[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.1beta3-218-geac83be
OISF Git
noreply at openinfosecfoundation.org
Fri May 8 07:45:57 UTC 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via eac83be1216a554f99b668b053e8dd4f6cea6953 (commit)
via ddec92676d27ed68c9e767a178e7bd4685a083bf (commit)
via cf9da2be15e7042c20f96b6a573305f8d35268d4 (commit)
via d44eab82c1a015e3797a7aa4583072a121f8a2b7 (commit)
via f0c659f82f675a090fa08dacc008061a70db2550 (commit)
via 208d27abc76a8ab9280a91d9cfbdc16abe43b196 (commit)
via b12c53cd51ca1b24039c248f1eab6808d9686e4b (commit)
via 2918a75da1f3f74f1c57e5848e4e7a860854b945 (commit)
via cf839c931f90253afcc27f00ee159fe880f1a92a (commit)
from 04f3f5066d0ed7ef50b8413f7026d260c9009a75 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit eac83be1216a554f99b668b053e8dd4f6cea6953
Author: Ken Steele <ken at tilera.com>
Date: Thu Feb 6 10:22:17 2014 -0500
Formatting cleanup in detect-replace.c
Wrap lines longer than 80 characters
Add "static" for unit tests.
Use (void) for () for function arguments.
Add space after "while(" -> "while ("
Remove space after function names.
Put open bracket of function on a new line.
commit ddec92676d27ed68c9e767a178e7bd4685a083bf
Author: Ken Steele <ken at tilera.com>
Date: Thu Feb 6 10:12:24 2014 -0500
Add a comment for DetectReplaceList
Reworded a quote in PR 742 by Regit from Inliniac to explain why adding
the head of the list (really a FIFO) is the correct behavior.
commit cf9da2be15e7042c20f96b6a573305f8d35268d4
Author: Ken Steele <ken at tilera.com>
Date: Fri Dec 20 16:36:58 2013 -0500
Fix DetectReplaceAddToList
I see two problems:
1) If allocating a newlist fails, the function returns NULL, which then
leaks any existing list elements.
2) The code to add the new value to the list works for the first two, but
for not the third. For example, replist=A, A->next=B, B->next=NULL, then
adding C results in replist=A, A->next=C, C->next=NULL, B is lost.
The fix pushes new values onto the head of the list, which might not be
what is needed, but there are no comments on what the function does, so I
made an assumption.
commit d44eab82c1a015e3797a7aa4583072a121f8a2b7
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date: Thu Apr 16 12:40:17 2015 +0300
Fix bug #1435 (data loss when dumping payloads to JSON)
commit f0c659f82f675a090fa08dacc008061a70db2550
Author: Zachary Rasmor <zachary.r.rasmor at lmco.com>
Date: Fri Apr 24 14:28:32 2015 -0400
Fix Bug #1204
Fix typo that causes eve syslog settings code to be unreachable.
commit 208d27abc76a8ab9280a91d9cfbdc16abe43b196
Author: Victor Julien <victor at inliniac.net>
Date: Thu Apr 9 08:42:23 2015 +0200
stream: next_seq handling improvements
Allow next_seq updating to recover from cases where last_ack has been
moved beyond it. This can happen if ACK's have been accepted for missing
data that is later retransmitted.
This undoes some of the previous last_ack update changes
commit b12c53cd51ca1b24039c248f1eab6808d9686e4b
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date: Thu May 7 12:40:28 2015 +0300
Add timezone to timestamp in JSON logs
commit 2918a75da1f3f74f1c57e5848e4e7a860854b945
Author: David Cannings <david.cannings at nccgroup.com>
Date: Thu Apr 16 19:40:46 2015 +0100
Added support for full parsing of the rcode header in DNS answer
packets. Where rcode isn't "no error" this is displayed in both DNS and
JSON logs.
Note that this changes the current "No such domain" to "NXDOMAIN" in DNS
logs. This could be fixed if desired to maintain compatibility with
anybody crazy enough to parse the DNS log.
When the rcode is not "no error" (for example NXDOMAIN or SERVFAIL) it
is unlikely that there will be answer RRs. Therefore the rname from the
query is used.
Because the rcode applies to a whole answer packet (not individual
queries) it is impossible to determine which query RR caused the error.
Because of this most DNS servers currently reject multiple queries per
packet. Therefore each query RR is output instead with the relevant
error code, likely to be FORMERR if queries > 1.
commit cf839c931f90253afcc27f00ee159fe880f1a92a
Author: Victor Julien <victor at inliniac.net>
Date: Fri May 1 15:12:47 2015 +0200
tls: force 'raw' reassembly after each record
Trigger raw reassembly after each record and after the handshake.
-----------------------------------------------------------------------
Summary of changes:
src/app-layer-dns-common.c | 171 +++++++++++++++++++++++++++------------------
src/app-layer-dns-common.h | 23 +++++-
src/app-layer-dns-tcp.c | 28 ++++----
src/app-layer-dns-udp.c | 26 ++++---
src/app-layer-ssl.c | 7 ++
src/detect-replace.c | 83 ++++++++++++----------
src/log-dnslog.c | 13 ++--
src/output-json-alert.c | 39 ++++++-----
src/output-json-dns.c | 55 ++++++++++++++-
src/output-json.c | 2 +-
src/stream-tcp.c | 76 ++++++++++++++------
src/util-buffer.h | 2 -
src/util-time.c | 6 +-
13 files changed, 346 insertions(+), 185 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list