Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Tags: default personal
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

default personal
fccdb1c642f0...
Daisu
doc/commandline: -i option is useable several times
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
fa692df37a79...
Victor Julien
stream: reject broken ACK packets
Fix evasion posibility by rejecting packets with a broken ACK field.
These packets have a non-0 ACK field, but do not have a ACK flag set.

Bug #3324.

Reported-by: Nicolas Adba
f9840b513d1b...
Victor Julien
version: release 5.0.1
f2117774f53f...
Jason Ish
configure: assume cargo vendor if cargo >= 1.37
Rust/Cargo 1.37 and greater has vendor support built-in.
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
ed2f6ac64bc0...
Jeff Lucovsky
modbus: Correct typo
  • build gt4: update failed -  stdio
  • debug gt4: update failed -  stdio
  • features: update failed -  stdio
  • gt4-pcap-tests: update failed -  stdio
  • profiling: update failed -  stdio
eceb7dcba466...
Victor Julien
eve: support pcap_filename for unix socket mode
Bug #3390.
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
df8db1ddb073...
Jason Ish
ipv4: fail packet decoding on bad ipv4 option length
Currently all failures in IPv4 option decode are ignore with
respect to continuing to handle the packet.

Change this to fail, and abort handling the packet if the
option length is invalid.

Ticket 3328:
https://redmine.openinfosecfoundation.org/issues/3328
df74f34a6287...
Victor Julien
decode/tcp: accept TCP fast open cookie request
d4428d94deba...
Jeff Lucovsky
modbus: Update correct TX flags
  • build gt4: update failed -  stdio
  • debug gt4: update failed -  stdio
  • features: update failed -  stdio
  • gt4-pcap-tests: update failed -  stdio
  • profiling: update failed -  stdio
ce0ae81d9530...
Victor Julien
rust: fix vendor use on MinGW
  • build gt4: update failed -  stdio
  • debug gt4: update failed -  stdio
  • features: update failed -  stdio
  • gt4-pcap-tests: update failed -  stdio
  • profiling: update failed -  stdio
c6f168eb98c6...
Jason Ish
rust/Makefile: Don't include Cargo.toml
There is no need to include Cargo.toml in the distribution,
it is always generated from Cargo.toml.in during
./configure.
  • build gt4: update failed -  stdio
  • debug gt4: update failed -  stdio
  • features: update failed -  stdio
  • gt4-pcap-tests: update failed -  stdio
  • profiling: update failed -  stdio
b9515671be59...
Jason Ish
github-ci: use container for 18.04 build
As the action runs natively on 18.04 we were not explicitly
setting a container, but this means we're using what GitHub
provides us as a default state which might be broken. Instead
use the standard Ubuntu 18.04 container.
  • debug gt4: 'make distcheck' failed -  stdio
a742c8674102...
Victor Julien
stream: improve app-layer data retrieval with GAPs
Don't assume that the next block after the sbb head is after the
requested offset.

If the next block was before the offset, the returned data_len
would underflow and return a nonsense value to the app-layer.

Bug #2993.
  • build gt4: update failed -  stdio
  • debug gt4: update failed -  stdio
  • features: update failed -  stdio
  • gt4-pcap-tests: update failed -  stdio
  • profiling: update failed -  stdio
9f0294fadca3...
Victor Julien
stream: fix SYN_SENT RST/FIN injection
RST injection during the SYN_SENT state could trick Suricata into marking
a session as CLOSED. The way this was done is: using invalid TSECR value
in RST+ACK packet. The ACK was needed to force Linux into considering the
TSECR value and compare it to the TSVAL from the SYN packet.

The second works only against Windows. The client would not use a TSVAL
but the RST packet would. Windows will reject this, but Suricata considered
the RST valid and triggered the CLOSED logic.

This patch addresses both. When the SYN packet used timestamp support
the timestamp of incoming packet is validated. Otherwise, packet responding
should not have a timestamp.

Bug #3286

Reported-by: Nicolas Adba
9bcc1118e180...
Victor Julien
configure: require libhtp 0.5.32
8609939e60cd...
Jason Ish
ipv4: continue parsing options after invalid option
As long as an option has a valid length, we can continue
parsing the options after an invalid one.
83630015b9ab...
Jason Ish
github-ci: make distcheck on centos 7 build
Tests distcheck on a build from a distribution archive.
  • build gt4: update failed -  stdio
  • debug gt4: update failed -  stdio
  • features: update failed -  stdio
  • gt4-pcap-tests: update failed -  stdio
  • profiling: update failed -  stdio
77539e08fc8a...
Victor Julien
stream: in IDS mode, call app-layer at EOF
On stream end call app-layer with empty message in IDS mode.
700eebaeccb9...
Shivani Bhardwaj
doc/conf: Update copyright and regex for version
Make the new regex in compliance with the modern autoconf syntax.
Closes redmine ticket #3423
6fa66e3ddb2f...
Victor Julien
changelog: update for 5.0.1
6c2cdbb5f0c8...
Jeff Lucovsky
analysis: exit if table entries are stale
This commit causes Suricata to exit when a buffer from the analyzer
table is not recognized.

