git.ipfire.org Git - thirdparty/snort3.git/log

Merge pull request #976 in SNORT/snort3 from rule_related to master

Squashed commit of the following:

commit fd08d96e5f41c24e96f5555578d15cccaf4ce5b1
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 26 22:28:48 2017 -0400

    replace: fix activation sequence

commit 6cb3374b90baffb20abe8b59e2733aea27730127
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 26 15:34:15 2017 -0400

    replace: move enable checks to runtime

Merge pull request #973 in SNORT/snort3 from luajit2.1 to master

Squashed commit of the following:

commit f045f39c17101ba845ffa94ed2c24b6599df49c4
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jul 26 16:34:03 2017 -0400

appid: Fix build with LuaJIT 2.1

Squashed commit of the following:

commit e7a81fd578f78d196970fc0653f509bf6c4d488d
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jul 25 20:18:02 2017 -0400

build: 239

Merge pull request #969 in SNORT/snort3 from more_fixups to master

Squashed commit of the following:

commit 0fb55e66df5bc2e7d0460a7b68e6cc18ab065a74
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 25 08:18:41 2017 -0400

    wizard: fix imap spell

commit 4ce133ae28a3c9b8dee4806ec8410a18a19a79e1
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 25 07:59:30 2017 -0400

    rules: remove sample.rules; Talos will publish Snort 3 rules on snort.org

commit ab8b4cd45048844dcd50865bf1fe190cfada093c
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 25 07:56:10 2017 -0400

    logging: fix handling of out of range timeval; thanks to kamil@frankowicz.me for reporting the issue

commit c336f991319db2a0c4cda66dc4c3c8c8c25fb33f
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 25 07:35:50 2017 -0400

    wizard: fix direction issue

Squashed commit of the following:

commit 29b45abd4e2bd3bc92bfafb0c5b8e423b46ffa95
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 21:14:47 2017 -0400

    build 238

commit 61919ae2037a5a2cdea1fe6a03a4b69e62b2cbcc
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 20:03:27 2017 -0400

    ipv6: fix flow label access method; thanks to schrx3b6 for the patch

commit d78852a6cd2749b0deb1bd7aa42343d4fd09d6f7
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 16:36:48 2017 -0400

    doc: update rules differences

Merge pull request #968 in SNORT/snort3 from more_cleanup to master

Squashed commit of the following:

commit e40b6094dd3f8d9d13c9dc46a0b1e36ecba71be0
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 11:09:22 2017 -0400

    snort2lua: fix fast_pattern:only handling

commit 2a1c414b1eb430f746e21212a02a659839b329d4
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 10:31:06 2017 -0400

    policy: remove superfluous set(get())

commit e5e35b9f0368195eff5784bac931574d4f86cdff
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 07:37:17 2017 -0400

    conf: fix default builtin rule path

commit 8c6facee635e17a37aaa6975041bd2870457272a
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 07:31:47 2017 -0400

    doc: update default manuals

commit 1d608129a4458c7680043f56955c62460f048923
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 23 22:58:01 2017 -0400

    messages: remove __FILE__ and __LINE__ from non-debug messages

Merge pull request #965 in SNORT/snort3 from flow_key to master

Squashed commit of the following:

commit 9e4b59fa1cf59d646b01fc43b74831ac91921743
Author: Steven Baigal <sbaigal@cisco.com>
Date: Mon Jul 17 10:32:07 2017 -0400

Add ip_proto as part of flow key

Merge pull request #967 in SNORT/snort3 from bugz_r_us to master

Squashed commit of the following:

commit be1b03e0e98f494e9019893110b0ec87853861c2
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 23 13:26:16 2017 -0400

    rules: promote metadata:service to a separate option since it is not metadata

commit 945d393f54d57cf1aa489b08e5e04141ef65532d
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 22 13:42:19 2017 -0400

    loggers: remove units options; all limits expressed in MB

commit e7773535fe30cde5fa146ffb063850a4fe8670d1
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 22 09:18:42 2017 -0400

    text logs: fix default unlimited file size

commit f2d3ff50bf34fe527b5079212e39914170ab5bd9
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 22 00:19:04 2017 -0400

    doc: update differences

commit 9eb65c1f15db9d6044e7f5b2b7b8782ef5ce4820
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jul 21 20:46:39 2017 -0400

    u2: remove obsolete configurations

commit 74e3cbfcf68bcd505a3166272a060dd32bc6513c
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jul 21 20:45:23 2017 -0400

    check: update hyperscan and regex tests

commit 37bdac9cffb927e473295fc667b50f9967880968
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jul 21 14:31:00 2017 -0400

    mpse: make regex capability generic

commit fabbd5e454a53e4733699b8eeca40563dc9a5d5a
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jul 21 13:30:08 2017 -0400

    regex: fix pass through of mpse flags to hyperscan
    mpse: only use literals for fast patterns if search_method is not hyperscan

Merge pull request #966 in SNORT/snort3 from nhttp82 to master

Squashed commit of the following:

commit 4c13fff1d7016433321abccecaa42fc9900492b5
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jul 13 16:08:57 2017 -0400

http_inspect: added 119:97 for lower case letters in version field

Merge pull request #961 in SNORT/snort3 from snort2lua_fnamestack to master

Squashed commit of the following:

commit 9ad1c364f5631e22d35a19f76defd88305cbeb06
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Jul 18 10:29:02 2017 -0400

snort2lua: Fixed incorrect file names errors

Merge pull request #964 in SNORT/snort3 from nits_and_grits to master

Squashed commit of the following:

commit 8a9301b3318e3cd9779a520e2bdd8e52833a29d7
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jul 20 09:04:23 2017 -0400

    snort2lua: move footprint to stream from stream_tcp

commit 0602ec6263c736d17e5eba9b13ebb3a3c18aac96
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 22:55:15 2017 -0400

    replace: remove cruft

commit 609631a398dfb05d355cc1c16739566644f965fb
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 21:43:32 2017 -0400

    spell check: fix message and comment typos

commit cdc2199a4f95ac75b11d83ce312f4a91a2393673
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 19:07:20 2017 -0400

