aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main-7.0.x
master
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '16f74c68aa'
${ noResults }
suricata/rust/Makefile.am

208 lines
5.1 KiB
Makefile
Raw Normal View History Unescape Escape

suricatasc: a Rust implementation of suricatasc This is a re-implementation of suricatasc program in Rust that attempts to be a 100% drop-in replacement.
2 years ago
SUBDIRS = sys \
suricatactl: rust version of suricatactl
2 years ago
suricatasc \
suricatactl
rust/sys: stub in suricata-sys crate for Rust bindings to C Follow Rust convention of using a "sys" crate for bindings to C functions. The bindings don't exist yet, but will be generated by bindgen and put into this crate. Ticket: #7341
6 months ago
http: Use libhtp-rs. Ticket: #2696 There are a lot of changes here, which are described below. In general these changes are renaming constants to conform to the libhtp-rs versions (which are generated by cbindgen); making all htp types opaque and changing struct->member references to htp_struct_member() function calls; and a handful of changes to offload functionality onto libhtp-rs from suricata, such as URI normalization and transaction cleanup. Functions introduced to handle opaque htp_tx_t: - tx->parsed_uri => htp_tx_parsed_uri(tx) - tx->parsed_uri->path => htp_uri_path(htp_tx_parsed_uri(tx) - tx->parsed_uri->hostname => htp_uri_hostname(htp_tx_parsed_uri(tx)) - htp_tx_get_user_data() => htp_tx_user_data(tx) - htp_tx_is_http_2_upgrade(tx) convenience function introduced to detect response status 101 and “Upgrade: h2c" header. Functions introduced to handle opaque htp_tx_data_t: - d->len => htp_tx_data_len() - d->data => htp_tx_data_data() - htp_tx_data_tx(data) function to get the htp_tx_t from the htp_tx_data_t - htp_tx_data_is_empty(data) convenience function introduced to test if the data is empty. Other changes: Build libhtp-rs as a crate inside rust. Update autoconf to no longer use libhtp as an external dependency. Remove HAVE_HTP feature defines since they are no longer needed. Make function arguments and return values const where possible htp_tx_destroy(tx) will now free an incomplete transaction htp_time_t replaced with standard struct timeval Callbacks from libhtp now provide the htp_connp_t and the htp_tx_data_t as separate arguments. This means the connection parser is no longer fetched from the transaction inside callbacks. SCHTPGenerateNormalizedUri() functionality moved inside libhtp-rs, which now provides normalized URI values. The normalized URI is available with accessor function: htp_tx_normalized_uri() Configuration settings added to control the behaviour of the URI normalization: - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() - htp_config_set_convert_lowercase() - htp_config_set_double_decode_normalized_query() - htp_config_set_double_decode_normalized_path() - htp_config_set_backslash_convert_slashes() - htp_config_set_bestfit_replacement_byte() - htp_config_set_convert_lowercase() - htp_config_set_nul_encoded_terminates() - htp_config_set_nul_raw_terminates() - htp_config_set_path_separators_compress() - htp_config_set_path_separators_decode() - htp_config_set_u_encoding_decode() - htp_config_set_url_encoding_invalid_handling() - htp_config_set_utf8_convert_bestfit() - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() Constants related to configuring uri normalization: - HTP_URL_DECODE_PRESERVE_PERCENT => HTP_URL_ENCODING_HANDLING_PRESERVE_PERCENT - HTP_URL_DECODE_REMOVE_PERCENT => HTP_URL_ENCODING_HANDLING_REMOVE_PERCENT - HTP_URL_DECODE_PROCESS_INVALID => HTP_URL_ENCODING_HANDLING_PROCESS_INVALID htp_config_set_field_limits(soft_limit, hard_limit) changed to htp_config_set_field_limit(limit) because libhtp didn't implement soft limits. libhtp logging API updated to provide HTP_LOG_CODE constants along with the message. This eliminates the need to perform string matching on message text to map log messages to HTTP_DECODER_EVENT values, and the HTP_LOG_CODE values can be used directly. In support of this, HTP_DECODER_EVENT values are mapped to their corresponding HTP_LOG_CODE values. New log events to describe additional anomalies: HTP_LOG_CODE_REQUEST_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_RESPONSE_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_PROTOCOL_CONTAINS_EXTRA_DATA HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_START HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_END HTP_LOG_CODE_SWITCHING_PROTO_WITH_CONTENT_LENGTH HTP_LOG_CODE_DEFORMED_EOL HTP_LOG_CODE_PARSER_STATE_ERROR HTP_LOG_CODE_MISSING_OUTBOUND_TRANSACTION_DATA HTP_LOG_CODE_MISSING_INBOUND_TRANSACTION_DATA HTP_LOG_CODE_ZERO_LENGTH_DATA_CHUNKS HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_NO_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_INVALID_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_NO_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_RESPONSE_STATUS HTP_LOG_CODE_RESPONSE_BODY_INTERNAL_ERROR HTP_LOG_CODE_REQUEST_BODY_DATA_CALLBACK_ERROR HTP_LOG_CODE_RESPONSE_INVALID_EMPTY_NAME HTP_LOG_CODE_REQUEST_INVALID_EMPTY_NAME HTP_LOG_CODE_RESPONSE_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_RESPONSE_HEADER_NAME_NOT_TOKEN HTP_LOG_CODE_REQUEST_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_LZMA_DECOMPRESSION_DISABLED HTP_LOG_CODE_CONNECTION_ALREADY_OPEN HTP_LOG_CODE_COMPRESSION_BOMB_DOUBLE_LZMA HTP_LOG_CODE_INVALID_CONTENT_ENCODING HTP_LOG_CODE_INVALID_GAP HTP_LOG_CODE_ERROR The new htp_log API supports consuming log messages more easily than walking a list and tracking the current offset. Internally, libhtp-rs now provides log messages as a queue of htp_log_t, which means the application can simply call htp_conn_next_log() to fetch the next log message until the queue is empty. Once the application is done with a log message, they can call htp_log_free() to dispose of it. Functions supporting htp_log_t: htp_conn_next_log(conn) - Get the next log message htp_log_message(log) - To get the text of the message htp_log_code(log) - To get the HTP_LOG_CODE value htp_log_free(log) - To free the htp_log_t
2 years ago
EXTRA_DIST = src derive htp \
rust: rename .cargo/config to .cargo/config.toml Addresses this warning from the Rust compiler: warning: `../rust/.cargo/config` is deprecated in favor of `config.toml` note: if you need to support cargo 1.38 or earlier, you can symlink `config` to `config.toml`
1 year ago
.cargo/config.toml.in \
rust/cbindgen: Revert Makefile to a more pre-cbindgen state The modifications as part of the cbindgen commit caused issues with distcheck, revert the Makefile to how it was with the Python generator, but still using cbindgen. Also always assume we'll include the generated headers in the distribution archive to fix make distcheck from distribution archives with headers included, but no cbindgen.
6 years ago
cbindgen.toml \
build: remove configure check for cargo vendor cargo vendor has been part of the core cargo command since Rust 1.37, and are minimum Rust version is not 1.41, so remove the check. Its always available now.
