ssl/tls: clean up keywords

8 years ago · 1cacba435b
parent 6ef4712cd6
commit 1cacba435b
3 changed files with 53 additions and 51 deletions
--- a/src/detect-ssl-state.c
+++ b/src/detect-ssl-state.c
@ -1,4 +1,4 @@
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2016 Open Information Security Foundation
 *
 * You can copy, redistribute or modify this Program under the terms of
 * the GNU General Public License version 2 as published by the Free
@ -63,8 +63,8 @@ static int DetectSslStateMatch(ThreadVars *, DetectEngineThreadCtx *,
        Flow *, uint8_t, void *,
        const Signature *, const SigMatchData *);
 static int DetectSslStateSetup(DetectEngineCtx *, Signature *, char *);
-void DetectSslStateRegisterTests(void);
-void DetectSslStateFree(void *);
+static void DetectSslStateRegisterTests(void);
+static void DetectSslStateFree(void *);

 /**
 * \brief Registers the keyword handlers for the "ssl_state" keyword.
@ -125,7 +125,7 @@ static int DetectSslStateMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx,
 * \retval ssd  Pointer to DetectSslStateData on succese.
 * \retval NULL On failure.
 */
-DetectSslStateData *DetectSslStateParse(char *arg)
+static DetectSslStateData *DetectSslStateParse(char *arg)
 {
 #define MAX_SUBSTRINGS 30
    int ret = 0, res = 0;
@ -274,11 +274,17 @@ error:
 * \retval  0 On success.
 * \retval -1 On failure.
 */
-int DetectSslStateSetup(DetectEngineCtx *de_ctx, Signature *s, char *arg)
+static int DetectSslStateSetup(DetectEngineCtx *de_ctx, Signature *s, char *arg)
 {
    DetectSslStateData *ssd = NULL;
    SigMatch *sm = NULL;

+    if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
+        SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS,
+                   "Rule contains conflicting keywords.  Have non-tls alproto "
+                   "set for a rule containing \"ssl_state\" keyword");
+        goto error;
+    }
    ssd = DetectSslStateParse(arg);
    if (ssd == NULL)
        goto error;
@ -290,12 +296,6 @@ int DetectSslStateSetup(DetectEngineCtx *de_ctx, Signature *s, char *arg)
    sm->type = DETECT_AL_SSL_STATE;
    sm->ctx = (SigMatchCtx*)ssd;

-    if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
-        SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS,
-                   "Rule contains conflicting keywords.  Have non-tls alproto "
-                   "set for a rule containing \"ssl_state\" keyword");
-        goto error;
-    }
    s->alproto = ALPROTO_TLS;

    SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);
@ -315,7 +315,7 @@ error:
 *
 * \param ptr pointer to the data to be freed.
 */
-void DetectSslStateFree(void *ptr)
+static void DetectSslStateFree(void *ptr)
 {
    if (ptr != NULL)
        SCFree(ptr);
@ -327,7 +327,7 @@ void DetectSslStateFree(void *ptr)

 #ifdef UNITTESTS

-int DetectSslStateTest01(void)
+static int DetectSslStateTest01(void)
 {
    DetectSslStateData *ssd = DetectSslStateParse("client_hello");
    FAIL_IF_NULL(ssd);
@ -336,7 +336,7 @@ int DetectSslStateTest01(void)
    PASS;
 }

-int DetectSslStateTest02(void)
+static int DetectSslStateTest02(void)
 {
    DetectSslStateData *ssd = DetectSslStateParse("server_hello , client_hello");
    FAIL_IF_NULL(ssd);
@ -346,7 +346,7 @@ int DetectSslStateTest02(void)
    PASS;
 }

-int DetectSslStateTest03(void)
+static int DetectSslStateTest03(void)
 {
    DetectSslStateData *ssd = DetectSslStateParse("server_hello , client_keyx , "
                                                  "client_hello");
@ -358,7 +358,7 @@ int DetectSslStateTest03(void)
    PASS;
 }

-int DetectSslStateTest04(void)
+static int DetectSslStateTest04(void)
 {
    DetectSslStateData *ssd = DetectSslStateParse("server_hello , client_keyx , "
                                                  "client_hello , server_keyx , "
@ -373,7 +373,7 @@ int DetectSslStateTest04(void)
    PASS;
 }

-int DetectSslStateTest05(void)
+static int DetectSslStateTest05(void)
 {
    DetectSslStateData *ssd = DetectSslStateParse(", server_hello , client_keyx , "
                                                  "client_hello , server_keyx , "
@ -383,7 +383,7 @@ int DetectSslStateTest05(void)
    PASS;
 }