    replace: do not trip over fast pattern only

commit 14d34229049e390f4dbf0d59706be84c93d453b6
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 18:41:51 2017 -0400

    detection: fix debug print of fast pattern only

commit 38ffacf6b1023643daed77bbaacf98987d8cc522
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 18 21:31:49 2017 -0400

    stream: fix user dependency on flush bucket

commit 11bd8c0da6a51e66f70184be76c3de32ab73afac
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 18 21:09:59 2017 -0400

    doc: tweak concepts and differences

Merge pull request #963 in SNORT/snort3 from u2 to master

Squashed commit of the following:

commit d6046ce8e164daf3b8a54e2e429d71b227db13b5
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 20:13:36 2017 -0400

    u2: support mixed IP versions

commit d0b5682dab42f3cbb67a6e71e794e4fe97533acb
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 08:19:32 2017 -0400

    u2: convert thread local buffers to heap

commit 126a9f8df065e784c1c5dc3905cb5dca1666167f
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 18 10:20:25 2017 -0400

    u2: add event3 to u2spewfoo

commit f27161d1460caf7ee13c3bee0b1107eb8c640cfc
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 17 08:17:24 2017 -0400

    u2: deprecate ip4 and ip6 specific events and add a single event for both

commit c7f6d52513f0f934b9a6f6eef4c6a9abd3b19c82
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 9 22:47:38 2017 -0400

    u2: remove aliases

commit e2df358ebfbb746bace58ae83b437c3d64a1e90a
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 9 22:43:11 2017 -0400

    u2: remove cruft

Merge pull request #962 in SNORT/snort3 from file_exit to master

Squashed commit of the following:

commit e98b26a5bff62e131c9a9552d70b14416006f0f5
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jul 18 16:26:48 2017 -0400

two fixes to file capture exit

Merge pull request #960 in SNORT/snort3 from dump_buffer to master

Squashed commit of the following:

commit 3a0feab9993894fc00bcfdebb77e11b537ca0e35
Author: mdagon <mdagon@cisco.com>
Date: Thu Jun 29 11:40:05 2017 -0400

Rule evaluation trace utility

Merge pull request #941 in SNORT/snort3 from pkt_trace to master

Squashed commit of the following:

commit dfec01c9671e3d12df4d89b4fd45c35f5cd3834a
Author: Steven Baigal <sbaigal@cisco.com>
Date: Thu Jun 29 17:21:10 2017 -0400

add packet trace feature

Merge pull request #959 in SNORT/snort3 from fbs_base to master

Squashed commit of the following:

commit d4ea6f978fc4a295bbb32730c864f2763fbb6f84
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Jul 12 14:51:46 2017 -0400

fixed main table (perf_monitor) having same name as pegs for perfmon field

Merge pull request #958 in SNORT/snort3 from rpc to master

Squashed commit of the following:

commit d9fd7c240d7a7787eaf81239ae8e9b3719c07d13
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 15 10:32:33 2017 -0400

rpc: revert to positional params, fix tcp logic, clean up formatting

Merge pull request #957 in SNORT/snort3 from diecpm to master

Squashed commit of the following:

commit 00299b5b93b7e05a1948b57fcdd2fa0a66d28ae4
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Jul 14 15:45:47 2017 -0400

    cpputests: Clean up some header include issues

commit abcebef25cfcfb0e42f50789a043232f0ee619cb
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Jul 14 13:47:15 2017 -0400

    search_engines: Remove Intel Soft CPM support

    In existing configurations converted by snort2lua, the search method
    will be replaced with hyperscan instead.

Merge pull request #956 in SNORT/snort3 from nhttp81 to master

Squashed commit of the following:

commit 70455188e2954b95107457eefe85937439c271b5
Author: Tom Peters <thopeter@cisco.com>
Date:   Mon Jul 10 12:26:42 2017 -0400

    http_inspect: specific alert added 119:95 for Content-Encoding chunked.
    http_inspect: alert 119:96 added for unsolicited 206 response.
    file_api: memory leak fixed

Merge pull request #955 in SNORT/snort3 from socket to master

Squashed commit of the following:

commit d17f51f98e70d8641e4bb971a820e581f661da7d
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 13 10:42:14 2017 -0400

daq_socket: update to support query of pci

build 237

Merge pull request #954 in SNORT/snort3 from snort2lua_fnames to master

Squashed commit of the following:

commit 3e50cb7c54a20d79b402ec424fa8195bd4078d54
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Wed Jul 12 12:21:48 2017 -0400

    refactored line and file number to method in snort2lua

commit 7b734b33ce1d569c52d86d822a0cc8b03eceb8a5
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Jul 11 16:48:35 2017 -0400

    added line number and file name to snort2lua error output

Merge pull request #949 in SNORT/snort3 from appid_sync_feat_open_appid to master

Squashed commit of the following:

commit fae02d7b055f89b87da8370803376cdabefc5def
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Jul 5 08:38:58 2017 -0400

port features from snort 2.9.x enabled by FEAT_OPEN_APPID compile time symbol

Merge pull request #936 in SNORT/snort3 from snort3_flowdata2 to master

Squashed commit of the following:

commit 95ca96d339dfb178f5ed394a0e7a15c17e458a58
Author: Steve Chew <stechew@cisco.com>
Date: Fri Jun 23 15:32:18 2017 -0400

Changed FlowData::get_flow_id to get_flowdata_id to avoid confusion.

