Commit Graph

13 Commits (e2603fa8206981778c686e70a1eee45e598b27ac)

Author SHA1 Message Date
Philippe Antoine e2603fa820 detect/single-buf: new simple wrapper
Introduce DetectGetSingleData which does the generic wrapping,
including the transforms, using a new callback prototype
DetectTxGetBufferPtr

The goal is to replace most InspectionBufferGetDataPtr.
For this commit, we do not change every callback to keep the
change relatively small.

Focus here is to remove DetectHelperGetData as its functionality is
provided more directly by the new DetectTxGetBufferPtr.
2 months ago
Philippe Antoine 13449344e8 rust: bindgen SCDetectHelperKeywordRegister
Ticket: 7667
3 months ago
Philippe Antoine 0d82e905bc rust: bindgen DetectHelperMultiBufferMpmRegister
Ticket: 7667
3 months ago
Philippe Antoine 033e0480cf detect/single-buf: helper with more explicit direction 3 months ago
Philippe Antoine dadf9012fc rust: bindgen detect-engine-buffer.h
Ticket: 7667

And prefix SCDetectBufferSetActiveList to be exported

Allows less use of suricata crate in plugin as we get the functions
prototypes from suricata_sys and they are more correct.
3 months ago
Philippe Antoine 0024de5e9e src: new file detect-engine-buffer.h
Taken from detect-engine.h so that we can bindgen this smaller
unit.
3 months ago
Philippe Antoine 808f8a877a detect/multi-buf: helper with more explicit direction 3 months ago
Philippe Antoine 8ecc3efdc8 detect/multi-buf: harmonize wrapper
Introduce DetectGetMultiData which does the generic wrapping,
including the transforms.

And let each keyword do just the getter.
3 months ago
Philippe Antoine 96afdce283 detect: rename SCSigTableElmt to SCSigTableAppLiteElmt 3 months ago
Jeff Lucovsky 22ea5ddbb7 detect/transforms: Add engine detect thread ctx to signature
Modify the transform function signature to include the detect engine
thread ctx.
4 months ago
Philippe Antoine c5f3d33e51 detect/smtp: smtp.rcpt_to keyword
Ticket: 7516

It is a sticky buffer mapping to the smtp.rcpt_to[] log field
It is a multi-buffer
6 months ago
Philippe Antoine 32594766b7 detect/smtp: smtp.mail_from keyword
Ticket: 7517

It is a sticky buffer mapping to the smtp.mail_from log field
6 months ago
Philippe Antoine 3d3b1ade9d detect/smtp: smtp.helo keyword
Ticket: 7515

It is a sticky buffer mapping to the smtp.helo log field
6 months ago