Since the table must match what's registered, exiting will bring noticed
to the condition.
  • build gt4: update failed -  stdio
  • debug gt4: update failed -  stdio
  • features: update failed -  stdio
  • gt4-pcap-tests: update failed -  stdio
  • profiling: update failed -  stdio
69c00a77b5a0...
Jason Ish
github-ci: in a dist build, check that --frozen is being used
Verify that ./configure is picking up the vendored Rust sources
when building from a dist archive.
627cc23769dc...
Victor Julien
detect/asn1: fix offset bounds checking
618ad0d92fcc...
Victor Julien
app-layer: optimize inspection id tracking
Increase the inspect id for a completely inspected tx in any case.
This avoids re-evaluating transactions.

Reported-by: Ilya Bakhtin
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
5ee8323028ae...
Jason Ish
rust: remove unnecessary parentheses (Rust 1.40 fixup)
Rust 1.40 in strict mode will now fail the build on the
presence of unnecessary parentheses.

warning: unnecessary parentheses around type
  --> src/smb/smb2_ioctl.rs:41:12
  |
41 |        -> (&mut SMBTransaction)
  |            ^^^^^^^^^^^^^^^^^^^^^ help: remove these parentheses
  |
  = note: `#[warn(unused_parens)]` on by default
57b683233dba...
Jason Ish
rust: Don't use --frozen during build.
If sources are vendored, we get the same effect of using frozen
with a lock file, and the Cargo.lock is generated based
on the vendored sources.

This also removes the need to ship a Cargo.lock.

Fixed out of source builds with vendored sources.
  • build gt4: update failed -  stdio
  • debug gt4: update failed -  stdio
  • features: update failed -  stdio
  • gt4-pcap-tests: update failed -  stdio
  • profiling: update failed -  stdio
55a36c79ff60...
Jason Williams
doc: update http keywords documentation
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
4f7dc4f136ce...
jason taylor
doc: add bsize documentation and rule example
Signed-off-by: jason taylor <jtfas90@gmail.com>
4ac5ab00b7a5...
Steven Hostetler
doc/install: fix geoip typo
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
4a2918e6b5d3...
Philippe Antoine
yaml: clarify comment about dump-all-headers
Logs a warning if the value is unknown
Fixes #2810
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
411dd69e92c9...
Victor Julien
doc/eve: layout and formatting fixes
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
3d9071639b60...
Victor Julien
version: starting work on 5.0.2
3ca7dcd8d833...
Jason Ish
configure: fix test -f for rust/vendor, should be -e
Introduced with commit: c08ec8d8b27280e2bcb066c9caa24da97e0419ee
34b7035a0d0a...
Victor Julien
detect/iponly: debug output improvements
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio
2ff963db1653...
Jason Ish
github-ci: do distcheck on fedora 31 build
There were no distchecks being done on builds from git.
  • build gt4: update failed -  stdio
  • debug gt4: update failed -  stdio
  • features: update failed -  stdio
  • gt4-pcap-tests: update failed -  stdio
  • profiling: update failed -  stdio
2c050187a3ad...
Victor Julien
streaming/api: fix overlap check
In some cases a SBB could be seen as overlapping with the requested
offset, when it was in fact precisely before it. In some special cases
this could lead to the stream engine not progressing the 'raw' progress.
  • build gt4: update failed -  stdio
  • debug gt4: update failed -  stdio
  • features: update failed -  stdio
  • gt4-pcap-tests: update failed -  stdio
  • profiling: update failed -  stdio
1666bc0ad186...
jason taylor
doc: minor capitalization fix
Signed-off-by: jason taylor <jtfas90@gmail.com>
0f41cf3d74de...
Victor Julien
debug/validation: check tcp/app-layer data lengths
  • build gt4: update failed -  stdio
  • debug gt4: update failed -  stdio
  • features: update failed -  stdio
  • gt4-pcap-tests: update failed -  stdio
  • profiling: update failed -  stdio
040aff5197ba...
Victor Julien
htp: close request only from request side
This allows the response side to keep going for just
a bit longer.
007a461d69b0...
Victor Julien
detect/parse: track negation during address parsing
Fix address negation detection not resolving variables when
looking for the negation.

This patch makes use of the actual parsing routines to relay this
information to the signature parser.

Bug #3389.

Fixes: 92f08d85aac2 ("detect/iponly: improve negation handling in parsing")
  • build gt4: 'make distcheck' failed -  stdio
  • debug gt4: 'make distcheck' failed -  stdio