Merge pull request #952 in SNORT/snort3 from fixups to master

Squashed commit of the following:

commit e6a65d1395eaa1f5da5c5f7b3f3e8e713de161c3
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 10 19:11:07 2017 -0400

    ip and tcp options: reformat for consistency

commit 8dd7f558b4d5c8eb890f93e0635c959b43de5a18
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 10 16:11:59 2017 -0400

    ip and tcp options: print the correct octets

commit e9eb69680b352445e7c0d55211e926ef7f6913b1
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 10 11:25:22 2017 -0400

    detect: release any helpers from an undetected PDU upon finish

commit 917e02259ad61b1fde19641acbb9d8095cc18741
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 10 11:24:29 2017 -0400

    ip and tcp options: use max opts len to squelch bogus reinterpret cast overrun

Merge pull request #948 in SNORT/snort3 from extrabuild to master

Squashed commit of the following:

commit 4d7e8a276f0d2e0e901b548d781de6af83fd9d07
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Jul 7 13:56:26 2017 -0400

    build: Add support for appending EXTRABUILD to the BUILD string

    If EXTRABUILD is defined in the preprocessor flags, it will be appended
    to the BUILD string and reported in all such places that use it like
    snort -V.

    For example, if one configures with CPPFLAGS="-DEXTRABUILD=.1", the
    resulting snort -V output will look something like this:

       ,,_     -*> Snort++ <*-
      o"  )~   Version 3.0.0-a4 (Build 236.1) from 2.9.8-383
       ''''    By Martin Roesch & The Snort Team

Merge pull request #951 in SNORT/snort3 from exitcodes to master

Squashed commit of the following:

commit 1e66c72c6f87efa99d3520808d6041c4669d7107
Author: Michael Altizer <mialtize@cisco.com>
Date: Sun Jul 9 21:31:52 2017 -0400

detection: Fix segfault in DetectionEngine::idle sans thread_init

Merge pull request #950 in SNORT/snort3 from spacey_rules to master

Squashed commit of the following:

commit 4dc5e316eb387d9f962140f64ebcd81d9b1db3f9
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 8 08:16:43 2017 -0400

rules: tolerate spaces in positional parameters

Merge pull request #947 in SNORT/snort3 from icmp6 to master

Squashed commit of the following:

commit b44fab9650238404e622cd1dfeea84ffd3308e89
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jul 7 14:23:53 2017 -0400

    icmp6: remove ip4 cruft from decoder

commit f3a75c0d7e46e7f9b6ca0a42f178c3e5190c5ba4
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jul 6 18:56:55 2017 -0400

    icmp6: reject non-ip6, raise 116:474

Merge pull request #946 in SNORT/snort3 from user_dax to master

Squashed commit of the following:

commit 6dae979e555eeec63b16f1c494cc075479119ace
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jul 6 21:20:04 2017 -0400

    review: not sup and size check

commit b23ad2fb260560fcd980a1a456d998c354068535
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jul 6 21:13:48 2017 -0400

    decode: fix counts when no layers are decoded

commit 22596bc64fe69d91e0edf18db55f144ed80e784f
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 5 15:29:14 2017 -0400

    daq_file: update for pci query

commit 3f3fbd6bc99ae44532080f49d995ac2e27f3fe97
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 5 14:54:11 2017 -0400

    daq_hext: cleanup

commit 6692812227307ff76064fbb7f6f4c76eb9111791
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 5 14:49:16 2017 -0400

    daq_hext, cd_user: query for pci

Merge pull request #945 in SNORT/snort3 from nhttp79 to master

Squashed commit of the following:

commit a192d033425753f515840f82ba6413e07f035c8a
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jun 27 12:22:15 2017 -0400

Header normalization improvements

Merge pull request #944 in SNORT/snort3 from warnings to master

Squashed commit of the following:

commit 8d2ef5c3a6b8061652e07e5b7609ce43fc5bfbae
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Jul 5 20:50:40 2017 -0400

    build: Clean up some ICC 2017 warnings

commit d8dcbf92767750beae88263c7ce527cde8ef1a40
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Jul 5 14:50:50 2017 -0400

    utils: Remove inet_ntoax since it doesn't add value over ntoa anymore

commit e930a3b3a8fc7cea965363d89b1f518c9c0d5c31
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Jul 4 02:11:49 2017 -0400

    snort2lua: Fix removal of ignore_ports in stream_tcp.small_segments

commit 2c123de0e34458cc0c8f629494ad8e13b57e3486
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Jul 4 02:10:20 2017 -0400

    file_decomp_pdf: Fix missing reset in PDF state machine transition

commit 68556c37a4824b41edddfcec5c4e7f6ce2a4d28d
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Jul 4 02:09:32 2017 -0400

    snort: Fix leaking instance memory when DAQ configure fails

commit 4a051279a65c9f5e3dfcb170ccfd740f2f6bfd73
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Jul 4 01:13:34 2017 -0400

    snort2lua: Fix heap-use-after-free for preprocessors and configs with no arguments

commit 07978c166304d72a5cacea3cb17bea934a7e7faf
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jul 3 20:45:17 2017 -0400

    appid: Fix thread-unsafe sharing of HTTP pattern tables

commit 34dd69e6d2f6c5c141ad4ae316102ccf73dfb11d
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jul 3 20:43:08 2017 -0400

    appid: Fix populating IP addresses in debug session ID

commit 9d5386c7467e278c46602bb564199a3b3de18258
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jul 3 16:10:21 2017 -0400

    build: Clean up some GCC 7 warnings

commit 78e5e904cb0cbfab2dec5e11c76cf0e2ab416154
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jul 3 15:58:34 2017 -0400

    appid/service_ssl: Compatibility update for OpenSSL 1.1.0 API

commit d858f2386b7a3158342f2aa2524a576467bc47ee
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jul 3 15:57:09 2017 -0400

    build: Clean up some cppcheck warnings

Merge pull request #943 in SNORT/snort3 from tweax to master

Squashed commit of the following:

commit 07b8138db8dad5fad3153345e1049fa8119e433e
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 3 14:58:07 2017 -0400

    doc: boast about json

commit e51ede6c6448d24484bc410346c33a681376f057
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 3 14:57:25 2017 -0400

    cppcheck: remove cruft

commit 9af73dd88bbbcbab10395c3ddfefae557adf507b
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 3 14:54:13 2017 -0400

    cppcheck: fix warnings

Merge pull request #942 in SNORT/snort3 from export_activeh to master

Squashed commit of the following:

commit 78bc5863731bc787296291e09bde0922526050ac
Author: Steve Chew <stechew@cisco.com>
Date: Mon Jul 3 14:01:00 2017 -0400

Export active.h that's needed for firewall port.

