[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-4.0.1-596-gefdc592

OISF Git noreply at openinfosecfoundation.org
Wed Mar 21 16:26:54 UTC 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  efdc592172008d99cff4aaaa47c3e528b27564d3 (commit)
       via  b479d1d47c2d194af16ab2d5f4e8e9dde609084f (commit)
       via  5c96e1df95166a890d0383e35557a24104c70559 (commit)
       via  b1dd41c9cda6855a8e9e947ed6feef1b30f43f7a (commit)
       via  c3a329d6e980b22e1e72e6f7a5f434e643afc151 (commit)
       via  53f63f749805a485a772fb732d1513e2876cb566 (commit)
       via  47ebef3af8be22a08e6321a9557d35975b97902e (commit)
       via  56e7afc4f7861d4cc274e637095025ed6b8fa5f8 (commit)
       via  caa2903f1fd543a89ee4edb3b6e90a2f22c9bbbf (commit)
       via  697a5a19780126526b9bafa29d538785ad4d6ec2 (commit)
       via  2cf2387e313cc42aac48dad81231fee4f832b86c (commit)
       via  0a72d5be96cc7500acfe6a3b108fa2472252227c (commit)
       via  975f413308ff8298de502e716a8c55b4e7700d45 (commit)
       via  e2aab10d29683f99da8dcb290467dd8622121c53 (commit)
       via  66b37d8689315140bea9924d6a5389bf6d42788d (commit)
      from  ba24bb82faa81d01ed00e4caa6262d6ce8013ffa (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit efdc592172008d99cff4aaaa47c3e528b27564d3
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Fri Mar 16 22:39:17 2018 +0100

    detect-tls-sni: use *_Register2 API functions
    
    Use *_Register2 API functions when registering 'tls_sni' detection
    keyword.

commit b479d1d47c2d194af16ab2d5f4e8e9dde609084f
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Fri Mar 16 22:17:34 2018 +0100

    detect-tls-cert-serial: use *_Register2 API functions
    
    Use *_Register2 API functions when registering 'tls_cert_serial'
    detection keyword.

commit 5c96e1df95166a890d0383e35557a24104c70559
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Fri Mar 16 22:08:03 2018 +0100

    detect-tls-cert-subject: use *_Register2 API functions
    
    Use *_Register2 API functions when registering 'tls_cert_subject'
    detection keyword.

commit b1dd41c9cda6855a8e9e947ed6feef1b30f43f7a
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Fri Mar 16 22:00:19 2018 +0100

    detect-tls-cert-issuer: use *_Register2 API functions
    
    Use *_Register2 API functions when registering 'tls_cert_issuer'
    detection keyword.

commit c3a329d6e980b22e1e72e6f7a5f434e643afc151
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Fri Mar 16 21:48:25 2018 +0100

    detect-tls-cert-fingerprint: use *_Register2 API functions
    
    Use *_Register2 API functions when registering 'tls_cert_fingerprint'
    detection keyword.

commit 53f63f749805a485a772fb732d1513e2876cb566
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Mar 20 08:27:24 2018 +0100

    nfs/rpc: improve RPCv2 parser, add GssApi
    
    Improve RPCv2 credentials parsing. Add GssApi and turn creds into
    an enum.
    
    Minor cleanups and optimizations.

commit 47ebef3af8be22a08e6321a9557d35975b97902e
Author: Victor Julien <victor at inliniac.net>
Date:   Sat Mar 17 22:17:41 2018 +0100

    nfs: minor cleanup

commit 56e7afc4f7861d4cc274e637095025ed6b8fa5f8
Author: Antoine LUONG <antoine.luong at c-s.fr>
Date:   Wed Feb 21 18:48:26 2018 +0100

    prelude: swap msg and class_msg in Prelude alert

commit caa2903f1fd543a89ee4edb3b6e90a2f22c9bbbf
Author: Antoine LUONG <antoine.luong at c-s.fr>
Date:   Tue Feb 20 16:36:13 2018 +0100

    prelude: fix duplicated analyzer in Prelude alert

commit 697a5a19780126526b9bafa29d538785ad4d6ec2
Author: Danny Browning <danny.browning at protectwise.com>
Date:   Tue Feb 27 08:46:24 2018 -0700

    pcap/file: fix missing files stopping engine #2451
    
    https://redmine.openinfosecfoundation.org/issues/2451
    
    When a missing (or empty named) file is passed to source-pcap-file while
    using unix socket, the pcap processing thread will incorrectly be stopped,
    and no longer available for subsequent files.

commit 2cf2387e313cc42aac48dad81231fee4f832b86c
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date:   Sun Jan 21 11:21:40 2018 +0000

    rules: optimize bidir rules with same src/dst
    
    As an optimization, reset bidirectional flag for rules with same src and dst.
    If one created bidirectional rule like 'alert tcp any any <> any any ...',
    the rule was checked twice (for each packet in every direction). This is
    suboptimal and may give duplicated alerts. To avoid this, bidirectional
    rules are now checked for the same src and dst (addresses and ports) and
    if it's the case, the rule is treated as unidirectional and a corresponding
    message is logged.

commit 0a72d5be96cc7500acfe6a3b108fa2472252227c
Author: Eric Leblond <eric at regit.org>
Date:   Tue Mar 20 22:15:27 2018 +0100

    doc: fix typo in unix socket doc
    
    Also fixes a dead link to code.

commit 975f413308ff8298de502e716a8c55b4e7700d45
Author: Eric Leblond <eric at regit.org>
Date:   Tue Mar 20 22:06:19 2018 +0100

    doc: more info on unix socket rule reload

commit e2aab10d29683f99da8dcb290467dd8622121c53
Author: Eric Leblond <eric at regit.org>
Date:   Tue Mar 20 21:55:59 2018 +0100

    doc: fix typo in ebpf xdp doc

commit 66b37d8689315140bea9924d6a5389bf6d42788d
Author: Eric Leblond <eric at regit.org>
Date:   Tue Mar 20 21:04:20 2018 +0100

    suricata.yaml: fix some spelling mistakes

-----------------------------------------------------------------------

Summary of changes:
 doc/userguide/capture-hardware/ebpf-xdp.rst   |   6 +-
 doc/userguide/rule-management/rule-reload.rst |  10 +-
 doc/userguide/unix-socket.rst                 |  15 +-
 rust/src/nfs/nfs.rs                           |  23 +-
 rust/src/nfs/rpc_records.rs                   | 124 +++++----
 src/alert-prelude.c                           |  22 +-
 src/detect-engine-address.c                   |  32 +++
 src/detect-engine-address.h                   |   2 +
 src/detect-engine-port.c                      |  59 ++++
 src/detect-engine-port.h                      |   3 +
 src/detect-engine-tls.c                       | 382 --------------------------
 src/detect-engine-tls.h                       |  39 ---
 src/detect-parse.c                            | 120 +++++++-
 src/detect-tls-cert-fingerprint.c             |  45 ++-
 src/detect-tls-cert-issuer.c                  |  46 +++-
 src/detect-tls-cert-serial.c                  |  46 +++-
 src/detect-tls-cert-subject.c                 |  46 +++-
 src/detect-tls-sni.c                          |  44 ++-
 src/source-pcap-file.c                        |  58 ++--
 suricata.yaml.in                              |  60 ++--
 20 files changed, 582 insertions(+), 600 deletions(-)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list