suricata

Commit Graph

Author	SHA1	Message	Date
Jason Ish	7bdbe7ed32	rust: remove unnecessary lifetimes Fix provided by cargo clippy --fix.	9 months ago
Philippe Antoine	668501c225	rust: remove unused	2 years ago
Lancer Cheng	abc76e27de	smb: fix data padding logic in writeAndX parser Bug: #6008	2 years ago
Lancer Cheng	000eb91078	smb: fix wrong data offset when wct = 12 Bug: #6008	2 years ago
Jason Ish	7080ecbb76	rust: remove explicit lifetimes where not needed	3 years ago
Philippe Antoine	bc287018e5	rust: cargo clippy --all-features --fix --allow-no-vcs	3 years ago
Jason Ish	c4034dafa1	rust: fix clippy lints for clippy::derive_partial_eq_without_eq	3 years ago
Jason Ish	105d9a5f02	rust: fix clippy lint for unnecessary_unwrap Avoid check if not none followed by unwrap.	3 years ago
Jason Ish	f60e1b30f6	rust: fix clippy lint for partialeq_to_none Use .is_some() and .is_none() instead of comparing against None. Comparing against None requires a value to impl PartialEq, is_none() and is_some() do not and are more idiomatic.	3 years ago
Philippe Antoine	817a5001a5	smb: check on param parsing Ticket: 5246 so as not to overflow u16	3 years ago
Victor Julien	b9cd502249	smb: convert 'close' parser to function	3 years ago
Jason Ish	09e2d3b216	smb: expose smb1 request/reply flags with a method Adds `.is_request()` and `.is_reply()` to check if a SMB record flags say the message is a request or a reply.	4 years ago
Pierre Chifflier	d67f8f9196	rust/smb: convert parser to nom7 functions (SMB1)	4 years ago
Philippe Antoine	3e5f59e2cb	smb: fix parsing of file deletion over SMB1	4 years ago
Jason Ish	5bf5de3350	rust(lint): don't use unwrap_or for function calls Calling a function in unwrap_or causes that function to always be called even when not needed. Instead use unwrap_or_else with a closure which will only be called when needed.	4 years ago
Jason Ish	69cf5c9eea	rust(lint): remove needless borrows These are needless borrows (references) as the item is already a reference.	4 years ago
Philippe Antoine	2d14606224	smb: andx support Add AndX support for SMB1. Finishes #3475. [Updated by Victor Julien to split functions]	5 years ago
Philippe Antoine	aaa69fe3c5	smb: resistance against padding evasions Scenario is use of dummy padding in write AndX request or other similar commands using a data offset. Parsing skips now these dummy bytes, and generates one event	5 years ago
Jason Ish	ac93ab281d	rust/logging: allow log macros to be used by plugins Fix plugin macros so they can be used by external Rust crates such as plugins.	5 years ago
Pierre Chifflier	442500678b	rust: use the streaming version of combinators to fix incomplete reads	6 years ago
Pierre Chifflier	d1bf34a427	rust/smb: add custom error handling	6 years ago
Pierre Chifflier	5b809f77f1	rust: upgrade all parsers to nom 5	6 years ago
Victor Julien	f5b33a070a	smb1: allow empty trans records	6 years ago
Jason Ish	42e5065ab8	rust: update to Rust 2018 with cargo fix Migrate to Rust 2018 edition. Credit to Danny Browning for first demontrating this: https://github.com/OISF/suricata/pull/3604/commits	6 years ago
Victor Julien	f7a41412d6	smb1: fix NT create andx records filename parsing Use file name parsing routines that take unicode into account and consider padding bytes as well.	7 years ago
Wesley van der Ree	cc50908f8d	smb: fix NT create filename parsing parse_smb_create_andx_request_record skipped 1 byte too much before the filename. Fixes: #2894	7 years ago
Pierre Chifflier	f22695130b	rust: nom4 requires to add complete!() when using many! combinators	7 years ago
Pierre Chifflier	8c0cde36c6	rust: fix warnings for unused variables (add _)	7 years ago
Pierre Chifflier	13b7399790	rust: upgrade all parsers to nom4	7 years ago
Victor Julien	2b581cd6db	smb: log trans2 that enable delete on close	7 years ago
Victor Julien	eefac0ef95	smb1: add support for trans2 set_path_info rename	7 years ago
Victor Julien	7c8a078a2c	smb1: improve NT Create response record parsing	7 years ago
Pierre Chifflier	576b8ef722	SMB: simplify code	8 years ago
Victor Julien	0dfb3f0e7f	smb1: extract rename info from TRANS2 Exclude TRANS2 from generic TX lookup bypass.	8 years ago
Victor Julien	8eeda113c8	smb1: add parsing for RENAME command	8 years ago
Victor Julien	816bd022a6	smb1: improve non nt-status handling Support SRV error, with a couple of codes. Rename statux field to status_code.	8 years ago
Victor Julien	eed492547c	smb1: extract server guid from negotiate	8 years ago
Victor Julien	90e2abaac4	smb1: use generic string parsing for trans	8 years ago
Victor Julien	76917a8732	smb1: generic smb string parse func	8 years ago
Victor Julien	668c747aee	smb1: more exact tree connect record parsing	8 years ago
Victor Julien	0ed00cf104	smb: move common parsing funcs into own file	8 years ago
Victor Julien	caf29e92b3	smb1: parse and log timestamps in CREATE	8 years ago
Victor Julien	be615c9fbc	smb: small cleanups, fixes and optimizations	8 years ago
Victor Julien	7114d5d25b	smb1: parser cleanups	8 years ago
Victor Julien	d9e43d3e63	smb: cleaner server component parsing	8 years ago
Victor Julien	170edf7c44	smb1: improve error handling	8 years ago
Victor Julien	98b926bf72	smb1: implement WRITE_AND_CLOSE	8 years ago
Victor Julien	8bef120898	smb: session setup improvements Improve ntlmssp version extraction and logging, make its data structures optional. Extract native os/lm from smb1 ssn setup. Move session setup handling into their own files. Only log auth data for the session setup tx.	8 years ago
Victor Julien	75d7c9d64a	rust/smb: initial support Implement SMB app-layer parser for SMB1/2/3. Features: - file extraction - eve logging - existing dce keyword support - smb_share/smb_named_pipe keyword support (stickybuffers) - auth meta data extraction (ntlmssp, kerberos5)	8 years ago

49 Commits (7bdbe7ed32d220abae62c0fc6ed8fcbeba886454)