Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Categories: default personal
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

default personal
f78871934841...
Mats Klepsland
detect-tls-cert-fingerprint: add content validation callback
Validate that the content that follows the 'tls_cert_fingerprint'
keyword is on the correct form and has the correct length.
f36d578ee0b0...
Mats Klepsland
detect-tls-ja3-hash: add setup callback to lowercase content
Add setup callback that lowercase the content that follows 'ja3_hash'.
e3645bd9ae7a...
Jason Ish
eve/alert: separate xff and metadata configuration
Put xff setup and metadata setup into their own
functions.
d73b5ee276c3...
Jason Ish
rust: cargo fixes for out of tree build
d0a8310fcfa5...
Victor Julien
pcap-log: don't divide by 0 on no traffic
ce270a8f6aa0...
Max Fillinger
Add info about pcap log compression to user guide
c803656dcf04...
Victor Julien
htp: cleanup and fix test
b85a0b188b00...
Max Fillinger
Add an option for compressing pcap-log files
Introduces the option 'outputs.pcap-log.compression' which can be set
to 'none' or 'lz4', plus options to set the compression level and to
enable checksums. SCFmemopen is used to make pcap_dump() write to a
buffer which is then compressed using liblz4.
b028207462d6...
Victor Julien
http: add tests for header folding
To test for https://github.com/OISF/libhtp/issues/159
95481a91760e...
Jason Ish
eve/json/xff - remove check for flow being NULL.
Fix Coverity issue:
** CID 1435535:  Null pointer dereferences  (REVERSE_INULL)
/src/output-json-file.c: 212 in JsonBuildFileInfoRecord()

Where we check a variable for being NULL, when all paths to the
code show that it can't be NULL.
953dceece2d0...
Victor Julien
http: clean up unittest
851efd9c60ea...
Eric Leblond
util-random: workaround getrandom unavailability
getrandom syscall availability is detected at runtime. So it is
possible that the build is done on a box that supports it but
the run is done on a system with no availability. So a workaround
solution is needed to fix this case.

Also we have seen some issue in docker environment where the build
is detecting getrandom but where it does not work at runtime.

For both reasons, the code is updated to have a call to a fallback
function if ever the getrandom call returns that the syscall is
not available.
7e06e765f390...
Jason Ish
python: fixes for out of tree build
Autoconf/automake and python setup.py don't play that well
together with out of tree builds.

Makes suricatasc not an autoconf input file, instead use the
defaults module that is already being created.

In the case of an out of tree build, copy the generated defaults.py
to the build directory manually.
7b3ba37bac22...
Victor Julien
http: clean up unittest
781a7e108946...
Jason Ish
xff: HttpXFFGetCfg - allow conf to be NULL
The code fully handles conf being NULL, and we have other functions
where conf can be NULL.
6cf4c3c26e41...
Mats Klepsland
detect-tls-cert-serial: add setup callback to uppercase content
Add setup callback that uppercase the content that follows
'tls_cert_serial'.
6ba02cac5050...
Elazar Broad
Fix segfault when the protocol is anything other than HTTP
When a file is transferred over anything other than HTTP, the previously hard-coded HTTP protocol would trigger a non-existent index into htp_list_array_get(), causing a segfault. This patch mimics the logic in detect-lua-extensions.c.
69897af6f6c1...
Victor Julien
wirefuzz: add 'quiet' mode
Adds -q commandline option to force quiet operation.
6607ee8489f9...
Jason Ish
eve/http: use eve-level xff config by default
The http section can still have an xff configuration which
will take priority over the eve level xff config.
6062c27eb7f2...
Eric Leblond
af-packet: kill some white spaces
5b954212f73d...
Mats Klepsland
detect-tls-ja3-hash: add warning if nocase is used
58e92392eafd...
Max Fillinger
configure: Show installation info for liblz4 if not found
576584152c8b...
Jason Ish
eve: use eve-level xff configuration
If an "xff" configuration section exists on the eve object,
parse and save it for child loggers to use.
52d9d4574729...
Mats Klepsland
detect-tls-cert-fingerprint: add setup callback to lowercase content
Add setup callback that lowercase the content that follows
'tls_cert_fingerprint'.
4f48927c44e4...
Pascal Delalande
doc: spelling mistakes in various sections of the user guide
4c9d448fa1ec...
Mats Klepsland
detect-tls-ja3-hash: add content validation callback
Validate that the content that follows the 'ja3_hash' keyword has
the correct length.
48a5ea9df058...
Mats Klepsland
detect-tls-cert-serial: add content validation callback
Validate that the content that follows the 'tls_cert_serial' keyword
is on the correct form. If it's longer than two bytes it should be
separated by colons.
48223874118f...
Jason Ish
qa/coccinelle: allow to run from non git directory
For example, when I put the contents of a git worktree into
a Docker image for a test build .git will not be a directory
causing the run_check.sh script to fail.
4671d57d7ad4...
Mats Klepsland
detect-tls-cert-fingerprint: fix failing unittest
Fix unittest that failed with the content validation callback.
36ec1281b20e...
Jason Ish
eve/files: use eve-level xff config by default
The files section can still have an xff configuration which
will take priority over the eve level xff config.
321603de3743...
Mats Klepsland
detect-engine: add DetectEngineCtx to setup callback function
Add detect engine context as variable to setup callback function
in 'DetectBufferTypeRegisterSetupCallback'.
2d2c01e7725f...
Mats Klepsland
detect-tls-cert-fingerprint: fix typo in unittest
2d1c4420de24...
Pierre Chifflier
Update ntp-parser to 0.2.0
2c5d5bbdaa99...
Mats Klepsland
detect-tls-cert-fingerprint: add warning if nocase is used
26b61bad9097...
Victor Julien
htp: cleanup and fix test
260095a41d60...
Victor Julien
pcap-log: don't divide by 0 on no traffic
2543930d7498...
Maurizio Abba
xff: Use XFF configuration in eve and filestore
XFF configuration is already set in app-layer-htp-xff, and in
output-json-alert. Extending XFF configuration to files and HTTP allow
to get the same behavior as for alerts.

Extend the configuration of filestore json to let filestore metafile
dump be aware of xff. This is available only if write-fileinfo is set
to yes and file-store version is 2.
2501d48ac828...
Mats Klepsland
detect-tls-cert-serial: add warning if nocase is used
0d51ebc71a46...
Jason Ish
eve/alert: use eve-level xff config by default
The alert section can still have an xff configuration which
will take priority over the eve level xff config.
08af5ddd8817...
Victor Julien
http: add tests for header folding
To test for https://github.com/OISF/libhtp/issues/159