Merge pull request #940 in SNORT/snort3 from stream_syncup_ftpdatasplitter to master

Squashed commit of the following:

commit 443224e556c1d1f6635de850212ea321d5f3976a
Author: davis mcpherson <davmcphe.cisco.com>
Date: Thu May 25 10:26:17 2017 -0400

implement FTP-Data specific splitter that subclasses the AtomSplitter and provides a custom 'finish' method that calls file processing if there is no data left to flush.

Merge pull request #939 in SNORT/snort3 from sync_or_sink to master

Squashed commit of the following:

commit d0b8a6e33ac79e735eeecc0a1b01e8c294108963
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jun 28 08:18:59 2017 -0400

    snort2lua: update for port_scan

commit be4bc16b74e3adc0966cf6a8943195c6c7bb92fc
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jun 27 08:21:40 2017 -0400

    port_scan: cleanup

commit ab7f99a96219e4baa5bbe314f7aeabac3c7a14eb
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jun 27 07:40:16 2017 -0400

    port_scan: merge global settings into main module

commit 8741d918bfcbbf0a447f4294cc47842aa4c3db7d
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jun 26 15:14:13 2017 -0400

    port_scan: fix printing number of nodes

commit cd86a9c410c4002d2111741d61dab7c2d916c928
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jun 26 15:10:48 2017 -0400

    inspector manager: require explicit configuration of acquired inspectors

commit 45f0aacb6e47276a5483deda746e96d591ef76cd
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jun 26 15:08:30 2017 -0400

    ftp: remove dead store

commit 3e1cd9164aa1cf5f1283b1114f4cbcc0f99149f7
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jun 26 15:07:50 2017 -0400

    port_scan: port hash sizing fix from 2X

Merge pull request #925 in SNORT/snort3 from control_coverage to master

Squashed commit of the following:

commit 1f704f85c48153704fc9a8ee4eb36514afbc55fb
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Jun 13 23:43:46 2017 -0400

documentation updates to control channel code

Merge pull request #937 in SNORT/snort3 from nhttp77 to master

Squashed commit of the following:

commit dd997afe9a8aa2f17dd0939f5d4942c99336e7d6
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jun 22 16:06:34 2017 -0400

Content-Transfer-Encoding

Merge pull request #938 in SNORT/snort3 from nhttp78 to master

Squashed commit of the following:

commit 19a68c6425cbeec8693789fac2f4b6e757032fcb
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Jun 26 12:01:25 2017 -0400

Rename source file

Merge pull request #932 in SNORT/snort3 from json_formatter to master

Squashed commit of the following:

commit 81a8d478028d9437122f29bbe2e8cb1c197b800b
Author: Carter Waxman <cwaxman@cisco.com>
Date: Mon May 16 11:12:56 2016 -0400

perf_monitor: Add JSON formatter

Merge pull request #935 in SNORT/snort3 from nhttp76 to master

Squashed commit of the following:

commit 2cbc9d33b58cfa241baf28697275b85a892c1b00
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jun 20 17:29:07 2017 -0400

Transfer-Encoding header not valid for HTTP 1.0

Merge pull request #929 in SNORT/snort3 from ssl_splitter to master

Squashed commit of the following:

commit 79d04e69161c7d6e9c5ae83546e1102ceb746148
Author: Steven Baigal <sbaigal@cisco.com>
Date: Mon Jun 12 16:32:33 2017 -0400

add ssl splitter

Merge pull request #934 in SNORT/snort3 from nhttp75 to master

Squashed commit of the following:

commit 7f4cb724e558e1138ba028a8edd4f356c626d48e
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jun 15 14:25:26 2017 -0400

NHI alerts related to 100 Continue

Merge pull request #927 in SNORT/snort3 from flow_errors to master

Squashed commit of the following:

commit de672298786ea7070ca647594ee8d9a511ab5f9d
Author: allewi <allewi@cisco.com>
Date: Wed Jun 7 11:22:14 2017 -0400

removed unused code

Merge pull request #930 in SNORT/snort3 from speling to master

Squashed commit of the following:

commit ab5686150760909495164bf70b3cde82ee34e512
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jun 19 07:00:39 2017 -0400

spell check: fix typos

cmg: change source::buf to source.buf and ::buf to snort.buf
cmg: use http_method + version + uri instead of http_raw_request
cmg: use http_version + stat_code + stat_msg instead of http_raw_status

loggers: use const event reference in alert funcs

Merge pull request #919 in SNORT/snort3 from Bug203817 to master

Squashed commit of the following:

commit 070e1a8857475b77e22809303caa66a9b3a07eba
Author: allewi <allewi@cisco.com>
Date: Thu Jun 1 12:40:04 2017 -0400

adding changes for bug203817

Merge pull request #928 in SNORT/snort3 from ps_events to master

Squashed commit of the following:

commit 3877ccf2211f0341b0cdd6d59c7ef9b41023955f
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jun 16 08:43:10 2017 -0400

    port_scan: execute probes after detection and log the alt buffer if set

commit 2965452abf7ed909be0cfcb76b645f1439022c8d
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jun 15 13:01:09 2017 -0400

    port_scan: cleanup headers

commit 25c305b763019b77823bc3de0ad78c972168d72b
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jun 15 11:51:59 2017 -0400

    port_scan: refactor alerting

commit 2c9380e50066da9b7319f134202d737e3acad7d9
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jun 15 10:58:18 2017 -0400

    port_scan: just use normal log files

commit 5786467d359d8c59523a060a9ddee29a1963cf99
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jun 15 10:54:23 2017 -0400

    port_scan: eliminate use of pseudo packet for events

build 236

Merge pull request #923 in SNORT/snort3 from ps_overhaul to master

Squashed commit of the following:

commit 1a3272ddf66ff45c0e37ad38546e0e3a14bb3937
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jun 14 15:25:56 2017 -0400

    review: clean up more return values

commit 9ded9d29ca0e668c1c0ab2977f32cc4c93b56e36
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jun 14 15:00:47 2017 -0400

