Commit Graph

7385 Commits (664f9aa9068dccfde49c64ca8dd2d1bc049262a6)
 

Author SHA1 Message Date
Victor Julien 664f9aa906 flow: use BIT_U32 for flags 9 years ago
Victor Julien c81aaeda7b flow: move file flags into their own variable
Move FLOW_FILE_* flags into Flow::file_flags. Rename them to
FLOWFILE_* so non updated code will break.
9 years ago
Jason Ish 3fab684f97 logging: don't log that json is disabled in each logger
A warning log is already emitted if eve-log is enabled in the
configuration but json support is not built so the logger
registration functions can be silent.
9 years ago
Jason Ish 0bce4b5534 macOS: thread return value affects newer macOS as well
ALl OS X/macOS versions since 10.10 return EDEADLK here instead
of EBUSY. Assume they will moving forward as well.
9 years ago
Victor Julien d80914d350 doc: move rule reload and adding rules into rule-management 9 years ago
Victor Julien e24c3937b3 doc: add rule-management chapter 9 years ago
Victor Julien 80bd59ae86 doc: improve install doc, configure 9 years ago
Victor Julien 48274218df doc: multi-tenancy is not work in progress 9 years ago
Victor Julien f64decf5e2 doc: clean up log rotation 9 years ago
Victor Julien 729fd2e406 doc: update libcap-ng doc 9 years ago
Victor Julien e5ee665f24 doc: rewrite rule reload doc 9 years ago
Victor Julien f867bb61e6 http: fix memory leak in error path 9 years ago
Victor Julien 40af9aad02 streaming: improve error handling
When memory allocations happened in HTTP body and general file
tracking, malloc/realloc errors (most likely in the form of memcap
reached conditions) could lead to an endless loop in the buffer
grow logic.

This patch implements proper error handling for all Append/Insert
functions for the streaming API, and it explicitly enables compiler
warnings if the results are ignored.
9 years ago
Victor Julien 6a831f8125 doc: add simple install guide 9 years ago
Jason Ish 2c60e9b4de doc: remove userguide.pdf on clean instead of suricata.pdf
As the pdf is a built artifact, it needs to be removed to
satisfy distcheck.
9 years ago
Jason Ish afead7e565 doc: add missing docs to EXTRA_DIST 9 years ago
Jason Ish dbde356053 doc: exclude docs in partials/ from reference errors
These docs are already included with the include statement,
but older versions of Sphinx still complain that they
are not in a table of contents.
9 years ago
Victor Julien aaf0fe4d29 doc: eve update 9 years ago
Victor Julien a35bea28f3 doc: rules-meta typo 9 years ago
Victor Julien 879c3d8ad7 detect: fix scan-build 0-size alloc warnings 9 years ago
Victor Julien 76b55214f0 doc: rules-meta small cleanup 9 years ago
Victor Julien 3cf1b12061 doc: http sticky vs modifier 9 years ago
Victor Julien 0d15593258 doc: move urilen to other uri keywords 9 years ago
Victor Julien 34bfacdee0 doc: add minimal http request/response line sections 9 years ago
Victor Julien adb6c75e2e doc: only make sphinx warnings fatal on html/pdf 9 years ago
Jason Ish 82a6bfd599 doc: manpage: add bugs and notes section 9 years ago
Jason Ish a4450b768e doc: manpage: add signals section 9 years ago
Jason Ish 5c78fdbc9c doc: break out command line options into a common doc
The command line options can now be consumed by the man page
and the user guide.

Some attempt was made to order the options from common/basic
progressing to advanced with some notion of options
grouped together.
9 years ago
Jason Ish cd4c9e73f8 doc: fix sphinx warnings
This involved removing documents that were intentionally
not referenced as they are not good candidates for the
user guide.
9 years ago
Jason Ish 3df7f97a33 doc: fail on sphinx warnings 9 years ago
Jason Ish 79d21e9eee docs: include userguide.pdf in dist 9 years ago
Victor Julien 790ac8d417 changelog: update for 3.2beta1 9 years ago
Victor Julien d4c7c2c2c7 cygwin: leave magic-file commented out in yaml 9 years ago
Jason Ish 09c3e1dd8a pcap-log: cleanup allocations at exit
Particularly in multi-mode, allocations made for each thread were
not being cleaned.

ASAN reports no leaks now on exit.
9 years ago
Jason Ish a6854147be pcap-log config: sguil-base-dir -> dir and update comment
The code already looks for "dir" first instead of
"squil-base-dir", and already respects this configuration
parameter in other modes than the "sguil" mode.

Coda will still access "sguil-base-dir".
9 years ago
Jason Ish 214e97814c doc: bring in unix socket interaction from wiki 9 years ago
Jason Ish bec128bbf9 doc: attempt to parse version if not in environment
Should fix the version displayed on readthedocs.
9 years ago
Victor Julien f80ce51ddf unix-socket: don't try to change permissions on BSD
On BSD using fchmod on a socket is not supported and will result
in EINVAL.
9 years ago
Victor Julien 96c28b2995 bug 1353: don't cut off last char of unix path 9 years ago
Victor Julien 4a190e07a6 pcre: disable JIT if RWX pages not supported 9 years ago
Victor Julien 46f5f4cff8 util: add facility to check for RWX page support
Some code won't work well when the OS doesn't allow RWX pages. This
page introduces a check for runtime evaluation of the OS' policy on
this.

Thanks to Shawn Webb from HardenedBSD for suggesting this solution.
9 years ago
Victor Julien a3a1757472 flow-mgr: fix bypass counter registration 9 years ago
Victor Julien 595c20ddf4 der: fix asan/valgrind errors in time parsing 9 years ago
Victor Julien 7e4df3a1d1 tls-validity: fix memory handling 9 years ago
Mats Klepsland 10d827639e detect-tls-cert-validity: clean up unit tests
Remove locks, unnecessary function calls and conditional statements.
9 years ago
Mats Klepsland 1fea52dd8a detect: add keyword tls_cert_valid
Add keyword to check if TLS certificate is valid.
9 years ago
Mats Klepsland f7e0083269 detect-cert-validity: fix typos 9 years ago
Mats Klepsland f22c9d9781 detect: add keyword tls_cert_expired
Add keyword to check if TLS certificate is expired.
9 years ago
Mats Klepsland 07d2312d96 detect-tls-validity: use flags for modes
Use flags for modes to support using multiple modes at the same time.
9 years ago
Victor Julien e6cf7ae8fa yaml: improve stream-depth comments 9 years ago