Commit Graph

420 Commits (f2e7309bbb6b07bb87c4b313bcb1fbdb58ba2ce1)

Author SHA1 Message Date
Jason Ish dbc2f9d1db github-ci: add check for schema property ordering 1 year ago
Jason Ish 061ed2d6a4 github-ci: use rust 1.85.0 for clippy check on templates
Currently our CI clippy test is based on 1.85.0, but the clippy test for
the templates was using latest stable.  Unify the clippy checks to
1.85.0.
1 year ago
Victor Julien 3b5a99d239 github-ci: use all profraw files in coverage test 1 year ago
Victor Julien 7b46ec8c24 github-ci: add --list-app-layer-hooks checks 1 year ago
Victor Julien 019c746d79 github-ci: add -h option to coverage test 1 year ago
Jason Ish 11cef2980b github-ci: use current directory for unit test logging
/tmp appears to exist when you make it, but doesn't appear to actually
exist after msys translation, so just use "."
1 year ago
Victor Julien 159bacb268 github-ci: bump scan-build to 20 on Ubuntu 25.04 1 year ago
Eric Leblond 649a032ba9 github-ci: add a nix build
This will test that shell.nix is working properly and also
test compile-commands Makefile target.

Ticket: #7669
1 year ago
dependabot[bot] 4b89dafb44 github-actions: bump actions/download-artifact from 4.2.1 to 4.3.0
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.2.1 to 4.3.0.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](95815c38cf...d3f86a106a)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot] af2b56e9fb github-actions: bump github/codeql-action from 3.28.13 to 3.28.16
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.13 to 3.28.16.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.28.13...v3.28.16)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot] 1f846bc131 github-actions: bump codecov/codecov-action from 5.4.0 to 5.4.2
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.4.0 to 5.4.2.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](0565863a31...ad3126e916)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: 5.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
Jason Ish 810a47cd60 github-ci: pin bindgen test to bindgen v0.66.0 1 year ago
Victor Julien bed96505aa github-ci: update to Fedora 42 1 year ago
Victor Julien 7af8ef07b3 github-ci: codecov llvm updates
Use LLVM 15 with Rust 1.67.1
1 year ago
Victor Julien fe07781bfc github-ci: update codecov unittest job
LLVM 19, rust 1.85.1 and Ubuntu 24.04.
1 year ago
Philippe Antoine 7d806dc7b7 ci: rustc wrapper to disable coverage for external crates
To keep the disk usage good even when we use new crates
1 year ago
Shivani Bhardwaj cff611a284 workflows: use aggressive-cleanup option w s-v
on the Fedora 41 + codecov job to avoid running out of disk space.
1 year ago
Victor Julien 95b079ae0d github-actions: f41 codecov improvements
Add missing gpg package.

Reduce disk space usage.
1 year ago
Philippe Antoine 5e87b6bd51 plugin: add in-tree app-layer template plugin for testing
Ticket: 7151
Ticket: 7152
Ticket: 7154
1 year ago
Philippe Antoine 0bf0f90e97 ci: make a build with ja disabled
Ticket: 7461

In order to run all SV tests in CI, including the ones that
require the abse,ce of the JA3 or JA4 feature
1 year ago
Todd Mortimer 9c324b796e http: Use libhtp-rs.
Ticket: #2696

There are a lot of changes here, which are described below.

In general these changes are renaming constants to conform to the
libhtp-rs versions (which are generated by cbindgen); making all htp
types opaque and changing struct->member references to
htp_struct_member() function calls; and a handful of changes to offload
functionality onto libhtp-rs from suricata, such as URI normalization
and transaction cleanup.

Functions introduced to handle opaque htp_tx_t:
- tx->parsed_uri => htp_tx_parsed_uri(tx)
- tx->parsed_uri->path => htp_uri_path(htp_tx_parsed_uri(tx)
- tx->parsed_uri->hostname => htp_uri_hostname(htp_tx_parsed_uri(tx))
- htp_tx_get_user_data() => htp_tx_user_data(tx)
- htp_tx_is_http_2_upgrade(tx) convenience function introduced to detect response status 101
  and “Upgrade: h2c" header.

Functions introduced to handle opaque htp_tx_data_t:
- d->len => htp_tx_data_len()
- d->data => htp_tx_data_data()
- htp_tx_data_tx(data) function to get the htp_tx_t from the htp_tx_data_t
- htp_tx_data_is_empty(data) convenience function introduced to test if the data is empty.

Other changes:

Build libhtp-rs as a crate inside rust. Update autoconf to no longer
use libhtp as an external dependency. Remove HAVE_HTP feature defines
since they are no longer needed.

Make function arguments and return values const where possible

htp_tx_destroy(tx) will now free an incomplete transaction

htp_time_t replaced with standard struct timeval

Callbacks from libhtp now provide the htp_connp_t and the htp_tx_data_t
as separate arguments. This means the connection parser is no longer
fetched from the transaction inside callbacks.

SCHTPGenerateNormalizedUri() functionality moved inside libhtp-rs, which
now provides normalized URI values.
The normalized URI is available with accessor function: htp_tx_normalized_uri()
Configuration settings added to control the behaviour of the URI normalization:
- htp_config_set_normalized_uri_include_all()
- htp_config_set_plusspace_decode()
- htp_config_set_convert_lowercase()
- htp_config_set_double_decode_normalized_query()
- htp_config_set_double_decode_normalized_path()
- htp_config_set_backslash_convert_slashes()
- htp_config_set_bestfit_replacement_byte()
- htp_config_set_convert_lowercase()
- htp_config_set_nul_encoded_terminates()
- htp_config_set_nul_raw_terminates()
- htp_config_set_path_separators_compress()
- htp_config_set_path_separators_decode()
- htp_config_set_u_encoding_decode()
- htp_config_set_url_encoding_invalid_handling()
- htp_config_set_utf8_convert_bestfit()
- htp_config_set_normalized_uri_include_all()
- htp_config_set_plusspace_decode()
Constants related to configuring uri normalization:
- HTP_URL_DECODE_PRESERVE_PERCENT => HTP_URL_ENCODING_HANDLING_PRESERVE_PERCENT
- HTP_URL_DECODE_REMOVE_PERCENT => HTP_URL_ENCODING_HANDLING_REMOVE_PERCENT
- HTP_URL_DECODE_PROCESS_INVALID => HTP_URL_ENCODING_HANDLING_PROCESS_INVALID

htp_config_set_field_limits(soft_limit, hard_limit) changed to
htp_config_set_field_limit(limit) because libhtp didn't implement soft
limits.

libhtp logging API updated to provide HTP_LOG_CODE constants along with
the message. This eliminates the need to perform string matching on
message text to map log messages to HTTP_DECODER_EVENT values, and the
HTP_LOG_CODE values can be used directly. In support of this,
HTP_DECODER_EVENT values are mapped to their corresponding HTP_LOG_CODE
values.

New log events to describe additional anomalies:
HTP_LOG_CODE_REQUEST_TOO_MANY_LZMA_LAYERS
HTP_LOG_CODE_RESPONSE_TOO_MANY_LZMA_LAYERS
HTP_LOG_CODE_PROTOCOL_CONTAINS_EXTRA_DATA
HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_START
HTP_LOG_CODE_CONTENT_LENGTH_EXTRA_DATA_END
HTP_LOG_CODE_SWITCHING_PROTO_WITH_CONTENT_LENGTH
HTP_LOG_CODE_DEFORMED_EOL
HTP_LOG_CODE_PARSER_STATE_ERROR
HTP_LOG_CODE_MISSING_OUTBOUND_TRANSACTION_DATA
HTP_LOG_CODE_MISSING_INBOUND_TRANSACTION_DATA
HTP_LOG_CODE_ZERO_LENGTH_DATA_CHUNKS
HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD
HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_NO_PROTOCOL
HTP_LOG_CODE_REQUEST_LINE_UNKNOWN_METHOD_INVALID_PROTOCOL
HTP_LOG_CODE_REQUEST_LINE_NO_PROTOCOL
HTP_LOG_CODE_RESPONSE_LINE_INVALID_PROTOCOL
HTP_LOG_CODE_RESPONSE_LINE_INVALID_RESPONSE_STATUS
HTP_LOG_CODE_RESPONSE_BODY_INTERNAL_ERROR
HTP_LOG_CODE_REQUEST_BODY_DATA_CALLBACK_ERROR
HTP_LOG_CODE_RESPONSE_INVALID_EMPTY_NAME
HTP_LOG_CODE_REQUEST_INVALID_EMPTY_NAME
HTP_LOG_CODE_RESPONSE_INVALID_LWS_AFTER_NAME
HTP_LOG_CODE_RESPONSE_HEADER_NAME_NOT_TOKEN
HTP_LOG_CODE_REQUEST_INVALID_LWS_AFTER_NAME
HTP_LOG_CODE_LZMA_DECOMPRESSION_DISABLED
HTP_LOG_CODE_CONNECTION_ALREADY_OPEN
HTP_LOG_CODE_COMPRESSION_BOMB_DOUBLE_LZMA
HTP_LOG_CODE_INVALID_CONTENT_ENCODING
HTP_LOG_CODE_INVALID_GAP
HTP_LOG_CODE_ERROR

The new htp_log API supports consuming log messages more easily than
walking a list and tracking the current offset. Internally, libhtp-rs
now provides log messages as a queue of htp_log_t, which means the
application can simply call htp_conn_next_log() to fetch the next log
message until the queue is empty. Once the application is done with a
log message, they can call htp_log_free() to dispose of it.

