aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
18,107 Commits
8 Branches
165 Tags
215 MiB
main
main-8.0.x
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.2
suricata-7.0.13
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '047f1c5080'
${ noResults }
Commit Graph

2003 Commits (047f1c5080acbb55374e0baf2afd4722f03cbcf5)

Author SHA1 Message Date
Philippe Antoine 3babd68af4 pop3: count retr_data into consumed 
for later AppLayerResult::incomplete

Fixes: acef961645 ("pop3: improve parsing")

https://issues.oss-fuzz.com/u/1/issues/451112373

Ticket: 7994
 1 month ago
Philippe Antoine 9a4a29e218 http2: fix parsing of goaway frames 
There was a last stream id before the error code
As per section 6.8 of RFC 7540

Ticket: 7991
 1 month ago
Philippe Antoine 7f0087f19a rust/detect: fix correct pointer type in SCDetectU32ArrayFree 1 month ago
Philippe Antoine 969739d067 detect: http2.errorcode is now a generic integer 
Ticket: 7889
 1 month ago
Philippe Antoine 401b2fcae6 detect: http2.frametype is now a generic integer 
Ticket: 7889
 1 month ago
Philippe Antoine 454f73b445 rust: EnumString derive accepts a enum_string_style parameter 
So that http2.frametype and http2.errorcode can use EnumString
without changing the format, as they used UPPERCASE instead of
the default EnumString snake_case
 1 month ago
Victor Julien acef961645 pop3: improve parsing 
Improve multiline commands and SASL auth.

Work around missing support in crate for empty server challenge and SASL base64 data.

Ticket: #7709.
 1 month ago
Jason Ish 5e2dc9ace3 ike: don't log empty server objects 1 month ago
Jason Ish 2d86412f46 ike: log attributes as objects 
IKE attributes are an array of TLV style objects, this means there can
be duplicate types seen on the wire. However, Suricata logs these as a
mapping with the type as the key. This can result in the JSON
containing duplicate keys.

To address this, log the attributes as an array of objects, allow
duplicates to exist, for example:

  "client": {
    "proposals": [
      {
        "sa_life_duration": "Unknown",
        "sa_life_duration_raw": 86400,
      }
    }
  }

is now logged as:

  "client": {
    "proposals": [
      {"key": "sa_life_duration", "value": "Unknown", "raw": 86400}
    ]
  }

Also adds `"version": 2` to each IKE record to note the change of
format from previous versions.

Ticket: #7902
 1 month ago
Jason Ish b543e28402 ike/detect: info log message should be debug 1 month ago
Philippe Antoine a393147415 rust: restrict visibility of reexported suricata_sys structs 1 month ago
Philippe Antoine fa322e3dc2 rust: remove unneeded cbindgen exclusions 1 month ago
Philippe Antoine 958344787f rust: bindgen FileAppendData 
Ticket: 7667
 1 month ago
Philippe Antoine 811d28cc6b rust: bindgen util-spm-bs.h 
for SCBasicSearchNocaseIndex

Ticket: 7667
 1 month ago
Jeff Lucovsky 0e547b9519 rust/conf: Accept xiB unit suffixes 
Update the memval to recognize
- kb and kib
- mb and mib
- gb and gib
as equivalent.
 1 month ago
Philippe Antoine 56e08c9134 mime: retain some stateful data for quoted-printable 
In case a sequence like =3D is split over 2 calls to SCSmtpMimeParseLine

Ticket: 7950
 1 month ago
Victor Julien 870b40220c rust: cargo update 2 months ago
Philippe Antoine 096ba42ce9 detect/integers: add some meaningful error messages 
To help rule writers
 2 months ago
Philippe Antoine 4f7fc25a1a detect/dnp3: make dnp3.ind a generic uint16 bitflags keyword 
Ticket: 6724

Allows operations such as negation
 2 months ago
Philippe Antoine c1917dec21 detect/integers: make mqtt use generic detect_parse_uint_bitflags 
Ticket: 6724
 2 months ago
Philippe Antoine 867f5bfa21 detect/integers: generic detect_parse_uint_bitflags 
Ticket: 6724

