/**
* \brief Gets the classtype from the corresponding hash table stored
* in the Detection Engine Context's class conf ht, given the
* classtype name.
*
* \param ct_name Pointer to the classtype name that has to be looked up.
* \param de_ctx Pointer to the Detection Engine Context.
*
* \retval lookup_ct_info Pointer to the SCClassConfClasstype instance from
* the hash table on success; NULL on failure.
*/
SCClassConfClasstype *SCClassConfGetClasstype(const char *ct_name,
DetectEngineCtx *de_ctx)
{
SCClassConfClasstype *ct_info = SCClassConfAllocClasstype(0, ct_name, NULL,
0);
if (ct_info == NULL)
return NULL;
SCClassConfClasstype *lookup_ct_info = HashTableLookup(de_ctx->class_conf_ht,
ct_info, 0);
SCClassConfDeAllocClasstype(ct_info);
return lookup_ct_info;
}
/**
* \test Check if the classtype info from the classification.config file have
* been loaded into the hash table.
*/
int SCClassConfTest06(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
SCClassConfClasstype *ct = NULL;
int result = 1;
if (de_ctx == NULL)
return 0;
SCClassConfGenerateInValidDummyClassConfigFD02();
SCClassConfLoadClassficationConfigFile(de_ctx);
SCClassConfDeleteDummyClassificationConfigFD();
if (de_ctx->class_conf_ht == NULL)
return 0;
result = (de_ctx->class_conf_ht->count == 3);
ct = SCClassConfAllocClasstype(0, "unknown", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) == NULL);
SCClassConfDeAllocClasstype(ct);
ct = SCClassConfAllocClasstype(0, "not-suspicious", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) != NULL);
SCClassConfDeAllocClasstype(ct);
ct = SCClassConfAllocClasstype(0, "bamboola1", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) != NULL);
SCClassConfDeAllocClasstype(ct);
ct = SCClassConfAllocClasstype(0, "bamboola1", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) != NULL);
SCClassConfDeAllocClasstype(ct);
ct = SCClassConfAllocClasstype(0, "BAMBOolA1", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) != NULL);
SCClassConfDeAllocClasstype(ct);
ct = SCClassConfAllocClasstype(0, "unkNOwn", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) == NULL);
SCClassConfDeAllocClasstype(ct);
DetectEngineCtxFree(de_ctx);
return result;
}
/**
* \test Check if the classtype info from the invalid classification.config file
* have not been loaded into the hash table, and cross verify to check
* that the hash table contains no classtype data.
*/
int SCClassConfTest05(void)
{
DetectEngineCtx *de_ctx = DetectEngineCtxInit();
SCClassConfClasstype *ct = NULL;
int result = 1;
if (de_ctx == NULL)
return 0;
SCClassConfGenerateInValidDummyClassConfigFD03();
SCClassConfLoadClassficationConfigFile(de_ctx);
SCClassConfDeleteDummyClassificationConfigFD();
if (de_ctx->class_conf_ht == NULL)
return 0;
result = (de_ctx->class_conf_ht->count == 0);
ct = SCClassConfAllocClasstype(0, "unknown", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) == NULL);
SCClassConfDeAllocClasstype(ct);
ct = SCClassConfAllocClasstype(0, "unKnoWn", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) == NULL);
SCClassConfDeAllocClasstype(ct);
ct = SCClassConfAllocClasstype(0, "bamboo", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) == NULL);
SCClassConfDeAllocClasstype(ct);
ct = SCClassConfAllocClasstype(0, "bad-unknown", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) == NULL);
SCClassConfDeAllocClasstype(ct);
ct = SCClassConfAllocClasstype(0, "BAD-UNKnOWN", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) == NULL);
SCClassConfDeAllocClasstype(ct);
ct = SCClassConfAllocClasstype(0, "bed-unknown", NULL, 0);
result &= (HashTableLookup(de_ctx->class_conf_ht, ct, 0) == NULL);
SCClassConfDeAllocClasstype(ct);
DetectEngineCtxFree(de_ctx);
return result;
}
/**
* \brief Used to free the Classification Config Hash Data that was stored in
* DetectEngineCtx->class_conf_ht Hashtable.
*
* \param ch Pointer to the data that has to be freed.
*/
void SCClassConfClasstypeHashFree(void *ch)
{
SCClassConfDeAllocClasstype(ch);
return;
}
