From 069d0f718c7f73f413f450c7474063625d565e47 Mon Sep 17 00:00:00 2001
From: Pablo Rincon <pablo.rincon.crespo@gmail.com>
Date: Wed, 30 Jun 2010 14:46:02 +0200
Subject: [PATCH] Load signatures with incompatible fast_pattern option (due to design differences for optimization)

---
 src/detect-fast-pattern.c |   10 +++++++---
 src/detect-parse.c        |    3 +++
 src/detect.h              |    4 ++++
 src/util-error.c          |    1 +
 src/util-error.h          |    1 +
 5 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/src/detect-fast-pattern.c b/src/detect-fast-pattern.c
index a16c3fb..c7d0ed2 100644
--- a/src/detect-fast-pattern.c
+++ b/src/detect-fast-pattern.c
@@ -74,9 +74,13 @@ static int DetectFastPatternSetup(DetectEngineCtx *de_ctx, Signature *s, char *n
     }
 
     if (s->pmatch_tail == NULL) {
-        SCLogError(SC_ERR_INVALID_SIGNATURE, "fast_pattern found inside the "
-                     "rule, without any preceding keywords");
-        return -1;
+        SCLogWarning(SC_WARN_COMPATIBILITY, " a fast_pattern found inside the "
+                     "rule, is not preceding a keyword that support (currently)"
+                     " this optimization. At least, the engine support "
+                     "fast_pattern for content (not for uricontent yet). "
+                     "The signature is being loaded anyway ==> %s",
+                     s->sig_str);
+        return 0;
     }
 
     SigMatch *pm = DetectContentGetLastPattern(s->pmatch_tail);
diff --git a/src/detect-parse.c b/src/detect-parse.c
index 975f52c..0bb18fb 100644
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@@ -880,6 +880,7 @@ int SigParse(DetectEngineCtx *de_ctx, Signature *s, char *sigstr, uint8_t addrs_
     SCEnter();
 
     char **basics;
+    s->sig_str = sigstr;
 
     int ret = SigParseBasics(s, sigstr, &basics, addrs_direction);
     if (ret < 0) {
@@ -912,6 +913,8 @@ int SigParse(DetectEngineCtx *de_ctx, Signature *s, char *sigstr, uint8_t addrs_
         SCFree(basics);
     }
 
+    s->sig_str = NULL;
+
     SCReturnInt(ret);
 }
 
diff --git a/src/detect.h b/src/detect.h
index d40d256..3f63c95 100644
--- a/src/detect.h
+++ b/src/detect.h
@@ -312,6 +312,10 @@ typedef struct Signature_ {
     /** Reference */
     Reference *references;
 
+    /* Be careful, this pointer is only valid while parsing the sig,
+     * to warn the user about any possible problem */
+    char *sig_str;
+
 #ifdef PROFILING
     uint16_t profiling_id;
 #endif
diff --git a/src/util-error.c b/src/util-error.c
index 4c3d5f5..d439249 100644
--- a/src/util-error.c
+++ b/src/util-error.c
@@ -187,6 +187,7 @@ const char * SCErrorToString(SCError err)
         CASE_CODE (SC_ERR_ERF_DAG_STREAM_SET_FAILED);
         CASE_CODE (SC_ERR_ERF_DAG_STREAM_READ_FAILED);
         CASE_CODE (SC_WARN_ERF_DAG_REC_LEN_CHANGED);
+        CASE_CODE (SC_WARN_COMPATIBILITY);
         CASE_CODE (SC_ERR_DCERPC);
 
         default:
diff --git a/src/util-error.h b/src/util-error.h
index 1ca9528..4d6a88b 100644
--- a/src/util-error.h
+++ b/src/util-error.h
@@ -188,6 +188,7 @@ typedef enum {
     SC_ERR_LIBCAP_NG_REQUIRED,
     SC_ERR_LIBNET11_INCOMPATIBLE_WITH_LIBCAP_NG,
     SC_WARN_FLOW_EMERGENCY,
+    SC_WARN_COMPATIBILITY,
 	SC_ERR_SVC,
     SC_ERR_ERF_DAG_OPEN_FAILED,
     SC_ERR_ERF_DAG_STREAM_OPEN_FAILED,
-- 
1.6.5