3 years ago
dist/rust-bindings.h \
http: Use libhtp-rs. Ticket: #2696 There are a lot of changes here, which are described below. In general these changes are renaming constants to conform to the libhtp-rs versions (which are generated by cbindgen); making all htp types opaque and changing struct->member references to htp_struct_member() function calls; and a handful of changes to offload functionality onto libhtp-rs from suricata, such as URI normalization and transaction cleanup. Functions introduced to handle opaque htp_tx_t: - tx->parsed_uri => htp_tx_parsed_uri(tx) - tx->parsed_uri->path => htp_uri_path(htp_tx_parsed_uri(tx) - tx->parsed_uri->hostname => htp_uri_hostname(htp_tx_parsed_uri(tx)) - htp_tx_get_user_data() => htp_tx_user_data(tx) - htp_tx_is_http_2_upgrade(tx) convenience function introduced to detect response status 101 and “Upgrade: h2c" header. Functions introduced to handle opaque htp_tx_data_t: - d->len => htp_tx_data_len() - d->data => htp_tx_data_data() - htp_tx_data_tx(data) function to get the htp_tx_t from the htp_tx_data_t - htp_tx_data_is_empty(data) convenience function introduced to test if the data is empty. Other changes: Build libhtp-rs as a crate inside rust. Update autoconf to no longer use libhtp as an external dependency. Remove HAVE_HTP feature defines since they are no longer needed. Make function arguments and return values const where possible htp_tx_destroy(tx) will now free an incomplete transaction htp_time_t replaced with standard struct timeval Callbacks from libhtp now provide the htp_connp_t and the htp_tx_data_t as separate arguments. This means the connection parser is no longer fetched from the transaction inside callbacks. SCHTPGenerateNormalizedUri() functionality moved inside libhtp-rs, which now provides normalized URI values. The normalized URI is available with accessor function: htp_tx_normalized_uri() Configuration settings added to control the behaviour of the URI normalization: - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() - htp_config_set_convert_lowercase() - htp_config_set_double_decode_normalized_query() - htp_config_set_double_decode_normalized_path() - htp_config_set_backslash_convert_slashes() - htp_config_set_bestfit_replacement_byte() - htp_config_set_convert_lowercase() - htp_config_set_nul_encoded_terminates() - htp_config_set_nul_raw_terminates() - htp_config_set_path_separators_compress() - htp_config_set_path_separators_decode() - htp_config_set_u_encoding_decode() - htp_config_set_url_encoding_invalid_handling() - htp_config_set_utf8_convert_bestfit() - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() Constants related to configuring uri normalization: - HTP_URL_DECODE_PRESERVE_PERCENT => HTP_URL_ENCODING_HANDLING_PRESERVE_PERCENT - HTP_URL_DECODE_REMOVE_PERCENT => HTP_URL_ENCODING_HANDLING_REMOVE_PERCENT - HTP_URL_DECODE_PROCESS_INVALID => HTP_URL_ENCODING_HANDLING_PROCESS_INVALID htp_config_set_field_limits(soft_limit, hard_limit) changed to htp_config_set_field_limit(limit) because libhtp didn't implement soft limits. libhtp logging API updated to provide HTP_LOG_CODE constants along with the message. This eliminates the need to perform string matching on message text to map log messages to HTTP_DECODER_EVENT values, and the HTP_LOG_CODE values can be used directly. In support of this, HTP_DECODER_EVENT values are mapped to their corresponding HTP_LOG_CODE values. New log events to describe additional anomalies: HTP_LOG_CODE_REQUEST_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_RESPONSE_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_PROTOCOL_CONTAINS_EXTRA_DATA HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_START HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_END HTP_LOG_CODE_SWITCHING_PROTO_WITH_CONTENT_LENGTH HTP_LOG_CODE_DEFORMED_EOL HTP_LOG_CODE_PARSER_STATE_ERROR HTP_LOG_CODE_MISSING_OUTBOUND_TRANSACTION_DATA HTP_LOG_CODE_MISSING_INBOUND_TRANSACTION_DATA HTP_LOG_CODE_ZERO_LENGTH_DATA_CHUNKS HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_NO_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_INVALID_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_NO_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_RESPONSE_STATUS HTP_LOG_CODE_RESPONSE_BODY_INTERNAL_ERROR HTP_LOG_CODE_REQUEST_BODY_DATA_CALLBACK_ERROR HTP_LOG_CODE_RESPONSE_INVALID_EMPTY_NAME HTP_LOG_CODE_REQUEST_INVALID_EMPTY_NAME HTP_LOG_CODE_RESPONSE_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_RESPONSE_HEADER_NAME_NOT_TOKEN HTP_LOG_CODE_REQUEST_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_LZMA_DECOMPRESSION_DISABLED HTP_LOG_CODE_CONNECTION_ALREADY_OPEN HTP_LOG_CODE_COMPRESSION_BOMB_DOUBLE_LZMA HTP_LOG_CODE_INVALID_CONTENT_ENCODING HTP_LOG_CODE_INVALID_GAP HTP_LOG_CODE_ERROR The new htp_log API supports consuming log messages more easily than walking a list and tracking the current offset. Internally, libhtp-rs now provides log messages as a queue of htp_log_t, which means the application can simply call htp_conn_next_log() to fetch the next log message until the queue is empty. Once the application is done with a log message, they can call htp_log_free() to dispose of it. Functions supporting htp_log_t: htp_conn_next_log(conn) - Get the next log message htp_log_message(log) - To get the text of the message htp_log_code(log) - To get the HTP_LOG_CODE value htp_log_free(log) - To free the htp_log_t
2 years ago
dist/htp/htp_rs.h \
automake/rust: remove path.lib Remove the path.lib parameter that is substituted into the output Cargo.toml by autoconf. Instead, as part of the build, "cd" into the source directory. We already set the Rust target directory to the external build directory. This makes the Cargo.toml more generic, and in a format suitable for publishing to crates.io. It also makes it easier to pull in external crates without needing to patch up their Cargo.toml, for example, it might make pulling libhtp-rs easier.
1 year ago
vendor \
Cargo.toml Cargo.lock \
rust/sys: stub in suricata-sys crate for Rust bindings to C Follow Rust convention of using a "sys" crate for bindings to C functions. The bindings don't exist yet, but will be generated by bindgen and put into this crate. Ticket: #7341
6 months ago
derive/Cargo.toml \
sys \
suricatasc: a Rust implementation of suricatasc This is a re-implementation of suricatasc program in Rust that attempts to be a 100% drop-in replacement.
2 years ago
sys/Cargo.toml \
suricatactl: rust version of suricatactl
2 years ago
suricatasc \
http: Use libhtp-rs. Ticket: #2696 There are a lot of changes here, which are described below. In general these changes are renaming constants to conform to the libhtp-rs versions (which are generated by cbindgen); making all htp types opaque and changing struct->member references to htp_struct_member() function calls; and a handful of changes to offload functionality onto libhtp-rs from suricata, such as URI normalization and transaction cleanup. Functions introduced to handle opaque htp_tx_t: - tx->parsed_uri => htp_tx_parsed_uri(tx) - tx->parsed_uri->path => htp_uri_path(htp_tx_parsed_uri(tx) - tx->parsed_uri->hostname => htp_uri_hostname(htp_tx_parsed_uri(tx)) - htp_tx_get_user_data() => htp_tx_user_data(tx) - htp_tx_is_http_2_upgrade(tx) convenience function introduced to detect response status 101 and “Upgrade: h2c" header. Functions introduced to handle opaque htp_tx_data_t: - d->len => htp_tx_data_len() - d->data => htp_tx_data_data() - htp_tx_data_tx(data) function to get the htp_tx_t from the htp_tx_data_t - htp_tx_data_is_empty(data) convenience function introduced to test if the data is empty. Other changes: Build libhtp-rs as a crate inside rust. Update autoconf to no longer use libhtp as an external dependency. Remove HAVE_HTP feature defines since they are no longer needed. Make function arguments and return values const where possible htp_tx_destroy(tx) will now free an incomplete transaction htp_time_t replaced with standard struct timeval Callbacks from libhtp now provide the htp_connp_t and the htp_tx_data_t as separate arguments. This means the connection parser is no longer fetched from the transaction inside callbacks. SCHTPGenerateNormalizedUri() functionality moved inside libhtp-rs, which now provides normalized URI values. The normalized URI is available with accessor function: htp_tx_normalized_uri() Configuration settings added to control the behaviour of the URI normalization: - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() - htp_config_set_convert_lowercase() - htp_config_set_double_decode_normalized_query() - htp_config_set_double_decode_normalized_path() - htp_config_set_backslash_convert_slashes() - htp_config_set_bestfit_replacement_byte() - htp_config_set_convert_lowercase() - htp_config_set_nul_encoded_terminates() - htp_config_set_nul_raw_terminates() - htp_config_set_path_separators_compress() - htp_config_set_path_separators_decode() - htp_config_set_u_encoding_decode() - htp_config_set_url_encoding_invalid_handling() - htp_config_set_utf8_convert_bestfit() - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() Constants related to configuring uri normalization: - HTP_URL_DECODE_PRESERVE_PERCENT => HTP_URL_ENCODING_HANDLING_PRESERVE_PERCENT - HTP_URL_DECODE_REMOVE_PERCENT => HTP_URL_ENCODING_HANDLING_REMOVE_PERCENT - HTP_URL_DECODE_PROCESS_INVALID => HTP_URL_ENCODING_HANDLING_PROCESS_INVALID htp_config_set_field_limits(soft_limit, hard_limit) changed to htp_config_set_field_limit(limit) because libhtp didn't implement soft limits. libhtp logging API updated to provide HTP_LOG_CODE constants along with the message. This eliminates the need to perform string matching on message text to map log messages to HTTP_DECODER_EVENT values, and the HTP_LOG_CODE values can be used directly. In support of this, HTP_DECODER_EVENT values are mapped to their corresponding HTP_LOG_CODE values. New log events to describe additional anomalies: HTP_LOG_CODE_REQUEST_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_RESPONSE_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_PROTOCOL_CONTAINS_EXTRA_DATA HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_START HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_END HTP_LOG_CODE_SWITCHING_PROTO_WITH_CONTENT_LENGTH HTP_LOG_CODE_DEFORMED_EOL HTP_LOG_CODE_PARSER_STATE_ERROR HTP_LOG_CODE_MISSING_OUTBOUND_TRANSACTION_DATA HTP_LOG_CODE_MISSING_INBOUND_TRANSACTION_DATA HTP_LOG_CODE_ZERO_LENGTH_DATA_CHUNKS HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_NO_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_INVALID_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_NO_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_RESPONSE_STATUS HTP_LOG_CODE_RESPONSE_BODY_INTERNAL_ERROR HTP_LOG_CODE_REQUEST_BODY_DATA_CALLBACK_ERROR HTP_LOG_CODE_RESPONSE_INVALID_EMPTY_NAME HTP_LOG_CODE_REQUEST_INVALID_EMPTY_NAME HTP_LOG_CODE_RESPONSE_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_RESPONSE_HEADER_NAME_NOT_TOKEN HTP_LOG_CODE_REQUEST_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_LZMA_DECOMPRESSION_DISABLED HTP_LOG_CODE_CONNECTION_ALREADY_OPEN HTP_LOG_CODE_COMPRESSION_BOMB_DOUBLE_LZMA HTP_LOG_CODE_INVALID_CONTENT_ENCODING HTP_LOG_CODE_INVALID_GAP HTP_LOG_CODE_ERROR The new htp_log API supports consuming log messages more easily than walking a list and tracking the current offset. Internally, libhtp-rs now provides log messages as a queue of htp_log_t, which means the application can simply call htp_conn_next_log() to fetch the next log message until the queue is empty. Once the application is done with a log message, they can call htp_log_free() to dispose of it. Functions supporting htp_log_t: htp_conn_next_log(conn) - Get the next log message htp_log_message(log) - To get the text of the message htp_log_code(log) - To get the HTP_LOG_CODE value htp_log_free(log) - To free the htp_log_t
2 years ago
suricatactl \
htp/Cargo.toml
rust: hook rust into the build Rust is currently optional, use the --enable-rust configure argument to enable Rust. By default Rust will be built in release mode. If debug is enabled then it will be built in debug mode. On make dist, "cargo vendor" will be run to make a local copy of Rust dependencies for the distribution archive file. Add autoconf checks to test for the vendored source, and if it exists setup the build to use the vendored code instead of fetching it from the network. Also, as Cargo requires semantic versioning, the Suricata version had to change from 4.0dev to 4.0.0-dev.
8 years ago
if !DEBUG
RELEASE = --release
endif
fuzz: better configure checks for MSAN building More compatible check for rust nightly Checks for CARGO_BUILD_TARGET Builds release or debug mode independently
5 years ago
if RUST_BUILD_STD
NIGHTLY_ARGS = -Z build-std
rust: rebuilds std when building fuzzers so as to have MSAN working
5 years ago
endif
rust: hook rust into the build Rust is currently optional, use the --enable-rust configure argument to enable Rust. By default Rust will be built in release mode. If debug is enabled then it will be built in debug mode. On make dist, "cargo vendor" will be run to make a local copy of Rust dependencies for the distribution archive file. Add autoconf checks to test for the vendored source, and if it exists setup the build to use the vendored code instead of fetching it from the network. Also, as Cargo requires semantic versioning, the Suricata version had to change from 4.0dev to 4.0.0-dev.
8 years ago
ja3: make feature compile time configurable
1 year ago
if HAVE_JA3
RUST_FEATURES += ja3
endif
ja4: implement for TLS and QUIC Ticket: OISF#6379
1 year ago
if HAVE_JA4
RUST_FEATURES += ja4
endif
Rust: add 'debug' feature The 'debug' feature is enabled if suricata was configured with the --enabled-debug' flag. If enabled, the SCLogDebug format and calls the logging function as usual. Otherwise, this macro is a no-op (similarly to the C code).
7 years ago
if DEBUG
RUST_FEATURES += debug
endif
rust: Add debug_validate_bug_on macro This macro allows to check if certain parts of the code are reachable during fuzzing.
5 years ago
if DEBUG_VALIDATION
RUST_FEATURES += debug-validate
endif
configure: fixing rust/cargo cross compile command adding --target argument to cargo command line when cross compiling
6 years ago
if RUST_CROSS_COMPILE
RUST_TARGET = --target $(host_triplet)
endif
rust/mingw: build fixes Fix path passed to cargo by using 'cygpath' if available.
6 years ago
if HAVE_CYGPATH
rust: put all rust/cargo env vars in CARGO_ENV To ensure that all calls to cargo use the same environment variables, put the environment variables in CARGO_ENV so every call to cargo can easily use the same vars. The Cargo build system is smarter than make, it can detect a change in an environment variable that affects the build, and the setting of SURICATA_LUA_SYS_HEADER_DST changing could cause a rebuild. Also update suricata-lua-sys, which is smarter about copying headers. It will only copy if the destination does not exist, or the source header is newer than the target, which can also prevent unnecessary rebuilds. This is mainly to fix an issue where subsequent builds may fail, especially when running an editor with a LSP enabled: Update lua crate to 0.1.0-alpha.5. This update will force a rewrite of the headers if the env var SURICATA_LUA_SYS_HEADER_DST changes. This fixes the issue where the headers may not be written. The cause is that Rust dependencies are cached, and if your editor is using rust-analyzer, it might cache the build without this var being set, so these headers are not available to Suricata. This crate update forces the re-run of the Lua build.rs if this env var changes, fixing this issue.
8 months ago
CARGO_ENV = @rustup_home@ \
CARGO_HOME="$(CARGO_HOME)" \
rust: fix vendor use on MinGW
6 years ago
CARGO_TARGET_DIR="$(e_rustdir)/target" \
rust: put all rust/cargo env vars in CARGO_ENV To ensure that all calls to cargo use the same environment variables, put the environment variables in CARGO_ENV so every call to cargo can easily use the same vars. The Cargo build system is smarter than make, it can detect a change in an environment variable that affects the build, and the setting of SURICATA_LUA_SYS_HEADER_DST changing could cause a rebuild. Also update suricata-lua-sys, which is smarter about copying headers. It will only copy if the destination does not exist, or the source header is newer than the target, which can also prevent unnecessary rebuilds. This is mainly to fix an issue where subsequent builds may fail, especially when running an editor with a LSP enabled: Update lua crate to 0.1.0-alpha.5. This update will force a rewrite of the headers if the env var SURICATA_LUA_SYS_HEADER_DST changes. This fixes the issue where the headers may not be written. The cause is that Rust dependencies are cached, and if your editor is using rust-analyzer, it might cache the build without this var being set, so these headers are not available to Suricata. This crate update forces the re-run of the Lua build.rs if this env var changes, fixing this issue.
8 months ago
SURICATA_LUA_SYS_HEADER_DST="$(e_rustdir)/gen"
rust/mingw: build fixes Fix path passed to cargo by using 'cygpath' if available.
6 years ago
else
rust: put all rust/cargo env vars in CARGO_ENV To ensure that all calls to cargo use the same environment variables, put the environment variables in CARGO_ENV so every call to cargo can easily use the same vars. The Cargo build system is smarter than make, it can detect a change in an environment variable that affects the build, and the setting of SURICATA_LUA_SYS_HEADER_DST changing could cause a rebuild. Also update suricata-lua-sys, which is smarter about copying headers. It will only copy if the destination does not exist, or the source header is newer than the target, which can also prevent unnecessary rebuilds. This is mainly to fix an issue where subsequent builds may fail, especially when running an editor with a LSP enabled: Update lua crate to 0.1.0-alpha.5. This update will force a rewrite of the headers if the env var SURICATA_LUA_SYS_HEADER_DST changes. This fixes the issue where the headers may not be written. The cause is that Rust dependencies are cached, and if your editor is using rust-analyzer, it might cache the build without this var being set, so these headers are not available to Suricata. This crate update forces the re-run of the Lua build.rs if this env var changes, fixing this issue.
