aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,617 Commits
7 Branches
161 Tags
204 MiB
main-7.0.x
master
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '844e4dba11'
${ noResults }
Commit Graph

150 Commits (844e4dba11867fb9f2b91292a9b73b10a5ec415a)

Author SHA1 Message Date
Victor Julien ef0536794c Adding comments, some cleanups. 14 years ago
Victor Julien 21acd72adf Cleanups to the Multipart parsing code. Fixes to negation in filename and fileext. 14 years ago
Victor Julien 32fb9f375d log-file log-dir option added, meta file created, fixes. 14 years ago
Victor Julien a6b7a560f1 Fix a bug in the HTTP file closing. 14 years ago
Victor Julien 7e3d537338 Fix setting libhtp personality. 14 years ago
Victor Julien cd618e48df Allow for 0 (unlimited) HTTP request_body_limit, fix option parsing. 14 years ago
Victor Julien 4723f07254 Improve testing and fix some bugs. 14 years ago
Victor Julien 9d5d46c4bb Implement flow file storage API, create HTP wrappers for it, use it in HTTP parsing. 14 years ago
Victor Julien a0ee6ade3e Improve HTTP multipart parsing, add streaming parsing for files. 14 years ago
Victor Julien 4537f889ef Handle all strings as raw strings in HTTP content-type and content-disposition header parsing. 14 years ago
Pablo Rincon 6d60b3a747 filename and fileext keywords 14 years ago
Anoop Saldanha 9a6aef459e modify all relevant app layer API calls to accomodate passing parser local storage argument 14 years ago
Victor Julien 262a7300d7 flow: shrink Flow datatype 
Introduce a separate FlowAddress structure for holding the ipv4 or ipv6 address
that doesn't have the family in it like the Address structure. Instead, the
family is stored in the flow as a flag: FLOW_IPV4 and FLOW_IPV6.

Add macro's to check the family, copy the address, etc.

Update many unittests to reflect these changes. Introduce unittest helper
functions for creating and initializing a flow and freeing it again.

