Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Categories: default personal
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

default personal
ffbf8cec162c...
Mats Klepsland
logging: create log directories when needed
Recursively create new log directories when needed. This makes it
possible to use date modifiers in the file path to create
directories based on date, e.g.:

  /var/log/suricata/2017/02/14/
ff30d924db83...
Jason Ish
unix-socket: return failure on failure
UnixManagerThreadInit needs to return a failure code if the socket
fails to initialize to avoid entering the UnixManager loop which
will continuously fail on the call to bind, as no listening
socket was setup.

This can occur when the socket fails to initialize due to a
permissions error and fatal init errors is not on.
ec964ebf8406...
Victor Julien
mingw: don't use uint type as mingw doesn't have it
  • gt4-pcap-tests: '/suriqa-buildbot/sid-pcap-qa-tools/regression_script.sh /suriqa-buildbot/ ...' failed -  stdio
e69ce30d87f3...
Jason Ish
template script: typo in app-layer setup script
Check for ed was failing, as it was actually looking for edx.
e1bf48c0ee89...
Victor Julien
pool: fix compiler warning
clang-4.0 reported:

util-pool.c:242:13: warning: logical not is only applied to the left hand side of this bitwise operator [-Wlogical-not-parentheses]
        if (! pb->flags & POOL_BUCKET_PREALLOCATED) {
            ^          ~
util-pool.c:242:13: note: add parentheses after the '!' to evaluate the bitwise operator first
        if (! pb->flags & POOL_BUCKET_PREALLOCATED) {
            ^
              (                                  )
util-pool.c:242:13: note: add parentheses around left hand side expression to silence this warning
        if (! pb->flags & POOL_BUCKET_PREALLOCATED) {
            ^
            (          )
util-pool.c:261:13: warning: logical not is only applied to the left hand side of this bitwise operator [-Wlogical-not-parentheses]
        if (! pb->flags & POOL_BUCKET_PREALLOCATED) {
            ^          ~
util-pool.c:261:13: note: add parentheses after the '!' to evaluate the bitwise operator first
        if (! pb->flags & POOL_BUCKET_PREALLOCATED) {
            ^
              (                                  )
util-pool.c:261:13: note: add parentheses around left hand side expression to silence this warning
        if (! pb->flags & POOL_BUCKET_PREALLOCATED) {
            ^
            (          )
2 warnings generated.
dd70b3fda07b...
Victor Julien
random: improve random logic
Improve random logic for hash tables.

Implement Windows random API if it is available.
  • gt4-pcap-tests: '/suriqa-buildbot/sid-pcap-qa-tools/regression_script.sh /suriqa-buildbot/ ...' failed -  stdio
db6c80fd8e42...
Mats Klepsland
logging: support date modifiers in log filenames
Allow log filenames to contain date modifiers, e.g.:

  - eve-log:
    filename: eve-%Y-%m-%d-%H:%M:%S.json
d5a0eb4b2cbf...
Victor Julien
geoip: fix compiler warning
detect-geoip.c:78:40: error: incompatible pointer types assigning to 'int (*)(ThreadVars *, DetectEngineThreadCtx *, Packet *, const Signature *, const SigMatchCtx *)' from 'int (ThreadVars *, DetectEngineThreadCtx *, Packet *, Signature *, const SigMatchCtx *)' [-Werror,-Wincompatible-pointer-types]
    sigmatch_table[DETECT_GEOIP].Match = DetectGeoipMatch;
                                      ^ ~~~~~~~~~~~~~~~~
1 error generated.

Bug #2045
cee5c9fa605a...
Victor Julien
pcre: on ppc64 disable only for specific versions
Disable jit only for libpcre 8.39 and 8.40 as those were the buggy
versions.

Thanks to Zoltán Herczeg.
ca92be896eb5...
Jason Ish
defrag: use new unit test macros
Also reformat unit test functions to Suricata style.
c3b4dd5a7d74...
Victor Julien
qa: add --no-random commandline option
  • gt4-pcap-tests: '/suriqa-buildbot/sid-pcap-qa-tools/regression_script.sh /suriqa-buildbot/ ...' failed -  stdio
bc480fa8c3fe...
Victor Julien
pcre: disable jit on powerpc64
It appears that both using gcc and clang something gets misoptimised
around pcre's jit. So disable jit for now.
ba612654032b...
Victor Julien
qa: add rand/rand_r to banned functions
  • gt4-pcap-tests: '/suriqa-buildbot/sid-pcap-qa-tools/regression_script.sh /suriqa-buildbot/ ...' failed -  stdio
b134dfcce71a...
Victor Julien
modbus: fix compiler warnings about alignment
app-layer-modbus.c:1226:39: warning: taking address of packed member 'transactionId' of class or structure 'ModbusHeader_' may result in an unaligned pointer value [-Waddress-of-packed-member]
    if (ModbusExtractUint16(modbus, &(header->transactionId), input, input_len, &offset)    ||
                                      ^~~~~~~~~~~~~~~~~~~~~
app-layer-modbus.c:1228:39: warning: taking address of packed member 'protocolId' of class or structure 'ModbusHeader_' may result in an unaligned pointer value [-Waddress-of-packed-member]
        ModbusExtractUint16(modbus, &(header->protocolId), input, input_len, &offset)      ||
                                      ^~~~~~~~~~~~~~~~~~
app-layer-modbus.c:1230:39: warning: taking address of packed member 'length' of class or structure 'ModbusHeader_' may result in an unaligned pointer value [-Waddress-of-packed-member]
        ModbusExtractUint16(modbus, &(header->length), input, input_len, &offset)          ||
                                      ^~~~~~~~~~~~~~
3 warnings generated.

