[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-3.2beta1-108-g5dc9c1b
OISF Git
noreply at openinfosecfoundation.org
Thu Oct 27 16:50:04 UTC 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 5dc9c1b8748fea884bf83dc376972fac00f4c007 (commit)
via 7cf231c7ecfa96df408825c87dc363a1e3c83bf6 (commit)
via f0de1d04a9a9eca4eabf74fba0cf9f60f35fbc1f (commit)
via f70badeb0e9a3c9f55023a57abefc9857d2f729f (commit)
via a59f31a99fc775d8962ad11fbfb4cc3413710ffd (commit)
via 44a69f63556a99317162aceabed2e95606c89047 (commit)
via 1c3f37354383884075e69397abdc2820d95d1fe2 (commit)
via 1a31bded4a18311b4bbe78db2574ae8546cae711 (commit)
via bbaa79b80e4faea321593eb4aa552f976357ac86 (commit)
via 240d789c40b51c475da56c2c4a7a67ab2f508809 (commit)
via da40714cb12b7e2642e42be253b4f33b8bf79ecb (commit)
via f6c0abaae7fb91e9b2f867c519b97662260f9934 (commit)
via 2758f825151925c8fce8cb618cd43fac14ab6d38 (commit)
via 9d271e9a71140d7cfa48922d249f40f670193cba (commit)
via 7d734edca84c0fd1ba03cf2f89ccfdd4ab58a605 (commit)
via a8f6fb0f78448c4cd757d99361a2ee83fcb84ed1 (commit)
via 64cc91a569fd78550fe64d7dc3fe0985945d0eb2 (commit)
via 2d4df19401968a56754b8f1acfd9613792003feb (commit)
from db1c47cb6e5cea4db5828fac9fa5396d85df6e8a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5dc9c1b8748fea884bf83dc376972fac00f4c007
Author: Victor Julien <victor at inliniac.net>
Date: Thu Oct 27 11:55:28 2016 +0200
DNP3: minor cleanup
commit 7cf231c7ecfa96df408825c87dc363a1e3c83bf6
Author: Victor Julien <victor at inliniac.net>
Date: Thu Oct 27 11:55:17 2016 +0200
DNP3: don't leak memory on dnp3_obj parsing
commit f0de1d04a9a9eca4eabf74fba0cf9f60f35fbc1f
Author: Jason Ish <ish at unx.ca>
Date: Wed Jul 13 09:04:15 2016 -0600
DNP3: Use directional logging.
Instead of waiting for a transaction complete, log the
request as soon as it is completes which will give it a
more accurate timestamp.
commit f70badeb0e9a3c9f55023a57abefc9857d2f729f
Author: Jason Ish <ish at unx.ca>
Date: Fri Apr 15 16:49:28 2016 -0600
DNP3: --afl-dnp3 entry point
commit a59f31a99fc775d8962ad11fbfb4cc3413710ffd
Author: Jason Ish <ish at unx.ca>
Date: Thu Dec 10 11:59:48 2015 -0600
DNP3: Lua detect support.
Adds support for access the DNP3 transaction in Lua rules.
commit 44a69f63556a99317162aceabed2e95606c89047
Author: Jason Ish <ish at unx.ca>
Date: Mon Sep 28 16:33:48 2015 -0600
DNP3: Log DNP3 info with DNP3 alert.
commit 1c3f37354383884075e69397abdc2820d95d1fe2
Author: Jason Ish <ish at unx.ca>
Date: Thu May 7 11:53:39 2015 -0600
DNP3: Log DNP3 transactions.
commit 1a31bded4a18311b4bbe78db2574ae8546cae711
Author: Jason Ish <ish at unx.ca>
Date: Fri Apr 10 10:22:25 2015 -0600
DNP3: dnp3_data, dnp3_func, dnp3_ind, dnp3_obj rule keywords
commit bbaa79b80e4faea321593eb4aa552f976357ac86
Author: Jason Ish <ish at unx.ca>
Date: Fri Apr 10 09:33:20 2015 -0600
DNP3: Application layer decoder.
Decodes TCP DNP3 and raises some DNP3 decoder alerts.
commit 240d789c40b51c475da56c2c4a7a67ab2f508809
Author: Jason Ish <ish at unx.ca>
Date: Mon Feb 8 15:16:01 2016 -0600
DNP3: dnp3-gen: code generator for repetitive DNP3 code
commit da40714cb12b7e2642e42be253b4f33b8bf79ecb
Author: Jason Ish <ish at unx.ca>
Date: Mon Apr 25 00:17:58 2016 -0600
common: define json_boolean when not defined
Older versions of jansson in current use don't have this
macro defined.
commit f6c0abaae7fb91e9b2f867c519b97662260f9934
Author: fooinha <fooinha at gmail.com>
Date: Mon Oct 24 15:52:06 2016 +0000
eve: check redis reply in non pipeline mode
We may lose the reply if disconnection happens.
