aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,955 Commits
7 Branches
155 Tags
198 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ab6171c429'
${ noResults }
Commit Graph

11955 Commits (ab6171c42992b8a103eda71067f4e68b8aaa43e9)
 

Author SHA1 Message Date
Jason Ish 6dfc888966 configure.ac: remove tests for libnspr and libnss 4 years ago
Jason Ish 7525295e63 hashing: remove remaining HAVE_NSS guards 
For features, we pretend to HAVE_NSS so scripts, external tests
continue to work.
 4 years ago
Jason Ish 9b314bebe0 output-json-email: use Rust md5 bindings instead of libnss 4 years ago
Jason Ish 815396263b util/mime: use Rust md5 bindings instead of libnss 
As the new Md5 hashing consumes its context on finalize, an bool
has_md5 flag has been added to let the logger know there is an
md5 hash available.
 4 years ago
Jason Ish 9e14c00298 transform-sha256: use Rust sha256 bindings 
Use new Rust sha256 bindings insead of libnss.
 4 years ago
Jason Ish 0f714be9f3 rust/hashing: method to SHA256 and finalize in one call 
Add SCSha256HashBuffer to hash a single buffer returning the
result.
 4 years ago
Jason Ish d98e34045b transform-sha1: use Rust sha1 bindings 
Removes dependence on NSS.
 4 years ago
Jason Ish 3d1a294bc7 util-crypt: remove ComputeSHA1 
There is now a Rust replacement for ComputeSHA1 that is exposed
to C as SCSha1HashBuffer.
 4 years ago
Jason Ish 90dcaff41d ssl: replace ComputeSHA1 with Rust SCSha1HashBuffer 
Removes the final use of internal ComputeSHA1 function.
 4 years ago
Jason Ish e0a2d10e7e transform/md5: use Rust md5 bindings 4 years ago
Jason Ish c2dd2c25b6 error: new disabled hashing error code 
Add new error code to be used when something fails due to hashing being
disabled.
 4 years ago
Jason Ish 4b9af8d2ce doc/userguide: document --disable-hashing 4 years ago
Jason Ish f723dc1309 suricata: add --disable-hashing option 
The idea with a flag to disable hashing is to provide a way to
get the effect of building Suricata without libnss, which is
sometimes done for performance reasons.
 4 years ago
Jason Ish 245a1bd4ce suricata.c: clang-format required after new option added 4 years ago
Jason Ish 7bb917b835 suricata.c: disable clang-format on long_opts init 
clang-format will reformat this to have multiple options on a
single line which is hard to read and I don't see a specific
clang-format option to format this better. So for now,
disable clang-format on this section of code.
 4 years ago
Jason Ish 0321f60ebf community-id: use Rust SHA1 to compute hash 
Removes use of our internal ComputeSHA1 for calculating the
community ID.
 4 years ago
Jason Ish eb5cfd9b82 rust/hashing: new function to SHA1 hash a single buffer 
SCSha1HashBuffer will has a single buffer and compute the digest
in one call.
 4 years ago
Jason Ish ff37526c6b rust: remove md5 crate, unalias md-5 
Remove the md5 crate as a dependency as it is no longer removed.
We now use md-5 from RustCrypto.
 4 years ago
Jason Ish 0a2d8509c9 rust/ssh: use md-5 crate instead of md5 
The "md-5" crate is part of the RustCrypto project that also
uses the sha1 and sha256 crates we are using. These all implement
the Digest trait for a common API.
 4 years ago
Jason Ish c0ddad8e7e doc/ja3: libnss support no longer required 4 years ago
Jason Ish d5bf748c90 ja3: remove requirement on NSS 4 years ago
Jason Ish 1022b217ed rust/hashing: a method to md5 hash a single buffer 
Add SCMd5HashBuffer as a replacement for NSS HASH_HashBuf as
used in ja3 to hash a single buffer.
 4 years ago
Jason Ish e50ee7eb62 filestore: remove requirement of nss for filestore 
Required including NSS header in places that depended on
util-file.h including it.

All filestore suricata-verify tests now pass without libnss.

Also enabled detect-file{md5,sha1,sha256} without NSS support.
 4 years ago
Jason Ish e4acbcbb5e filestore: use Rust bindings for sha256/sha1/md5 4 years ago
Jason Ish 46ceb13c08 rust: add ffi module for sha256, sha1 and md5 
Add a Rust module that exposes Rust implementations of
sha256, sha1 and md5 from the RustCrypto project.

