diff -Nru suricata-6.0.9/ChangeLog suricata-6.0.10/ChangeLog --- suricata-6.0.9/ChangeLog 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/ChangeLog 2023-01-31 06:26:24.000000000 +0000 @@ -1,3 +1,28 @@ +6.0.10 -- 2023-01-31 + +Security #5804: Suricata crashes while processing FTP (6.0.x backport) +Bug #5815: detect: config keyword prevents tx cleanup (6.0.x backport) +Bug #5812: nfs: debug validation triggered on nfs2 read +Bug #5810: smb/ntlmssp: parser incorrectly assumes fixed field order (6.0.x backport) +Bug #5806: exceptions: midstream flows are dropped if midstream=true && stream.midstream-policy=drop-flow (6.0.x backport) +Bug #5796: TLS Handshake Fragments not Reassembled (6.0.x backport) +Bug #5795: detect/udp: different detection from rules when UDP/TCP header is broken (6.0.x backport) +Bug #5793: decode: Padded packet to minimal Ethernet length marked with invalid length event (6.0.x backport) +Bug #5791: smb: unbounded file chunk queuing after gap (6.0.x backport) +Bug #5763: libbpf: Use of legacy code in eBPF/XDP programs (6.0.x backport) +Bug #5762: detect/pcre: JIT not disabled when OS doesn't allow RWX pages +Bug #5760: nfs: ASSERT: attempt to subtract with overflow (compound) (6.0.x backport) +Bug #5749: iprep/ipv6: warning issued on valid reputation input (6.0.x backport) +Bug #5744: netmap: 6.0.9 v14 backport causes known packet stalls from v14 implementation in "legacy" mode too +Bug #5738: smb: failed assertion (!((f->alproto == ALPROTO_SMB && txd->files_logged != 0))), function CloseFile, file output-file.c (6.0.x backport) +Bug #5735: smtp: quoted-printable encoding skips empty lines in files (6.0.x backport) +Bug #5723: eve: missing common fields like community id for some event types like RFB +Bug #5601: detect: invalid hex character in content leads to bad debug message (6.0.x backport) +Bug #5565: Excessive qsort/msort time when large number of rules using tls.fingerprint (6.0.x backport) +Bug #5299: YAML warning from default config on 6.0.5 +Optimization #5797: tls: support incomplete API to replace internal buffering +Optimization #5790: smb: set defaults for file chunk limits (6.0.x backport) + 6.0.9 -- 2022-11-28 Security #5710: smb: crash inside of streaming buffer Grow() (6.0.x backport) @@ -23,6 +48,7 @@ Task #5698: libhtp 0.5.42 Task #5570: transversal: update references to suricata webpage version 2 (backport 6.0.x) Task #4852: netmap: new API version (14) supports multi-ring software mode (6.0.x backport) + 6.0.8 -- 2022-09-27 Task #5552: libhtp 0.5.41 diff -Nru suricata-6.0.9/configure suricata-6.0.10/configure --- suricata-6.0.9/configure 2022-11-28 06:35:25.000000000 +0000 +++ suricata-6.0.10/configure 2023-01-31 06:30:29.000000000 +0000 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for suricata 6.0.9. +# Generated by GNU Autoconf 2.69 for suricata 6.0.10. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -643,8 +643,8 @@ # Identity of this package. PACKAGE_NAME='suricata' PACKAGE_TARNAME='suricata' -PACKAGE_VERSION='6.0.9' -PACKAGE_STRING='suricata 6.0.9' +PACKAGE_VERSION='6.0.10' +PACKAGE_STRING='suricata 6.0.10' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1646,7 +1646,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures suricata 6.0.9 to adapt to many kinds of systems. +\`configure' configures suricata 6.0.10 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1717,7 +1717,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of suricata 6.0.9:";; + short | recursive ) echo "Configuration of suricata 6.0.10:";; esac cat <<\_ACEOF @@ -1976,7 +1976,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -suricata configure 6.0.9 +suricata configure 6.0.10 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2619,7 +2619,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by suricata $as_me 6.0.9, which was +It was created by suricata $as_me 6.0.10, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3491,7 +3491,7 @@ # Define the identity of the package. PACKAGE='suricata' - VERSION='6.0.9' + VERSION='6.0.10' cat >>confdefs.h <<_ACEOF @@ -21753,7 +21753,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by suricata $as_me 6.0.9, which was +This file was extended by suricata $as_me 6.0.10, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21819,7 +21819,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -suricata config.status 6.0.9 +suricata config.status 6.0.10 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" @@ -23714,12 +23714,12 @@ pkg_cv_LIBHTPMINVERSION_CFLAGS="$LIBHTPMINVERSION_CFLAGS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"htp >= 0.5.41\""; } >&5 - ($PKG_CONFIG --exists --print-errors "htp >= 0.5.41") 2>&5 + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"htp >= 0.5.42\""; } >&5 + ($PKG_CONFIG --exists --print-errors "htp >= 0.5.42") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - pkg_cv_LIBHTPMINVERSION_CFLAGS=`$PKG_CONFIG --cflags "htp >= 0.5.41" 2>/dev/null` + pkg_cv_LIBHTPMINVERSION_CFLAGS=`$PKG_CONFIG --cflags "htp >= 0.5.42" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes @@ -23731,12 +23731,12 @@ pkg_cv_LIBHTPMINVERSION_LIBS="$LIBHTPMINVERSION_LIBS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"htp >= 0.5.41\""; } >&5 - ($PKG_CONFIG --exists --print-errors "htp >= 0.5.41") 2>&5 + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"htp >= 0.5.42\""; } >&5 + ($PKG_CONFIG --exists --print-errors "htp >= 0.5.42") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - pkg_cv_LIBHTPMINVERSION_LIBS=`$PKG_CONFIG --libs "htp >= 0.5.41" 2>/dev/null` + pkg_cv_LIBHTPMINVERSION_LIBS=`$PKG_CONFIG --libs "htp >= 0.5.42" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes @@ -23757,9 +23757,9 @@ _pkg_short_errors_supported=no fi if test $_pkg_short_errors_supported = yes; then - LIBHTPMINVERSION_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "htp >= 0.5.41" 2>&1` + LIBHTPMINVERSION_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "htp >= 0.5.42" 2>&1` else - LIBHTPMINVERSION_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "htp >= 0.5.41" 2>&1` + LIBHTPMINVERSION_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "htp >= 0.5.42" 2>&1` fi # Put the nasty error message in config.log where it belongs echo "$LIBHTPMINVERSION_PKG_ERRORS" >&5 @@ -23850,7 +23850,7 @@ fi if test "$libhtp_devver_found" = "no"; then echo - echo " ERROR! libhtp was found but it is neither >= 0.5.41, nor the dev 0.5.X" + echo " ERROR! libhtp was found but it is neither >= 0.5.42, nor the dev 0.5.X" echo exit 1 fi @@ -24652,7 +24652,54 @@ fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for bpf_set_link_xdp_fd in -lbpf" >&5 + # Check for XDP specific function. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for bpf_xdp_attach in -lbpf" >&5 +$as_echo_n "checking for bpf_xdp_attach in -lbpf... " >&6; } +if ${ac_cv_lib_bpf_bpf_xdp_attach+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lbpf $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char bpf_xdp_attach (); +int +main () +{ +return bpf_xdp_attach (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_bpf_bpf_xdp_attach=yes +else + ac_cv_lib_bpf_bpf_xdp_attach=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_bpf_bpf_xdp_attach" >&5 +$as_echo "$ac_cv_lib_bpf_bpf_xdp_attach" >&6; } +if test "x$ac_cv_lib_bpf_bpf_xdp_attach" = xyes; then : + have_xdp="yes" +fi + + if test "$have_xdp" = "yes"; then + +$as_echo "#define HAVE_PACKET_XDP 1" >>confdefs.h + + else + # Check for legacy XDP function. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for bpf_set_link_xdp_fd in -lbpf" >&5 $as_echo_n "checking for bpf_set_link_xdp_fd in -lbpf... " >&6; } if ${ac_cv_lib_bpf_bpf_set_link_xdp_fd+:} false; then : $as_echo_n "(cached) " >&6 @@ -24692,17 +24739,19 @@ have_xdp="yes" fi - if test "$have_xdp" = "yes"; then + if test "$have_xdp" = "yes"; then $as_echo "#define HAVE_PACKET_XDP 1" >>confdefs.h + fi fi - for ac_func in bpf_program__section_name + for ac_func in bpf_program__section_name bpf_xdp_attach bpf_program__set_type do : - ac_fn_c_check_func "$LINENO" "bpf_program__section_name" "ac_cv_func_bpf_program__section_name" -if test "x$ac_cv_func_bpf_program__section_name" = xyes; then : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF -#define HAVE_BPF_PROGRAM__SECTION_NAME 1 +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi @@ -34192,7 +34241,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by suricata $as_me 6.0.9, which was +This file was extended by suricata $as_me 6.0.10, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -34258,7 +34307,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -suricata config.status 6.0.9 +suricata config.status 6.0.10 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -Nru suricata-6.0.9/configure.ac suricata-6.0.10/configure.ac --- suricata-6.0.9/configure.ac 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/configure.ac 2023-01-31 06:26:24.000000000 +0000 @@ -1,4 +1,4 @@ - AC_INIT([suricata],[6.0.9]) + AC_INIT([suricata],[6.0.10]) m4_ifndef([AM_SILENT_RULES], [m4_define([AM_SILENT_RULES],[])])AM_SILENT_RULES([yes]) AC_CONFIG_HEADERS([src/autoconf.h]) AC_CONFIG_SRCDIR([src/suricata.c]) @@ -1675,12 +1675,12 @@ echo exit 1 fi - PKG_CHECK_MODULES(LIBHTPMINVERSION, [htp >= 0.5.41],[libhtp_minver_found="yes"],[libhtp_minver_found="no"]) + PKG_CHECK_MODULES(LIBHTPMINVERSION, [htp >= 0.5.42],[libhtp_minver_found="yes"],[libhtp_minver_found="no"]) if test "$libhtp_minver_found" = "no"; then PKG_CHECK_MODULES(LIBHTPDEVVERSION, [htp = 0.5.X],[libhtp_devver_found="yes"],[libhtp_devver_found="no"]) if test "$libhtp_devver_found" = "no"; then echo - echo " ERROR! libhtp was found but it is neither >= 0.5.41, nor the dev 0.5.X" + echo " ERROR! libhtp was found but it is neither >= 0.5.42, nor the dev 0.5.X" echo exit 1 fi @@ -1820,11 +1820,18 @@ AC_DEFINE([HAVE_PACKET_EBPF],[1],[Recent ebpf fanout support is available]), [], [[#include ]]) - AC_CHECK_LIB(bpf, bpf_set_link_xdp_fd,have_xdp="yes") + # Check for XDP specific function. + AC_CHECK_LIB(bpf,bpf_xdp_attach,have_xdp="yes") if test "$have_xdp" = "yes"; then AC_DEFINE([HAVE_PACKET_XDP],[1],[XDP support is available]) + else + # Check for legacy XDP function. + AC_CHECK_LIB(bpf,bpf_set_link_xdp_fd,have_xdp="yes") + if test "$have_xdp" = "yes"; then + AC_DEFINE([HAVE_PACKET_XDP],[1],[XDP support is available]) + fi fi - AC_CHECK_FUNCS(bpf_program__section_name) + AC_CHECK_FUNCS([bpf_program__section_name bpf_xdp_attach bpf_program__set_type]) fi; # Check for DAG support. diff -Nru suricata-6.0.9/debian/changelog suricata-6.0.10/debian/changelog --- suricata-6.0.9/debian/changelog 2022-11-29 10:19:06.000000000 +0000 +++ suricata-6.0.10/debian/changelog 2023-01-31 13:34:17.000000000 +0000 @@ -1,3 +1,10 @@ +suricata (1:6.0.10-1) unstable; urgency=medium + + * New upstream release. + * Drop patch applied upstream. + + -- Sascha Steinbiss Tue, 31 Jan 2023 14:34:17 +0100 + suricata (1:6.0.9-1) unstable; urgency=medium * New upstream release. diff -Nru suricata-6.0.9/debian/patches/debian-default-cfg.patch suricata-6.0.10/debian/patches/debian-default-cfg.patch --- suricata-6.0.9/debian/patches/debian-default-cfg.patch 2022-11-29 10:19:06.000000000 +0000 +++ suricata-6.0.10/debian/patches/debian-default-cfg.patch 2023-01-31 13:34:17.000000000 +0000 @@ -32,7 +32,7 @@ --- a/configure.ac +++ b/configure.ac -@@ -2762,7 +2762,7 @@ +@@ -2769,7 +2769,7 @@ EXPAND_VARIABLE(localstatedir, e_logfilesdir, "/log/suricata/files") EXPAND_VARIABLE(localstatedir, e_logcertsdir, "/log/suricata/certs") EXPAND_VARIABLE(sysconfdir, e_sysconfdir, "/suricata/") diff -Nru suricata-6.0.9/debian/patches/LEVEL1_DCACHE_LINESIZE.patch suricata-6.0.10/debian/patches/LEVEL1_DCACHE_LINESIZE.patch --- suricata-6.0.9/debian/patches/LEVEL1_DCACHE_LINESIZE.patch 2022-11-29 10:19:06.000000000 +0000 +++ suricata-6.0.10/debian/patches/LEVEL1_DCACHE_LINESIZE.patch 2023-01-31 13:34:17.000000000 +0000 @@ -7,7 +7,7 @@ Last-Update: 2022-06-01 --- a/configure.ac +++ b/configure.ac -@@ -2436,7 +2436,7 @@ +@@ -2443,7 +2443,7 @@ AC_PATH_PROG(HAVE_GETCONF_CMD, getconf, "no") if test "$HAVE_GETCONF_CMD" != "no"; then CLS=$(getconf LEVEL1_DCACHE_LINESIZE) diff -Nru suricata-6.0.9/debian/patches/reproducible.patch suricata-6.0.10/debian/patches/reproducible.patch --- suricata-6.0.9/debian/patches/reproducible.patch 2022-11-29 10:19:06.000000000 +0000 +++ suricata-6.0.10/debian/patches/reproducible.patch 2023-01-31 13:34:17.000000000 +0000 @@ -9,7 +9,7 @@ --- a/configure.ac +++ b/configure.ac -@@ -2887,7 +2887,8 @@ +@@ -2894,7 +2894,8 @@ echo echo "$SURICATA_BUILD_CONF" echo "printf(" >src/build-info.h diff -Nru suricata-6.0.9/debian/patches/series suricata-6.0.10/debian/patches/series --- suricata-6.0.9/debian/patches/series 2022-09-28 08:28:48.000000000 +0000 +++ suricata-6.0.10/debian/patches/series 2023-01-31 13:34:17.000000000 +0000 @@ -9,4 +9,3 @@ avoid-to-include-if_tunnel-h.patch llc.patch LEVEL1_DCACHE_LINESIZE.patch -libbpf-1.0.patch Binary files /tmp/tmpqcqlgbst/Oh7omgW972/suricata-6.0.9/doc/devguide/devguide.pdf and /tmp/tmpqcqlgbst/1Is2Qw_HZe/suricata-6.0.10/doc/devguide/devguide.pdf differ diff -Nru suricata-6.0.9/doc/userguide/configuration/suricata-yaml.rst suricata-6.0.10/doc/userguide/configuration/suricata-yaml.rst --- suricata-6.0.9/doc/userguide/configuration/suricata-yaml.rst 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/doc/userguide/configuration/suricata-yaml.rst 2023-01-31 06:26:24.000000000 +0000 @@ -1521,8 +1521,8 @@ (this event can also set from other conditions). This can happen on slow configurations (hardware, ASAN, etc...) -HTTP2 ------ +Configure HTTP2 +~~~~~~~~~~~~~~~ HTTP keywords can be enabled to match on HTTP1 traffic. To do so, you should set ``app-layer.protocols.http2.http1-rules``. diff -Nru suricata-6.0.9/doc/userguide/install.rst suricata-6.0.10/doc/userguide/install.rst --- suricata-6.0.9/doc/userguide/install.rst 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/doc/userguide/install.rst 2023-01-31 06:26:24.000000000 +0000 @@ -122,6 +122,7 @@ To use it:: + sudo apt-get install software-properties-common sudo add-apt-repository ppa:oisf/suricata-stable sudo apt-get update sudo apt-get install suricata diff -Nru suricata-6.0.9/doc/userguide/suricata.1 suricata-6.0.10/doc/userguide/suricata.1 --- suricata-6.0.9/doc/userguide/suricata.1 2022-11-28 06:37:41.000000000 +0000 +++ suricata-6.0.10/doc/userguide/suricata.1 2023-01-31 06:31:47.000000000 +0000 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SURICATA" "1" "Nov 28, 2022" "6.0.9" "Suricata" +.TH "SURICATA" "1" "Jan 31, 2023" "6.0.10" "Suricata" .SH NAME suricata \- Suricata . @@ -522,6 +522,6 @@ .UNINDENT .UNINDENT .SH COPYRIGHT -2016-2022, OISF +2016-2023, OISF .\" Generated by docutils manpage writer. . diff -Nru suricata-6.0.9/doc/userguide/suricatactl.1 suricata-6.0.10/doc/userguide/suricatactl.1 --- suricata-6.0.9/doc/userguide/suricatactl.1 2022-11-28 06:37:41.000000000 +0000 +++ suricata-6.0.10/doc/userguide/suricatactl.1 2023-01-31 06:31:47.000000000 +0000 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SURICATACTL" "1" "Nov 28, 2022" "6.0.9" "Suricata" +.TH "SURICATACTL" "1" "Jan 31, 2023" "6.0.10" "Suricata" .SH NAME suricatactl \- Suricata Control . @@ -68,6 +68,6 @@ .UNINDENT .UNINDENT .SH COPYRIGHT -2016-2022, OISF +2016-2023, OISF .\" Generated by docutils manpage writer. . diff -Nru suricata-6.0.9/doc/userguide/suricatactl-filestore.1 suricata-6.0.10/doc/userguide/suricatactl-filestore.1 --- suricata-6.0.9/doc/userguide/suricatactl-filestore.1 2022-11-28 06:37:41.000000000 +0000 +++ suricata-6.0.10/doc/userguide/suricatactl-filestore.1 2023-01-31 06:31:47.000000000 +0000 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SURICATACTL-FILESTORE" "1" "Nov 28, 2022" "6.0.9" "Suricata" +.TH "SURICATACTL-FILESTORE" "1" "Jan 31, 2023" "6.0.10" "Suricata" .SH NAME suricatactl-filestore \- Perform actions on filestore . @@ -89,6 +89,6 @@ .UNINDENT .UNINDENT .SH COPYRIGHT -2016-2022, OISF +2016-2023, OISF .\" Generated by docutils manpage writer. . diff -Nru suricata-6.0.9/doc/userguide/suricatasc.1 suricata-6.0.10/doc/userguide/suricatasc.1 --- suricata-6.0.9/doc/userguide/suricatasc.1 2022-11-28 06:37:41.000000000 +0000 +++ suricata-6.0.10/doc/userguide/suricatasc.1 2023-01-31 06:31:47.000000000 +0000 @@ -1,6 +1,6 @@ .\" Man page generated from reStructuredText. . -.TH "SURICATASC" "1" "Nov 28, 2022" "6.0.9" "Suricata" +.TH "SURICATASC" "1" "Jan 31, 2023" "6.0.10" "Suricata" .SH NAME suricatasc \- Tool to interact via unix socket . @@ -239,6 +239,6 @@ .UNINDENT .UNINDENT .SH COPYRIGHT -2016-2022, OISF +2016-2023, OISF .