-int DetectSslStateTest06(void)
+static int DetectSslStateTest06(void)
 {
    DetectSslStateData *ssd = DetectSslStateParse("server_hello , client_keyx , "
                                                  "client_hello , server_keyx , "
@ -813,7 +813,7 @@ static int DetectSslStateTest07(void)
 * \brief Test that the "|" character still works as a separate for
 * compatibility with older Suricata rules.
 */
-int DetectSslStateTest08(void)
+static int DetectSslStateTest08(void)
 {
    DetectSslStateData *ssd = DetectSslStateParse("server_hello|client_hello");
    FAIL_IF_NULL(ssd);
@ -826,7 +826,7 @@ int DetectSslStateTest08(void)
 /**
 * \test Test parsing of negated states.
 */
-int DetectSslStateTestParseNegate(void)
+static int DetectSslStateTestParseNegate(void)
 {
    DetectSslStateData *ssd = DetectSslStateParse("!client_hello");
    FAIL_IF_NULL(ssd);
@ -845,7 +845,7 @@ int DetectSslStateTestParseNegate(void)

 #endif /* UNITTESTS */

-void DetectSslStateRegisterTests(void)
+static void DetectSslStateRegisterTests(void)
 {
 #ifdef UNITTESTS
    UtRegisterTest("DetectSslStateTest01", DetectSslStateTest01);
@ -859,6 +859,5 @@ void DetectSslStateRegisterTests(void)
    UtRegisterTest("DetectSslStateTestParseNegate",
        DetectSslStateTestParseNegate);
 #endif
-
    return;
 }
--- a/src/detect-ssl-version.c
+++ b/src/detect-ssl-version.c
@ -1,4 +1,4 @@
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2016 Open Information Security Foundation
 *
 * You can copy, redistribute or modify this Program under the terms of
 * the GNU General Public License version 2 as published by the Free
@ -64,8 +64,8 @@ static int DetectSslVersionMatch(ThreadVars *, DetectEngineThreadCtx *,
        Flow *, uint8_t, void *,
        const Signature *, const SigMatchData *);
 static int DetectSslVersionSetup(DetectEngineCtx *, Signature *, char *);
-void DetectSslVersionRegisterTests(void);
-void DetectSslVersionFree(void *);
+static void DetectSslVersionRegisterTests(void);
+static void DetectSslVersionFree(void *);

 /**
 * \brief Registration function for keyword: ssl_version
@ -163,7 +163,7 @@ static int DetectSslVersionMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx,
 * \retval ssl pointer to DetectSslVersionData on success
 * \retval NULL on failure
 */
-DetectSslVersionData *DetectSslVersionParse(char *str)
+static DetectSslVersionData *DetectSslVersionParse(char *str)
 {
    DetectSslVersionData *ssl = NULL;
 	#define MAX_SUBSTRINGS 30
@ -280,6 +280,11 @@ static int DetectSslVersionSetup (DetectEngineCtx *de_ctx, Signature *s, char *s
    DetectSslVersionData *ssl = NULL;
    SigMatch *sm = NULL;

+    if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
+        SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
+        goto error;
+    }
+
    ssl = DetectSslVersionParse(str);
    if (ssl == NULL)
        goto error;
@ -293,11 +298,6 @@ static int DetectSslVersionSetup (DetectEngineCtx *de_ctx, Signature *s, char *s
    sm->type = DETECT_AL_SSL_VERSION;
    sm->ctx = (void *)ssl;

-    if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
-        SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
-        goto error;
-    }
-
    SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);

    s->alproto = ALPROTO_TLS;
@ -330,7 +330,7 @@ void DetectSslVersionFree(void *ptr)
 * \test DetectSslVersionTestParse01 is a test to make sure that we parse the
 *      "ssl_version" option correctly when given valid ssl_version option
 */
-int DetectSslVersionTestParse01(void)
+static int DetectSslVersionTestParse01(void)
 {
    DetectSslVersionData *ssl = NULL;
    ssl = DetectSslVersionParse("SSlv3");
@ -345,7 +345,7 @@ int DetectSslVersionTestParse01(void)
 *      "ssl_version" option correctly when given an invalid ssl_version option
 *       it should return ssl = NULL
 */
-int DetectSslVersionTestParse02(void)
+static int DetectSslVersionTestParse02(void)
 {
    DetectSslVersionData *ssl = NULL;
    ssl = DetectSslVersionParse("2.5");
@ -358,7 +358,7 @@ int DetectSslVersionTestParse02(void)
 * \test DetectSslVersionTestParse03 is a test to make sure that we parse the
 *      "ssl_version" options correctly when given valid ssl_version options
 */
-int DetectSslVersionTestParse03(void)
+static int DetectSslVersionTestParse03(void)
 {
    DetectSslVersionData *ssl = NULL;
    ssl = DetectSslVersionParse("SSlv3,tls1.0, !tls1.2");
@ -654,7 +654,7 @@ static int DetectSslVersionTestDetect03(void)
 /**
 * \brief this function registers unit tests for DetectSslVersion
 */
-void DetectSslVersionRegisterTests(void)
+static void DetectSslVersionRegisterTests(void)
 {
 #ifdef UNITTESTS /* UNITTESTS */
    UtRegisterTest("DetectSslVersionTestParse01", DetectSslVersionTestParse01);
--- a/src/detect-tls-version.c
+++ b/src/detect-tls-version.c
@ -1,4 +1,4 @@
-/* Copyright (C) 2007-2010 Open Information Security Foundation
+/* Copyright (C) 2007-2016 Open Information Security Foundation
 *
 * You can copy, redistribute or modify this Program under the terms of
 * the GNU General Public License version 2 as published by the Free
@ -63,8 +63,8 @@ static int DetectTlsVersionMatch (ThreadVars *, DetectEngineThreadCtx *,
        Flow *, uint8_t, void *,
        const Signature *, const SigMatchData *);
 static int DetectTlsVersionSetup (DetectEngineCtx *, Signature *, char *);
-void DetectTlsVersionRegisterTests(void);
-void DetectTlsVersionFree(void *);
+static void DetectTlsVersionRegisterTests(void);
+static void DetectTlsVersionFree(void *);

