[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-1.3beta1-94-ge3764b9

Anoop Saldanha anoopsaldanha at gmail.com
Fri Jun 8 16:35:37 UTC 2012


On Fri, Jun 8, 2012 at 9:28 PM, Pierre Chifflier <pollux at debian.org> wrote:
>> commit 270ea253a24f1759d9c36d6b34abd6360c5633b0
>> Author: Anoop Saldanha <poonaatsoc at gmail.com>
>> Date:   Fri May 18 21:18:30 2012 +0530
>>
>>     ssl parser fix/updates
>
> Hi all,
>
> This commit really looks wrong to me. Not only does it change
> everything, but it also break some features.
> For example, it removes the ability to extract the ciphersuite,
> compression method etc. from the handshake.
>
> It deletes the function DecodeTLSHandshakeServerHello which is really
> important for all of the TLS functions. (see changes on files
> rc/detect-ssl-version.c and rc/detect-ssl-version.h)
>

At that point of time, none of those vars were used.  Removed all
state vars that were not being used.  Either ways
DecodeTLSHandshakeServerHello() had bugs, and there was no point
fixing it, if we are not using it.  I should have probably made a
separate commit removing that function, so that's a mistake on my part
and my apologies on that.  You can reintroduce the function, but yeah
you will have to fix it.

> I have not reviewed all of the patch, but most changes are really
> intrusive so I would ask either to revert it, or to split it into
> smaller parts. It would also be nice to warn people working on other
> branches before pushing such big changes, as it completely breaks work
> from Eric and I.
>

Those changes were necessary as a part of some fixes/updates.
Rebasing your commits would be really hard, but it would be easier to
just copy paste the new code from your commits.  The changes are very
simple.  It vars are now accessed using state->curr_connp.

I was about to send you folks a mail on the new changes btw.  Guess
you beat me to it.

> Cheers,
> Pierre
> _______________________________________________
> Oisf-devel mailing list
> Oisf-devel at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel



-- 
Anoop Saldanha



More information about the Oisf-devel mailing list