aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,880 Commits
8 Branches
165 Tags
220 MiB
main
main-8.0.x
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.2
suricata-7.0.13
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '53d9569dfb'
${ noResults }
Commit Graph

1966 Commits (53d9569dfbf43836ea32202541ef1584e891f448)

Author SHA1 Message Date
Philippe Antoine 53d9569dfb detect: list-keywords cli shows integers with enums 
Ticket: 7875
 2 months ago
Philippe Antoine da486af881 detect: list-keywords cli shows integers 
Ticket: 7875
 2 months ago
Philippe Antoine 68017d3fe1 detect: grow SigTableElmt flags to u32 
to be later able to store information about keywords being about
integers
 2 months ago
Philippe Antoine b298bce0e7 detect: list-keywords cli shows multi-buffers 
Ticket: 7571
 2 months ago
Philippe Antoine cb9ab951b9 detect/integers: subslice for multi-integers 2 months ago
Philippe Antoine 82f0e725a2 detect/integers: index or_absent and or_oob 
To match if array is empty, or index is out of bounds
 2 months ago
Philippe Antoine 1480cf47ab detect/integers: nb index to match a specific number of times 
For example
dns.rrtype: !A,nb>3
will match if we have more than 3 dns records which are not A
 2 months ago
Philippe Antoine 6f848eeaaf detect/integers: all1 index to match only on non-empty arrays 2 months ago
Philippe Antoine dd81cfa733 detect/uint: wait for end of progress to match on all 
As is done for absent keyword for instance
 2 months ago
Philippe Antoine 5add185f22 http2/detect: http2.window can now use index 
Ticket: 7480
 2 months ago
Philippe Antoine 83868778b9 http2/detect: http2.priority can now use index 
Ticket: 7480
 2 months ago
Philippe Antoine 9fc407fd75 mqtt/detect: mqtt.type can now use index 
Ticket: 7480
 2 months ago
Philippe Antoine c0988252ba dns/detect: rrtype can now use index 
Ticket: 7480
 2 months ago
Philippe Antoine d8c1f8e7be rust/detect: generic detect_uint_match_at_index 
and make ldap use it

Ticket: 7480

No behavior change, just code restyling
 2 months ago
Philippe Antoine 7effcb7835 rust/ldap: use Vec instead of Vecdeque 
as we do not pop

Ticket: 7480

May have a behavior change, but only in terms of performance
 2 months ago
Philippe Antoine f555f02ed4 rust/detect: generic detect_parse_array_uint_enum 
And make ldap use it

Ticket: 7480

No behavior change, just code restyling
 2 months ago
Philippe Antoine c6d3857793 rust/detect: create generic DetectUintArrayData 
And make ldap use them

Ticket: 7480

No behavior change, just code restyling
 2 months ago
Philippe Antoine e01d19889e rust/detect: move DetectUintIndex definition to generic file 
Ticket: 7480

No behavior change, just code restyling
 2 months ago
Philippe Antoine ef6ce7d701 detect: rename LdapIndex to something generic 
to be able to use it outside of ldap

Ticket: 7480

No behavior change, just code restyling
 2 months ago
Philippe Antoine 2ed7a85356 rust: rustfmt detect uint 2 months ago
Alice Akaki 8e0b0ef35f detect: add email.body_md5 keyword 
email.body_md5 matches on md5 hash generated from email body
This keyword maps to the EVE field email.body_md5
It is a sticky buffer
Supports prefiltering

Ticket: #7587
 2 months ago
Alice Akaki 6c88cc1e0c detect/mime: fix detect mime nits 
Return 0 if .to_str() fails in functions
SCDetectMimeEmailGetData and SCDetectMimeEmailGetDataArray

Fixes:
431822c ("detect: add email.from")
96e461f ("detect: add email.received keyword")
 2 months ago
Alice Akaki 4f1cc19f25 mime/smtp: Change md5_result type from GenericArray<u8, U16> to String 2 months ago
Victor Julien 96ae693b44 version: start work on 9.0.0 2 months ago
Shivani Bhardwaj 0d65d35c92 version: start development towards 8.0.2 2 months ago
Jason Ish 2444feed0d release: 8.0.1; update changelog 2 months ago
Jason Ish 6d74656bef rust: respect RUSTC and CARGO env vars like CC 
To support alternative cargo and rustc programs (such as cargo-1.82),
respect CARGO and RUSTC environment variables during ./configure much
like CC.

RUSTFMT is also respected as that is required for the tests, and Cargo
can't figure this out like it can for rustc (perhaps a bug in the
packaging).

For cbindgen, we have also have to make sure the cargo environment
variable is set for each invocation.