Functions supporting htp_log_t:
htp_conn_next_log(conn) - Get the next log message
htp_log_message(log) - To get the text of the message
htp_log_code(log) - To get the HTP_LOG_CODE value
htp_log_free(log) - To free the htp_log_t
1 year ago
dependabot[bot] b536dee9cd github-actions: bump actions/upload-artifact from 4.6.1 to 4.6.2
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.1 to 4.6.2.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](4cec3d8aa0...ea165f8d65)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 4.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot] f2a9203558 github-actions: bump actions/download-artifact from 4.1.9 to 4.2.1
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.9 to 4.2.1.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](cc20338598...95815c38cf)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: 4.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot] d2705aa052 github-actions: bump github/codeql-action from 3.28.10 to 3.28.13
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.10 to 3.28.13.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.28.10...v3.28.13)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
Jason Ish 455aef7a22 github-ci: add test for custom lib example
Ticket: #7240
1 year ago
Jason Ish 6c57d85ecb github-ci: use git cli command for netmap instead of action
This action hits API limits often, however our other uses of git clone
do not seem to, so try use git clone here instead of the github
action.
1 year ago
Jason Ish 078b7a4251 github-ci: add ndpi build to the centos-stream9 build
- Download and build nDPI
- Enable nDPI during Suricata ./configure
- Test that the plugin was built and installed
1 year ago
Philippe Antoine 91389a40ce ci: test cargo fmt for some subdirs
The ones that respect it as new
1 year ago
Jason Ish 3658d502ff github-ci: don't run builds on PR if only docs changed 1 year ago
Jason Ish ed30e95a09 github-ci: stop caching system packages 1 year ago
Jason Ish 5718d5c0fa github-ci: pin rust version for clippy tests
Prevents CI breakage after a new Rust release until we're ready to make
the changes.
1 year ago
Jason Ish cbc296f313 github-ci: update rpm builder to fedora 41 1 year ago
Jason Ish 65b863b087 github-ci: update Fedora non-root build to Fedora 41 1 year ago
Jason Ish 70d5bae160 github-ci: remove fedora 40 builds where 41 exists
Remove Fedora 40 builds where there is a Fedora 41 equivalent.
1 year ago
dependabot[bot] 93bd1935bb github-actions: bump actions/upload-artifact from 4.6.0 to 4.6.1
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.0 to 4.6.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](65c4c4a1dd...4cec3d8aa0)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot] 2d7937b3ce github-actions: bump codecov/codecov-action from 5.3.1 to 5.4.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.3.1 to 5.4.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](13ce06bfc6...0565863a31)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot] 5d38c4de19 github-actions: bump github/codeql-action from 3.28.8 to 3.28.10
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.8 to 3.28.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.28.8...v3.28.10)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot] 47e08ee48e github-actions: bump actions/download-artifact from 4.1.8 to 4.1.9
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.8 to 4.1.9.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](fa0a91b85d...cc20338598)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot] 03b113f7e3
github-actions: bump ossf/scorecard-action from 2.4.0 to 2.4.1
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](62b2cac7ed...f49aabe0b5)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
Jason Ish 1b27febdd8 github-ci: re-enable RPM builds
The RPM has been updated to handle the conversion of suricatasc and
suricatactl to Rust.

Also fixes the "if" expression to prevent one job running both upload
sections.
1 year ago
Jason Ish 0dc5b72c89 github-ci: skip rpm builds for now
RPMs will need to be fixed after merge.
1 year ago
Jason Ish 1dcb1e3f29 github-ci: add var to disable rpm builds
There will be changes in our development branch that the RPMs need to
adapt to, but that can't be done until the changes have been merged to
master, then the RPM can catchup.

This gives us a single variable to turn off RPM building.
1 year ago
Jason Ish 357822c68c github-ci: add check for update to date Cargo.lock.in
After a build, check if Cargo.lock.in and Cargo.lock differ, if so,
Cargo.lock.in needs an update as part of a depedency update.
1 year ago
Jason Ish fc2824a9f7 qa: fix suricatasc path 1 year ago
Jason Ish 7e4de3d1b9 github-ci: do one Windows build from dist archive
As we have 2 Windows builds, do one using the release-style
distribution file.
1 year ago
Jason Ish 45641eab1e github-ci: test that bindgen bindings are up to date
Regenerates the `sys.rs` and looks for any difference. Check will fail
if there is a difference.

Ticket: #7341
1 year ago
Jason Ish 0165830c70 github-ci: update actions/cache
The version we have been using will be deprecated soon.

https://github.blog/changelog/2024-12-05-notice-of-upcoming-releases-and-breaking-changes-for-github-actions/#actions-cache-v1-v2-and-actions-toolkit-cache-package-closing-down
1 year ago
dependabot[bot] d4330ef149 github-actions: bump actions/upload-artifact from 4.5.0 to 4.6.0
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](6f51ac03b9...65c4c4a1dd)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot] 7692926036 github-actions: bump github/codeql-action from 3.28.0 to 3.28.8
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.0 to 3.28.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.28.0...v3.28.8)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
dependabot[bot] b6e59258be
github-actions: bump codecov/codecov-action from 5.1.2 to 5.3.1
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.1.2 to 5.3.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](1e68e06f1d...13ce06bfc6)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
1 year ago