suricata

Commit Graph

Author	SHA1	Message	Date
Philippe Antoine	eb189e805a	src: use u8_tolower everywhere Ticket: 4516 Instead of basic to_lower to get the cast to avoid warning about integer Sames goes for u8_toupper	4 years ago
Jeff Lucovsky	1eeb96696b	general: Cleanup bool usage	5 years ago
Victor Julien	13cebb1857	detect: fix heap overflow issue with buffer setup In some cases, the InspectionBufferGet function would be followed by a failure to set the buffer up, for example due to a HTTP body limit not yet being reached. Yet each call to InspectionBufferGet would lead to the matching list_id to be added to the DetectEngineThreadCtx::inspect.to_clear_queue. This array is sized to add each list only once, but in this case the same id could be added multiple times, potentially overflowing the array.	5 years ago
Victor Julien	26bcc97515	detect/keywords: dynamic version part of doc URL	6 years ago
Jeff Lucovsky	be4c6b85de	general: Convert _Bool to bool This commit addresses task 3167 and changes usages of '_Bool` to `bool`. The latter is included from `suricata-common.h`	6 years ago
Victor Julien	3019f10ac7	detect/tls: tls.cert_fingerprint is a sticky buffer Not a content modifier.	6 years ago
Mats Klepsland	3646234ac5	detect-tls-cert-fingerprint: move unittests to tests/	7 years ago
Mats Klepsland	12d37b8b2c	detect-tls: tidy up unittests By doing the following: - removing unnecessary locks - moving variable declarations - removing redundant function 'SigCleanSignatures'	7 years ago
Mats Klepsland	285855d928	detect-tls: remove NULL settings from keyword registration	7 years ago
Mats Klepsland	008f08c1b3	detect-tls: declare ssl_state as const in GetData()	7 years ago
Mats Klepsland	0f7f35bd85	detect-tls: check return values of functions on setup Check the return values of DetectBufferSetActiveList() and DetectSignatureSetAppProto().	7 years ago
Mats Klepsland	1c04d7cdae	detect-tls: remove confusing underscores from variables Remove confusing underscore prefix from variables in GetData() for all tls keywords.	7 years ago
Jeff Lucovsky	7f102d95b6	detect: Modernize TLS keywords This changeset adds keywords for "tls.<name>" and moves the existing value of "tls_<name>" to an alias.	7 years ago
Victor Julien	0b3220a0df	detect: improve inspect buffer handling Fix and Optimize cleanup. For the simple single inspect buffer optimize the cleanup by keeping track of the actually used buffers. This avoid looping over unused buffers. Fix the case of cleaning not being done after a tx if the next tx is also inspected in the context of the same packet. Fix cleanup of the multi-inspect buffers. Optimize in 2 ways. First like with single keep track of which multi-inspect buffers have been used. Second, keep a max of the buffers within a multi-inspect buffer. Use this max to limit (nested) looping.	7 years ago
Mats Klepsland	2d2c01e772	detect-tls-cert-fingerprint: fix typo in unittest	8 years ago
Mats Klepsland	4671d57d7a	detect-tls-cert-fingerprint: fix failing unittest Fix unittest that failed with the content validation callback.	8 years ago
Mats Klepsland	2c5d5bbdaa	detect-tls-cert-fingerprint: add warning if nocase is used	8 years ago
Mats Klepsland	52d9d45747	detect-tls-cert-fingerprint: add setup callback to lowercase content Add setup callback that lowercase the content that follows 'tls_cert_fingerprint'.	8 years ago
Mats Klepsland	f788719348	detect-tls-cert-fingerprint: add content validation callback Validate that the content that follows the 'tls_cert_fingerprint' keyword is on the correct form and has the correct length.	8 years ago
Mats Klepsland	c3a329d6e9	detect-tls-cert-fingerprint: use _Register2 API functions Use _Register2 API functions when registering 'tls_cert_fingerprint' detection keyword.	8 years ago
Mats Klepsland	5e6b8c47df	detect: add (mpm) keyword tls_cert_fingerprint Reimplement keyword to match on SHA-1 fingerprint of TLS certificate as a mpm keyword. alert tls any any -> any (msg:"TLS cert fingerprint test"; tls_cert_fingerprint; content:"4a:a3:66:76:82:cb:6b:23:bb:c3:58:47:23:a4:63:a7:78:a4:a1:18"; sid:12345;)	8 years ago

21 Commits (fc9b65d8d3188c57016635aef8d7cdfe4552324e)