\" Generated by docutils manpage writer. . Binary files /tmp/tmpqcqlgbst/Oh7omgW972/suricata-6.0.9/doc/userguide/userguide.pdf and /tmp/tmpqcqlgbst/1Is2Qw_HZe/suricata-6.0.10/doc/userguide/userguide.pdf differ diff -Nru suricata-6.0.9/python/Makefile.in suricata-6.0.10/python/Makefile.in --- suricata-6.0.9/python/Makefile.in 2022-11-28 06:35:27.000000000 +0000 +++ suricata-6.0.10/python/Makefile.in 2023-01-31 06:30:31.000000000 +0000 @@ -459,9 +459,9 @@ maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -@HAVE_PYTHON_FALSE@install-exec-local: -@HAVE_PYTHON_FALSE@clean-local: @HAVE_PYTHON_FALSE@uninstall-local: +@HAVE_PYTHON_FALSE@clean-local: +@HAVE_PYTHON_FALSE@install-exec-local: clean: clean-am clean-am: clean-generic clean-libtool clean-local mostlyclean-am diff -Nru suricata-6.0.9/rules/decoder-events.rules suricata-6.0.10/rules/decoder-events.rules --- suricata-6.0.9/rules/decoder-events.rules 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/rules/decoder-events.rules 2023-01-31 06:26:24.000000000 +0000 @@ -67,7 +67,8 @@ alert pkthdr any any -> any any (msg:"SURICATA TCP duplicated option"; decode-event:tcp.opt_duplicate; classtype:protocol-command-decode; sid:2200037; rev:2;) alert pkthdr any any -> any any (msg:"SURICATA UDP packet too small"; decode-event:udp.pkt_too_small; classtype:protocol-command-decode; sid:2200038; rev:2;) alert pkthdr any any -> any any (msg:"SURICATA UDP header length too small"; decode-event:udp.hlen_too_small; classtype:protocol-command-decode; sid:2200039; rev:2;) -alert pkthdr any any -> any any (msg:"SURICATA UDP invalid header length"; decode-event:udp.hlen_invalid; classtype:protocol-command-decode; sid:2200040; rev:2;) +# 2200040 "udp.hlen_invalid" has been retired. +alert pkthdr any any -> any any (msg:"SURICATA UDP invalid length field in the header"; decode-event:udp.len_invalid; classtype:protocol-command-decode; sid:2200120; rev:2;) alert pkthdr any any -> any any (msg:"SURICATA SLL packet too small"; decode-event:sll.pkt_too_small; classtype:protocol-command-decode; sid:2200041; rev:2;) alert pkthdr any any -> any any (msg:"SURICATA Ethernet packet too small"; decode-event:ethernet.pkt_too_small; classtype:protocol-command-decode; sid:2200042; rev:2;) alert pkthdr any any -> any any (msg:"SURICATA PPP packet too small"; decode-event:ppp.pkt_too_small; classtype:protocol-command-decode; sid:2200043; rev:2;) @@ -150,5 +151,5 @@ alert pkthdr any any -> any any (msg:"SURICATA packet with too many layers"; decode-event:too_many_layers; classtype:protocol-command-decode; sid:2200116; rev:1;) -# next sid is 2200120 +# next sid is 2200121 diff -Nru suricata-6.0.9/rust/src/dcerpc/dcerpc.rs suricata-6.0.10/rust/src/dcerpc/dcerpc.rs --- suricata-6.0.9/rust/src/dcerpc/dcerpc.rs 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/rust/src/dcerpc/dcerpc.rs 2023-01-31 06:26:24.000000000 +0000 @@ -337,7 +337,7 @@ pub buffer_tc: Vec, pub pad: u8, pub padleft: u16, - pub bytes_consumed: u16, + pub bytes_consumed: i32, pub tx_id: u64, pub query_completed: bool, pub data_needed_for_dir: u8, @@ -1020,7 +1020,7 @@ // Check if header data was complete. In case of EoF or incomplete data, wait for more // data else return error - if self.bytes_consumed < DCERPC_HDR_LEN && input_len > 0 { + if self.bytes_consumed < DCERPC_HDR_LEN.into() && input_len > 0 { parsed = self.process_header(&buffer); if parsed == -1 { self.extend_buffer(buffer, direction); @@ -1029,7 +1029,7 @@ if parsed == -2 { return AppLayerResult::err(); } - self.bytes_consumed += parsed as u16; + self.bytes_consumed += parsed; } let fraglen = self.get_hdr_fraglen().unwrap_or(0); @@ -1041,7 +1041,7 @@ } else { self.query_completed = true; } - parsed = self.bytes_consumed as i32; + parsed = self.bytes_consumed; let current_call_id = self.get_hdr_call_id().unwrap_or(0); @@ -1112,7 +1112,7 @@ return AppLayerResult::err(); } } - self.bytes_consumed += retval as u16; + self.bytes_consumed += retval; // If the query has been completed, clean the buffer and reset the direction if self.query_completed == true { diff -Nru suricata-6.0.9/rust/src/filetracker.rs suricata-6.0.10/rust/src/filetracker.rs --- suricata-6.0.9/rust/src/filetracker.rs 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/rust/src/filetracker.rs 2023-01-31 06:26:24.000000000 +0000 @@ -120,6 +120,9 @@ files.file_close(&self.track_id, myflags); SCLogDebug!("truncated file"); self.file_is_truncated = true; + self.chunks.clear(); + self.in_flight = 0; + self.cur_ooo = 0; } pub fn create(&mut self, _name: &[u8], _file_size: u64) { @@ -157,6 +160,9 @@ self.fill_bytes = fill_bytes; self.chunk_is_last = is_last; + if self.file_is_truncated { + return 0; + } if self.file_open == false { SCLogDebug!("NEW CHUNK: FILE OPEN"); self.track_id = *xid; @@ -176,6 +182,11 @@ /// If gap_size > 0 'data' should not be used. /// return how much we consumed of data pub fn update(&mut self, files: &mut FileContainer, flags: u16, data: &[u8], gap_size: u32) -> u32 { + if self.file_is_truncated { + let consumed = std::cmp::min(data.len() as u32, self.chunk_left); + self.chunk_left = self.chunk_left.saturating_sub(data.len() as u32); + return consumed; + } let mut consumed = 0 as usize; let is_gap = gap_size > 0; if is_gap || gap_size > 0 { diff -Nru suricata-6.0.9/rust/src/log.rs suricata-6.0.10/rust/src/log.rs --- suricata-6.0.9/rust/src/log.rs 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/rust/src/log.rs 2023-01-31 06:26:24.000000000 +0000 @@ -59,8 +59,8 @@ fn basename(filename: &str) -> &str { let path = Path::new(filename); - for os_str in path.file_name() { - for basename in os_str.to_str() { + if let Some(os_str) = path.file_name() { + if let Some(basename) = os_str.to_str() { return basename; } } diff -Nru suricata-6.0.9/rust/src/nfs/nfs2_records.rs suricata-6.0.10/rust/src/nfs/nfs2_records.rs --- suricata-6.0.9/rust/src/nfs/nfs2_records.rs 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/rust/src/nfs/nfs2_records.rs 2023-01-31 06:26:24.000000000 +0000 @@ -79,7 +79,7 @@ status: be_u32 >> attr_blob: take!(68) >> data_len: be_u32 - >> data_contents: rest + >> data_contents: take!(data_len) >> ( NfsReplyRead { status, diff -Nru suricata-6.0.9/rust/src/nfs/nfs4.rs suricata-6.0.10/rust/src/nfs/nfs4.rs --- suricata-6.0.9/rust/src/nfs/nfs4.rs 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/rust/src/nfs/nfs4.rs 2023-01-31 06:26:24.000000000 +0000 @@ -51,6 +51,11 @@ fill_bytes = 4 - pad; } + // linux defines a max of 1mb. Allow several multiples. + if w.write_len == 0 || w.write_len > 16777216 { + return; + } + let file_handle = fh.to_vec(); let file_name = if let Some(name) = self.namemap.get(fh) { SCLogDebug!("WRITE name {:?}", name); @@ -96,8 +101,8 @@ } } self.ts_chunk_xid = r.hdr.xid; - let file_data_len = w.data.len() as u32 - fill_bytes as u32; - self.ts_chunk_left = w.write_len as u32 - file_data_len as u32; + debug_validate_bug_on!(w.data.len() as u32 > w.write_len); + self.ts_chunk_left = w.write_len as u32 - w.data.len() as u32; } fn close_v4<'b>(&mut self, r: &RpcPacket<'b>, fh: &'b[u8]) diff -Nru suricata-6.0.9/rust/src/smb/files.rs suricata-6.0.10/rust/src/smb/files.rs --- suricata-6.0.9/rust/src/smb/files.rs 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/rust/src/smb/files.rs 2023-01-31 06:26:24.000000000 +0000 @@ -117,7 +117,32 @@ return (tx_ref.unwrap(), files, flags) } - pub fn get_file_tx_by_fuid(&mut self, fuid: &Vec, direction: u8) + /// get file tx for a open file. Returns None if a file for the fuid exists, + /// but has already been closed. + pub fn get_file_tx_by_fuid_with_open_file(&mut self, fuid: &[u8], direction: u8) + -> Option<(&mut SMBTransaction, &mut FileContainer, u16)> + { + let f = fuid.to_vec(); + for tx in &mut self.transactions { + let found = match tx.type_data { + Some(SMBTransactionTypeData::FILE(ref mut d)) => { + direction == d.direction && f == d.fuid && !d.file_tracker.is_done() + }, + _ => { false }, + }; + + if found { + SCLogDebug!("SMB: Found SMB file TX with ID {}", tx.id); + let (files, flags) = self.files.get(direction); + return Some((tx, files, flags)); + } + } + SCLogDebug!("SMB: Failed to find SMB TX with FUID {:?}", fuid); + return None; + } + + /// get file tx for a fuid. File may already have been closed. + pub fn get_file_tx_by_fuid(&mut self, fuid: &[u8], direction: u8) -> Option<(&mut SMBTransaction, &mut FileContainer, u16)> { let f = fuid.to_vec(); diff -Nru suricata-6.0.9/rust/src/smb/ntlmssp_records.rs suricata-6.0.10/rust/src/smb/ntlmssp_records.rs --- suricata-6.0.9/rust/src/smb/ntlmssp_records.rs 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/rust/src/smb/ntlmssp_records.rs 2023-01-31 06:26:24.000000000 +0000 @@ -16,9 +16,10 @@ */ use nom::IResult; -use nom::combinator::{cond, rest}; +use nom::combinator::{cond, rest, verify}; use nom::number::streaming::{le_u8, le_u16, le_u32}; -use nom::bytes::streaming:: take; +use nom::Err; +use nom::error::{ErrorKind, make_error}; #[derive(Debug,PartialEq)] pub struct NTLMSSPVersion { @@ -63,7 +64,24 @@ bits!(i, tuple!(take_bits!(6u8),take_bits!(1u8),take_bits!(25u32))) } +const NTLMSSP_IDTYPE_LEN: usize = 12; + +fn extract_ntlm_substring(i: &[u8], offset: u32, length: u16) -> IResult<&[u8], &[u8]> { + if offset < NTLMSSP_IDTYPE_LEN as u32 { + return Err(Err::Error(make_error(i, ErrorKind::LengthValue))); + } + let start = offset as usize - NTLMSSP_IDTYPE_LEN; + let end = offset as usize + length as usize - NTLMSSP_IDTYPE_LEN; + if i.len() < end { + return Err(Err::Error(make_error(i, ErrorKind::LengthValue))); + } + return Ok((i, &i[start..end])); +} + pub fn parse_ntlm_auth_record(i: &[u8]) -> IResult<&[u8], NTLMSSPAuthRecord> { + let orig_i = i; + let record_len = i.len() + NTLMSSP_IDTYPE_LEN; // idenfier (8) and type (4) are cut before we are called + let (i, _lm_blob_len) = le_u16(i)?; let (i, _lm_blob_maxlen) = le_u16(i)?; let (i, _lm_blob_offset) = le_u32(i)?; @@ -78,28 +96,23 @@ let (i, user_blob_len) = le_u16(i)?; let (i, _user_blob_maxlen) = le_u16(i)?; - let (i, _user_blob_offset) = le_u32(i)?; + let (i, user_blob_offset) = verify(le_u32, |&v| (v as usize) < record_len)(i)?; let (i, host_blob_len) = le_u16(i)?; let (i, _host_blob_maxlen) = le_u16(i)?; - let (i, _host_blob_offset) = le_u32(i)?; + let (i, host_blob_offset) = verify(le_u32, |&v| (v as usize) < record_len)(i)?; let (i, _ssnkey_blob_len) = le_u16(i)?; let (i, _ssnkey_blob_maxlen) = le_u16(i)?; let (i, _ssnkey_blob_offset) = le_u32(i)?; let (i, nego_flags) = parse_ntlm_auth_nego_flags(i)?; - let (i, version) = cond(nego_flags.1==1, parse_ntlm_auth_version)(i)?; + let (_, version) = cond(nego_flags.1==1, parse_ntlm_auth_version)(i)?; - // subtrack 12 as idenfier (8) and type (4) are cut before we are called - // subtract 60 for the len/offset/maxlen fields above - let (i, _) = cond(nego_flags.1==1 && domain_blob_offset > 72, |b| take(domain_blob_offset - (12 + 60))(b))(i)?; - // or 52 if we have no version - let (i, _) = cond(nego_flags.1==0 && domain_blob_offset > 64, |b| take(domain_blob_offset - (12 + 52))(b))(i)?; - - let (i, domain_blob) = take(domain_blob_len)(i)?; - let (i, user_blob) = take(user_blob_len)(i)?; - let (i, host_blob) = take(host_blob_len)(i)?; + // Caller does not care about remaining input... + let (_, domain_blob) = extract_ntlm_substring(orig_i, domain_blob_offset, domain_blob_len)?; + let (_, user_blob) = extract_ntlm_substring(orig_i, user_blob_offset, user_blob_len)?; + let (_, host_blob) = extract_ntlm_substring(orig_i, host_blob_offset, host_blob_len)?; let record = NTLMSSPAuthRecord { domain: domain_blob, diff -Nru suricata-6.0.9/rust/src/smb/smb1.rs suricata-6.0.10/rust/src/smb/smb1.rs --- suricata-6.0.9/rust/src/smb/smb1.rs 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/rust/src/smb/smb1.rs 2023-01-31 06:26:24.000000000 +0000 @@ -897,7 +897,7 @@ None => b"".to_vec(), }; let mut set_event_fileoverlap = false; - let found = match state.get_file_tx_by_fuid(&file_fid, STREAM_TOSERVER) { + let found = match state.get_file_tx_by_fuid_with_open_file(&file_fid, STREAM_TOSERVER) { Some((tx, files, flags)) => { let file_id : u32 = tx.id as u32; if let Some(SMBTransactionTypeData::FILE(ref mut tdf)) = tx.type_data { @@ -990,7 +990,7 @@ None => Vec::new(), }; let mut set_event_fileoverlap = false; - let found = match state.get_file_tx_by_fuid(&file_fid, STREAM_TOCLIENT) { + let found = match state.get_file_tx_by_fuid_with_open_file(&file_fid, STREAM_TOCLIENT) { Some((tx, files, flags)) => { if let Some(SMBTransactionTypeData::FILE(ref mut tdf)) = tx.type_data { let file_id : u32 = tx.id as u32; diff -Nru suricata-6.0.9/rust/src/smb/smb2.rs suricata-6.0.10/rust/src/smb/smb2.rs --- suricata-6.0.9/rust/src/smb/smb2.rs 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/rust/src/smb/smb2.rs 2023-01-31 06:26:24.000000000 +0000 @@ -156,7 +156,7 @@ let mut set_event_fileoverlap = false; // look up existing tracker and if we have it update it - let found = match state.get_file_tx_by_fuid(&file_guid, STREAM_TOCLIENT) { + let found = match state.get_file_tx_by_fuid_with_open_file(&file_guid, STREAM_TOCLIENT) { Some((tx, files, flags)) => { if let Some(SMBTransactionTypeData::FILE(ref mut tdf)) = tx.type_data { let file_id : u32 = tx.id as u32; @@ -297,7 +297,7 @@ }; let mut set_event_fileoverlap = false; - let found = match state.get_file_tx_by_fuid(&file_guid, STREAM_TOSERVER) { + let found = match state.get_file_tx_by_fuid_with_open_file(&file_guid, STREAM_TOSERVER) { Some((tx, files, flags)) => { if let Some(SMBTransactionTypeData::FILE(ref mut tdf)) = tx.type_data { let file_id : u32 = tx.id as u32; diff -Nru suricata-6.0.9/rust/src/smb/smb.rs suricata-6.0.10/rust/src/smb/smb.rs --- suricata-6.0.9/rust/src/smb/smb.rs 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/rust/src/smb/smb.rs 2023-01-31 06:26:24.000000000 +0000 @@ -51,12 +51,12 @@ use crate::smb::files::*; use crate::smb::smb2_ioctl::*; -pub static mut SMB_CFG_MAX_READ_SIZE: u32 = 0; -pub static mut SMB_CFG_MAX_READ_QUEUE_SIZE: u32 = 0; -pub static mut SMB_CFG_MAX_READ_QUEUE_CNT: u32 = 0; -pub static mut SMB_CFG_MAX_WRITE_SIZE: u32 = 0; -pub static mut SMB_CFG_MAX_WRITE_QUEUE_SIZE: u32 = 0; -pub static mut SMB_CFG_MAX_WRITE_QUEUE_CNT: u32 = 0; +pub static mut SMB_CFG_MAX_READ_SIZE: u32 = 16777216; +pub static mut SMB_CFG_MAX_READ_QUEUE_SIZE: u32 = 67108864; +pub static mut SMB_CFG_MAX_READ_QUEUE_CNT: u32 = 64; +pub static mut SMB_CFG_MAX_WRITE_SIZE: u32 = 16777216; +pub static mut SMB_CFG_MAX_WRITE_QUEUE_SIZE: u32 = 67108864; +pub static mut SMB_CFG_MAX_WRITE_QUEUE_CNT: u32 = 64; pub const MIN_REC_SIZE: u16 = 32 + 4; // SMB hdr + nbss hdr @@ -2260,4 +2260,9 @@ SMB_CFG_MAX_WRITE_QUEUE_CNT = max_write_queue_cnt; SMB_CFG_MAX_READ_QUEUE_SIZE = max_read_queue_size; SMB_CFG_MAX_READ_QUEUE_CNT = max_read_queue_cnt; + + SCLogConfig!("read: max record size: {}, max queued chunks {}, max queued size {}", + SMB_CFG_MAX_READ_SIZE, SMB_CFG_MAX_READ_QUEUE_CNT, SMB_CFG_MAX_READ_QUEUE_SIZE); + SCLogConfig!("write: max record size: {}, max queued chunks {}, max queued size {}", + SMB_CFG_MAX_WRITE_SIZE, SMB_CFG_MAX_WRITE_QUEUE_CNT, SMB_CFG_MAX_WRITE_QUEUE_SIZE); } diff -Nru suricata-6.0.9/rust/vendor/brotli-decompressor/.cargo-checksum.json suricata-6.0.10/rust/vendor/brotli-decompressor/.cargo-checksum.json --- suricata-6.0.9/rust/vendor/brotli-decompressor/.cargo-checksum.json 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/brotli-decompressor/.cargo-checksum.json 2023-01-31 06:31:40.000000000 +0000 @@ -1 +1 @@ -{"files":{"Cargo.lock":"688331482ab03495bc31de7cbfba6b05da02625bb85ccbc91351d800f1078edc","Cargo.toml":"96b69d921e162dd90d770e4f0def82ab820651611238b7ad603426dfedec6b60","LICENSE":"c0c56f26d9c051cac4d200c34c84e7ae9aaa853e01a982a1df08b09931e518ae","README.md":"6a9ce1bb4220db0dce593b193c76aa60816e9facf6ebef5a14ba7b1b8a0aff17","examples/decompress.rs":"a9e7e23279b667ed1859464e35b52343e224c133421c42945afa735e9830d182","rustfmt.toml":"e38d9677ca881648112d3d69529f58efe0ac3316d35d51c527a5bcdbfd21dcf0","src/bin/brotli-decompressor.rs":"28719128c232dd0f634beacafd93a4356a44d0df1d49534e95f12feda3c709cf","src/bin/error_handling_tests.rs":"31bc213c89b4da16b47124a39c99c07a2109ec3f657c571840985c9884a4df34","src/bin/integration_tests.rs":"849b190df5f9089a4467ad914aa8d78437be5690b44e0acd704b2090d45cc64c","src/bin/ipsum.brotli":"74106184c7abce3075914e8147e664e6a0c6ee0184d8a4a585be557ad2f8aede","src/bin/ipsum.raw":"dd598301a25441eeb17800b4d4f6b16a36942586479d57d71863c7173390b5c4","src/bin/ipsum_gen.py":"9b4824588a75449acfbc6d87a5217aa225384e0d4523cb6228c89064762201d4","src/bin/tests.rs":"662fd6e3978a7636fc2ff4caef176c4c64d11818624454ef60ef638a2bcf930b","src/bit_reader/mod.rs":"5cba48412e6300d5b72b60bae8e04da6ca7a2b138697f9b0cf32286b67800a2d","src/brotli_alloc.rs":"997338adbc0292a6df1ac5fc3a74e4837110be4b023a13e9d7b8ddc20d12cb02","src/context.rs":"8fe7865962916fa7ce820b9fb407e6a2dd9b9c373191ad4a41c507b6be373e40","src/decode.rs":"a24ceefffad458daac56df5141d926e9670f444909814f93941e1f01b830f21c","src/dictionary/mod.rs":"e04c7480c6fb72d5971167d30a9d9936ac85da092f491abcca6d29d8aefaccdf","src/ffi/alloc_util.rs":"d7a1d7ead3d9b9dc14d10e9c754b96c9ae292d35273c63bf398f172ce7020689","src/ffi/interface.rs":"3afac9d4efc04e599e615bf02143f7f28a4e7bd2d10619a088994875d262151f","src/ffi/mod.rs":"538fd3dbb29aa2ada26d04b309c4bb700c8a0ba92352d0909a53433e7c717e98","src/huffman/mod.rs":"3c0e0efcdfea10b6254d57b7535a1b97f0bb02262ebd243c22e3b4505baab9d0","src/huffman/tests.rs":"58d149830204e768f51a67317d70db0a008df8beec6c7035dab15680efefa49f","src/io_wrappers.rs":"0d51cc59268a5992d53ae88b89b27ee5c97cb5cd3ce0be3c1c53fb186869a4df","src/lib.rs":"11b3dc90042d26c14de138993979bd2ecfaac6ea1c276e46626601530137b655","src/memory.rs":"ff6ee2f73da001d4ab74d1fd93ea49ee53440ca9b78a9490ed58a162d346c1d4","src/prefix.rs":"97103858450ab5c81747e0307c427a73d1fa7cf038435d0ad938ce55a25ee04a","src/reader.rs":"501dde8740a10d25fbb07886af962169e40ea3749458287d9072f7145f37448f","src/state.rs":"61d3e342d22ab5748f8397d45a8c90d72b99d8f55fb98f9fe3d442144ae6d565","src/test.rs":"7e05cc901880f58e4e1e9d4d27c0e88bf12ea7a2102b0c0451528b767189a949","src/transform.rs":"d0f20a8c164bc28f7bba71e5b1e80d01ac55df48fa25eae53127dfb1970adffb","src/writer.rs":"6ea89bbbfea5df09190415f490e7ff1785f939d8ad221cef30df79368d633077"},"package":"59ad2d4653bf5ca36ae797b1f4bb4dbddb60ce49ca4aed8a2ce4829f60425b80"} \ No newline at end of file +{"files":{"Cargo.lock":"304a4f6e1da807da9a9bc0cb76d7f63e0a30d898295d0630718c96fa2c554740","Cargo.toml":"95418dcb05244319453cdffb0eed9c36f31a6d25c05c028da2adf702cbb078e9","LICENSE":"c0c56f26d9c051cac4d200c34c84e7ae9aaa853e01a982a1df08b09931e518ae","README.md":"630df0e789b3ea9d0afd710f274a3d5041f4071135e5e45ecb9da00f01a72cd6","examples/decompress.rs":"a9e7e23279b667ed1859464e35b52343e224c133421c42945afa735e9830d182","rustfmt.toml":"e38d9677ca881648112d3d69529f58efe0ac3316d35d51c527a5bcdbfd21dcf0","src/bin/brotli-decompressor.rs":"28719128c232dd0f634beacafd93a4356a44d0df1d49534e95f12feda3c709cf","src/bin/error_handling_tests.rs":"31bc213c89b4da16b47124a39c99c07a2109ec3f657c571840985c9884a4df34","src/bin/integration_tests.rs":"849b190df5f9089a4467ad914aa8d78437be5690b44e0acd704b2090d45cc64c","src/bin/ipsum.brotli":"74106184c7abce3075914e8147e664e6a0c6ee0184d8a4a585be557ad2f8aede","src/bin/ipsum.raw":"dd598301a25441eeb17800b4d4f6b16a36942586479d57d71863c7173390b5c4","src/bin/ipsum_gen.py":"9b4824588a75449acfbc6d87a5217aa225384e0d4523cb6228c89064762201d4","src/bin/tests.rs":"a16f1c28812ee735fe14fd9c70a3f1dc226607aa4301b48c74a8ff35be4c3ec5","src/bit_reader/mod.rs":"5cba48412e6300d5b72b60bae8e04da6ca7a2b138697f9b0cf32286b67800a2d","src/brotli_alloc.rs":"997338adbc0292a6df1ac5fc3a74e4837110be4b023a13e9d7b8ddc20d12cb02","src/context.rs":"8fe7865962916fa7ce820b9fb407e6a2dd9b9c373191ad4a41c507b6be373e40","src/decode.rs":"a24ceefffad458daac56df5141d926e9670f444909814f93941e1f01b830f21c","src/dictionary/mod.rs":"e04c7480c6fb72d5971167d30a9d9936ac85da092f491abcca6d29d8aefaccdf","src/ffi/alloc_util.rs":"5fe0a71d277325d9cd5b62c8df8c5effd85fc949b1c67aee445a34f4e59de514","src/ffi/interface.rs":"3afac9d4efc04e599e615bf02143f7f28a4e7bd2d10619a088994875d262151f","src/ffi/mod.rs":"538fd3dbb29aa2ada26d04b309c4bb700c8a0ba92352d0909a53433e7c717e98","src/huffman/mod.rs":"3c0e0efcdfea10b6254d57b7535a1b97f0bb02262ebd243c22e3b4505baab9d0","src/huffman/tests.rs":"58d149830204e768f51a67317d70db0a008df8beec6c7035dab15680efefa49f","src/io_wrappers.rs":"0d51cc59268a5992d53ae88b89b27ee5c97cb5cd3ce0be3c1c53fb186869a4df","src/lib.rs":"11b3dc90042d26c14de138993979bd2ecfaac6ea1c276e46626601530137b655","src/memory.rs":"ff6ee2f73da001d4ab74d1fd93ea49ee53440ca9b78a9490ed58a162d346c1d4","src/prefix.rs":"97103858450ab5c81747e0307c427a73d1fa7cf038435d0ad938ce55a25ee04a","src/reader.rs":"abe22c960d45b03944702e6049afcefbbfaa7456a4c12837e0ef17d8153c2283","src/state.rs":"61d3e342d22ab5748f8397d45a8c90d72b99d8f55fb98f9fe3d442144ae6d565","src/test.rs":"7e05cc901880f58e4e1e9d4d27c0e88bf12ea7a2102b0c0451528b767189a949","src/transform.rs":"d0f20a8c164bc28f7bba71e5b1e80d01ac55df48fa25eae53127dfb1970adffb","src/writer.rs":"57e1cbceb74cd112303f3cfa41cf6cc8e143f27c5d110923f66d293f44271ede"},"package":"4b6561fd3f895a11e8f72af2cb7d22e08366bebc2b6b57f7744c4bda27034744"} \ No newline at end of file diff -Nru suricata-6.0.9/rust/vendor/brotli-decompressor/Cargo.lock suricata-6.0.10/rust/vendor/brotli-decompressor/Cargo.lock --- suricata-6.0.9/rust/vendor/brotli-decompressor/Cargo.lock 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/brotli-decompressor/Cargo.lock 2023-01-31 06:31:40.000000000 +0000 @@ -4,22 +4,22 @@ [[package]] name = "alloc-no-stdlib" -version = "2.0.2" +version = "2.