[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.1beta4-273-ga4bce14

OISF Git noreply at openinfosecfoundation.org
Fri Sep 4 10:38:25 UTC 2015 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  a4bce14770beee46a537eda3c3f6e8e8565d5d0a (commit)
       via  cb060f16fd4e6fea549fac98e752290cee84a8ba (commit)
       via  85b00dcfa06f558d7246d13851e4f61013bbba6a (commit)
       via  830dd324173c19186c6d600a9356ced61d8eb4fc (commit)
       via  371648a8c61e93b42f74263bcedb9d1b8b1af354 (commit)
       via  1e84950017e8e74b9449c23ab7a2b35f48aef0d9 (commit)
       via  8b3afb69862751f19c70fb82abeec07687e110ab (commit)
       via  a798cf9518192bb78432cddb43c848f31c22ba3f (commit)
      from  7281ae6e8014b50ab4e37b0b39c4dd739b5434b3 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit a4bce14770beee46a537eda3c3f6e8e8565d5d0a
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Aug 28 15:03:07 2015 +0200

    development tools: add script to setup detect module
    
    Simplify creation of a new detect module by creating a copy of the
    detect template. It sets the name and registers it in the build
    system. Finally it's registration function is called.

commit cb060f16fd4e6fea549fac98e752290cee84a8ba
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Nov 30 16:57:53 2012 +0100

    detect plugin: add template

commit 85b00dcfa06f558d7246d13851e4f61013bbba6a
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Aug 27 17:37:52 2015 +0200

    development tools: add script to setup new decoder
    
    Simplify creation of a new decoder.

commit 830dd324173c19186c6d600a9356ced61d8eb4fc
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Aug 25 18:08:55 2015 +0200

    decoder: add template/example
    
    Add fictional example / template for a packet decoder. It's not invoked
    anywhere.

commit 371648a8c61e93b42f74263bcedb9d1b8b1af354
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Jul 9 21:45:15 2015 +0200

    lua: TLS support
    
    Support TLS in Lua detection scripts.
    
    function init (args)
        local needs = {}
        needs["tls"] = tostring(true)
        return needs
    end
    
    function match(args)
        version, subject, issuer, fingerprint = TlsGetCertInfo();
        if version == nil then
            return 0
        end
        str = string.format("Version %s\nIssuer %s\nSubject %s\nFingerprint %s",
                            version, issuer, subject, fingerprint)
        SCLogInfo(str);
        return 1
    end

commit 1e84950017e8e74b9449c23ab7a2b35f48aef0d9
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Jul 9 21:44:38 2015 +0200

    detect-lua: set direction

commit 8b3afb69862751f19c70fb82abeec07687e110ab
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Jul 9 21:42:38 2015 +0200

    lua: add direction support

commit a798cf9518192bb78432cddb43c848f31c22ba3f
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Sep 2 13:07:59 2015 +0200

    DNS: refactor tx completion logic
    
    Use simple bool values to track the transaction state in both directions.
    
    A tx is only created in two cases:
    1. full request parsed
    2. response parsed (request missing)
    
    This is true even for multi-packet TCP requests.
    
    This leads to the following tx completion logic for the request side:
    the presence of a tx implies the request is complete
    
    On the response side, we consider the tx complete when we have seen
    the response. If the DNS parser thinks the response was lost, we also
    flag the response side as complete.

-----------------------------------------------------------------------

Summary of changes:
 scripts/setup_decoder.sh                  |  85 +++++++++
 scripts/setup_simple_detect.sh            |  93 +++++++++
 src/Makefile.am                           |   3 +
 src/app-layer-dns-common.c                |  20 +-
 src/decode-template.c                     |  97 ++++++++++
 src/{log-tlsstore.h => decode-template.h} |  18 +-
 src/detect-lua-extensions.c               |   6 +-
 src/detect-lua-extensions.h               |   2 +-
 src/detect-lua.c                          |  23 ++-
 src/detect-template.c                     | 303 ++++++++++++++++++++++++++++++
 src/{log-tlsstore.h => detect-template.h} |  22 ++-
 src/detect.c                              |   2 +
 src/detect.h                              |   2 +
 src/util-lua-tls.c                        | 145 ++++++++++++++
 src/{log-tlsstore.h => util-lua-tls.h}    |  12 +-
 src/util-lua.c                            |  18 ++
 src/util-lua.h                            |   4 +
 17 files changed, 827 insertions(+), 28 deletions(-)
 create mode 100644 scripts/setup_decoder.sh
 create mode 100644 scripts/setup_simple_detect.sh
 create mode 100644 src/decode-template.c
 copy src/{log-tlsstore.h => decode-template.h} (71%)
 create mode 100644 src/detect-template.c
 copy src/{log-tlsstore.h => detect-template.h} (53%)
 create mode 100644 src/util-lua-tls.c
 copy src/{log-tlsstore.h => util-lua-tls.h} (81%)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list