suricata

Commit Graph

Author	SHA1	Message	Date
Juliana Fajardini	579d7dcc01	pgsql: add initial support - add nom parsers for decoding most messages from StartupPhase and SimpleQuery subprotocols - add unittests - tests/fuzz: add pgsql to confyaml Feature: #4241	4 years ago
Juliana Fajardini	4c743b809c	rust/applayer: add function for upgrading to TLS	4 years ago
Victor Julien	e02b52c895	quic: add quic.ua for matching user agent	4 years ago
Victor Julien	4c13b73c4d	quic: log user agent when available	4 years ago
Victor Julien	da8b024b99	detect/quic: add quic.sni sticky buffer	4 years ago
Victor Julien	7b836af1b2	quic: log sni; reduce number of transactions Only create transactions for long headers. Store SNI in tx, log it.	4 years ago
Victor Julien	ccab28aad3	quic: log version as string Log as Q043, Q044, Q045, Q046. If the version is not supported/recognized, log the 4 bytes as hex. Only log for txs based on long headers.	4 years ago
Victor Julien	24a21af4ab	quic: redo quic.version; parser cleanups Reimplement quic.version as sticky buffer. Removed unused parts of the parser. Set unidirectional tx flag to fix double matching.	4 years ago
Emmanuel Thompson	7e51987263	quic: Add QUIC App Layer Parses quic and logs a CYU hash for gquic frames	4 years ago
Sam Muhammed	c4bd3cd70e	nfs4_records: add unittests Add unittests for setclientid, readdir records Task #4866	4 years ago
Pierre Chifflier	c61cbd9b35	rust: simplify bits parser annotations	4 years ago
Pierre Chifflier	1b25bcbb13	rust/smb: simplify bits parser annotations	4 years ago
Pierre Chifflier	4d6aa6d532	rust: add 'bits' combinator to simplify nom bits parsers Add a specialized version of the 'bits' nom combinator so adding bits-level parsers does not require type annotations.	4 years ago
Victor Julien	44c9241b6a	telnet: initial support with frames Bootstrapped using setup script. Basic option parsing for purpose of tagging frames.	4 years ago
Jason Ish	3cdefd5f8b	smb: use derive AppLayerFrameType	4 years ago
Victor Julien	0c9fdf8f4f	smb: implement frames SMB1 record parsing code simplification. Frames: nbss.pdu nbss.hdr nbss.data smb1.pdu smb1.hdr smb1.data smb2.pdu smb2.hdr smb2.data smb3.pdu smb3.hdr smb3.data The smb* frames are created for valid SMB records.	4 years ago
Jason Ish	8a40b7b42e	cbindgen: ignore frames module	4 years ago
Jason Ish	de870e2fbf	rust: derive macro for app-layer frame type	4 years ago
Jason Ish	0ece208074	rust/applayer: create trait for app-layer frame types	4 years ago
Jason Ish	cb7f7a7e08	app/frames: implement rust API	4 years ago
Victor Julien	e6f49e5a05	app/frames: implement name to id API for frames	4 years ago
Pierre Chifflier	3e19ccdc0c	rust/http2: convert parser to nom7 functions (HTTP2 ranges)	4 years ago
Pierre Chifflier	f8647b0ffb	rust/http2: convert parser to nom7 functions (HTTP2 core functions)	4 years ago
Philippe Antoine	e1c0725e05	doc: fix typo lenght/length	4 years ago
Sam Muhammed	9bea850d53	nfs4_records: add unittests for nom7 parsers Task #4866	4 years ago
Sam Muhammed	463fbdc36d	nfs4_records: add missing field to res_sequence_ok() Missing _seqid in sequence op struct left a trailing four zeros that are parsed by nfs4_res_compound_command() as a cmd causing a Switch Error Code	4 years ago
Sam Muhammed	4e2edd44aa	nfs3-records: add unittests to nom7 parsers Task #4866	4 years ago
Sam Muhammed	03906010a2	nfs3-records: add missing fields and update parsers Add missing fields to some record structures and update their respective parsers	4 years ago
Sam Muhammed	86c273dadc	nfs2-records: add unittests for nom7 parsers Task #4866	4 years ago
Victor Julien	ddf14e51dc	nfs2: improve READ parsing Take fill_bytes into account.	4 years ago
Jason Ish	2011a5579c	rust/app-layer: expose AppLayerEvent derive macro Export the AppLayerEvent derive macro so plugin (or library code) can use it as expected, for example: use suricata::applayer::AppLayerEvent; enum MyEvent { EventOne, EventTwo, }	4 years ago
Jason Ish	ba310440a6	rust/derive: make usable from a plugin or lib user The macro was generating code that references names use the "crate" prefix which will fail if the macro is used by a library user or plugin. Dynamically check where we are running an use the correct import paths as needed.	4 years ago
Jason Ish	bbd5e6402b	rust: rename to suricata (from suricata_rust) Rename the Rust lib to simply "suricata" instead of "suricata_rust". This allows Rust plugin/library code to use it under the name "suricata" which is what should be expected. The name was only "suricata_rust" to prevent on-disk conflict with the C code, so just rename the file on disk, which doesn't affect how the code is interacted with from an API layer.	4 years ago
Jason Ish	2ffe88c1f0	rust: remove feature function-macro The function macro existed so it would only be enabled on Rust versions that supported. Now that our MSRV is 1.41, which is greater than 1.38 we can assume we always have support for this macro.	4 years ago
Jason Ish	50fdcd098c	rust/http2: use base64 crate for base64 decode	4 years ago
Jason Ish	6392216f6b	base64: use the Rust base64 encode implementation Replace our internal base64 implementation with a ffi wrapper around the Rust implementation provided by an external crate.	4 years ago
Jason Ish	8181030f72	jsonbuilder: add methods to encode values as base64 Add new methods to set a value as a base64 encoded string of a byte array. This uses the Rust base64 crate and encodes directly into the JsonBuilder buffer with no intermediate buffer required. jb_set_base64: set a field on an object jb_append_base64: append a value to an array	4 years ago
Victor Julien	c073d5cfbf	app-layer: use StreamSlice as input to parsers Remove input, input_len and flags in favor of stream slice.	4 years ago
Victor Julien	6466296b32	app-layer: add StreamSlice to pass data to parsers Since object to contain relevant pointer, length, offset, flags to make it easy to pass these to the parsers.	4 years ago
Jason Ish	0861b66e15	dns: add dns flag to dns request logging Ticket #4515	4 years ago
Odin Jenseg	dfb6f105e8	dns: Logging of Z-bit [Edit by Jason Ish: fix flag bit value] Ticket #4515	4 years ago
Jason Ish	fcbdc30426	dns: create transaction even if z-bit was set It appears that DNS servers will still process a DNS request even if the z-bit is set, our parser will fail the transaction. So create the transaction, but still set the event. Ticket #4924	4 years ago
Pierre Chifflier	d67f8f9196	rust/smb: convert parser to nom7 functions (SMB1)	4 years ago
Pierre Chifflier	895a54cea4	rust/smb: convert parser to nom7 functions (DCERPC records)	4 years ago
Pierre Chifflier	8d77ce1ffc	rust/smb: convert parser to nom7 functions (SMB2)	4 years ago
Pierre Chifflier	5cadb878ff	rust/smb: convert parser to nom7 functions (SMB3)	4 years ago
Pierre Chifflier	4c97dfa851	rust/smb: convert parser to nom7 functions (NTLM/SSP records)	4 years ago
Pierre Chifflier	3da816eb23	rust/smb: convert parser to nom7 functions (NBSS records)	4 years ago
Pierre Chifflier	90f9450971	rust: add nom7 combinator take_until_and_consume	4 years ago
Philippe Antoine	87d9c44ec5	rust: export constants via cbindgen so that constants are not defined twice in Rust anc C So that we are sure they have the same value	4 years ago

1 2 3 4 5 ...

879 Commits (cc746b4594584d29b1d81157e9b588026f00cda3)