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "80b0b4f7e4cf50c7e3acb162a9e601f43a977f7eda1b9a92f81803b47e6df547" +checksum = "cc7bb162ec39d46ab1ca8c77bf72e890535becd1751bb45f64c597edb4c8c6b3" [[package]] name = "alloc-stdlib" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "697ed7edc0f1711de49ce108c541623a0af97c6c60b2f6e2b65229847ac843c2" +checksum = "94fb8275041c72129eb51b7d0322c29b8387a0386127718b096429201a5d6ece" dependencies = [ "alloc-no-stdlib", ] [[package]] name = "brotli-decompressor" -version = "2.3.2" +version = "2.3.4" dependencies = [ "alloc-no-stdlib", "alloc-stdlib", diff -Nru suricata-6.0.9/rust/vendor/brotli-decompressor/Cargo.toml suricata-6.0.10/rust/vendor/brotli-decompressor/Cargo.toml --- suricata-6.0.9/rust/vendor/brotli-decompressor/Cargo.toml 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/brotli-decompressor/Cargo.toml 2023-01-31 06:31:40.000000000 +0000 @@ -3,26 +3,35 @@ # When uploading crates to the registry Cargo will automatically # "normalize" Cargo.toml files for maximal compatibility # with all versions of Cargo and also rewrite `path` dependencies -# to registry (e.g., crates.io) dependencies +# to registry (e.g., crates.io) dependencies. # -# If you believe there's an error in this file please file an -# issue against the rust-lang/cargo repository. If you're -# editing this file be aware that the upstream Cargo.toml -# will likely look very different (and much more reasonable) +# If you are reading this file be aware that the original Cargo.toml +# will likely look very different (and much more reasonable). +# See Cargo.toml.orig for the original contents. [package] name = "brotli-decompressor" -version = "2.3.2" -authors = ["Daniel Reiter Horn ", "The Brotli Authors"] +version = "2.3.4" +authors = [ + "Daniel Reiter Horn ", + "The Brotli Authors", +] exclude = ["testdata/*"] autobins = false description = "A brotli decompressor that with an interface avoiding the rust stdlib. This makes it suitable for embedded devices and kernels. It is designed with a pluggable allocator so that the standard lib's allocator may be employed. The default build also includes a stdlib allocator and stream interface. Disable this with --features=no-stdlib. Alternatively, --features=unsafe turns off array bounds checks and memory initialization but provides a safe interface for the caller. Without adding the --features=unsafe argument, all included code is safe. For compression in addition to this library, download https://github.com/dropbox/rust-brotli " homepage = "https://github.com/dropbox/rust-brotli-decompressor" documentation = "https://github.com/dropbox/rust-brotli-decompressor/blob/master/README.md" readme = "README.md" -keywords = ["brotli", "decompression", "lz77", "huffman", "nostd"] +keywords = [ + "brotli", + "decompression", + "lz77", + "huffman", + "nostd", +] license = "BSD-3-Clause/MIT" repository = "https://github.com/dropbox/rust-brotli-decompressor" + [profile.release] lto = true incremental = false @@ -30,6 +39,7 @@ [[bin]] name = "brotli-decompressor" doc = false + [dependencies.alloc-no-stdlib] version = "~2.0" @@ -44,4 +54,7 @@ pass-through-ffi-panics = [] seccomp = [] std = ["alloc-stdlib"] -unsafe = ["alloc-no-stdlib/unsafe", "alloc-stdlib/unsafe"] +unsafe = [ + "alloc-no-stdlib/unsafe", + "alloc-stdlib/unsafe", +] diff -Nru suricata-6.0.9/rust/vendor/brotli-decompressor/README.md suricata-6.0.10/rust/vendor/brotli-decompressor/README.md --- suricata-6.0.9/rust/vendor/brotli-decompressor/README.md 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/brotli-decompressor/README.md 2023-01-31 06:31:40.000000000 +0000 @@ -1,8 +1,16 @@ # rust-brotli-decompressor -[![crates.io](https://meritbadge.herokuapp.com/brotli-decompressor)](https://crates.io/crates/brotli-decompressor) +[![crates.io](https://img.shields.io/crates/v/brotli-decompressor.svg)](https://crates.io/crates/brotli-decompressor) [![Build Status](https://travis-ci.org/dropbox/rust-brotli-decompressor.svg?branch=master)](https://travis-ci.org/dropbox/rust-brotli-decompressor) +## What's new in version 2.3.4 +* Check for fully consumed buffers in the decompressor reader/writer. + +## What's new in version 2.3.x +* Error handling for Write and Read implementations. +* Fixed issue with small buffer sizes on certain files when repeatedly calling Decode stream +* Expose BrotliDecoderIsFinished + ## What's new in version 2.2.x * into_impl for reader and writer classes * removed BrotliStateCleanup since it happens upon drop() @@ -14,7 +22,7 @@ * Never create slice::from_raw_parts with nil * Better panic reporting to C FFI * Backport fixes to brotli issues 502 and 506 - +b ## What's new in version 2.0.0 * Legacy Custom dictionaries (mostly useful for testing multithreaded brotli encoding and experimentation) diff -Nru suricata-6.0.9/rust/vendor/brotli-decompressor/src/bin/tests.rs suricata-6.0.10/rust/vendor/brotli-decompressor/src/bin/tests.rs --- suricata-6.0.9/rust/vendor/brotli-decompressor/src/bin/tests.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/brotli-decompressor/src/bin/tests.rs 2023-01-31 06:31:40.000000000 +0000 @@ -1,8 +1,9 @@ #![cfg(test)] extern crate core; -use std::io; +use std::io::{self, Write, Read}; use core::cmp; + struct Buffer { data: Vec, read_offset: usize, @@ -72,6 +73,89 @@ } +fn ok_one_byte_brotli(b: u8) -> bool{ + b == 6 || b == 26 || b== 51 || + b == 53 || b == 55 || b == 57 || + b == 59 || b == 61 || b == 63 +} + +#[test] +fn test_one_byte_copier() { + for b in 0..256 { + let in_buf = [b as u8]; + let mut output = Buffer::new(&[]); + let mut input = super::BrotliDecompressor::new(Buffer::new(&in_buf), 4096); + match copy_from_to(&mut input, &mut output) { + Ok(_) => if ok_one_byte_brotli(in_buf[0]) { + assert_eq!(output.data, &[]) + } else { + panic!("Expected error not {}", b) + }, + Err(e) => assert_eq!(e.kind(), io::ErrorKind::InvalidData), + } + } +} + +#[cfg(features="std")] +#[test] +fn test_one_byte_writer() { + for b in 0..256 { + let in_buf = [b as u8]; + let mut output = Buffer::new(&[]); + let mut writer = super::brotli_decompressor::DecompressorWriter::new(&mut output, 4096); + match writer.write(&in_buf) { + Ok(v) => { + if ok_one_byte_brotli(b as u8) { + writer.close().unwrap(); + } else { + assert_eq!(writer.close().unwrap_err().kind(), io::ErrorKind::InvalidData); + } + assert_eq!(v, 1); + }, + Err(e) => { + assert_eq!(e.kind(), io::ErrorKind::InvalidData); + assert!(!ok_one_byte_brotli(b as u8)); + } + } + } +} + + +#[cfg(features="std")] +#[test] +fn test_error_byte_writer() { + let in_buf = b"\x8f\x02\x80\x68\x65\x6c\x6c\x6f\x0a\x03\x67\x6f\x6f\x64\x62\x79\x65\x0a"; + let mut output = Buffer::new(&[]); + let mut writer = super::brotli_decompressor::DecompressorWriter::new(&mut output, 4096); + match writer.write_all(&in_buf[..]) { + Ok(_) => { + assert_eq!(writer.close().unwrap_err().kind(), io::ErrorKind::InvalidData); + }, + Err(e) => { + assert_eq!(e.kind(), io::ErrorKind::InvalidData); + } + } +} + +#[cfg(features="std")] +#[test] +fn test_one_byte_reader() { + for b in 0..256 { + let in_buf = [b as u8]; + let mut output = [0u8;1]; + let mut reader = super::brotli_decompressor::Decompressor::new(&in_buf[..], 4096); + match reader.read(&mut output) { + Ok(v) => { + assert!(ok_one_byte_brotli(b as u8)); + assert_eq!(v, 0); + }, + Err(e) => { + assert_eq!(e.kind(), io::ErrorKind::InvalidData); + assert!(!ok_one_byte_brotli(b as u8)); + } + } + } +} #[test] fn test_10x_10y() { diff -Nru suricata-6.0.9/rust/vendor/brotli-decompressor/src/ffi/alloc_util.rs suricata-6.0.10/rust/vendor/brotli-decompressor/src/ffi/alloc_util.rs --- suricata-6.0.9/rust/vendor/brotli-decompressor/src/ffi/alloc_util.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/brotli-decompressor/src/ffi/alloc_util.rs 2023-01-31 06:31:40.000000000 +0000 @@ -193,7 +193,8 @@ if let Some(free_fn) = self.alloc.free_func { unsafe {free_fn(self.alloc.opaque, core::mem::transmute::<*mut Ty, *mut c_void>(&mut bv.slice_mut()[0]))}; } - core::mem::replace(&mut bv, MemoryBlock::::default()); + let _ = core::mem::replace(&mut bv, + MemoryBlock::::default()); } else { panic!("Must provide allocators in no-stdlib code"); } @@ -214,7 +215,7 @@ #[cfg(feature="std")] pub unsafe fn free_stdlib(ptr: *mut T, size: usize) { let slice_ref = super::slice_from_raw_parts_or_nil_mut(ptr, size); - Box::from_raw(slice_ref); // free on drop + let _ = Box::from_raw(slice_ref); // free on drop } #[cfg(feature="std")] pub fn alloc_stdlib(size: usize) -> *mut T { diff -Nru suricata-6.0.9/rust/vendor/brotli-decompressor/src/reader.rs suricata-6.0.10/rust/vendor/brotli-decompressor/src/reader.rs --- suricata-6.0.9/rust/vendor/brotli-decompressor/src/reader.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/brotli-decompressor/src/reader.rs 2023-01-31 06:31:40.000000000 +0000 @@ -301,7 +301,7 @@ return Err(e); }, Ok(size) => if size == 0 { - return Err(self.error_if_invalid_data.take().unwrap()); + return self.error_if_invalid_data.take().map(|e| Err(e)).unwrap_or(Ok(0)); }else { self.input_len += size; avail_in = self.input_len - self.input_offset; @@ -311,11 +311,29 @@ BrotliResult::NeedsMoreOutput => { break; }, - BrotliResult::ResultSuccess => return Ok(output_offset), - BrotliResult::ResultFailure => return Err(self.error_if_invalid_data.take().unwrap()), + BrotliResult::ResultSuccess => { + if self.input_len != self.input_offset { + // Did not consume entire input; report error. + return self.error_if_invalid_data.take().map(|e| Err(e)).unwrap_or(Ok(output_offset)); + } + return Ok(output_offset); + } + BrotliResult::ResultFailure => return self.error_if_invalid_data.take().map(|e| Err(e)).unwrap_or(Ok(0)), } } Ok(output_offset) } } +#[cfg(feature="std")] +#[test] +fn test_no_vanishing_bytes() { + use std::string::ToString; + + // Output from this command: + let compressed_with_extra = b"\x8f\x02\x80\x68\x65\x6c\x6c\x6f\x0a\x03\x67\x6f\x6f\x64\x62\x79\x65\x0a"; + let cursor = std::io::Cursor::new(compressed_with_extra); + let mut reader = super::Decompressor::new(cursor, 8000); + assert_eq!(std::io::read_to_string(&mut reader).unwrap_err().kind(), io::ErrorKind::InvalidData); +} + diff -Nru suricata-6.0.9/rust/vendor/brotli-decompressor/src/writer.rs suricata-6.0.10/rust/vendor/brotli-decompressor/src/writer.rs --- suricata-6.0.9/rust/vendor/brotli-decompressor/src/writer.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/brotli-decompressor/src/writer.rs 2023-01-31 06:31:40.000000000 +0000 @@ -84,6 +84,21 @@ } } +#[cfg(feature="std")] +impl, + AllocU8 : Allocator, + AllocU32 : Allocator, + AllocHC : Allocator > DecompressorWriterCustomAlloc { + pub fn close(&mut self) -> Result<(), Error>{ + self.0.close() + } +} + #[cfg(not(any(feature="unsafe", not(feature="std"))))] pub struct DecompressorWriter(DecompressorWriterCustomAlloc DecompressorWriter { + pub fn close(&mut self) -> Result<(), Error>{ + self.0.close() + } +} #[cfg(feature="std")] impl Write for DecompressorWriter { fn write(&mut self, buf: &[u8]) -> Result { @@ -234,7 +254,7 @@ error_if_invalid_data : Some(invalid_data_error_type), } } - fn close(&mut self) -> Result<(), ErrType>{ + pub fn close(&mut self) -> Result<(), ErrType>{ loop { let mut avail_in : usize = 0; let mut input_offset : usize = 0; @@ -249,15 +269,21 @@ self.output_buffer.slice_mut(), &mut self.total_out, &mut self.state); + // already closed. + if self.error_if_invalid_data.is_none() { + return Ok(()); + } match write_all(self.output.as_mut().unwrap(), &self.output_buffer.slice_mut()[..output_offset]) { Ok(_) => {}, Err(e) => return Err(e), } match ret { - BrotliResult::NeedsMoreInput => return Err(self.error_if_invalid_data.take().unwrap()), + BrotliResult::NeedsMoreInput => return self.error_if_invalid_data.take().map(|e|Err(e)).unwrap_or(Ok(())), BrotliResult::NeedsMoreOutput => {}, - BrotliResult::ResultSuccess => return Ok(()), - BrotliResult::ResultFailure => return Err(self.error_if_invalid_data.take().unwrap()), + BrotliResult::ResultSuccess => { + return Ok(()); + }, + BrotliResult::ResultFailure => return self.error_if_invalid_data.take().map(|e|Err(e)).unwrap_or(Ok(())) } } } @@ -329,9 +355,16 @@ match op_result { BrotliResult::NeedsMoreInput => assert_eq!(avail_in, 0), BrotliResult::NeedsMoreOutput => continue, - BrotliResult::ResultSuccess => return Ok((buf.len())), - BrotliResult::ResultFailure => return Err(self.error_if_invalid_data.take().unwrap()), - } + BrotliResult::ResultSuccess => { + if input_offset != buf.len() { + // Did not utilize the full buffer; return error. + return self.error_if_invalid_data.take().map( + |e|Err(e)).unwrap_or(Ok(0)); + } + return Ok((buf.len())); + } + BrotliResult::ResultFailure => return self.error_if_invalid_data.take().map(|e|Err(e)).unwrap_or(Ok(0)), + } if avail_in == 0 { break } @@ -342,4 +375,3 @@ self.output.as_mut().unwrap().flush() } } - diff -Nru suricata-6.0.9/rust/vendor/libc/build.rs suricata-6.0.10/rust/vendor/libc/build.rs --- suricata-6.0.9/rust/vendor/libc/build.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/build.rs 2023-01-31 06:31:40.000000000 +0000 @@ -6,7 +6,7 @@ // Avoid unnecessary re-building. println!("cargo:rerun-if-changed=build.rs"); - let (rustc_minor_ver, is_nightly) = rustc_minor_nightly().expect("Failed to get rustc version"); + let (rustc_minor_ver, is_nightly) = rustc_minor_nightly(); let rustc_dep_of_std = env::var("CARGO_FEATURE_RUSTC_DEP_OF_STD").is_ok(); let align_cargo_feature = env::var("CARGO_FEATURE_ALIGN").is_ok(); let const_extern_fn_cargo_feature = env::var("CARGO_FEATURE_CONST_EXTERN_FN").is_ok(); @@ -112,23 +112,27 @@ } } -fn rustc_minor_nightly() -> Option<(u32, bool)> { +fn rustc_minor_nightly() -> (u32, bool) { macro_rules! otry { ($e:expr) => { match $e { Some(e) => e, - None => return None, + None => panic!("Failed to get rustc version"), } }; } let rustc = otry!(env::var_os("RUSTC")); - let output = otry!(Command::new(rustc).arg("--version").output().ok()); + let output = Command::new(rustc) + .arg("--version") + .output() + .ok() + .expect("Failed to get rustc version"); let version = otry!(str::from_utf8(&output.stdout).ok()); let mut pieces = version.split('.'); if pieces.next() != Some("rustc 1") { - return None; + panic!("Failed to get rustc version"); } let minor = pieces.next(); @@ -144,7 +148,7 @@ .unwrap_or(false); let minor = otry!(otry!