[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-3.2-14-gffcb4ad

OISF Git noreply at openinfosecfoundation.org
Fri Dec 16 20:30:43 UTC 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  ffcb4ad232da6250199477d413ae13fee6d2a945 (commit)
       via  10c93221faf841e0819c4d84604ced63500fd1e1 (commit)
       via  554065189c6734c52467d107aac30f7e77441fa4 (commit)
       via  810e43f373480662c5092aa3d3de81479711abe7 (commit)
       via  79a3c6c7b1f1b2a99191ff8df4deb43f12c9c547 (commit)
       via  41074a87a02daae8a225316672bd536d1e428400 (commit)
       via  a44b612a4172885dea288ec7a55d07ba088b7728 (commit)
       via  579d6d3ff77af42d3d7d1b85a68a1f55c704fbf3 (commit)
      from  94bc7e5f5f4756e0a4495227ee6dde2c7bba85ef (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit ffcb4ad232da6250199477d413ae13fee6d2a945
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Fri Dec 16 14:43:43 2016 +0100

    tls: fix tls_cert_subject prefilter bug
    
    If check in prefilter was checking that issuer was non-NULL, when
    it in fact should be checking subject.

commit 10c93221faf841e0819c4d84604ced63500fd1e1
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Fri Dec 16 13:04:03 2016 +0100

    tls: increase max number of tls records per packet
    
    Tls packets may contain several records. This increase the number
    of allowed records per packet from 30 to 255, and adds a new and
    more informative decoder event when this limit is reached.

commit 554065189c6734c52467d107aac30f7e77441fa4
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Tue Dec 13 14:56:26 2016 +0100

    tls: don't trigger decoder event on no extensions in CLIENT_HELLO
    
    No extensions are allowed in <TLSv.1.2, so don't trigger SURICATA
    TLS handshake invalid length decoder event when no extensions are
    specified in CLIENT HELLO.

commit 810e43f373480662c5092aa3d3de81479711abe7
Author: Victor Julien <victor at inliniac.net>
Date:   Sun Nov 13 08:36:25 2016 -0500

    magic: make optional
    
    Make libmagic optional. If installed it will be enabled by default in
    configure. Use --disable-libmagic to disable.

commit 79a3c6c7b1f1b2a99191ff8df4deb43f12c9c547
Author: Jason Ish <ish at unx.ca>
Date:   Thu Dec 15 12:36:25 2016 -0600

    log-pcap: use a snaplen of 262144 instead of -1.
    
    Newer versions of libpcap will not open pcap files with a
    snaplen of -1, instead use the current maximum value of
    262144.
    
    Issue:
    https://redmine.openinfosecfoundation.org/issues/1987

commit 41074a87a02daae8a225316672bd536d1e428400
Author: Victor Julien <victor at inliniac.net>
Date:   Sun Dec 4 11:10:18 2016 +0100

    doc: DNP3 support is now available

commit a44b612a4172885dea288ec7a55d07ba088b7728
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Dec 16 12:11:18 2016 +0100

    hostbits/xbits: free hostbit
    
    Fix memory leak. Hostbits were not actually freed.
    
    Bug #1975.

commit 579d6d3ff77af42d3d7d1b85a68a1f55c704fbf3
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Dec 13 10:23:21 2016 +0100

    http: allow lower/mixed case in proto detect
    
    In HTTP detection registered patterns were upper case only. Since the
    detection is based on both sides this would still work for sessions
    where one of the talkers misbehaved. If both sides misbehave this
    would fail however, so this patch introduces case insensive matching.

-----------------------------------------------------------------------

Summary of changes:
 configure.ac                          | 63 ++++++++++++++++++++---------------
 doc/userguide/rules/dnp3-keywords.rst |  2 --
 rules/tls-events.rules                |  3 +-
 src/app-layer-htp.c                   |  4 +--
 src/app-layer-ssl.c                   | 11 ++++--
 src/app-layer-ssl.h                   |  1 +
 src/detect-engine-siggroup.c          |  3 +-
 src/detect-engine-tls.c               |  2 +-
 src/detect-filemagic.c                | 24 +++++++++++++
 src/detect-filemagic.h                |  5 +--
 src/detect.c                          |  4 +--
 src/detect.h                          |  2 ++
 src/host-bit.c                        |  1 +
 src/log-file.c                        |  4 +--
 src/log-filestore.c                   |  3 +-
 src/log-pcap.c                        |  4 ++-
 src/output-file.c                     |  4 +--
 src/output-filedata.c                 |  3 +-
 src/output-json-file.c                |  2 ++
 src/suricata-common.h                 |  4 +++
 src/suricata.c                        | 11 ++++--
 src/util-error.c                      |  1 +
 src/util-error.h                      |  1 +
 src/util-file.c                       |  8 ++---
 src/util-file.h                       |  2 ++
 src/util-lua-common.c                 |  8 ++++-
 src/util-magic.c                      |  5 +--
 src/util-magic.h                      |  4 +--
 src/util-var.c                        |  2 +-
 src/util-var.h                        |  2 ++
 30 files changed, 133 insertions(+), 60 deletions(-)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list