aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,414 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a87c7e5c08'
${ noResults }
Commit Graph

48 Commits (a87c7e5c08b027d104bfa00c6f7858398c2d63a6)

Author SHA1 Message Date
Jason Ish 27d1ee98ce rust: derive crate: for custom derives 
Currently has one derive, AppLayerEvent to be used like:

  #[derive(AppLayerEvent)]
  pub enum DNSEvent {
      MalformedData,
      NotRequest,
      NotResponse,
      ZFlagSet,
  }

Code will be generated to:
- Convert enum to a c type string
- Convert string to enum variant
- Convert id to enum variant
 4 years ago
Simon Dugas c2720fc2fb modbus: fix quantity and count calculation 
The [Modbus Spec S6.11](https://modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf)
clearly states that the `count = quantity / 8` and not the other way
around. This is fixed in sawp-0.5.0.
 4 years ago
Simon Dugas a458a94dca modbus: move from C to rust 
Adds a new rust modbus app layer parser and detection module.

Moves the C module to rust but leaves the test cases in place to
regression test the new rust module.
 4 years ago
Philippe Antoine 0105d4f017 rust: bump bitflags dependency version 
So that lexical-core, needed by nom, and using bitflags
is used with version 0.7.5 instead of version 0.7.0
which fixed the fact that BITS is now a reserved keyword
in nightly version
 4 years ago
Jason Ish a178ec6bef rust: rename lib to libsuricata_rust 
Previously it was libsuricata.a, but eventually we want to get
to a place where libsuricata.a is a combination of the Rust
and C code.
 4 years ago
Victor Julien 3f807f3bf6 rust: update dependencies 4 years ago
Victor Julien ebde15f0e2 rust: lock all major crate versions 
To avoid surprises with dependencies bumping MSRV.
 4 years ago
Victor Julien 4b5af36061 rust: relax nom version to any >=5.1.1 4 years ago
Philippe Antoine d861228214 http2: decompression for files 
gzip and brotli decompression for files
 4 years ago
Jason Ish ff37526c6b rust: remove md5 crate, unalias md-5 
Remove the md5 crate as a dependency as it is no longer removed.
We now use md-5 from RustCrypto.
 4 years ago
Jason Ish 46ceb13c08 rust: add ffi module for sha256, sha1 and md5 
Add a Rust module that exposes Rust implementations of
sha256, sha1 and md5 from the RustCrypto project.

This is an experiment in replacing the libnss hash functions with
pure Rust versions that will allow us to remove nss as a compile
time option.

Initial tests are good, even with a 10% or so performance
improvement when being called from C.

Also trying a module naming scheme where modules under the ffi
modules are purely for exports to C, as it doesn't make any
sense to use this new hashing module directly from Rust.
 4 years ago
Jason Ish ea1338b464 rust: function macro now returns the function name 
Borrow a macro from https://github.com/popzxc/stdext-rs that
will give us the Rust function name in SCLog messages in Rust.

As this trick only works on Rust 1.38 and newer, keep the old
macro around and set a feature based on a Rust version test
done during ./configure.
 5 years ago
Jason Ish 3672cea876 rust/Cargo: build as rlib for plugin linkage 
Build Rust code as an rlib, in addition to a staticlib so plugins
can link with the Rust code.
 5 years ago
Emmanuel Thompson 63704fdf13 rust/asn1: Introduce ASN1 rust module 
This module uses the `der-parser` crate to parse ASN1 objects in order to replace src/util-decode-asn1.c
It also handles the parsing of the asn1 keyword rules and detection checks performed in src/detect-asn1.c
 5 years ago
Emmanuel Thompson 6b8517dc12 rust: Update der, kerberos and snmp parser dependencies 
- The update to der-parser allows us to use the latest API changes
 5 years ago
Vadym Malakhatko 536cee3ba9 rust/ssh: add hassh generation 
Add generation of hassh fingerprints based on fields in the kexinit record
 5 years ago
Jason Ish 639f3d265e rust: lock to nom 5.1.1 
5.1.2 pulls in dependencies that don't build on Rust 1.34.
 5 years ago
Jason Ish c1f4edc434 rust: bring back libc as a dependency 
Its already pulled in by some of other dependencies so adds zero
extra weight, and provides handy definitions for basic functions
like free().
 5 years ago
Shivani Bhardwaj 6db1f19d62 rust: Add debug_validate_bug_on macro 
This macro allows to check if certain parts of the code are reachable
during fuzzing.
 5 years ago
Shivani Bhardwaj 57ad609a97 rust: Add new crate uuid 5 years ago
Pierre Chifflier 36d2e257c6 rust/x509: use the raw serial number so leading zeros are not removed 5 years ago
Pierre Chifflier 5b809f77f1 rust: upgrade all parsers to nom 5 5 years ago
Jason Ish 53aaa82deb rust: set edition to 2018 5 years ago
Jason Ish f9c9548b74 configure: detect lua integer size 
Lua 5.1 and 5.3 use a different integer size. Run a test program
to set the integer size used in the Rust FFI layer to Rust.
 5 years ago
Zach Kelly caef8b5b38 protocol parser: rdp 
Initial implementation of feature 2314:
1. Add protocol parser for RDP
2. Add transactions for RDP negotiation
3. Add eve logging of transactions
 6 years ago
Victor Julien 3f6624bf16 rust: remove libc crate dependency 
Use std::os::raw instead.
 6 years ago
Pierre Chifflier 2df840a8b8 Add SNMP (v1/v2c/v3) application layer 6 years ago
Victor Julien 24d6a16459 rust/mingw: build fixes 
Fix path passed to cargo by using 'cygpath' if available.
 6 years ago
Pierre Chifflier d3011e3ee8 rust: update dependencies for nom4 transition 6 years ago
Pierre Chifflier 3a017f61b0 Kerberos 5: pretty-print error code when logging 7 years ago
Pierre Chifflier 77f0c11c9e Add Kerberos 5 application layer 7 years ago
Jason Ish d73b5ee276 rust: cargo fixes for out of tree build 7 years ago
Pierre Chifflier 2d1c4420de Update ntp-parser to 0.2.0 7 years ago
Victor Julien f201a3761f rust: remove multi level 'experimental' 
Don't treat 'external' parsers as more experimental. All parsers
depend on crates to some extend, and all have C glue code. So the
distinction doesn't really make sense.
 7 years ago
Pierre Chifflier 4e4cf00c07 Remove the 'experimental' mark for IKEv2 7 years ago
Pierre Chifflier c99b9462d7 Add new parser: IKEv2 
Add a new parser for Internet Key Exchange version (IKEv2), defined in
RFC 7296.
The IKEv2 parser itself is external. The embedded code includes the
parser state and associated variables, the state machine, and the
detection code.

The parser looks the first two messages of a connection, and analyzes
the client and server proposals to check the cryptographic parameters.
 7 years ago
Pierre Chifflier b5529e4ffb SMB: use kerberos-parser to extract Real and PrincipalName 7 years ago
Victor Julien dab055d8c8 smb: update to der-parser 0.5.1 7 years ago
Victor Julien 75d7c9d64a rust/smb: initial support 
Implement SMB app-layer parser for SMB1/2/3. Features:
- file extraction
- eve logging
- existing dce keyword support
- smb_share/smb_named_pipe keyword support (stickybuffers)
- auth meta data extraction (ntlmssp, kerberos5)
 7 years ago
Pierre Chifflier b69acaadf5 Rust: add 'debug' feature 
The 'debug' feature is enabled if suricata was configured with the
--enabled-debug' flag.
If enabled, the SCLogDebug format and calls the logging function as
usual. Otherwise, this macro is a no-op (similarly to the C code).
 7 years ago
Victor Julien 6e82df274d rust: update dependencies 7 years ago
Victor Julien bb65a48edd rust: require at least libc 0.2.33 
Required to be higher than 0.2.24 for IPPROTO_UDP. Upgraded to latest
version.
 7 years ago
Jason Ish 6a4cefb7c5 rust: --enable-rust-strict to turn warnings into errors 8 years ago
Pierre Chifflier efe11dc37e Add NTP parser (rust-experimental) 8 years ago
Victor Julien db2d928151 rust/nfs: add (file)handle to log as crc32 8 years ago
Jason Ish ee83f7a0db rust: build fixes and nom update 
Update nom to ~3.0.

Prefix dependencies with ~, which will allow for newer patch
versions only. Minor version updates should get a test before
using.

Remove Cargo.lock from the repo, but still generate as part
of the vendoring process for release builds. This will ensure
that all users of a particular distribution tarball will be
linking against the same Rust dependencies.
 8 years ago
Jason Ish 9d687025e2 rust: lua wrapper 
Rust wrapper for working with lua state.
 8 years ago
Jason Ish 8f81792da5 rust: hook rust into the build 
Rust is currently optional, use the --enable-rust configure
argument to enable Rust.

By default Rust will be built in release mode. If debug is enabled
then it will be built in debug mode.

On make dist, "cargo vendor" will be run to make a local copy
of Rust dependencies for the distribution archive file.

Add autoconf checks to test for the vendored source, and if it
exists setup the build to use the vendored code instead of
fetching it from the network.

Also, as Cargo requires semantic versioning, the Suricata version
had to change from 4.0dev to 4.0.0-dev.
 8 years ago