Content-Length: 279408 | pFad | http://github.com/OISF/suricata/commit/671986d66f384ef36770823f0df4e76e32235289

80 detect: reuse hook based generic lists · OISF/suricata@671986d · GitHub
Skip to content

Commit

Permalink
detect: reuse hook based generic lists
Browse files Browse the repository at this point in the history
  • Loading branch information
@victorjulien
victorjulien committed Jan 20, 2025
1 parent 274f2e4 commit 671986d
Show file tree
Hide file tree
Showing 3 changed files with 2 additions and 18 deletions.
10 changes: 0 additions & 10 deletions src/detect-dns-query.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,16 +115,6 @@ void DetectDnsQueryRegister (void)
DetectBufferTypeSupportsMultiInstance("dns_query");

g_dns_query_buffer_id = DetectBufferTypeGetByName("dns_query");

/* register these generic engines from here for now */
DetectAppLayerInspectEngineRegister(
"dns_request", ALPROTO_DNS, SIG_FLAG_TOSERVER, 1, DetectEngineInspectGenericList, NULL);
DetectAppLayerInspectEngineRegister("dns_response", ALPROTO_DNS, SIG_FLAG_TOCLIENT, 1,
DetectEngineInspectGenericList, NULL);

DetectBufferTypeSetDescriptionByName("dns_request",
"dns requests");
DetectBufferTypeSetDescriptionByName("dns_response", "dns responses");
}


Expand Down
5 changes: 1 addition & 4 deletions src/detect-tls-cert-validity.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,10 +123,7 @@ void DetectTlsValidityRegister (void)

DetectSetupParseRegexes(PARSE_REGEX, &parse_regex);

DetectAppLayerInspectEngineRegister("tls_validity", ALPROTO_TLS, SIG_FLAG_TOCLIENT,
TLS_STATE_SERVER_CERT_DONE, DetectEngineInspectGenericList, NULL);

g_tls_validity_buffer_id = DetectBufferTypeGetByName("tls_validity");
g_tls_validity_buffer_id = DetectBufferTypeGetByName("tls:server_cert_done:generic");
}

/**
Expand Down
5 changes: 1 addition & 4 deletions src/detect-tls-certs.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,7 @@ static int DetectTlsCertsSetup(DetectEngineCtx *de_ctx, Signature *s,
}

static int g_tls_cert_buffer_id = 0;
#define BUFFER_NAME "tls_validity"
#define BUFFER_NAME "tls:server_cert_done:generic"
#define KEYWORD_ID DETECT_AL_TLS_CHAIN_LEN
#define KEYWORD_NAME "tls.cert_chain_len"
#define KEYWORD_DESC "match TLS certificate chain length"
Expand Down Expand Up @@ -252,9 +252,6 @@ void DetectTlsCertChainLenRegister(void)
sigmatch_table[KEYWORD_ID].Setup = DetectTLSCertChainLenSetup;
sigmatch_table[KEYWORD_ID].Free = DetectTLSCertChainLenFree;

DetectAppLayerInspectEngineRegister(BUFFER_NAME, ALPROTO_TLS, SIG_FLAG_TOCLIENT,
TLS_STATE_SERVER_CERT_DONE, DetectEngineInspectGenericList, NULL);

g_tls_cert_buffer_id = DetectBufferTypeGetByName(BUFFER_NAME);
}

Expand Down

0 comments on commit 671986d

Please sign in to comment.








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: http://github.com/OISF/suricata/commit/671986d66f384ef36770823f0df4e76e32235289

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy