Next/20221024/v12 #8073

victorjulien · 2022-10-24T09:24:46Z

Staging:

Commit 487cdda adds negation support for the SSL state.

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.4 to 2.0.6. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@e363bfc...99c5375) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Add WARN_UNUSED macro for ByteExtract* functions Fix warning raised in code related to WARN_UNUSED for ByteExtract* Ticket: OISF#3658

These variants, in particular the Brotli one can be large at over 2500 bytes which is allocated no matter which decompressor is being used. Gzip comes in at over 500 bytes. Box deflate for consistency.

And disable the global lint.

Without it, it own't see the usage of variables in SCDebugLog macros, etc.

Ticket: 5577

Ticket: OISF#4599

Ticket: 4609

Ticket: OISF#4593

Commit contains prototype changes of RunModeSetLiveCaptureAutoFp and RunModeSetLiveCaptureWorkers functions to move the IPS enable logic out of suricata.c file.

Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3.0.0 to 3.0.1. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@fb598a6...9782bd6) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@3cea537...83fd05a) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Task: OISF#4038

Task: OISF#4035

suricata-qa · 2022-10-24T11:45:03Z

WARNING:

field	baseline	test	%
	SURI_TLPW1_stats_chk
.tcp.rst	128100	103859	81.08%
	IPS_AFP_stats_chk
.tcp.ssn_from_cache	341704	454506	133.01%
.tcp.ssn_from_pool	876528	763726	87.13%
.tcp.segment_from_cache	97495581	103777094	106.44%
.tcp.segment_from_pool	17093651	10838058	63.4%
.detect.alerts_suppressed	1058400	896400	84.69%
.app_layer.flow.ssh	1080	0	-
	TREX_GENERIC_stats_chk
.capture.kernel_drops	0	142906	-
.flow.end.tcp_state.syn_sent	0	300	-
.flow.end.tcp_state.syn_recv	0	6	-
.flow.end.tcp_state.fin_wait1	0	38	-
.flow.end.tcp_state.fin_wait2	0	7	-
.flow.end.tcp_state.time_wait	0	20	-
.flow.end.tcp_state.last_ack	0	13	-
.flow.end.tcp_state.close_wait	0	52	-
.tcp.reassembly_gap	80952	103065	127.32%
.tcp.overlap	0	5	-
.app_layer.error.http.parser	0	26	-
.app_layer.error.ftp.gap	0	1	-
.app_layer.error.smtp.gap	0	41	-
.app_layer.error.tls.gap	53852	59450	110.4%
.app_layer.error.dcerpc_tcp.parser	0	14	-

Pipeline 10161

victorjulien · 2022-10-25T18:23:54Z

replaced by #8085

Lukas Sismis and others added 30 commits October 24, 2022 10:58

docs: remove outdated constraint of negation support for ssl_state

37cf365

Commit 487cdda adds negation support for the SSL state.

detect-filemagic: convert unittests to FAIL/PASS APIs

8614bff

Task: OISF#4034

detect-filename: convert unittests to FAIL/PASS APIs

76024f7

Task: OISF#4036

src: Use WARN_UNUSED for ByteExtract* functions

6988168

Add WARN_UNUSED macro for ByteExtract* functions Fix warning raised in code related to WARN_UNUSED for ByteExtract* Ticket: OISF#3658

rust: sort clippy allow statements

e8c00dd

rust: remove clippy lints that no longer warn

36f8ada

rust/http2: box decompressor variants

74b7522

These variants, in particular the Brotli one can be large at over 2500 bytes which is allocated no matter which decompressor is being used. Gzip comes in at over 500 bytes. Box deflate for consistency.

rust: suppress large enum variant lint at location

5a10fcd

And disable the global lint.

rust: fix clippy lints for clippy::derive_partial_eq_without_eq

c4034da

rust: fix clippy lints for clippy::assign_op_pattern

29a4a7f

rust: fix clippy lints for clippy::char_lit_as_u8

5e5401d

rust: fix clippy lints for clippy::len_zero

f342d4a

rust: fix clippy lints for clippy::manual_range_contains

3ec435a

rust: fix clippy lints for clippy::needless_bool

5f7ba03

rust: fix clippy lints for clippy::redundant_field_names

565da0d

rust: fix clippy lints for clippy::crate_in_macro_def

e373d9f

rust: fix clippy lints for clippy::bool_comparison

6b71d69

rust: fix clippy lints for clippy::collapsible_else_if

5725058

rust: fix clippy lints for clippy::collapsible_if

119e02c

rust: fix clippy lints for clippy::manual_find

7ebdfa5

rust: fix clippy lints for clippy::map_flatten

6ba0a67

rust: fix clippy lints for clippy::nonminimal_bool

7ba1d3e

rust: fix clippy lints for clippy::redundant_pattern_matching

13db832

rust: fix clippy lints for clippy::redundant_static_lifetimes

b6cc0e2

rust: fix clippy lints for clippy::unnecessary_cast

04f0ee0

rust: clippy fix for bitwise or with 0

6db85d6

rust: don't allow fixed up clippy lints

560c4ea

github-ci: running clippy with all features

a11f51f

Without it, it own't see the usage of variables in SCDebugLog macros, etc.

rust: fix clippy lints for is_empty in debug code

6a7439a

jasonish and others added 12 commits October 24, 2022 11:20

rust: fix clippy lints for unneeded reference in debug code

f0952ae

rust: fix clippy lint for cmp_null is debug code

7cca238

Ticket: 5577

rust: fix clippy lint for unneeded late initialization

21bb697

rust: fix lint warnings about ptr_arg

9cd0042

Ticket: OISF#4599

rust: fix lint warnings about if same then else

4e90d17

Ticket: 4609

rust: fix lint warnings about mixed case hex literals

ccdc992

Ticket: OISF#4593

runmodes: change function prototype of runmode init functions

e00e2bf

Commit contains prototype changes of RunModeSetLiveCaptureAutoFp and RunModeSetLiveCaptureWorkers functions to move the IPS enable logic out of suricata.c file.

dpdk: add support for enabling IPS support in DPDK mode

ec1d8ca

detect-filesha256: convert unittests to FAIL/PASS APIs

aaf0634

Task: OISF#4038

detect-filemd5: convert unittests to FAIL/PASS APIs

caa1346

Task: OISF#4035

victorjulien requested review from jufajardini, catenacyber and jasonish as code owners October 24, 2022 09:24

victorjulien mentioned this pull request Oct 24, 2022

Next/20221024/v13 #8081

Closed

victorjulien marked this pull request as draft October 25, 2022 05:03

victorjulien mentioned this pull request Oct 25, 2022

Next/20221025/v1 #8085

Merged

victorjulien closed this Oct 25, 2022

victorjulien deleted the next/20221024/v12 branch November 14, 2022 16:43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Next/20221024/v12 #8073

Next/20221024/v12 #8073

victorjulien commented Oct 24, 2022

suricata-qa commented Oct 24, 2022

victorjulien commented Oct 25, 2022

Next/20221024/v12 #8073

Next/20221024/v12 #8073

Conversation

victorjulien commented Oct 24, 2022

suricata-qa commented Oct 24, 2022

victorjulien commented Oct 25, 2022