    review: update defaults to some semi-useful average

commit 086c0235ffc31ba10f99d9195f40093a61901ef5
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jun 12 17:49:52 2017 -0400

    port_scan: remove unused cruft

commit df35824913f28060fe69ce045d5a09e0d0739e13
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jun 12 15:22:30 2017 -0400

    port_scan: update snort2lua for deleted sense_level

commit 8ac604119fcb385dc860d3d1129dc5b5d1b62770
Merge: fc66cd5 8dfcc5e
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jun 12 10:30:26 2017 -0400

    port_scan: fix ip6 handling

commit fc66cd527829be3e6528dd78810e15870f5b648c
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jun 11 21:07:32 2017 -0400

    port_scan: convert return values from int to bool and other cleanup

commit 3dd0b506ca32bb716fbaec00217c0196bce086b5
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jun 11 19:44:04 2017 -0400

    port_scan: normalize args, cleanup comments, remove dead code

commit d0aa139077b886f761309d9e74c5d840d35b7688
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jun 11 11:09:10 2017 -0400

    port_scan: utilize expanded configuration

commit 209f535dd842f4f094b8ce99a464b2d2fcd44d25
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jun 8 08:08:32 2017 -0400

    port_scan: add lua defaults

commit 1630d19a840f45a7f9862143b9ab3418fde93a17
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jun 9 16:53:01 2017 -0400

    port_scan: alert on all packets considered scan events within window
    port_scan: fix ip protocol scan detection

commit 9fbf94640debdf83a85b064d72a89f3f89d63c16
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jun 9 11:44:56 2017 -0400

    port_scan: use standard event queuing

commit 8dfcc5e634867357644511e1c3d63065071857e2
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jun 11 21:07:32 2017 -0400

    port_scan: convert return values from int to bool and other cleanup

commit 07a03fc5824f26ce0db88d53a86d68c0e226353c
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jun 11 19:44:04 2017 -0400

    port_scan: normalize args, cleanup comments, remove dead code

commit a122e32b803466bb6228cadd61e4aea737d70ce2
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jun 11 11:09:10 2017 -0400

    port_scan: utilize expanded configuration

commit 8fcb52c2ddb4d6cc5122d009ce4d593e2dc4bf29
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jun 8 08:08:32 2017 -0400

    port_scan: add lua defaults

commit 9ead40f296fb31c18b5b01ed8bf8c450f14c2edc
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jun 9 16:53:01 2017 -0400

    port_scan: alert on all packets considered scan events within window
    port_scan: fix ip protocol scan detection

commit a33f60b6801624065f27d09ec8cddf9a88df55ba
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jun 9 11:44:56 2017 -0400

    port_scan: use standard event queuing

Merge pull request #926 in SNORT/snort3 from nhttp74 to master

Squashed commit of the following:

commit 9634905678288bbc1efa1626100bf6d0c0d34e54
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Jun 14 14:46:30 2017 -0400

Added helper methods for events and infractions

Merge pull request #924 in SNORT/snort3 from appid_bug_217500 to master

Squashed commit of the following:

commit 2835f929dcc8faa913fec6a63141f608b9b12863
Author: davis mcpherson <davmcphe.cisco.com>
Date: Fri Jun 9 16:47:57 2017 -0400

fix memory leak caused by error initializing and freeing linked list elements for matched chp patterns

Merge pull request #922 in SNORT/snort3 from nhttp73 to master

Squashed commit of the following:

commit 1983899cf047594c9089a3ef0211faf403d22220
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jun 9 13:51:18 2017 -0400

improved transfer-encoding header processing

Merge pull request #921 in SNORT/snort3 from decode_sync_up to master

Squashed commit of the following:

commit c4029c05a4eab161ab23f483ee4320aefd6713fc
Author: mdagon <mdagon@cisco.com>
Date: Mon Jun 12 14:14:44 2017 -0400

Updated ipv6 valid next headers

Merge pull request #897 in SNORT/snort3 from perflib_updates to master

Squashed commit of the following:

commit 53b8a945fba35c2ca6fad77c1b04eef9a9c3eb11
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Wed May 10 16:38:59 2017 -0400

    added udp.ignore to pegs

    fixed tcp.ignored_sessions (tcp.ignored)

    added daq.rx_bytes

    added syn and syn-ack counters to stream_tcp

    added search_engine.searched_bytes

    added reset and fin peg counters

Merge pull request #920 in SNORT/snort3 from nhttp72 to master

Squashed commit of the following:

commit 3a789ec873f4349c3ba4d86fc44c13b44d4da4e6
Author: Tom Peters <thopeter@cisco.com>
Date: Wed May 31 16:57:54 2017 -0400

NHI improvements to handling of badly terminated chunks

Merge pull request #918 in SNORT/snort3 from sip_buf to master

Squashed commit of the following:

commit dc7ee447477092476f4071404673623ac58be1b3
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jun 7 15:57:48 2017 -0400

    conf: set HOME_NET and EXTERNAL_NET before loading defaults

commit 72bbbf5da7c4911c01bf6366c03be5ef2e5741f1
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jun 6 09:02:56 2017 -0400

    sip: fix get body buffer

Merge pull request #911 in SNORT/snort3 from appid_stats to master

Squashed commit of the following:

commit 9e6310eba1bf2f4388b0d882e6de33e1ae2c5b67
Author: Steven Baigal <sbaigal@cisco.com>
Date: Wed May 24 17:05:33 2017 -0400

removed empty stats printing that was executed from main thread

Merge pull request #916 in SNORT/snort3 from conf_updates to master

Squashed commit of the following:

commit 647890ba3c1031f60fafa55ef606a8645466582d
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jun 4 09:22:51 2017 -0400

    conf: refactor for clarity

commit a75b80cb43914841fd8821d4f3e4e3dad295d195
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jun 4 08:49:56 2017 -0400

    conf: use updated external defaults, change internal defaults to enable file_id type and signature

commit 2ec586b505cf8f3e0f9999ecf5b4279c6f10935b
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jun 4 08:47:34 2017 -0400

