git.ipfire.org Git - thirdparty/snort3.git/log

Merge pull request #2318 in SNORT/snort3 from ~SMINUT/snort3:fingerprint_load to master

Squashed commit of the following:

commit b2822997b40623fc7fda065edabca1e3752d2629
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Jul 7 13:07:20 2020 -0400

rna: fingerprint reader class and lookup table for tcp fingerprints

Merge pull request #2349 in SNORT/snort3 from ~BBANTWAL/snort3:no_warn to master

Squashed commit of the following:

commit ae9359ed4b14970d1015aee7d7bb181d312ed9da
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Sun Jul 26 14:10:29 2020 -0400

main: rename the config options to ignore flowbits and rules warnings

Merge pull request #2346 in SNORT/snort3 from ~THOPETER/snort3:nhttp143 to master

Squashed commit of the following:

commit 9fce119f40acb34d7bc5cfcf4ed69f62d5af0811
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Jul 22 13:39:36 2020 -0400

http_inspect: do partial inspections incrementally

Merge pull request #2348 in SNORT/snort3 from ~THOPETER/snort3:nhttp144 to master

Squashed commit of the following:

commit 589b55a368214f4286f435e8d9d92ce2889624f4
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jul 24 17:59:43 2020 -0400

http_inspect: reduce memory used by partial inspections

Merge pull request #2298 in SNORT/snort3 from ~DAVMCPHE/snort3:host_attribute_thread_safe to master

Squashed commit of the following:

commit 2806b18847f7ee0bf13cad7f4f4edbfc83b8b464
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Fri Jul 24 15:42:46 2020 -0400

    stream_tcp: only perform paws validation on real packets, skip this on meta-ack packets

commit 743e235cec999c7fe1fd2017f114bcc1f0ebafa2
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Fri Jul 24 12:44:35 2020 -0400

    target_based: streamline host attribute table activate and swap logic on startup and reload

commit 9fdfb1f8849320ec875a6e17976f0e4578784b0c
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Fri Jun 26 14:39:01 2020 -0400

    target_based: refactor host attribute to use the LruCacheShared data store class to support thread safe access

    target_based: add mutex lock to ensure host service accesses are thread safe

    target_based: move host attribute peg counts from the process pegs to stats specific to host attribute operations"

Merge pull request #2333 in SNORT/snort3 from ~DERAMADA/snort3:init_unpriv_during_startup to master

Squashed commit of the following:

commit 9dff164defbc45e84ddd61715252d0a8562e0442
Author: deramada <deramada@cisco.com>
Date:   Wed Jul 15 14:49:21 2020 -0400

    active: Move Active enabled flag into SnortConfig

    This fixes potential race conditions between reloads in the main thread
    changing the Active state while packet threads are directly accessing
    it.

Merge pull request #2338 in SNORT/snort3 from ~RUCOMBS/snort3:doc_ock to master

Squashed commit of the following:

commit 69605eb5c65c077d388eb23ed7367e7fc0932b32
Author: russ <rucombs@cisco.com>
Date:   Thu Jul 23 11:29:16 2020 -0400

    doc: update default text manuals

commit e557a646ff67c6622ffe5bd92ba125eaeb3eb898
Author: russ <rucombs@cisco.com>
Date:   Tue Jul 14 11:53:58 2020 -0400

    doc: split Snort manual into separate user, reference, and upgrade docs.

commit 061e8c053cf9bb9a7255a0b6fe826bfe986b93eb
Author: russ <rucombs@cisco.com>
Date:   Tue Jul 14 09:45:41 2020 -0400

    style: fix cmake indentation

Merge pull request #2327 in SNORT/snort3 from ~SHIKV/snort3:ftp_tsan to master

Squashed commit of the following:

commit 6c71d9e82e24a98daeae47a7b66767b0e83176f0
Author: shibin kv <shikv@cisco.com>
Date: Mon Jul 13 04:01:32 2020 -0400

ftp: remove global config variable shared between multiple threads to prevent data race

Merge pull request #2341 in SNORT/snort3 from ~KATHARVE/snort3:h2_hi_stream_direction to master

Squashed commit of the following:

commit 3a8b5d6029da8da7a25c3f2c63d7546f52e0b3d3
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jul 21 10:59:04 2020 -0400

http2_inspect: fix stream_in_hi

Merge pull request #2342 in SNORT/snort3 from ~THOPETER/snort3:nhttp142 to master

Squashed commit of the following:

commit de715737345a12998a108bfcbb6f409abe44fb41
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jul 17 13:08:04 2020 -0400

http_inspect & decompress: clean up

Merge pull request #2325 in SNORT/snort3 from ~MIALTIZE/snort3:wizardry2 to master

Squashed commit of the following:

commit 5b1527473e3a55457a3a091e1a5e718abd9a584b
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Jul 16 17:07:22 2020 -0400

    wizard: Improve wizard tracing to indicate direction and abandonment

commit c2cba2ec1205251803b3e501e59113e6a92737eb
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Jul 9 18:12:48 2020 -0400

    wizard: Add peg counts for abandoned searches per protocol

commit 558df5a45cfbfee4b783d84973f77a9d95dfb710
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Jul 9 18:05:20 2020 -0400

    wizard: Abort the splitter once we've hit the max PDU size

commit 04dbc4e5c9949316c70f4faf26b1c37e10da312b
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Jul 7 18:19:18 2020 -0400

    dce_rpc: Improve PAF autodetection for heavily segmented TCP traffic

commit 76b0e4f6c5faf77fa28ed45472d1ca9476e37a99
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Jul 7 12:25:51 2020 -0400

    snort_defaults: Remove the NOTIFY, SUBSCRIBE, and UPDATE HTTP methods

    These methods overlap with SIP methods, where they are much more
    commonly found.  Until there is a priority/fallback mechanism for the
    Wizard, these patterns will be retired from the HTTP spell.

