[Oisf-devel] [COMMIT] OISF annotated tag, suricata-3.1RC1, created. suricata-3.1RC1
OISF Git
noreply at openinfosecfoundation.org
Tue Jun 7 12:58:16 UTC 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The annotated tag, suricata-3.1RC1 has been created
at fc42d1fcde7601baa41c8c564beea458914dc8f0 (tag)
tagging d4f84455640a3af9fd86c325627ad5aef305a269 (commit)
replaces suricata-3.0.1
tagged by Victor Julien
on Tue Jun 7 14:57:04 2016 +0200
- Log -----------------------------------------------------------------
Tag 3.1RC1 release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJXVsSvAAoJEMH0leOSaFa0OVgH/2vLr000l3KC2VC09fNVn/Cb
+/vdjPp+QRwgzzWEbzcwaeuwiu1BgR0uDJjDyRB9Jzcwsb1lMs4o8/1RXRNYiPfn
Bx2m9edItyhe+hsYBjaARIHXd6vG6zIbBlzCahOvFagDkkpL9FV5PKF6ohf1JRhx
I9yOa2z7yC3XtRULAYjDeFG9Gd5W9cCpCOLrSkLtsGc/1+aZY9duSGujYXMXidlY
DbhszL89jC4GMiXm8z4hzeLPvJF5iKQo7vqyvP7jvJGCMWHtzxauYZZJFkWs98j/
A4nL2H8pqgbkJ/I84qCnCceK9JKMG56pHGaV6fkTq9cQvp3G1TNomDZVUSY0TLs=
=V0n4
-----END PGP SIGNATURE-----
Aleksey Katargin (1):
netmap: close sw ring before hw rings
Alexander Gozman (1):
Support sending rejects via libnet when running under non-root.
Andreas Herz (2):
suricata: fix double packet processing threads
detect-filemagic: fix heap-use-after-free
Arturo Borrero Gonzalez (1):
src/: fix typo: receieved vs received
DIALLO David (1):
modbus: fix AddressSanitizer error (segmentation fault)
Eric Leblond (26):
prscript: update logic of sync with master test
detect-msg: fix option parsing
config-test: fix memory leak detect by ASAN
af-packet: avoid test for each packet
af-packet: micro optimization
af-packet: remove useless code
af-packet: tpacket_v3 implementation
af-packet: cleaning and hole hunting
af-packet: continuing cleaning and hole hunting
af-packet: AFPWalkBlock error handling
af-packet: pack AFPPeer structure
af-packet: put ring setup in a separate function
af-packet: configurable tpacket_v3 block size
af-packet: configurable tpacket_v3 block timeout
af-packet: add option to use memory locked mmap
af-packet: detect availability of tpacket_v3
af-packet: use mmap capture by default
af-packet: reset stats at start of capture
af-packet: make mmap options parsing conditional
af-packet: ask for hardware timestamp
af-packet: fix some typos in yaml
af-packet: print errno on mmap error
af-packet: use time() instead of GetTime()
prscript: fix error handling
coverity: fix CID 1362014
util-ioctcl: increase header size
Jason Ish (13):
tests: convert all test to return 0 on failure, 1 on success
tests: no longer necessary to provide successful return code
testing: new test macros, new testing documentation group.