(minor).parse().ok()); - Some((minor, nightly)) + (minor, nightly) } fn which_freebsd() -> Option { diff -Nru suricata-6.0.9/rust/vendor/libc/.cargo-checksum.json suricata-6.0.10/rust/vendor/libc/.cargo-checksum.json --- suricata-6.0.9/rust/vendor/libc/.cargo-checksum.json 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/.cargo-checksum.json 2023-01-31 06:31:40.000000000 +0000 @@ -1 +1 @@ -{"files":{"CONTRIBUTING.md":"f480d10d2a506eecd23ae2e2dedb7a28b8bf6dae5f46f438dbb61be2003426fb","Cargo.toml":"8697e8c54d0b68f65215edfe388f315fca114945eb40b7cdc7a38c0426ea395d","LICENSE-APACHE":"62c7a1e35f56406896d7aa7ca52d0cc0d272ac022b5d2796e7d6905db8a3636a","LICENSE-MIT":"a8d47ff51ca256f56a8932dba07660672dbfe3004257ca8de708aac1415937a1","README.md":"776affa26b66843a2b4f1a1c8f88d92f6461b74568911450fea717e9db6f877b","build.rs":"1d0cbe878e98e970c3318cac0772215a9f44bd286d859d665da27872ba9d8818","rustfmt.toml":"eaa2ea84fc1ba0359b77680804903e07bb38d257ab11986b95b158e460f787b2","src/fixed_width_ints.rs":"7f986e5f5e68d25ef04d386fd2f640e8be8f15427a8d4a458ea01d26b8dca0ca","src/fuchsia/aarch64.rs":"378776a9e40766154a54c94c2a7b4675b5c302a38e6e42da99e67bfbaee60e56","src/fuchsia/align.rs":"ae1cf8f011a99737eabeb14ffff768e60f13b13363d7646744dbb0f443dab3d6","src/fuchsia/mod.rs":"cf7e0df0e655337d1c0852880817b6b514ef9599e2125232fc79cdf8eddd01ba","src/fuchsia/no_align.rs":"303f3f1b255e0088b5715094353cf00476131d8e94e6aebb3f469557771c8b8a","src/fuchsia/x86_64.rs":"93a3632b5cf67d2a6bcb7dc0a558605252d5fe689e0f38d8aa2ec5852255ac87","src/hermit/aarch64.rs":"86048676e335944c37a63d0083d0f368ae10ceccefeed9debb3bbe08777fc682","src/hermit/mod.rs":"d3bfce41e4463d4be8020a2d063c9bfa8b665f45f1cc6cbf3163f5d01e7cb21f","src/hermit/x86_64.rs":"ab832b7524e5fb15c49ff7431165ab1a37dc4667ae0b58e8306f4c539bfa110c","src/lib.rs":"ce753ef318b300bbd441feabdd77d00322dfb6ce9eee8c78a38afe02b57aa4c0","src/macros.rs":"b457eb028b8e8ab3c24bb7292b874ad4e491edbb83594f6a3da024df5348c088","src/psp.rs":"dd31aabd46171d474ec5828372e28588935120e7355c90c105360d8fa9264c1c","src/sgx.rs":"16a95cdefc81c5ee00d8353a60db363c4cc3e0f75abcd5d0144723f2a306ed1b","src/solid/aarch64.rs":"a726e47f324adf73a4a0b67a2c183408d0cad105ae66acf36db37a42ab7f8707","src/solid/arm.rs":"e39a4f74ebbef3b97b8c95758ad741123d84ed3eb48d9cf4f1f4872097fc27fe","src/solid/mod.rs":"5f4151dca5132e4b4e4c23ab9737e12856dddbdc0ca3f7dbc004328ef3c8acde","src/switch.rs":"9da3dd39b3de45a7928789926e8572d00e1e11a39e6f7289a1349aadce90edba","src/unix/align.rs":"2cdc7c826ef7ae61f5171c5ae8c445a743d86f1a7f2d9d7e4ceeec56d6874f65","src/unix/bsd/apple/b32/align.rs":"ec833a747866fe19ca2d9b4d3c9ff0385faba5edf4bd0d15fa68884c40b0e26c","src/unix/bsd/apple/b32/mod.rs":"2546ad3eb6aecb95f916648bc63264117c92b4b4859532b34cb011e4c75a5a72","src/unix/bsd/apple/b64/aarch64/align.rs":"e8eb38d064b5fefec6f37d42873820a0483e7c758ed336cc59a7155455ca89c9","src/unix/bsd/apple/b64/aarch64/mod.rs":"44c217a4f263afe7a97435de9323d20a96c37836f899ca0925306d4b7e073c27","src/unix/bsd/apple/b64/align.rs":"ec833a747866fe19ca2d9b4d3c9ff0385faba5edf4bd0d15fa68884c40b0e26c","src/unix/bsd/apple/b64/mod.rs":"f5e278a1af7fb358891d1c9be4eb7e815aaca0c5cb738d0c3604ba2208a856f7","src/unix/bsd/apple/b64/x86_64/align.rs":"ec833a747866fe19ca2d9b4d3c9ff0385faba5edf4bd0d15fa68884c40b0e26c","src/unix/bsd/apple/b64/x86_64/mod.rs":"8c87c5855038aae5d433c8f5eb3b29b0a175879a0245342b3bfd83bdf4cfd936","src/unix/bsd/apple/mod.rs":"1cc76b056d5925aedae04ead411057dc5c6c9bd3948609fdb30164ac1fb6565e","src/unix/bsd/freebsdlike/dragonfly/errno.rs":"8295b8bb0dfd38d2cdb4d9192cdeeb534cc6c3b208170e64615fa3e0edb3e578","src/unix/bsd/freebsdlike/dragonfly/mod.rs":"8986a8c79bcadfbdb58ec1a72e1aff8ce9b341c9392d7b0b7449bddf6db59058","src/unix/bsd/freebsdlike/freebsd/aarch64.rs":"2a215bd6136b8617aacedf9be738ccee94da9d29b418e9a78101d6291c182352","src/unix/bsd/freebsdlike/freebsd/arm.rs":"59d6a670eea562fb87686e243e0a84603d29a2028a3d4b3f99ccc01bd04d2f47","src/unix/bsd/freebsdlike/freebsd/freebsd11/b64.rs":"9808d152c1196aa647f1b0f0cf84dac8c930da7d7f897a44975545e3d9d17681","src/unix/bsd/freebsdlike/freebsd/freebsd11/mod.rs":"badda6f0f7666f38345b1f4ca78817a47bc92bbdcdc3a1377f376f4e08c316e5","src/unix/bsd/freebsdlike/freebsd/freebsd12/b64.rs":"61cbe45f8499bedb168106b686d4f8239472f25c7553b069eec2afe197ff2df6","src/unix/bsd/freebsdlike/freebsd/freebsd12/mod.rs":"327700c5668be863f1fea205c82b0402e2936b883df63dda677716c30a50a284","src/unix/bsd/freebsdlike/freebsd/freebsd12/x86_64.rs":"2df36a7f122f6d6e5753cfb4d22e915cc80f6bc91c0161b3daae55a481bfd052","src/unix/bsd/freebsdlike/freebsd/freebsd13/b64.rs":"61cbe45f8499bedb168106b686d4f8239472f25c7553b069eec2afe197ff2df6","src/unix/bsd/freebsdlike/freebsd/freebsd13/mod.rs":"baa724126398ea6728bf01a3ff51f47e9b99e9ccd92c5976b5242e3cb8cc41bf","src/unix/bsd/freebsdlike/freebsd/freebsd13/x86_64.rs":"2df36a7f122f6d6e5753cfb4d22e915cc80f6bc91c0161b3daae55a481bfd052","src/unix/bsd/freebsdlike/freebsd/freebsd14/b64.rs":"61cbe45f8499bedb168106b686d4f8239472f25c7553b069eec2afe197ff2df6","src/unix/bsd/freebsdlike/freebsd/freebsd14/mod.rs":"8ff0f419c75d090e0db7b413fdc6f469952153bf5df2d5c22d7f7b708e13b8fe","src/unix/bsd/freebsdlike/freebsd/freebsd14/x86_64.rs":"2df36a7f122f6d6e5753cfb4d22e915cc80f6bc91c0161b3daae55a481bfd052","src/unix/bsd/freebsdlike/freebsd/mod.rs":"844b9a6acd03f645675b6abab39efa4d1bdf74103240464503bbdd8e688a9faf","src/unix/bsd/freebsdlike/freebsd/powerpc.rs":"9ca3f82f88974e6db5569f2d76a5a3749b248a31747a6c0da5820492bdfeca42","src/unix/bsd/freebsdlike/freebsd/powerpc64.rs":"2dae3ecc87eac3b11657aa98915def55fc4b5c0de11fe26aae23329a54628a9a","src/unix/bsd/freebsdlike/freebsd/riscv64.rs":"8f591bd273464d684c4f64365f8ed56a8138175daa70d96008541393057a0dae","src/unix/bsd/freebsdlike/freebsd/x86.rs":"c5005e3249eb7c93cfbac72a9e9272320d80ce7983da990ceb05a447f59a02c5","src/unix/bsd/freebsdlike/freebsd/x86_64/align.rs":"0e1f69a88fca1c32874b1daf5db3d446fefbe518dca497f096cc9168c39dde70","src/unix/bsd/freebsdlike/freebsd/x86_64/mod.rs":"51e4dd0c8ae247bb652feda5adad9333ea3bb30c750c3a3935e0b0e47d7803eb","src/unix/bsd/freebsdlike/mod.rs":"bd80ce2ff628ed5eaa856ebe8b6a8fb0e89d1c9728040b9ee6b967beb4bcf3a7","src/unix/bsd/mod.rs":"4455d9e612e2a864fccfa093fb066d4042300e77b8d5c4fe9ecc0570823b5f23","src/unix/bsd/netbsdlike/mod.rs":"34f60d73631f3c59936c87db1f62ddb8f693901c3cb199f7f370882e84d509fa","src/unix/bsd/netbsdlike/netbsd/aarch64.rs":"65dcb58d11e8d8028401a9d07ca3eb4cb4f053e04249cc877353449d84ccc4cb","src/unix/bsd/netbsdlike/netbsd/arm.rs":"58cdbb70b0d6f536551f0f3bb3725d2d75c4690db12c26c034e7d6ec4a924452","src/unix/bsd/netbsdlike/netbsd/mod.rs":"77009c0e2e06abf8e81634bb65c22a0ccf9564a7cc64cee62d08b8ea716b8cac","src/unix/bsd/netbsdlike/netbsd/powerpc.rs":"ee7ff5d89d0ed22f531237b5059aa669df93a3b5c489fa641465ace8d405bf41","src/unix/bsd/netbsdlike/netbsd/sparc64.rs":"9489f4b3e4566f43bb12dfb92238960613dac7f6a45cc13068a8d152b902d7d9","src/unix/bsd/netbsdlike/netbsd/x86.rs":"20692320e36bfe028d1a34d16fe12ca77aa909cb02bda167376f98f1a09aefe7","src/unix/bsd/netbsdlike/netbsd/x86_64.rs":"1afe5ef46b14397cdd68664b5b232e4f5b035b6db1d4cf411c899d51ebca9f30","src/unix/bsd/netbsdlike/openbsd/aarch64.rs":"dd91931d373b7ecaf6e2de25adadee10d16fa9b12c2cbacdff3eb291e1ba36af","src/unix/bsd/netbsdlike/openbsd/arm.rs":"01580d261bc6447bb327a0d982181b7bdabfa066cee65a30373d3ced729ad307","src/unix/bsd/netbsdlike/openbsd/mips64.rs":"8532a189ae10c7d668d9d4065da8b05d124e09bd39442c9f74a7f231c43eca48","src/unix/bsd/netbsdlike/openbsd/mod.rs":"38b7d65a86701a75a9047a3ef3b006f09ffbb33ab2312174bcee889efb74e100","src/unix/bsd/netbsdlike/openbsd/powerpc.rs":"01580d261bc6447bb327a0d982181b7bdabfa066cee65a30373d3ced729ad307","src/unix/bsd/netbsdlike/openbsd/powerpc64.rs":"1dd5449dd1fd3d51e30ffdeeaece91d0aaf05c710e0ac699fecc5461cfa2c28e","src/unix/bsd/netbsdlike/openbsd/riscv64.rs":"1dd5449dd1fd3d51e30ffdeeaece91d0aaf05c710e0ac699fecc5461cfa2c28e","src/unix/bsd/netbsdlike/openbsd/sparc64.rs":"d04fd287afbaa2c5df9d48c94e8374a532a3ba491b424ddf018270c7312f4085","src/unix/bsd/netbsdlike/openbsd/x86.rs":"6f7f5c4fde2a2259eb547890cbd86570cea04ef85347d7569e94e679448bec87","src/unix/bsd/netbsdlike/openbsd/x86_64.rs":"d31db31630289c85af3339dbe357998a21ca584cbae31607448fe2cf7675a4e1","src/unix/haiku/b32.rs":"a2efdbf7158a6da341e1db9176b0ab193ba88b449616239ed95dced11f54d87b","src/unix/haiku/b64.rs":"ff8115367d3d7d354f792d6176dfaaa26353f57056197b563bf4681f91ff7985","src/unix/haiku/mod.rs":"df7b6b7d8dd3441665bfe87f2abc942bddc65b8b10dfa9c83dd0422f68107891","src/unix/haiku/native.rs":"dbfcbf4954a79d1df2ff58e0590bbcb8c57dfc7a32392aa73ee4726b66bd6cc8","src/unix/haiku/x86_64.rs":"3ec3aeeb7ed208b8916f3e32d42bfd085ff5e16936a1a35d9a52789f043b7237","src/unix/hermit/aarch64.rs":"86048676e335944c37a63d0083d0f368ae10ceccefeed9debb3bbe08777fc682","src/unix/hermit/mod.rs":"859814f5df89e28fd4b345db399d181e11e7ed413841b6ff703a1fcbdbf013ae","src/unix/hermit/x86_64.rs":"ab832b7524e5fb15c49ff7431165ab1a37dc4667ae0b58e8306f4c539bfa110c","src/unix/linux_like/android/b32/arm.rs":"433c1530f602cc5ed26610c58055dde0c4ceea5e00150063b24ddc60768332a4","src/unix/linux_like/android/b32/mod.rs":"7c173e0375119bf06a3081652faede95e5bcd6858e7576b7533d037978737c8f","src/unix/linux_like/android/b32/x86/align.rs":"812914e4241df82e32b12375ca3374615dc3a4bdd4cf31f0423c5815320c0dab","src/unix/linux_like/android/b32/x86/mod.rs":"8388bd3a0fcb5636bf965eee6dc95ae6860b85a2b555b387c868aa4d4e01ec89","src/unix/linux_like/android/b64/aarch64/align.rs":"2179c3b1608fa4bf68840482bfc2b2fa3ee2faf6fcae3770f9e505cddca35c7b","src/unix/linux_like/android/b64/aarch64/int128.rs":"1735f6f5c56770d20dd426442f09724d9b2052b46a7cd82f23f3288a4a7276de","src/unix/linux_like/android/b64/aarch64/mod.rs":"ef230d49fd0d182adf2dae6f8e10babf18d72259d65980bf1c4c2dc8a4f84501","src/unix/linux_like/android/b64/mod.rs":"71e4fcbe952bfa4a5f9022f3972e906917b38f729b9d8ef57cd5d179104894ac","src/unix/linux_like/android/b64/riscv64/align.rs":"0bf138f84e5327d8339bcd4adf071a6832b516445e597552c82bbd881095e3a8","src/unix/linux_like/android/b64/riscv64/mod.rs":"80e9f93fed838a48b4e2e8d77b95c72cfd7c0647bcce63851555c5ad16dad143","src/unix/linux_like/android/b64/x86_64/align.rs":"7169d07a9fd4716f7512719aec9fda5d8bed306dc0720ffc1b21696c9951e3c6","src/unix/linux_like/android/b64/x86_64/mod.rs":"e10d19bea39f719723ab6666a5ddbd378b6958769441c5904629e1df173b1dc2","src/unix/linux_like/android/mod.rs":"566ad08d0aa6d356e9553189b04a34dd70c1abcb071ee93414d93e6f58f517a3","src/unix/linux_like/emscripten/align.rs":"86c95cbed7a7161b1f23ee06843e7b0e2340ad92b2cb86fe2a8ef3e0e8c36216","src/unix/linux_like/emscripten/mod.rs":"6ef4652dfb94e3c58aed5133ece982ad30569d46b6b1054552cd61905fa61690","src/unix/linux_like/emscripten/no_align.rs":"0128e4aa721a9902754828b61b5ec7d8a86619983ed1e0544a85d35b1051fad6","src/unix/linux_like/linux/align.rs":"d6c259942c8e843373accd180fc8f4f45f03544dfd21b93a8d02641ead3ef63e","src/unix/linux_like/linux/arch/generic/mod.rs":"e2b46404e44f7d63c26af9dbd79b4e166ef7bced2bc9c6746a26ca86e508e0d4","src/unix/linux_like/linux/arch/mips/mod.rs":"2d166054a586bb4bf6e4a4ba35f7574907b217225eff8f1a43adc4277e142460","src/unix/linux_like/linux/arch/mod.rs":"466a29622e47c6c7f1500682b2eb17f5566dd81b322cd6348f0fdd355cec593a","src/unix/linux_like/linux/arch/powerpc/mod.rs":"3f6da7b0fa7b394c7d4eea2bb3caa7a7729ab0d6c1491fef02206a912c41b815","src/unix/linux_like/linux/arch/sparc/mod.rs":"91593ec0440f1dd8f8e612028f432c44c14089286e2aca50e10511ab942db8c3","src/unix/linux_like/linux/gnu/align.rs":"e4a3c27fe20a57b8d612c34cb05bc70646edb5cec7251957315afa53a7b9f936","src/unix/linux_like/linux/gnu/b32/arm/align.rs":"6ec0eb3ee93f7ae99fd714b4deabfb5e97fbcefd8c26f5a45fb8e7150899cdeb","src/unix/linux_like/linux/gnu/b32/arm/mod.rs":"5bd3f6b3484e049ddaac95f411b0d82cbf1cd28e6a5defbc927bd917f5f7d299","src/unix/linux_like/linux/gnu/b32/m68k/align.rs":"8faa92f77a9232c035418d45331774e64a9a841d99c91791570a203bf2b45bcb","src/unix/linux_like/linux/gnu/b32/m68k/mod.rs":"a2a0a9400dae44086ebf579e0448e0676d4a3214d1ae7d13a024857251e23b6b","src/unix/linux_like/linux/gnu/b32/mips/align.rs":"429fb5e005cb7143602d430098b6ebfb7d360685b194f333dfd587472ae954ee","src/unix/linux_like/linux/gnu/b32/mips/mod.rs":"6b9a5dac6f937ddc1453e808e3c43502c87143332df9e43ac64fb8b1eda6c116","src/unix/linux_like/linux/gnu/b32/mod.rs":"8da281da578cdee972e952b118b903b370320897a7e335342a15e1359864bef2","src/unix/linux_like/linux/gnu/b32/powerpc.rs":"5c5d90326b54b57b98eff4745fe7a3fb02f053b2dc782241a73e807b491936a3","src/unix/linux_like/linux/gnu/b32/riscv32/align.rs":"d321491612be8d5c61b6ec2dc0111beb3a22e58803f99cd37543efe86621b119","src/unix/linux_like/linux/gnu/b32/riscv32/mod.rs":"5e7c1e29aeb82fc422f45b73fb0cf3d13d0902300f9150d2755a9074f8d96999","src/unix/linux_like/linux/gnu/b32/sparc/align.rs":"21adbed27df73e2d1ed934aaf733a643003d7baf2bde9c48ea440895bcca6d41","src/unix/linux_like/linux/gnu/b32/sparc/mod.rs":"80894eece66e9348f45d1b07ad37c757ea694bbd10ed49d3f920b34e9f51a9a3","src/unix/linux_like/linux/gnu/b32/x86/align.rs":"e4bafdc4a519a7922a81b37a62bbfd1177a2f620890eef8f1fbc47162e9eb413","src/unix/linux_like/linux/gnu/b32/x86/mod.rs":"c703cc5e9de2dc31d9e5831bfb6f354d6e3518b2ae02263f68a9a70f1c0167e2","src/unix/linux_like/linux/gnu/b64/aarch64/align.rs":"5b32fcc0d60356c92ded4e0ba9bb32f0140a8bd75ba800486bf38294f61dbdbb","src/unix/linux_like/linux/gnu/b64/aarch64/ilp32.rs":"21a21503ef2e095f4371044915d4bfb07a8578011cb5c713cd9f45947b0b5730","src/unix/linux_like/linux/gnu/b64/aarch64/int128.rs":"1735f6f5c56770d20dd426442f09724d9b2052b46a7cd82f23f3288a4a7276de","src/unix/linux_like/linux/gnu/b64/aarch64/lp64.rs":"e78c3cd197f44832338b414d1a9bc0d194f44c74db77bd7bf830c1fff62b2690","src/unix/linux_like/linux/gnu/b64/aarch64/mod.rs":"c91813ee5e1bc817996c46be86d1f46802e73df2952cab576ea015490929afc5","src/unix/linux_like/linux/gnu/b64/loongarch64/align.rs":"7169d07a9fd4716f7512719aec9fda5d8bed306dc0720ffc1b21696c9951e3c6","src/unix/linux_like/linux/gnu/b64/loongarch64/mod.rs":"387808d5398b24339e7e2bf7591150735011befc5b421fa713d7017c04a7b1da","src/unix/linux_like/linux/gnu/b64/mips64/align.rs":"7169d07a9fd4716f7512719aec9fda5d8bed306dc0720ffc1b21696c9951e3c6","src/unix/linux_like/linux/gnu/b64/mips64/mod.rs":"80b4b97a41564290c510e68a1fb20cfd8424206f010e71a596f12877de886a71","src/unix/linux_like/linux/gnu/b64/mod.rs":"3c6555f30a7a8852757b31a542ea73fb6a16a6e27e838397e819278ad56e57a4","src/unix/linux_like/linux/gnu/b64/powerpc64/align.rs":"e29c4868bbecfa4a6cd8a2ad06193f3bbc78a468cc1dc9df83f002f1268130d9","src/unix/linux_like/linux/gnu/b64/powerpc64/mod.rs":"a595e37c2325ceb40ef66c634bd3c255ad184a1d70ff8025e98a075f0ec67704","src/unix/linux_like/linux/gnu/b64/riscv64/align.rs":"d321491612be8d5c61b6ec2dc0111beb3a22e58803f99cd37543efe86621b119","src/unix/linux_like/linux/gnu/b64/riscv64/mod.rs":"ef4b13477ffd8532fb6705ca3fa63a1f13e8d19ee39b083c5355dfce430c1a5b","src/unix/linux_like/linux/gnu/b64/s390x.rs":"788fde4fa1919859cc028b59da31de00449edd2b2c1530ae76134beac418b73c","src/unix/linux_like/linux/gnu/b64/sparc64/align.rs":"e29c4868bbecfa4a6cd8a2ad06193f3bbc78a468cc1dc9df83f002f1268130d9","src/unix/linux_like/linux/gnu/b64/sparc64/mod.rs":"c4fa0ede3f78b21a9982667922cccd0681bee3cb6d42208ea9958f65e93d6308","src/unix/linux_like/linux/gnu/b64/x86_64/align.rs":"62e822478356db4a73b6bbd1b36d825b893939ab4b308ec11b0578bcc4b49769","src/unix/linux_like/linux/gnu/b64/x86_64/mod.rs":"e37e0421290b152fe508883181c41225e09dd5452a6b085e8d807b3b54823028","src/unix/linux_like/linux/gnu/b64/x86_64/not_x32.rs":"c1b6345ce14f67d1b2e2f7f2c0ff9a074c07acbd348df69cb4558bda8c8fb9ae","src/unix/linux_like/linux/gnu/b64/x86_64/x32.rs":"3f4d2aeadb7d2620cad09564abdbfc5cf02eeb5a27f2bab8a4e9b4bdbdb258a5","src/unix/linux_like/linux/gnu/mod.rs":"e31aa4bd147c83d05dcd13baca4b9f676320a7713ff50de08b51d0c88f8241a3","src/unix/linux_like/linux/gnu/no_align.rs":"9cd223135de75315840ff9c3fd5441ba1cb632b96b5c85a76f8316c86653db25","src/unix/linux_like/linux/mod.rs":"e710e91658058ce40bea0b7e6a80360261d67561bee15772d05e6c8225d4edaa","src/unix/linux_like/linux/musl/b32/arm/align.rs":"3e8ac052c1043764776b54c93ba4260e061df998631737a897d9d47d54f7b80c","src/unix/linux_like/linux/musl/b32/arm/mod.rs":"f5b217a93f99c2852f7fd1459f529798372fa7df84ee0cfd3d8cdd5b2021b8cf","src/unix/linux_like/linux/musl/b32/hexagon.rs":"226a8b64ce9c75abbbee6d2dceb0b44f7b6c750c4102ebd4d015194afee6666e","src/unix/linux_like/linux/musl/b32/mips/align.rs":"429fb5e005cb7143602d430098b6ebfb7d360685b194f333dfd587472ae954ee","src/unix/linux_like/linux/musl/b32/mips/mod.rs":"16a7a03d998a5db11be9ee81525c7faec4623383260e8bc125b1c53a050fde75","src/unix/linux_like/linux/musl/b32/mod.rs":"580e27c5ce3344df686f1ffc08fdfa2c282d1ceb623d778c50d210d4bd65ec7e","src/unix/linux_like/linux/musl/b32/powerpc.rs":"dc52adc264c34bce80753d6bd064e8fc4b8237fa1e5c5315ccb6c72df74c2813","src/unix/linux_like/linux/musl/b32/riscv32/align.rs":"efd2accf33b87de7c7547903359a5da896edc33cd6c719552c7474b60d4a5d48","src/unix/linux_like/linux/musl/b32/riscv32/mod.rs":"e57dc5562553aab6d0765e0ec266254aa52975f8757bfe97e0c6028fa7d5d37c","src/unix/linux_like/linux/musl/b32/x86/align.rs":"08e77fbd7435d7dec2ff56932433bece3f02e47ce810f89004a275a86d39cbe1","src/unix/linux_like/linux/musl/b32/x86/mod.rs":"7a1586f77bb693f0b319ec720c35963da056287fc42f8e2ccf1d5b2bcccf4fd6","src/unix/linux_like/linux/musl/b64/aarch64/align.rs":"6ba32725d24d7d8e6aa111f3b57aafa318f83b606abe96561329151829821133","src/unix/linux_like/linux/musl/b64/aarch64/int128.rs":"1735f6f5c56770d20dd426442f09724d9b2052b46a7cd82f23f3288a4a7276de","src/unix/linux_like/linux/musl/b64/aarch64/mod.rs":"31e75179cbb4e26425b3f5b052e358f593153da662884655e60801d852e55dc2","src/unix/linux_like/linux/musl/b64/mips64.rs":"9a5d29f666332bb056d0e2951e9de989aa1dc016075f009db3f2f628e0cdda8c","src/unix/linux_like/linux/musl/b64/mod.rs":"8c10627bd582cb272514e7350ae4743a65d489356eae039d2e7e55cd533fbbc8","src/unix/linux_like/linux/musl/b64/powerpc64.rs":"455dc0ffa55afc1db6ffaf461f6f2a7b49d31658bfebe0bb4efac5967a6f956c","src/unix/linux_like/linux/musl/b64/riscv64/align.rs":"d321491612be8d5c61b6ec2dc0111beb3a22e58803f99cd37543efe86621b119","src/unix/linux_like/linux/musl/b64/riscv64/mod.rs":"42d4b6d36807f37759094a732a321080cccdf498b174d632cebba147051de294","src/unix/linux_like/linux/musl/b64/s390x.rs":"d8a4fdfea0960ec284cae4facb8b0fb342e8aa41544cffacdcaf08c5a92a43f8","src/unix/linux_like/linux/musl/b64/x86_64/align.rs":"77309276ad7a42cbe59ca381f23590b7a143aded05555b34a5b307b808cbca6e","src/unix/linux_like/linux/musl/b64/x86_64/mod.rs":"7a877cd23b64be66d28e6b8dddae32d59a88d69115637539daf19381f4e39330","src/unix/linux_like/linux/musl/mod.rs":"b3909c61ddef8dd276cd0ff27a8faaf5675b487c6238953e9560b7e01760cfd4","src/unix/linux_like/linux/no_align.rs":"da2a8721becaaaa528781f97f5d9aae6a982ae5d4f5f6d2ffc0150bed72319b3","src/unix/linux_like/linux/non_exhaustive.rs":"181a05bf94fdb911db83ce793b993bd6548a4115b306a7ef3c10f745a8fea3e9","src/unix/linux_like/linux/uclibc/align.rs":"9ed16138d8e439bd90930845a65eafa7ebd67366e6bf633936d44014f6e4c959","src/unix/linux_like/linux/uclibc/arm/align.rs":"e4a3c27fe20a57b8d612c34cb05bc70646edb5cec7251957315afa53a7b9f936","src/unix/linux_like/linux/uclibc/arm/mod.rs":"7d8dfbd26ce958d9da17468b3c9d0b119ce7dbd59b3384551cd4423ce25db44a","src/unix/linux_like/linux/uclibc/arm/no_align.rs":"9cd223135de75315840ff9c3fd5441ba1cb632b96b5c85a76f8316c86653db25","src/unix/linux_like/linux/uclibc/mips/mips32/align.rs":"e4a3c27fe20a57b8d612c34cb05bc70646edb5cec7251957315afa53a7b9f936","src/unix/linux_like/linux/uclibc/mips/mips32/mod.rs":"b84def53a49587e87f884c2bc28b21b290463b00b52e1d0309f2ba233a5b4a99","src/unix/linux_like/linux/uclibc/mips/mips32/no_align.rs":"9cd223135de75315840ff9c3fd5441ba1cb632b96b5c85a76f8316c86653db25","src/unix/linux_like/linux/uclibc/mips/mips64/align.rs":"a7bdcb18a37a2d91e64d5fad83ea3edc78f5412adb28f77ab077dbb26dd08b2d","src/unix/linux_like/linux/uclibc/mips/mips64/mod.rs":"256a428290a560163ef7dc7d18b27bd3c6ce9748a0f28d5dc7f82203ee228220","src/unix/linux_like/linux/uclibc/mips/mips64/no_align.rs":"4a18e3875698c85229599225ac3401a2a40da87e77b2ad4ef47c6fcd5a24ed30","src/unix/linux_like/linux/uclibc/mips/mod.rs":"367ec5483ad317e6ccba1