8 months ago
CARGO_ENV = @rustup_home@ \
CARGO_HOME="$(CARGO_HOME)" \
rust: fix build when source directory has spaces in it Redmine issue: https://redmine.openinfosecfoundation.org/issues/2668
6 years ago
CARGO_TARGET_DIR="$(abs_top_builddir)/rust/target" \
rust: put all rust/cargo env vars in CARGO_ENV To ensure that all calls to cargo use the same environment variables, put the environment variables in CARGO_ENV so every call to cargo can easily use the same vars. The Cargo build system is smarter than make, it can detect a change in an environment variable that affects the build, and the setting of SURICATA_LUA_SYS_HEADER_DST changing could cause a rebuild. Also update suricata-lua-sys, which is smarter about copying headers. It will only copy if the destination does not exist, or the source header is newer than the target, which can also prevent unnecessary rebuilds. This is mainly to fix an issue where subsequent builds may fail, especially when running an editor with a LSP enabled: Update lua crate to 0.1.0-alpha.5. This update will force a rewrite of the headers if the env var SURICATA_LUA_SYS_HEADER_DST changes. This fixes the issue where the headers may not be written. The cause is that Rust dependencies are cached, and if your editor is using rust-analyzer, it might cache the build without this var being set, so these headers are not available to Suricata. This crate update forces the re-run of the Lua build.rs if this env var changes, fixing this issue.
8 months ago
SURICATA_LUA_SYS_HEADER_DST="$(abs_top_builddir)/rust/gen"
endif
suricatasc: a Rust implementation of suricatasc This is a re-implementation of suricatasc program in Rust that attempts to be a 100% drop-in replacement.
2 years ago
CARGO_ENV += LOCALSTATEDIR=$(e_localstatedir)
rust: put all rust/cargo env vars in CARGO_ENV To ensure that all calls to cargo use the same environment variables, put the environment variables in CARGO_ENV so every call to cargo can easily use the same vars. The Cargo build system is smarter than make, it can detect a change in an environment variable that affects the build, and the setting of SURICATA_LUA_SYS_HEADER_DST changing could cause a rebuild. Also update suricata-lua-sys, which is smarter about copying headers. It will only copy if the destination does not exist, or the source header is newer than the target, which can also prevent unnecessary rebuilds. This is mainly to fix an issue where subsequent builds may fail, especially when running an editor with a LSP enabled: Update lua crate to 0.1.0-alpha.5. This update will force a rewrite of the headers if the env var SURICATA_LUA_SYS_HEADER_DST changes. This fixes the issue where the headers may not be written. The cause is that Rust dependencies are cached, and if your editor is using rust-analyzer, it might cache the build without this var being set, so these headers are not available to Suricata. This crate update forces the re-run of the Lua build.rs if this env var changes, fixing this issue.
8 months ago
all-local: Cargo.toml
mkdir -p $(abs_top_builddir)/rust/gen
cd $(abs_top_srcdir)/rust && \
$(CARGO_ENV) \
fuzz: better configure checks for MSAN building More compatible check for rust nightly Checks for CARGO_BUILD_TARGET Builds release or debug mode independently
5 years ago
$(CARGO) build $(RELEASE) $(NIGHTLY_ARGS) \
configure: fixing rust/cargo cross compile command adding --target argument to cargo command line when cross compiling
6 years ago
--features "$(RUST_FEATURES)" $(RUST_TARGET)
rust: rename to suricata (from suricata_rust) Rename the Rust lib to simply "suricata" instead of "suricata_rust". This allows Rust plugin/library code to use it under the name "suricata" which is what should be expected. The name was only "suricata_rust" to prevent on-disk conflict with the C code, so just rename the file on disk, which doesn't affect how the code is interacted with from an API layer.
4 years ago
if test -e $(RUST_SURICATA_LIBDIR)/suricata.lib; then \
cp -a $(RUST_SURICATA_LIBDIR)/suricata.lib \
$(RUST_SURICATA_LIBDIR)/${RUST_SURICATA_LIBNAME}; \
fi
if test -e $(RUST_SURICATA_LIBDIR)/libsuricata.a; then \
cp -a $(RUST_SURICATA_LIBDIR)/libsuricata.a \
rust: rename lib to libsuricata_rust Previously it was libsuricata.a, but eventually we want to get to a place where libsuricata.a is a combination of the Rust and C code.
5 years ago
$(RUST_SURICATA_LIBDIR)/${RUST_SURICATA_LIBNAME}; \
rust: handle windows naming change from .lib to .a Prior to Rust 1.44, Cargo would name static libs with the .lib extension. 1.44 changes this extension to .a when running under a GNU environment on Windows like msys to make it more similar to other unix environments. Now assume static library name to be the same on Windows and unix, but rename the .lib if found to still support older versions of Rust on Windows.
5 years ago
fi
rust: only run cbindgen if needed Only run cbindgen when necessary. This is a bit tricky. When building a dist we want to unconditionally build the headers. When going through a "make; sudo make install" type process, cbindgen should not be run as the headers already exist, are valid, and the environment under sudo is more often than not suitable to pick up the Rust toolchains when installed with rustup. For the normal "make" case we have the gen/rust-bindings.h file depend on library file, this will cause it to only be rebuilt if the code was modified. For "make dist" we unconditionally create "dist/rust-bindings.h". This means the generated file could be in 2 locations, so update configure.ac, and the library search find to find it. The "gen/rust-bindings.h" should be picked up first if it exists, for those who develop from a dist archive where "dist/rust-bindings.h" also exists. Not completely happy having the same file in 2 locations, but not sure how else to get the dependency tracking correct.
5 years ago
$(MAKE) gen/rust-bindings.h
http: Use libhtp-rs. Ticket: #2696 There are a lot of changes here, which are described below. In general these changes are renaming constants to conform to the libhtp-rs versions (which are generated by cbindgen); making all htp types opaque and changing struct->member references to htp_struct_member() function calls; and a handful of changes to offload functionality onto libhtp-rs from suricata, such as URI normalization and transaction cleanup. Functions introduced to handle opaque htp_tx_t: - tx->parsed_uri => htp_tx_parsed_uri(tx) - tx->parsed_uri->path => htp_uri_path(htp_tx_parsed_uri(tx) - tx->parsed_uri->hostname => htp_uri_hostname(htp_tx_parsed_uri(tx)) - htp_tx_get_user_data() => htp_tx_user_data(tx) - htp_tx_is_http_2_upgrade(tx) convenience function introduced to detect response status 101 and “Upgrade: h2c" header. Functions introduced to handle opaque htp_tx_data_t: - d->len => htp_tx_data_len() - d->data => htp_tx_data_data() - htp_tx_data_tx(data) function to get the htp_tx_t from the htp_tx_data_t - htp_tx_data_is_empty(data) convenience function introduced to test if the data is empty. Other changes: Build libhtp-rs as a crate inside rust. Update autoconf to no longer use libhtp as an external dependency. Remove HAVE_HTP feature defines since they are no longer needed. Make function arguments and return values const where possible htp_tx_destroy(tx) will now free an incomplete transaction htp_time_t replaced with standard struct timeval Callbacks from libhtp now provide the htp_connp_t and the htp_tx_data_t as separate arguments. This means the connection parser is no longer fetched from the transaction inside callbacks. SCHTPGenerateNormalizedUri() functionality moved inside libhtp-rs, which now provides normalized URI values. The normalized URI is available with accessor function: htp_tx_normalized_uri() Configuration settings added to control the behaviour of the URI normalization: - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() - htp_config_set_convert_lowercase() - htp_config_set_double_decode_normalized_query() - htp_config_set_double_decode_normalized_path() - htp_config_set_backslash_convert_slashes() - htp_config_set_bestfit_replacement_byte() - htp_config_set_convert_lowercase() - htp_config_set_nul_encoded_terminates() - htp_config_set_nul_raw_terminates() - htp_config_set_path_separators_compress() - htp_config_set_path_separators_decode() - htp_config_set_u_encoding_decode() - htp_config_set_url_encoding_invalid_handling() - htp_config_set_utf8_convert_bestfit() - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() Constants related to configuring uri normalization: - HTP_URL_DECODE_PRESERVE_PERCENT => HTP_URL_ENCODING_HANDLING_PRESERVE_PERCENT - HTP_URL_DECODE_REMOVE_PERCENT => HTP_URL_ENCODING_HANDLING_REMOVE_PERCENT - HTP_URL_DECODE_PROCESS_INVALID => HTP_URL_ENCODING_HANDLING_PROCESS_INVALID htp_config_set_field_limits(soft_limit, hard_limit) changed to htp_config_set_field_limit(limit) because libhtp didn't implement soft limits. libhtp logging API updated to provide HTP_LOG_CODE constants along with the message. This eliminates the need to perform string matching on message text to map log messages to HTTP_DECODER_EVENT values, and the HTP_LOG_CODE values can be used directly. In support of this, HTP_DECODER_EVENT values are mapped to their corresponding HTP_LOG_CODE values. New log events to describe additional anomalies: HTP_LOG_CODE_REQUEST_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_RESPONSE_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_PROTOCOL_CONTAINS_EXTRA_DATA HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_START HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_END HTP_LOG_CODE_SWITCHING_PROTO_WITH_CONTENT_LENGTH HTP_LOG_CODE_DEFORMED_EOL HTP_LOG_CODE_PARSER_STATE_ERROR HTP_LOG_CODE_MISSING_OUTBOUND_TRANSACTION_DATA HTP_LOG_CODE_MISSING_INBOUND_TRANSACTION_DATA HTP_LOG_CODE_ZERO_LENGTH_DATA_CHUNKS HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_NO_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_INVALID_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_NO_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_RESPONSE_STATUS HTP_LOG_CODE_RESPONSE_BODY_INTERNAL_ERROR HTP_LOG_CODE_REQUEST_BODY_DATA_CALLBACK_ERROR HTP_LOG_CODE_RESPONSE_INVALID_EMPTY_NAME HTP_LOG_CODE_REQUEST_INVALID_EMPTY_NAME HTP_LOG_CODE_RESPONSE_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_RESPONSE_HEADER_NAME_NOT_TOKEN HTP_LOG_CODE_REQUEST_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_LZMA_DECOMPRESSION_DISABLED HTP_LOG_CODE_CONNECTION_ALREADY_OPEN HTP_LOG_CODE_COMPRESSION_BOMB_DOUBLE_LZMA HTP_LOG_CODE_INVALID_CONTENT_ENCODING HTP_LOG_CODE_INVALID_GAP HTP_LOG_CODE_ERROR The new htp_log API supports consuming log messages more easily than walking a list and tracking the current offset. Internally, libhtp-rs now provides log messages as a queue of htp_log_t, which means the application can simply call htp_conn_next_log() to fetch the next log message until the queue is empty. Once the application is done with a log message, they can call htp_log_free() to dispose of it. Functions supporting htp_log_t: htp_conn_next_log(conn) - Get the next log message htp_log_message(log) - To get the text of the message htp_log_code(log) - To get the HTP_LOG_CODE value htp_log_free(log) - To free the htp_log_t
2 years ago
$(MAKE) gen/htp/htp_rs.h
rust: always update Cargo.lock.in On a normal project where the Cargo.lock is checked in, it would be normal to see an updated Cargo.lock in git status and the like. As we use autoconf to generate this file, we should just copy it back to the input file so we get the same convenience of seeing when it is updated, which usually means it needs to be checked in. However, to satisfy "make distcheck", only copy it if the input template exists, if the input template does not exist we are in an out of tree build.