commit f5561a1697ec6ac38981e0af094bb225b70910ca
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jul 6 18:33:27 2020 -0400

    wizard: Abandon the wizard on UDP flows after the first packet

commit 7f65256f9b6a7470ebf5737273e360fe6a1491c6
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Nov 5 17:27:10 2019 -0500

    wizard: Report spell and hex configuration errors and warnings

commit 1b08923942d23744a6291cce0d39b4f24c12edbb
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Nov 5 12:58:07 2019 -0500

    wizard: Properly terminate hex matching

Merge pull request #2296 in SNORT/snort3 from ~SHRARANG/snort3:appid_stash3 to master

Squashed commit of the following:

commit cea2b438cc8c294199adb26c56d14e005ff16c80
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Jun 23 23:54:14 2020 -0400

appid: move appid data needed by external components to stash

Merge pull request #2335 in SNORT/snort3 from ~THOPETER/snort3:nhttp141 to master

Squashed commit of the following:

commit c5c50405c5bab73b15c5fe10c20185cf7d34e71c
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jul 14 17:14:59 2020 -0400

http2_inpsect: fix interaction with tool tcpclose

Merge pull request #2336 in SNORT/snort3 from ~VKAMBALA/snort3:vkambala to master

Squashed commit of the following:

commit edbad44b43c4aadc44075ec8327357a5e97fd511
Author: krishnakanth <vkambala@cisco.com>
Date: Fri Jul 17 01:17:13 2020 -0400

file_api : Log event generated when lookup timedout

Merge pull request #2337 in SNORT/snort3 from ~DAVMCPHE/snort3:meta-ack-bugfix to master

Squashed commit of the following:

commit facdc89e9bc8937a7cd33d4063dc0a9a50fbdf58
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Jul 15 16:20:24 2020 -0400

stream_tcp: when clearing a session during meta-ack processing pass a nullptr as the Packet* parameter

Merge pull request #2328 in SNORT/snort3 from ~KAMURTHI/snort3:http_url_matching to master

Squashed commit of the following:

commit 891166234fa3e831efbad4cdfc3cff4ea7210cf7
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Thu Jul 9 16:12:37 2020 -0400

appid: For http traffic, if payload cannot be detected, set it to unknown.

Merge pull request #2274 in SNORT/snort3 from ~PRBHALER/snort3:xff to master

Squashed commit of the following:

commit 9c8ca841e2f622eb74e04eef40fbf0d80d864cdd
Author: Pranav Bhalerao <prbhaler@cisco.com>
Date: Fri Jul 10 13:10:58 2020 -0400

pub_sub: Added a method in HttpEvent to retrieve true client-ip address from HTTP header based on priority.

Merge pull request #2311 in SNORT/snort3 from ~OSERHIIE/snort3:trace_logger_inspector_plugin to master

Squashed commit of the following:

commit 1e5c3cb1704f6119c84b4eb38a7a9b903c99d13f
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date:   Wed Jul 8 23:17:54 2020 +0300

    doc: update extending.txt about TraceLogger plugin

commit 6d22ce349ddb432eef50c32b7d5d0844346a3ac9
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date:   Fri Jul 3 11:07:16 2020 +0300

    trace: add support for extending TraceLogger as a passive inspector plugin

    Changelist:

        * extend installed headers list for 'trace'
        * rename trace log files
        * extend TraceApi to handle external plugins
        * update dev_notes.txt and docs (Snort 3 Manual)

Merge pull request #2331 in SNORT/snort3 from ~MSTEPANE/snort3:3_0_2_build_2 to master

Squashed commit of the following:

commit a5a8831003f9a69391a06e4488e9314adc96e140
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jul 15 08:27:56 2020 -0400

build: generate and tag 3.0.2 build 2

Merge pull request #2321 in SNORT/snort3 from ~BBANTWAL/snort3:warn_all_without_rules_n_flowbits to master

Squashed commit of the following:

commit 1666ad7ae813a3891e8e61d002a6cb115156f8f7
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Thu Jul 9 00:06:51 2020 -0400

    main: add config options --ignore-warn-rules and --ignore-warn-flowbits to snort module

    --ignore-warn-rules ignores the warnings generated by rule parsing.
    --ignore-warn-flowbits ignores the warnings generted by flowbits parsing.

Merge pull request #2324 in SNORT/snort3 from ~SBAIGAL/snort3:smtp_abandon to master

Squashed commit of the following:

commit 9a6d342757678b9b98ebd106d13efdbe26fc1d90
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Jul 9 16:02:57 2020 -0400

smtp: generate SSL_SEARCH_ABANDONED event when no STARTTLS is detected

Merge pull request #2330 in SNORT/snort3 from ~MIALTIZE/snort3:daq_stats to master

Squashed commit of the following:

commit 223dac7b6444af6d362da37fe55b5de73f256677
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Jul 14 11:04:41 2020 -0400

daq: Fix calculation of outstanding packets stat to properly use the delta

Merge pull request #2320 in SNORT/snort3 from ~SATHIRKA/snort3:odp_thread_ctxt to master

Squashed commit of the following:

commit 17540080173becf49b1eb09b603c35f3eff6b2b3
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Jul 7 15:19:09 2020 -0400

appid: Moving thread local ODP stuff to a new class

Merge pull request #2322 in SNORT/snort3 from ~EBURMAI/snort3:dce_smb_paf_crash to master

Squashed commit of the following:

commit 134e069a70a3fbf6d35bb5ea669296df1f9cfeaf
Author: Eduard Burmai <eburmai@cisco.com>
Date: Wed Jul 8 16:38:02 2020 -0400

dce_smb_paf: SMB ID invalid memory access

Merge pull request #2326 in SNORT/snort3 from ~MIALTIZE/snort3:clang10 to master

Squashed commit of the following:

commit fe095538b0db54f13f12c7f1e75b84e950aa0972
Author: Michael Altizer <mialtize@cisco.com>
Date: Sat Jul 11 15:57:21 2020 -0400

build: Fix static analyzer complaints about unused stored values

Merge pull request #2202 in SNORT/snort3 from ~BJANDHYA/snort3:feature/smb2 to master

Squashed commit of the following:

commit cbba5e98aa31048ffbfac913d9cde0a0e7bb7238
Author: Bhargava Jandhyala <bjandhya@cisco.com>
Date:   Tue Jan 21 04:07:25 2020 -0500

    smb: adding support for multiple smbv2 session for same tcp connection

    1. introduced new structures to process multiple smbv2 sessions parallely.
    2. SMB Session Data (SSD): The session data corresponds to a single TCP session and it holds all the flow related information. This differenciats the SMB version and segegates the processing. There can be multiple SMB sessions in a single TCP connection, hence this holds a list of session trackers.
    3. Session Tracker : Session tracker uniqly tracks a single SMB session. This is identified by the uniq session_id and this holds the mount points named as Tree Trackers
    4. smbv2 session will be stored in global LRU cache as well as in locally in SSD with session id.
    5. Tree Tracker : Tree tracker accounts the mount points in a share and this holds the file trackers for individual file transfers
    6. File Tracker : file tracker is responsible for identifying a file transfer and track it from start to end. This manages all the information related to file in transit.
    6. Request trackers: Request trackers are needed to track the activity of various requests. There are 2 types of request being tracked by trackers named the create request trackers and read request trackers
    7. Storage abstraction: A storage abstraction is used to store all of the trackers. Currently the underlying storage is unordered map, but can be modified as needed.

Merge pull request #2323 in SNORT/snort3 from ~DAVMCPHE/snort3:meta-ack-updates to master

Squashed commit of the following:

commit 8ad3cebdc0baf46bb81eecbdf6eddbc71f08fa1b
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Wed Jul 8 11:49:29 2020 -0400

    stream_tcp: meta-ack from daq is in network order not host, remove conversion from host to network

    stream_tcp: process meta-ack info in any flush policy mode

Merge pull request #2309 in SNORT/snort3 from ~EBURMAI/snort3:invalid_epm_message to master

Squashed commit of the following:

commit 0ed6890e24b83651193587314b017c73fb468fec
Author: Eduard Burmai <eburmai@cisco.com>
Date: Tue Jun 30 08:32:55 2020 -0400

dce_tcp: Invalid endpoint mapper message

Merge pull request #2307 in SNORT/snort3 from ~KATHARVE/snort3:http_type_depth_fix to master

Squashed commit of the following:

commit 4cb98445cca7c049e14717c36b3929474c1548f3
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Jun 24 10:23:26 2020 -0400

http_inspect: send MIME full message body for file processing

Merge pull request #2319 in SNORT/snort3 from ~OSHUMEIK/snort3:clean_up to master

Squashed commit of the following:

commit 2eb1f7e3a2c2ea700c335eddd1f007df9a1e60c3
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jul 2 15:32:21 2020 +0300

binder: delete obsolete network_policy parsing code

Merge pull request #2289 in SNORT/snort3 from ~SBAIGAL/snort3:smtps to master

Squashed commit of the following:

commit 31d2d5ff7283c3ca3b64796746bee57cfba75876
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed Jun 10 14:14:56 2020 -0400

smtp: support opportunistic SSL/TLS switch over

Merge pull request #2275 in SNORT/snort3 from ~DAVMCPHE/snort3:meta-ack to master

Squashed commit of the following:

commit 96d510b820a6d46d0a6dd43de25677bc1c961d78
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Fri Jun 19 10:28:38 2020 -0400

    stream_tcp: eliminate direct references to the Packet* wherevever possible within the TCP state machine context

    stream_tcp: implement meta-ack pseudo packet as thread local that is resued on each meta-ack TSD

commit 59e6da4498451438544c50482c3a417520658841
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Thu Jun 18 07:58:58 2020 -0400

    stream_tcp: eliminate use of STREAM_INSERT_OK as return code, it conveyed no useful information and was ultimately unused

    stream_tcp: coding style improvements

commit 530dde13e8ea95613dc3f1bef471a7b58c9860f0
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Fri Jun 12 18:49:37 2020 -0400

    stream_tcp: implement support for processing meta-ack information when present

Merge pull request #2314 in SNORT/snort3 from ~KATHARVE/snort3:http_mime to master

Squashed commit of the following:

commit 0db5c997317984094889e7202890c4d9ab26f89f
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 30 15:53:48 2020 -0400

mime: mime no longer overwrites file_data buffer for http packets

Merge pull request #2278 in SNORT/snort3 from ~SELYSENK/snort3:daq_trace_filtering to master

Squashed commit of the following:

commit 4d5212770eeb623de52709d2e915e7a17d0d4aff
Author: Serhii Lysenko <selysenk@cisco.com>
Date:   Wed Jun 17 07:35:46 2020 -0400

    trace: add support for DAQ trace filtering

    Skip constraints check and print trace messages when DAQ sets
    DAQ_PKT_FLAG_DEBUG_ENABLED flag on a packet.

    trace.constraints.match can be set to false to ignore traces for packets
    without DAQ_PKT_FLAG_DEBUG_ENABLED flag.

Merge pull request #2312 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_2_build_1 to master

Squashed commit of the following:

commit b27307246e7cc6bdca8efef0f8112116c836bc3a
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jul 6 10:01:15 2020 -0400

build: generate and tag 3.0.2 build 1

Merge pull request #2297 in SNORT/snort3 from ~OKHOMIAK/snort3:trace_print_instance_id to master

Squashed commit of the following:

commit 83da91a0bf7dcc47eb2bcdde87860a240229f78b
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date:   Tue Jun 30 18:43:12 2020 +0300

    main: set thread type for main thread

commit 00065f327ea2f5555fedc514f7ab2434e7e3086c
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date:   Thu Jun 18 14:00:25 2020 +0300

    trace: add thread type and thread instance id to each log message for stdout logger

Merge pull request #2310 in SNORT/snort3 from ~MIALTIZE/snort3:service_state_ut to master

Squashed commit of the following:

commit 476c846954b981c4d700f658f358e67f2e662c70
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Jul 2 10:33:42 2020 -0400

appid: Fix the format of the IPv6 strings in the Service State unit tests

Merge pull request #2304 in SNORT/snort3 from ~ABHPAL/snort3:bugfix/CSCvu12864 to master