This is an experiment in replacing the libnss hash functions with
pure Rust versions that will allow us to remove nss as a compile
time option.

Initial tests are good, even with a 10% or so performance
improvement when being called from C.

Also trying a module naming scheme where modules under the ffi
modules are purely for exports to C, as it doesn't make any
sense to use this new hashing module directly from Rust.
 4 years ago
Kirby Kuehl 5499a6f7cd doc: fix URL for unix-socket python example 4 years ago
Jeff Lucovsky 8ce2078a38 tftp: Add test cases 
This commit adds test cases for the TFTP parser.
 4 years ago
Jeff Lucovsky e900b6d265 tftp: Improve parser 
This commit improves TFTP parsing by ensuring the mode and opcode are
valid.
 4 years ago
Jason Ish 18a1fd22c2 github-ci: use python3 in debian builds 4 years ago
Jason Ish 7904ef82d0 github-ci/macos: use brew to install Python 3 
The default Python on MacOS is Python 2. Suricata-Verify now
depends on Python 3, so install it with Brew.
 4 years ago
Jason Ish 37eff69a37 github-ci: update min Rust version from 1.34.2 to 1.41.1 4 years ago
Jason Ish f77fd0c0cb rust: include file cleanup 
The cbindgen generated header should not include rust.h as
rust.h already includes the generated binding.

Fixup C source code that only pulled the generated include, it
should instead pull in "rust.h" which includes the generated
binding plus other misc. stuff.
 4 years ago
Philippe Antoine 47dd9a5ebc signature: Fix leak in urilen parsing 
cf #4254
 4 years ago
Victor Julien 423a5e2f6c detect/file.data: support ftp and ftp-data 4 years ago
Victor Julien 45eddde573 detect/file.name: register inspect engine for ftp-data 4 years ago
Jeff Lucovsky f8fef0dd05 decode/tcp: Improved handling of TFO options 
This commit improves handling of TCP fast open options
- Option length must be in [6, 18]
- Option length must be an even value
 4 years ago
Gianni Tedesco 10ea60a237 detect: Validate that NOOPT options don't have optvals 
Without this, a simple typo between : and ; is able to hide actual bugs
in rules.

I discovered 2 bugs in ET open ruleset this way.
 4 years ago
Gianni Tedesco cebe15c23b detect-fast-pattern: Mark as OPTIONAL_OPT, instead of NOOPT 
Also update the erroneous comment about it.
 4 years ago
Sascha Steinbiss f78f444a5e doc: build all manpages 4 years ago
Eric Leblond dfe5785bfa ebpf: avoid need of 32 bit header 
Compilation of xdp_lb.c was failing in some case with the following
error:

/usr/include/x86_64-linux-gnu/gnu/stubs.h:7:11: fatal error: 'gnu/stubs-32.h' file not found

This patch add some define to be able to skip recursive inclusion of
header files leading to the problem.
 4 years ago
Juliana Fajardini e33bbee9b7 nbss: add parser tests 
Add tests to parse_nbss_record and parse_nbss_record_partial
 4 years ago
Eric Leblond 8d034b4163 eve/dhcp: avoid to call common logging twice 4 years ago
Joshua Lumb 9d432bbab3 threads: More descriptive startup output 4 years ago
Carl Smith 9b840104bd lua: Make the rule action available to output scripts 
Useful for those that want to do custom logging from lua
 4 years ago
Justin Ossevoort 320de5f43d eve: Log tenant_id for all eve-json messages 4 years ago
Carl Smith 660b68a083 nsh: Parsing of Network Services Header and payload 
Support for EtherType 0x894F and basic header
 4 years ago
Victor Julien db2dbaaf40 stream/midstream: handle packet loss after SYN/ACK 4 years ago
Victor Julien 895938080f stream/tcp: fix invalid ack events in timewait state 4 years ago
Victor Julien 49bd1f85b9 flow/timeout: fix TCP seq/ack for reversed flows 
When a flow is swapped it also swaps the stream trackers, so it does
not make sense to reverse them during pseudo packet creation.
 4 years ago
Victor Julien 3c7c361b60 detect/stream: fix async stream inspection 
Move raw progress forward only if detect uses stream data, indicated
by the PKT_DETECT_HAS_STREAMDATA flag.
 4 years ago