ac0888da6cf088a8d32689214cc8d16129aa692260c","src/unix/linux_like/linux/uclibc/mod.rs":"1c3d25cddcfefa2bd17bdc81550826be31a08eef235e13f825f169a5029c8bca","src/unix/linux_like/linux/uclibc/no_align.rs":"3f28637046524618adaa1012e26cb7ffe94b9396e6b518cccdc69d59f274d709","src/unix/linux_like/linux/uclibc/x86_64/l4re.rs":"024eba5753e852dbdd212427351affe7e83f9916c1864bce414d7aa2618f192e","src/unix/linux_like/linux/uclibc/x86_64/mod.rs":"420dbea99e99091f333641e202960fa4bed0733de2a834e610708555be6bab4c","src/unix/linux_like/linux/uclibc/x86_64/other.rs":"42c3f71e58cabba373f6a55a623f3c31b85049eb64824c09c2b082b3b2d6a0a8","src/unix/linux_like/mod.rs":"3d03bd583aaf04f285f95ff8b53c9b5a891d3b64bfcda37a42648ec51c4c51e5","src/unix/mod.rs":"adc2c742c2abb9c3ebbad4d3193765197d6e89d7ec914c29a3cfef00c7b75765","src/unix/newlib/aarch64/mod.rs":"bac93836a9a57b2c710f32f852e92a4d11ad6759ab0fb6ad33e71d60e53278af","src/unix/newlib/align.rs":"28aaf87fafbc6b312622719d472d8cf65f9e5467d15339df5f73e66d8502b28a","src/unix/newlib/arm/mod.rs":"cbba6b3e957eceb496806e60de8725a23ff3fa0015983b4b4fa27b233732b526","src/unix/newlib/espidf/mod.rs":"816f235f4aa4baabba7f2606b31d0fdb03988c52194c966728de8690bf17299d","src/unix/newlib/generic.rs":"eab066d9f0a0f3eb53cc1073d01496bba0110989e1f6a59838afd19f870cd599","src/unix/newlib/horizon/mod.rs":"7cc5cc120437421db139bfa6a90b18168cd3070bdd0f5be96d40fe4c996f3ca1","src/unix/newlib/mod.rs":"494e56628d4408bf66ad30ff71fbd21bc33d9037935c411dff7bf73dd3f1070b","src/unix/newlib/no_align.rs":"e0743b2179495a9514bc3a4d1781e492878c4ec834ee0085d0891dd1712e82fb","src/unix/newlib/powerpc/mod.rs":"0202ffd57caf75b6afa2c9717750ffb96e375ac33df0ae9609a3f831be393b67","src/unix/no_align.rs":"c06e95373b9088266e0b14bba0954eef95f93fb2b01d951855e382d22de78e53","src/unix/redox/mod.rs":"9fbc4500dbd815656206e2c03b0cf6d8b099c95936d9ae0af0c72fc602a190e0","src/unix/solarish/compat.rs":"b07a5bfac925eb012003a459ba6bddbd3bfa9c44b3394da2ac5a602e54beae9c","src/unix/solarish/illumos.rs":"cd93c2d84722bbf9933a92842a8998eb0b2afc962f50bc2546ad127b82809fa7","src/unix/solarish/mod.rs":"72f354559f75c5871fff5a5c57880eee1383ac632facd4fc8b40f9087649e20d","src/unix/solarish/solaris.rs":"36abcfb46fab6e7151a0c1f555b419e1267b82893f6e84d5d260308ba8eeb0c5","src/unix/solarish/x86.rs":"e86e806df0caed72765040eaa2f3c883198d1aa91508540adf9b7008c77f522e","src/unix/solarish/x86_64.rs":"ec2b01f194eb8a6a27133c57681da195a949e03098f3ea1e847227a9c09ef5fc","src/unix/solarish/x86_common.rs":"ac869d9c3c95645c22460468391eb1982023c3a8e02b9e06a72e3aef3d5f1eac","src/vxworks/aarch64.rs":"98f0afdc511cd02557e506c21fed6737585490a1dce7a9d4941d08c437762b99","src/vxworks/arm.rs":"acb7968ce99fe3f4abdf39d98f8133d21a4fba435b8ef7084777cb181d788e88","src/vxworks/mod.rs":"aea3da66f2140f2a82dfc9c58f6e6531d2dd9c15ea696e0f95a0d4a2a187b5b6","src/vxworks/powerpc.rs":"acb7968ce99fe3f4abdf39d98f8133d21a4fba435b8ef7084777cb181d788e88","src/vxworks/powerpc64.rs":"98f0afdc511cd02557e506c21fed6737585490a1dce7a9d4941d08c437762b99","src/vxworks/x86.rs":"552f007f38317620b23889cb7c49d1d115841252439060122f52f434fbc6e5ba","src/vxworks/x86_64.rs":"018d92be3ad628a129eff9f2f5dfbc0883d8b8e5f2fa917b900a7f98ed6b514a","src/wasi.rs":"4fae202af0327d768ed9e1b586b75816cce14fe2dc16947d2f3d381f209a54c1","src/windows/gnu/align.rs":"b2c13ec1b9f3b39a75c452c80c951dff9d0215e31d77e883b4502afb31794647","src/windows/gnu/mod.rs":"3c8c7edb7cdf5d0c44af936db2a94869585c69dfabeef30571b4f4e38375767a","src/windows/mod.rs":"7fe35c1f5e6272acfba059a1ad7a78b144f5bc63456f6377d58bbc42cc23f509","src/windows/msvc/mod.rs":"c068271e00fca6b62bc4bf44bcf142cfc38caeded9b6c4e01d1ceef3ccf986f4","tests/const_fn.rs":"cb75a1f0864f926aebe79118fc34d51a0d1ade2c20a394e7774c7e545f21f1f4"},"package":"fc7fcc620a3bff7cdd7a365be3376c97191aeaccc2a603e600951e452615bf89"} \ No newline at end of file +{"files":{"CONTRIBUTING.md":"bdc90b52cf803faac96e594069a86dd8ea150d5ba7fb3e6cadfc08dac4c7b0ce","Cargo.toml":"cec0b42b20e776ac9165b5a5eedfbd8fc033700cacabfa4209c60d35833e42f1","LICENSE-APACHE":"62c7a1e35f56406896d7aa7ca52d0cc0d272ac022b5d2796e7d6905db8a3636a","LICENSE-MIT":"a8d47ff51ca256f56a8932dba07660672dbfe3004257ca8de708aac1415937a1","README.md":"776affa26b66843a2b4f1a1c8f88d92f6461b74568911450fea717e9db6f877b","build.rs":"cecfa3f926ab4a9c87cd59cc0d687f98eceb6035b0dde185152e5206d090f8d0","rustfmt.toml":"eaa2ea84fc1ba0359b77680804903e07bb38d257ab11986b95b158e460f787b2","src/fixed_width_ints.rs":"7f986e5f5e68d25ef04d386fd2f640e8be8f15427a8d4a458ea01d26b8dca0ca","src/fuchsia/aarch64.rs":"378776a9e40766154a54c94c2a7b4675b5c302a38e6e42da99e67bfbaee60e56","src/fuchsia/align.rs":"ae1cf8f011a99737eabeb14ffff768e60f13b13363d7646744dbb0f443dab3d6","src/fuchsia/mod.rs":"1b4e6c34b01b4c970f4d4c044d1642020e0fc2ea1b8442e8f1a9b698569ab1f6","src/fuchsia/no_align.rs":"303f3f1b255e0088b5715094353cf00476131d8e94e6aebb3f469557771c8b8a","src/fuchsia/x86_64.rs":"93a3632b5cf67d2a6bcb7dc0a558605252d5fe689e0f38d8aa2ec5852255ac87","src/hermit/aarch64.rs":"86048676e335944c37a63d0083d0f368ae10ceccefeed9debb3bbe08777fc682","src/hermit/mod.rs":"d3bfce41e4463d4be8020a2d063c9bfa8b665f45f1cc6cbf3163f5d01e7cb21f","src/hermit/x86_64.rs":"ab832b7524e5fb15c49ff7431165ab1a37dc4667ae0b58e8306f4c539bfa110c","src/lib.rs":"ce753ef318b300bbd441feabdd77d00322dfb6ce9eee8c78a38afe02b57aa4c0","src/macros.rs":"b457eb028b8e8ab3c24bb7292b874ad4e491edbb83594f6a3da024df5348c088","src/psp.rs":"dd31aabd46171d474ec5828372e28588935120e7355c90c105360d8fa9264c1c","src/sgx.rs":"16a95cdefc81c5ee00d8353a60db363c4cc3e0f75abcd5d0144723f2a306ed1b","src/solid/aarch64.rs":"a726e47f324adf73a4a0b67a2c183408d0cad105ae66acf36db37a42ab7f8707","src/solid/arm.rs":"e39a4f74ebbef3b97b8c95758ad741123d84ed3eb48d9cf4f1f4872097fc27fe","src/solid/mod.rs":"5f4151dca5132e4b4e4c23ab9737e12856dddbdc0ca3f7dbc004328ef3c8acde","src/switch.rs":"9da3dd39b3de45a7928789926e8572d00e1e11a39e6f7289a1349aadce90edba","src/unix/align.rs":"2cdc7c826ef7ae61f5171c5ae8c445a743d86f1a7f2d9d7e4ceeec56d6874f65","src/unix/bsd/apple/b32/align.rs":"ec833a747866fe19ca2d9b4d3c9ff0385faba5edf4bd0d15fa68884c40b0e26c","src/unix/bsd/apple/b32/mod.rs":"2546ad3eb6aecb95f916648bc63264117c92b4b4859532b34cb011e4c75a5a72","src/unix/bsd/apple/b64/aarch64/align.rs":"e8eb38d064b5fefec6f37d42873820a0483e7c758ed336cc59a7155455ca89c9","src/unix/bsd/apple/b64/aarch64/mod.rs":"44c217a4f263afe7a97435de9323d20a96c37836f899ca0925306d4b7e073c27","src/unix/bsd/apple/b64/align.rs":"ec833a747866fe19ca2d9b4d3c9ff0385faba5edf4bd0d15fa68884c40b0e26c","src/unix/bsd/apple/b64/mod.rs":"f5e278a1af7fb358891d1c9be4eb7e815aaca0c5cb738d0c3604ba2208a856f7","src/unix/bsd/apple/b64/x86_64/align.rs":"ec833a747866fe19ca2d9b4d3c9ff0385faba5edf4bd0d15fa68884c40b0e26c","src/unix/bsd/apple/b64/x86_64/mod.rs":"8c87c5855038aae5d433c8f5eb3b29b0a175879a0245342b3bfd83bdf4cfd936","src/unix/bsd/apple/mod.rs":"1cc76b056d5925aedae04ead411057dc5c6c9bd3948609fdb30164ac1fb6565e","src/unix/bsd/freebsdlike/dragonfly/errno.rs":"8295b8bb0dfd38d2cdb4d9192cdeeb534cc6c3b208170e64615fa3e0edb3e578","src/unix/bsd/freebsdlike/dragonfly/mod.rs":"8986a8c79bcadfbdb58ec1a72e1aff8ce9b341c9392d7b0b7449bddf6db59058","src/unix/bsd/freebsdlike/freebsd/aarch64.rs":"6c8e216385f53a4bf5f171749b57602fc34a4e4b160a44ca31c058cb0c8a2126","src/unix/bsd/freebsdlike/freebsd/arm.rs":"59d6a670eea562fb87686e243e0a84603d29a2028a3d4b3f99ccc01bd04d2f47","src/unix/bsd/freebsdlike/freebsd/freebsd11/b64.rs":"9808d152c1196aa647f1b0f0cf84dac8c930da7d7f897a44975545e3d9d17681","src/unix/bsd/freebsdlike/freebsd/freebsd11/mod.rs":"badda6f0f7666f38345b1f4ca78817a47bc92bbdcdc3a1377f376f4e08c316e5","src/unix/bsd/freebsdlike/freebsd/freebsd12/b64.rs":"61cbe45f8499bedb168106b686d4f8239472f25c7553b069eec2afe197ff2df6","src/unix/bsd/freebsdlike/freebsd/freebsd12/mod.rs":"327700c5668be863f1fea205c82b0402e2936b883df63dda677716c30a50a284","src/unix/bsd/freebsdlike/freebsd/freebsd12/x86_64.rs":"2df36a7f122f6d6e5753cfb4d22e915cc80f6bc91c0161b3daae55a481bfd052","src/unix/bsd/freebsdlike/freebsd/freebsd13/b64.rs":"61cbe45f8499bedb168106b686d4f8239472f25c7553b069eec2afe197ff2df6","src/unix/bsd/freebsdlike/freebsd/freebsd13/mod.rs":"7f689e9a944c919834ec852b30c224f98e14b4b4087571adefeea5abad5d6374","src/unix/bsd/freebsdlike/freebsd/freebsd13/x86_64.rs":"2df36a7f122f6d6e5753cfb4d22e915cc80f6bc91c0161b3daae55a481bfd052","src/unix/bsd/freebsdlike/freebsd/freebsd14/b64.rs":"61cbe45f8499bedb168106b686d4f8239472f25c7553b069eec2afe197ff2df6","src/unix/bsd/freebsdlike/freebsd/freebsd14/mod.rs":"9b6fa1c3f5217f9482e0bed3bd0ea2905cdf56d628307cea48e49d8e00a6b09d","src/unix/bsd/freebsdlike/freebsd/freebsd14/x86_64.rs":"2df36a7f122f6d6e5753cfb4d22e915cc80f6bc91c0161b3daae55a481bfd052","src/unix/bsd/freebsdlike/freebsd/mod.rs":"26bda8cf730ab4868523a6ed7c513f51885cad30cdd02da905ff35b597576415","src/unix/bsd/freebsdlike/freebsd/powerpc.rs":"9ca3f82f88974e6db5569f2d76a5a3749b248a31747a6c0da5820492bdfeca42","src/unix/bsd/freebsdlike/freebsd/powerpc64.rs":"2dae3ecc87eac3b11657aa98915def55fc4b5c0de11fe26aae23329a54628a9a","src/unix/bsd/freebsdlike/freebsd/riscv64.rs":"fa4bed4c58cad24ba3395941c7fa6b11e089551a04714f9561078e400f5b2b62","src/unix/bsd/freebsdlike/freebsd/x86.rs":"c5005e3249eb7c93cfbac72a9e9272320d80ce7983da990ceb05a447f59a02c5","src/unix/bsd/freebsdlike/freebsd/x86_64/align.rs":"0e1f69a88fca1c32874b1daf5db3d446fefbe518dca497f096cc9168c39dde70","src/unix/bsd/freebsdlike/freebsd/x86_64/mod.rs":"51e4dd0c8ae247bb652feda5adad9333ea3bb30c750c3a3935e0b0e47d7803eb","src/unix/bsd/freebsdlike/mod.rs":"bd80ce2ff628ed5eaa856ebe8b6a8fb0e89d1c9728040b9ee6b967beb4bcf3a7","src/unix/bsd/mod.rs":"0c672b075b5616fca2cc56c00ee31c3f554dcbd2e88a7c2ba1437aa6e5604319","src/unix/bsd/netbsdlike/mod.rs":"34f60d73631f3c59936c87db1f62ddb8f693901c3cb199f7f370882e84d509fa","src/unix/bsd/netbsdlike/netbsd/aarch64.rs":"65dcb58d11e8d8028401a9d07ca3eb4cb4f053e04249cc877353449d84ccc4cb","src/unix/bsd/netbsdlike/netbsd/arm.rs":"58cdbb70b0d6f536551f0f3bb3725d2d75c4690db12c26c034e7d6ec4a924452","src/unix/bsd/netbsdlike/netbsd/mod.rs":"107a4aa396b8383c66e0ace2f941450b4b69146558cdc4d9fbe33eeab51760f1","src/unix/bsd/netbsdlike/netbsd/powerpc.rs":"ee7ff5d89d0ed22f531237b5059aa669df93a3b5c489fa641465ace8d405bf41","src/unix/bsd/netbsdlike/netbsd/sparc64.rs":"9489f4b3e4566f43bb12dfb92238960613dac7f6a45cc13068a8d152b902d7d9","src/unix/bsd/netbsdlike/netbsd/x86.rs":"20692320e36bfe028d1a34d16fe12ca77aa909cb02bda167376f98f1a09aefe7","src/unix/bsd/netbsdlike/netbsd/x86_64.rs":"1afe5ef46b14397cdd68664b5b232e4f5b035b6db1d4cf411c899d51ebca9f30","src/unix/bsd/netbsdlike/openbsd/aarch64.rs":"dd91931d373b7ecaf6e2de25adadee10d16fa9b12c2cbacdff3eb291e1ba36af","src/unix/bsd/netbsdlike/openbsd/arm.rs":"01580d261bc6447bb327a0d982181b7bdabfa066cee65a30373d3ced729ad307","src/unix/bsd/netbsdlike/openbsd/mips64.rs":"8532a189ae10c7d668d9d4065da8b05d124e09bd39442c9f74a7f231c43eca48","src/unix/bsd/netbsdlike/openbsd/mod.rs":"38b7d65a86701a75a9047a3ef3b006f09ffbb33ab2312174bcee889efb74e100","src/unix/bsd/netbsdlike/openbsd/powerpc.rs":"01580d261bc6447bb327a0d982181b7bdabfa066cee65a30373d3ced729ad307","src/unix/bsd/netbsdlike/openbsd/powerpc64.rs":"1dd5449dd1fd3d51e30ffdeeaece91d0aaf05c710e0ac699fecc5461cfa2c28e","src/unix/bsd/netbsdlike/openbsd/riscv64.rs":"1dd5449dd1fd3d51e30ffdeeaece91d0aaf05c710e0ac699fecc5461cfa2c28e","src/unix/bsd/netbsdlike/openbsd/sparc64.rs":"d04fd287afbaa2c5df9d48c94e8374a532a3ba491b424ddf018270c7312f4085","src/unix/bsd/netbsdlike/openbsd/x86.rs":"6f7f5c4fde2a2259eb547890cbd86570cea04ef85347d7569e94e679448bec87","src/unix/bsd/netbsdlike/openbsd/x86_64.rs":"d31db31630289c85af3339dbe357998a21ca584cbae31607448fe2cf7675a4e1","src/unix/haiku/b32.rs":"a2efdbf7158a6da341e1db9176b0ab193ba88b449616239ed95dced11f54d87b","src/unix/haiku/b64.rs":"ff8115367d3d7d354f792d6176dfaaa26353f57056197b563bf4681f91ff7985","src/unix/haiku/mod.rs":"891f77891349938ffb2048db0446e28f2b7f78a0286042d0f0a9af6c2d4570af","src/unix/haiku/native.rs":"dbfcbf4954a79d1df2ff58e0590bbcb8c57dfc7a32392aa73ee4726b66bd6cc8","src/unix/haiku/x86_64.rs":"3ec3aeeb7ed208b8916f3e32d42bfd085ff5e16936a1a35d9a52789f043b7237","src/unix/hermit/aarch64.rs":"86048676e335944c37a63d0083d0f368ae10ceccefeed9debb3bbe08777fc682","src/unix/hermit/mod.rs":"a1494a0bddf301cceb0d9b8529a84b5882fe855ceae77a1c4e8d6034e705e26c","src/unix/hermit/x86_64.rs":"ab832b7524e5fb15c49ff7431165ab1a37dc4667ae0b58e8306f4c539bfa110c","src/unix/linux_like/android/b32/arm.rs":"007391f35663762d8097a8a5ae301accb82c729713da0dfd9631c4bc69d9305e","src/unix/linux_like/android/b32/mod.rs":"7c173e0375119bf06a3081652faede95e5bcd6858e7576b7533d037978737c8f","src/unix/linux_like/android/b32/x86/align.rs":"812914e4241df82e32b12375ca3374615dc3a4bdd4cf31f0423c5815320c0dab","src/unix/linux_like/android/b32/x86/mod.rs":"81b4ab3ffc347e819f2f62c09dcd923d9d12d14b3d0e66ddc06ab78fa75a4b88","src/unix/linux_like/android/b64/aarch64/align.rs":"2179c3b1608fa4bf68840482bfc2b2fa3ee2faf6fcae3770f9e505cddca35c7b","src/unix/linux_like/android/b64/aarch64/int128.rs":"1735f6f5c56770d20dd426442f09724d9b2052b46a7cd82f23f3288a4a7276de","src/unix/linux_like/android/b64/aarch64/mod.rs":"f12594f7a57654ea63794822761c1ef9029ee5cef6bbad498c928a5bff2dfade","src/unix/linux_like/android/b64/mod.rs":"71e4fcbe952bfa4a5f9022f3972e906917b38f729b9d8ef57cd5d179104894ac","src/unix/linux_like/android/b64/riscv64/align.rs":"0bf138f84e5327d8339bcd4adf071a6832b516445e597552c82bbd881095e3a8","src/unix/linux_like/android/b64/riscv64/mod.rs":"80e9f93fed838a48b4e2e8d77b95c72cfd7c0647bcce63851555c5ad16dad143","src/unix/linux_like/android/b64/x86_64/align.rs":"7169d07a9fd4716f7512719aec9fda5d8bed306dc0720ffc1b21696c9951e3c6","src/unix/linux_like/android/b64/x86_64/mod.rs":"40be3b9dac9b52f3fd341fae4593a8c8c11a79ed694bcccf82f8810253c77492","src/unix/linux_like/android/mod.rs":"bf37384b99034eb1817303d9e1b35fe895da1010b024ada128e84059dad2c73b","src/unix/linux_like/emscripten/align.rs":"86c95cbed7a7161b1f23ee06843e7b0e2340ad92b2cb86fe2a8ef3e0e8c36216","src/unix/linux_like/emscripten/mod.rs":"24a6b0eadc011ee75c5bcbd18fe9f30d64006b71ec1416f6352e6015917240fc","src/unix/linux_like/emscripten/no_align.rs":"0128e4aa721a9902754828b61b5ec7d8a86619983ed1e0544a85d35b1051fad6","src/unix/linux_like/linux/align.rs":"d6c259942c8e843373accd180fc8f4f45f03544dfd21b93a8d02641ead3ef63e","src/unix/linux_like/linux/arch/generic/mod.rs":"46dd6634e564fb1b60c8a2d1018ef8f365d1a8ed26f162c99528922d06d14134","src/unix/linux_like/linux/arch/mips/mod.rs":"2d166054a586bb4bf6e4a4ba35f7574907b217225eff8f1a43adc4277e142460","src/unix/linux_like/linux/arch/mod.rs":"466a29622e47c6c7f1500682b2eb17f5566dd81b322cd6348f0fdd355cec593a","src/unix/linux_like/linux/arch/powerpc/mod.rs":"3f6da7b0fa7b394c7d4eea2bb3caa7a7729ab0d6c1491fef02206a912c41b815","src/unix/linux_like/linux/arch/sparc/mod.rs":"91593ec0440f1dd8f8e612028f432c44c14089286e2aca50e10511ab942db8c3","src/unix/linux_like/linux/gnu/align.rs":"e4a3c27fe20a57b8d612c34cb05bc70646edb5cec7251957315afa53a7b9f936","src/unix/linux_like/linux/gnu/b32/arm/align.rs":"6ec0eb3ee93f7ae99fd714b4deabfb5e97fbcefd8c26f5a45fb8e7150899cdeb","src/unix/linux_like/linux/gnu/b32/arm/mod.rs":"5bd3f6b3484e049ddaac95f411b0d82cbf1cd28e6a5defbc927bd917f5f7d299","src/unix/linux_like/linux/gnu/b32/m68k/align.rs":"8faa92f77a9232c035418d45331774e64a9a841d99c91791570a203bf2b45bcb","src/unix/linux_like/linux/gnu/b32/m68k/mod.rs":"a2a0a9400dae44086ebf579e0448e0676d4a3214d1ae7d13a024857251e23b6b","src/unix/linux_like/linux/gnu/b32/mips/align.rs":"429fb5e005cb7143602d430098b6ebfb7d360685b194f333dfd587472ae954ee","src/unix/linux_like/linux/gnu/b32/mips/mod.rs":"6b9a5dac6f937ddc1453e808e3c43502c87143332df9e43ac64fb8b1eda6c116","src/unix/linux_like/linux/gnu/b32/mod.rs":"8da281da578cdee972e952b118b903b370320897a7e335342a15e1359864bef2","src/unix/linux_like/linux/gnu/b32/powerpc.rs":"5c5d90326b54b57b98eff4745fe7a3fb02f053b2dc782241a73e807b491936a3","src/unix/linux_like/linux/gnu/b32/riscv32/align.rs":"d321491612be8d5c61b6ec2dc0111beb3a22e58803f99cd37543efe86621b119","src/unix/linux_like/linux/gnu/b32/riscv32/mod.rs":"5e7c1e29aeb82fc422f45b73fb0cf3d13d0902300f9150d2755a9074f8d96999","src/unix/linux_like/linux/gnu/b32/sparc/align.rs":"21adbed27df73e2d1ed934aaf733a643003d7baf2bde9c48ea440895bcca6d41","src/unix/linux_like/linux/gnu/b32/sparc/mod.rs":"80894eece66e9348f45d1b07ad37c757ea694bbd10ed49d3f920b34e9f51a9a3","src/unix/linux_like/linux/gnu/b32/x86/align.rs":"e4bafdc4a519a7922a81b37a62bbfd1177a2f620890eef8f1fbc47162e9eb413","src/unix/linux_like/linux/gnu/b32/x86/mod.rs":"c703cc5e9de2dc31d9e5831bfb6f354d6e3518b2ae02263f68a9a70f1c0167e2","src/unix/linux_like/linux/gnu/b64/aarch64/align.rs":"ea39d5fd8ca5a71314127d1e1f542bca34ac566eac9a95662076d91ea4bee548","src/unix/linux_like/linux/gnu/b64/aarch64/ilp32.rs":"21a21503ef2e095f4371044915d4bfb07a8578011cb5c713cd9f45947b0b5730","src/unix/linux_like/linux/gnu/b64/aarch64/int128.rs":"1735f6f5c56770d20dd426442f09724d9b2052b46a7cd82f23f3288a4a7276de","src/unix/linux_like/linux/gnu/b64/aarch64/lp64.rs":"e78c3cd197f44832338b414d1a9bc0d194f44c74db77bd7bf830c1fff62b2690","src/unix/linux_like/linux/gnu/b64/aarch64/mod.rs":"666beae35371cb54a4ad091764e0e3ca4983d5205179c119a8ff97d3ae301869","src/unix/linux_like/linux/gnu/b64/loongarch64/align.rs":"6616c38bf8cab53034dce9f968adae8fb7771334445a93876d000cfd08f117a8","src/unix/linux_like/linux/gnu/b64/loongarch64/mod.rs":"17e9478b6a5830f6b8f6bea4ccab712cfd1972cdfb43b97408a068e4ea924106","src/unix/linux_like/linux/gnu/b64/mips64/align.rs":"7169d07a9fd4716f7512719aec9fda5d8bed306dc0720ffc1b21696c9951e3c6","src/unix/linux_like/linux/gnu/b64/mips64/mod.rs":"80b4b97a41564290c510e68a1fb20cfd8424206f010e71a596f12877de886a71","src/unix/linux_like/linux/gnu/b64/mod.rs":"3c6555f30a7a8852757b31a542ea73fb6a16a6e27e838397e819278ad56e57a4","src/unix/linux_like/linux/gnu/b64/powerpc64/align.rs":"e29c4868bbecfa4a6cd8a2ad06193f3bbc78a468cc1dc9df83f002f1268130d9","src/unix/linux_like/linux/gnu/b64/powerpc64/mod.rs":"a595e37c2325ceb40ef66c634bd3c255ad184a1d70ff8025e98a075f0ec67704","src/unix/linux_like/linux/gnu/b64/riscv64/align.rs":"d321491612be8d5c61b6ec2dc0111beb3a22e58803f99cd37543efe86621b119","src/unix/linux_like/linux/gnu/b64/riscv64/mod.rs":"ef4b13477ffd8532fb6705ca3fa63a1f13e8d19ee39b083c5355dfce430c1a5b","src/unix/linux_like/linux/gnu/b64/s390x.rs":"788fde4fa1919859cc028b59da31de00449edd2b2c1530ae76134beac418b73c","src/unix/linux_like/linux/gnu/b64/sparc64/align.rs":"e29c4868bbecfa4a6cd8a2ad06193f3bbc78a468cc1dc9df83f002f1268130d9","src/unix/linux_like/linux/gnu/b64/sparc64/mod.rs":"c4fa0ede3f78b21a9982667922cccd0681bee3cb6d42208ea9958f65e93d6308","src/unix/linux_like/linux/gnu/b64/x86_64/align.rs":"62e822478356db4a73b6bbd1b36d825b893939ab4b308ec11b0578bcc4b49769","src/unix/linux_like/linux/gnu/b64/x86_64/mod.rs":"e37e0421290b152fe508883181c41225e09dd5452a6b085e8d807b3b54823028","src/unix/linux_like/linux/gnu/b64/x86_64/not_x32.rs":"c1b6345ce14f67d1b2e2f7f2c0ff9a074c07acbd348df69cb4558bda8c8fb9ae","src/unix/linux_like/linux/gnu/b64/x86_64/x32.rs":"3f4d2aeadb7d2620cad09564abdbfc5cf02eeb5a27f2bab8a4e9b4bdbdb258a5","src/unix/linux_like/linux/gnu/mod.rs":"e31aa4bd147c83d05dcd13baca4b9f676320a7713ff50de08b51d0c88f8241a3","src/unix/linux_like/linux/gnu/no_align.rs":"9cd223135de75315840ff9c3fd5441ba1cb632b96b5c85a76f8316c86653db25","src/unix/linux_like/linux/mod.rs":"8862912e65ae64dd26728ced492eacbdd3753b7a19432fc8fdf5a673ff7526c9","src/unix/linux_like/linux/musl/b32/arm/align.rs":"3e8ac052c1043764776b54c93ba4260e061df998631737a897d9d47d54f7b80c","src/unix/linux_like/linux/musl/b32/arm/mod.rs":"f5b217a93f99c2852f7fd1459f529798372fa7df84ee0cfd3d8cdd5b2021b8cf","src/unix/linux_like/linux/musl/b32/hexagon.rs":"226a8b64ce9c75abbbee6d2dceb0b44f7b6c750c4102ebd4d015194afee6666e","src/unix/linux_like/linux/musl/b32/mips/align.rs":"429fb5e005cb7143602d430098b6ebfb7d360685b194f333dfd587472ae954ee","src/unix/linux_like/linux/musl/b32/mips/mod.rs":"16a7a03d998a5db11be9ee81525c7faec4623383260e8bc125b1c53a050fde75","src/unix/linux_like/linux/musl/b32/mod.rs":"580e27c5ce3344df686f1ffc08fdfa2c282d1ceb623d778c50d210d4bd65ec7e","src/unix/linux_like/linux/musl/b32/powerpc.rs":"dc52adc264c34bce80753d6bd064e8fc4b8237fa1e5c5315ccb6c72df74c2813","src/unix/linux_like/linux/musl/b32/riscv32/align.rs":"efd2accf33b87de7c7547903359a5da896edc33cd6c719552c7474b60d4a5d48","src/unix/linux_like/linux/musl/b32/riscv32/mod.rs":"e57dc5562553aab6d0765e0ec266254aa52975f8757bfe97e0c6028fa7d5d37c","src/unix/linux_like/linux/musl/b32/x86/align.rs":"08e77fbd7435d7dec2ff56932433bece3f02e47ce810f89004a275a86d39cbe1","src/unix/linux_like/linux/musl/b32/x86/mod.rs":"7a1586f77bb693f0b319ec720c35963da056287fc42f8e2ccf1d5b2bcccf4fd6","src/unix/linux_like/linux/musl/b64/aarch64/align.rs":"6ba32725d24d7d8e6aa111f3b57aafa318f83b606abe96561329151829821133","src/unix/linux_like/linux/musl/b64/aarch64/int128.rs":"1735f6f5c56770d20dd426442f09724d9b2052b46a7cd82f23f3288a4a7276de","src/unix/linux_like/linux/musl/b64/aarch64/mod.rs":"31e75179cbb4e26425b3f5b052e358f593153da662884655e60801d852e55dc2","src/unix/linux_like/linux/musl/b64/mips64.rs":"9a5d29f666332bb056d0e2951e9de989aa1dc016075f009db3f2f628e0cdda8c","src/unix/linux_like/linux/musl/b64/mod.rs":"8c10627bd582cb272514e7350ae4743a65d489356eae039d2e7e55cd533fbbc8","src/unix/linux_like/linux/musl/b64/powerpc64.rs":"455dc0ffa55afc1db6ffaf461f6f2a7b49d31658bfebe0bb4efac5967a6f956c","src/unix/linux_like/linux/musl/b64/riscv64/align.rs":"d321491612be8d5c61b6ec2dc0111beb3a22e58803f99cd37543efe86621b119","src/unix/linux_like/linux/musl/b64/riscv64/mod.rs":"42d4b6d36807f37759094a732a321080cccdf498b174d632cebba147051de294","src/unix/linux_like/linux/musl/b64/s390x.rs":"d8a4fdfea0960ec284cae4facb8b0fb342e8aa41544cffacdcaf08c5a92a43f8","src/unix/linux_like/linux/musl/b64/x86_64/align.rs":"77309276ad7a42cbe59ca381f23590b7a143aded05555b34a5b307b808cbca6e","src/unix/linux_like/linux/musl/b64/x86_64/mod.rs":"7a877cd23b64be66d28e6b8dddae32d59a88d69115637539daf19381f4e39330","src/unix/linux_like/linux/musl/mod.rs":"8d8b50a0bf7ec53bd4d2ea92e8bfae14529f0beb3f22a65b55623f7086fee8ac","src/unix/linux_like/linux/no_align.rs":"da2a8721becaaaa528781f97f5d9aae6a982ae5d4f5f6d2ffc0150bed72319b3","src/unix/linux_like/linux/non_exhaustive.rs":"181a05bf94fdb911db83ce793b993bd6548a4115b306a7ef3c10f745a8fea3e9","src/unix/linux_like/linux/uclibc/align.rs":"9ed16138d8e439bd90930845a65eafa7ebd67366e6bf633936d44014f6e4c959","src/unix/linux_like/linux/uclibc/arm/align.rs":"e4a3c27fe20a57b8d612c34cb05bc70646edb5cec7251957315afa53a7b9f936","src/unix/linux_like/linux/uclibc/arm/mod.rs":"bf2dcf0a468f386899f572324f3bc14be1974f570afdfff1075ca6c5dd57710d","src/unix/linux_like/linux/uclibc/arm/no_align.rs":"9cd223135de75315840ff9c3fd5441ba1cb632b96b5c85a76f8316c86653db25","src/unix/linux_like/linux/uclibc/mips/mips32/align.rs":"e4a3c27fe20a57b8d612c34cb05bc70646edb5cec7251957315afa53a7b9f936","src/unix/linux_like/linux/uclibc/mips/mips32/mod.rs":"d2fc251754458b697ef6e599f0a670ebca18f61e4026bf681be4e2baa896b9df","src/unix/linux_like/linux/uclibc/mips/mips32/no_align.rs":"9cd223135de75315840ff9c3fd5441ba1cb632b96b5c85a76f8316c86653db25","src/unix/linux_like/linux/uclibc/mips/mips64/align.rs":"a7bdcb18a37a2d91e64d5fad83ea3edc78f5412adb28f77ab077dbb26dd08b2d","src/unix/linux_like/linux/uclibc/mips/mips64/mod.rs":"256a428290a560163ef7dc7d18b27bd3c6ce9748a0f28d5dc7f82203ee228220","src/unix/linux_like/linux/uclibc/mips/mips64/no_align.rs":"4a18e3875698c85229599225ac3401a2a40da87e77b2ad4ef47c6fcd5a24ed30","src/unix/linux_like/linux/uclibc/mips/mod.rs":"367ec5483ad317e6ccba1ac0888da6cf088a8d32689214cc8d16129aa692260c","src/unix/linux_like/linux/uclibc/mod.rs":"1c3d25cddcfefa2bd17bdc81550826be31a08eef235e13f825f169a5029c8bca","src/unix/linux_like/linux/uclibc/no_align.rs":"3f28637046524618adaa1012e26cb7ffe94b9396e6b518cccdc69d59f274d709","src/unix/linux_like/linux/uclibc/x86_64/l4re.rs":"024eba5753e852dbdd212427351affe7e83f9916c1864bce414d7aa2618f192e","src/unix/linux_like/linux/uclibc/x86_64/mod.rs":"420dbea99e99091f333641e202960fa4bed0733de2a834e610708555be6bab4c","src/unix/linux_like/linux/uclibc/x86_64/other.rs":"42c3f71e58cabba373f6a55a623f3c31b85049eb64824c09c2b082b3b2d6a0a8","src/unix/linux_like/mod.rs":"759e65c13f7e49a6efd1a979c821c53c478648f7f00cb29da65d92904c7c6814","src/unix/mod.rs":"a55d80aae47b642e25810c2321626f4cc5168170230a1d73953dfca58709b774","src/unix/newlib/aarch64/mod.rs":"bac93836a9a57b2c710f32f852e92a4d11ad6759ab0fb6ad33e71d60e53278af","src/unix/newlib/align.rs":"28aaf87fafbc6b312622719d472d8cf65f9e5467d15339df5f73e66d8502b28a","src/unix/newlib/arm/mod.rs":"cbba6b3e957eceb496806e60de8725a23ff3fa0015983b4b4fa27b233732b526","src/unix/newlib/espidf/mod.rs":"816f235f4aa4baabba7f2606b31d0fdb03988c52194c966728de8690bf17299d","src/unix/newlib/generic.rs":"eab066d9f0a0f3eb53cc1073d01496bba0110989e1f6a59838afd19f870cd599","src/unix/newlib/horizon/mod.rs":"7cc5cc120437421db139bfa6a90b18168cd3070bdd0f5be96d40fe4c996f3ca1","src/unix/newlib/mod.rs":"47d853beaa42b4aa17532d7687715e00e1da6632fccbcdcb079382dbde5412ff","src/unix/newlib/no_align.rs":"e0743b2179495a9514bc3a4d1781e492878c4ec834ee0085d0891dd1712e82fb","src/unix/newlib/powerpc/mod.rs":"0202ffd57caf75b6afa2c9717750ffb96e375ac33df0ae9609a3f831be393b67","src/unix/no_align.rs":"c06e95373b9088266e0b14bba0954eef95f93fb2b01d951855e382d22de78e53","src/unix/nto/aarch64.rs":"4709c9afdc8d583be876598e7c238499ee3e8da5bd2baa614d9c7dd414851555","src/unix/nto/mod.rs":"a4ed355f33ab18041cf642e2f4d1a50dc96b5bce778715f04352c34d020961b5","src/unix/nto/neutrino.rs":"62198d95ccc0fe7ece6f9d5c0b29fc22303ef458886efb5e09aad524eca2ab7b","src/unix/nto/x86_64.rs":"a3e18e93c2999da1cd7a6f748a4b60c07aefb73d8ea2aafec19a84cfb040bc8e","src/unix/redox/mod.rs":"c8afea39f81e73ad4e9bf8a8f25138a200e616048e189debad80a6b7e08f710f","src/unix/solarish/compat.rs":"00f1ee3faec9da69204e42f025f6735dd13d894071a154425dcc43ecbdd06e7f","src/unix/solarish/illumos.rs":"cd93c2d84722bbf9933a92842a8998eb0b2afc962f50bc2546ad127b82809fa7","src/unix/solarish/mod.rs":"b1c0a1d347b30d45c85429b7236d234f5b2c86b9eec439e897c9371d856c187a","src/unix/solarish/solaris.rs":"41b350a89ddf01cd12a10f93640f92be53be0b0d976021cdc08da17bf3e72edf","src/unix/solarish/x86.rs":"e86e806df0caed72765040eaa2f3c883198d1aa91508540adf9b7008c77f522e","src/unix/solarish/x86_64.rs":"ec2b01f194eb8a6a27133c57681da195a949e03098f3ea1e847227a9c09ef5fc","src/unix/solarish/x86_common.rs":"ac869d9c3c95645c22460468391eb1982023c3a8e02b9e06a72e3aef3d5f1eac","src/vxworks/aarch64.rs":"98f0afdc511cd02557e506c21fed6737585490a1dce7a9d4941d08c437762b99","src/vxworks/arm.rs":"acb7968ce99fe3f4abdf39d98f8133d21a4fba435b8ef7084777cb181d788e88","src/vxworks/mod.rs":"ff063860fc4fe3bca6332742764e29c1506884added21aa7722144c1fb3f4018","src/vxworks/powerpc.rs":"acb7968ce99fe3f4abdf39d98f8133d21a4fba435b8ef7084777cb181d788e88","src/vxworks/powerpc64.rs":"98f0afdc511cd02557e506c21fed6737585490a1dce7a9d4941d08c437762b99","src/vxworks/x86.rs":"552f007f38317620b23889cb7c49d1d115841252439060122f52f434fbc6e5ba","src/vxworks/x86_64.rs":"018d92be3ad628a129eff9f2f5dfbc0883d8b8e5f2fa917b900a7f98ed6b514a","src/wasi.rs":"b9a2ecc75fd2359a2484e93fdd1c539d2abc109cd9455d8f566476bcfb19df3d","src/windows/gnu/align.rs":"b2c13ec1b9f3b39a75c452c80c951dff9d0215e31d77e883b4502afb31794647","src/windows/gnu/mod.rs":"3c8c7edb7cdf5d0c44af936db2a94869585c69dfabeef30571b4f4e38375767a","src/windows/mod.rs":"5421b92f47cb69845f4323b1a14e533d8a17acc6412c58e67f4d41def749de2f","src/windows/msvc/mod.rs":"c068271e00fca6b62bc4bf44bcf142cfc38caeded9b6c4e01d1ceef3ccf986f4","tests/const_fn.rs":"cb75a1f0864f926aebe79118fc34d51a0d1ade2c20a394e7774c7e545f21f1f4"},"package":"201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79"} \ No newline at end of file diff -Nru suricata-6.0.9/rust/vendor/libc/Cargo.toml suricata-6.0.10/rust/vendor/libc/Cargo.toml --- suricata-6.0.9/rust/vendor/libc/Cargo.toml 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/Cargo.toml 2023-01-31 06:31:40.000000000 +0000 @@ -11,7 +11,7 @@ [package] name = "libc" -version = "0.2.137" +version = "0.2.139" authors = ["The Rust Project Developers"] build = "build.rs" exclude = [ diff -Nru suricata-6.0.9/rust/vendor/libc/CONTRIBUTING.md suricata-6.0.10/rust/vendor/libc/CONTRIBUTING.md --- suricata-6.0.9/rust/vendor/libc/CONTRIBUTING.md 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/CONTRIBUTING.md 2023-01-31 06:31:40.000000000 +0000 @@ -86,7 +86,7 @@ 1. Increment the patch version number in `Cargo.toml` and `libc-test/Cargo.toml`. 1. Send a PR to this repository. It should [look like this][example-pr], but it'd also be nice to fill out the description with a small rationale for the - release (any rationale is ok though!) + release (any rationale is ok though!). 1. Once merged, the release will be tagged and published by one of the libc crate maintainers. diff -Nru suricata-6.0.9/rust/vendor/libc/src/fuchsia/mod.rs suricata-6.0.10/rust/vendor/libc/src/fuchsia/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/fuchsia/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/fuchsia/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -909,8 +909,8 @@ pub struct sockaddr_storage { pub ss_family: sa_family_t, + __ss_pad2: [u8; 128 - 2 - 8], __ss_align: ::size_t, - __ss_pad2: [u8; 128 - 2 * 8], } pub struct utsname { @@ -3402,11 +3402,16 @@ pub fn feof(stream: *mut FILE) -> c_int; pub fn ferror(stream: *mut FILE) -> c_int; pub fn perror(s: *const c_char); + pub fn atof(s: *const c_char) -> c_double; pub fn atoi(s: *const c_char) -> c_int; + pub fn atol(s: *const c_char) -> c_long; + pub fn atoll(s: *const c_char) -> c_longlong; pub fn strtod(s: *const c_char, endp: *mut *mut c_char) -> c_double; pub fn strtof(s: *const c_char, endp: *mut *mut c_char) -> c_float; pub fn strtol(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_long; + pub fn strtoll(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_longlong; pub fn strtoul(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_ulong; + pub fn strtoull(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_ulonglong; pub fn calloc(nobj: size_t, size: size_t) -> *mut c_void; pub fn malloc(size: size_t) -> *mut c_void; pub fn realloc(p: *mut c_void, size: size_t) -> *mut c_void; @@ -3448,7 +3453,6 @@ pub fn memset(dest: *mut c_void, c: c_int, n: size_t) -> *mut c_void; pub fn abs(i: c_int) -> c_int; - pub fn atof(s: *const c_char) -> c_double; pub fn labs(i: c_long) -> c_long; pub fn rand() -> c_int; pub fn srand(seed: c_uint); @@ -3780,7 +3784,7 @@ pub fn poll(fds: *mut pollfd, nfds: nfds_t, timeout: ::c_int) -> ::c_int; pub fn select( nfds: ::c_int, - readfs: *mut fd_set, + readfds: *mut fd_set, writefds: *mut fd_set, errorfds: *mut fd_set, timeout: *mut timeval, @@ -3817,7 +3821,7 @@ pub fn pselect( nfds: ::c_int, - readfs: *mut fd_set, + readfds: *mut fd_set, writefds: *mut fd_set, errorfds: *mut fd_set, timeout: *const timespec, diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/aarch64.rs suricata-6.0.10/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/aarch64.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/aarch64.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/aarch64.rs 2023-01-31 06:31:40.000000000 +0000 @@ -6,17 +6,6 @@ pub type suseconds_t = i64; pub type register_t = i64; -// should be pub(crate), but that requires Rust 1.18.0 -cfg_if! { - if #[cfg(libc_const_size_of)] { - #[doc(hidden)] - pub const _ALIGNBYTES: usize = ::mem::size_of::<::c_longlong>() - 1; - } else { - #[doc(hidden)] - pub const _ALIGNBYTES: usize = 8 - 1; - } -} - s_no_extra_traits! { pub struct gpregs { pub gp_x: [::register_t; 30], @@ -44,6 +33,17 @@ } } +// should be pub(crate), but that requires Rust 1.18.0 +cfg_if! { + if #[cfg(libc_const_size_of)] { + #[doc(hidden)] + pub const _ALIGNBYTES: usize = ::mem::size_of::<::c_longlong>() - 1; + } else { + #[doc(hidden)] + pub const _ALIGNBYTES: usize = 8 - 1; + } +} + cfg_if! { if #[cfg(feature = "extra_traits")] { impl PartialEq for gpregs { diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/freebsd13/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/freebsd13/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/freebsd13/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/freebsd13/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -527,15 +527,6 @@ policy: ::c_int, ) -> ::c_int; - pub fn copy_file_range( - infd: ::c_int, - inoffp: *mut ::off_t, - outfd: ::c_int, - outoffp: *mut ::off_t, - len: ::size_t, - flags: ::c_uint, - ) -> ::ssize_t; - pub fn dirname(path: *mut ::c_char) -> *mut ::c_char; pub fn basename(path: *mut ::c_char) -> *mut ::c_char; } diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/freebsd14/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/freebsd14/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/freebsd14/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/freebsd14/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -527,15 +527,6 @@ policy: ::c_int, ) -> ::c_int; - pub fn copy_file_range( - infd: ::c_int, - inoffp: *mut ::off_t, - outfd: ::c_int, - outoffp: *mut ::off_t, - len: ::size_t, - flags: ::c_uint, - ) -> ::ssize_t; - pub fn dirname(path: *mut ::c_char) -> *mut ::c_char; pub fn basename(path: *mut ::c_char) -> *mut ::c_char; } diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -998,6 +998,15 @@ pub alloc_policy: ::c_int, __pad: [::c_int; 10], } + + pub struct memory_type { + __priva: [::uintptr_t; 32], + __privb: [::uintptr_t; 26], + } + + pub struct memory_type_list { + __priv: [::uintptr_t; 2], + } } s_no_extra_traits! { @@ -2379,6 +2388,10 @@ pub const PROC_PROTMAX_STATUS: ::c_int = 16; pub const PROC_STACKGAP_CTL: ::c_int = 17; pub const PROC_STACKGAP_STATUS: ::c_int = 18; +pub const PROC_NO_NEW_PRIVS_CTL: ::c_int = 19; +pub const PROC_NO_NEW_PRIVS_STATUS: ::c_int = 20; +pub const PROC_WXMAP_CTL: ::c_int = 21; +pub const PROC_WXMAP_STATUS: ::c_int = 22; pub const PROC_PROCCTL_MD_MIN: ::c_int = 0x10000000; pub const PPROT_SET: ::c_int = 1; @@ -2408,6 +2421,13 @@ pub const PROC_STACKGAP_ENABLE_EXEC: ::c_int = 0x0004; pub const PROC_STACKGAP_DISABLE_EXEC: ::c_int = 0x0008; +pub const PROC_NO_NEW_PRIVS_ENABLE: ::c_int = 1; +pub const PROC_NO_NEW_PRIVS_DISABLE: ::c_int = 2; + +pub const PROC_WX_MAPPINGS_PERMIT: ::c_int = 0x0001; +pub const PROC_WX_MAPPINGS_DISALLOW_EXEC: ::c_int = 0x0002; +pub const PROC_WXORX_ENFORCE: ::c_int = 0x80000000; + pub const AF_SLOW: ::c_int = 33; pub const AF_SCLUSTER: ::c_int = 34; pub const AF_ARP: ::c_int = 35; @@ -3934,6 +3954,15 @@ pub fn aio_write(aiocbp: *mut aiocb) -> ::c_int; pub fn aio_writev(aiocbp: *mut ::aiocb) -> ::c_int; + pub fn copy_file_range( + infd: ::c_int, + inoffp: *mut ::off_t, + outfd: ::c_int, + outoffp: *mut ::off_t, + len: ::size_t, + flags: ::c_uint, + ) -> ::ssize_t; + pub fn devname_r( dev: ::dev_t, mode: ::mode_t, @@ -4272,8 +4301,13 @@ pub fn cpuset_setid(which: cpuwhich_t, id: ::id_t, setid: ::cpusetid_t) -> ::c_int; pub fn cap_enter() -> ::c_int; pub fn cap_getmode(modep: *mut ::c_uint) -> ::c_int; + pub fn cap_fcntls_get(fd: ::c_int, fcntlrightsp: *mut u32) -> ::c_int; + pub fn cap_fcntls_limit(fd: ::c_int, fcntlrights: u32) -> ::c_int; + pub fn cap_ioctls_get(fd: ::c_int, cmds: *mut u_long, maxcmds: usize) -> isize; + pub fn cap_ioctls_limit(fd: ::c_int, cmds: *const u_long, ncmds: usize) -> ::c_int; pub fn __cap_rights_init(version: ::c_int, rights: *mut cap_rights_t, ...) -> *mut cap_rights_t; + pub fn __cap_rights_get(version: ::c_int, fd: ::c_int, rightsp: *mut cap_rights_t) -> ::c_int; pub fn __cap_rights_set(rights: *mut cap_rights_t, ...) -> *mut cap_rights_t; pub fn __cap_rights_clear(rights: *mut cap_rights_t, ...) -> *mut cap_rights_t; pub fn __cap_rights_is_set(rights: *const cap_rights_t, ...) -> bool; @@ -4283,6 +4317,7 @@ pub fn cap_rights_remove(dst: *mut cap_rights_t, src: *const cap_rights_t) -> *mut cap_rights_t; pub fn cap_rights_contains(big: *const cap_rights_t, little: *const cap_rights_t) -> bool; + pub fn cap_sandboxed() -> bool; pub fn reallocarray(ptr: *mut ::c_void, nmemb: ::size_t, size: ::size_t) -> *mut ::c_void; @@ -4358,6 +4393,22 @@ ) -> ::c_int; } +#[link(name = "memstat")] +extern "C" { + pub fn memstat_strerror(error: ::c_int) -> *const ::c_char; + pub fn memstat_mtl_alloc() -> *mut memory_type_list; + pub fn memstat_mtl_first(list: *mut memory_type_list) -> *mut memory_type; + pub fn memstat_mtl_next(mtp: *mut memory_type) -> *mut memory_type; + pub fn memstat_mtl_find( + list: *mut memory_type_list, + allocator: ::c_int, + name: *const ::c_char, + ) -> *mut memory_type; + pub fn memstat_mtl_free(list: *mut memory_type_list); + pub fn memstat_mtl_geterror(list: *mut memory_type_list) -> ::c_int; + pub fn memstat_get_name(mtp: *const memory_type) -> *const ::c_char; +} + #[link(name = "kvm")] extern "C" { pub fn kvm_dpcpu_setcpu(kd: *mut ::kvm_t, cpu: ::c_uint) -> ::c_int; diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/riscv64.rs suricata-6.0.10/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/riscv64.