 /**
 * \brief Registration function for keyword: tls.version
@ -131,7 +131,7 @@ static int DetectTlsVersionMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx,
 * \retval id_d pointer to DetectTlsVersionData on success
 * \retval NULL on failure
 */
-DetectTlsVersionData *DetectTlsVersionParse (char *str)
+static DetectTlsVersionData *DetectTlsVersionParse (char *str)
 {
    uint16_t temp;
    DetectTlsVersionData *tls = NULL;
@ -219,8 +219,14 @@ static int DetectTlsVersionSetup (DetectEngineCtx *de_ctx, Signature *s, char *s
    DetectTlsVersionData *tls = NULL;
    SigMatch *sm = NULL;

+    if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
+        SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
+        goto error;
+    }
+
    tls = DetectTlsVersionParse(str);
-    if (tls == NULL) goto error;
+    if (tls == NULL)
+        goto error;

    /* Okay so far so good, lets get this into a SigMatch
     * and put it in the Signature. */
@ -231,19 +237,16 @@ static int DetectTlsVersionSetup (DetectEngineCtx *de_ctx, Signature *s, char *s
    sm->type = DETECT_AL_TLS_VERSION;
    sm->ctx = (void *)tls;

-    if (s->alproto != ALPROTO_UNKNOWN && s->alproto != ALPROTO_TLS) {
-        SCLogError(SC_ERR_CONFLICTING_RULE_KEYWORDS, "rule contains conflicting keywords.");
-        goto error;
-    }
-
    SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_AMATCH);

    s->alproto = ALPROTO_TLS;
    return 0;

 error:
-    if (tls != NULL) DetectTlsVersionFree(tls);
-    if (sm != NULL) SCFree(sm);
+    if (tls != NULL)
+        DetectTlsVersionFree(tls);
+    if (sm != NULL)
+        SCFree(sm);
    return -1;

 }
@ -253,7 +256,7 @@ error:
 *
 * \param id_d pointer to DetectTlsVersionData
 */
-void DetectTlsVersionFree(void *ptr)
+static void DetectTlsVersionFree(void *ptr)
 {
    DetectTlsVersionData *id_d = (DetectTlsVersionData *)ptr;
    SCFree(id_d);
@ -265,7 +268,7 @@ void DetectTlsVersionFree(void *ptr)
 * \test DetectTlsVersionTestParse01 is a test to make sure that we parse the "id"
 *       option correctly when given valid id option
 */
-int DetectTlsVersionTestParse01 (void)
+static int DetectTlsVersionTestParse01 (void)
 {
    DetectTlsVersionData *tls = NULL;
    tls = DetectTlsVersionParse("1.0");
@ -280,7 +283,7 @@ int DetectTlsVersionTestParse01 (void)
 *       option correctly when given an invalid id option
 *       it should return id_d = NULL
 */
-int DetectTlsVersionTestParse02 (void)
+static int DetectTlsVersionTestParse02 (void)
 {
    DetectTlsVersionData *tls = NULL;
    tls = DetectTlsVersionParse("2.5");
@ -582,7 +585,7 @@ static int DetectTlsVersionTestDetect03(void)
 /**
 * \brief this function registers unit tests for DetectTlsVersion
 */
-void DetectTlsVersionRegisterTests(void)
+static void DetectTlsVersionRegisterTests(void)
 {
 #ifdef UNITTESTS /* UNITTESTS */
    UtRegisterTest("DetectTlsVersionTestParse01", DetectTlsVersionTestParse01);