fast_pattern: register app layer mpms automatically

Allow for duplicate registrations for the same list. After the first
registration new calls will be ignored.

src/detect-dns-query.c

@@ -78,7 +78,7 @@ void DetectDnsQueryRegister (void)
     sigmatch_table[DETECT_AL_DNS_QUERY].flags |= SIGMATCH_PAYLOAD;
 
     DetectMpmAppLayerRegister("dns_query", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_DNSQUERYNAME_MATCH,
+            DETECT_SM_LIST_DNSQUERYNAME_MATCH, 2,
             PrefilterTxDnsQueryRegister);
 
 }

src/detect-engine-mpm.c

@@ -92,7 +92,8 @@ const char *builtin_mpms[] = {
 static DetectMpmAppLayerRegistery *g_app_mpms_list = NULL;
 static int g_app_mpms_list_cnt = 0;
 
-void DetectMpmAppLayerRegister(const char *name, int direction, int sm_list,
+void DetectMpmAppLayerRegister(const char *name,
+        int direction, int sm_list, int priority,
         int (*PrefilterRegister)(SigGroupHead *sgh, MpmCtx *mpm_ctx))
 {
     DetectMpmAppLayerRegistery *am = SCCalloc(1, sizeof(*am));
@@ -114,6 +115,8 @@ void DetectMpmAppLayerRegister(const char *name, int direction, int sm_list,
         am->id = t->id + 1;
     }
     g_app_mpms_list_cnt++;
+
+    SupportFastPatternForSigMatchList(sm_list, priority);
 }
 
 void DetectMpmInitializeAppMpms(DetectEngineCtx *de_ctx)

src/detect-engine-mpm.h

@@ -89,7 +89,8 @@ int DetectSetFastPatternAndItsId(DetectEngineCtx *de_ctx);
  *  \note direction must be set to either toserver or toclient.
  *        If both are needed, register the keyword twice.
  */
-void DetectMpmAppLayerRegister(const char *name, int direction, int sm_list,
+void DetectMpmAppLayerRegister(const char *name,
+        int direction, int sm_list, int priority,
         int (*PrefilterRegister)(SigGroupHead *sgh, MpmCtx *mpm_ctx));
 
 #endif /* __DETECT_ENGINE_MPM_H__ */

src/detect-fast-pattern.c

@@ -56,8 +56,22 @@ SCFPSupportSMList *sm_fp_support_smlist_list = NULL;
  * \param list_id SM list id.
  * \param priority Priority for this list.
  */
-static void SupportFastPatternForSigMatchList(int list_id, int priority)
+void SupportFastPatternForSigMatchList(int list_id, int priority)
 {
+    SCFPSupportSMList *ip = NULL;
+    /* insertion point - ip */
+    for (SCFPSupportSMList *tmp = sm_fp_support_smlist_list; tmp != NULL; tmp = tmp->next) {
+        if (list_id == tmp->list_id) {
+            SCLogDebug("SM list already registered.");
+            return;
+        }
+
+        if (priority <= tmp->priority)
+            break;
+
+        ip = tmp;
+    }
+
     if (sm_fp_support_smlist_list == NULL) {
         SCFPSupportSMList *new = SCMalloc(sizeof(SCFPSupportSMList));
         if (unlikely(new == NULL))
@@ -71,20 +85,6 @@ static void SupportFastPatternForSigMatchList(int list_id, int priority)
         return;
     }
 
-    /* insertion point - ip */
-    SCFPSupportSMList *ip = NULL;
-    for (SCFPSupportSMList *tmp = sm_fp_support_smlist_list; tmp != NULL; tmp = tmp->next) {
-        if (list_id == tmp->list_id) {
-            SCLogError(SC_ERR_FATAL, "SM list already registered.");
-            exit(EXIT_FAILURE);
-        }
-
-        if (priority <= tmp->priority)
-            break;
-
-        ip = tmp;
-    }
-
     SCFPSupportSMList *new = SCMalloc(sizeof(SCFPSupportSMList));
     if (unlikely(new == NULL))
         exit(EXIT_FAILURE);
@@ -99,13 +99,6 @@ static void SupportFastPatternForSigMatchList(int list_id, int priority)
         ip->next = new;
     }
 
-    for (SCFPSupportSMList *tmp = new->next; tmp != NULL; tmp = tmp->next) {
-        if (list_id == tmp->list_id) {
-            SCLogError(SC_ERR_FATAL, "SM list already registered.");
-            exit(EXIT_FAILURE);
-        }
-    }
-
     return;
 }
 
@@ -114,31 +107,9 @@ static void SupportFastPatternForSigMatchList(int list_id, int priority)
  */
 void SupportFastPatternForSigMatchTypes(void)
 {
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_HCBDMATCH, 2);
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_FILEDATA, 2);
-
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_HHDMATCH, 2);
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_HRHDMATCH, 2);
-
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_UMATCH, 2);
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_HRUDMATCH, 2);
-
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_HHHDMATCH, 2);
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_HRHHDMATCH, 2);
-
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_HCDMATCH, 2);
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_HUADMATCH, 2);
-
     SupportFastPatternForSigMatchList(DETECT_SM_LIST_PMATCH, 3);
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_HMDMATCH, 3);
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_HSCDMATCH, 3);
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_HSMDMATCH, 3);
-
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_DNSQUERYNAME_MATCH, 2);
 
