git.ipfire.org Git - people/ms/suricata.git/commit

]> git.ipfire.org Git - people/ms/suricata.git/commit - src/app-layer-htp.c

projects / people / ms / suricata.git / commit

author	Victor Julien <victor@inliniac.net>
	Fri, 17 Feb 2017 10:41:02 +0000 (11:41 +0100)
committer	Victor Julien <victor@inliniac.net>
	Mon, 8 May 2017 08:43:36 +0000 (10:43 +0200)
commit	6f42ae91c7f3a92788801e024362d061a90ecaeb
tree	591ab24a08d4e22d69556ba5d20208d6faca4b2e	tree \| snapshot
parent	72c757433aab3bab836eb41bc8dc5a2cb3d04116	commit \| diff

app-layer: protocol change API

Add API calls to upgrade to TLS or to request a protocol change
without a specific protocol expectation.

If the HTTP CONNECT session includes a port on the url, use that to
look up the probing parser during protocol detection. Solves a
missed detection of a SSLv2 session that upgrades to TLSv1. SSLv2
relies on the probing parser which is limited to certain ports.

In case of STARTTLS in SMTP and FTP, the port is hardcoded to 443.

A new event APPLAYER_UNEXPECTED_PROTOCOL is set if there was a
mismatch.

rules/app-layer-events.rules		diff \| blob \| blame \| history
src/app-layer-detect-proto.c		diff \| blob \| blame \| history
src/app-layer-detect-proto.h		diff \| blob \| blame \| history
src/app-layer-events.c		diff \| blob \| blame \| history
src/app-layer-events.h		diff \| blob \| blame \| history
src/app-layer-ftp.c		diff \| blob \| blame \| history
src/app-layer-htp.c		diff \| blob \| blame \| history
src/app-layer-smtp.c		diff \| blob \| blame \| history
src/app-layer.c		diff \| blob \| blame \| history
src/flow-util.h		diff \| blob \| blame \| history
src/flow.h		diff \| blob \| blame \| history

Michael's tree of suricata

RSS Atom