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/riscv64.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/bsd/freebsdlike/freebsd/riscv64.rs 2023-01-31 06:31:40.000000000 +0000 @@ -6,17 +6,6 @@ pub type suseconds_t = ::c_long; pub type register_t = i64; -// should be pub(crate), but that requires Rust 1.18.0 -cfg_if! { - if #[cfg(libc_const_size_of)] { - #[doc(hidden)] - pub const _ALIGNBYTES: usize = ::mem::size_of::<::c_longlong>() - 1; - } else { - #[doc(hidden)] - pub const _ALIGNBYTES: usize = 8 - 1; - } -} - s_no_extra_traits! { pub struct gpregs { pub gp_ra: ::register_t, @@ -46,6 +35,17 @@ } } +// should be pub(crate), but that requires Rust 1.18.0 +cfg_if! { + if #[cfg(libc_const_size_of)] { + #[doc(hidden)] + pub const _ALIGNBYTES: usize = ::mem::size_of::<::c_longlong>() - 1; + } else { + #[doc(hidden)] + pub const _ALIGNBYTES: usize = 8 - 1; + } +} + cfg_if! { if #[cfg(feature = "extra_traits")] { impl PartialEq for gpregs { diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/bsd/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/bsd/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/bsd/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/bsd/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -115,6 +115,13 @@ pub rm_so: regoff_t, pub rm_eo: regoff_t, } + + pub struct option { + pub name: *const ::c_char, + pub has_arg: ::c_int, + pub flag: *mut ::c_int, + pub val: ::c_int, + } } s_no_extra_traits! { @@ -606,7 +613,6 @@ pub fn strerror_r(errnum: ::c_int, buf: *mut c_char, buflen: ::size_t) -> ::c_int; pub fn abs(i: ::c_int) -> ::c_int; - pub fn atof(s: *const ::c_char) -> ::c_double; pub fn labs(i: ::c_long) -> ::c_long; #[cfg_attr( all(target_os = "freebsd", any(freebsd12, freebsd11, freebsd10)), @@ -885,6 +891,13 @@ pub fn srand48(seed: ::c_long); pub fn seed48(xseed: *mut ::c_ushort) -> *mut ::c_ushort; pub fn lcong48(p: *mut ::c_ushort); + pub fn getopt_long( + argc: ::c_int, + argv: *const *mut c_char, + optstring: *const c_char, + longopts: *const option, + longindex: *mut ::c_int, + ) -> ::c_int; } cfg_if! { diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/bsd/netbsdlike/netbsd/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/bsd/netbsdlike/netbsd/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/bsd/netbsdlike/netbsd/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/bsd/netbsdlike/netbsd/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -2315,6 +2315,12 @@ pub const _REG_RSP: ::c_int = 24; pub const _REG_SS: ::c_int = 25; +// sys/xattr.h +pub const XATTR_CREATE: ::c_int = 0x01; +pub const XATTR_REPLACE: ::c_int = 0x02; +// sys/extattr.h +pub const EXTATTR_NAMESPACE_EMPTY: ::c_int = 0; + const_fn! { {const} fn _ALIGN(p: usize) -> usize { (p + _ALIGNBYTES) & !_ALIGNBYTES @@ -2453,6 +2459,24 @@ envp: *const *const ::c_char, ) -> ::c_int; + pub fn extattr_list_fd( + fd: ::c_int, + attrnamespace: ::c_int, + data: *mut ::c_void, + nbytes: ::size_t, + ) -> ::ssize_t; + pub fn extattr_list_file( + path: *const ::c_char, + attrnamespace: ::c_int, + data: *mut ::c_void, + nbytes: ::size_t, + ) -> ::ssize_t; + pub fn extattr_list_link( + path: *const ::c_char, + attrnamespace: ::c_int, + data: *mut ::c_void, + nbytes: ::size_t, + ) -> ::ssize_t; pub fn extattr_delete_fd( fd: ::c_int, attrnamespace: ::c_int, diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/haiku/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/haiku/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/haiku/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/haiku/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -430,6 +430,13 @@ pub key: *mut ::c_char, pub data: *mut ::c_void, } + + pub struct option { + pub name: *const ::c_char, + pub has_arg: ::c_int, + pub flag: *mut ::c_int, + pub val: ::c_int, + } } s_no_extra_traits! { @@ -1585,7 +1592,6 @@ pub fn _errnop() -> *mut ::c_int; pub fn abs(i: ::c_int) -> ::c_int; - pub fn atof(s: *const ::c_char) -> ::c_double; pub fn labs(i: ::c_long) -> ::c_long; pub fn rand() -> ::c_int; pub fn srand(seed: ::c_uint); @@ -1971,7 +1977,13 @@ attr: *mut posix_spawnattr_t, sigmask: *const ::sigset_t, ) -> ::c_int; - + pub fn getopt_long( + argc: ::c_int, + argv: *const *mut c_char, + optstring: *const c_char, + longopts: *const option, + longindex: *mut ::c_int, + ) -> ::c_int; } #[link(name = "bsd")] diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/hermit/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/hermit/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/hermit/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/hermit/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -966,7 +966,6 @@ pub fn sem_init(sem: *mut sem_t, pshared: ::c_int, value: ::c_uint) -> ::c_int; pub fn abs(i: ::c_int) -> ::c_int; - pub fn atof(s: *const ::c_char) -> ::c_double; pub fn labs(i: ::c_long) -> ::c_long; pub fn rand() -> ::c_int; pub fn srand(seed: ::c_uint); diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/android/b32/arm.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/android/b32/arm.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/android/b32/arm.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/android/b32/arm.rs 2023-01-31 06:31:40.000000000 +0000 @@ -501,6 +501,9 @@ pub const SYS_pkey_mprotect: ::c_long = 394; pub const SYS_pkey_alloc: ::c_long = 395; pub const SYS_pkey_free: ::c_long = 396; +pub const SYS_io_uring_setup: ::c_long = 425; +pub const SYS_io_uring_enter: ::c_long = 426; +pub const SYS_io_uring_register: ::c_long = 427; // offsets in mcontext_t.gregs from sys/ucontext.h pub const REG_R0: ::c_int = 0; diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/android/b32/x86/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/android/b32/x86/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/android/b32/x86/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/android/b32/x86/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -533,6 +533,9 @@ pub const SYS_pkey_mprotect: ::c_long = 380; pub const SYS_pkey_alloc: ::c_long = 381; pub const SYS_pkey_free: ::c_long = 382; +pub const SYS_io_uring_setup: ::c_long = 425; +pub const SYS_io_uring_enter: ::c_long = 426; +pub const SYS_io_uring_register: ::c_long = 427; // offsets in user_regs_structs, from sys/reg.h pub const EBX: ::c_int = 0; diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/android/b64/aarch64/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/android/b64/aarch64/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/android/b64/aarch64/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/android/b64/aarch64/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -374,6 +374,9 @@ pub const SYS_pkey_mprotect: ::c_long = 288; pub const SYS_pkey_alloc: ::c_long = 289; pub const SYS_pkey_free: ::c_long = 290; +pub const SYS_io_uring_setup: ::c_long = 425; +pub const SYS_io_uring_enter: ::c_long = 426; +pub const SYS_io_uring_register: ::c_long = 427; pub const SYS_syscalls: ::c_long = 436; cfg_if! { diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/android/b64/x86_64/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/android/b64/x86_64/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/android/b64/x86_64/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/android/b64/x86_64/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -728,6 +728,9 @@ pub const SYS_pkey_mprotect: ::c_long = 329; pub const SYS_pkey_alloc: ::c_long = 330; pub const SYS_pkey_free: ::c_long = 331; +pub const SYS_io_uring_setup: ::c_long = 425; +pub const SYS_io_uring_enter: ::c_long = 426; +pub const SYS_io_uring_register: ::c_long = 427; // offsets in user_regs_structs, from sys/reg.h pub const R15: ::c_int = 0; diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/android/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/android/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/android/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/android/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -355,6 +355,140 @@ pub flags: ::__u32, pub nr: ::__s32, } + + // linux/input.h + pub struct input_event { + pub time: ::timeval, + pub type_: ::__u16, + pub code: ::__u16, + pub value: ::__s32, + } + + pub struct input_id { + pub bustype: ::__u16, + pub vendor: ::__u16, + pub product: ::__u16, + pub version: ::__u16, + } + + pub struct input_absinfo { + pub value: ::__s32, + pub minimum: ::__s32, + pub maximum: ::__s32, + pub fuzz: ::__s32, + pub flat: ::__s32, + pub resolution: ::__s32, + } + + pub struct input_keymap_entry { + pub flags: ::__u8, + pub len: ::__u8, + pub index: ::__u16, + pub keycode: ::__u32, + pub scancode: [::__u8; 32], + } + + pub struct input_mask { + pub type_: ::__u32, + pub codes_size: ::__u32, + pub codes_ptr: ::__u64, + } + + pub struct ff_replay { + pub length: ::__u16, + pub delay: ::__u16, + } + + pub struct ff_trigger { + pub button: ::__u16, + pub interval: ::__u16, + } + + pub struct ff_envelope { + pub attack_length: ::__u16, + pub attack_level: ::__u16, + pub fade_length: ::__u16, + pub fade_level: ::__u16, + } + + pub struct ff_constant_effect { + pub level: ::__s16, + pub envelope: ff_envelope, + } + + pub struct ff_ramp_effect { + pub start_level: ::__s16, + pub end_level: ::__s16, + pub envelope: ff_envelope, + } + + pub struct ff_condition_effect { + pub right_saturation: ::__u16, + pub left_saturation: ::__u16, + + pub right_coeff: ::__s16, + pub left_coeff: ::__s16, + + pub deadband: ::__u16, + pub center: ::__s16, + } + + pub struct ff_periodic_effect { + pub waveform: ::__u16, + pub period: ::__u16, + pub magnitude: ::__s16, + pub offset: ::__s16, + pub phase: ::__u16, + + pub envelope: ff_envelope, + + pub custom_len: ::__u32, + pub custom_data: *mut ::__s16, + } + + pub struct ff_rumble_effect { + pub strong_magnitude: ::__u16, + pub weak_magnitude: ::__u16, + } + + pub struct ff_effect { + pub type_: ::__u16, + pub id: ::__s16, + pub direction: ::__u16, + pub trigger: ff_trigger, + pub replay: ff_replay, + // FIXME this is actually a union + #[cfg(target_pointer_width = "64")] + pub u: [u64; 4], + #[cfg(target_pointer_width = "32")] + pub u: [u32; 7], + } + + // linux/uinput.h + pub struct uinput_ff_upload { + pub request_id: ::__u32, + pub retval: ::__s32, + pub effect: ff_effect, + pub old: ff_effect, + } + + pub struct uinput_ff_erase { + pub request_id: ::__u32, + pub retval: ::__s32, + pub effect_id: ::__u32, + } + + pub struct uinput_abs_setup { + pub code: ::__u16, + pub absinfo: input_absinfo, + } + + pub struct option { + pub name: *const ::c_char, + pub has_arg: ::c_int, + pub flag: *mut ::c_int, + pub val: ::c_int, + } } s_no_extra_traits! { @@ -417,6 +551,22 @@ pub salg_name: [::c_uchar; 64], } + pub struct uinput_setup { + pub id: input_id, + pub name: [::c_char; UINPUT_MAX_NAME_SIZE], + pub ff_effects_max: ::__u32, + } + + pub struct uinput_user_dev { + pub name: [::c_char; UINPUT_MAX_NAME_SIZE], + pub id: input_id, + pub ff_effects_max: ::__u32, + pub absmax: [::__s32; ABS_CNT], + pub absmin: [::__s32; ABS_CNT], + pub absfuzz: [::__s32; ABS_CNT], + pub absflat: [::__s32; ABS_CNT], + } + /// WARNING: The `PartialEq`, `Eq` and `Hash` implementations of this /// type are unsound and will be removed in the future. #[deprecated( @@ -715,6 +865,72 @@ } } + impl PartialEq for uinput_setup { + fn eq(&self, other: &uinput_setup) -> bool { + self.id == other.id + && self.name[..] == other.name[..] + && self.ff_effects_max == other.ff_effects_max + } + } + impl Eq for uinput_setup {} + + impl ::fmt::Debug for uinput_setup { + fn fmt(&self, f: &mut ::fmt::Formatter) -> ::fmt::Result { + f.debug_struct("uinput_setup") + .field("id", &self.id) + .field("name", &&self.name[..]) + .field("ff_effects_max", &self.ff_effects_max) + .finish() + } + } + + impl ::hash::Hash for uinput_setup { + fn hash(&self, state: &mut H) { + self.id.hash(state); + self.name.hash(state); + self.ff_effects_max.hash(state); + } + } + + impl PartialEq for uinput_user_dev { + fn eq(&self, other: &uinput_user_dev) -> bool { + self.name[..] == other.name[..] + && self.id == other.id + && self.ff_effects_max == other.ff_effects_max + && self.absmax[..] == other.absmax[..] + && self.absmin[..] == other.absmin[..] + && self.absfuzz[..] == other.absfuzz[..] + && self.absflat[..] == other.absflat[..] + } + } + impl Eq for uinput_user_dev {} + + impl ::fmt::Debug for uinput_user_dev { + fn fmt(&self, f: &mut ::fmt::Formatter) -> ::fmt::Result { + f.debug_struct("uinput_setup") + .field("name", &&self.name[..]) + .field("id", &self.id) + .field("ff_effects_max", &self.ff_effects_max) + .field("absmax", &&self.absmax[..]) + .field("absmin", &&self.absmin[..]) + .field("absfuzz", &&self.absfuzz[..]) + .field("absflat", &&self.absflat[..]) + .finish() + } + } + + impl ::hash::Hash for uinput_user_dev { + fn hash(&self, state: &mut H) { + self.name.hash(state); + self.id.hash(state); + self.ff_effects_max.hash(state); + self.absmax.hash(state); + self.absmin.hash(state); + self.absfuzz.hash(state); + self.absflat.hash(state); + } + } + #[allow(deprecated)] impl af_alg_iv { fn as_slice(&self) -> &[u8] { @@ -2173,9 +2389,52 @@ pub const NFT_NG_INCREMENTAL: ::c_int = 0; pub const NFT_NG_RANDOM: ::c_int = 1; +// linux/input.h +pub const FF_MAX: ::__u16 = 0x7f; +pub const FF_CNT: usize = FF_MAX as usize + 1; + +// linux/input-event-codes.h +pub const INPUT_PROP_MAX: ::__u16 = 0x1f; +pub const INPUT_PROP_CNT: usize = INPUT_PROP_MAX as usize + 1; +pub const EV_MAX: ::__u16 = 0x1f; +pub const EV_CNT: usize = EV_MAX as usize + 1; +pub const SYN_MAX: ::__u16 = 0xf; +pub const SYN_CNT: usize = SYN_MAX as usize + 1; +pub const KEY_MAX: ::__u16 = 0x2ff; +pub const KEY_CNT: usize = KEY_MAX as usize + 1; +pub const REL_MAX: ::__u16 = 0x0f; +pub const REL_CNT: usize = REL_MAX as usize + 1; +pub const ABS_MAX: ::__u16 = 0x3f; +pub const ABS_CNT: usize = ABS_MAX as usize + 1; +pub const SW_MAX: ::__u16 = 0x0f; +pub const SW_CNT: usize = SW_MAX as usize + 1; +pub const MSC_MAX: ::__u16 = 0x07; +pub const MSC_CNT: usize = MSC_MAX as usize + 1; +pub const LED_MAX: ::__u16 = 0x0f; +pub const LED_CNT: usize = LED_MAX as usize + 1; +pub const REP_MAX: ::__u16 = 0x01; +pub const REP_CNT: usize = REP_MAX as usize + 1; +pub const SND_MAX: ::__u16 = 0x07; +pub const SND_CNT: usize = SND_MAX as usize + 1; + +// linux/uinput.h +pub const UINPUT_VERSION: ::c_uint = 5; +pub const UINPUT_MAX_NAME_SIZE: usize = 80; + +// bionic/libc/kernel/uapi/linux/if_tun.h pub const IFF_TUN: ::c_int = 0x0001; pub const IFF_TAP: ::c_int = 0x0002; +pub const IFF_NAPI: ::c_int = 0x0010; +pub const IFF_NAPI_FRAGS: ::c_int = 0x0020; pub const IFF_NO_PI: ::c_int = 0x1000; +pub const IFF_ONE_QUEUE: ::c_int = 0x2000; +pub const IFF_VNET_HDR: ::c_int = 0x4000; +pub const IFF_TUN_EXCL: ::c_int = 0x8000; +pub const IFF_MULTI_QUEUE: ::c_int = 0x0100; +pub const IFF_ATTACH_QUEUE: ::c_int = 0x0200; +pub const IFF_DETACH_QUEUE: ::c_int = 0x0400; +pub const IFF_PERSIST: ::c_int = 0x0800; +pub const IFF_NOFILTER: ::c_int = 0x1000; // start android/platform/bionic/libc/kernel/uapi/linux/if_ether.h // from https://android.googlesource.com/ @@ -2367,10 +2626,10 @@ pub const IN_IGNORED: u32 = 0x0000_8000; pub const IN_ONLYDIR: u32 = 0x0100_0000; pub const IN_DONT_FOLLOW: u32 = 0x0200_0000; -// pub const IN_EXCL_UNLINK: u32 = 0x0400_0000; +pub const IN_EXCL_UNLINK: u32 = 0x0400_0000; -// pub const IN_MASK_CREATE: u32 = 0x1000_0000; -// pub const IN_MASK_ADD: u32 = 0x2000_0000; +pub const IN_MASK_CREATE: u32 = 0x1000_0000; +pub const IN_MASK_ADD: u32 = 0x2000_0000; pub const IN_ISDIR: u32 = 0x4000_0000; pub const IN_ONESHOT: u32 = 0x8000_0000; @@ -2491,6 +2750,12 @@ pub const SOMAXCONN: ::c_int = 128; +// sys/prctl.h +pub const PR_SET_PDEATHSIG: ::c_int = 1; +pub const PR_GET_PDEATHSIG: ::c_int = 2; +pub const PR_GET_SECUREBITS: ::c_int = 27; +pub const PR_SET_SECUREBITS: ::c_int = 28; + // sys/system_properties.h pub const PROP_VALUE_MAX: ::c_int = 92; pub const PROP_NAME_MAX: ::c_int = 32; @@ -3198,6 +3463,10 @@ pub fn gettid() -> ::pid_t; + pub fn getrandom(buf: *mut ::c_void, buflen: ::size_t, flags: ::c_uint) -> ::ssize_t; + + pub fn pthread_setname_np(thread: ::pthread_t, name: *const ::c_char) -> ::c_int; + pub fn __system_property_set(__name: *const ::c_char, __value: *const ::c_char) -> ::c_int; pub fn __system_property_get(__name: *const ::c_char, __value: *mut ::c_char) -> ::c_int; pub fn __system_property_find(__name: *const ::c_char) -> *const prop_info; @@ -3230,6 +3499,13 @@ pub fn dirname(path: *const ::c_char) -> *mut ::c_char; pub fn basename(path: *const ::c_char) -> *mut ::c_char; + pub fn getopt_long( + argc: ::c_int, + argv: *const *mut c_char, + optstring: *const c_char, + longopts: *const option, + longindex: *mut ::c_int, + ) -> ::c_int; } cfg_if! { diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/emscripten/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/emscripten/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/emscripten/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/emscripten/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -1763,7 +1763,6 @@ pub fn strerror_r(errnum: ::c_int, buf: *mut c_char, buflen: ::size_t) -> ::c_int; pub fn abs(i: ::c_int) -> ::c_int; - pub fn atof(s: *const ::c_char) -> ::c_double; pub fn labs(i: ::c_long) -> ::c_long; pub fn rand() -> ::c_int; pub fn srand(seed: ::c_uint); diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/arch/generic/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/arch/generic/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/arch/generic/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/arch/generic/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -106,7 +106,9 @@ } cfg_if! { - if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] { + if #[cfg(any(target_arch = "x86", + target_arch = "x86_64", + target_arch = "aarch64"))] { pub const FICLONE: ::c_ulong = 0x40049409; pub const FICLONERANGE: ::c_ulong = 0x4020940D; } diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/aarch64/align.