Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Tags: default personal
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

default personal
fccdb1c642f0...
Daisu
doc/commandline: -i option is useable several times
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
fa692df37a79...
Victor Julien
stream: reject broken ACK packets
Fix evasion posibility by rejecting packets with a broken ACK field.
These packets have a non-0 ACK field, but do not have a ACK flag set.

Bug #3324.

Reported-by: Nicolas Adba
f9f958d66e3c...
Victor Julien
smtp: fix and clean up new file handling
Set tx id on files that were just opened.

Move logic to a small util func.
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
f9840b513d1b...
Victor Julien
version: release 5.0.1
f5b33a070acc...
Victor Julien
smb1: allow empty trans records
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
f302f3543fc8...
Victor Julien
files: add call for setting inspect sizes
The inspect sizes are currently only used during file prune
house keeping for SMTP.
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
f2117774f53f...
Jason Ish
configure: assume cargo vendor if cargo >= 1.37
Rust/Cargo 1.37 and greater has vendor support built-in.
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
eceb7dcba466...
Victor Julien
eve: support pcap_filename for unix socket mode
Bug #3390.
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
df8db1ddb073...
Jason Ish
ipv4: fail packet decoding on bad ipv4 option length
Currently all failures in IPv4 option decode are ignore with
respect to continuing to handle the packet.

Change this to fail, and abort handling the packet if the
option length is invalid.

Ticket 3328:
https://redmine.openinfosecfoundation.org/issues/3328
df74f34a6287...
Victor Julien
decode/tcp: accept TCP fast open cookie request
b9515671be59...
Jason Ish
github-ci: use container for 18.04 build
As the action runs natively on 18.04 we were not explicitly
setting a container, but this means we're using what GitHub
provides us as a default state which might be broken. Instead
use the standard Ubuntu 18.04 container.
  • debug gt4: 'make distcheck' failed -  stdio
a7ee2ffbde99...
Victor Julien
smb: winreg is a DCERPC facility
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
9f0294fadca3...
Victor Julien
stream: fix SYN_SENT RST/FIN injection
RST injection during the SYN_SENT state could trick Suricata into marking
a session as CLOSED. The way this was done is: using invalid TSECR value
in RST+ACK packet. The ACK was needed to force Linux into considering the
TSECR value and compare it to the TSVAL from the SYN packet.

The second works only against Windows. The client would not use a TSVAL
but the RST packet would. Windows will reject this, but Suricata considered
the RST valid and triggered the CLOSED logic.

This patch addresses both. When the SYN packet used timestamp support
the timestamp of incoming packet is validated. Otherwise, packet responding
should not have a timestamp.

Bug #3286

Reported-by: Nicolas Adba
9bcc1118e180...
Victor Julien
configure: require libhtp 0.5.32
8609939e60cd...
Jason Ish
ipv4: continue parsing options after invalid option
As long as an option has a valid length, we can continue
parsing the options after an invalid one.
77539e08fc8a...
Victor Julien
stream: in IDS mode, call app-layer at EOF
On stream end call app-layer with empty message in IDS mode.
700eebaeccb9...
Shivani Bhardwaj
doc/conf: Update copyright and regex for version
Make the new regex in compliance with the modern autoconf syntax.
Closes redmine ticket #3423
6fa66e3ddb2f...
Victor Julien
changelog: update for 5.0.1
69c00a77b5a0...
Jason Ish
github-ci: in a dist build, check that --frozen is being used
Verify that ./configure is picking up the vendored Rust sources
when building from a dist archive.
683b22d11485...
Victor Julien
smtp: use FILE_USE_DETECT for raw-extract
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
682014619f29...
Victor Julien
files: fix FILE_USE_DETECT with --disable-detection
Don't set FILE_USE_DETECT flag if detect is disabled.
627cc23769dc...
Victor Julien
detect/asn1: fix offset bounds checking
618ad0d92fcc...
Victor Julien
app-layer: optimize inspection id tracking
Increase the inspect id for a completely inspected tx in any case.
This avoids re-evaluating transactions.

Reported-by: Ilya Bakhtin
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
5ee8323028ae...
Jason Ish
rust: remove unnecessary parentheses (Rust 1.40 fixup)
Rust 1.40 in strict mode will now fail the build on the
presence of unnecessary parentheses.

warning: unnecessary parentheses around type
  --> src/smb/smb2_ioctl.rs:41:12
  |
41 |        -> (&mut SMBTransaction)
  |            ^^^^^^^^^^^^^^^^^^^^^ help: remove these parentheses
  |
  = note: `#[warn(unused_parens)]` on by default
55a36c79ff60...
Jason Williams
doc: update http keywords documentation
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
4f7dc4f136ce...
jason taylor
doc: add bsize documentation and rule example
Signed-off-by: jason taylor <jtfas90@gmail.com>
4ac9cd2c70db...
Victor Julien
files: move smtp prune logic to main
Now that we call the file prune loop very regularly, we can move the
SMTP specific inspection pruning logic into this loop. Helps with
cases there we don't (often) update a files inspection trackers.
4ac5ab00b7a5...
Steven Hostetler
doc/install: fix geoip typo
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
4a2918e6b5d3...
Philippe Antoine
yaml: clarify comment about dump-all-headers
Logs a warning if the value is unknown
Fixes #2810
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
44ac3e30dd47...
Victor Julien
smb: post-GAP handling update
Close all prior transactions in the direction of the GAP, except the
file xfers. Those use their own logic.
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
411dd69e92c9...
Victor Julien
doc/eve: layout and formatting fixes
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
40fe29de9687...
Victor Julien
smb1: fix 'event' txs not getting closed
If the only reason we created a request side TX was to set an event,
we would not close it.

This patch always looks up the TX from the response side.
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
3d9071639b60...
Victor Julien
version: starting work on 5.0.2
3ca7dcd8d833...
Jason Ish
configure: fix test -f for rust/vendor, should be -e
Introduced with commit: c08ec8d8b27280e2bcb066c9caa24da97e0419ee
34b7035a0d0a...
Victor Julien
detect/iponly: debug output improvements
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
21760bfc76fc...
Victor Julien
files: change pruning behavior
If file prune is called inspect has already run. So if file is closed
we can just prune. No need to consider a window anymore.

When still in progress, fix the left_edge calculation.
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
1666bc0ad186...
jason taylor
doc: minor capitalization fix
Signed-off-by: jason taylor <jtfas90@gmail.com>
129cd2805833...
Victor Julien
smb/dcerpc: close request tx sooner
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
040aff5197ba...
Victor Julien
htp: close request only from request side
This allows the response side to keep going for just
a bit longer.
007a461d69b0...
Victor Julien
detect/parse: track negation during address parsing
Fix address negation detection not resolving variables when
looking for the negation.

This patch makes use of the actual parsing routines to relay this
information to the signature parser.

Bug #3389.

Fixes: 92f08d85aac2 ("detect/iponly: improve negation handling in parsing")
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio