]>
git.ipfire.org Git - thirdparty/snort3.git/log
Russ Combs (rucombs) [Thu, 8 Dec 2016 18:44:33 +0000 (13:44 -0500)]
Merge pull request #742 in SNORT/snort3 from macros_doc to master
Squashed commit of the following:
commit
8d2d0b87dd0dfe416fa7991f6c7c8b3e1501d8af
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Dec 8 13:15:13 2016 -0500
utils: License and document CPP padding guard macros.
Shawn Turner (shaturne) [Thu, 8 Dec 2016 16:42:42 +0000 (11:42 -0500)]
Merge pull request #740 in SNORT/snort3 from thread_local2 to master
Squashed commit of the following:
commit
0e098bc439fea33fe8dafd4c07c6767630370441
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Dec 7 12:50:51 2016 -0500
fixed dynamic build issues by forcing cross-unit THREAD_LOCAL access through functions
Russ Combs (rucombs) [Thu, 8 Dec 2016 03:50:36 +0000 (22:50 -0500)]
Merge pull request #741 in SNORT/snort3 from macros to master
Squashed commit of the following:
commit
dd8de11b48dd18c5dbbd8d0d093b40028771b296
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Dec 7 16:44:33 2016 -0500
build: Rework key structure padding guard macros
Russ Combs (rucombs) [Wed, 7 Dec 2016 00:27:41 +0000 (19:27 -0500)]
Merge pull request #739 in SNORT/snort3 from cppcheck_fixes to master
Squashed commit of the following:
commit
0842be13d69f74dee314966e11ceb742d451da17
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Dec 5 12:51:39 2016 -0500
cppcheck error fixes
Michael Altizer (mialtize) [Tue, 6 Dec 2016 22:39:14 +0000 (17:39 -0500)]
Merge pull request #731 in SNORT/snort3 from sfip to master
Squashed commit of the following:
commit
7d6beaa500576fd94654482baea2841c626094ea
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Oct 17 21:39:28 2016 -0400
sfip: Refactoring and split from SfCidr
commit
0910494ac22e82569b8faf2b041828b31708f5d7
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Oct 20 13:16:00 2016 -0400
sf_vartable: Initial conversion to Catch unit tests
commit
17c20f297605fbe954c26e0d2061fa258af7bf49
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Nov 30 14:07:25 2016 -0500
main: Mark main_read() as static
commit
30c7b6fd9413f0f338cd22f37dc37e79657054b5
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Nov 23 12:04:42 2016 -0500
appid: Remove unused API HTTP field functions
Russ Combs (rucombs) [Tue, 6 Dec 2016 16:26:48 +0000 (11:26 -0500)]
Merge pull request #737 in SNORT/snort3 from doc_dce to master
Squashed commit of the following:
commit
8f2a3e91369b4692dd4638067d4b493950c85b82
Author: huica <huica@cisco.com>
Date: Mon Dec 5 12:48:26 2016 -0500
Add manual for dcerpc
Russ Combs (rucombs) [Tue, 6 Dec 2016 15:11:37 +0000 (10:11 -0500)]
Merge pull request #735 in SNORT/snort3 from sip_strings to master
Squashed commit of the following:
commit
fa7daec1f2e0064bc4cd14cafe028bfedf0d8c9e
Author: Carter Waxman <cwaxman@cisco.com>
Date: Mon Dec 5 14:28:22 2016 -0500
added copies to sip detector so strings are valid after the current packet disappears
commit
35bb540e26ed79d50a0f00299b9d993dde1cbc7d
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Dec 2 16:04:17 2016 -0500
all SipEvent strings now handled wih char arrays
Michael Altizer (mialtize) [Tue, 6 Dec 2016 03:28:18 +0000 (22:28 -0500)]
Merge pull request #738 in SNORT/snort3 from curse_uaf to master
Squashed commit of the following:
commit
11760bf923bbbe087b21330f6319d279908c8a6f
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 5 19:24:51 2016 -0500
wizard: Refactor curses to prevent use-after-free of service name
Russ Combs (rucombs) [Mon, 5 Dec 2016 15:56:06 +0000 (10:56 -0500)]
Merge pull request #736 in SNORT/snort3 from exec_swap to master
Squashed commit of the following:
commit
8d68ca38e3e0a8bf7d66b1bb7805c1cbf0329ea7
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Dec 2 13:40:28 2016 -0500
issue asynchronous swaps
Russ Combs [Fri, 2 Dec 2016 12:05:19 +0000 (07:05 -0500)]
build 220
Russ Combs (rucombs) [Thu, 1 Dec 2016 22:41:07 +0000 (17:41 -0500)]
Merge pull request #734 in SNORT/snort3 from doc_manual to master
Squashed commit of the following:
commit
89ac929f14c99e3aa3f2a3f072b83b8385992146
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Nov 30 21:09:27 2016 -0500
refactor overview and features sections
Russ Combs (rucombs) [Thu, 1 Dec 2016 21:09:03 +0000 (16:09 -0500)]
Merge pull request #733 in SNORT/snort3 from appid_spaces to master
Squashed commit of the following:
commit
173463dad3d45eb063097764374f396aa07f5356
Author: Carter Waxman <cwaxman@cisco.com>
Date: Thu Dec 1 12:04:25 2016 -0500
removed underscores from all pegs outside of appid
commit
d696ac7ee5ac0d1b4be029e610f344b04ef3568b
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Nov 23 15:25:44 2016 -0500
removed '_' from appid pegs
Russ Combs (rucombs) [Thu, 1 Dec 2016 02:09:43 +0000 (21:09 -0500)]
Merge pull request #730 in SNORT/snort3 from sdf-doc to master
Squashed commit of the following:
commit
8944a32cad0a92c79c3b7ff2a546c8b55880316c
Author: Victor Roemer <viroemer@cisco.com>
Date: Wed Nov 30 10:50:26 2016 -0500
SDF-Doc take 2
Russ Combs (rucombs) [Thu, 1 Dec 2016 02:07:58 +0000 (21:07 -0500)]
Merge pull request #728 in SNORT/snort3 from alert_135_2 to master
Squashed commit of the following:
commit
bbd04a472f5eb899ee3d2a90e967032948ec1c54
Author: huica <huica@cisco.com>
Date: Mon Nov 28 16:24:53 2016 -0500
Alert 135:2 when a 3-way handshake is completed
Russ Combs (rucombs) [Thu, 1 Dec 2016 02:07:29 +0000 (21:07 -0500)]
Merge pull request #732 in SNORT/snort3 from lockfix1 to master
Squashed commit of the following:
commit
45aa613f821d70b0e8e7cfb1d884c8047bd385c8
Author: Steve Chew <stechew@cisco.com>
Date: Wed Nov 30 19:40:19 2016 -0500
Removed unneeded lock.
Hui Cao (huica) [Wed, 30 Nov 2016 18:58:59 +0000 (13:58 -0500)]
Merge pull request #729 in SNORT/snort3 from appid_x509_memleak to master
Squashed commit of the following:
commit
1d47856b2d2f0f69c3d53550e3a9cff236ffdbed
Author: davis mcpherson <davmcphe.cisco.com>
Date: Mon Nov 28 15:37:18 2016 -0500
cleanup openssl resources when snort exits to eliminate memory leaks
only call openssl cleanup functions required to clean crypto* api usage, move cleanup to plugin terminate api function, improve service ssl code style
Hui Cao (huica) [Tue, 29 Nov 2016 20:00:21 +0000 (15:00 -0500)]
Merge pull request #726 in SNORT/snort3 from appid_ptypes_scan_patch to master
Squashed commit of the following:
commit
cfbad0aea0e04b034f7bcd70d07de6fcfc36dc73
Author: davis mcpherson <davmcphe.cisco.com>
Date: Mon Nov 28 10:50:23 2016 -0500
delete auto ptr used to point to member variable of the AppIdSession class, just use the member variable directly. Some coding style improvements
commit
616baeb1eae80e6d4954c0a1e85db4d34085a13e
Author: davis mcpherson <davmcphe.cisco.com>
Date: Mon Nov 28 15:06:26 2016 -0500
make ptype_scan_counts a field of the httpSession struct
commit
fef9bdf71276aa9b8966609c49743f6df3136bcd
Author: davis mcpherson <davmcphe.cisco.com>
Date: Mon Nov 28 14:41:55 2016 -0500
Add mutex lock around calls into crypto lib for X509 cert processing, crypto lib not thread safe so calls into this lib from multiple packet threads appear to be causing random failures
Michael Altizer (mialtize) [Mon, 28 Nov 2016 15:37:44 +0000 (10:37 -0500)]
Merge pull request #724 in SNORT/snort3 from gtp_duplicates to master
Squashed commit of the following:
commit
abde9b0d9432302fc1ad7dc1a776d92525116564
Author: allewi <allewi@cisco.com>
Date: Sun Nov 27 13:08:38 2016 -0500
added line to prevent duplicate gtp configurations from being printed
Michael Altizer (mialtize) [Mon, 28 Nov 2016 15:37:29 +0000 (10:37 -0500)]
Merge pull request #725 in SNORT/snort3 from modbus_duplicates to master
Squashed commit of the following:
commit
6f6e45378a305b45648ebcaf052660a9d7ad79b3
Author: allewi <allewi@cisco.com>
Date: Sun Nov 27 13:27:40 2016 -0500
adding change to prevent duplicate modbus configurations
Russ Combs (rucombs) [Wed, 23 Nov 2016 22:45:02 +0000 (17:45 -0500)]
Merge pull request #721 in SNORT/snort3 from double_lua to master
Squashed commit of the following:
commit
b5229dc110c61a58eb586c2a6ef681001dcfacc1
Author: Carter Waxman <cwaxman@cisco.com>
Date: Mon Nov 21 15:05:39 2016 -0500
added multiple passes to lua so variables are always set before used
Russ Combs (rucombs) [Wed, 23 Nov 2016 21:24:58 +0000 (16:24 -0500)]
Merge pull request #722 in SNORT/snort3 from appid_stl_thread_safety to master
Squashed commit of the following:
commit
991eb29ae7f85b1e9e1b72f334eb96536c568b10
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Nov 23 14:09:00 2016 -0500
use std::lock_guard to manage life cycle of mutex ownership when accessing app info tables.
commit
a09a573489bf2b69930b6aa58006699fd3ab0681
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Nov 23 10:33:49 2016 -0500
add lock around read accesses to app info tables. there is a single lock that is global to all app info tables, more granular locking on a per table basis may be implemented in the future to improve performance
remove caching AppIdServiceIDState object pointers in the AppIdSession object. The service state object may get deleted without the knowledge of appid sessions that have cached the pointer. For now a get using the ip/port/protocol tuple of the destination is used to get the service state object. This is short term solution until a move to the host cache can be implemented.
Russ Combs (rucombs) [Wed, 23 Nov 2016 12:46:31 +0000 (07:46 -0500)]
Merge pull request #719 in SNORT/snort3 from ecb_alt_fast_pattern to master
Squashed commit of the following:
commit
b89eb774fcc4a5ac076304db6dab6dd31f5ddf99
Author: mdagon <mdagon@cisco.com>
Date: Fri Nov 18 13:28:03 2016 -0500
alternate pattern for dce_udp iface rule option
Code review fixes
Remove an extra 'using namespace std'
Refactoring
Russ Combs (rucombs) [Tue, 22 Nov 2016 22:54:41 +0000 (17:54 -0500)]
Merge pull request #720 in SNORT/snort3 from cut_down to master
Squashed commit of the following:
commit
f3bb19f43167cdda20698247fa21ba25f77b6dc5
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Nov 22 14:29:52 2016 -0500
refactor dce_smb.cc
commit
d61f30962fd70cfbb2ec66c0cbe017760f5a42a9
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Nov 22 12:54:31 2016 -0500
refactor smb message definitions
commit
806617d70753418e348724443d0b655bc63d91b8
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Nov 22 11:50:24 2016 -0500
split hi_client.cc init methods into separate file
Hui Cao (huica) [Tue, 22 Nov 2016 21:40:14 +0000 (16:40 -0500)]
Merge pull request #718 in SNORT/snort3 from sdf_documenation to master
Squashed commit of the following:
commit
3cfa955237b9a1e87ca3cd08a9f8c8d2d7c81a8d
Author: Victor Roemer <viroemer@cisco.com>
Date: Tue Nov 15 14:50:01 2016 -0500
sd_pattern user documentation
Hui Cao (huica) [Tue, 22 Nov 2016 21:39:29 +0000 (16:39 -0500)]
Merge pull request #717 in SNORT/snort3 from file_reg to master
Squashed commit of the following:
commit
692030b8b6e8bee8ed0ca083cb74c2f5faa10dbd
Author: huica <huica@cisco.com>
Date: Mon Nov 21 15:30:07 2016 -0500
Fixed uu and qp decode issue
Fixed file signature calculation for ftp
Fixed file resume blocking
Russ Combs (rucombs) [Tue, 22 Nov 2016 12:07:40 +0000 (07:07 -0500)]
Merge pull request #715 in SNORT/snort3 from appid_fflow3 to master
Squashed commit of the following:
commit
a9e3e7de8612efb242df0f21d32d0654e647d90c
Merge:
31d0bf7 61a685b
Author: Steve Chew <stechew@cisco.com>
Date: Mon Nov 21 23:50:53 2016 -0500
Merge branch 'appid_fflow3' of ssh://bitbucket-eng-rtp1.cisco.com:7999/snort/snort3 into appid_fflow3
Conflicts:
src/network_inspectors/appid/detector_plugins/detector_http.cc
commit
31d0bf78b51445976b335f705e25be0b0f744794
Author: Steve Chew <stechew@cisco.com>
Date: Mon Nov 21 22:52:16 2016 -0500
Remove future flow appid feature for http since there is no known use
case.
commit
61a685bfd603fe098c64589162acbe2f838d2629
Author: Steve Chew <stechew@cisco.com>
Date: Mon Nov 21 22:52:16 2016 -0500
Remove future flow appid feature for http since there is no known use
case.
Yang Wang 王阳 [Mon, 14 Nov 2016 11:34:59 +0000 (19:34 +0800)]
fixd snort_defaults.lua: No such file or directory
Russ Combs [Tue, 22 Nov 2016 02:45:49 +0000 (21:45 -0500)]
build 219
Russ Combs (rucombs) [Tue, 22 Nov 2016 00:53:48 +0000 (19:53 -0500)]
Merge pull request #711 in SNORT/snort3 from appid_bug_fix_lua to master
Squashed commit of the following:
commit
f4a91423f22ff5e3104ae0f67e7f7ebf38c6b5f9
Author: shaslad <shaslad@cisco.com>
Date: Thu Nov 17 18:40:31 2016 -0500
Fixing Index issue for few more Client Headers
Changed code based on review comment
Hui Cao (huica) [Mon, 21 Nov 2016 21:38:30 +0000 (16:38 -0500)]
Merge pull request #709 in SNORT/snort3 from appid_service_ssl_mem_leak to master
Squashed commit of the following:
commit
b3d4cd751ea4eebccaad578bbe6b7fb11349e47d
Author: davis mcpherson <davmcphe.cisco.com>
Date: Mon Nov 21 11:12:22 2016 -0500
check length field for ptr fields in SIPMsg struct and only access pointer if length > 0
commit
66fdd94c199fe4bb7e34eeaf105e831b9e87dc6e
Author: davis mcpherson <davmcphe.cisco.com>
Date: Thu Nov 17 10:38:34 2016 -0500
initialize service element objects when instantiated to ensure no access of uninitialized memory
make detector types an enum, set detector type properly for pattern & port service elements
use memcpy instead of strndup to copy http header from event message
initialize tcp/udp port service vectors to APP_ID_NONE, use c++11 member variable initialization syntax
Russ Combs (rucombs) [Mon, 21 Nov 2016 21:33:47 +0000 (16:33 -0500)]
Merge pull request #713 in SNORT/snort3 from analyzerz to master
Squashed commit of the following:
commit
0ec1cd2494157cd82d01fe8420ab4fc349cd922e
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Nov 21 14:40:44 2016 -0500
review updates
commit
5b3912d83b783255fd6089491bdbffc43cbc30d4
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Nov 20 09:52:33 2016 -0500
fix analyzer command races
commit
d182530ec55a53bd91ddaad01b160dd964c7db06
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Nov 20 07:44:44 2016 -0500
unset signal handlers at shutdown
commit
73e31038dbf7e01351810c4f2efb95df642f55f0
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Nov 18 05:58:18 2016 -0500
convert to event driven main loop
Michael Altizer (mialtize) [Mon, 21 Nov 2016 21:12:32 +0000 (16:12 -0500)]
Merge pull request #714 in SNORT/snort3 from catch_tests to master
Squashed commit of the following:
commit
a7190df88455d404405a9b7a2b92ce0e7e018946
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Nov 21 15:01:27 2016 -0500
catch: Support compiling catch tests in standalone source files
commit
6223f5aea12c005c39d3760d449a47f7e72503d9
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Nov 21 14:01:00 2016 -0500
wizard: Make DCE curses static
Russ Combs (rucombs) [Fri, 18 Nov 2016 20:53:54 +0000 (15:53 -0500)]
Merge pull request #710 in SNORT/snort3 from more_misc_fixes to master
Squashed commit of the following:
commit
a0941af98b9d31cbed6dde9eb1cad27404ce76d4
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Nov 18 13:21:57 2016 -0500
fix race with multiple packet threads
commit
53d440735a497d58a5ae7c7bbdd9f7443d61d158
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Nov 18 08:10:21 2016 -0500
create pid file after dropping privs
commit
f4e784f86cd395ef70710eec17c32726d7047b62
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Nov 18 08:08:19 2016 -0500
proper cleanup of port objects in failure cases
commit
a6b45aa3d2ddc6ca5de9d1df8fde5148f8b2fdd6
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Nov 18 07:14:05 2016 -0500
only print file stats banner if stats available
Michael Altizer (mialtize) [Fri, 18 Nov 2016 18:40:01 +0000 (13:40 -0500)]
Merge pull request #712 in SNORT/snort3 from cmake_cpputest to master
Squashed commit of the following:
commit
fb4c001b0b8709a3505bb044705be8a2cedd84d8
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Nov 18 11:50:08 2016 -0500
cmake: Correct package name used in HS and HWLOC so that REQUIRED works.
commit
3a543585194bf2c30993cca4247bfd7f6ef88027
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Nov 18 11:48:20 2016 -0500
cmake: Improve detection and use of CppUTest in non-standard locations
Russ Combs (rucombs) [Thu, 17 Nov 2016 19:27:11 +0000 (14:27 -0500)]
Merge pull request #708 in SNORT/snort3 from obfucator_warning_fix to master
Squashed commit of the following:
commit
85dc8a679a7e181b24bad1cd4207d59b4772db29
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Thu Nov 17 14:00:57 2016 -0500
obfuscator warning fix
Russ Combs (rucombs) [Thu, 17 Nov 2016 00:51:21 +0000 (19:51 -0500)]
Merge pull request #705 in SNORT/snort3 from sdf_out_mask to master
Squashed commit of the following:
commit
969cf8b3badde3bd15c7c58613fff279a76bb690
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Nov 14 12:14:59 2016 -0500
sdf changes
Russ Combs (rucombs) [Wed, 16 Nov 2016 22:29:27 +0000 (17:29 -0500)]
Merge pull request #707 in SNORT/snort3 from misc_fixes to master
Squashed commit of the following:
commit
d796882a69f686aeb582f70a1ff6b94a44bf05ad
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Nov 16 09:38:56 2016 -0500
revert to dumping 16 bytes per line by default
commit
ae16bba4a86d6cdab6af1c38556cb3718fa1ee24
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Nov 16 09:03:20 2016 -0500
fix out-of-tree doc builds
fix image sizes to fit page; thanks to wyatuestc for reporting the issue
change -L to -K in README and manual; thanks to jncornett for reporting the issue
commit
fc11b8819ee95214023d973e0bd376ef0f630dba
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Nov 15 07:34:09 2016 -0500
fix fast pattern selection when multiple designated
thanks to j.mcdowell@titanicsystems.com for reporting the issue
Hui Cao (huica) [Wed, 16 Nov 2016 21:12:00 +0000 (16:12 -0500)]
Merge pull request #706 in SNORT/snort3 from appid_fix_valgrind_issues to master
Squashed commit of the following:
commit
73e7820760537fa576ec07ce0afdd9d953e93eed
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Nov 16 12:33:42 2016 -0500
check validity of protocol value in lua api against IpProtocol::RESERVED
commit
7b5c1bb0dededa56807e38b25bdecf953f41c624
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Nov 16 10:25:31 2016 -0500
memory leak fix where service match objects not deleted when id_state deleted
commit
c1fa8a6c82c7e1ad86e47eba6b15b0ea73581b3d
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Nov 16 08:04:51 2016 -0500
delete host/port and service state maps packet processing thread exits
commit
75caec57317e1a7af368d3cb79539204bdef84f0
Author: davis mcpherson <davis.mcpherson@gmail.com>
Date: Tue Nov 15 18:05:37 2016 -0500
refactor service state tables to use std::map
commit
f0aab847fcd4fa6f5ac2962da14c92d98fd650a4
Author: davis mcpherson <davis.mcpherson@gmail.com>
Date: Tue Nov 15 16:06:34 2016 -0500
refactor host port cache to use std::map
init session logging id name to null
commit
e5bf29005716f4c950247b52021ee9de582fb6d4
Author: davis mcpherson <davmcphe.cisco.com>
Date: Tue Nov 15 09:28:59 2016 -0500
when an appid session is deleted ensure all possible allocated resources are checked for and freed
commit
f576528b528fa82a905c02f8eaf4d9542e8cccfe
Author: davis mcpherson <davmcphe.cisco.com>
Date: Thu Nov 10 15:12:33 2016 -0500
fix memory leaks in appid due to flow data structs not being freed
fix memory leak due to flow data struct allocated for expected channel not being freed
fixes for some invalid memory access issues:
- init all fields in httpSession struct
- don't scan past end of buffer identifying htpp client
- insure struct fields and auto vars are initialized
fixes for some memory access errors due to unitialized variables
Michael Altizer (mialtize) [Wed, 16 Nov 2016 16:48:51 +0000 (11:48 -0500)]
Merge pull request #703 in SNORT/snort3 from autodetect to master
Squashed commit of the following:
commit
2c97fdb0fe074450a90770565c9441cb6dd84623
Author: mdagon <mdagon@cisco.com>
Date: Wed Nov 2 08:04:19 2016 -0400
dce wizard
Russ Combs (rucombs) [Mon, 14 Nov 2016 19:47:41 +0000 (14:47 -0500)]
Merge pull request #704 in SNORT/snort3 from threadz to master
Squashed commit of the following:
commit
cbdc3439b7140d2368fb2b8b68cd07ed19d31f23
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Nov 14 12:52:48 2016 -0500
convert file capture stats to module based thread locals
commit
2883836a3381d3ba47ebe852b129bb8124b6371d
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Nov 14 07:55:24 2016 -0500
convert file stats to module based thread locals
commit
67be0d6fb4e795731559682df0d8cac6aa406a98
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Nov 13 08:19:46 2016 -0500
fix most reload race conditions
commit
fe87e6793ae4d05f1be925762973949a4788590e
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Nov 11 17:44:28 2016 -0500
comment on atomic switching
comment on test scope
commit
728f5faa707c0f02c860f94774d7a80947c8335f
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Nov 11 10:47:22 2016 -0500
fix dynamic builds and unit tests
commit
ad834007ff90c420bb2ab1be7e4c59473210ca5f
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Nov 11 08:15:57 2016 -0500
move file trace flags into file config
commit
705a36bc7beebd00eea5869f1f1da1bf896bb44b
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Nov 11 07:31:02 2016 -0500
fix stats races
commit
ac9dbfb785111836aeb634bede4f3362d247704c
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Nov 10 11:14:15 2016 -0500
fix most stats races
commit
3b3412632f8c82f3e968be99d0b9b02fa238a6ec
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Nov 10 07:18:29 2016 -0500
fix max_pdu race cond
commit
abf9b805082cc2916eff49b8c823ef3fb0645d18
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Nov 10 06:57:33 2016 -0500
fix data race with swap pointer
commit
d2449a2c48237405030ef06c829c7eec29f6c1d0
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Nov 9 21:14:33 2016 -0500
fix thread sanitizer issues with legacy protocol reference table
commit
64a66d296174d104e6163ebcd7edc116223d1c3a
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Nov 9 07:31:52 2016 -0500
fix ownership of stream module config
commit
d3e27d8afe04e126dc2caec3350f8b1a27a3ad1a
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Nov 9 07:30:28 2016 -0500
fix packet thread startup data races
Shawn Turner (shaturne) [Fri, 11 Nov 2016 15:25:35 +0000 (10:25 -0500)]
Merge pull request #702 in SNORT/snort3 from ooofin to master
Squashed commit of the following:
commit
295c5f1b4c1936e3758dce727d3f2f4097d8a193
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Sep 12 16:24:08 2016 -0400
ooofin changes
Michael Altizer (mialtize) [Thu, 10 Nov 2016 20:06:51 +0000 (15:06 -0500)]
Merge pull request #699 in SNORT/snort3 from nhttp57 to master
Squashed commit of the following:
commit
654554489f6827965f1052c224bf498d7c36b8ce
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Oct 31 11:22:18 2016 -0400
NHI MIME file processing integration
Russ Combs (rucombs) [Thu, 10 Nov 2016 19:06:48 +0000 (14:06 -0500)]
Merge pull request #698 in SNORT/snort3 from perfmon_docs to master
Squashed commit of the following:
commit
b8807c17407e8b6b1d65a1ed8d00635eade1f966
Author: Carter Waxman <cwaxman@cisco.com>
Date: Mon Nov 7 10:09:57 2016 -0500
added perfmon docs
Hui Cao (huica) [Wed, 9 Nov 2016 15:53:14 +0000 (10:53 -0500)]
Merge pull request #701 in SNORT/snort3 from appid_cleanup_reg_tests to master
Squashed commit of the following:
commit
4d63e4974dba68a76a568c402e34466b23d6a188
Author: davis mcpherson <davis.mcpherson@gmail.com>
Date: Tue Nov 8 16:18:43 2016 -0500
remove function that logged debug info that was no longer useful
Hui Cao (huica) [Wed, 9 Nov 2016 15:33:35 +0000 (10:33 -0500)]
Merge pull request #691 in SNORT/snort3 from file_doc to master
Squashed commit of the following:
commit
1327789b4e878c623c40669680ccad42d2a0a85d
Author: huica <huica@cisco.com>
Date: Tue Nov 1 14:06:57 2016 -0400
file processing document update
Hui Cao (huica) [Tue, 8 Nov 2016 17:31:04 +0000 (12:31 -0500)]
Merge pull request #694 in SNORT/snort3 from appid_no_so_wild to master
Squashed commit of the following:
commit
e5ae9e59f829351580d1b880a0077090c7b6cb5f
Author: davis mcpherson <davmcphe.cisco.com>
Date: Fri Nov 4 11:34:51 2016 -0400
updates from code review comments and a few generall coding style fixups
commit
1c6e1c075a61c8237090c42b18da97f8bb0dec62
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Nov 2 15:28:32 2016 -0400
fix memory leak in service_rpc, list of rpc program nodes were dynamically allocated but never freed
enable appid in default snort.lua configuration
report parse errors with ParseWarning, functionality may be reduced but appid will still work
commit
a0a9c28afccfc93f550369d9f60d3e47f8c1c916
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Nov 2 10:26:40 2016 -0400
refactor NetworkSet utility functions into a proper class
commit
cabb0a02458a3f3ff3c8eec9de7b36b5f992515e
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Nov 2 08:54:12 2016 -0400
consolidate utility functions to single utilities file or file where the function is used, eliminate duplicated types for custom config elements, delete deprecated files
commit
10e5cac96c626f8dbc6cd5322b612cb0969545c4
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Nov 2 07:48:07 2016 -0400
reduce appid chatiness - changed LogMessage to DebugMessage where appropriate, move more functions to appropriate source file and delete files no longer useful, ensure all Debug* logging for AppId is controlled by the DEBUG_APPID flag
commit
8913c81160ae3ed00361b6946a369eb48856fa9e
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Nov 2 06:48:16 2016 -0400
refactoring to move functions and data defs to appropriate source file and delete source files no longer useful
Hui Cao (huica) [Mon, 7 Nov 2016 15:12:31 +0000 (10:12 -0500)]
Merge pull request #696 in SNORT/snort3 from http_more_tests to master
Squashed commit of the following:
commit
dcd43e7d538a2f5ebc06eae3877b239c64f43cfb
Author: shaslad <shaslad@cisco.com>
Date: Sat Oct 29 01:42:07 2016 -0400
minor modification related to logs
Added missing opera client header pattern and related variables
Russ Combs (rucombs) [Fri, 4 Nov 2016 19:39:53 +0000 (15:39 -0400)]
Merge pull request #697 in SNORT/snort3 from tcp_sm_fix to master
Squashed commit of the following:
commit
529f3a9783c2f504b3be340b00b8ed35161adc85
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Oct 12 16:56:13 2016 -0400
Tcp State Machine fixes
Russ Combs (rucombs) [Fri, 4 Nov 2016 15:10:43 +0000 (11:10 -0400)]
Merge pull request #695 in SNORT/snort3 from 218 to master
Squashed commit of the following:
commit
3b7c746f92338501ef2c88656b841d867e982a3d
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Nov 4 10:28:04 2016 -0400
build 218
Russ Combs (rucombs) [Fri, 4 Nov 2016 13:21:37 +0000 (09:21 -0400)]
Merge pull request #692 in SNORT/snort3 from statics to master
Squashed commit of the following:
commit
16bb37ec5884dce78e34640b69536e4e32d4a16b
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Nov 3 18:35:46 2016 -0400
fix dynamic build for recent appid / http_inspect / sip changes
commit
ba9d0ab0df042323ffb308b1a28088cc2acbfa50
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Nov 1 14:30:44 2016 -0400
ensure static appid and http_inspect and their rule options are loaded
Russ Combs (rucombs) [Thu, 3 Nov 2016 22:34:05 +0000 (18:34 -0400)]
Merge pull request #689 in SNORT/snort3 from perf-mon-breaks-counts to master
Squashed commit of the following:
commit
5b402fa8461b9ec22e43b618559797c2aa8a794d
Author: Victor Roemer <viroemer@cisco.com>
Date: Tue Oct 25 14:29:35 2016 -0400
Fix shutdown stats, break perf_mon interval stats
Russ Combs (rucombs) [Thu, 3 Nov 2016 15:52:54 +0000 (11:52 -0400)]
Merge pull request #683 in SNORT/snort3 from appid_sip to master
Squashed commit of the following:
commit
e3763a9177b370e6de5e00a315b22a40321048ec
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Nov 2 11:05:16 2016 -0400
Updated build dependency fix
commit
f9a3162c78f4472b29928f981d1c1cfc0d3ea4c6
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Oct 28 17:56:08 2016 -0400
fixed expect cache session data insertion
commit
e3c70ad588df032b1d0dc89bdcfc6090e88ffe58
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Oct 21 11:06:48 2016 -0400
Encapsulated dialog
commit
cc96d7f938375a78519543f4fc68d735f7cac9eb
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Oct 19 12:03:03 2016 -0400
Encapsulated sipMsg
commit
c79a09e1f82b3698c1808ecb51f84e648687c5d5
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Oct 14 14:58:13 2016 -0400
Implemented SipEventHandler
Hui Cao (huica) [Wed, 2 Nov 2016 15:43:14 +0000 (11:43 -0400)]
Merge pull request #690 in SNORT/snort3 from appid_optimize_loading_lua_detectors to master
Squashed commit of the following:
commit
4d37633587be6fa260a82741062e911ed9c219b2
Author: davis mcpherson <davmcphe.cisco.com>
Date: Tue Nov 1 17:14:36 2016 -0400
create standalone structs for client and server detector state information
commit
50f73fe4a2db39a857cce8720194399d9c5663a7
Author: davis mcpherson <davmcphe.cisco.com>
Date: Tue Nov 1 13:01:26 2016 -0400
restore lua api string names for functions that were unintentially changed during refactoring
commit
71f4f995442b8d99d1daf15c7b735801c89b7f2d
Author: davis mcpherson <davmcphe.cisco.com>
Date: Fri Oct 28 15:56:05 2016 -0400
lua detectors must be reloaded when there is a config reload. this patch adds support so the currently loaded lua detectors remain valid until the appid Inspector they belong to is deleted. The appid Inspector create for the new config will create its own instance of the LuaDetectorManager and load its set of lua detectors. some miscellaneous improvements to function prototypes and the procedure for loading the lua detectors are also in this commit
commit
b0581f1470eddad797f9a059ef07ba9bfeef3168
Author: davis mcpherson <davmcphe.cisco.com>
Date: Fri Oct 28 11:50:54 2016 -0400
rename functions to conform to coding style, move functions only referenced from 1 file static in the file that uses them
commit
481e0b4fd8ce53d45734f392b5f2db6c1203b15a
Author: davis mcpherson <davmcphe.cisco.com>
Date: Thu Oct 27 10:01:40 2016 -0400
load lua detectors with luaL_loadfile
Hui Cao (huica) [Fri, 28 Oct 2016 19:47:38 +0000 (15:47 -0400)]
Merge pull request #688 in SNORT/snort3 from appid_detector_server_packet_fix to master
Squashed commit of the following:
commit
984af329150fad81b371336891202176ef9543cb
Author: davis mcpherson <davis.mcpherson@gmail.com>
Date: Tue Oct 25 16:34:18 2016 -0400
modify 'client gets server packets' processing to clear this flag when a packet is seen by the service side validate function. if it sees one it will see them all so need need for client side to process server side packets in this case
Russ Combs [Fri, 28 Oct 2016 10:09:23 +0000 (06:09 -0400)]
build 217
Hui Cao (huica) [Thu, 27 Oct 2016 16:27:53 +0000 (12:27 -0400)]
Merge pull request #684 in SNORT/snort3 from appid_port2x_deltas to master
Squashed commit of the following:
commit
f0cfd6beb8a5fdc2a9f97e997eed31ee5eb8e08e
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Oct 26 16:26:38 2016 -0400
use 'free' to free hsession ptrs
commit
b7fa07525538c46fff16c2f3ba97bc9f6ffe8216
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Oct 26 14:29:28 2016 -0400
patch to support initializing appid http header ptrs and lengths via pub/sub interface with nhttp inspector
commit
a007538457b691e3644eecc389755b65a0d06de9
Author: davis mcpherson <davmcphe.cisco.com>
Date: Mon Oct 24 08:15:04 2016 -0400
move stmp detector tests for clients from client_plugins dir to detector_plugins dir
commit
1915d11be99da837f6703a7574d696f8753032d5
Author: davis mcpherson <davmcphe.cisco.com>
Date: Fri Oct 21 17:09:49 2016 -0400
port changes for lua detector chp http pattern management
commit
aaaa8490e52a7c5537a5034dce9ac23f7206d6f5
Author: davis mcpherson <davmcphe.cisco.com>
Date: Fri Oct 21 12:50:28 2016 -0400
port appid 2.x changes that converted smtp to detector model from separate client/service plugins
removed deprecated client/service source files for smtp detectors
commit
c76a8ec0d2911841b3f00801e038486ce3d06319
Author: davis mcpherson <davmcphe.cisco.com>
Date: Thu Oct 20 16:21:37 2016 -0400
port of appid deltas from 2.x to the third party module support code
commit
34886ef8ed672dfc43f7c4d4a72a1f8af007185b
Author: davis mcpherson <davmcphe.cisco.com>
Date: Thu Oct 20 12:06:42 2016 -0400
port 2.x changes to logic that syncs ids used by appid and snort for various protocols
commit
444e20cd2414b27ea1d0dd5a4283cb750b88e3c5
Author: davis mcpherson <davmcphe.cisco.com>
Date: Thu Oct 20 11:20:54 2016 -0400
port of appid changes since initial snapshot that are related to adding regex matching for http fields, application id updates, and changes to appid api methods
Russ Combs (rucombs) [Tue, 25 Oct 2016 20:49:47 +0000 (16:49 -0400)]
Merge pull request #686 in SNORT/snort3 from appid_config_errors to master
Squashed commit of the following:
commit
775bbff15e3e5ce8dc73d51c561d9d3f2b05356e
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Mon Oct 24 15:48:09 2016 -0400
Change missing mapping files to a ParseError.
Russ Combs (rucombs) [Tue, 25 Oct 2016 20:45:02 +0000 (16:45 -0400)]
Merge pull request #682 in SNORT/snort3 from appid_http3 to master
Squashed commit of the following:
commit
7a1b322bb866ec5d5eeb0b91e8419a1722d4028e
Author: Steve Chew <stechew@cisco.com>
Date: Wed Oct 19 12:21:28 2016 -0400
Added subscribe/publish communication between HTTP inspector and AppId.
Make http_inspect and appid always build statically for now to avoid
dependency problem.
