suricata

Commit Graph

Author	SHA1	Message	Date
Eric Leblond	6842545331	Add documentation url in list-keyword output. The output of the list-keyword is modified to include the url to the keyword documentation when this is available. All documented keywords should have their link set. list-keyword can be used with an optional value: no option or short: display list of keywords csv: display a csv output on info an all keywords all: display a human readable output of keywords info $KWD: display the info about one keyword.	13 years ago
Eric Leblond	5e4552fdcd	suricata: update list-keyword command This patch update the list-keyword command. Without any option, the previous behavior is conserved. If 'all' is used as option, suricata print a csv formatted output of keyword information: name;features;description If a keyword name is used as argument, suricata print a readable message: tls.subject Features: state inspecting Description: Match TLS/SSL certificate Subject field	13 years ago
Eric Leblond	e176be6fcc	Use unlikely for error treatment. When handling error case on SCMallog, SCCalloc or SCStrdup we are in an unlikely case. This patch adds the unlikely() expression to indicate this to gcc. This patch has been obtained via coccinelle. The transformation is the following: @istested@ identifier x; statement S1; identifier func =~ "(SCMalloc\|SCStrdup\|SCCalloc)"; @@ x = func(...) ... when != x - if (x == NULL) S1 + if (unlikely(x == NULL)) S1	13 years ago
Eric Leblond	d292004880	Add some missing checks of SCStrdup return.	13 years ago
Eric Leblond	f82573be12	tls: suppress always true condition.	13 years ago
Eric Leblond	a3b2cee0d5	detect-tls: various indent fixes. And delete a useless FIXME.	13 years ago
Jean-Paul Roliers	c4df7a45ae	tls: adding store option for TLS This patch adds a TLS store option to save certificate in PEM format. Each time the store action is met, a file and a metafile are created. Reworked-by: Eric Leblond <eric@regit.org>	13 years ago
Jean-Paul Roliers	00d4357362	tls: adding support for fingerprint rule matching. Add the support for tls.fingerprint keyword in rules.	13 years ago
Eric Leblond	8ebc625711	tls: fix keyword regular expression Space, dash and comma are valid.	13 years ago
Anoop Saldanha	270ea253a2	ssl parser fix/updates	13 years ago
Victor Julien	19a7e7f395	flow: create a flow lock macro API, implement it for mutex and rwlocks. Mutex remains the default.	14 years ago
Pierre Chifflier	218b5d3ba0	TLS app layer: misc fixes, reorder some fields to same memory	14 years ago
Pierre Chifflier	71fa4a5285	TLS: replace SigMatchAppendAppLayer with SigMatchAppendSMToList	14 years ago
Pierre Chifflier	6c2c6cffac	TLS keywords: fix match regex (remove extra space)	14 years ago
Eric Leblond	fce2437dc2	tls app layer: handle negation on subject and issuerdn. This patch adds negation support for tls.subject and tls.issuerdn matches.	14 years ago
Eric Leblond	ad0e05a112	TLS app layer: Add tls.issuerdn keyword.	14 years ago
Pierre Chifflier	4be65fd016	TLS handshake: decode the SERVER_CERTIFICATE message Add a decoder for the SERVER_CERTIFICATE during a TLS handshake, extracts the certificates and keep the subject name. Add the tls.subject keyword for substring match in rules (TLS layer). Signed-off-by: Pierre Chifflier <pierre.chifflier@ssi.gouv.fr>	14 years ago

17 Commits (f10dd603ff42201ec931c33325327d1bdce00e18)