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_TLSSNI_MATCH, 2);
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_TLSISSUER_MATCH, 2);
-    SupportFastPatternForSigMatchList(DETECT_SM_LIST_TLSSUBJECT_MATCH, 2);
+    /* other types are handled by DetectMpmAppLayerRegister() */
 
 #if 0
     SCFPSupportSMList *tmp = sm_fp_support_smlist_list;

src/detect-fast-pattern.h

@@ -59,6 +59,8 @@ static inline int FastPatternSupportEnabledForSigMatchList(int list_id)
     return 0;
 }
 
+void SupportFastPatternForSigMatchList(int list_id, int priority);
+
 void SupportFastPatternForSigMatchTypes(void);
 
 void DetectFastPatternRegister(void);

src/detect-file-data.c

@@ -64,10 +64,10 @@ void DetectFiledataRegister(void)
     sigmatch_table[DETECT_FILE_DATA].flags = SIGMATCH_NOOPT;
 
     DetectMpmAppLayerRegister("file_data", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_FILEDATA,
+            DETECT_SM_LIST_FILEDATA, 2,
             PrefilterTxSmtpFiledataRegister);
     DetectMpmAppLayerRegister("file_data", SIG_FLAG_TOCLIENT,
-            DETECT_SM_LIST_FILEDATA,
+            DETECT_SM_LIST_FILEDATA, 2,
             PrefilterTxHttpResponseBodyRegister);
 }
 

src/detect-http-client-body.c

@@ -80,7 +80,7 @@ void DetectHttpClientBodyRegister(void)
     sigmatch_table[DETECT_AL_HTTP_CLIENT_BODY].flags |= SIGMATCH_PAYLOAD ;
 
     DetectMpmAppLayerRegister("http_client_body", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_HCBDMATCH,
+            DETECT_SM_LIST_HCBDMATCH, 2,
             PrefilterTxHttpRequestBodyRegister);
 
 }

src/detect-http-cookie.c

@@ -83,10 +83,10 @@ void DetectHttpCookieRegister(void)
     sigmatch_table[DETECT_AL_HTTP_COOKIE].flags |= SIGMATCH_PAYLOAD;
 
     DetectMpmAppLayerRegister("http_cookie", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_HCDMATCH,
+            DETECT_SM_LIST_HCDMATCH, 2,
             PrefilterTxRequestCookieRegister);
     DetectMpmAppLayerRegister("http_cookie", SIG_FLAG_TOCLIENT,
-            DETECT_SM_LIST_HCDMATCH,
+            DETECT_SM_LIST_HCDMATCH, 2,
             PrefilterTxResponseCookieRegister);
 
 }

src/detect-http-header.c

@@ -81,9 +81,11 @@ void DetectHttpHeaderRegister(void)
     sigmatch_table[DETECT_AL_HTTP_HEADER].flags |= SIGMATCH_NOOPT ;
     sigmatch_table[DETECT_AL_HTTP_HEADER].flags |= SIGMATCH_PAYLOAD ;
 
-    DetectMpmAppLayerRegister("http_header", SIG_FLAG_TOSERVER, DETECT_SM_LIST_HHDMATCH,
+    DetectMpmAppLayerRegister("http_header", SIG_FLAG_TOSERVER,
+            DETECT_SM_LIST_HHDMATCH, 2,
             PrefilterTxHttpRequestHeadersRegister);
-    DetectMpmAppLayerRegister("http_header", SIG_FLAG_TOCLIENT, DETECT_SM_LIST_HHDMATCH,
+    DetectMpmAppLayerRegister("http_header", SIG_FLAG_TOCLIENT,
+            DETECT_SM_LIST_HHDMATCH, 2,
             PrefilterTxHttpResponseHeadersRegister);
 
     return;

src/detect-http-hh.c

@@ -80,7 +80,7 @@ void DetectHttpHHRegister(void)
     sigmatch_table[DETECT_AL_HTTP_HOST].flags |= SIGMATCH_PAYLOAD ;
 
     DetectMpmAppLayerRegister("http_host", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_HHHDMATCH,
+            DETECT_SM_LIST_HHHDMATCH, 2,
             PrefilterTxHostnameRegister);
     return;
 }

src/detect-http-hrh.c

@@ -80,7 +80,7 @@ void DetectHttpHRHRegister(void)
     sigmatch_table[DETECT_AL_HTTP_RAW_HOST].flags |= SIGMATCH_PAYLOAD ;
 
     DetectMpmAppLayerRegister("http_raw_host", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_HRHHDMATCH,
+            DETECT_SM_LIST_HRHHDMATCH, 2,
             PrefilterTxHostnameRawRegister);
 
     return;

src/detect-http-method.c

@@ -82,7 +82,7 @@ void DetectHttpMethodRegister(void)
     sigmatch_table[DETECT_AL_HTTP_METHOD].flags |= SIGMATCH_PAYLOAD;
 
