Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View

Tags: default personal
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

default personal
Jeff Lucovsky
eve/ftp: minor cleanups and fixes
Jeff Lucovsky
detect/analyzer: add support for http_content_type
  • build gt4: 'make distcheck' failed -  stdio
  • profiling: 'make distcheck' failed -  stdio
Victor Julien
ftp: implement progress tracking
Make sure FTP_STATE_FINISHED is returned for transactions that
are marked 'done'.

This is necessary for timely logging and inspection.
jason taylor
applayer: fix typo in debug output
Signed-off-by: jason taylor <jtfas90@gmail.com>
  • build gt4: 'make distcheck' failed -  stdio
  • profiling: 'make distcheck' failed -  stdio
Jeff Lucovsky
userguide: ftp formatting updates
Victor Julien
detect/mpm: put transform into 'profile name'
So that profiling gives more info about cost of the mpm
engines when they use transforms.
Victor Julien
detect: fix inaccurate comments
Shivani Bhardwaj
rust: fix compiler warning
rustc 1.36 introduced:

error: variable does not need to be mutable
  --> src/dhcp/parser.rs:202:17
202 |            let mut malformed_options = false;
    |                ----^^^^^^^^^^^^^^^^^
    |                |
    |                help: remove this `mut`
note: lint level defined here
  --> src/lib.rs:18:38
18  | #![cfg_attr(feature = "strict", deny(warnings))]
    |                                      ^^^^^^^^
    = note: #[deny(unused_mut)] implied by #[deny(warnings)]

error: aborting due to previous error

error: Could not compile `suricata`.

Ticket #3072.
Victor Julien
ftp: fix reply without request
Permit picking up any reply w/o a request. Observed unsolicited server
messages before connection termination.

Previously the code assumed that this could only happen on connection
start when there was no previously recorded command.
Eric Leblond
af-packet: fix build on recent Linux kernels
Jeff Lucovsky
userguide: formatting: remove tabs
Jeff Lucovsky
eve/ftp: Log initial responses
This changeset ensures that unknown commands are logged.
Unknown commands are either
- Banner responses when connecting to the FTP port
- Commands not includes in the FtpCommands descriptor table
Jeff Lucovsky
eve/ftp: Refactor and reduce logging functions
Jeff Lucovsky
suricata.yaml: Add ftp logging option to eve-log
Philippe Antoine
ftp: removes one use of atoi
Fixes only one small part of #3053
Jeff Lucovsky
ftp: Generalize prelim positive reply
Extend special case for reply code 150 to handle all preliminary
positive reply -- reply codes with `1xy`.
Shivani Bhardwaj
configure: Add date with rev information
Date makes it even clearer that when was the last commit for the build
that one is running. Add this info alongwith rev. Change inspired by

$ suricata -V
This is Suricata version 5.0.0-dev (rev 2d217e666)

This is Suricata version 5.0.0-dev (2d217e666 2019-07-12)

Closes redmine ticket #3092
Victor Julien
ftp: be more strict with tx type
Victor Julien
string: making shortening function global
Jeff Lucovsky
spelling: correct spelling typo
  • build gt4: 'make distcheck' failed -  stdio
  • profiling: 'make distcheck' failed -  stdio
Victor Julien
device: remove duplicate length check
Shorten code handles all cases correctly.
Andreas Herz
rule-reload: enable rule-reload for -s and -S run as well
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
  • profiling: 'make distcheck' failed -  stdio
Shivani Bhardwaj
rust: Fix deprecation warnings
Fix the following warnings by compiler,
(1) warning: use of deprecated item 'take_until_s': Please use `take_until` instead
(2) warning: `...` range patterns are deprecated

For the second warning, the builtin lint
"ellipsis_inclusive_range_pattern" has been added which causes the
following warning to show up with rustc 1.24.

warning: unknown lint: `ellipsis_inclusive_range_patterns`
  --> /home/travis/build/OISF/suricata/suricata-5.0.0-dev/rust/src/lib.rs:18:10
18 | #![allow(ellipsis_inclusive_range_patterns)]
  |          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  = note: #[warn(unknown_lints)] on by default

Since there is no other way to fix this, the above warning shall stay.
We need to take care of modifying this if and when the support for 1.24
as MSRV is dropped.
  • build gt4: 'make distcheck' failed -  stdio
  • profiling: 'make distcheck' failed -  stdio
Jeff Lucovsky
eve/json: Break multiline FTP responses into array
This changeset breaks multi-line FTP responses into separate array
entries. Multi-line responses are those with "text-1\r\ntext-2[...]".
Each of \r\n delimited text segments is reported in the `reply` array;
each text segment _may_ include a completion code; completion codes are
reported in the `completion_code` array.
Victor Julien
stream: fix midstream reverse flow handling
When a TCP session is picked up from the response the flow is
reversed by the protocol detection code.