3 months ago
if test -e Cargo.lock.in; then \
cp Cargo.lock Cargo.lock.in; \
fi
rust: hook rust into the build Rust is currently optional, use the --enable-rust configure argument to enable Rust. By default Rust will be built in release mode. If debug is enabled then it will be built in debug mode. On make dist, "cargo vendor" will be run to make a local copy of Rust dependencies for the distribution archive file. Add autoconf checks to test for the vendored source, and if it exists setup the build to use the vendored code instead of fetching it from the network. Also, as Cargo requires semantic versioning, the Suricata version had to change from 4.0dev to 4.0.0-dev.
8 years ago
suricatasc: a Rust implementation of suricatasc This is a re-implementation of suricatasc program in Rust that attempts to be a 100% drop-in replacement.
2 years ago
install-exec-local:
install -d -m 0755 "$(DESTDIR)$(bindir)"
install -m 0755 $(RUST_SURICATA_LIBDIR)/suricatasc "$(DESTDIR)$(bindir)/suricatasc"
suricatactl: rust version of suricatactl
2 years ago
install -m 0755 $(RUST_SURICATA_LIBDIR)/suricatactl "$(DESTDIR)$(bindir)/suricatactl"
suricatasc: a Rust implementation of suricatasc This is a re-implementation of suricatasc program in Rust that attempts to be a 100% drop-in replacement.
2 years ago
install: makefile target to install libraries As we don't install the libraries by default, provide a make target, "install-library" to install the libsuricata library files. If shared library support exists, both the static and shared libraries will be installed, otherwise only the static libraries will be installed.
4 years ago
install-library:
$(MKDIR_P) "$(DESTDIR)$(libdir)"
$(INSTALL_DATA) $(RUST_SURICATA_LIB) "$(DESTDIR)$(libdir)"
uninstall-local:
rm -f "$(DESTDIR)$(libdir)/$(RUST_SURICATA_LIBNAME)"
suricatasc: a Rust implementation of suricatasc This is a re-implementation of suricatasc program in Rust that attempts to be a 100% drop-in replacement.
2 years ago
rm -f "$(DESTDIR)$(bindir)/suricatasc"
suricatactl: rust version of suricatactl
2 years ago
rm -f "$(DESTDIR)$(bindir)/suricatactl"
install: makefile target to install libraries As we don't install the libraries by default, provide a make target, "install-library" to install the libsuricata library files. If shared library support exists, both the static and shared libraries will be installed, otherwise only the static libraries will be installed.
4 years ago
rust: hook rust into the build Rust is currently optional, use the --enable-rust configure argument to enable Rust. By default Rust will be built in release mode. If debug is enabled then it will be built in debug mode. On make dist, "cargo vendor" will be run to make a local copy of Rust dependencies for the distribution archive file. Add autoconf checks to test for the vendored source, and if it exists setup the build to use the vendored code instead of fetching it from the network. Also, as Cargo requires semantic versioning, the Suricata version had to change from 4.0dev to 4.0.0-dev.
8 years ago
clean-local:
rust/Makefile: cleanup "clean" targets Remove maintainer-clean-local, this is not needed. In distclean-local, remove "rust/dist" and "rust/vendor" as they are created during "make dist". In "clean-local", remove "rust/target" and "rust/gen" as they are created during a normal "make".
1 year ago
rm -rf target gen
rust: make clean fixups For make clean, only remove gen/ if cbindgen is available. This prevents make clean from remove gen when the headers were bundled, but cbindgen is not available to remove them. Unconditionally remove gen and vendor in maintainerclean.
6 years ago
distclean-local:
rust/Makefile: cleanup "clean" targets Remove maintainer-clean-local, this is not needed. In distclean-local, remove "rust/dist" and "rust/vendor" as they are created during "make dist". In "clean-local", remove "rust/target" and "rust/gen" as they are created during a normal "make".
1 year ago
rm -rf vendor dist
rust: hook rust into the build Rust is currently optional, use the --enable-rust configure argument to enable Rust. By default Rust will be built in release mode. If debug is enabled then it will be built in debug mode. On make dist, "cargo vendor" will be run to make a local copy of Rust dependencies for the distribution archive file. Add autoconf checks to test for the vendored source, and if it exists setup the build to use the vendored code instead of fetching it from the network. Also, as Cargo requires semantic versioning, the Suricata version had to change from 4.0dev to 4.0.0-dev.
8 years ago
rust: integrate bindgen to generate Rust bindings to C Bindgen works by processing a header file which includes all other header files it should generate bindings for. For this I've created bindgen.h which just includes app-layer-protos.h for now as an example. These bindings are then generated and saved in the "suricata-sys" crate and become availale as "suricata_sys::sys". Ticket: #7341
6 months ago
check-bindgen-bindings:
if HAVE_BINDGEN
if test "$(top_srcdir)" = "$(top_builddir)"; then \
cp sys/src/sys.rs sys/src/sys.rs.orig; \
$(MAKE) update-bindings; \
if diff sys/src/sys.rs sys/src/sys.rs.orig > /dev/null 2>&1; then \
rm -f sys/src/sys.rs.orig; \
else \
echo "WARNING: bindgen bindings may be out of date"; \
fi \
else \
echo "Not checking bindings for out of tree build"; \
fi
else
@echo "Unable to check bindgen bindings: bindgen not found"
endif
rust: hook rust into the build Rust is currently optional, use the --enable-rust configure argument to enable Rust. By default Rust will be built in release mode. If debug is enabled then it will be built in debug mode. On make dist, "cargo vendor" will be run to make a local copy of Rust dependencies for the distribution archive file. Add autoconf checks to test for the vendored source, and if it exists setup the build to use the vendored code instead of fetching it from the network. Also, as Cargo requires semantic versioning, the Suricata version had to change from 4.0dev to 4.0.0-dev.
8 years ago
check:
automake/rust: remove path.lib Remove the path.lib parameter that is substituted into the output Cargo.toml by autoconf. Instead, as part of the build, "cd" into the source directory. We already set the Rust target directory to the external build directory. This makes the Cargo.toml more generic, and in a format suitable for publishing to crates.io. It also makes it easier to pull in external crates without needing to patch up their Cargo.toml, for example, it might make pulling libhtp-rs easier.