     DetectMpmAppLayerRegister("http_method", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_HMDMATCH,
+            DETECT_SM_LIST_HMDMATCH, 4,
             PrefilterTxMethodRegister);
 
     SCLogDebug("registering http_method rule option");

src/detect-http-raw-header.c

@@ -80,10 +80,10 @@ void DetectHttpRawHeaderRegister(void)
     sigmatch_table[DETECT_AL_HTTP_RAW_HEADER].flags |= SIGMATCH_PAYLOAD;
 
     DetectMpmAppLayerRegister("http_raw_header", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_HRHDMATCH,
+            DETECT_SM_LIST_HRHDMATCH, 2,
             PrefilterTxRequestHeadersRawRegister);
     DetectMpmAppLayerRegister("http_raw_header", SIG_FLAG_TOCLIENT,
-            DETECT_SM_LIST_HRHDMATCH,
+            DETECT_SM_LIST_HRHDMATCH, 2,
             PrefilterTxResponseHeadersRawRegister);
 
     return;

src/detect-http-raw-uri.c

@@ -75,7 +75,7 @@ void DetectHttpRawUriRegister(void)
     sigmatch_table[DETECT_AL_HTTP_RAW_URI].flags |= SIGMATCH_PAYLOAD;
 
     DetectMpmAppLayerRegister("http_raw_uri", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_HRUDMATCH,
+            DETECT_SM_LIST_HRUDMATCH, 2,
             PrefilterTxRawUriRegister);
 
     return;

src/detect-http-stat-code.c

@@ -88,7 +88,7 @@ void DetectHttpStatCodeRegister (void)
     sigmatch_table[DETECT_AL_HTTP_STAT_CODE].flags |= SIGMATCH_PAYLOAD;
 
     DetectMpmAppLayerRegister("http_stat_code", SIG_FLAG_TOCLIENT,
-            DETECT_SM_LIST_HSCDMATCH,
+            DETECT_SM_LIST_HSCDMATCH, 4,
             PrefilterTxHttpStatCodeRegister);
 }
 

src/detect-http-stat-msg.c

@@ -88,7 +88,7 @@ void DetectHttpStatMsgRegister (void)
     sigmatch_table[DETECT_AL_HTTP_STAT_MSG].flags |= SIGMATCH_PAYLOAD;
 
     DetectMpmAppLayerRegister("http_stat_msg", SIG_FLAG_TOCLIENT,
-        DETECT_SM_LIST_HSMDMATCH,
+        DETECT_SM_LIST_HSMDMATCH, 3,
         PrefilterTxHttpStatMsgRegister);
 }
 

src/detect-http-ua.c

@@ -81,7 +81,7 @@ void DetectHttpUARegister(void)
     sigmatch_table[DETECT_AL_HTTP_USER_AGENT].flags |= SIGMATCH_PAYLOAD ;
 
     DetectMpmAppLayerRegister("http_user_agent", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_HUADMATCH,
+            DETECT_SM_LIST_HUADMATCH, 2,
             PrefilterTxUARegister);
 
     return;

src/detect-http-uri.c

@@ -77,7 +77,7 @@ void DetectHttpUriRegister (void)
     sigmatch_table[DETECT_AL_HTTP_URI].flags |= SIGMATCH_PAYLOAD;
 
     DetectMpmAppLayerRegister("http_uri", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_UMATCH,
+            DETECT_SM_LIST_UMATCH, 2,
             PrefilterTxUriRegister);
 }
 

src/detect-tls-cert-issuer.c

@@ -73,7 +73,7 @@ void DetectTlsIssuerRegister(void)
     sigmatch_table[DETECT_AL_TLS_CERT_ISSUER].flags |= SIGMATCH_PAYLOAD;
 
     DetectMpmAppLayerRegister("tls_cert_issuer", SIG_FLAG_TOCLIENT,
-            DETECT_SM_LIST_TLSISSUER_MATCH,
+            DETECT_SM_LIST_TLSISSUER_MATCH, 2,
             PrefilterTxTlsIssuerRegister);
 }
 

src/detect-tls-cert-subject.c

@@ -73,7 +73,7 @@ void DetectTlsSubjectRegister(void)
     sigmatch_table[DETECT_AL_TLS_CERT_SUBJECT].flags |= SIGMATCH_PAYLOAD;
 
     DetectMpmAppLayerRegister("tls_cert_subject", SIG_FLAG_TOCLIENT,
-            DETECT_SM_LIST_TLSSUBJECT_MATCH,
+            DETECT_SM_LIST_TLSSUBJECT_MATCH, 2,
             PrefilterTxTlsSubjectRegister);
 }
 

src/detect-tls-sni.c

@@ -73,7 +73,7 @@ void DetectTlsSniRegister(void)
     sigmatch_table[DETECT_AL_TLS_SNI].flags |= SIGMATCH_PAYLOAD;
 
     DetectMpmAppLayerRegister("tls_sni", SIG_FLAG_TOSERVER,
-            DETECT_SM_LIST_TLSSNI_MATCH,
+            DETECT_SM_LIST_TLSSNI_MATCH, 2,
             PrefilterTxTlsSniRegister);
 
 }