detect/enip/cip: convert to v2 inspect API

5 years ago · ce6f8605ea
parent 35310313de
commit ce6f8605ea
3 changed files with 23 additions and 31 deletions
--- a/src/detect-cipservice.c
+++ b/src/detect-cipservice.c
@ -62,12 +62,10 @@ void DetectCipServiceRegister(void)
    sigmatch_table[DETECT_CIPSERVICE].RegisterTests
            = DetectCipServiceRegisterTests;
 #endif
-    DetectAppLayerInspectEngineRegister("cip",
-            ALPROTO_ENIP, SIG_FLAG_TOSERVER, 0,
-            DetectEngineInspectCIP);
-    DetectAppLayerInspectEngineRegister("cip",
-            ALPROTO_ENIP, SIG_FLAG_TOCLIENT, 0,
-            DetectEngineInspectCIP);
+    DetectAppLayerInspectEngineRegister2(
+            "cip", ALPROTO_ENIP, SIG_FLAG_TOSERVER, 0, DetectEngineInspectCIP, NULL);
+    DetectAppLayerInspectEngineRegister2(
+            "cip", ALPROTO_ENIP, SIG_FLAG_TOCLIENT, 0, DetectEngineInspectCIP, NULL);

    g_cip_buffer_id = DetectBufferTypeGetByName("cip");

@ -317,12 +315,10 @@ void DetectEnipCommandRegister(void)
    sigmatch_table[DETECT_ENIPCOMMAND].RegisterTests
            = DetectEnipCommandRegisterTests;
 #endif
-    DetectAppLayerInspectEngineRegister("enip",
-            ALPROTO_ENIP, SIG_FLAG_TOSERVER, 0,
-            DetectEngineInspectENIP);
-    DetectAppLayerInspectEngineRegister("enip",
-            ALPROTO_ENIP, SIG_FLAG_TOCLIENT, 0,
-            DetectEngineInspectENIP);
+    DetectAppLayerInspectEngineRegister2(
+            "enip", ALPROTO_ENIP, SIG_FLAG_TOSERVER, 0, DetectEngineInspectENIP, NULL);
+    DetectAppLayerInspectEngineRegister2(
+            "enip", ALPROTO_ENIP, SIG_FLAG_TOCLIENT, 0, DetectEngineInspectENIP, NULL);

    g_enip_buffer_id = DetectBufferTypeGetByName("enip");
 }
@ -461,4 +457,4 @@ static void DetectEnipCommandRegisterTests(void)
    UtRegisterTest("DetectEnipCommandSignatureTest01",
            DetectEnipCommandSignatureTest01);
 }
-#endif /* UNITTESTS */
+#endif /* UNITTESTS */
--- a/src/detect-engine-enip.c
+++ b/src/detect-engine-enip.c
@ -217,16 +217,15 @@ static int CIPServiceMatch(ENIPTransaction *enip_data,
 *
 *  \retval 0 no match or 1 match
 */
-int DetectEngineInspectCIP(ThreadVars *tv,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
-        const Signature *s, const SigMatchData *smd, Flow *f, uint8_t flags,
-        void *alstate, void *txv, uint64_t tx_id)
+int DetectEngineInspectCIP(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
+        const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f,
+        uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
 {
    SCEnter();


    ENIPTransaction *tx = (ENIPTransaction *) txv;
-    DetectCipServiceData *cipserviced = (DetectCipServiceData *) smd->ctx;
+    DetectCipServiceData *cipserviced = (DetectCipServiceData *)engine->smd->ctx;

    if (cipserviced == NULL)
    {
@ -257,15 +256,14 @@ int DetectEngineInspectCIP(ThreadVars *tv,
 *  \retval 0 no match or 1 match
 */

-int DetectEngineInspectENIP(ThreadVars *tv,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
-        const Signature *s, const SigMatchData *smd,
-        Flow *f, uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
+int DetectEngineInspectENIP(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx,
+        const struct DetectEngineAppInspectionEngine_ *engine, const Signature *s, Flow *f,
+        uint8_t flags, void *alstate, void *txv, uint64_t tx_id)
 {
    SCEnter();

    ENIPTransaction *tx = (ENIPTransaction *) txv;
-    DetectEnipCommandData *enipcmdd = (DetectEnipCommandData *) smd->ctx;
+    DetectEnipCommandData *enipcmdd = (DetectEnipCommandData *)engine->smd->ctx;

    if (enipcmdd == NULL)
    {
--- a/src/detect-engine-enip.h
+++ b/src/detect-engine-enip.h
@ -23,15 +23,13 @@
 #ifndef __DETECT_ENGINE_ENIP_H__
 #define __DETECT_ENGINE_ENIP_H__

-int DetectEngineInspectCIP(ThreadVars *,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *,
-        const Signature *, const SigMatchData *smd,
-        Flow *, uint8_t, void *, void *, uint64_t);
+int DetectEngineInspectCIP(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *,
+        const struct DetectEngineAppInspectionEngine_ *, const Signature *, Flow *, uint8_t, void *,
+        void *, uint64_t);

-int DetectEngineInspectENIP(ThreadVars *,
-        DetectEngineCtx *de_ctx, DetectEngineThreadCtx *,
-        const Signature *, const SigMatchData *smd,
-        Flow *, uint8_t, void *, void *, uint64_t);
+int DetectEngineInspectENIP(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *,
+        const struct DetectEngineAppInspectionEngine_ *, const Signature *, Flow *, uint8_t, void *,
+        void *, uint64_t);

 void DetectEngineInspectENIPRegisterTests(void);
 #endif /* __DETECT_ENGINE_ENIP_H__ */