1 year ago
cd $(abs_top_srcdir)/rust && \
rust: put all rust/cargo env vars in CARGO_ENV To ensure that all calls to cargo use the same environment variables, put the environment variables in CARGO_ENV so every call to cargo can easily use the same vars. The Cargo build system is smarter than make, it can detect a change in an environment variable that affects the build, and the setting of SURICATA_LUA_SYS_HEADER_DST changing could cause a rebuild. Also update suricata-lua-sys, which is smarter about copying headers. It will only copy if the destination does not exist, or the source header is newer than the target, which can also prevent unnecessary rebuilds. This is mainly to fix an issue where subsequent builds may fail, especially when running an editor with a LSP enabled: Update lua crate to 0.1.0-alpha.5. This update will force a rewrite of the headers if the env var SURICATA_LUA_SYS_HEADER_DST changes. This fixes the issue where the headers may not be written. The cause is that Rust dependencies are cached, and if your editor is using rust-analyzer, it might cache the build without this var being set, so these headers are not available to Suricata. This crate update forces the re-run of the Lua build.rs if this env var changes, fixing this issue.
8 months ago
$(CARGO_ENV) \
rust: derive crate: for custom derives Currently has one derive, AppLayerEvent to be used like: #[derive(AppLayerEvent)] pub enum DNSEvent { MalformedData, NotRequest, NotResponse, ZFlagSet, } Code will be generated to: - Convert enum to a c type string - Convert string to enum variant - Convert id to enum variant
6 years ago
$(CARGO) test --all $(RELEASE) --features "$(RUST_FEATURES)"
rust: integrate bindgen to generate Rust bindings to C Bindgen works by processing a header file which includes all other header files it should generate bindings for. For this I've created bindgen.h which just includes app-layer-protos.h for now as an example. These bindings are then generated and saved in the "suricata-sys" crate and become availale as "suricata_sys::sys". Ticket: #7341
6 months ago
$(MAKE) check-bindgen-bindings
rust: hook rust into the build Rust is currently optional, use the --enable-rust configure argument to enable Rust. By default Rust will be built in release mode. If debug is enabled then it will be built in debug mode. On make dist, "cargo vendor" will be run to make a local copy of Rust dependencies for the distribution archive file. Add autoconf checks to test for the vendored source, and if it exists setup the build to use the vendored code instead of fetching it from the network. Also, as Cargo requires semantic versioning, the Suricata version had to change from 4.0dev to 4.0.0-dev.
8 years ago
vendor:
rust: put all rust/cargo env vars in CARGO_ENV To ensure that all calls to cargo use the same environment variables, put the environment variables in CARGO_ENV so every call to cargo can easily use the same vars. The Cargo build system is smarter than make, it can detect a change in an environment variable that affects the build, and the setting of SURICATA_LUA_SYS_HEADER_DST changing could cause a rebuild. Also update suricata-lua-sys, which is smarter about copying headers. It will only copy if the destination does not exist, or the source header is newer than the target, which can also prevent unnecessary rebuilds. This is mainly to fix an issue where subsequent builds may fail, especially when running an editor with a LSP enabled: Update lua crate to 0.1.0-alpha.5. This update will force a rewrite of the headers if the env var SURICATA_LUA_SYS_HEADER_DST changes. This fixes the issue where the headers may not be written. The cause is that Rust dependencies are cached, and if your editor is using rust-analyzer, it might cache the build without this var being set, so these headers are not available to Suricata. This crate update forces the re-run of the Lua build.rs if this env var changes, fixing this issue.
8 months ago
$(CARGO_ENV) $(CARGO) vendor
rust: don't fail distcheck if cargo-vendor not found Allow distcheck to pass if cargo vendor is not found by not failing out. It is not required to successfully build a dist tarball, the Rust sources will just not be vendored in. Also don't fail out make dist if Python is not installed. A build will still be successful is Python is available on the end build system.
8 years ago
rust: integrate bindgen to generate Rust bindings to C Bindgen works by processing a header file which includes all other header files it should generate bindings for. For this I've created bindgen.h which just includes app-layer-protos.h for now as an example. These bindings are then generated and saved in the "suricata-sys" crate and become availale as "suricata_sys::sys". Ticket: #7341
6 months ago
update-bindings:
if HAVE_BINDGEN
$(BINDGEN) \
rust/bindgen: use temp file to generating bindings Prefixing a file with sed doesn't appear to be portable. Instead, make use of a temporary file. Fixes generating the bindings on FreeBSD and Mac.
5 months ago
-o sys/src/sys.rs.tmp \
rust: integrate bindgen to generate Rust bindings to C Bindgen works by processing a header file which includes all other header files it should generate bindings for. For this I've created bindgen.h which just includes app-layer-protos.h for now as an example. These bindings are then generated and saved in the "suricata-sys" crate and become availale as "suricata_sys::sys". Ticket: #7341
6 months ago
--rust-target 1.68 \
rust: add bindings to SCPlugin.* to sys crate Also disable bindgen's generated layout tests. They are valid for the platform generating the tests, but may not be valid for other platforms. For example, if the tests are generated on a 64 bit platform the tests will not be valid when run on a 32 bit platform as pointers are a different size. However, the generating bindings are valid for both platform. Ticket: #7341
6 months ago
--no-layout-tests \
rust: integrate bindgen to generate Rust bindings to C Bindgen works by processing a header file which includes all other header files it should generate bindings for. For this I've created bindgen.h which just includes app-layer-protos.h for now as an example. These bindings are then generated and saved in the "suricata-sys" crate and become availale as "suricata_sys::sys". Ticket: #7341
6 months ago
--disable-header-comment \
--default-enum-style rust \
--allowlist-type 'AppProto.*' \
--allowlist-function 'AppProto.*' \
rust: add bindings to SCPlugin.* to sys crate Also disable bindgen's generated layout tests. They are valid for the platform generating the tests, but may not be valid for other platforms. For example, if the tests are generated on a 64 bit platform the tests will not be valid when run on a 32 bit platform as pointers are a different size. However, the generating bindings are valid for both platform. Ticket: #7341
6 months ago
--allowlist-type 'SC.*' \
--allowlist-function 'SC.*' \
plugins: bind constant SC_PLUGIN_API_VERSION
5 months ago
--allowlist-var 'SC.*' \
rust/conf: use generated bindings to SCConf API
4 months ago
--opaque-type 'SCConfNode' \
rust: integrate bindgen to generate Rust bindings to C Bindgen works by processing a header file which includes all other header files it should generate bindings for. For this I've created bindgen.h which just includes app-layer-protos.h for now as an example. These bindings are then generated and saved in the "suricata-sys" crate and become availale as "suricata_sys::sys". Ticket: #7341
6 months ago
$(abs_top_srcdir)/src/bindgen.h \
-- \
-DHAVE_CONFIG_H -I../src -I../rust/gen $(CPPFLAGS)
rust/bindgen: use temp file to generating bindings Prefixing a file with sed doesn't appear to be portable. Instead, make use of a temporary file. Fixes generating the bindings on FreeBSD and Mac.
5 months ago
printf "// This file is automatically generated. Do not edit.\n\n" > sys/src/sys.rs
cat sys/src/sys.rs.tmp >> sys/src/sys.rs
rm -f sys/src/sys.rs.tmp
rust: export jsonbuilder API in sys crate using cbindgen + bindgen
4 months ago
$(CBINDGEN) --quiet --config cbindgen.toml src/jsonbuilder.rs -o gen/jsonbuilder.h
$(BINDGEN) \
-o sys/src/jsonbuilder.rs.tmp \
--rust-target 1.68 \
--no-layout-tests \
--disable-header-comment \
--allowlist-function 'SC.*' \
gen/jsonbuilder.h \
-- \
-DHAVE_CONFIG_H -I../src -I../rust/gen $(CPPFLAGS)
printf "// This file is automatically generated. Do not edit.\n\n" > sys/src/jsonbuilder.rs
cat sys/src/jsonbuilder.rs.tmp >> sys/src/jsonbuilder.rs
rm -f sys/src/jsonbuilder.rs.tmp
rust: integrate bindgen to generate Rust bindings to C Bindgen works by processing a header file which includes all other header files it should generate bindings for. For this I've created bindgen.h which just includes app-layer-protos.h for now as an example. These bindings are then generated and saved in the "suricata-sys" crate and become availale as "suricata_sys::sys". Ticket: #7341
6 months ago
else
@echo "error: bindgen not installed, can't update bindings"
exit 1
endif
rust/cbindgen: Revert Makefile to a more pre-cbindgen state The modifications as part of the cbindgen commit caused issues with distcheck, revert the Makefile to how it was with the Python generator, but still using cbindgen. Also always assume we'll include the generated headers in the distribution archive to fix make distcheck from distribution archives with headers included, but no cbindgen.