conf: use new testing macros
counters: use some of the new macros in tests
flowbits: use some of the new test macros
doxygen: define UNITTESTS to generate test framework docs
smb: check that there is enough input data
sources: allow interface definitions to be reordered
configure.ac: escape $srcdir when used in a variable
typos: surictsc -> suricatasc
typo: SURCATA -> SURICATA
tls-json-log: register module as tls-json-log, not dns-json-log
Justin Viiret (15):
spm: add SinglePatternMatchDefaultMatcher
suricata.yaml: document spm-algo option
spm: add and use new SPM API
spm: add Hyperscan implementation
spm: add "spm-algo: auto" setting
spm: handle null ptrs in destroy funcs gracefully
mpm-hs,spm-hs: don't call hs_scan() for zero bytes
mpm-hs: make errors from hs_scan() fatal
app-layer-smtp: init mpm thread ctx after prepare
detect-engine: adjust unit tests for hs mpm
app-layer-detect-proto: pass mpm_ctx to DestroyCtx
app-layer-detect-proto: use mpm-algo
mpm: add "auto" default for mpm-algo
detect-engine: log MPM/SPM matchers being used
app-layer-smtp: free mpm contexts on shutdown
Mats Klepsland (28):
app-layer-tls-handshake: remove duplicate include
app-layer-tls-handshake: code cleanup
app-layer-ssl: code cleanup
util-decode-der: code cleanup
util-decode-der-get: code cleanup
util-decode-der: fix hang detected by AFL
QA: add --afl-der=<file>
afl: add support for AFL PERSISTANT_MODE
tls-sni: fix alignment issues
tls: make TX aware
tx: do not store ProgressCompletionStatus per ipproto
tx: add functions for logging
tls: register logger functions
dns: register logger functions
smtp: register logger functions
http: register logger functions
modbus: register logger functions
template: register logger functions
output: add new logger to log at specified state
output-lua: use LuaTxLogger for TLS
tlslog: use TxLogger
jsontls: use TxLogger
output: allow more than one TLS logger
tls: change flag checking in SSLParserTest23
output: add new tx logger to log at certain condition
tlsstore: use TxLogger
tlsstore: fix memleak
detect: add (mpm) keyword for tls_sni
Torgeir Natvig (1):
lua_close() segfaults on null pointers
Victor Julien (276):
Open Suricata 3.1 development branch
mpm: introduce ac-ks
ac-ks: fix mem leaks
ac-ks: 32bit fixes
detect mpm: ac-tile/ac-ks default to single
mpm: fix ac-ks compilation on cygwin
mpm: remove obsolete mpm algos
detect: constify mpm/detect funcs
detect/mpm: remove unused max_id param from API
detect mpm: remove dead code
detect: remove dead code
detect: validate http_method pattern
detect: SYN flags
rule analyzer: add no/both direction warning
Start rule inspect with mask check
detect: delay sgh mpm setup
detect: delay sgh cleanup
detect: pass ipproto to rule grouping funcs
detect: track direction and ipproto of sgh
detect: per port and proto rule grouping
detect: debug output
detect: remove obsolete grouping code
detect-mpm: make sgh setup proto aware
detect: group proto sghs
detect: display unique sgh count
detect: sort/group port sigs
detect: change port grouping
detect: make port grouping use config limits
detect: remove unused grouping settings
detect: rename groupings vars
detect: set new defaults for grouping
detect: remove old unused code
detect: mpm deduplication
detect: use mpm store for app layer mpms
detect: mpm store frees mpm_ctx' it owns
mpm: constify search func args
detect: split non-mpm list into syn/nosyn
detect grouping: warn on and fix up bad sigs
detect grouping: port based group whitelisting
detect grouping: multiple whitelist conditions
detect: simplify negated mpm handling
proto detect: in mpm switch to rule id
smtp: use rule_id mpm support instead of pattern id
mpm: ac use internal pattern id tracking
mpm: ac-bs use internal pattern id tracking
mpm: remove pattern id logic
detect: add list id to string funcs
detect: output sgh stats
detect: free lookup structures
detect sgh: remove unused field
detect: remove unused flag
detect: clean up sgh's at detect engine free
detect: remove unused dport sgh hash
detect-port: cleanup
detect address: remove unused features
detect mpm: remove unused mpm flags
detect mpm: fast_pattern assignment cleanup
detect mpm: mpm store cleanup
detect: remove stream pmq array
mpm: remove unused pmq merge function
detect: remove signature pattern id reference
mpm: improve negated mpm
mpm: unify & localize mpm pattern (id) handling
detect: move app_mpms array to init data
detect: shrink sgh
detect: assign id to sgh
profiling: initial rulegroup tracking
detect: move sm_list to string funcs to parser code
profiling: output post-prefilter matches
mpm: remove unused structure
mpm: cleanup, remove unused structs and prototypes
mpm: cleanup: move mpm funcs into buffer specific files
http_uri: mpm cleanup. Use mpm_ctx's minlen
mpm: optimize calls