Shawn Turner (shaturne) [Tue, 25 Oct 2016 19:09:39 +0000 (15:09 -0400)]
Merge pull request #687 in SNORT/snort3 from fix_129_4_fp to master
Squashed commit of the following:
commit
2e77716a5729b9cb060140fc871e582eb8ccc036
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Oct 24 13:19:39 2016 -0400
setup the trackers after the clearing of session due to expired session
Michael Altizer (mialtize) [Mon, 24 Oct 2016 20:00:28 +0000 (16:00 -0400)]
Merge pull request #685 in SNORT/snort3 from bugfix_block to master
Squashed commit of the following:
commit
b38a7ac35e05c658250f88e6341a99f0b5c2f511
Author: mdagon <mdagon@cisco.com>
Date: Thu Oct 20 16:21:52 2016 -0400
In case of blocked packet, delay clearing flow till the end of inspection
Russ Combs (rucombs) [Fri, 21 Oct 2016 13:03:56 +0000 (09:03 -0400)]
Merge pull request #680 in SNORT/snort3 from fix_129_16_fp to master
Squashed commit of the following:
commit
9f67e124c98a576e3920765abe9f721485f9e653
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Oct 12 16:56:13 2016 -0400
Fix bad fin false positive
Russ Combs [Fri, 21 Oct 2016 08:38:19 +0000 (04:38 -0400)]
build 216
Michael Altizer (mialtize) [Wed, 19 Oct 2016 13:47:05 +0000 (09:47 -0400)]
Merge pull request #679 in SNORT/snort3 from dce_udp_fragments to master
Squashed commit of the following:
commit
a4a4bcc9fbc0048aa05c5c7b304b3a7155f452da
Author: mdagon <mdagon@cisco.com>
Date: Wed Oct 12 09:57:54 2016 -0400
dce_udp fragments
Hui Cao (huica) [Wed, 19 Oct 2016 13:24:37 +0000 (09:24 -0400)]
Merge pull request #681 in SNORT/snort3 from appid_alert_fix to master
Squashed commit of the following:
commit
5c4902226c4c49c2f0c3939dad2ef3c04d742e2b
Author: shaslad <shaslad@cisco.com>
Date: Tue Oct 18 18:12:55 2016 -0400
Fix related to appid name with space and SSL position
Michael Altizer (mialtize) [Mon, 17 Oct 2016 17:46:28 +0000 (13:46 -0400)]
Merge pull request #678 in SNORT/snort3 from icc to master
Squashed commit of the following:
commit
ad8de2fe4d3121d81c923ec94a4b73c696c6cf59
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Oct 17 12:02:45 2016 -0400
build: Clean up some ICC warnings
Russ Combs (rucombs) [Mon, 17 Oct 2016 14:29:06 +0000 (10:29 -0400)]
Merge pull request #677 in SNORT/snort3 from tsan to master
Squashed commit of the following:
commit
41f296afebaf7a455a4affeae8459820aeb868aa
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Oct 16 19:08:16 2016 -0400
fix -Wmaybe-uninitialized issues
commit
83ad8eb66ddee47247452fb0c00cb9ab03dda8bd
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 14 06:08:51 2016 -0400
add build configuration for thread sanitizer
Russ Combs (rucombs) [Fri, 14 Oct 2016 17:31:44 +0000 (13:31 -0400)]
Merge pull request #676 in SNORT/snort3 from catch to master
Squashed commit of the following:
commit
c91b18f82800a36a2369528a5b5df019696da0cd
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 14 12:09:27 2016 -0400
fix trace catch test new[]/delete mismatch
commit
f6b4a07bf30bb1c93a3c301999d83232d9185582
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 14 11:55:13 2016 -0400
fix SFDAQModule catch test leaks
commit
e61d1f8f4e724ff7cc0bfe72184f56ee8859cb3b
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 14 10:15:11 2016 -0400
fix sfrf and sfthd catch test policy issues
commit
cf018e1603636903f9e6f53aad3e306905ade18c
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 14 09:36:47 2016 -0400
fix sfrf catch test leaks
commit
ea3c46be4719f291da1998e12863989531e2ceeb
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 14 09:15:59 2016 -0400
fix vars catch test leaks
commit
2d08ef2e1cddd1c549d4700a16ffbbcb32739d95
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 14 08:52:38 2016 -0400
fix ThreadConfig catch test leaks
commit
5ce152f0468a878fb2156c20cdb5cc18b7a8af18
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 14 08:44:07 2016 -0400
fix sfthd catch test leaks
commit
ecad5dcafe699c9379b92c97cc90c24fc7cfbd76
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 14 07:53:38 2016 -0400
fix ips_stream_reassemble catch test leaks
commit
e8d34f1a04318097f0704b1ba8102854666ca1f1
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 14 07:51:39 2016 -0400
fix file_decomp catch test leaks
Russ Combs [Fri, 14 Oct 2016 01:20:52 +0000 (21:20 -0400)]
build 215
Russ Combs (rucombs) [Fri, 14 Oct 2016 00:41:29 +0000 (20:41 -0400)]
Merge pull request #619 in SNORT/snort3 from standard_opt to master
Squashed commit of the following:
commit
48c221dffad83fe29c8426f4d8d3be21dc774de1
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Aug 30 13:58:04 2016 -0400
Added standard options to Module class. Added trace debugging. Implemented trace in stream ip
Russ Combs (rucombs) [Thu, 13 Oct 2016 20:01:01 +0000 (16:01 -0400)]
Merge pull request #668 in SNORT/snort3 from appid_triage_fixits to master
Squashed commit of the following:
commit
d52f891ae706f2ab5ea303a9b204e2589bfedb4c
Author: davis mcpherson <davmcphe.cisco.com>
Date: Tue Sep 27 16:26:08 2016 -0400
only log unknow appid if it is non-zero
fix snort2lua to output 'log_stats true' for appid 'app_stats_filename' option'
init static thread local variable for client app config
fix issues from code review comments, u_int8_t->uint8_t, type/var/field renames to conform to coding style
fix coding style naming issue
refactor function/var names to meet snort3 coding style
change smOrderList to be std::vector to eliminate calloc/realloc logic for dynamic array
convert chp match tally to use std::vector
convert app info tables to std::map container
improve implementation of lua detector manager, add custom lua detectors
fix threading issues with add snort protocol references
workaround for bogus ASAN mem leak detected
updates from PR review comments
test dir is old deprecated code for the most part, deleting to reduce appid cruft!
'session' has a specific meaning in snort3 so change vars named 'session' to 'asd' (appid session data)
update unit test to conform with change to assert if args parameter is null
restore correct snort_manual.html document
Russ Combs (rucombs) [Thu, 13 Oct 2016 19:13:23 +0000 (15:13 -0400)]
Merge pull request #675 in SNORT/snort3 from fp2 to master
Squashed commit of the following:
commit
07080ae448c2b753c2f4eaff4a5667677ab58cac
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Oct 11 14:25:26 2016 -0400
update snort2lua
commit
740f8a84e44b8b97ca9e81de015337351450d206
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Oct 10 20:33:53 2016 -0400
fix fp selection bug
commit
4a44c5b15948f3c5bdcd501392e15efbda3fc4ad
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Oct 10 19:08:27 2016 -0400
establish baseline unit tests
commit
510ab5e00a2a92f02635259eba942d118a91389d
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Oct 10 14:56:21 2016 -0400
replace broken nfp counts with warnings; prepare to update fp selection
commit
c208ae14acbc421c48b520d9fb58e4fe7881f109
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Oct 9 11:49:38 2016 -0400
change search_engine.debug_print_fast_pattern to show_fast_patterns and cleanup
commit
41355c5e489906752d2f128989cbe426575870f6
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Oct 8 21:21:57 2016 -0400
remove cruft and broken match counts
commit
151f310c2088a87c1f25b19858d289c1435da62f
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Oct 8 20:19:29 2016 -0400
refactor / clean up
Hui Cao (huica) [Wed, 12 Oct 2016 20:12:51 +0000 (16:12 -0400)]
Merge pull request #672 in SNORT/snort3 from smb2_reg to master
Squashed commit of the following:
commit
22586ce0622cef8b4d1cf292fd2ebec071e1bb18
Author: huica <huica@cisco.com>
Date: Tue Oct 11 14:27:32 2016 -0400
Fixed file hash prune issue
Hui Cao (huica) [Wed, 12 Oct 2016 17:29:53 +0000 (13:29 -0400)]
Merge pull request #674 in SNORT/snort3 from appid_stateVariable_fix to master
Squashed commit of the following:
commit
26d0620068bff59c165585dcc2fd387b74f1cfb8
Author: shaslad <shaslad@cisco.com>
Date: Wed Oct 12 11:05:00 2016 -0400
Adding fix for pattern and added app stat variable for few app
Russ Combs (rucombs) [Wed, 12 Oct 2016 17:28:29 +0000 (13:28 -0400)]
Merge pull request #673 in SNORT/snort3 from rate_filter to master
Squashed commit of the following:
commit
13dfca8d4b9d15ca5671150f181f3c603581524b
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Oct 12 09:21:27 2016 -0400
convert rate_filter as list of tables
commit
4a8b78d83e61811d308ed3b4d828876c18b8408b
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Oct 11 20:11:39 2016 -0400
fix rate_filter action config and apply_to clean up
Shawn Turner (shaturne) [Tue, 11 Oct 2016 20:33:29 +0000 (16:33 -0400)]
Merge pull request #670 in SNORT/snort3 from ftp_rest to master
Squashed commit of the following:
commit
e7fb9d66288afccd02342014e572987f8f9149a5
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Oct 10 12:56:47 2016 -0400
block malware over ftp for clients/servers that support REST command
Michael Altizer (mialtize) [Tue, 11 Oct 2016 16:43:23 +0000 (12:43 -0400)]
Merge pull request #664 in SNORT/snort3 from dce_udp_processing to master
Squashed commit of the following:
commit
83de4f6329512279a3c41924ce6260cf0e903c5a
Author: mdagon <mdagon@cisco.com>
Date: Tue Oct 11 08:30:04 2016 -0400
Code review comments
commit
945cab36b195269ff5eebd7f6ea9cbbd8de0d99b
Author: mdagon <mdagon@cisco.com>
Date: Fri Sep 30 15:42:39 2016 -0400
dce_udp packet processing
Russ Combs [Fri, 7 Oct 2016 22:02:53 +0000 (18:02 -0400)]
build 214
Russ Combs (rucombs) [Fri, 7 Oct 2016 21:54:35 +0000 (17:54 -0400)]
Merge pull request #667 in SNORT/snort3 from os-fixups to master
Squashed commit of the following:
commit
d7283265f940cf51d95d472fc674fbd8753027aa
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Oct 7 16:43:14 2016 -0400
cd_eth: Depend on LibSFBPF's DLT definitions
commit
4302574a641bd85ebbd96d70e3881ed94b566a34
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Oct 7 16:38:13 2016 -0400
extra: Make all codecs depend on LibSFBPF's DLT definitions
commit
f1b9c436deb19d441262c6f6cf25b02ab7d8df3f
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Oct 7 16:37:44 2016 -0400
extra: Kill off i4l_rawip decoder
This DLT doesn't actually exist anywhere and the decoder was a NOP.