Squashed commit of the following:

commit 43bb164724cbf6d8b9774e14a5455a7126ce90ed
Author: Abhijit Pal <abhpal@cisco.com>
Date: Tue Jun 30 07:47:16 2020 -0400

Wizard: Adding FTP pattern to recognize FileZilla FTP Server so that FTP server inspector is attached to the flow (CSCvu12864)

Merge pull request #2308 in SNORT/snort3 from ~MIALTIZE/snort3:32bit_ut to master

Squashed commit of the following:

commit 6a0563a5523807e0f4cf3d7717aa0fc548f5fb14
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Jun 30 18:27:57 2020 -0400

build: Fix unit tests to build and work properly on a 32-bit system

Merge pull request #2284 in SNORT/snort3 from ~BBANTWAL/snort3:print_whitelist to master

Squashed commit of the following:

commit f573e9cb7de962831d8269ce665303027c3bc78b
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Jun 23 23:56:48 2020 -0400

managers: format lua whitelist output and ignore internal whitelist keywords

Merge pull request #2293 in SNORT/snort3 from ~SMINUT/snort3:rna_build to master

Squashed commit of the following:

commit 97cdecaa0c4008dbebc381810f494d627b617a9e
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Jun 26 18:01:48 2020 -0400

rna: remove custom_fingerprint_dir from configuration

Merge pull request #2302 in SNORT/snort3 from ~RUCOMBS/snort3:disable to master

Squashed commit of the following:

commit 7727770ef9e075cb537853274ee559995b2213ad
Author: russ <rucombs@cisco.com>
Date:   Mon Jun 29 18:09:55 2020 -0400

    inspectors: add a virtual disable method for controls

    In some cases, a complex configuration may include unnecessary control
    inspectors.  The disable method allows them to tell the framework to not
    call them at runtime.  This does not apply to non-control inspectors.
    The best approach is not configure unnecessary inspection in the first
    place.

Merge pull request #2299 in SNORT/snort3 from ~SATHIRKA/snort3:odp_reload_lua_state to master

Squashed commit of the following:

commit 76b2a723f149befdceb0897d84a353d4db3491b4
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Jun 26 12:21:04 2020 -0400

appid: Create lua states and lua detectors in control thread

Merge pull request #2294 in SNORT/snort3 from ~MASHASAN/snort3:ft_icmp_test to master

Squashed commit of the following:

commit 6c3206696220bec935f7e1beb6699dcc5b14bd3d
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Jun 25 22:53:59 2020 -0400

stream_ip: Avoid modifying the original fragmented packet during rebuild

Merge pull request #2300 in SNORT/snort3 from ~MIALTIZE/snort3:32bit to master

Squashed commit of the following:

commit 892e1b978f4e4f73e8fa30d1279ea09b7db2fe32
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jun 29 18:17:40 2020 -0400

    http2_inspect: Make print_flow_issues() regtest-only

commit 63fce83f2b8689c0eb81053c643a5af9123f94a0
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jun 29 18:09:40 2020 -0400

    build: Eradicate u_int usage

    As a bonus, this fixes the Alpine Linux build.

commit 7a1733662671c9e178d7f00e9ce1252df5e8a56a
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jun 29 11:35:41 2020 -0400

    build: Miscellaneous 32-bit build fixes

Merge pull request #2290 in SNORT/snort3 from ~MDAGON/snort3:packet_inj to master

Squashed commit of the following:

commit b400fbede446c8e1e817f83763128e38fcd3ddad
Author: mdagon <mdagon@cisco.com>
Date: Wed May 27 14:48:03 2020 -0400

payload_injector: add payload injection utility

Merge pull request #2276 in SNORT/snort3 from ~EBURMAI/snort3:appid_coverity_issues to master

Squashed commit of the following:

commit 6de1af255f905a5d9ebd9789d6b161368593c16e
Author: Eduard Burmai <eburmai@cisco.com>
Date: Thu Jun 18 06:28:35 2020 -0400

appid: Appid coverity issues

Merge pull request #2292 in SNORT/snort3 from ~AGIURGIU/snort3:dce_segfault to master

Squashed commit of the following:

commit 6e188b18c9f4f5fc53a768437737321478b9277a
Author: agiurgiu <agiurgiu@cisco.com>
Date: Fri Jun 26 17:50:07 2020 +0300

dce_tcp: parse only endpoint mapper messages

Merge pull request #2286 in SNORT/snort3 from ~SELYSENK/snort3:lightspd_conf to master

Squashed commit of the following:

commit ead1d556cd197942ebb231975522bdd657bcc4c3
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Wed Jun 24 09:53:13 2020 -0400

stream_ip: use lowercase fragmentation policy names for verbose output

Merge pull request #2287 in SNORT/snort3 from ~RDEMPSTE/snort3:global_dbus to master

Squashed commit of the following:

commit d593b95de75610cdabac982bd92891394e4fbfbf
Author: rdempste <rdempste@cisco.com>
Date: Wed Jun 24 16:12:21 2020 -0400

framework: fix global data bus cloning during reload module and policy

Merge pull request #2295 in SNORT/snort3 from ~MIALTIZE/snort3:cppcheck to master

Squashed commit of the following:

commit b0a6542cf89eb02f16c71c8447332c0437249896
Author: Michael Altizer <mialtize@cisco.com>
Date: Sat Jun 27 12:15:19 2020 -0400

build: Fix various cppcheck warnings about constness

Merge pull request #2282 in SNORT/snort3 from ~SATHIRKA/snort3:navl_reload_memleak to master

Squashed commit of the following:

commit 18178095f98e17af698d84080a37915241b6a71f
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Mon Jun 15 13:48:15 2020 -0400

appid: Delete stale third-party connections when reloading third-party on midstream

Merge pull request #2285 in SNORT/snort3 from ~RUCOMBS/snort3:file_sigz to master

