[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-1.3beta1-94-ge3764b9

Anoop Saldanha anoopsaldanha at gmail.com
Fri Jun 8 16:37:26 UTC 2012 

On Fri, Jun 8, 2012 at 10:05 PM, Anoop Saldanha <anoopsaldanha at gmail.com> wrote:
> On Fri, Jun 8, 2012 at 9:28 PM, Pierre Chifflier <pollux at debian.org> wrote:
>>> commit 270ea253a24f1759d9c36d6b34abd6360c5633b0
>>> Author: Anoop Saldanha <poonaatsoc at gmail.com>
>>> Date:   Fri May 18 21:18:30 2012 +0530
>>>
>>>     ssl parser fix/updates
>>
>> Hi all,
>>
>> This commit really looks wrong to me. Not only does it change
>> everything, but it also break some features.
>> For example, it removes the ability to extract the ciphersuite,
>> compression method etc. from the handshake.
>>
>> It deletes the function DecodeTLSHandshakeServerHello which is really
>> important for all of the TLS functions. (see changes on files
>> rc/detect-ssl-version.c and rc/detect-ssl-version.h)
>>
>

btw, detect-ssl-version.c and rc/detect-ssl-version.h, didn't use any
state set by DecodeTLSHandshakeServerHello().

> At that point of time, none of those vars were used.  Removed all
> state vars that were not being used.  Either ways
> DecodeTLSHandshakeServerHello() had bugs, and there was no point
> fixing it, if we are not using it.  I should have probably made a
> separate commit removing that function, so that's a mistake on my part
> and my apologies on that.  You can reintroduce the function, but yeah
> you will have to fix it.
>
>> I have not reviewed all of the patch, but most changes are really
>> intrusive so I would ask either to revert it, or to split it into
>> smaller parts. It would also be nice to warn people working on other
>> branches before pushing such big changes, as it completely breaks work
>> from Eric and I.
>>
>
> Those changes were necessary as a part of some fixes/updates.
> Rebasing your commits would be really hard, but it would be easier to
> just copy paste the new code from your commits.  The changes are very
> simple.  It vars are now accessed using state->curr_connp.
>
> I was about to send you folks a mail on the new changes btw.  Guess
> you beat me to it.
>
>> Cheers,
>> Pierre
>> _______________________________________________
>> Oisf-devel mailing list
>> Oisf-devel at openinfosecfoundation.org
>> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
>
>
>
> --
> Anoop Saldanha



-- 
Anoop Saldanha

More information about the Oisf-devel mailing list