To build with Ubuntu's Rust 1.82 packaging:

  CARGO=cargo-1.82 RUSTC=rustc-1.82 RUSTDOC=rustdoc-1.82 \
      ./configure

Note that setting RUSTDOC is only required for commands like "make
check" to pass.

Ticket: #7877
 3 months ago
Jason Ish db945aec83 rust: bindgen requires rustfmt 
Bindgen will use rustfmt after generating the bindings, but this will
fail if rustfmt is not installed. Only run bindgen if rustfmt is
installed.
 3 months ago
Jason Ish 4d4198dccc rust: update tracing-subscriber 
Address https://rustsec.org/advisories/RUSTSEC-2025-0055.
 3 months ago
Jason Ish 3b9dfe620d rust: pin time crate to 0.3.41 
0.3.42 introduces dependencies that require Rust 1.81.
 3 months ago
Philippe Antoine be605ba2de htp: use transactions right get function 
Not the VecDeque one

Ticket: 7803
 3 months ago
Philippe Antoine d0a513df6a detect/integers: support kibibyte unit 
Ticket: 7869
 3 months ago
Philippe Antoine 2a17ab6d88 http: generate no anomaly for identity encoding 
Ticket: 7843
 3 months ago
Jeff Lucovsky 03d676531a detect/from_base64: Support keyword w/no opts 
Issue: 7853

Support the use of `from_base64` with no optional values. In this case,
the default values for:
- mode RFC4648
- offset: 0
- bytes: buffer size
will be used.
 3 months ago
Jason Ish b93a27722c rust: fix mismatched_lifetime_syntaxes warning 
Fix new warning present in Rust 1.89.

warning: hiding a lifetime that's elided elsewhere is confusing
   --> src/ldap/types.rs:191:30
    = help: the same lifetime is referred to in inconsistent ways, making the signature confusing
    = note: `#[warn(mismatched_lifetime_syntaxes)]` on by default
help: use `'_` for type paths
 4 months ago
Philippe Antoine fe9da8acd6 http2: do not log empty objects for request or response 
Ticket: 7741
 4 months ago
Philippe Antoine 11c549211e snmp: fix the possibility to disable the parser 
Ticket: 7820

Do not register anything, not even ALPROTO_SNMP "snmp" string
if parser is disabled
 4 months ago
Shivani Bhardwaj e4b3b75b23 version: start development towards 8.0.1 4 months ago
Shivani Bhardwaj 9956286fb8 release: 8.0.0; update changelog 5 months ago
Philippe Antoine fa8d3a4ccb http2: do not set file flags for global txs 
Global txs means here txs with stream id 0, used for connection control
messages.
 5 months ago
Philippe Antoine 349c21af2c http2: mark old txs as updated 
As is done in the other case a few lines below
 5 months ago
Philippe Antoine 1d6d331752 http2: forbid data on stream 0 
Ticket: 7658

Suricata will not handle well if we open a file for this tx,
do not close it, but set the transaction state to completed.

RFC 9113 section 6.1 states:

If a DATA frame is received whose Stream Identifier field is 0x00,
the recipient MUST respond with a connection error (Section 5.4.1)
 of type PROTOCOL_ERROR.
 5 months ago
Jason Ish c204ddb3e5 rust/Makefile: sort filenames 
Misc cleanup as these lists are growing.
 5 months ago
Jason Ish f68b06798f rust/htp: follow suricata versioning 
Have htp follow Suricata versioning so we don't have to worry about
version updates as it changes.

For example, between 8.0.0-beta1 and 8.0.0-rc1 there were changes to
the htp, however the version stayed at 2.0.0 making it impossible to
publish these changes to crates.io.
 5 months ago
Philippe Antoine 1940454a69 http: do not yield after failed connect if already pipelined 
Ticket: 7791
 5 months ago
Philippe Antoine 10150e95ad rust: allow collapsible_else_if for debug logs 
see https://github.com/rust-lang/rust-clippy/issues/15158
 5 months ago
Philippe Antoine a22b2f06fe rust/htp: fix clippy uninlined_format_args 
--> htp/src/decompressors.rs:703:64
    |
703 |                 std::io::Error::new(std::io::ErrorKind::Other, format!("{}", e))
    |                                                                ^^^^^^^^^^^^^^^^
    |
    = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#uninlined_format_args
 5 months ago
Jeff Lucovsky 7e713cb45a detect/analyzer: Support u8 types 
Issue: 6359

Support JSON output of u8 types
 5 months ago
Philippe Antoine bca6cbfb04 rust: fix prototype for AppLayerParserTriggerRawStreamInspection 
Ticket: 7762

As it modifies the flow indeed
 5 months ago
Philippe Antoine f8168493f6 rust: remove unnecessary cbindgen exclusions 5 months ago