This would lead to duplicate logging of the response. The reason this
happened was that the per stream app progress tracker was not handled
correctly by the direction reversing code. While the streams were
swapped the stream engine would continue to use a now outdated pointer
to what had become the wrong direction.

This patches fixes this by making the stream a ptr to ptr that can be
updated by the protocol detection as well.

In addition, the progress tracking was cleaned up and the GAP error
handling in this case was improved as well.
Victor Julien
detect/dns: register correct profile name
Max Fillinger
pfring: Fix kernel version in comment
Philippe Antoine
ssl: register probing for port 443 if no config
Jeff Lucovsky
output/json: Refactor output buffer size macro
Victor Julien
pcap: fix breakloop error handling
Ticket #3004
Victor Julien
ftp: reply code 150 doesn't end tx
Philippe Antoine
http: fixes overflow in range parsing
Eric Leblond
ebpf: remove left over debug in lb.c
Victor Julien
detect: move includes/declarations closer to use
Victor Julien
device: break string shortening out of device shortening
Jeff Lucovsky
eve/ftp: Transaction support for unmatched requests
Modified transaction logic to create a new transaction with each
request; replies location transactions by using the oldest "open"
(unmatched) transaction or the last transaction if none are open.
Jeff Lucovsky
eve/ftp: Log FTP transactions
This changeset includes changes that
1. Add transaction support to the FTP parser
2. Support eve json logging of FTP transactions
Zach Kelly
eve/ftp: Bug fix and banner capture
1. Correct off-by-one error in server response whitespace removal
2. Include banner response (before first command entered)
Jeff Lucovsky
detect/analyzer: remove HAVE_LIBJANSSON cpp guards
  • build gt4: 'make distcheck' failed -  stdio
  • profiling: 'make distcheck' failed -  stdio
Victor Julien
netmap: suppress format truncation warning
  CC      source-netmap.o
source-netmap.c: In function ‘NetmapOpen’:
source-netmap.c:327:56: error: ‘%s’ directive output may be truncated writing up to 15 bytes into a region of size between 10 and 57 [-Werror=format-truncation=]
        snprintf(devname, sizeof(devname), "netmap:%s%s%s",
                ns->iface, strlen(optstr) ? "/" : "", optstr);
source-netmap.c:327:9: note: ‘snprintf’ output 8 or more bytes (assuming 70) into a destination of size 64
        snprintf(devname, sizeof(devname), "netmap:%s%s%s",
                ns->iface, strlen(optstr) ? "/" : "", optstr);
source-netmap.c:330:59: error: ‘%s’ directive output may be truncated writing up to 15 bytes into a region of size between 8 and 55 [-Werror=format-truncation=]
        snprintf(devname, sizeof(devname), "netmap:%s-%d%s%s",
                ns->iface, ring, strlen(optstr) ? "/" : "", optstr);
source-netmap.c:330:9: note: ‘snprintf’ output 10 or more bytes (assuming 72) into a destination of size 64
        snprintf(devname, sizeof(devname), "netmap:%s-%d%s%s",
                ns->iface, ring, strlen(optstr) ? "/" : "", optstr);
source-netmap.c:316:54: error: ‘snprintf’ output may be truncated before the last format character [-Werror=format-truncation=]
        snprintf(devname, sizeof(devname), "%s}%d%s%s",
source-netmap.c:316:9: note: ‘snprintf’ output 3 or more bytes (assuming 65) into a destination of size 64
        snprintf(devname, sizeof(devname), "%s}%d%s%s",
                ns->iface, ring, strlen(optstr) ? "/" : "", optstr);
cc1: all warnings being treated as errors

Gcc 8 with -Wformat-truncation=1