commit
ec9dd64ebe5d69fd0f39fe3dbae27851610be372
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Oct 7 15:23:13 2016 -0400
build: OpenSolaris build fixes
Russ Combs (rucombs) [Fri, 7 Oct 2016 21:16:01 +0000 (17:16 -0400)]
Merge pull request #666 in SNORT/snort3 from doc_fix to master
Squashed commit of the following:
commit
11c831971210984a04e2b0721724b36f6d739f8b
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 7 15:34:09 2016 -0400
do not delete default manuals when cleaning in tree
Michael Altizer (mialtize) [Fri, 7 Oct 2016 18:33:18 +0000 (14:33 -0400)]
Merge pull request #665 in SNORT/snort3 from version to master
Squashed commit of the following:
commit
21e605f778e6716318853656f4d60ca2a45d2e7e
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Oct 4 19:39:32 2016 -0400
utils: Add LibDAQ version to snort -V output
commit
c5f46884c20d855c7d045a3d1025dc59124facc1
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Oct 5 15:50:35 2016 -0400
appid: (Re-)Fix printf format specifier warnings for peg counts
commit
17e27d89cdb4da7b88f176c1d7f3aee7430fb4b2
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Oct 4 19:22:49 2016 -0400
utils: Minimize utils.h includes and handle the fallout
Russ Combs (rucombs) [Fri, 7 Oct 2016 16:39:02 +0000 (12:39 -0400)]
Merge pull request #663 in SNORT/snort3 from crc_bugs to master
Squashed commit of the following:
commit
5f852b4ab82e2c8f2783e43afb49fcbaaca8e636
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 7 06:30:12 2016 -0400
add FIXIT-W, reserver -A for analyzer bugs
commit
df1419ec974d20dd8c8060535b0bae826115ece2
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 7 05:11:56 2016 -0400
fix analyzer race condition
commit
270b6ff812708d4f9074bb54d6c2f3fe668f9fd4
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Oct 5 09:06:06 2016 -0400
rename default_snort_manual.* to snort_manual.*
commit
8e608cc319a4a0f0a5056c3e860269d2ba5dbf9c
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Oct 2 22:00:26 2016 -0400
build docs only by explicit target
commit
2ee02bc1dea3e624ee96c33901ada15a2197946c
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 30 07:49:08 2016 -0400
update default manuals to build 213
commit
dc8e1220040396e16c4fdae3e16fb94fd11f1643
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date: Tue Oct 4 21:35:05 2016 -0400
fix stream_tcp left overlap on hpux, solaris
commit
25ebd0f84c9db3053fed8211ef37dcd1cfd64351
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Oct 1 21:43:29 2016 -0400
shrink size of segment nodes
commit
b33b15025ba15fce8816b1234dc88c6a21c7cf46
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Oct 1 21:09:50 2016 -0400
remove broken 129:5 events
commit
7b12b52ffe2ec5308e42413e8871abf3cdd04fef
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Oct 1 21:19:55 2016 -0400
remove obsolete debug code
commit
8c631644be2eed9aa2551d56f7162ad7db78feb1
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Oct 1 20:52:18 2016 -0400
do not include debug routine in production build
commit
70018fd5438c086c43cfd0e346b6fe2b253e67b2
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 30 07:39:12 2016 -0400
change sfvar_ip_in() to return bool
commit
88bf7ddf99b3cebb63aeb4d8a3d3ad6679dc526a
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 30 07:10:44 2016 -0400
tolerate more spaces in ip lists
commit
eafd38a934cbdcf0ddaa7c6668e72650507066c5
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 30 08:10:34 2016 -0400
add rev to rule latency logs
commit
cb32c1675732a1adb22c5b72cedb81905332b2f1
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 30 07:37:11 2016 -0400
change default latency actions to none
Russ Combs (rucombs) [Thu, 6 Oct 2016 22:29:13 +0000 (18:29 -0400)]
Merge pull request #662 in SNORT/snort3 from fixit_a to master
Squashed commit of the following:
commit
80dd0e30955432821d0f81f673951ee238b5c303
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date: Thu Oct 6 18:04:27 2016 -0400
add FIXIT-A for unresolved static analysis issues
Russ Combs (rucombs) [Thu, 6 Oct 2016 20:58:19 +0000 (16:58 -0400)]
Merge pull request #659 in SNORT/snort3 from dce_anal to master
Squashed commit of the following:
commit
381c2b9c9dd4ff87dd99c373e3fbc7d55a3f85f8
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Oct 6 15:11:39 2016 -0400
fix static analysis issues
Russ Combs (rucombs) [Thu, 6 Oct 2016 20:58:12 +0000 (16:58 -0400)]
Merge pull request #658 in SNORT/snort3 from sip_war to master
Squashed commit of the following:
commit
0fc3a2e2090c98bb59dc9b807ad67c1cb71d70ab
Author: huica <huica@cisco.com>
Date: Thu Oct 6 13:46:24 2016 -0400
Fix warnings from analysis
Russ Combs (rucombs) [Thu, 6 Oct 2016 20:57:40 +0000 (16:57 -0400)]
Merge pull request #660 in SNORT/snort3 from smb_fix to master
Squashed commit of the following:
commit
dc06d7b27c01eb1e9bcba68f57a8fe81059b121b
Author: mdagon <mdagon@cisco.com>
Date: Thu Oct 6 15:10:53 2016 -0400
dce_common.h analysis fix
Hui Cao (huica) [Wed, 5 Oct 2016 18:54:33 +0000 (14:54 -0400)]
Merge pull request #656 in SNORT/snort3 from file_work to master
Squashed commit of the following:
commit
6209eecf88de7423e8f3bb70a62b6d02c13d9b4e
Author: huica <huica@cisco.com>
Date: Tue Oct 4 16:56:44 2016 -0400
Update comments for http upload
Michael Altizer (mialtize) [Wed, 5 Oct 2016 15:51:43 +0000 (11:51 -0400)]
Merge pull request #655 in SNORT/snort3 from crc_broke to master
Squashed commit of the following:
commit
3e08a91b4236cd8ad7c4cae72110aac2269dbdfd
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Oct 5 10:15:39 2016 -0400
fix several static analysis issues
Russ Combs (rucombs) [Tue, 4 Oct 2016 21:48:24 +0000 (17:48 -0400)]
Merge pull request #654 in SNORT/snort3 from global_obfuscation_pii-fix to master
Squashed commit of the following:
commit
66c56b73c340a05cea0b32525357220c5159cbba
Author: Victor Roemer <viroemer@cisco.com>
Date: Tue Oct 4 15:37:48 2016 -0400
Fix explicit disable not working
Hui Cao (huica) [Tue, 4 Oct 2016 16:22:04 +0000 (12:22 -0400)]
Merge pull request #652 in SNORT/snort3 from file_mime to master
Squashed commit of the following:
commit
908af0c0d4393fdc06032f3abf9e8a38b9f61c80
Author: huica <huica@cisco.com>
Date: Fri Sep 30 15:09:11 2016 -0400
Support http file upload processing and process decode/detection depths
Michael Altizer (mialtize) [Mon, 3 Oct 2016 19:28:06 +0000 (15:28 -0400)]
Merge pull request #653 in SNORT/snort3 from ~MIALTIZE/snort3:ftp-data-fix to master
Squashed commit of the following:
commit
37521bfa269bcdb9d89cc08729ddd9f3714576a1
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Oct 3 15:22:33 2016 -0400
ftp_data: Gracefully handle cleared flow data
Michael Altizer (mialtize) [Mon, 3 Oct 2016 17:23:18 +0000 (13:23 -0400)]
Merge pull request #650 in SNORT/snort3 from ips_options_lua to master
Squashed commit of the following:
commit
889f544e06894eb2e91b4511482dd2f36d46a217
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Fri Sep 30 15:50:53 2016 -0400
Make a copy of the ips_option name to handle static and dynamic strings.
