suricata

Commit Graph

Author	SHA1	Message	Date
Jason Ish	e50ee7eb62	filestore: remove requirement of nss for filestore Required including NSS header in places that depended on util-file.h including it. All filestore suricata-verify tests now pass without libnss. Also enabled detect-file{md5,sha1,sha256} without NSS support.	5 years ago
Victor Julien	6ab323d323	detect: hide RegisterTests behind ifdef UNITTESTS Update all callers to more aggressively use UNITTESTS guards as well.	5 years ago
Victor Julien	26bcc97515	detect/keywords: dynamic version part of doc URL	5 years ago
Victor Julien	ab1200fbd7	compiler: more strict compiler warnings Set flags by default: -Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes -Wwrite-strings -Wcast-align -Wbad-function-cast -Wformat-security -Wno-format-nonliteral -Wmissing-format-attribute -funsigned-char Fix minor compiler warnings for these new flags on gcc and clang.	8 years ago
Victor Julien	073fcbeb7f	detect: move file hash common code	9 years ago
Victor Julien	b68343e372	files: use dynamic list	9 years ago
Eric Leblond	a2e2f50fb9	documentation: fix list keywords URLs Update URLs in keyword definition to point to sphinx documentation.	9 years ago
Duarte Silva	89eb935f73	file-hashing: added support for SHA-256 file hashing	9 years ago
Duarte Silva	188b382c46	file-hashing: common code added Moved and adapted code from detect-filemd5 to util-detect-file-hash, generalised code to work with SHA-1 and SHA-256 and added necessary flags and other constants.	9 years ago
Victor Julien	9030e89c94	detect: don't set alproto while registering keyword The field is not used except for some printing, and is wrong for many keywords.	9 years ago
Victor Julien	c957c62824	detect file: enable HTTP inspection from validate func	9 years ago
Victor Julien	621860f5b2	detect file: enforce protocol in single place Instead of trying to enforce the app layer protocol in each file function, enforce it in the generic validation function.	9 years ago
Eric Leblond	ed90a16e89	detect: fix setup for some keywords Fix problems found by siginit.cocci.	9 years ago
Jason Ish	796dd5223b	tests: no longer necessary to provide successful return code 1 pass, 0 is fail.	9 years ago
Victor Julien	7108085d33	detect: initialize detection engine by prefix Initalize detection engine by configuration prefix. DetectEngineCtxInitWithPrefix(const char *prefix) Takes the detection engine configuration from: <prefix>.<config> If prefix is NULL the regular config will be used. Update sure that DetectLoadCompleteSigPath considers the prefix when retrieving the configuration.	11 years ago
David Abarbanel	c2dc686742	SMTP MIME Email Message decoder	11 years ago
Ken Steele	8f1d75039a	Enforce function coding standard Functions should be defined as: int foo(void) { } Rather than: int food(void) { } All functions where changed by a script to match this standard.	11 years ago
Victor Julien	3163243a55	Coverity 989710 and 989711: small recourse leaks in filemd5 parsing code.	13 years ago
Victor Julien	80ed1ba008	file md5: print filename and line number on md5 parse errors. Bug #693 .	13 years ago
Eric Leblond	40891223e9	list-keyword: detect non built keyword This patch update the glafs list to be able to indicate that a flag is not supported. This information is used by list-keyword to display information to the user.	13 years ago
Eric Leblond	6842545331	Add documentation url in list-keyword output. The output of the list-keyword is modified to include the url to the keyword documentation when this is available. All documented keywords should have their link set. list-keyword can be used with an optional value: no option or short: display list of keywords csv: display a csv output on info an all keywords all: display a human readable output of keywords info $KWD: display the info about one keyword.	13 years ago
Victor Julien	d68fd54a76	Fix/suppress a couple of harmless compiler warnings.	13 years ago
Eric Leblond	e176be6fcc	Use unlikely for error treatment. When handling error case on SCMallog, SCCalloc or SCStrdup we are in an unlikely case. This patch adds the unlikely() expression to indicate this to gcc. This patch has been obtained via coccinelle. The transformation is the following: @istested@ identifier x; statement S1; identifier func =~ "(SCMalloc\|SCStrdup\|SCCalloc)"; @@ x = func(...) ... when != x - if (x == NULL) S1 + if (unlikely(x == NULL)) S1	13 years ago
Victor Julien	3849588c61	Create separate detect API call (FileMatch) for file detection keywords. #531 .	13 years ago
Victor Julien	4a9fa35cf2	filemd5: free hash during cleanup	13 years ago
Victor Julien	c9e93ec52c	filemd5: add support code for md5 handling for signatures.	13 years ago
Victor Julien	b744708f28	filemd5: implement negated matching.	13 years ago
Victor Julien	fa121a1dd4	filemd5: handle case where no md5 support is compiled it.	13 years ago
Victor Julien	9f7588a756	Add filemd5 keyword that loads a list of md5's to match a file's md5 against.	13 years ago

29 Commits (a77977ec62d99ae9e88a1ffe1c8fa922c5de45df)