    conf: update defaults - remove old http cruft, add smtp defaults

Merge pull request #917 in SNORT/snort3 from RangeCheck_valid to master

Squashed commit of the following:

commit ed402874266886db364e582e062dd4f28813a949
Author: Steven Baigal <sbaigal@cisco.com>
Date: Thu Jun 1 15:47:29 2017 -0400

add validate check for range

Merge pull request #902 in SNORT/snort3 from perfcpu_tid to master

Squashed commit of the following:

commit e9326366e304780392f0eda521a4cb8db09b1e3a
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed May 17 13:54:40 2017 -0400

update cpu tracker output to thread_*.cpu_{user,system,wall}

Merge pull request #912 in SNORT/snort3 from rangecheck_fragoffset to master

Squashed commit of the following:

commit 34618dc2536f65c8995e90a57f49d07a6dcb285c
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri May 26 09:36:02 2017 -0400

add range validation for RangeCheck class and ips fragoffset

Merge pull request #914 in SNORT/snort3 from svc_policy to master

Squashed commit of the following:

commit ca9642e07630e88ab09398957d58b7164de0915f
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed May 31 20:21:44 2017 -0400

    binder: remove problematic and ineffective unit test

commit 0a2d909c24cfd03746dbaa0e13126e27f9f67903
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed May 31 14:44:01 2017 -0400

    splitters: add unit tests for generic splitters

commit 56168c90bf6c793a9626e0bcab1de7574e322574
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed May 31 10:28:36 2017 -0400

    splitter: cleanup

commit 9fb13f4841eeb0d37ac55deb793527ac57d42196
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed May 31 06:36:30 2017 -0400

    stream: use fixed direction flush methods

commit f9cb1f804475e61ee5da5175412b649783264b18
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun May 28 15:26:28 2017 -0400

    detection: avoid superfluous leaf nodes in detection option trees

commit 8853ceb93b290c4b615b7f00115a0a1d6cd19e4c
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun May 28 15:17:59 2017 -0400

    ssl: use stop-and-wait splitter

commit 9558b366ad285b20299facd038b261f8a8264265
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun May 28 15:16:39 2017 -0400

    stream: add stop-and-wait splitter

Merge pull request #907 in SNORT/snort3 from frag_big_lg_fix to master

Squashed commit of the following:

commit f4af8be641026012e8a5b87a6efcbc0ebe9bab94
Author: Shashikant Lad <shaslad@cisco.com>
Date: Wed May 31 13:25:24 2017 -0400

stream_ip: fix 123:7 - DEFRAG_ANOMALY_BADSIZE_LG

Merge pull request #915 in SNORT/snort3 from 235 to master

Squashed commit of the following:

commit 06413e60f3793355aef02b2b7d554ad490ed84f8
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jun 1 08:20:48 2017 -0400

    build 235

commit 0be57289cdd413b04ced388cc5df6d59e85f1577
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jun 1 08:11:09 2017 -0400

    doc: update default manuals

commit 347c63bbf14a60513bf706e7cd75043166625ec3
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jun 1 06:50:26 2017 -0400

    stream_ip: remove dead code and tweak formatting

commit e4f18ba59d3b33c516b74b8929a0916678f12e2f
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jun 1 06:44:52 2017 -0400

    search_engine: set range for max_queue_events parameter

doc: update differences

doc: update README

Merge pull request #910 in SNORT/snort3 from nhttp70 to master

Squashed commit of the following:

commit 70a6a3f8b31d6fc382411a4805806743d7a1f823
Author: Tom Peters <thopeter@cisco.com>
Date: Mon May 15 11:43:45 2017 -0400

NHI improved handling of improper bare \r separator.

Merge pull request #908 in SNORT/snort3 from appid_segfault_tns to master

Squashed commit of the following:

commit 53c5fb9fd908fb697fee8111caf25a02949b1792
Author: davis mcpherson <davmcphe.cisco.com>
Date: Mon May 22 14:33:59 2017 -0400

fix bug where TNS detector corrupted the flow data object

Merge pull request #909 in SNORT/snort3 from arp_spoof_assert to master

Squashed commit of the following:

commit 0eb7bdb71fb583dfbb555090dcdefe274469e423
Author: mdagon <mdagon@cisco.com>
Date:   Thu May 25 16:09:09 2017 -0400

    Comment

commit 51b55863d608eec4c00dc4fe4af48470b49d539f
Author: mdagon <mdagon@cisco.com>
Date:   Wed May 24 16:22:40 2017 -0400

    Code review

commit 54766baa91c8f0d6b5f3285d705907cabff752d7
Author: mdagon <mdagon@cisco.com>
Date:   Tue May 23 12:46:30 2017 -0400

    Arp spoof with non-ethernet packet - return instead of assert

Merge pull request #906 in SNORT/snort3 from daq_reload to master

Squashed commit of the following:

commit 19f347e73b9ab4f23a7017809f4c51150954a106
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon May 22 12:08:07 2017 -0400

control_mgmt: add support for daq module reload

Merge pull request #905 in SNORT/snort3 from ipproto_option_test to master

Squashed commit of the following:

commit 94419df41bc540065a5a2dc12b1f75d5753ca74a
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri May 19 14:29:28 2017 -0400

removed unreachable code

Merge pull request #883 in SNORT/snort3 from unix_sockets to master

Squashed commit of the following:

commit da703340e86893e77d3fd3f4e10db53480b1c904
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Sun May 7 23:35:16 2017 -0400

control_mgmt: add support for unix sockets

build 234

Merge pull request #903 in SNORT/snort3 from warnings to master

Squashed commit of the following:

commit d6ab2c977657660c93ce8d5eefcad02a5f68a154
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri May 19 15:06:13 2017 -0400

    Clean up compiler warnings from OpenSolaris build

commit 7b6423c6cb27f2ba0273b2466fec81ef04d9ccf9
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri May 19 14:26:59 2017 -0400

    util: Add include to fix OpenSolaris build

commit 707bf028fa4d4352de28aad95db6dab4f5aef6b9
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri May 19 13:02:03 2017 -0400

    control_mgmt: Add include to fix FreeBSD build

commit c55b63cded037201f9d35c1e467d6470fad94c22
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri May 19 12:20:53 2017 -0400

    log_text: Fix typo in obfuscation code

commit f164446c526442c1f67e83ce9c763edeb110a3f0
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri May 19 12:20:19 2017 -0400

    ips_context: Remove extraneous semicolon in header

Merge pull request #898 in SNORT/snort3 from pgm_fix to master

Squashed commit of the following:

commit 26b32a49ecd43111abb5723fb1cf117be2ee4beb
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue May 16 12:36:08 2017 -0400

Added an additional check for divisibility of the length of the PGM header by 4. If it's not, then an error is returned instead of calculating the checksum.

