In some timezones, LogCustomFormatTest01 was failing as we were
specifying the wrong setting for is_dst. Instead set it to -1 so mktime
can make the decision based on the environment. Appears to fix this test
for "Brazil/East" in the summer.
Add GitHub CI tests to test this specific test with a few different
timezones.
(cherry picked from commit 468a13e052)
Update the AlmaLinux recommended minimal build to use the pre built
distribution archive as this is the type of build the documentation is
targetting.
(cherry picked from commit 551f6ded69)
Update the Ubuntu/Debian minimal recommended build to use the
pre-built dist archive instead of building from git, as that is the
type of build this documentation targets.
Also use the ubuntu:22.04 container. The GitHub provided Ubuntu 22.04
VM appears to contain some new additions like a newer Rust that is not
found on a typical Ubuntu 22.04 installation.
(cherry picked from commit 87dba92bdd)
Simple libpcap example for live capture. Allows listening on multiple
interfaces to show how multiple threads (workers) can be used.
Ticket: #8096
(cherry picked from commit f711e57e8e)
After the distcheck, this build doesn't need unittests, so add
debug-validation, as this can trigger assertions in our lib examples
that are tested in this job
This triggers a debug-validation error in the custom library example.
Ticket: #8259
(cherry picked from commit 02e4399059)
Add live tests to verify that mempool, mempool cache sizes, and
potentially other DPDK features are initialized correctly during the
startup.
Follows up on bugs found in mempool settings on real/bonded devices.
The tests are placed in the new folder qa/live/ after a comment
in https://github.com/OISF/suricata/pull/14896 which indicated other
live tests are going to be moved there as well.
Ticket: 8321
(cherry picked from commit d4434ef4e8)
cargo audit reports this security issue with the time crate but Suricata
remains unaffected as no influenced fn is used by Suricata.
Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0009
The MSRV for newer time crate versions are higher than the MSRV for
Suricata right now: 1.75.0
Hence, the best course of action is to suppress this warning.
Ticket: 8269
(cherry picked from commit 11b2860f23)
Ubuntu 20.04, distro suited at the time for 8.0.x, still contains
DPDK 19.11 in the pkg repository, so it keeps being build-tested as
opposed to the 9.0.x version.
(cherry picked from commit ee0b08692c)
Being the stable branch, cargo update doesn't make much sense unless we
have a specific reason to update a crate. The audit check has been
left, which will alert us to crates that may need an update.
Add MT live test capability:
- multi-tenant.sh: harness that sets up and steps through MT steps
- suricata-mt.yaml: Adds MT capability to Suricata
- tenant-1.yaml: Per-tenant configuration file
(cherry picked from commit 51c9609c7c)
To support alternative cargo and rustc programs (such as cargo-1.82),
respect CARGO and RUSTC environment variables during ./configure much
like CC.
RUSTFMT is also respected as that is required for the tests, and Cargo
can't figure this out like it can for rustc (perhaps a bug in the
packaging).
For cbindgen, we have also have to make sure the cargo environment
variable is set for each invocation.
To build with Ubuntu's Rust 1.82 packaging:
CARGO=cargo-1.82 RUSTC=rustc-1.82 RUSTDOC=rustdoc-1.82 \
./configure
Note that setting RUSTDOC is only required for commands like "make
check" to pass.
Ticket: #7877
Based on the current AlmaLinux 9 build, with plugin tests, etc.
Remove cppclean as its not installed and was previously disabled with
commit 2d308c000d.
Ubuntu and Fedora packing system build with -flto=auto by default, so
update one test to use -flto=auto. Also build with -O2 as that
combination can cause issues such as
https://redmine.openinfosecfoundation.org/issues/7824.
Also adds vectorscan to the build.
tzname is a POSIX variable, WIN32 has prefixed many POSIX variables
with "_". While Mingw64 supports both, UCRT64 emits a compiler warning
on the usage of "tzname".
This triggered a rather large clang-format update.
Jason Ish
Victor Julien
Lukas Sismis
Shivani Bhardwaj
Philippe Antoine
Jeff Lucovsky
dependabot[bot]
Eric Leblond