[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-4.0.1-302-gcba4120

OISF Git noreply at openinfosecfoundation.org
Tue Jan 23 17:49:12 UTC 2018

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  cba41207b3f2d8251f7e0f7944683134d9cf8233 (commit)
       via  790ef2701a0752a8928bc57ce2bddd4e2b61a206 (commit)
       via  63b9b9e9aacb6e0a6d7f605713cb9df1a1eb8e27 (commit)
       via  0813f080754378d544b2b2a344952d7a32744f08 (commit)
      from  18f64e0d21d56a364679eaab7c7fee862290e4b0 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit cba41207b3f2d8251f7e0f7944683134d9cf8233
Author: Alexander Gozman <a.gozman at securitycode.ru>
Date:   Thu Jan 18 09:05:15 2018 +0000

    af_packet: bug #2422.
    This commit fixes a leak of mmap'ed ring buffer that was not
    unmaped when a socket was closed. In addition, the leak could
    break an inline channel on certain configurations.
    Also slightly changed AFPCreateSocket():
    1. If an interface is not up, it does not try to apply any
       settings to a socket. This reduces a number of error messages
       while an interface is down.
    2. Interface is considered active if both IFF_UP and IFF_RUNNING
       are present.

commit 790ef2701a0752a8928bc57ce2bddd4e2b61a206
Author: Danny Browning <danny.browning at protectwise.com>
Date:   Sat Jan 13 08:51:20 2018 -0700

    runmode-unix-socket: interrupt as commanded (2413)
    Once interrupt occurs, reset the interrupt flag so that future runs are
    not immediately interrupted.

commit 63b9b9e9aacb6e0a6d7f605713cb9df1a1eb8e27
Author: Pascal Delalande <pdl35 at free.fr>
Date:   Tue Dec 5 22:42:57 2017 +0100

    unix-socket: socket permission update
    So far, the suricata socket suricata-command.socket has the rights
     rw-r----- suricata:user.
    When suricata is used with restricted access, an other application
    (suricatasc like) that needs to access to the command socket also
    with restricted access can not write to the socket since it is not
    the owner (e.g suricata within container, with an hardened value
    for umask and hardened rights for users).
    The socket should be set as rw-rw----. Use chmod instead of fchmod
    and set it after the socket creation.

commit 0813f080754378d544b2b2a344952d7a32744f08
Author: Danny Browning <danny.browning at protectwise.com>
Date:   Sat Jan 13 08:08:11 2018 -0700

    suricatasc: pcap-file-continuous (2412)
    Suricatasc is not supporting pcap-file processing in continuous mode.
    Register a new command pcap-file-continuous in the unix manager to work
    with suricatasc. Add defaulted arguments for pcap-file to support
    backwards compatibility.


Summary of changes:
 scripts/suricatasc/src/suricatasc.py | 12 ++++--
 src/runmode-unix-socket.c            | 43 +++++++++++++++++----
 src/source-af-packet.c               | 72 +++++++++++++++++++-----------------
 src/unix-manager.c                   | 27 +++++++-------
 4 files changed, 97 insertions(+), 57 deletions(-)


More information about the Oisf-devel mailing list