Change delete -> delete[].
Change delete[] -> snort_free().
Changed to have the LuaJitOption perform snort_strdup() and maintain a copy of the name string.
Fix a nit typo.
Shawn Turner (shaturne) [Mon, 3 Oct 2016 17:13:18 +0000 (13:13 -0400)]
Merge pull request #644 in SNORT/snort3 from sip_callid to master
Squashed commit of the following:
commit
d9e16c7bc50521a41d7f5df96f51b7323e5297e7
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Sep 28 12:43:02 2016 -0400
sip changes to avoid using NAT ip when calculating callid
Michael Altizer (mialtize) [Mon, 3 Oct 2016 15:03:21 +0000 (11:03 -0400)]
Merge pull request #651 in SNORT/snort3 from static_analysis_fixes to master
Squashed commit of the following:
commit
3add74c4db289a86987f766f2d3e25a14607c64a
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Mon Oct 3 10:53:39 2016 -0400
Add FIXIT-A to style guide to indicate a static analysis issue.
commit
69b060b5b54f6b32601bc02ddd65e3d2d94db785
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Mon Oct 3 09:16:08 2016 -0400
Added FIXIT-A for two clang static analysis False Positive findings.
Hui Cao (huica) [Mon, 3 Oct 2016 14:05:46 +0000 (10:05 -0400)]
Merge pull request #642 in SNORT/snort3 from appid_log_file_bug to master
Squashed commit of the following:
commit
d75835a1383c4d93e68a8f32d135b693dbfe3d9a
Author: davis mcpherson <davmcphe.cisco.com>
Date: Tue Sep 27 16:26:08 2016 -0400
only log unknow appid if it is non-zero
fix snort2lua to output 'log_stats true' for appid 'app_stats_filename' option'
init static thread local variable for client app config
fix issues from code review comments, u_int8_t->uint8_t, type/var/field renames to conform to coding style
fix coding style naming issue
Michael Altizer (mialtize) [Fri, 30 Sep 2016 18:32:18 +0000 (14:32 -0400)]
Merge pull request #649 in SNORT/snort3 from dce_includes to master
Squashed commit of the following:
commit
5bf0a396155c01562d168fad34b7cff4f54e76f8
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 30 14:01:39 2016 -0400
dce_rpc: Clean up header inclusions
Michael Altizer (mialtize) [Fri, 30 Sep 2016 16:14:22 +0000 (12:14 -0400)]
Merge pull request #627 in SNORT/snort3 from ~MIALTIZE/snort3:expected_flows to master
Squashed commit of the following:
commit
91133a83eca85bc05e403bce6973af2099e5159e
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 16:36:45 2016 -0400
file_mempool: Fix initializing total pool size
commit
61ae01ad22a6a4f4093c749304023b5a25045633
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 13:40:23 2016 -0400
expected: Push expected flow information through the DAQ module
commit
08aa5f9a79a724a61274854fcc37f05a0fc3d1da
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:22:04 2016 -0400
sfdaq: Add SFDAQInstance::add_expected() call
commit
218769cb579189f0600b53c7c6abde063d34627f
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 13:34:57 2016 -0400
expected: Expected cache revamp and related bugfixes
- Change expected cache to use FlowKeys instead of ExpectKeys
- Support expected flows where the full N-tuple is known
- Fix SIP (ignored) expected flow creation logic
- Fix AppID expected flow creation regarding IP proto/PktType
- Add FTP data channel expected flow with type TCP rather than PDU
- Many expected cache bugfixes
commit
686ff5e39c79b81472c794a18548e77146638348
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:34:51 2016 -0400
ftp_data: Add expected data consumption to set service name and fix bugs
- Set the parent flow key type from the flow rather than the packet when
creating FTP-DATA flow data.
- Correctly retrieve FTP-DATA flow data instead of FTP flow data when
inspecting with FTP-DATA.
commit
2931ce2677e0a4c20454430f361d92f65c99a2f5
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:31:31 2016 -0400
stream: Fix NPD in get_flow_data() when flow doesn't exist
commit
b06e59efa081db48229bc098f89f1b906b993fd4
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:27:15 2016 -0400
flow_key: Add address/port reversal reporting to init()
commit
994b52c89ffedd64ee69395707227589c913be1b
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:25:08 2016 -0400
zhash: Add new node insertion reporting to get()
commit
60af08a53b8711d72aebbd8fc14690bbc493ddc5
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:23:34 2016 -0400
ftp: Fix marking file get commands
commit
90aaa06a5f47b28e8c4d48c522944c0204c6ac9e
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:19:33 2016 -0400
build: Remove lingering LibDAQ #ifdefs
commit
9c6f5d9e74d0a7a7deeb5dd702298c43b05ae2fd
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:16:48 2016 -0400
defaults: Update FTP default config based on Snort2's hardcoded one
Michael Altizer (mialtize) [Fri, 30 Sep 2016 16:13:18 +0000 (12:13 -0400)]
Merge pull request #648 in SNORT/snort3 from nhttp56 to master
Squashed commit of the following:
commit
7119b31cd1d0f3e8623d63d605ce12d3c37888b5
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Sep 29 11:54:58 2016 -0400
NHI event 119/66 fix
Hui Cao (huica) [Thu, 29 Sep 2016 20:29:57 +0000 (16:29 -0400)]
Merge pull request #647 in SNORT/snort3 from obfuscation_updates to master
Squashed commit of the following:
commit
95db4800e1963f5f20d7a7493e850070561379f4
Author: Victor Roemer <viroemer@cisco.com>
Date: Thu Sep 29 12:06:23 2016 -0400
Fix mysteriously disabling obfuscation and offset.
Michael Altizer (mialtize) [Thu, 29 Sep 2016 18:31:53 +0000 (14:31 -0400)]
Merge pull request #643 in SNORT/snort3 from dce_udp_autodetect to master
Squashed commit of the following:
commit
75280120e229d16a4137908587d900b34ff14c15
Author: mdagon <mdagon@cisco.com>
Date: Thu Sep 29 13:17:45 2016 -0400
Code review
commit
378da827dc3aa45f2367b47b61fd9f176370d260
Author: mdagon <mdagon@cisco.com>
Date: Tue Sep 27 15:25:47 2016 -0400
dce_udp autodetect and session creation
Michael Altizer (mialtize) [Thu, 29 Sep 2016 18:26:43 +0000 (14:26 -0400)]
Merge pull request #646 in SNORT/snort3 from static_analysis_fixes to master
Squashed commit of the following:
commit
9828dcff1ed69362b71da63b25a3adff33287452
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Sep 29 08:08:47 2016 -0400
Two assert()'s to overcome static analysis errors.
projects / thirdparty / snort3.git / log