On 64 bit this shrinks the flow with 8 bytes.
 14 years ago
Victor Julien 06904c9024 App Layer cleanup 
Removal of per flow 'aldata' array. It contained a ptr for each ALPROTO. Instead now we have 2 ptrs in the flow: alparser and alstate.
Various cleanups and dead code removal from the app layer API.
Should safe 100+ bytes memory per flow on 64 bit.
Updated lots of unittests to reflect these changes.
 14 years ago
Anoop Saldanha 4650bf7170 minor code cleanup. remove commented out code 14 years ago
Victor Julien 2d16abcf8b Minor code cleanups fixing all GCC 4.6 compiler warnings for default, debug and unittests mode. 14 years ago
Victor Julien 5395071c11 Make http logging code more robust against cases where the htp state is incomplete (out of memory conditions). 14 years ago
Eric Leblond 60a99915c1 doc: create http support group 
This patch create an httplayer group and adds related files to
it. It also fixes some typo in documentation string and format.
 14 years ago
Eric Leblond a64eea9628 Fix minor error message. 14 years ago
Eric Leblond 92d74fd480 doc: Add missing params in func description. 14 years ago
Victor Julien bde55578d6 Override HTP IDS personality normalizing the query string to lowercase. Bug #362. 14 years ago
Victor Julien 3644e90a2c Don't set higher transaction id's in HTTP sessions than we have. 14 years ago
Anoop Saldanha 4e44073c79 http logging module should log all txs in the list and not just the last complete tx available on EOF 14 years ago
Anoop Saldanha b406af451b updates to http tx id vars. FFR now flags the app layer session for EOF when creating a pseudo packet for a flow 14 years ago
Anoop Saldanha 41d71a6d70 fix http http transaction id update. Update transactions as soon as we receive a callback on new request 14 years ago
Victor Julien 0625d54267 Improve HTPParserTest07 test to be more helpful if it fails. 14 years ago
deltay 170efc8d38 Register http parser callbacks in the right place. 14 years ago
Gerardo Iglesias Galvan a56592e556 Make sure we do all after the null check in HTPStateFree 14 years ago
Gerardo Iglesias Galvan c4832814b4 Prevent a memory leak on low memory conditions in http client body handling 14 years ago
Victor Julien 63f6de58cb Fix HTP unittests that test pre 0.2.6 libhtp issue. HTP config wasn't restored properly. 14 years ago
Victor Julien 326047eec1 Add unittests for debugging a libhtp issue. 14 years ago
Victor Julien 6384b39f18 Remove unused and broken htp code. 14 years ago
Victor Julien 36917c7d66 Fix not using new htp callback when using the bundled htp. Add indication to --build-info. Fix valgrind warning in test and further improve test. 14 years ago
Victor Julien a3e2b35536 Add configure check for new htp 0.2.5 uri normalize hook. 14 years ago
Victor Julien 15ce850387 Add support for new libhtp htp_config_register_request_uri_normalize callback. 14 years ago
Victor Julien 149ee6b648 Disable to_client http detection. Libhtp expects to_server data first. 14 years ago
Victor Julien 9a58a02559 Wrap HTP code that is only used in debug mode in debug ifdefs. 14 years ago
Anoop Saldanha 000ce98cd1 push all proto detection code into their respective app parser register functions for every alproto 14 years ago
Victor Julien c88630639e Fix setting libhtp personality. 14 years ago
Victor Julien dbe291bc50 Allow for 0 (unlimited) HTTP request_body_limit, fix option parsing. 14 years ago
Victor Julien 99fca03810 Move unittest code into UNITTESTS ifdefs in the HTP parser. Fixes a compiler warning. 15 years ago
Victor Julien edeec290f6 Fix missing rename for request-body-limit to request_body_limit. 15 years ago
Victor Julien a3303fcf9d Rename request-body-limit to request_body_limit to remain consistant with other options. Keep old notation around for compatibility. 15 years ago
Victor Julien 6fca55e068 Add some debug output to app-layer-htp. 15 years ago
Victor Julien 743ed7626c Fix potential null deref (introduced a few commits ago) found by clang. 15 years ago
Victor Julien 16e4e3fe50 Fix request-body-limit option for libhtp config. 15 years ago
Victor Julien 39a5348d2b Remove dead pcre code. 15 years ago
Victor Julien 6ebe7b7cd3 Change the way the request body limit is enforced. 15 years ago
Anoop Saldanha 5c6a65dc58 support relative modifiers for http_client_body. Introduce body processing engine in detect-engine-hcbd.[ch] 15 years ago
Victor Julien bc55fb27dc Compiler warning fix for memory macro's. Small layout changes. 15 years ago
Pablo Rincon 06a65cb460 moving http_client_body logic to use it per transactions. Adding unittests 15 years ago
Victor Julien b8fec77f37 Fix tcp connections that are reset (RST packet) not always inspecting the reassembled stream. Update transaction id code to make sure both directions of a transaction are inspected before incrementing the inspect_id. 15 years ago
Pablo Rincon 8cc525c939 UDP support at AppLayer message handling 15 years ago
Gurvinder Singh a0fa924c15 fixed the memory leaks in htp and radix tree 15 years ago
Victor Julien 70b32f7380 First stab at creating a stateful detection engine. 
Stateful detection for app layer detection keywords, except uricontent. Stores it's partial results in the flow structure. Other modifications:

- Generalize transaction tracking, logging and inspection.
- Adapt http and dcerpc to use the new transaction handling.
- Stream engine now always notifies app layer of a stream eof.