This will ease other keywords with bitflags, by having a generic
function + an association between flag string and bit value.
 2 months ago
Philippe Antoine 3641b4eda1 detect/nfs: move nfs_procedure to rust 
Make it able to use strings on the way

Ticket: 6723
 2 months ago
Philippe Antoine 9869fb776b detect/snmp: pdu_type keyword now accepts strings 
Ticket: 6723
 2 months ago
Philippe Antoine 0553dfa814 detect/krb5: move krb5_msg_type to rust 
Makes it a generic u32 on the way

Unit tests are covered by SV tests

Ticket: 6723
 2 months ago
Philippe Antoine 24503b0ead rust: move file functions out of SuricataContext 
Ticket: 7667
 2 months ago
Philippe Antoine 1f084f8cb7 rust: move HttpRangeFreeBlock out of SuricataContext 
Ticket: 7667
 2 months ago
Philippe Antoine 828a6bdbf8 rust: bindgen SCLogMessage 
Ticket: 7667
 2 months ago
Philippe Antoine cc845dccdb rust: bindgen GenericVarFree 
Ticket: 7667
 2 months ago
Philippe Antoine b00788af8b rust: bindgen SCAppLayerParserTriggerRawStreamInspection 
Ticket: 7667
 2 months ago
Philippe Antoine c52121586a rust: move AppLayerEvents funcs out of RustContext 
Ticket: 7667

just use it directly, with bindgen, and cfg not test
 2 months ago
Philippe Antoine bf6b8510fe rust: move DetectEngineStateFree out of RustContext 
Ticket: 7667

just use it directly, with bindgen, and cfg not test
 2 months ago
Philippe Antoine 573dd2367e rust: bindgen SCFileFlowFlagsToFlags 
Ticket: 7667
 2 months ago
Philippe Antoine 6fa85d18f0 rust: reenable lint unused_doc_comment 
With just local exceptions
 2 months ago
Philippe Antoine b59086210f rust: bindgen flow ffi API 
Ticket: 7667
 2 months ago
Philippe Antoine bbf1424371 rust: bindgen MpmAddPatternCI 
Ticket: 7667
 2 months ago
Philippe Antoine c391451f19 rust: begin to bindgen app-layer-register.h 
Ticket: 7667
 2 months ago
Philippe Antoine 95483228d2 detect: list-keywords cli shows integers with bitflags 
Ticket: 7875
 2 months ago
Philippe Antoine 53d9569dfb detect: list-keywords cli shows integers with enums 
Ticket: 7875
 2 months ago
Philippe Antoine da486af881 detect: list-keywords cli shows integers 
Ticket: 7875
 2 months ago
Philippe Antoine 68017d3fe1 detect: grow SigTableElmt flags to u32 
to be later able to store information about keywords being about
integers
 2 months ago
Philippe Antoine b298bce0e7 detect: list-keywords cli shows multi-buffers 
Ticket: 7571
 2 months ago
Philippe Antoine cb9ab951b9 detect/integers: subslice for multi-integers 2 months ago
Philippe Antoine 82f0e725a2 detect/integers: index or_absent and or_oob 
To match if array is empty, or index is out of bounds
 2 months ago
Philippe Antoine 1480cf47ab detect/integers: nb index to match a specific number of times 
For example
dns.rrtype: !A,nb>3
will match if we have more than 3 dns records which are not A
 2 months ago
Philippe Antoine 6f848eeaaf detect/integers: all1 index to match only on non-empty arrays 2 months ago
Philippe Antoine dd81cfa733 detect/uint: wait for end of progress to match on all 
As is done for absent keyword for instance
 2 months ago
Philippe Antoine 5add185f22 http2/detect: http2.window can now use index 
Ticket: 7480
 2 months ago
Philippe Antoine 83868778b9 http2/detect: http2.priority can now use index 
Ticket: 7480
 2 months ago
Philippe Antoine 9fc407fd75 mqtt/detect: mqtt.type can now use index 
Ticket: 7480
 2 months ago
Philippe Antoine c0988252ba dns/detect: rrtype can now use index 
Ticket: 7480
 2 months ago