Squashed commit of the following:

commit 781017247a58252a56bb4a89846fa996d1448f50
Author: russ <rucombs@cisco.com>
Date: Wed Jun 24 08:15:17 2020 -0400

tweaks: enable file signature for sec and max until depth issue resolved

Merge pull request #2254 in SNORT/snort3 from ~SMINUT/snort3:thread_pinning to master

Squashed commit of the following:

commit 19737811dc07397ac6d61328ac5d1b60b7df7ff6
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Jun 9 23:30:57 2020 -0400

main: configure and set main thread affinity

Merge pull request #2162 in SNORT/snort3 from ~MIALTIZE/snort3:signals to master

Squashed commit of the following:

commit 6a67fa549c3f42cd084d0e99a3d4326b3e89b7eb
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Jun 17 17:57:21 2020 -0400

    cmake: Properly handle SIGNAL_SNORT_* options in configure_cmake.sh

commit 829d1dff292f417db11aee43615be745f7949eb6
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue May 26 17:43:27 2020 -0400

    helpers: Add support for dumping a backtrace via libunwind on fatal signals

    Support for this requires the libunwind development headers and library
    available at build time.  The dependency is optional.

commit 26b3d8171a7566141b32b411695e55e6a6ab4307
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue May 26 17:46:27 2020 -0400

    helpers: Dump additional information to stderr when a fatal signal is received

    This information includes which signal was received, the Snort version,
    and the current DAQ message information (if the signal was received
    while processing a message in a packet thread).

commit 8acc840fb0185b17957dcaea35ef43346a9502fd
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue May 26 17:46:13 2020 -0400

    helpers: Add a signal-safe formatted printing utility class

commit f2fee6377a6325a640e4ea0a858a78edb8e7a6c5
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Apr 13 10:23:26 2020 -0400

    oops_handler: Operate on DAQ message instead of Snort Packets

commit ff7961a1b5e2315401dbe0be7741346aa1ceb37b
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Mar 3 10:21:04 2020 -0500

    helpers: Revamp signal handler installation and removal

    Importantly, back up the previous signal handlers for fatal signals so
    that we can attempt to reinstall and call them on the way out.  This
    cleans up the interaction with libasan's SIGSEGV handler, for example.

commit ed6bccf52f0bb7da4b9676af5fec4a0452e6734e
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Mar 16 11:41:34 2020 -0400

    build: Use sanity check results (HAVE_*) for optional packages in CMake

Merge pull request #2279 in SNORT/snort3 from ~KATHARVE/snort3:checksum_tests to master

Squashed commit of the following:

commit aa5f26c07561becdaf490d0a645ed664508b72b3
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Jun 22 23:52:43 2020 -0400

detection: remove checksum drop fixit

Merge pull request #2273 in SNORT/snort3 from ~SHRARANG/snort3:appid_stash2 to master

Squashed commit of the following:

commit 064cd95e5122e00b0215f3f9b9c2e39d04d416cf
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Jun 17 23:39:11 2020 -0400

appid: include appid session api in appid event

Merge pull request #2271 in SNORT/snort3 from ~MASHASAN/snort3:reload_fp to master

Squashed commit of the following:

commit 7d07a6fe3f117abe2a208e3b700a55c8bb46e74e
Author: Masud Hasan <mashasan@cisco.com>
Date: Wed Jun 17 12:31:53 2020 -0400

rna: Adding initial support for reload_fingerprint command

Merge pull request #2250 in SNORT/snort3 from ~RUCOMBS/snort3:aimless to master

Squashed commit of the following:

commit a88d8e5e36e9c9bdb18261b3fb9994f018d8b76e
Author: russ <rucombs@cisco.com>
Date:   Thu Jun 18 12:50:04 2020 -0400

    max_detect: detained inspection disabled pending further work

commit e0a6c905a965853d6739177c528d2c3cfd317ff2
Author: russ <rucombs@cisco.com>
Date:   Wed Jun 17 01:32:16 2020 -0400

    snort: fix --dump-rule-meta with ips.states

commit df44b9f9fdcc708d23b99e4dd6d4bd250ee73bc5
Author: russ <rucombs@cisco.com>
Date:   Mon Jun 8 10:45:04 2020 -0400

    detection: remove unused code

commit 947fb40131cf9b671bd63c9202dca0eac013bd1d
Author: russ <rucombs@cisco.com>
Date:   Sun Jun 7 11:53:19 2020 -0400

    regex: convert to same syntax as pcre plus fast_pattern option

commit 74fb07f83cb7eca507a9b0708078f1ab0e8f8c21
Author: russ <rucombs@cisco.com>
Date:   Sat Jun 6 21:10:41 2020 -0400

    mpse: remove unused pattern trimming support

commit b3c00fbe13508a83763d06dfe583c76ab6af0763
Author: russ <rucombs@cisco.com>
Date:   Sat Jun 6 00:40:59 2020 -0400

    ips: update detection trees for earliest header checks

commit 07816e253eeba09240df1abc80386303ddbcc691
Author: russ <rucombs@cisco.com>
Date:   Fri Jun 5 03:09:28 2020 -0400

    ips: refactor fast pattern selection.

    Enable content, regex, and sd_pattern options to be deduplicated.

commit 4e671b312dc3d168b48a48a7c8709eaf5cb125c5
Author: russ <rucombs@cisco.com>
Date:   Mon Jun 1 08:53:01 2020 -0400

    tweaks: updates for efficacy and performance

commit 5fc59bd0061a52750b57ff6cdf9e9d23b1da10f4
Author: russ <rucombs@cisco.com>
Date:   Sat May 30 10:43:41 2020 -0400

    appid: use configured search method for multi-pattern matching

commit 838255f2b79c8504a96f0f2d2000c83088b024ab
Author: russ <rucombs@cisco.com>
Date:   Wed Jun 3 01:04:03 2020 -0400

    ips: add http fast pattern buffers

    These additional fast pattern buffers are supported:

    http_raw_uri http_raw_header http_stat_code http_stat_msg http_cookie http_method

    The current implementation handles them somewhat generically, so other
    inspectors can provide a method or a stat_code buffer too.  A future
    iteration will make these buffers extensible.

commit e8b52034c1735e2fa95911967753eec47f6ded26
Author: russ <rucombs@cisco.com>
Date:   Sat May 30 19:34:58 2020 -0400

    ips: add ips service vs buffer checks; add missing services

commit 822d67423914d137399d20a6fc7a462eb138c491
Author: russ <rucombs@cisco.com>
Date:   Fri May 29 12:20:06 2020 -0400

    ips: minimize port group construction for any-any and bidirectional rules

commit e719dad994e1e1f65601bf439ef61dae5f904d66
Author: russ <rucombs@cisco.com>
Date:   Tue May 26 13:07:58 2020 -0400

    ips: enable non-service rules when service is detected

    Do fast pattern searches for port groups after service groups.

