[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.1beta4-137-g32563d5

OISF Git noreply at openinfosecfoundation.org
Thu Jun 18 10:05:18 UTC 2015 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  32563d51d155decb77fea6af8f3616feb7f01e7d (commit)
       via  573d082219482b985d80defc38886fdde0645d18 (commit)
       via  3163a5757726c41a52acee014398a683eee9ea70 (commit)
       via  9f52bdd1e5541e8a1c3be406422fd5b555d7f9d4 (commit)
       via  423d5fd0de58c793985d03f052b175791e889a7a (commit)
       via  79d34f4575d55f793ee2cfaf176f458550d243dd (commit)
       via  8f1998e35fc5e58b701f3973f68d9cf0804b1a73 (commit)
       via  a459376d2e0e04937cdf603b5d8d8c86549ce2bf (commit)
      from  80615f7d43f500b6ca64324dcfd0b43cecea164f (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 32563d51d155decb77fea6af8f3616feb7f01e7d
Author: Giuseppe Longo <giuseppelng at gmail.com>
Date:   Mon Jun 8 14:06:24 2015 +0200

    http: rework UT
    
    This reworks UT based on
    commit 320355570863dfa6376c9d2af875495ccc8a199f

commit 573d082219482b985d80defc38886fdde0645d18
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Jun 3 18:16:33 2015 +0200

    http: memcap HTTP server inspect body code

commit 3163a5757726c41a52acee014398a683eee9ea70
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Jun 3 18:15:55 2015 +0200

    smtp file_data: fix wrong free

commit 9f52bdd1e5541e8a1c3be406422fd5b555d7f9d4
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Jun 3 12:11:22 2015 +0200

    flow timeout: prevent dead locks
    
    The flow timeout mechanism called both from the flow manager at run time
    and at shutdown creates pseudo packets. For this it has it's own packet
    pool, which can be depleted if the timeout logic is faster than the packet
    processing threads. In this case the flow timeout would enter a wait loop.
    The problem however, is that this wait loop would happen while keeping a
    flow locked. This could lead to a race condition when the packet thread(s)
    are waiting for the lock that the flow manager has.
    
    This patch introduces a new packet pool call 'PacketPoolWaitForN', meant
    to make sure that the thread's packet pool has at least N available
    packets. The flow timeout paths use this to make sure enough packets are
    available *before* grabbing the flow lock. If there aren't enough packets
    available yet, the wait happens before the lock as well.
    
    This still means the wait can happen while the flow hash row is locked, so
    we do make sure some more packets are available when entering that. But
    perhaps in the future we need a more precise logic there as well.

commit 423d5fd0de58c793985d03f052b175791e889a7a
Author: Victor Julien <victor at inliniac.net>
Date:   Sun May 31 10:53:42 2015 +0200

    http: improve inline body tracking
    
    Rewrite the sliding window handling for IPS mode for the server body.
    
    The buffer used will have the following properties:
        left edge: inspected data - window_size
        right edge: the most recent data
    
    Due to handling of compressed bodies, the data can be much bigger than
    the configured window size.

commit 79d34f4575d55f793ee2cfaf176f458550d243dd
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Jun 2 13:31:47 2015 +0200

    http: body pruning update
    
    Take inspect limits into account. Consider per direction inspect settings.

commit 8f1998e35fc5e58b701f3973f68d9cf0804b1a73
Author: Giuseppe Longo <giuseppelng at gmail.com>
Date:   Mon May 11 19:48:32 2015 +0200

    hsbd: inspect buffer depending on the engine mode
    
    Currently, data is buffered up to response-body-minimal size
    and response-body-inspect-window before being inspected.
    With this, in IPS mode, inspect data as it comes in up.
    
    The sliding window concept is used here,
    some data chunks are copied into the window (buffer)
    then it's inspected.

commit a459376d2e0e04937cdf603b5d8d8c86549ce2bf
Author: Giuseppe Longo <giuseppelng at gmail.com>
Date:   Thu May 28 13:42:28 2015 +0200

    app-layer-htp: add http_body_inline setting

-----------------------------------------------------------------------

Summary of changes:
 src/app-layer-htp-body.c          |  28 +-
 src/app-layer-htp-body.h          |   2 +-
 src/app-layer-htp.c               |  19 +-
 src/app-layer-htp.h               |   1 +
 src/detect-engine-filedata-smtp.c |   2 +-
 src/detect-engine-hsbd.c          | 927 +++++++++++++++++++++++++++++++++++---
 src/detect-engine.c               |   5 +-
 src/flow-manager.c                |  13 +-
 src/flow-timeout.c                |   3 +
 src/tmqh-packetpool.c             |  51 +++
 src/tmqh-packetpool.h             |   1 +
 suricata.yaml.in                  |   4 +
 12 files changed, 987 insertions(+), 69 deletions(-)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list