[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-4.0.0-beta1-60-g61d9f4b
OISF Git
noreply at openinfosecfoundation.org
Mon Jun 26 14:13:19 UTC 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 61d9f4bb0a947d39d409fd0ebbb3aa1d8374a51a (commit)
via f5a90e26a91d030e641900c60372629a057008e4 (commit)
via 717b826d256a021bfd52991e1ec654779f05c3e5 (commit)
via 1ebad6bd718815ffab239fb50773c82c8ef4df23 (commit)
via 14951e3f0079df212444d82bdc5ebb27cb88f01d (commit)
via 4be031394be3f6a2e0f0462e2dcb39a84bc2d32b (commit)
via c3806ebd2a95f60cefea4d329020fc3016a0695a (commit)
via eb70b1e1957ddd84eefc557ca661309dac2dd1ba (commit)
via 170591a0b156bcd4a8687e3e039ba6b7f7b54d6b (commit)
via d61fa0c43c3dce72c10e58462544bf5d6443128c (commit)
from 7c119cc595bd1dc29dfc54665ee76a5caf604c82 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 61d9f4bb0a947d39d409fd0ebbb3aa1d8374a51a
Author: Jason Ish <ish at unx.ca>
Date: Wed Jun 21 12:44:37 2017 -0600
rust: make distcheck fixes
commit f5a90e26a91d030e641900c60372629a057008e4
Author: Jason Ish <ish at unx.ca>
Date: Wed Jun 21 09:06:22 2017 -0600
rust: for sclog*, strip nul bytes before logging
commit 717b826d256a021bfd52991e1ec654779f05c3e5
Author: Jason Ish <ish at unx.ca>
Date: Tue Jun 20 12:47:34 2017 -0600
rust: safe string handling in logging
In logging (SCLog*), safely convert strings to cstrings instead
of blindly unwrapping them.
Also implement a simple rust logger if the Suricata C context
is not available.
commit 1ebad6bd718815ffab239fb50773c82c8ef4df23
Author: Jason Ish <ish at unx.ca>
Date: Tue Jun 20 10:30:35 2017 -0600
rust/dns: cargo unit test prototype
Do remove compiler warning when building without unit tests.
commit 14951e3f0079df212444d82bdc5ebb27cb88f01d
Author: Jason Ish <ish at unx.ca>
Date: Tue Jun 20 10:17:54 2017 -0600
rust: save cargo and CARGO_HOME to variables
During configure, substitute the path of cargo, as well as the
value of CARGO_HOME as variables. This fixes the case where a
user might do:
make
sudo make install
Which will cause the cargo bits to be rebuilt, including
re-downloading external crates.
By saving these to variables we can be sure that the same
values are used during make install as were used during
make which prevents the Rust artifacts from being rebuild
during "sudo make install".
commit 4be031394be3f6a2e0f0462e2dcb39a84bc2d32b
Author: Eric Leblond <eric at regit.org>
Date: Thu Jun 22 17:48:00 2017 +0200
output-json-alert: fallback to payload if stream is void
If stream logging results in no data then we fallback to payload
data to get somethingi that could be interesting instead of
nothing.
commit c3806ebd2a95f60cefea4d329020fc3016a0695a
Author: Eric Leblond <eric at regit.org>
Date: Tue Jun 20 19:00:22 2017 +0200
suricata.yaml: add some port variables
These variables are used by Talos ruleset and defining them allow
to get almost all rules of ruleset loaded.
commit eb70b1e1957ddd84eefc557ca661309dac2dd1ba
Author: Eric Leblond <eric at regit.org>
Date: Mon Jun 19 22:54:17 2017 +0200
detect-asn1: fix memory leak
commit 170591a0b156bcd4a8687e3e039ba6b7f7b54d6b
Author: Eric Leblond <eric at regit.org>
Date: Mon Jun 19 20:16:01 2017 +0200
util-print: add 0 at end of buffer
Add a 0 at the end of the printed buffer to be sure we terminate
with a 0 to avoid problem when calling strlen().
commit d61fa0c43c3dce72c10e58462544bf5d6443128c
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jun 20 12:13:14 2017 +0200
tunnel: refactor tunnel verdict handling
Observed:
STARTTLS creates 2 pseudo packets which are tied to a real packet.
TPR (tunnel packet ref) counter increased to 2.
Pseudo 1: goes through 'verdict', increments 'ready to verdict' to 1.
Packet pool return code frees this packet and decrements TPR in root
to 1. RTV counter not changed. So both are now 1.
Pseudo 2: verdict code sees RTV == TPR, so verdict is set based on
pseudo packet. This is too soon. Packet pool return code frees this
packet and decrements TPR in root to 0.
Real packet: TRP is 0 so set verdict on this packet. As verdict was
already set, NFQ reports an issue.
The decrementing of TPR doesn't seem to make sense as RTV is not
updated.
Solution:
This patch refactors the ref count and verdict count logic. The beef
is now handled in the generic function TmqhOutputPacketpool(). NFQ
and IPFW call a utility function VerdictTunnelPacket to see if they
need to verdict a packet.
Remove some unused macro's for managing these counters.
-----------------------------------------------------------------------
Summary of changes:
configure.ac | 13 +++++---
rust/.cargo/config.in | 2 +-
rust/Makefile.am | 20 ++++++------
rust/src/core.rs | 19 +-----------
rust/src/log.rs | 64 +++++++++++++++++++++++++++++++++++---
src/app-layer-dns-tcp-rust.c | 2 ++
src/app-layer-dns-udp-rust.c | 2 ++
src/decode.h | 46 ++++++++++++++++++++--------
src/detect-asn1.c | 2 ++
src/output-json-alert.c | 73 +++++++++++++++++++++++++-------------------
src/source-ipfw.c | 22 ++-----------
src/source-nfq.c | 33 ++++++--------------
src/stream-tcp.c | 1 +
src/tmqh-packetpool.c | 60 ++++++++++++++++++------------------
src/util-print.c | 1 +
suricata.yaml.in | 2 ++
16 files changed, 206 insertions(+), 156 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list