    Also, search_engine.detect_raw_tcp is applied to rules w/ or w/o a fast
    pattern (previously, erroneously, only fast-pattern rules).  In addition,
    this no longer applies to flows w/o a service inspector.  Such flows act
    as if detect_raw_tcp is true regardless of setting.

commit f11be51de012d6b6f290484329675c5bc5a7d077
Author: russ <rucombs@cisco.com>
Date:   Tue May 19 22:09:48 2020 -0400

    snort_defaults.lua: remove unused AIM_SERVERS var

Merge pull request #2246 in SNORT/snort3 from ~ZHIJLIU/snort3:nested_tunnel to master

Squashed commit of the following:

commit 497806c24b5e398140cf61dcff13901fd3443ffb
Author: Louis Zhijun Liu <zhijliu@cisco.com>
Date: Sun Jun 7 21:12:17 2020 -0700

codecs: add tunnel bypass logic based on DAQ payload_offset

Merge pull request #2277 in SNORT/snort3 from ~MIALTIZE/snort3:version_3_0_2 to master

Squashed commit of the following:

commit e8f9bc0ab3b216463374ec6d0a30e158fefb05ca
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jun 22 10:53:12 2020 -0400

build: Increment version to 3.0.2

Merge pull request #2272 in SNORT/snort3 from ~MMATIRKO/snort3:reg_xtra_fix to master

Squashed commit of the following:

commit e914576493bee03e7170506519b0f8662f760b90
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Jun 17 12:02:31 2020 -0400

stream: lock xtradata stream_impl to avoid data race on logging

Merge pull request #2270 in SNORT/snort3 from ~MSTEPANE/snort3:3_0_1_build_5 to master

Squashed commit of the following:

commit 0e8227fbe2c3b6989e0f1834a785c48413f1f20d
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jun 17 08:24:31 2020 -0400

build: generate and tag 3.0.1 build 5

Merge pull request #2087 in SNORT/snort3 from ~NEHASH4/snort3:CSCvs29881 to master

Squashed commit of the following:

commit d778ed0b01db01711626f4e4d447dc2632d1ba5b
Author: neha sharma <nehash4@cisco.com>
Date:   Sat Apr 11 13:40:32 2020 -0400

    file: Making sure that file malware inspection is turned off and only file-type detection is enabled
          when file_id config is defined without any parameter.
          forcing file-policy lookup/evaluation for cached verdict and file inspection is done only in case of unknown verdict
          HTTP inspector changed to use the decode depth from file_id config

Merge pull request #2267 in SNORT/snort3 from ~EBURMAI/snort3:cache_tunneled_ip_port to master

Squashed commit of the following:

commit c26aea52088b3401f70ee02b391e99d0b2f64d77
Author: Eduard Burmai <eburmai@cisco.com>
Date: Fri Jun 12 10:33:27 2020 -0400

appid: Lua APIs to get IP and port tunneled through a proxy

Merge pull request #2248 in SNORT/snort3 from ~SELYSENK/snort3:coverity to master

Squashed commit of the following:

commit 35d120f022eb0a2596a02255a5fc0f6b4996444c
Author: Serhii Lysenko <selysenk@cisco.com>
Date:   Fri Jun 5 07:13:53 2020 -0400

    snort2lua: fix issues found by Coverity scans

    Add missing member initializations. Fix typos. Add missing checks for
    return values. Restore ostream flags.

    Fix OOB memory access in DataApi::expand_vars() and in
    Converter::parse_file().

Merge pull request #2263 in SNORT/snort3 from ~SHRARANG/snort3:appid_stash to master

Squashed commit of the following:

commit 951f13ad2273fa270d71fd92d2c155b6cd8a3979
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Jun 9 16:22:53 2020 -0400

appid: remove unnecessary stuff from appid apis

Merge pull request #2269 in SNORT/snort3 from ~SHASLAD/snort3:fix_cov_series_part_9 to master

Squashed commit of the following:

commit d4809e1ea4e61828bd5a7b6267d743f63ceb2ebc
Author: Shashi Lad <shaslad@cisco.com>
Date: Fri Jun 12 11:53:41 2020 -0400

coverity: fixing issues found during coverity scan

Merge pull request #2265 in SNORT/snort3 from ~MMATIRKO/snort3:tcp-fin-fix to master

Squashed commit of the following:

commit 4f61bbec05db3a5eb40054894015d23dc12803b0
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Jun 12 13:00:51 2020 -0400

stream_tcp: fix issues for tcp simultaneous close

Merge pull request #2251 in SNORT/snort3 from ~OSERHIIE/snort3:trace_doc_phase_1 to master

Squashed commit of the following:

commit 50c6593279490fd17978c6d140efac0bfe1a9625
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Tue Jun 9 19:22:07 2020 +0300

doc: update user manual for trace feature

Merge pull request #2255 in SNORT/snort3 from ~KAMURTHI/snort3:reload_3rd_resp to master

Squashed commit of the following:

commit 56e9ed1693d8cff155e18118be8f056f9145e0df
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Tue Jun 9 12:54:56 2020 -0400

appid:Add response message to reload_third_party

Merge pull request #2264 in SNORT/snort3 from ~SATHIRKA/snort3:appid_cert_viz_api to master