This commit fixes bug #124.
 15 years ago
Gerardo Iglesias Galvan 9f4fae5b1a Fix inconsistent use of dynamic memory allocation 15 years ago
William Metcalf ce01927515 Import of GPLv2 Header 050410 15 years ago
Gurvinder Singh 5b802f6099 fixed type in htp (bug 138) 15 years ago
Victor Julien f81fccd66b Reintroduce usage of the SC_RADIX_NODE_USERDATA marco into the htp code. Rewrite the macro slightly, add unittests for the macro. 15 years ago
Gurvinder Singh 69a4fee757 fixed the API and logic error reported by clang tool 15 years ago
Victor Julien 78e15ea7fa Explicitly test for ipv6 in the htp personalities code. Update all affected unittests to set addr family to the flow. 15 years ago
Victor Julien 47a47e8ad4 Fix invalid free in HTP config deinit. 15 years ago
Victor Julien 44b6380a70 Improve http body chunk memory handling robustness. 15 years ago
Pablo Rincon fe7948a7ae Modifications on http body request handling 15 years ago
Pablo Rincon f862de2ee6 Fixing some code reviews (Thanks to Steve Grubb) 15 years ago
Victor Julien 4129146a71 Because the HTP personalities code changes how the htp state's connp is initialized, we need to check for it in more places. 16 years ago
Victor Julien ead13bda4a Small cleanup and comment update to htp code. 16 years ago
Brian Rectanus a9cdd2bbae Add htp personality configuration. 16 years ago
Victor Julien ffd85ac4a6 Use correct datatype in HTPCallbackResponse fixing possible endless looping issues. 16 years ago
Anoop Saldanha 97d49d8f5e support for http_client_body keyword 16 years ago
Gurvinder Singh 8e444f1772 stream and application layer improvements 16 years ago
Victor Julien 7a8cd61fdf Cleanups. 16 years ago
Pablo Rincon 25a3a5c6d8 Adding mem wrapper to debug runtime alloc()/free() functions. Fixing some memory leaks. 16 years ago
Gurvinder Singh 50f7d0a887 app layer htp logging and better htp request handling. removed recent_in_tx. 16 years ago
Victor Julien 4f3a04a410 Disable htp cleanup code as I'm not yet convinced it does what it should. 16 years ago
Gurvinder Singh bf236e4567 better htp memory handling & flow valgrind error fixed 16 years ago
Pablo Rincon 0165b3f0d8 pcre P modifier support (pcre match over http body requests) 16 years ago
Victor Julien 187949b9ad Make urilen inspect the normalized uri, cleanup uri (error) handling. 16 years ago
Pablo Rincon d0404d8447 Renaming errors with naming conventions 16 years ago
Pablo Rincon ad2c136e8f Renaming errors (naming conventions) 16 years ago
Victor Julien 148883cedf Work around for unsupported CONNECT support handling. 16 years ago
Victor Julien 6a53ab9c5a Stream engine memory handling update 
The stream engine memory handling needed updating as it didn't scale. Changes:

- pools can now be initialized to size 0, meaning unlimited
- stream engine uses a memcap setting. Sessions, segments and aldata is part
  of this, app layer state isn't.
- memory is accounted using a global int that is spinlocked.
- a counter for sessions that have not been picked up because of memcap was
  added.
- all reassembly errors are converted to debug msgs.
 16 years ago
Gurvinder Singh 356a8bf385 applayer uri match and modified http handling 16 years ago
Victor Julien c352bff6fb Remove unused conditional locking code from the app layer parsing code. 16 years ago
Pablo Rincon 705471e4ee Adding single pattern matcher algorithms. If you cannot store a context for the patterns, use SpmSearch() macro. Adding unittests and stats 16 years ago
Victor Julien c3269dbcb4 Fix compiler warning in http method code 16 years ago
Brian Rectanus c22d42693a Added http_method rule keyword. 16 years ago
Gurvinder Singh 6814ea1a0f some more stream fixes 16 years ago
Victor Julien 4824868766 Application layer detection improvements 
- improve locking of application layer handling, making sure that the flow cannot be freed/cleared when the detection engine is still working with it.
- add a check to the app layer detection to make sure that a match function will only inspect an app layer state if it's of the right type.
 16 years ago
Gurvinder Singh 0a85fd6787 htp error fixed 16 years ago
Victor Julien ecf86f9c23 Rename to Suricata. 16 years ago
Victor Julien 18fe3818dc Remove need_lock from app layer parsers. 16 years ago
Gurvinder Singh 7ce586bc77 updated htp error info 16 years ago
Victor Julien ba7e8012af Add some debugging and simplify locking for app layer slightly. 16 years ago
Gurvinder Singh fc2f7f29fa app layer htp error handling and fixes for memory leaks and segv 16 years ago
Gurvinder Singh 1b39e602d0 fixed port info 16 years ago
Pablo Rincon e26833be3f Changing mutex/spinlocks/conditions naming types 16 years ago
Victor Julien 406ee2ce70 Use new threading calls in htp code. 16 years ago
Gurvinder Singh 2d6cf71d37 added htp unit test 16 years ago
Gurvinder Singh 07f7ba55b8 initial support for HTP module init 16 years ago