Merge pull request #887 in SNORT/snort3 from perf_max to master

Squashed commit of the following:

commit 33095d2153dc1b0bc96d2c14d722f4ba1ae3b2a2
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed May 10 11:09:52 2017 -0400

removed fixit that would have broken perfmon

Merge pull request #901 in SNORT/snort3 from appid_sip_event_handler_revert_tests to master

Squashed commit of the following:

commit df3099f5ccd7c2090a7ab8b616bcc0afe9ea558f
Author: davis mcpherson <davmcphe.cisco.com>
Date: Thu May 18 09:51:36 2017 -0400

during reload a new sip event handler is created before the old one is deleted so this class is not really a singleton. we cache a pointer to the current active handler in a class member variable and provide a method 'get_active' to get this value. a create function is provided to create the instance, this should only be called once when appid is configured. DataBus is responsible for deleting the sip event handler when it is deleted.

Merge pull request #900 in SNORT/snort3 from run_num to master

Squashed commit of the following:

commit f7d26ed4b669d9b6a5de364c5eb8b043b066b514
Author: Russ Combs <rucombs@cisco.com>
Date: Thu May 18 08:07:18 2017 -0400

detection: ensure each analysis is unique

Merge pull request #895 in SNORT/snort3 from doc_byte_options to master

Squashed commit of the following:

commit 2c20c7fab1553450759a11c31a42e144ef465744
Author: mdagon <mdagon@cisco.com>
Date: Thu May 11 11:56:29 2017 -0400

Snort manual update for byte rule options

Merge pull request #899 in SNORT/snort3 from appid_sip_event_handler to master

Squashed commit of the following:

commit e0c2723bd9c1e6c9b0c9b2830df5aaa57b615a5b
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed May 17 08:50:53 2017 -0400

refactor appid to instantiate a single instance of the SIP event handler with THREAD_LOCAL variables to hold the pointer to the client/service SIP detectors instantiated in each packet thread. Subscription to the SIP events moved to the appid inspector configure function that is called from the main thread

Merge pull request #896 in SNORT/snort3 from appidz to master

Squashed commit of the following:

commit f74a4934f522d20201f3e9607352205171979874
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed May 17 12:20:47 2017 -0400

    detection: rename method for clarity

commit c9c1f77634e1d7926e103135a56476e2ea7a8323
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed May 17 11:52:48 2017 -0400

    detection: ensure reassembly is in next context

commit 3cc411a86df37df167e1246d20c438bee0216d99
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue May 16 21:43:59 2017 -0400

    search tool: refactor to remove dependencies

commit 7b38d3db78bf7a1f11ad65627dd724fdf0962674
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue May 16 16:32:34 2017 -0400

    search tool: refactor unit test

commit b4ae4ce14603a5e730145e4231fccee78eb03af6
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue May 16 12:49:47 2017 -0400

    search tool: use configured or default method

commit fd996bdb1f947cb9ed3ac547e5ed2227ccdfef89
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue May 16 12:23:25 2017 -0400

    search tool: refactor ctor

commit fc758793dbc64bb3db8a72362a32c10b9f18a682
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue May 16 12:24:32 2017 -0400

    appid: master key must be thread local

commit 7d4db6cfc221d5ac0b98916b88839c3e77e3d359
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue May 16 12:22:39 2017 -0400

    appid: use actual referer length for search

Merge pull request #894 in SNORT/snort3 from poc_work to master

Squashed commit of the following:

commit 8fc6c009d224fbbc9aef5528b181bd193bcc7772
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon May 8 16:35:02 2017 -0400

    tools: Clean up per-target includes and libraries

commit 8054717b7735294bc685210548b4779f38ee4547
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon May 8 16:34:18 2017 -0400

    cmake: Fix erroneous space when checking for netdb.h

commit dcf1750fd041b0a0b16dc7f62b6497fcffa3c8d3
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon May 8 16:33:21 2017 -0400

    cmake: Check if libsfbpf is needed to link against libpcap

    Some implementations of libpcap have a dependency on libsfbpf and CMake
    has issues resolving library dependencies; help it along.

Merge pull request #893 in SNORT/snort3 from stress to master

Squashed commit of the following:

commit 8304132dee77ea1bb38108c379edb1ac2eb5a5f0
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon May 15 09:45:05 2017 -0400

    detection: rename for clarity

commit 1c7b5068c56ad1765403e02db92e871b48539137
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon May 15 09:35:58 2017 -0400

    detection: refactor per packet init

commit 872fb6368fb3b8c107a460c8d3b6ba618cebce70
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon May 15 09:35:21 2017 -0400

    rules: update for prior parsing fix

Merge pull request #889 in SNORT/snort3 from hex_fmt to master

Squashed commit of the following:

commit 6eecedd09bf5aff5bec136878f90a8b3155731f7
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri May 12 18:47:53 2017 -0400

    cleanup: fix misc formatting

commit 9db0cff83f841855d75670728c16c2b163af55c0
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri May 12 18:28:56 2017 -0400

    cleanup: remove tedious and redundant option/flag comments

commit 4cc0ac76c7e965cd9f2f5dfe398efd2731536836
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri May 12 18:20:45 2017 -0400

    alert_fast: lookup buffer ids when constructed

commit b48b39cf0bf4da3e1842c2f988508ba1b0160dd0
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri May 12 14:10:36 2017 -0400

    expanded cmg logging for http buffers

commit 0785439d2dad33b718083db66911a3e628567a62
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat May 6 17:17:52 2017 -0400

    cleanup: remove cruft

commit 669669fa43883c872536d1a472d43bc1d6298229
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat May 6 16:43:03 2017 -0400

    log: print inspector::buffer[size]: on separate line

commit a0768e3c6fea1f76823c6814b0946f11b4376ef5
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri May 5 14:28:19 2017 -0400

    make wide hex dump configurable

commit 9f0224dfd98ea6550cd4d5744c39ec6f0bb99a35
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed May 3 14:53:09 2017 -0400

    revamp hex buffer dump format used by -A cmg
    -- add extra space at halfway points (both hex and ascii)