Squashed commit of the following:

commit c0da3e4f26a12b4e8e7a07da6a5d9df6eac73b11
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu May 21 16:25:10 2020 -0400

appid: Update cert viz API to handle subject alt name and SNI mismatch

Merge pull request #2268 in SNORT/snort3 from ~MMATIRKO/snort3:rrt_check_fqn to master

Squashed commit of the following:

commit 73b94247a8aac83de7a1acc955c64b6eee022f12
Author: Michael Matirko <mmatirko@cisco.com>
Date: Mon Jun 15 13:45:14 2020 -0400

reload: check fqn before registering rrt

Merge pull request #2247 in SNORT/snort3 from ~OKHOMIAK/snort3:ips_policy_rule_stats to master

Squashed commit of the following:

commit 198b1151d099bb06de1b7f6db04f81d7f73516cc
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date:   Wed Jun 10 01:11:07 2020 +0300

    detection: do not apply global rule state to the empty policy

commit 0eba4fd76439efa586eb84e3d12a015501fe3cc8
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date:   Fri Jun 5 01:09:01 2020 +0300

    parser: print loaded and shared rules for each ips policy

Merge pull request #2266 in SNORT/snort3 from ~PUNEETKU/snort3:perf_fix to master

Squashed commit of the following:

commit 7cc62215d8d2a46b68e20ccf96350f659089ecf0
Author: Puneeth Kumar C V <puneetku@cisco.com>
Date: Sun Jun 14 21:01:45 2020 -0400

perf_monitor: fix count and interval during disable cli execution

Merge pull request #2253 in SNORT/snort3 from ~KATHARVE/snort3:h2i_infraction_fix to master

Squashed commit of the following:

commit 5a681a75529c10aef7f6efd802f91e7673ec4ff5
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 9 12:32:36 2020 -0400

http2_inspect: fix hpack infractions

Merge pull request #2262 in SNORT/snort3 from ~ANTOROZC/snort3:host_cache_test to master

Squashed commit of the following:

commit 0a9d6e442c842dd4c3e16dfbee2c102bd2d90d35
Author: Brian Morris <bmorris2@cisco.com>
Date: Fri Jun 12 09:56:21 2020 -0400

host_cache: add new peg to module test

Merge pull request #2261 in SNORT/snort3 from ~ANTOROZC/snort3:vkovalen_fix_static_analysis_complaint to master

Squashed commit of the following:

commit f22bf1dfce1fbe5eb104971bc43d24942341fdea
Author: Viktoriia Kovalenko <vkovalen@cisco.com>
Date: Fri Jun 12 16:45:05 2020 +0300

appid: add braces to fix static analysis complaint

Merge pull request #2257 in SNORT/snort3 from ~ANTOROZC/snort3:duapalme_replace_cache to master

Squashed commit of the following:

commit 90cf5e3a304b16b6494ed496c2f6d326dad0a381
Author: Duane Palmer <duapalme@cisco.com>
Date: Thu Jun 11 15:34:47 2020 -0500

lru_cache_shared: replace the cache entry if found

Merge pull request #2259 in SNORT/snort3 from ~OSERHIIE/snort3:trace_log_pkt_ptr to master

Squashed commit of the following:

commit a403e8b5ae47db509d6ede99f8808293ba5bbc26
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date:   Thu Jun 11 20:55:55 2020 +0300

    trace: remove redundant include

commit 53d3063ce49228a25e267d2992b1d22f7edf7f08
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date:   Thu Jun 11 19:56:47 2020 +0300

    trace: add support for passing in the packet pointer to loggers

Merge pull request #2249 in SNORT/snort3 from ~KATHARVE/snort3:rpc_fix to master

Squashed commit of the following:

commit 647ba9655b34471d813a75fc62e769cc9c67d848
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 9 09:23:00 2020 -0400

rpc_decode: remove unused config object

Merge pull request #2245 in SNORT/snort3 from ~MDAGON/snort3:h2i_bugfix to master

Squashed commit of the following:

commit ef7c26b0cbf07e69b4d0073d565a5433c6dd617c
Author: mdagon <mdagon@cisco.com>
Date: Thu Jun 4 16:27:52 2020 -0400

http2_inspect: partial inspect with less than 8 bytes of frame header in the same packet

Merge pull request #2168 in SNORT/snort3 from ~DAVMCPHE/snort3:reload_memory_leaks to master

Squashed commit of the following:

commit 8b865427b64ced3d8fa7b49db9206e13201ece4c
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Thu Apr 16 13:14:56 2020 -0400

    port_scan: cleanup port scan memory allocations in module tterm

    parser: free memory allocated for RTN when SO rule load fails

    stream: add final check to free allocated memory when module tterm is called

    actions: on a reload_config() free the memory allocated for react page on previous configuration loading

    shell: if initial load of snort configuration fails release memory allocated for modules and plugins

    appid: free memory allocated when appid is configured initially and then not configured on a subsequent reload

    snort_config: only perform FatalError cleanup from main thread

    actions: refactor to store react page response in std::string

    snort2lua: deprecate react::msg option, display of rule message in react page not currently supported

Merge pull request #2242 in SNORT/snort3 from ~KATHARVE/snort3:coverity_fixes_search_engines to master

Squashed commit of the following:

commit 9295d4275cd1f25662f546a86b5e4f438d1262e4
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Jun 4 17:11:14 2020 -0400

search_engines: fix potential memory leaks and an error in a printed value

Merge pull request #2241 in SNORT/snort3 from ~KATHARVE/snort3:coverity_fixes to master

Squashed commit of the following:

commit 689610e78e3964183dd9743cc2b284cc78520e28
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Jun 4 17:08:10 2020 -0400

service_inspectors: remove some redundant initializations and lookups, move some field initializations into the constructor

Revert "Merge pull request #2243 in SNORT/snort3 from ~CYLEONAR/snort3:master to master"

This reverts commit 59cfcb6ac6564174bdb9673a3f32e65607fcebc3.

