SIGMATCH_HANDLE_NEGATION, SIGMATCH_NOOPT, SIGMATCH_QUOTES_MANDATORY, sigmatch_table, SigMatchAlloc(), SigMatchAppendSMToList(), SSL_TLS_LOG_PEM, str, STREAM_TOSERVER, DetectTlsData_::subject, TLS_STATE_CERT_READY, SigMatch_::type, unlikely, and SigTableElmt_::url.
Referenced by SigTableSetup().