detect: remove unused content minlen tracking
detect: optimize sgh layout
http_raw_header: improve mpm progress handling
detect/mpm: unify packet/stream mpm_ctx pointers
mpm: consify packet/stream search
rule grouping: speed up port based grouping
detect: work around cocci limitation
mpm: in factory register, consider name const
mpm: remove unused app proto factory
mpm: remove useless flag from factory
mpm: refactor 'single' setup handling
mpm: allow app buffer shared/unique
mpm: always cleanup factory
mpm: clean up builtin mpm setup, enable single/full
yaml: convert detect-engine to just detect
detect: suppress output
detect: make port whitelisting configurable
detect grouping: make json dump configurable
detect grouping: remove debug mem counters
detect-address: remove debug mem counters
detect-port: remove debug mem counters
detect-address: remove sgh pointer as it's unused
detect-port: improve comment about sgh pointer
detect: shrink IPOnlyCIDRItem with 8 bytes
detect-flowvar: shrink mem structure by 8 bytes
mpm: remove unused max pattern len field
detect: don't set unused variable
detect: fix scan-build warning
detect: fix error handling in mpm setup
tcp: reduce TCP options storage in packets
autotools: add AS_VERSION_COMPARE stub for CentOS 5
dns: improve handling of tx pick up on response
detect parser: add parse regex util function
detect keywords: use parse regex util func
startup: move RunUnittests to StartInternalRunMode
startup: move more into PostConfLoadedSetup
detect reload: improve signal logic
afl: add define to disable rand_r use
afl: add define to disable mgt threads
afl: special 'single' runmode
afl: add --afl-parse-rules to return 0 on any rule
afl: optionally exit right after afl single runmode
afl: add --enable-afl configure option
QA: direct access from commandline to AppLayer API
QA: expose Mime decoding API to commandline using --afl-mime=<file>
QA: add --afl-decoder-ppp=<file>
configure: don't use AC_DISABLE_SHARED as it breaks OSX
readme: initial readme for github
instance: add progname as ptr to argv[0]
commandline: move pcap parsing into util func
commandline: move afpacket parsing into util func
pcap: unify -i and --pcap parsing
commandline: use afpacket for -i if available
commandline: add -i arg check
capture: only check for faster methods on -i
stream-tcp: unify ssn clean up functions
stream-tcp: introduce stream cleanup function
stream-tcp: improve test function cleanup
dns: don't read uninitialized memory in name parsing
pcap: small cleanups
QA: --afl-rules for faster rule fuzzing
lua: print lua script func/line/file in SCLog* funcs
smtp: fix file logging and matching
smtp/mime: allow unquoted name/filename fields
detect state: fix issues with multiple files per tx
smtp: flag detect state that new files are available
http: flag destate about new files
debug: add various detect engine debug statements
detect file: cleanups
detect file: improve multi file handling
smtp: fix test
runmodes: constify names
cppcheck: fix harmless warnings
stats: fix stats.log ignoring null-values for threads
coverty: fix dead code warning
profiling: suppress inferior version of UtilCpuGetTicks warning
decode-mime: don't call memcpy on NULL pointer
tcp: fix alignment issues with tcp timestamps
flow: fix alignment issues
host: fix alignment issues
ippair: fix alignment issues
decode: don't call memcpy on NULL-ptr on pseudo packets
detect port: fix integer handling in hashing
dcerpc: improve integer handling
smb: improve integer handling
tcp sack: fix alignment issues
yaml: initialize var to prevent uninitialized read
yaml: minor cleanup
pcre: initialize var before use
unittests: don't call memcpy on NULL-ptr
ac-ks: fix integer handling issue
ipv6: fix alignment issue in address to string code
detect: add missing sigorder case
flowint: redo tests
flow: remove unused debug code
flow queue handler: use int16_t
sources: fix netmap compilation and pcap setup
thread storage: fix memset 0 after realloc
app-layer: test fixes
detect app-layer-event: fix tests
tcp sack: improve tests
qa: update drmemory suppressions for hyperscan spm matching
ipv4: shrink per packet ipopts storage
ipv4: store ipopts as flags, not bools
ipv4: removed unused variables
detect-ipopts: cleanup
detect-ipopts: optimize matching
ipv6: simplify ext hdr parsing and storage
defrag: work around packet creation issues
ipv6: simplify ext hdr parsing
detect: split detect entry into flow/noflow
flow: get flow reference during lookup
flow: move flow handling into worker threads
time: improve offline time handling
detect: simplify flow locking
flowworker: initial support
flow: remove dead code
autofp: update queue handlers
streaming: buffer API
http body handling: use streaming buffer API
http: add per direction config for body parsing
http: move body settings into per dir struct
