Commit Graph

9303 Commits (575fb69a064fefb8ada4dca80d0409925d4c75ef)
 

Author SHA1 Message Date
Victor Julien 575fb69a06 coverity: suppress warning for intentional code 7 years ago
Victor Julien 335df629a2 rust/dns: don't compile unused C code if Rust is enabled 7 years ago
Victor Julien f97bf298b2 coverity: fix filestore v2 memleak 7 years ago
Victor Julien 00111499b0 log-pcap: fix coverity memleak warning 7 years ago
Victor Julien a683279137 coverity: don't warn on fall back random 7 years ago
Mats Klepsland a8347e1bc2 app-layer-ssl: fix flow and inspection bypass for TLSv1.3 7 years ago
Mats Klepsland 3b73b7d542 app-layer-ssl: add 0-RTT support for TLSv1.3 7 years ago
Mats Klepsland 23993c18cd app-layer-ssl: decode early data extension in ClientHello record
Decode early data extension used by 0-RTT that is used to indicate that
application data will be sent right after the ClientHello record.
7 years ago
Mats Klepsland 7556004a51 app-layer-ssl: use extension length when decoding extensions
Pass extension length to functions decoding extensions, instead of
passing the length left in the record. This enables us to also
decode empty extensions.
7 years ago
Mats Klepsland ee1de4c812 app-layer-ssl: handle all versions above TLSv1.2 as TLSv1.3
This makes it more likely to log custom versions of TLSv1.3 that
doesn't comply with the draft version numbering.
7 years ago
Victor Julien 31b87d5f8f tls: remove debug printfs 7 years ago
Mats Klepsland 16643befe7 detect-tls-ja3-hash: add another unit test
Add unit test that covers the JA3 bug in TLS extensions decoding.
7 years ago
Mats Klepsland fc53b2ecd5 app-layer-ssl: fix JA3 bug in TLS extension decoding 7 years ago
Mats Klepsland 89bd274f44 app-layer-ssl: fix JA3 bug in TLS version decoding 7 years ago
Victor Julien 215e37a9c0 capture: multidev is not experimental 7 years ago
Victor Julien 631ee383bb flow/stream: 'wrong thread' as stream event & counter
Set event at most once per flow, for the first 'wrong' packet.

Add 'tcp.pkt_on_wrong_thread' counter. This is incremented for each
'wrong' packet. Note that the first packet for a flow determines
what thread is 'correct'.
7 years ago
Victor Julien 588a56c8ba smtp: fix clang -Wunreachable-code warning
app-layer-smtp.c:756:12: error: will never be executed [-Werror,-Wunreachable-code]
    return 0;
           ^
1 error generated.
7 years ago
Victor Julien 17e7d179d0 profiling/csv: update output format
Update output to be:

pcap_cnt,total,receive,decode,flowworker,threading,proto detect,flow,
stream,app-layer,detect,tcp-prune,loggers,<detect stages>,<loggers>

For TCP, the app-layer cost is not part of stream anymore.
7 years ago
Victor Julien 85f2486e0b multi-tenant: document per tenant settings 7 years ago
Victor Julien 6781146556 test mode: parse interface list in test mode 7 years ago
Victor Julien 77c7cf0211 windivert: fix whitespace issue 7 years ago
Victor Julien b86e176262 af-packet: suppress noisy info message 7 years ago
Victor Julien d6460392c5 detect/transforms: fix doc urls 7 years ago
Victor Julien 3ba2c9fba7 pfring: multiple receive threads is not experimental 7 years ago
Victor Julien 57921d95d6 eve: improve error handling for Rust loggers
Give useful warning message if Rust is not compiled in.
7 years ago
Victor Julien 24b18e47bd pfring: minor cleanups 7 years ago
Victor Julien 4f84672d7c stats: decoder/stream events as stats 7 years ago
Victor Julien 014056f686 detect/analyzer: add detection for sigs that could use http keywords 7 years ago
Victor Julien 127937b2dd detect/analyzer: add debug statements 7 years ago
Victor Julien c05459ce89 detect/analyzer: fix json analyzer being called on incomplete rules 7 years ago
Victor Julien c62273f4fd rust/smb: silence noisy debug messages 7 years ago
Victor Julien 6c97909a92 stream/events: log as stats 7 years ago
Victor Julien fa06879563 detect/events: cleanup keyword 7 years ago
Victor Julien 5afeebf884 doc/flow: updates and cleanups to flow section 7 years ago
Victor Julien 2ae8d1a208 cocci/detect: add flags check to SigTableElmt 7 years ago
Victor Julien ecb5d6419b rules/transform: add to list-keywords 7 years ago
Victor Julien 72dd4a5f92 doc/rules: initial transforms documentation 7 years ago
Victor Julien 226fe5cab3 doc/performance: redo runmodes explanation 7 years ago
Victor Julien 17e2d39531 doc/install: update Rust info in generic install overview 7 years ago
Victor Julien 473688746b doc/eve: add community id 7 years ago
Mats Klepsland 81cdcd315b detect-ssh-software: fix url for keyword 7 years ago
Mats Klepsland 08efbdc632 detect-ssh-software-version: add description and url to keyword 7 years ago
Mats Klepsland f4da3050f2 detect-ssh-proto-version: add description and url to keyword 7 years ago
Mats Klepsland c58252bb3b detect-ssh-proto: fix url for keyword 7 years ago
Mats Klepsland e92fda37c9 doc: add documentation for SSH keywords 7 years ago
Victor Julien fd13970bfa changelog: update for 4.1rc2 7 years ago
Victor Julien 083908f3be rust/ike2: free destate on tx free
Bug #2604
7 years ago
Jason Ish 6f00ba0659 rust: fix (again) out of tree builds
As the generated Cargo.toml is shipped as part of a release
tarball, build from the source directory but set the cargo
CARGO_TARGET_DIR to the build directory.
7 years ago
Pascal Delalande 64922a476e doc: remove deprecated force-md5 flag from userguide 7 years ago
Travis Green 576b3b6a81 Added new classifications to classification.conf
Added classifications from rule-writing community feedback.
7 years ago