Fix a 'skipped' transaction early in the list leading to all further
transactions getting skipped, even if they were fully processed and
ready to be cleaned up.
(cherry picked from commit 8baef60d60)
Sync to latest ET open and introduce inappropriate as a classification
to replace something some find inappropriate.
(cherry picked from commit f037f6f4ff)
Move initialization of filestore global counter to PreRunInit,
so they get registered during program initialization, or as
required in unix-socket mode, initialized for each file run.
Fixes Redmine issue:
https://redmine.openinfosecfoundation.org/issues/4216
(cherry picked from commit 0aed5e188b)
Set "done flag" only if parsers for both directions are not found in a
case of midstream parsers from other direction are tried if nothing is found
for the initial one. "done flag" must be set if nothing is found in both
directions. Otherwise processing of incomplete data is terminated at the very
first try.
(cherry picked from commit 5285163d8f)
This commit corrects the validation check between the number of
variables used and the number of specified capture groups.
(cherry picked from commit 469d5bb214)
The old compare macro would compare all bytes of an address, even
when for IPv4 addresses the additional bytes were not in use. This
made the logic vulnerable to mistakes like in issue #4280.
(cherry picked from commit 6bfc5afa23)
Improper reuse of the address data structure between loading
different lines in the iprep file would lead to the host using
a malformed address.
(cherry picked from commit 7b03e6837e)
When Suricata was build with ebpf support and when it was started
in NFQ mode, it was crashing at exit because it was trying to free
the device extension.
This patch fixes the issue by only trigger the eBPF related code
when Suricata is running in AFP_PACKET mode.
(cherry picked from commit 85327890f5)
Without this, a simple typo between : and ; is able to hide actual bugs
in rules.
I discovered 2 bugs in ET open ruleset this way.
(cherry picked from commit 10ea60a237)
This commit corrects scope issues identified during CI with
FC32/strict-rust:
"this `CString` is deallocated at the end of the statement, bind it to a variable to extend its lifetime
"
This commit improves handling of TCP fast open options
- Option length must be in [6, 18]
- Option length must be an even value
(cherry picked from commit f8fef0dd05)
Instead of calculating the MD5 at the end of every part, only
compute it when parsing is complete.
With libnss, the hash never updates after the first HASH_End, so
the md5 of only the first part of the body is logged, rather than
the md5 of all the parts.
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/4245
When a flow is swapped it also swaps the stream trackers, so it does
not make sense to reverse them during pseudo packet creation.
(cherry picked from commit 49bd1f85b9)
All builds have been using the same cache id for ~/.cargo which
could lead us to conflict situations which is what I think we are
seeing with the commit-check job.
(cherry picked from commit 49ca070446)
This is a squashed commit of the following items:
github-ci: Fedora 32 builder with asan enabled
Also enables -Wshadow and rust-strict to cover those cases
from Travis.
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3868
(cherry picked from commit c91b43a3fd)
github-ci: ubuntu 20.04 build without nss/nspr
Adds a test that builds and tests Suricata without nss/nspr
to replace the similar test on Travis-CI.
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3869
(cherry picked from commit 7ea2187f91)
github-ci: Ubuntu 20.4 build with -NDEBUG
To cover Travis-CI test that builds with -NDEBUG.
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3869
(cherry picked from commit 0dc6434e61)
github-ci: enable debug on Fedora 32 build
(cherry picked from commit db0be04988)
github-ci: update debian 9 test to use known Rust version
Choose Rust 1.39.0 as a known version of Rust that we build against
to see in CI if we build with this version, but fail with latest.
This is to cover a similar test from Travis CI.
(cherry picked from commit 94ac702159)
github-ci: add test build without jansson
This is to cover a test from Travis CI where we make sure
that ./configure fails if libjansson is not available.
(cherry picked from commit a35756e140)
github-ci: apply default CFLAGS to all builds
(cherry picked from commit b3a55a4cd5)
github-ci: Fixups for parity with master
rust: add doc target to build rust docs
Uses "cargo doc --no-deps" to build the documentation just for
our Suricata package. Without --no-deps, documentation will be
build for all our dependencies as well.
The generated documentation will end up in target/doc as HTML.
(cherry picked from commit 7ca24041b6)
github-ci: CentOS 6 is EOL
(cherry picked from commit 3ea33f5e47)
Some changes were made to the generated files instead of the
generator script. Update the script to generate what is
in the current state of the in-tree generated files.
(cherry picked from commit 4976afd96a)
Victor Julien
Philippe Antoine
Jason Ish
Ilya Bakhtin
Jeff Lucovsky
Eric Leblond
Gianni Tedesco
Sascha Steinbiss