Merge pull request #2243 in SNORT/snort3 from ~CYLEONAR/snort3:master to master

Squashed commit of the following:

commit b2403b08ffe3bba0d23569f5b7a973943481e689
Author: Cynthia Leonard <cyleonar@cisco.com>
Date:   Fri Jun 5 12:45:15 2020 -0400

    Revert "Merge pull request #2017 in SNORT/snort3 from ~SUNIMUKH/snort3:drop_servicability to master"

    This reverts commit 0ab74bbcee6d23bbb9e136bfaf796230f1252cdb.

Merge pull request #2017 in SNORT/snort3 from ~SUNIMUKH/snort3:drop_servicability to master

Squashed commit of the following:

commit 38e5c894583a168c71633f6fd427a9b349775b01
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date:   Fri May 29 05:06:55 2020 -0400

    active: add drop reason and ability to publish mapped drop reason ID to
     the DAQ layer

        Drop/verdict reason handling has been moved from PacketTracer to Active.
        Many modules have been changed to update the drop reason when deciding
        to drop. The Active API has been extended to allow external modules to
        map reason strings to verdict reason IDs to be sent to the DAQ layer.

Merge pull request #2240 in SNORT/snort3 from ~SATHIRKA/snort3:snort_proto_id to master

Squashed commit of the following:

commit 1a435d674e1d7fe0ee48a6dc2c46cae287069eb2
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Jun 4 16:22:55 2020 -0400

appid: Revert snort protocol id changes and fixed warnings

Merge pull request #2239 in SNORT/snort3 from ~ANTOROZC/snort3:vkovalen_no_sni to master

Squashed commit of the following:

commit 034c71cccbba39b7d746acc2858241d9cc7ed51a
Author: Viktoriia Kovalenko <vkovalen@cisco.com>
Date: Fri May 29 15:20:08 2020 +0300

appid: set appid_tlshost_bit when we set tls_cname

Merge pull request #2230 in SNORT/snort3 from ~OSERHIIE/snort3:trace_control_command to master

Squashed commit of the following:

commit ad8de0f3f4f5499eac67d3e0d9e8ab0391434308
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date:   Fri May 29 13:07:54 2020 +0300

    trace: fix for trace messages in the test-mode ('-T' option)

commit e9e654d6301f4c81c8086d84581380432272299f
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date:   Fri May 15 11:45:34 2020 +0300

    trace: add control channel command

Merge pull request #2221 in SNORT/snort3 from ~SUNIMUKH/snort3:CSCvu03459_ha_md_strm to master

Squashed commit of the following:

commit 2c4191695061c9deb932ccb21f1aae3c961f82bb
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Wed May 20 03:26:22 2020 -0400

stream_ha: fixed ip family in the flow->key during StreamHAClient::consume

Merge pull request #2226 in SNORT/snort3 from ~EBURMAI/snort3:dce_tcp_pinhole to master

Squashed commit of the following:

commit fe674926599fc7ff9b42dd8cbe624e23eb747e63
Author: Eduard Burmai <eburmai@cisco.com>
Date: Wed May 13 16:00:18 2020 -0400

dce_rpc: suppport for DCE/RPC future session

Merge pull request #2227 in SNORT/snort3 from ~MASHASAN/snort3:host_cache_memcap_limit to master

Squashed commit of the following:

commit fffeb145a3d8d5634cb4e26ed0f07b319ffcbf42
Author: Masud Hasan <mashasan@cisco.com>
Date: Wed May 27 13:00:05 2020 -0400

host_cache: Allowing module to accept 64 bit memcap value

Merge pull request #2237 in SNORT/snort3 from ~KAMURTHI/snort3:http2-response-match to master

Squashed commit of the following:

commit d3cdafa9cdead598b4719b49d7c0cb5c7c122143
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Sun May 31 22:15:50 2020 -0400

appid: Match http2 response to request

Merge pull request #2238 in SNORT/snort3 from ~KAMURTHI/snort3:http2-payload-UN to master

Squashed commit of the following:

commit 2db0b9abcb33e8ae8c9da933b789db361734f222
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Jun 1 02:33:41 2020 -0400

appid: For http2, if metadata doesn't give a match on payload, set payload id to unknown

Merge pull request #2223 in SNORT/snort3 from ~RDEMPSTE/snort3:direction_prevent_whitelist to master

Squashed commit of the following:

commit 8b95f26e28f56d5815c75c6cd42f163e3f3f85ef
Author: rdempste <rdempste@cisco.com>
Date:   Mon Jun 1 16:32:28 2020 -0400

    active: add a facility to prevent a DAQ whitelist verdict

commit 63fb0a693a3cea1ff45f1931d01e3b120dc4ab7a
Author: rdempste <rdempste@cisco.com>
Date:   Wed May 6 15:46:48 2020 -0400

    packet: add client and server direction methods that use the client initiator flow flag

commit 86bfdc7f46edd0f359e0196b951eb404fafd22b8
Author: rdempste <rdempste@cisco.com>
Date:   Thu May 7 17:36:36 2020 -0400

    flow: make client_initiated flag depend on the DAQ reverse flow flag

Merge pull request #2233 in SNORT/snort3 from ~SMINUT/snort3:force_finalize_hp to master

Squashed commit of the following:

commit e10265faf6232b58a32581033ca380a3e6d6b171
Author: Silviu Minut <sminut@cisco.com>
Date: Fri May 29 20:16:09 2020 -0400

stream_tcp: unconditionally release held packets that have timed out, regardless of flushing

Merge pull request #2217 in SNORT/snort3 from ~SVLASIUK/snort3:module_track_time to master

Squashed commit of the following:

commit acdd4a874962cfff0bb547009edcdb4163b2cd94
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date:   Wed May 13 10:51:22 2020 +0300

    managers: add inspector execution and timing traces to InspectorManager

    Add snort module main and inspector_manager trace options.
    Remove --trace command line option.

Merge pull request #2236 in SNORT/snort3 from ~KATHARVE/snort3:h2i_hi_memory to master

Squashed commit of the following:

commit a3742b47d9b0437fde14014241e933e3bc1908af
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Jun 1 13:27:50 2020 -0400

http2_inspect: track memory usage for http_inspect flows in http2_inspect