← Back to branch summary

~ubuntu-branches/ubuntu/raring/suricata/raring

« back to all changes in this revision

Viewing changes to src/detect-engine-hmd.c

  • Committer: Package Import Robot
  • Author(s): Pierre Chifflier
  • Date: 2012-12-14 00:02:51 UTC
  • mfrom: (1.1.18)
  • Revision ID: package-import@ubuntu.com-20121214000251-3326bvmr1x6ofsy5
Tags: 1.4-1
* Imported Upstream version 1.4
* Enable Jansson and LuaJIT support, and add libjansson-dev libluajit-5.1-dev
  to build-deps
* Add python to recommends, for the suricatasc script
* Create /var/run/suricata directory when starting daemon

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/detect-engine-hmd.c
112
112
 * \retval 0 No match.
113
113
 * \retval 1 Match.
114
114
 */
115
 
int DetectEngineInspectHttpMethod(DetectEngineCtx *de_ctx,
 
115
int DetectEngineInspectHttpMethod(ThreadVars *tv,
 
116
                                  DetectEngineCtx *de_ctx,
116
117
                                  DetectEngineThreadCtx *det_ctx,
117
118
                                  Signature *s, Flow *f, uint8_t flags,
118
 
                                  void *alstate)
 
119
                                  void *alstate, int tx_id)
119
120
{
120
 
    SCEnter();
121
 
    int r = 0;
122
 
    HtpState *htp_state = NULL;
123
 
    htp_tx_t *tx = NULL;
124
 
    int idx;
125
 
 
126
 
    FLOWLOCK_RDLOCK(f);
127
 
 
128
 
    htp_state = (HtpState *)alstate;
129
 
    if (htp_state == NULL) {
130
 
        SCLogDebug("no HTTP state");
131
 
        goto end;
132
 
    }
133
 
 
134
 
    if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
135
 
        SCLogDebug("HTP state has no conn(p)");
136
 
        goto end;
137
 
    }
138
 
 
139
 
    idx = AppLayerTransactionGetInspectId(f);
140
 
    if (idx == -1) {
141
 
        goto end;
142
 
    }
143
 
 
144
 
    int size = (int)list_size(htp_state->connp->conn->transactions);
145
 
    for (; idx < size; idx++) {
146
 
 
147
 
        tx = list_get(htp_state->connp->conn->transactions, idx);
148
 
        if (tx == NULL || tx->request_method == NULL)
149
 
            continue;
150
 
 
151
 
        det_ctx->buffer_offset = 0;
152
 
        det_ctx->discontinue_matching = 0;
153
 
        det_ctx->inspection_recursion_counter = 0;
154
 
 
155
 
        r = DetectEngineContentInspection(de_ctx, det_ctx, s, s->sm_lists[DETECT_SM_LIST_HMDMATCH],
 
121
    HtpState *htp_state = (HtpState *)alstate;
 
122
    htp_tx_t *tx = list_get(htp_state->connp->conn->transactions, tx_id);
 
123
    if (tx == NULL || tx->request_method == NULL)
 
124
        return 0;
 
125
 
 
126
    det_ctx->buffer_offset = 0;
 
127
    det_ctx->discontinue_matching = 0;
 
128
    det_ctx->inspection_recursion_counter = 0;
 
129
    int r = DetectEngineContentInspection(de_ctx, det_ctx, s, s->sm_lists[DETECT_SM_LIST_HMDMATCH],
156
130
                                          f,
157
131
                                          (uint8_t *)bstr_ptr(tx->request_method),
158
132
                                          bstr_len(tx->request_method),
159
133
                                          DETECT_ENGINE_CONTENT_INSPECTION_MODE_HMD, NULL);
160
 
        //r = DoInspectHttpMethod(de_ctx, det_ctx, s, s->sm_lists[DETECT_SM_LIST_HMDMATCH],
161
 
        //(uint8_t *)bstr_ptr(tx->request_method),
162
 
        //bstr_len(tx->request_method));
163
 
        if (r == 1) {
164
 
            break;
165
 
        }
166
 
    }
 
134
    if (r == 1)
 
135
        return 1;
167
136
 
168
 
end:
169
 
    FLOWLOCK_UNLOCK(f);
170
 
    SCReturnInt(r);
 
137
    return 0;
171
138
}
172
139
 
173
140
/***********************************Unittests**********************************/