[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-4.0.1-431-gf815027

OISF Git noreply at openinfosecfoundation.org
Wed Feb 7 08:42:17 UTC 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  f815027cdfbf9fda9f6141d9bf3a5584d6d7a672 (commit)
       via  7548944b49b0dfc218d73e3d12c993629258fb2a (commit)
       via  1c270cae134f72ed7b5a88edb9695f27cf793dcc (commit)
       via  e96d9c11596e6a2b611902f0c7c601de5dccc6f3 (commit)
      from  7da805ffd9a9202c67d53ef6a06c3215436495e9 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit f815027cdfbf9fda9f6141d9bf3a5584d6d7a672
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Feb 6 11:24:50 2018 +0100

    rust/dns: simplify tx freeing
    
    Now that we no longer need the state when freeing a TX, we can simply
    do cleanup from the Drop trait.

commit 7548944b49b0dfc218d73e3d12c993629258fb2a
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Feb 6 11:12:56 2018 +0100

    app-layer: remove unused HasTxDetectState call
    
    Also remove the now useless 'state' argument from the SetTxDetectState
    calls. For those app-layer parsers that use a state == tx approach,
    the state pointer is passed as tx.
    
    Update app-layer parsers to remove the unused call and update the
    modified call.

commit 1c270cae134f72ed7b5a88edb9695f27cf793dcc
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Feb 6 10:35:05 2018 +0100

    nfs: remove old test code

commit e96d9c11596e6a2b611902f0c7c601de5dccc6f3
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Jan 31 15:58:21 2018 +0100

    app-layer: add tx iterator API
    
    Until now, the transaction space is assumed to be terse. Transactions
    are handled sequentially so the difference between the lowest and highest
    active tx id's is small. For this reason the logic of walking every id
    between the 'minimum' and max id made sense. The space might look like:
    
        [..........TTTT]
    
    Here the looping starts at the first T and loops 4 times.
    
    This assumption isn't a great fit though. A protocol like NFS has 2 types
    of transactions. Long running file transfer transactions and short lived
    request/reply pairs are causing the id space to be sparse. This leads to
    a lot of unnecessary looping in various parts of the engine, but most
    prominently: detection, tx house keeping and tx logging.
    
        [.T..T...TTTT.T]
    
    Here the looping starts at the first T and loops for every spot, even
    those where no tx exists anymore.
    
    Cases have been observed where the lowest tx id was 2 and the highest
    was 50k. This lead to a lot of unnecessary looping.
    
    This patch add an alternative approach. It allows a protocol to register
    an iterator function, that simply returns the next transaction until
    all transactions are returned. To do this it uses a bit of state the
    caller must keep.
    
    The registration is optional. If no iterator is registered the old
    behaviour will be used.

-----------------------------------------------------------------------

Summary of changes:
 rust/gen-c-headers.py        |   2 +
 rust/src/applayer.rs         |  23 +++++
 rust/src/dns/dns.rs          |  53 ++--------
 rust/src/nfs/nfs.rs          | 123 +++++++++++-------------
 src/app-layer-dcerpc-udp.c   |  14 +--
 src/app-layer-dcerpc.c       |  14 +--
 src/app-layer-dnp3.c         |   4 +-
 src/app-layer-dns-common.c   |  14 +--
 src/app-layer-dns-common.h   |   5 +-
 src/app-layer-dns-tcp-rust.c |  12 +--
 src/app-layer-dns-tcp.c      |   1 -
 src/app-layer-dns-udp-rust.c |  13 +--
 src/app-layer-dns-udp.c      |   1 -
 src/app-layer-enip.c         |  10 +-
 src/app-layer-ftp.c          |  30 ++----
 src/app-layer-htp.c          |  17 +---
 src/app-layer-htp.h          |   1 -
 src/app-layer-modbus.c       |   4 +-
 src/app-layer-nfs-tcp.c      |  17 +++-
 src/app-layer-nfs-udp.c      |  17 +++-
 src/app-layer-parser.c       | 223 ++++++++++++++++++++++++++++---------------
 src/app-layer-parser.h       |  29 +++++-
 src/app-layer-register.c     |   2 +-
 src/app-layer-register.h     |   3 +-
 src/app-layer-smb.c          |  14 +--
 src/app-layer-smtp.c         |   4 +-
 src/app-layer-ssh.c          |  14 +--
 src/app-layer-ssl.c          |  15 +--
 src/app-layer-template.c     |   4 +-
 src/app-layer-tftp.c         |   4 +-
 src/detect-engine-state.c    |   2 +-
 src/detect-nfs-procedure.c   |   2 +
 src/detect-nfs-version.c     |   2 +
 src/detect.c                 |  28 +++---
 src/output-tx.c              |  31 +++---
 35 files changed, 379 insertions(+), 373 deletions(-)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list