Reconnection is needed.
commit 2758f825151925c8fce8cb618cd43fac14ab6d38
Author: Victor Julien <victor at inliniac.net>
Date: Wed Oct 26 16:19:13 2016 +0200
flowvar: cleanups
commit 9d271e9a71140d7cfa48922d249f40f670193cba
Author: Jason Ish <ish at unx.ca>
Date: Wed Oct 26 15:34:43 2016 -0600
fast-pattern: fix tls_sni
Use all 38 arguments in call to SigMatchGetLastSMFromLists
Was preventing fast_pattern from being applied to tls_sni:
https://redmine.openinfosecfoundation.org/issues/1936
commit 7d734edca84c0fd1ba03cf2f89ccfdd4ab58a605
Author: Jason Ish <ish at unx.ca>
Date: Tue Oct 25 14:56:09 2016 -0600
dns: use new unittest macros
commit a8f6fb0f78448c4cd757d99361a2ee83fcb84ed1
Author: Jason Ish <ish at unx.ca>
Date: Tue Oct 25 00:13:07 2016 -0600
dns: support back to back requests without a response
Address the issue where a DNS response would not be logged when
the traffic is like:
- Request 1
- Request 2
- Response 1
- Response 2
which can happen on dual stack machines where the request for A
and AAAA are sent out at the same time on the same UDP "session".
A "window" is used to set the maximum number of outstanding
responses before considering the olders lost.
commit 64cc91a569fd78550fe64d7dc3fe0985945d0eb2
Author: Jason Ish <ish at unx.ca>
Date: Wed Oct 26 09:48:42 2016 -0600
tcp dns: unit test for multi-request buffer
commit 2d4df19401968a56754b8f1acfd9613792003feb
Author: Jason Ish <ish at unx.ca>
Date: Tue Oct 25 14:13:31 2016 -0600
tcp dns: fix advancement to next request in buffer
The advancement through the buffer was not taking into account
the size of the length field resulting in the second request
being detected as bad data.
-----------------------------------------------------------------------
Summary of changes:
Makefile.am | 1 +
rules/Makefile.am | 3 +-
rules/dnp3-events.rules | 26 +
scripts/dnp3-gen/dnp3-gen.py | 729 ++
scripts/dnp3-gen/dnp3-objects.yaml | 2995 +++++++
src/Makefile.am | 7 +
src/app-layer-detect-proto.c | 4 +
src/app-layer-dnp3-objects.c | 9148 ++++++++++++++++++++
src/app-layer-dnp3-objects.h | 1464 ++++
src/app-layer-dnp3.c | 2661 ++++++
src/app-layer-dnp3.h | 277 +
src/app-layer-dns-common.c | 25 +-
src/app-layer-dns-common.h | 7 +
src/app-layer-dns-tcp.c | 149 +-
src/app-layer-dns-udp.c | 309 +-
src/app-layer-parser.c | 2 +
src/app-layer-protos.c | 3 +
src/app-layer-protos.h | 1 +
src/detect-dnp3.c | 1030 +++
src/{app-layer-enip.h => detect-dnp3.h} | 25 +-
src/detect-engine-analyzer.c | 2 +
src/detect-engine.c | 4 +
src/detect-fast-pattern.c | 2 +-
src/detect-flowvar.c | 23 +-
src/detect-flowvar.h | 10 +-
src/detect-lua-extensions.c | 2 +
src/detect-lua.c | 10 +
src/detect-parse.c | 8 +
src/detect.c | 10 +
src/detect.h | 9 +
src/output-json-alert.c | 72 +-
src/output-json-dnp3-objects.c | 2720 ++++++
...{detect-bypass.h => output-json-dnp3-objects.h} | 17 +-
src/output-json-dnp3.c | 449 +
src/{util-lua-ssh.h => output-json-dnp3.h} | 21 +-
src/output.c | 4 +
src/suricata-common.h | 5 +
src/suricata.c | 20 +-
src/util-error.c | 1 +
src/util-error.h | 1 +
src/util-logopenfile.c | 33 +-
src/util-lua-dnp3-objects.c | 3542 ++++++++
src/{log-tlsstore.h => util-lua-dnp3-objects.h} | 15 +-
src/util-lua-dnp3.c | 201 +
src/{log-tlsstore.h => util-lua-dnp3.h} | 16 +-
suricata.yaml.in | 8 +
46 files changed, 25902 insertions(+), 169 deletions(-)
create mode 100644 rules/dnp3-events.rules
create mode 100755 scripts/dnp3-gen/dnp3-gen.py
create mode 100644 scripts/dnp3-gen/dnp3-objects.yaml
create mode 100644 src/app-layer-dnp3-objects.c
create mode 100644 src/app-layer-dnp3-objects.h
create mode 100644 src/app-layer-dnp3.c
create mode 100644 src/app-layer-dnp3.h
create mode 100644 src/detect-dnp3.c
copy src/{app-layer-enip.h => detect-dnp3.h} (67%)
create mode 100644 src/output-json-dnp3-objects.c
copy src/{detect-bypass.h => output-json-dnp3-objects.h} (73%)
create mode 100644 src/output-json-dnp3.c
copy src/{util-lua-ssh.h => output-json-dnp3.h} (70%)
create mode 100644 src/util-lua-dnp3-objects.c
copy src/{log-tlsstore.h => util-lua-dnp3-objects.h} (78%)
create mode 100644 src/util-lua-dnp3.c
copy src/{log-tlsstore.h => util-lua-dnp3.h} (79%)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list