Merge pull request #892 in SNORT/snort3 from protoz to master

Squashed commit of the following:

commit 96605cba373f8d655f0c4430a8ae0e574654d901
Author: Russ Combs <rucombs@cisco.com>
Date: Sun May 14 21:22:09 2017 -0400

parsing: reject positional params with spaces

Merge pull request #891 in SNORT/snort3 from fragz to master

Squashed commit of the following:

commit 48cc258b8328981c0cfb4a6e2e8168ca8aa9310a
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun May 14 11:41:12 2017 -0400

    spell: fix comment typos

commit 9b4b0772643d08fa3df4efba1472cc027426f4a2
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun May 14 11:35:41 2017 -0400

    detection: use context number as unambiguous detection discriminator (vs packet number)

commit b7e6830bf05d3333dc5f0ae6935227973c9802fe
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun May 14 10:55:40 2017 -0400

    detection: ensure each context gets unique id

commit f4d7d3e73fcaf9b9c19a6e0b09e840156ca6969e
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat May 13 20:07:14 2017 -0400

    stream_ip: allow detection on frag that completes datagram

commit b456143132e84cf194ed80f8f3ac462a34cb4214
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat May 13 20:00:18 2017 -0400

    stream_ip: fix nodes_created count

regex offload:
-- establish IpsContext, ContextSwitcher, DetectionEngine, and RegexOffload classes
-- refactor thread locals to use detection contexts

Merge pull request #890 in SNORT/snort3 from byte_math_warning to master

Squashed commit of the following:

commit e2d32cc7979394a0e9b2c0b76ddd92e205490f9c
Author: mdagon <mdagon@cisco.com>
Date: Fri May 12 17:08:52 2017 -0400

Fix for byte_math warning

Merge pull request #885 in SNORT/snort3 from byte_math to master

Squashed commit of the following:

commit b892c596ee961f9b69e660b9d09962fccc1e19e6
Author: mdagon <mdagon@cisco.com>
Date: Mon Apr 24 14:17:16 2017 -0400

byte_math

Merge pull request #888 in SNORT/snort3 from appid_http_pattern_mem_management to master

Squashed commit of the following:

commit 7c41c22e2c501050a87a151c433c75ba6dc7fe93
Author: davis mcpherson <davmcphe.cisco.com>
Date: Tue May 9 08:27:33 2017 -0400

refactor http pattern list data structures to use std containers and eliminate possible null pointer dereference

build 233

Merge pull request #886 in SNORT/snort3 from fix_cppchk_warn to master

Squashed commit of the following:

commit 6e9017eea058b8ba3aca41abc64c6a5d5eeaeed8
Author: Steven Baigal <sbaigal@cisco.com>
Date: Mon May 8 16:39:17 2017 -0400

updated code to resolve cppcheck warnings

Merge pull request #884 in SNORT/snort3 from stream_syncup_seq_oow to master

Squashed commit of the following:

commit 7afb572ad351984b7d3e3b94e01128f7abc6e414
Author: davis mcpherson <davmcphe.cisco.com>
Date: Fri May 5 15:40:55 2017 -0400

coding style and format fixups, not functional changes

Merge pull request #878 in SNORT/snort3 from sfghash_test to master

Squashed commit of the following:

commit 2c7cac6a39d396190137ea5a5437e1b9ec98b6ab
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue May 2 11:56:16 2017 -0400

Added assert check for nullptr, removed unused code and added unit test cases

Merge pull request #881 in SNORT/snort3 from cd_cmd to master

Squashed commit of the following:

commit e8ec31370c4c9ca5160d0e739753e7c9666b8b8e
Author: Russ Combs <rucombs@cisco.com>
Date: Thu May 4 18:12:11 2017 -0400

fix extraction of ether type from cisco metadata

Merge pull request #879 in SNORT/snort3 from decode_fixes to master

Squashed commit of the following:

commit b42b3cbfd507b323b487f5c36e860b9853d98ed1
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu May 4 07:34:27 2017 -0400

    packet manager: ensure ether type proto ids don't masquerade as ip proto ids
    thanks to Bhargava Shastry <bshastry@sec.t-labs.tu-berlin.de> for reporting the issue

commit 1427a9e4d5838c4a3426587ff0f5393500e478d9
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu May 4 07:28:54 2017 -0400

    codec manager: fix off-by-1 mapping array size
    thanks to Bhargava Shastry <bshastry@sec.t-labs.tu-berlin.de> for reporting the issue

Merge pull request #880 in SNORT/snort3 from appid_check_failure_patch to master

Squashed commit of the following:

commit 7afaec39eaa458acab547b35b83280667be435e4
Author: davis mcpherson <davis.mcpherson@gmail.com>
Date: Tue May 2 12:37:57 2017 -0400

add new appid unit tests to the cmake build, fix missing lib reference to sfip

Merge pull request #869 in SNORT/snort3 from Bug200227 to master

Squashed commit of the following:

commit cde33c31d9e3a397bdd2cd922e21bd7c89cc80a5
Author: allewi <allewi@cisco.com>
Date: Tue May 2 21:59:43 2017 -0400

fix is for improper handling of protocol ID within the LLC header