6 years ago
if HAVE_CBINDGEN
rust: generated bindings depend on cbindgen.toml make should rerun cbindgen if cbindgen.toml is modified
6 months ago
gen/rust-bindings.h: $(RUST_SURICATA_LIB) cbindgen.toml
lua: use rust crate to vendor (bundle) lua Remove lua-dev(el) from all CI tests.
1 year ago
cd $(abs_top_srcdir)/rust && \
rust: use CBINDGEN variable and not "cbindgen" This uses the cbindgen found during ./configure, and not the one found on the path during "make", which while often the same, aren't always the same. Ticket: #6384
5 months ago
$(CBINDGEN) --config $(abs_top_srcdir)/rust/cbindgen.toml \
rust: cbindgen first verifies existing bindings So as not to recompile every C file inclusing rust.h
3 years ago
--quiet --verify --output $(abs_top_builddir)/rust/gen/rust-bindings.h || true
rust/cbindgen: Revert Makefile to a more pre-cbindgen state The modifications as part of the cbindgen commit caused issues with distcheck, revert the Makefile to how it was with the Python generator, but still using cbindgen. Also always assume we'll include the generated headers in the distribution archive to fix make distcheck from distribution archives with headers included, but no cbindgen.
6 years ago
else
gen/rust-bindings.h:
endif
rust: add doc target to build rust docs Uses "cargo doc --no-deps" to build the documentation just for our Suricata package. Without --no-deps, documentation will be build for all our dependencies as well. The generated documentation will end up in target/doc as HTML.
5 years ago
http: Use libhtp-rs. Ticket: #2696 There are a lot of changes here, which are described below. In general these changes are renaming constants to conform to the libhtp-rs versions (which are generated by cbindgen); making all htp types opaque and changing struct->member references to htp_struct_member() function calls; and a handful of changes to offload functionality onto libhtp-rs from suricata, such as URI normalization and transaction cleanup. Functions introduced to handle opaque htp_tx_t: - tx->parsed_uri => htp_tx_parsed_uri(tx) - tx->parsed_uri->path => htp_uri_path(htp_tx_parsed_uri(tx) - tx->parsed_uri->hostname => htp_uri_hostname(htp_tx_parsed_uri(tx)) - htp_tx_get_user_data() => htp_tx_user_data(tx) - htp_tx_is_http_2_upgrade(tx) convenience function introduced to detect response status 101 and “Upgrade: h2c" header. Functions introduced to handle opaque htp_tx_data_t: - d->len => htp_tx_data_len() - d->data => htp_tx_data_data() - htp_tx_data_tx(data) function to get the htp_tx_t from the htp_tx_data_t - htp_tx_data_is_empty(data) convenience function introduced to test if the data is empty. Other changes: Build libhtp-rs as a crate inside rust. Update autoconf to no longer use libhtp as an external dependency. Remove HAVE_HTP feature defines since they are no longer needed. Make function arguments and return values const where possible htp_tx_destroy(tx) will now free an incomplete transaction htp_time_t replaced with standard struct timeval Callbacks from libhtp now provide the htp_connp_t and the htp_tx_data_t as separate arguments. This means the connection parser is no longer fetched from the transaction inside callbacks. SCHTPGenerateNormalizedUri() functionality moved inside libhtp-rs, which now provides normalized URI values. The normalized URI is available with accessor function: htp_tx_normalized_uri() Configuration settings added to control the behaviour of the URI normalization: - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() - htp_config_set_convert_lowercase() - htp_config_set_double_decode_normalized_query() - htp_config_set_double_decode_normalized_path() - htp_config_set_backslash_convert_slashes() - htp_config_set_bestfit_replacement_byte() - htp_config_set_convert_lowercase() - htp_config_set_nul_encoded_terminates() - htp_config_set_nul_raw_terminates() - htp_config_set_path_separators_compress() - htp_config_set_path_separators_decode() - htp_config_set_u_encoding_decode() - htp_config_set_url_encoding_invalid_handling() - htp_config_set_utf8_convert_bestfit() - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() Constants related to configuring uri normalization: - HTP_URL_DECODE_PRESERVE_PERCENT => HTP_URL_ENCODING_HANDLING_PRESERVE_PERCENT - HTP_URL_DECODE_REMOVE_PERCENT => HTP_URL_ENCODING_HANDLING_REMOVE_PERCENT - HTP_URL_DECODE_PROCESS_INVALID => HTP_URL_ENCODING_HANDLING_PROCESS_INVALID htp_config_set_field_limits(soft_limit, hard_limit) changed to htp_config_set_field_limit(limit) because libhtp didn't implement soft limits. libhtp logging API updated to provide HTP_LOG_CODE constants along with the message. This eliminates the need to perform string matching on message text to map log messages to HTTP_DECODER_EVENT values, and the HTP_LOG_CODE values can be used directly. In support of this, HTP_DECODER_EVENT values are mapped to their corresponding HTP_LOG_CODE values. New log events to describe additional anomalies: HTP_LOG_CODE_REQUEST_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_RESPONSE_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_PROTOCOL_CONTAINS_EXTRA_DATA HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_START HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_END HTP_LOG_CODE_SWITCHING_PROTO_WITH_CONTENT_LENGTH HTP_LOG_CODE_DEFORMED_EOL HTP_LOG_CODE_PARSER_STATE_ERROR HTP_LOG_CODE_MISSING_OUTBOUND_TRANSACTION_DATA HTP_LOG_CODE_MISSING_INBOUND_TRANSACTION_DATA HTP_LOG_CODE_ZERO_LENGTH_DATA_CHUNKS HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_NO_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_INVALID_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_NO_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_RESPONSE_STATUS HTP_LOG_CODE_RESPONSE_BODY_INTERNAL_ERROR HTP_LOG_CODE_REQUEST_BODY_DATA_CALLBACK_ERROR HTP_LOG_CODE_RESPONSE_INVALID_EMPTY_NAME HTP_LOG_CODE_REQUEST_INVALID_EMPTY_NAME HTP_LOG_CODE_RESPONSE_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_RESPONSE_HEADER_NAME_NOT_TOKEN HTP_LOG_CODE_REQUEST_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_LZMA_DECOMPRESSION_DISABLED HTP_LOG_CODE_CONNECTION_ALREADY_OPEN HTP_LOG_CODE_COMPRESSION_BOMB_DOUBLE_LZMA HTP_LOG_CODE_INVALID_CONTENT_ENCODING HTP_LOG_CODE_INVALID_GAP HTP_LOG_CODE_ERROR The new htp_log API supports consuming log messages more easily than walking a list and tracking the current offset. Internally, libhtp-rs now provides log messages as a queue of htp_log_t, which means the application can simply call htp_conn_next_log() to fetch the next log message until the queue is empty. Once the application is done with a log message, they can call htp_log_free() to dispose of it. Functions supporting htp_log_t: htp_conn_next_log(conn) - Get the next log message htp_log_message(log) - To get the text of the message htp_log_code(log) - To get the HTP_LOG_CODE value htp_log_free(log) - To free the htp_log_t
2 years ago
if HAVE_CBINDGEN
gen/htp/htp_rs.h: $(RUST_SURICATA_LIB) htp/cbindgen.toml
cd $(abs_top_srcdir)/rust/htp && \
cbindgen --config $(abs_top_srcdir)/rust/htp/cbindgen.toml \
--quiet --verify --output $(abs_top_builddir)/rust/gen/htp/htp_rs.h || true
else
gen/htp/htp_rs.h:
endif
rust: add doc target to build rust docs Uses "cargo doc --no-deps" to build the documentation just for our Suricata package. Without --no-deps, documentation will be build for all our dependencies as well. The generated documentation will end up in target/doc as HTML.
5 years ago
doc:
CARGO_HOME=$(CARGO_HOME) $(CARGO) doc --all-features --no-deps
rust: only run cbindgen if needed Only run cbindgen when necessary. This is a bit tricky. When building a dist we want to unconditionally build the headers. When going through a "make; sudo make install" type process, cbindgen should not be run as the headers already exist, are valid, and the environment under sudo is more often than not suitable to pick up the Rust toolchains when installed with rustup. For the normal "make" case we have the gen/rust-bindings.h file depend on library file, this will cause it to only be rebuilt if the code was modified. For "make dist" we unconditionally create "dist/rust-bindings.h". This means the generated file could be in 2 locations, so update configure.ac, and the library search find to find it. The "gen/rust-bindings.h" should be picked up first if it exists, for those who develop from a dist archive where "dist/rust-bindings.h" also exists. Not completely happy having the same file in 2 locations, but not sure how else to get the dependency tracking correct.