Bug #2088
af174c82bb12...
fooinha
log: common custom format output
aca27ff383d7...
Victor Julien
doc: expand on bpf
a64e5e77c788...
fooinha
eve: async mode for redis output
eve: detects libevent for async redis at configure
eve: moves redis output code to new file - util-log-redis.{c,h}
eve: redis ECHO and QUIT commands for async mode
eve: redis output defaults if conf is missing
a4dce241516b...
Victor Julien
core dumps: check for sys/resource.h
9ff8882cbdaf...
Jason Ish
detect: don't consider an empty rule file an error
8f15e30a58e2...
Victor Julien
common: improve byte order and wordsize detection
8b9f84bff2d8...
Mats Klepsland
doc: add documentation for date modifiers in eve-log
845e18f25ac8...
Jason Ish
defrag: (windows) detect more overlaps
8436a892f95e...
Jason Ish
logging: only do non-blocking writes if live
If running against a pcap there is no reason to drop events,
a blocking socket is fine here. So only do non-blocking writes
when running off a live device.
7922f9be1bb9...
Jason Ish
defrag: (linux) fix an error in overlapping fragments
If a subsequent fragment has a lower offset than a previous
one and overlaps, trim off the beginning of the previous
fragment.

Based on an issue reported privately.
753997310919...
Ray Ruvinskiy
tls: logging for session resumption
We assume session resumption has occurred if the Client Hello message
included a session id, we have not seen the server certificate, but
we have seen a Change Cipher Spec message from the server.

Previously, these transactions were not logged at all because the
server cert was never seen.

Ticket: https://redmine.openinfosecfoundation.org/issues/1969
673549e5cf34...
Jason Ish
eve: log number of events dropped at exit
6227d0955f56...
Victor Julien
af-packet: fix cppcheck false positive
[src/source-af-packet.c:1903]: (error) Resource leak: fd
618f35121049...
Victor Julien
cleanup: get rid of %llu format specifiers
Use more explicit types instead.
59b98649de2f...
Jason Ish
logging: don't block on socket writes
Writing to a unix socket can cause Suricata to block in the
packet path. This could happen if the read-endpoint of the
unix socket stays connected, but stops reading, or simply
can't read fast enough as part of its event processing.

To choose packets over events, do non-blocking socket
writes and drop the event if the write would block and
update a dropped counter.
535d9e352982...
Victor Julien
random: convert stream and htp to new call
  • gt4-pcap-tests: '/suriqa-buildbot/sid-pcap-qa-tools/regression_script.sh /suriqa-buildbot/ ...' failed -  stdio
47a5b493d748...
Mats Klepsland
output-json: rotate log file based on time
Rotate log file based on time. Support both rotating based on a timer (XXs,
XXm, XXd, XXw) and rotating based on a absolute time, like each minute,
hour or day.
3ca1a29bbd6c...
Jason Ish
defrag: fix argument used in macro to match signature
"p" was being used in the macro but was not an argument to
the macro, but it worked due to the context of the macro.

Use the actual macro argument, d2, instead of p.

Results in no change to generated code.
37a12fe79925...
Mats Klepsland
doc: add documentation for eve-log file rotation
3726fd66bee9...
Victor Julien
http: fix body tracking corner case
In some cases, observed with inspect limits 0, the body tracking could
get confused. When all chunks were already freed, a new chunk would
be considered to be the start of the body. This would overwrite the
bodies 'content_len_so_far' tracker, instead of adding to it. This in
turn could lead to a assertion abort in the inspection code.

This patch redoes the append code to always add the current lenght. It
cleans up the code to remove redundant logic.

Issue: https://redmine.openinfosecfoundation.org/issues/2078
Reported-By: Jørgen Bøhnsdalen
36667ab8a1c3...
fooinha
doc: async mode for redis eve output
async: true ## if redis replies are read asynchronously
29c812575813...
Victor Julien
redis: use SCCalloc to reduce risk of unitialized vars
20d4d4005183...
fooinha
log: tls custom format log
1223de42089a...
psanders240
doc: Napatech docs improvement
Fix errors and simplify filters.
0dc57c937e3a...
Ray Ruvinskiy
device: fix warning about NULL device
Fix '[ERRCODE: SC_ERR_INVALID_VALUE(130)] - Name of device should not be null'
warning on start-up with pfring.

Ticket: https://redmine.openinfosecfoundation.org/issues/2097
00cd47b2bf16...
Jason Ish
travis: use new container build infrastructure
Migrate to the new Travis container build system. This build system does
not allow use of sudo, so required packages must be done declaratively
which required reworking how we install packages that are conditional
based on the build being done.

Mac builds are still done with sudo=true.