Fix new warning present in Rust 1.89.
warning: hiding a lifetime that's elided elsewhere is confusing
--> src/ldap/types.rs:191:30
= help: the same lifetime is referred to in inconsistent ways, making the signature confusing
= note: `#[warn(mismatched_lifetime_syntaxes)]` on by default
help: use `'_` for type paths
The failure report was always just written to rules_fast_pattern.txt. In
case that setting is disabled or there's nothing fast-pattern related,
the report should be written to the usual rules_analysis.txt.
Bug 7821
de_ctx->ea->fp_engine_analysis_fp is only initialized if
engine-analysis.rules-fast-pattern is enabled in the configuration. If
this config param is missing, this leads to segfault.
Bug 7822
Remove unused rule prefilter-related stats counters that aren't in use.
94644ac960 (detect: move non-pf rules into special prefilter engines)
removed the logic that made use of and incremented the stats counters:
- det_ctx->counter_fnonmpm_list
- det_ctx->counter_nonmpm_list
Some code was left, registering them, and mentioning them in the
json schema.
Ticket #7834
Fixed counter for ippair.memcap by using the correct function,
IPPairGetMemcap.
Until now IPPairGetMemuse was used both for memuse and memcap.
Ticket: 7827
- cleanup usage and documentation around needs
- mentiond that rule hooks are used instead of "needs" keywords with
link with rule hooks (which is still in the firewall-design doc)
Based on the current AlmaLinux 9 build, with plugin tests, etc.
Remove cppclean as its not installed and was previously disabled with
commit 2d308c000d.
Since cached_hash was updated through reference (hash), it seems
LTO did not notice this and optimized the whole code block, returning
zero.
This in turn caused all caches to have the same name and to overwrite.
On subsequent runs, only the last cache was loaded for all SGHs
causing wrong MPM assignment.
Ticket: 7824
Ubuntu and Fedora packing system build with -flto=auto by default, so
update one test to use -flto=auto. Also build with -O2 as that
combination can cause issues such as
https://redmine.openinfosecfoundation.org/issues/7824.
Also adds vectorscan to the build.
Functions like ByteExtractStringUint8 return 0 or less on
failure. Many usages of this function treat 0 as successful as its our
common pattern.
Ticket: #7836
Keywords registration should provide a desc and a link to the
documentation. This patch adds desc and/or url for on most keywords
missing that.
This allows better output for list-keywords command line which
is then use in Suricata Language Server.
Ticket: 7658
Suricata will not handle well if we open a file for this tx,
do not close it, but set the transaction state to completed.
RFC 9113 section 6.1 states:
If a DATA frame is received whose Stream Identifier field is 0x00,
the recipient MUST respond with a connection error (Section 5.4.1)
of type PROTOCOL_ERROR.
Instead of enabling signal handlers by default, require the user of
the library to opt-in. This is done with the call to
SCEnableDefaultSignalHandlers, which sets a flag to add the default
signal handlers.
This seems like the least invasive way to do this at this time, but it
will require some re-thinking for 9.0, especially if migrate globals
to engine instances, signal handling will need to be re-thought.
Ticket: #6814
Configuration option `threads: auto` in DPDK's interface node
overassigns available threads to the interface.
Commit 4dfd44d3 changed the signedness of the remaining threads counter,
which caused surpass of the counter initialization.
The if-clause is switched to first initialize and then use the counter.
Ticket: 7798
Eric Leblond
Jason Ish
Shivani Bhardwaj
Juliana Fajardini
dependabot[bot]
Philippe Antoine
Lukas Sismis
Adam Kiripolsky
Lukas Sismis
Alexandre Iooss
Jeff Lucovsky
Shivani Bhardwaj