5 years ago
if HAVE_CBINDGEN
dist/rust-bindings.h:
rust: use CBINDGEN variable and not "cbindgen" This uses the cbindgen found during ./configure, and not the one found on the path during "make", which while often the same, aren't always the same. Ticket: #6384
5 months ago
$(CBINDGEN) --config $(abs_top_srcdir)/rust/cbindgen.toml \
rust: only run cbindgen if needed Only run cbindgen when necessary. This is a bit tricky. When building a dist we want to unconditionally build the headers. When going through a "make; sudo make install" type process, cbindgen should not be run as the headers already exist, are valid, and the environment under sudo is more often than not suitable to pick up the Rust toolchains when installed with rustup. For the normal "make" case we have the gen/rust-bindings.h file depend on library file, this will cause it to only be rebuilt if the code was modified. For "make dist" we unconditionally create "dist/rust-bindings.h". This means the generated file could be in 2 locations, so update configure.ac, and the library search find to find it. The "gen/rust-bindings.h" should be picked up first if it exists, for those who develop from a dist archive where "dist/rust-bindings.h" also exists. Not completely happy having the same file in 2 locations, but not sure how else to get the dependency tracking correct.
5 years ago
--quiet --output $(abs_top_builddir)/rust/dist/rust-bindings.h
else
dist/rust-bindings.h:
endif
rust: bundle Cargo.lock Cargo.lock has to be provided as template, Cargo.lock.in so it can live beside Cargo.lock in out of tree automake builds, like distcheck. This will pin Rust dependencies even for git builds, updating Cargo.lock will now be a manual process that we'll have to take care of periodically.
2 years ago
http: Use libhtp-rs. Ticket: #2696 There are a lot of changes here, which are described below. In general these changes are renaming constants to conform to the libhtp-rs versions (which are generated by cbindgen); making all htp types opaque and changing struct->member references to htp_struct_member() function calls; and a handful of changes to offload functionality onto libhtp-rs from suricata, such as URI normalization and transaction cleanup. Functions introduced to handle opaque htp_tx_t: - tx->parsed_uri => htp_tx_parsed_uri(tx) - tx->parsed_uri->path => htp_uri_path(htp_tx_parsed_uri(tx) - tx->parsed_uri->hostname => htp_uri_hostname(htp_tx_parsed_uri(tx)) - htp_tx_get_user_data() => htp_tx_user_data(tx) - htp_tx_is_http_2_upgrade(tx) convenience function introduced to detect response status 101 and “Upgrade: h2c" header. Functions introduced to handle opaque htp_tx_data_t: - d->len => htp_tx_data_len() - d->data => htp_tx_data_data() - htp_tx_data_tx(data) function to get the htp_tx_t from the htp_tx_data_t - htp_tx_data_is_empty(data) convenience function introduced to test if the data is empty. Other changes: Build libhtp-rs as a crate inside rust. Update autoconf to no longer use libhtp as an external dependency. Remove HAVE_HTP feature defines since they are no longer needed. Make function arguments and return values const where possible htp_tx_destroy(tx) will now free an incomplete transaction htp_time_t replaced with standard struct timeval Callbacks from libhtp now provide the htp_connp_t and the htp_tx_data_t as separate arguments. This means the connection parser is no longer fetched from the transaction inside callbacks. SCHTPGenerateNormalizedUri() functionality moved inside libhtp-rs, which now provides normalized URI values. The normalized URI is available with accessor function: htp_tx_normalized_uri() Configuration settings added to control the behaviour of the URI normalization: - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() - htp_config_set_convert_lowercase() - htp_config_set_double_decode_normalized_query() - htp_config_set_double_decode_normalized_path() - htp_config_set_backslash_convert_slashes() - htp_config_set_bestfit_replacement_byte() - htp_config_set_convert_lowercase() - htp_config_set_nul_encoded_terminates() - htp_config_set_nul_raw_terminates() - htp_config_set_path_separators_compress() - htp_config_set_path_separators_decode() - htp_config_set_u_encoding_decode() - htp_config_set_url_encoding_invalid_handling() - htp_config_set_utf8_convert_bestfit() - htp_config_set_normalized_uri_include_all() - htp_config_set_plusspace_decode() Constants related to configuring uri normalization: - HTP_URL_DECODE_PRESERVE_PERCENT => HTP_URL_ENCODING_HANDLING_PRESERVE_PERCENT - HTP_URL_DECODE_REMOVE_PERCENT => HTP_URL_ENCODING_HANDLING_REMOVE_PERCENT - HTP_URL_DECODE_PROCESS_INVALID => HTP_URL_ENCODING_HANDLING_PROCESS_INVALID htp_config_set_field_limits(soft_limit, hard_limit) changed to htp_config_set_field_limit(limit) because libhtp didn't implement soft limits. libhtp logging API updated to provide HTP_LOG_CODE constants along with the message. This eliminates the need to perform string matching on message text to map log messages to HTTP_DECODER_EVENT values, and the HTP_LOG_CODE values can be used directly. In support of this, HTP_DECODER_EVENT values are mapped to their corresponding HTP_LOG_CODE values. New log events to describe additional anomalies: HTP_LOG_CODE_REQUEST_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_RESPONSE_TOO_MANY_LZMA_LAYERS HTP_LOG_CODE_PROTOCOL_CONTAINS_EXTRA_DATA HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_START HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_END HTP_LOG_CODE_SWITCHING_PROTO_WITH_CONTENT_LENGTH HTP_LOG_CODE_DEFORMED_EOL HTP_LOG_CODE_PARSER_STATE_ERROR HTP_LOG_CODE_MISSING_OUTBOUND_TRANSACTION_DATA HTP_LOG_CODE_MISSING_INBOUND_TRANSACTION_DATA HTP_LOG_CODE_ZERO_LENGTH_DATA_CHUNKS HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_NO_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_INVALID_PROTOCOL HTP_LOG_CODE_REQUEST_LINE_NO_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_PROTOCOL HTP_LOG_CODE_RESPONSE_LINE_INVALID_RESPONSE_STATUS HTP_LOG_CODE_RESPONSE_BODY_INTERNAL_ERROR HTP_LOG_CODE_REQUEST_BODY_DATA_CALLBACK_ERROR HTP_LOG_CODE_RESPONSE_INVALID_EMPTY_NAME HTP_LOG_CODE_REQUEST_INVALID_EMPTY_NAME HTP_LOG_CODE_RESPONSE_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_RESPONSE_HEADER_NAME_NOT_TOKEN HTP_LOG_CODE_REQUEST_INVALID_LWS_AFTER_NAME HTP_LOG_CODE_LZMA_DECOMPRESSION_DISABLED HTP_LOG_CODE_CONNECTION_ALREADY_OPEN HTP_LOG_CODE_COMPRESSION_BOMB_DOUBLE_LZMA HTP_LOG_CODE_INVALID_CONTENT_ENCODING HTP_LOG_CODE_INVALID_GAP HTP_LOG_CODE_ERROR The new htp_log API supports consuming log messages more easily than walking a list and tracking the current offset. Internally, libhtp-rs now provides log messages as a queue of htp_log_t, which means the application can simply call htp_conn_next_log() to fetch the next log message until the queue is empty. Once the application is done with a log message, they can call htp_log_free() to dispose of it. Functions supporting htp_log_t: htp_conn_next_log(conn) - Get the next log message htp_log_message(log) - To get the text of the message htp_log_code(log) - To get the HTP_LOG_CODE value htp_log_free(log) - To free the htp_log_t
2 years ago
if HAVE_CBINDGEN
dist/htp/htp_rs.h:
cd $(abs_top_srcdir)/rust/htp && \
cbindgen --config cbindgen.toml \
--quiet --output $(abs_top_builddir)/rust/dist/htp/htp_rs.h
else
dist/htp/htp_rs.h:
endif
rust: bundle Cargo.lock Cargo.lock has to be provided as template, Cargo.lock.in so it can live beside Cargo.lock in out of tree automake builds, like distcheck. This will pin Rust dependencies even for git builds, updating Cargo.lock will now be a manual process that we'll have to take care of periodically.
2 years ago
Cargo.toml: Cargo.toml.in
update-lock: Cargo.toml
cargo update
mv Cargo.lock Cargo.lock.in