[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.1beta1-122-ga54f522

OISF Git noreply at openinfosecfoundation.org
Thu Oct 23 07:04:07 UTC 2014

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  a54f52278b351ae445fed03502a8f68a1518ef92 (commit)
       via  ce472d88be9e9d8342150de8ff1b084c8f7fbadc (commit)
       via  5834a1a6192d4d2de861064b272abe7324ba1f95 (commit)
       via  e7a909f4ae3ee1c99fb1bedcb01111a1f9ae0f41 (commit)
       via  59d12f334e134ffa3f180800cd1a8d71971d770d (commit)
       via  a68e19d998acf2ae5239d7c798008c144761f5a5 (commit)
       via  e4c8084a75b24d159993f34fc7cf254086a2eb57 (commit)
      from  8c09648ad0ce91b221410d99795c9d7f01a68278 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit a54f52278b351ae445fed03502a8f68a1518ef92
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 16 18:38:19 2014 +0200

    stream: fix 'bad window update' false positive
    ACK packets completing a valid FIN shutdown could be flagged as
    'bad window update' if they would shrink the window.
    This patch detects this case before doing the bad window update

commit ce472d88be9e9d8342150de8ff1b084c8f7fbadc
Author: Tom DeCanio <decanio.tom at gmail.com>
Date:   Fri Oct 10 09:40:37 2014 -0700

    sanity check tcp SACK edges prior to recording. Attempt to avoid Cisco ASA
    tcp randomization issue with it not properly writing sequence numbers in SACK.

commit 5834a1a6192d4d2de861064b272abe7324ba1f95
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 16 14:59:38 2014 +0200

    stream: improve handling of 3whs packet loss
    If the 3whs ACK and some data after this is lost, we would get stuck
    in the 'SYN_RECV' state, where from there each packet might be
    considered invalid.
    This patch improves the handling of this case.

commit e7a909f4ae3ee1c99fb1bedcb01111a1f9ae0f41
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 16 14:54:22 2014 +0200

    stream: fix ssh/ssl logging on tcp session reuse
    TCP session reuse wouldn't unset FLOW_NO_APPLAYER_INSPECTION.

commit 59d12f334e134ffa3f180800cd1a8d71971d770d
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 16 14:41:59 2014 +0200

    ssh.softwareversion: allow more characters
    The keyword would not allow matching on "OpenSSH_5.5p1 Debian-6+squeeze5"
    as the + and space characters were not allowed.
    This patch adds support for them.

commit a68e19d998acf2ae5239d7c798008c144761f5a5
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 16 11:17:06 2014 +0200

    stream: add counter for failed pseudo setups
    Stream pseudo packets are taken from the packet pool, which can be empty.
    In this case a pseudo packet will not be created and processed.
    This patch adds a counter "tcp.pseudo_failed" to track this.

commit e4c8084a75b24d159993f34fc7cf254086a2eb57
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Oct 16 10:31:47 2014 +0200

    stream: clean up pseudo packet counting
    Increment the counter from StreamTcpPseudoPacketCreateStreamEndPacket.


Summary of changes:
 src/detect-ssh-software-version.c |    2 +-
 src/stream-tcp-sack.c             |   92 +++++++++++++++++++++++++++++
 src/stream-tcp.c                  |  117 ++++++++++++++++++++++++++++++-------
 src/stream-tcp.h                  |    2 +
 4 files changed, 191 insertions(+), 22 deletions(-)


More information about the Oisf-devel mailing list