http: make htpstate cfg ptr const
http: improve body inspection
file: switch to streaming buffer API
af-packet: CentOS6 build fixes
coverity CID 1362013: Control flow issues (NESTING_INDENT_MISMATCH)
coverity: CID 1362012: Incorrect expression (EVALUATION_ORDER)
coverity: CID 1362011: Control flow issues (DEADCODE)
dns: add support for sshfp records
ac: allow use of 31bits of pid space instead of 16
flow worker: set up decoder thread vars
isdataat: remove unused code
smtp: improve thread data use
drmemory: broader suppressions for hyperscan
stream-tcp: no longer register as a thread module
stream-tcp: more cleanups
detect: no longer a thread module
thread modules: remove unused id's
debug: fix compiler warnings
flow worker: profiling
flow worker: move UDP app-layer into main function
logging: clean up at shutdown
yaml: move vars to the top
yaml: move rules up in the file
yaml: move logging up
yaml: move afpacket, pcap, pcap-file up
yaml: move app layer up
yaml: introduce 'advanced settings'
yaml: move outputs to the logging step
yaml: add netfilter section
yaml: add hw accel section, move cuda there
yaml: create advancted sections
yaml: more reshuffling
yaml: add performance tuning section
yaml: improved defaults and misc cleanups
yaml: file logging at info level
yaml: new defaults for outputs
yaml: move classification etc below the rules
yaml: improve capture comments
yaml: make eve log in yaml depend on libjansson
af-packet: use better defaults if config is missing
profiling: allow packet profiling to be reset
pfring: improve profiling
pfring: cleanup
profiling: fix compilation if libjansson is missing
yaml: remove conf_filename global
yaml: replace ac-tile by ac-ks
detect: make pattern matcher messages less verbose
flow-worker: small cleanups
ac-ks: don't allow use on big-endian
instance: memset to 0 before use
instance: use enum for runmode
netmap: implement 'threads: auto'
netmap: handle missing config with better defaults
netmap: reduce verbosity at startup
netmap: get correct RSS queues on Linux as well
netmap: get offloading settings and warn if needed
profiling: fix minor compiler warning
yaml: profiling 'json' depend on jansson availability
output: improve notice and warning/error color handling
output: introduce config and perf output levels
netmap: output cleanup
netmap: don't check for offloading twice
output: reduce verbosity on info level
affinity: type cleanup
affinity: remove unused settings
affinity: improve suricata.yaml doc
affinity: rename detect-cpu-set to worker-cpu-set
affinity: rename detect -> worker set internall
affinity: small cleanups to output & code
yaml: improve affinity defaults
configure: don't set -march=native for powerpc
netmap: code cleanup
netmap: don't set more than 1 thread on sw ring
netmap: work around mtu error on iface+ settings
configure: cleanup configure output
http: update compression mismatch test
unittest: minor cleanup
http: set of response body decompress limit
http body: fix compression tests
Update Changelog for 3.1RC1
Zachary Rasmor (10):
Update thread naming convention for all IDS modes.
Update IPS thread names to new name standard.
Update threads to use global thread names.
Update pcap-file runmode to adhere to new thread standard.
Add global threadnames.
Update shortening algorithm to account for addition of #.
Change thread name from pointer to buffer. Remove pointer free.
Update thread creation and threads to use global thread names.
Update unit test to account for 'name' type change.
Remove free operation on thread name field.
maxtors (21):
Added payload-buffer-size option to yaml configuration
Added parsing and utilization of yaml defined payload buffer value.
Corrected and unified debugmessages for init data errors in *ThreadInit.
Module specific error code for init ctx error.
Removed duplicate include statements.
Added shortening of listening interface in util-runmodes
Fixed string copy and cat functions and made shortening safer.
Reworked how shortening should be performed.
Changed naming of flowmanager/recycler.
Update ASN1_MAX_FRAMES to reflect default in suricata.yaml.in
Changed "enabled" parsing to use ConfValIs(true|false)
Added more DNS Resource Record Types.
Reordering of RRTYPE switch case for performance.
Use ConfValIs* for parsing pcap-file.checksum-checks.
Use ConfValIs* for parseing mpipe.checksum-checks.
Use ConfValIs* for parsing af-packet.checksum-checks.
Use ConfValIs* for parsing netmap.checksum-checks.
Use ConfValIs* for parsing pcap.checksum-checks.
Use ConfValIs* for parsing pf-ring.checksum-checks.
Use ConfValIsTrue for parsing TILE PCIE logging append value.
Use ConfValIsTrue for parseing util-logfile append value.
-----------------------------------------------------------------------
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list