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/aarch64/align.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/aarch64/align.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/aarch64/align.rs 2023-01-31 06:31:40.000000000 +0000 @@ -49,3 +49,10 @@ pub cgroup: ::c_ulonglong, } } + +extern "C" { + pub fn getcontext(ucp: *mut ucontext_t) -> ::c_int; + pub fn setcontext(ucp: *const ucontext_t) -> ::c_int; + pub fn makecontext(ucp: *mut ucontext_t, func: extern "C" fn(), argc: ::c_int, ...); + pub fn swapcontext(uocp: *mut ucontext_t, ucp: *const ucontext_t) -> ::c_int; +} diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/aarch64/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/aarch64/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/aarch64/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/aarch64/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -866,6 +866,7 @@ pub const SYS_pkey_free: ::c_long = 290; pub const SYS_statx: ::c_long = 291; pub const SYS_rseq: ::c_long = 293; +pub const SYS_kexec_file_load: ::c_long = 294; pub const SYS_pidfd_send_signal: ::c_long = 424; pub const SYS_io_uring_setup: ::c_long = 425; pub const SYS_io_uring_enter: ::c_long = 426; diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/loongarch64/align.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/loongarch64/align.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/loongarch64/align.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/loongarch64/align.rs 2023-01-31 06:31:40.000000000 +0000 @@ -5,3 +5,36 @@ priv_: [f64; 4] } } + +s! { + pub struct ucontext_t { + pub uc_flags: ::c_ulong, + pub uc_link: *mut ucontext_t, + pub uc_stack: ::stack_t, + pub uc_sigmask: ::sigset_t, + pub uc_mcontext: mcontext_t, + } + + #[repr(align(16))] + pub struct mcontext_t { + pub sc_pc: ::c_ulonglong, + pub sc_regs: [::c_ulonglong; 32], + pub sc_flags: ::c_ulong, + pub sc_extcontext: [u64; 0], + } + + #[repr(align(8))] + pub struct clone_args { + pub flags: ::c_ulonglong, + pub pidfd: ::c_ulonglong, + pub child_tid: ::c_ulonglong, + pub parent_tid: ::c_ulonglong, + pub exit_signal: ::c_ulonglong, + pub stack: ::c_ulonglong, + pub stack_size: ::c_ulonglong, + pub tls: ::c_ulonglong, + pub set_tid: ::c_ulonglong, + pub set_tid_size: ::c_ulonglong, + pub cgroup: ::c_ulonglong, + } +} diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/loongarch64/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/loongarch64/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/loongarch64/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/gnu/b64/loongarch64/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -325,8 +325,6 @@ pub const SYS_splice: ::c_long = 76; pub const SYS_tee: ::c_long = 77; pub const SYS_readlinkat: ::c_long = 78; -pub const SYS_newfstatat: ::c_long = 79; -pub const SYS_fstat: ::c_long = 80; pub const SYS_sync: ::c_long = 81; pub const SYS_fsync: ::c_long = 82; pub const SYS_fdatasync: ::c_long = 83; @@ -409,8 +407,6 @@ pub const SYS_uname: ::c_long = 160; pub const SYS_sethostname: ::c_long = 161; pub const SYS_setdomainname: ::c_long = 162; -pub const SYS_getrlimit: ::c_long = 163; -pub const SYS_setrlimit: ::c_long = 164; pub const SYS_getrusage: ::c_long = 165; pub const SYS_umask: ::c_long = 166; pub const SYS_prctl: ::c_long = 167; @@ -772,8 +768,8 @@ pub const TCSANOW: ::c_int = 0; pub const TCSADRAIN: ::c_int = 1; pub const TCSAFLUSH: ::c_int = 2; -pub const SIGSTKSZ: ::size_t = 8192; -pub const MINSIGSTKSZ: ::size_t = 2048; +pub const SIGSTKSZ: ::size_t = 16384; +pub const MINSIGSTKSZ: ::size_t = 4096; pub const CBAUD: ::tcflag_t = 0o0010017; pub const CSIZE: ::tcflag_t = 0x00000030; pub const CS6: ::tcflag_t = 0x00000010; @@ -858,17 +854,6 @@ pub const EFD_CLOEXEC: ::c_int = 0x80000; pub const EFD_NONBLOCK: ::c_int = 0x800; -extern "C" { - pub fn sysctl( - name: *mut ::c_int, - namelen: ::c_int, - oldp: *mut ::c_void, - oldlenp: *mut ::size_t, - newp: *mut ::c_void, - newlen: ::size_t, - ) -> ::c_int; -} - cfg_if! { if #[cfg(libc_align)] { mod align; diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -618,6 +618,13 @@ pub ifr6_prefixlen: u32, pub ifr6_ifindex: ::c_int, } + + pub struct option { + pub name: *const ::c_char, + pub has_arg: ::c_int, + pub flag: *mut ::c_int, + pub val: ::c_int, + } } s_no_extra_traits! { @@ -1576,6 +1583,10 @@ pub const AT_EXECFN: ::c_ulong = 31; +// defined in arch//include/uapi/asm/auxvec.h but has the same value +// wherever it is defined. +pub const AT_SYSINFO_EHDR: ::c_ulong = 33; + pub const GLOB_ERR: ::c_int = 1 << 0; pub const GLOB_MARK: ::c_int = 1 << 1; pub const GLOB_NOSORT: ::c_int = 1 << 2; @@ -1593,6 +1604,7 @@ pub const POSIX_MADV_SEQUENTIAL: ::c_int = 2; pub const POSIX_MADV_WILLNEED: ::c_int = 3; pub const POSIX_SPAWN_USEVFORK: ::c_int = 64; +pub const POSIX_SPAWN_SETSID: ::c_int = 128; pub const S_IEXEC: mode_t = 64; pub const S_IWRITE: mode_t = 128; @@ -3053,7 +3065,7 @@ pub const IN_IGNORED: u32 = 0x0000_8000; pub const IN_ONLYDIR: u32 = 0x0100_0000; pub const IN_DONT_FOLLOW: u32 = 0x0200_0000; -// pub const IN_EXCL_UNLINK: u32 = 0x0400_0000; +pub const IN_EXCL_UNLINK: u32 = 0x0400_0000; // linux/keyctl.h pub const KEY_SPEC_THREAD_KEYRING: i32 = -1; @@ -3099,8 +3111,8 @@ pub const KEYCTL_INVALIDATE: u32 = 21; pub const KEYCTL_GET_PERSISTENT: u32 = 22; -// pub const IN_MASK_CREATE: u32 = 0x1000_0000; -// pub const IN_MASK_ADD: u32 = 0x2000_0000; +pub const IN_MASK_CREATE: u32 = 0x1000_0000; +pub const IN_MASK_ADD: u32 = 0x2000_0000; pub const IN_ISDIR: u32 = 0x4000_0000; pub const IN_ONESHOT: u32 = 0x8000_0000; @@ -3792,11 +3804,20 @@ pub fn strerror_r(errnum: ::c_int, buf: *mut c_char, buflen: ::size_t) -> ::c_int; pub fn abs(i: ::c_int) -> ::c_int; - pub fn atof(s: *const ::c_char) -> ::c_double; pub fn labs(i: ::c_long) -> ::c_long; pub fn rand() -> ::c_int; pub fn srand(seed: ::c_uint); + pub fn drand48() -> ::c_double; + pub fn erand48(xseed: *mut ::c_ushort) -> ::c_double; + pub fn lrand48() -> ::c_long; + pub fn nrand48(xseed: *mut ::c_ushort) -> ::c_long; + pub fn mrand48() -> ::c_long; + pub fn jrand48(xseed: *mut ::c_ushort) -> ::c_long; + pub fn srand48(seed: ::c_long); + pub fn seed48(xseed: *mut ::c_ushort) -> *mut ::c_ushort; + pub fn lcong48(p: *mut ::c_ushort); + pub fn lutimes(file: *const ::c_char, times: *const ::timeval) -> ::c_int; pub fn setpwent(); @@ -4430,6 +4451,13 @@ pub fn pthread_getname_np(thread: ::pthread_t, name: *mut ::c_char, len: ::size_t) -> ::c_int; pub fn pthread_setname_np(thread: ::pthread_t, name: *const ::c_char) -> ::c_int; + pub fn getopt_long( + argc: ::c_int, + argv: *const *mut c_char, + optstring: *const c_char, + longopts: *const option, + longindex: *mut ::c_int, + ) -> ::c_int; } cfg_if! { diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/musl/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/musl/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/musl/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/musl/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -590,6 +590,8 @@ pub const SFD_NONBLOCK: ::c_int = ::O_NONBLOCK; +pub const PIDFD_NONBLOCK: ::c_uint = O_NONBLOCK as ::c_uint; + pub const TCSANOW: ::c_int = 0; pub const TCSADRAIN: ::c_int = 1; pub const TCSAFLUSH: ::c_int = 2; diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/uclibc/arm/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/uclibc/arm/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/uclibc/arm/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/uclibc/arm/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -884,8 +884,10 @@ pub const SYS_pkey_alloc: ::c_long = 395; pub const SYS_pkey_free: ::c_long = 396; pub const SYS_statx: ::c_int = 397; +pub const SYS_pidfd_send_signal: ::c_long = 424; pub const SYS_pidfd_open: ::c_long = 434; pub const SYS_clone3: ::c_long = 435; +pub const SYS_pidfd_getfd: ::c_long = 438; cfg_if! { if #[cfg(libc_align)] { diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/uclibc/mips/mips32/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/uclibc/mips/mips32/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/linux/uclibc/mips/mips32/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/linux/uclibc/mips/mips32/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -13,6 +13,7 @@ pub type fsblkcnt_t = ::c_ulong; pub type fsfilcnt_t = ::c_ulong; pub type __u64 = ::c_ulonglong; +pub type __s64 = ::c_longlong; pub type fsblkcnt64_t = u64; pub type fsfilcnt64_t = u64; diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/linux_like/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/linux_like/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -231,11 +231,11 @@ pub struct sockaddr_storage { pub ss_family: sa_family_t, - __ss_align: ::size_t, #[cfg(target_pointer_width = "32")] - __ss_pad2: [u8; 128 - 2 * 4], + __ss_pad2: [u8; 128 - 2 - 4], #[cfg(target_pointer_width = "64")] - __ss_pad2: [u8; 128 - 2 * 8], + __ss_pad2: [u8; 128 - 2 - 8], + __ss_align: ::size_t, } pub struct utsname { @@ -1615,6 +1615,14 @@ pub {const} fn IPTOS_ECN(x: u8) -> u8 { x & ::IPTOS_ECN_MASK } + + #[allow(ellipsis_inclusive_range_patterns)] + pub {const} fn KERNEL_VERSION(a: u32, b: u32, c: u32) -> u32 { + ((a << 16) + (b << 8)) + match c { + 0 ... 255 => c, + _ => 255, + } + } } extern "C" { diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -32,6 +32,9 @@ if #[cfg(any(target_os = "espidf", target_os = "horizon"))] { pub type uid_t = ::c_ushort; pub type gid_t = ::c_ushort; + } else if #[cfg(target_os = "nto")] { + pub type uid_t = i32; + pub type gid_t = i32; } else { pub type uid_t = u32; pub type gid_t = u32; @@ -209,25 +212,31 @@ pub const SIG_DFL: sighandler_t = 0 as sighandler_t; pub const SIG_IGN: sighandler_t = 1 as sighandler_t; pub const SIG_ERR: sighandler_t = !0 as sighandler_t; - -pub const DT_UNKNOWN: u8 = 0; -pub const DT_FIFO: u8 = 1; -pub const DT_CHR: u8 = 2; -pub const DT_DIR: u8 = 4; -pub const DT_BLK: u8 = 6; -pub const DT_REG: u8 = 8; -pub const DT_LNK: u8 = 10; -pub const DT_SOCK: u8 = 12; - +cfg_if! { + if #[cfg(not(target_os = "nto"))] { + pub const DT_UNKNOWN: u8 = 0; + pub const DT_FIFO: u8 = 1; + pub const DT_CHR: u8 = 2; + pub const DT_DIR: u8 = 4; + pub const DT_BLK: u8 = 6; + pub const DT_REG: u8 = 8; + pub const DT_LNK: u8 = 10; + pub const DT_SOCK: u8 = 12; + } +} cfg_if! { if #[cfg(not(target_os = "redox"))] { pub const FD_CLOEXEC: ::c_int = 0x1; } } -pub const USRQUOTA: ::c_int = 0; -pub const GRPQUOTA: ::c_int = 1; - +cfg_if! { + if #[cfg(not(target_os = "nto"))] + { + pub const USRQUOTA: ::c_int = 0; + pub const GRPQUOTA: ::c_int = 1; + } +} pub const SIGIOT: ::c_int = 6; pub const S_ISUID: ::mode_t = 0x800; @@ -281,9 +290,13 @@ pub const LOG_PRIMASK: ::c_int = 7; pub const LOG_FACMASK: ::c_int = 0x3f8; -pub const PRIO_MIN: ::c_int = -20; -pub const PRIO_MAX: ::c_int = 20; - +cfg_if! { + if #[cfg(not(target_os = "nto"))] + { + pub const PRIO_MIN: ::c_int = -20; + pub const PRIO_MAX: ::c_int = 20; + } +} pub const IPPROTO_ICMP: ::c_int = 1; pub const IPPROTO_ICMPV6: ::c_int = 58; pub const IPPROTO_TCP: ::c_int = 6; @@ -329,6 +342,8 @@ cfg(target_feature = "crt-static"))] #[link(name = "gcc", kind = "static", modifiers = "-bundle", cfg(target_feature = "crt-static"))] + #[link(name = "c", kind = "static", modifiers = "-bundle", + cfg(target_feature = "crt-static"))] #[link(name = "util", cfg(not(target_feature = "crt-static")))] #[link(name = "rt", cfg(not(target_feature = "crt-static")))] #[link(name = "pthread", cfg(not(target_feature = "crt-static")))] @@ -359,7 +374,9 @@ target_os = "tvos", target_os = "watchos", target_os = "android", - target_os = "openbsd"))] { + target_os = "openbsd", + target_os = "nto", + ))] { #[link(name = "c")] #[link(name = "m")] extern {} @@ -451,8 +468,6 @@ link_name = "freopen$UNIX2003" )] pub fn freopen(filename: *const c_char, mode: *const c_char, file: *mut FILE) -> *mut FILE; - pub fn fmemopen(buf: *mut c_void, size: size_t, mode: *const c_char) -> *mut FILE; - pub fn open_memstream(ptr: *mut *mut c_char, sizeloc: *mut size_t) -> *mut FILE; pub fn fflush(file: *mut FILE) -> c_int; pub fn fclose(file: *mut FILE) -> c_int; @@ -490,7 +505,10 @@ pub fn ferror(stream: *mut FILE) -> c_int; pub fn clearerr(stream: *mut FILE); pub fn perror(s: *const c_char); + pub fn atof(s: *const c_char) -> c_double; pub fn atoi(s: *const c_char) -> c_int; + pub fn atol(s: *const c_char) -> c_long; + pub fn atoll(s: *const c_char) -> c_longlong; #[cfg_attr( all(target_os = "macos", target_arch = "x86"), link_name = "strtod$UNIX2003" @@ -498,7 +516,9 @@ pub fn strtod(s: *const c_char, endp: *mut *mut c_char) -> c_double; pub fn strtof(s: *const c_char, endp: *mut *mut c_char) -> c_float; pub fn strtol(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_long; + pub fn strtoll(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_longlong; pub fn strtoul(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_ulong; + pub fn strtoull(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_ulonglong; pub fn calloc(nobj: size_t, size: size_t) -> *mut c_void; pub fn malloc(size: size_t) -> *mut c_void; pub fn realloc(p: *mut c_void, size: size_t) -> *mut c_void; @@ -506,7 +526,6 @@ pub fn abort() -> !; pub fn exit(status: c_int) -> !; pub fn _exit(status: c_int) -> !; - pub fn atexit(cb: extern "C" fn()) -> c_int; #[cfg_attr( all(target_os = "macos", target_arch = "x86"), link_name = "system$UNIX2003" @@ -1160,8 +1179,6 @@ optlen: *mut ::socklen_t, ) -> ::c_int; pub fn raise(signum: ::c_int) -> ::c_int; - #[cfg_attr(target_os = "netbsd", link_name = "__sigaction14")] - pub fn sigaction(signum: ::c_int, act: *const sigaction, oldact: *mut sigaction) -> ::c_int; #[cfg_attr(target_os = "netbsd", link_name = "__utimes50")] pub fn utimes(filename: *const ::c_char, times: *const ::timeval) -> ::c_int; @@ -1304,7 +1321,7 @@ #[cfg_attr(target_os = "netbsd", link_name = "__select50")] pub fn select( nfds: ::c_int, - readfs: *mut fd_set, + readfds: *mut fd_set, writefds: *mut fd_set, errorfds: *mut fd_set, timeout: *mut timeval, @@ -1323,8 +1340,6 @@ pub fn statvfs(path: *const c_char, buf: *mut statvfs) -> ::c_int; pub fn fstatvfs(fd: ::c_int, buf: *mut statvfs) -> ::c_int; - pub fn readlink(path: *const c_char, buf: *mut c_char, bufsz: ::size_t) -> ::ssize_t; - #[cfg_attr(target_os = "netbsd", link_name = "__sigemptyset14")] pub fn sigemptyset(set: *mut sigset_t) -> ::c_int; #[cfg_attr(target_os = "netbsd", link_name = "__sigaddset14")] @@ -1345,23 +1360,6 @@ pub fn mkfifo(path: *const c_char, mode: mode_t) -> ::c_int; - #[cfg_attr( - all(target_os = "macos", target_arch = "x86_64"), - link_name = "pselect$1050" - )] - #[cfg_attr( - all(target_os = "macos", target_arch = "x86"), - link_name = "pselect$UNIX2003" - )] - #[cfg_attr(target_os = "netbsd", link_name = "__pselect50")] - pub fn pselect( - nfds: ::c_int, - readfs: *mut fd_set, - writefds: *mut fd_set, - errorfds: *mut fd_set, - timeout: *const timespec, - sigmask: *const sigset_t, - ) -> ::c_int; pub fn fseeko(stream: *mut ::FILE, offset: ::off_t, whence: ::c_int) -> ::c_int; pub fn ftello(stream: *mut ::FILE) -> ::off_t; #[cfg_attr( @@ -1409,7 +1407,8 @@ cfg_if! { if #[cfg(not(any(target_os = "emscripten", target_os = "android", - target_os = "haiku")))] { + target_os = "haiku", + target_os = "nto")))] { extern "C" { pub fn adjtime(delta: *const timeval, olddelta: *mut timeval) -> ::c_int; pub fn stpncpy(dst: *mut c_char, src: *const c_char, n: size_t) -> *mut c_char; @@ -1418,7 +1417,7 @@ } cfg_if! { - if #[cfg(not(target_env = "uclibc"))] { + if #[cfg(not(any(target_env = "uclibc", target_os = "nto")))] { extern "C" { pub fn open_wmemstream( ptr: *mut *mut wchar_t, @@ -1437,12 +1436,8 @@ link_name = "pause$UNIX2003")] pub fn pause() -> ::c_int; - pub fn readlinkat(dirfd: ::c_int, - pathname: *const ::c_char, - buf: *mut ::c_char, - bufsiz: ::size_t) -> ::ssize_t; pub fn mkdirat(dirfd: ::c_int, pathname: *const ::c_char, - mode: ::mode_t) -> ::c_int; + mode: ::mode_t) -> ::c_int; pub fn openat(dirfd: ::c_int, pathname: *const ::c_char, flags: ::c_int, ...) -> ::c_int; @@ -1473,7 +1468,64 @@ } cfg_if! { - if #[cfg(not(any(target_os = "solaris", target_os = "illumos")))] { + if #[cfg(target_os = "nto")] { + extern { + pub fn readlinkat(dirfd: ::c_int, + pathname: *const ::c_char, + buf: *mut ::c_char, + bufsiz: ::size_t) -> ::c_int; + pub fn readlink(path: *const c_char, buf: *mut c_char, bufsz: ::size_t) -> ::c_int; + pub fn pselect( + nfds: ::c_int, + readfds: *mut fd_set, + writefds: *mut fd_set, + errorfds: *mut fd_set, + timeout: *mut timespec, + sigmask: *const sigset_t, + ) -> ::c_int; + } + } else { + extern { + pub fn readlinkat(dirfd: ::c_int, + pathname: *const ::c_char, + buf: *mut ::c_char, + bufsiz: ::size_t) -> ::ssize_t; + pub fn fmemopen(buf: *mut c_void, size: size_t, mode: *const c_char) -> *mut FILE; + pub fn open_memstream(ptr: *mut *mut c_char, sizeloc: *mut size_t) -> *mut FILE; + pub fn atexit(cb: extern "C" fn()) -> c_int; + #[cfg_attr(target_os = "netbsd", link_name = "__sigaction14")] + pub fn sigaction( + signum: ::c_int, + act: *const sigaction, + oldact: *mut sigaction + ) -> ::c_int; + pub fn readlink(path: *const c_char, buf: *mut c_char, bufsz: ::size_t) -> ::ssize_t; + #[cfg_attr( + all(target_os = "macos", target_arch = "x86_64"), + link_name = "pselect$1050" + )] + #[cfg_attr( + all(target_os = "macos", target_arch = "x86"), + link_name = "pselect$UNIX2003" + )] + #[cfg_attr(target_os = "netbsd", link_name = "__pselect50")] + pub fn pselect( + nfds: ::c_int, + readfds: *mut fd_set, + writefds: *mut fd_set, + errorfds: *mut fd_set, + timeout: *const timespec, + sigmask: *const sigset_t, + ) -> ::c_int; + } + } +} + +cfg_if! { + if #[cfg(not(any(target_os = "solaris", + target_os = "illumos", + target_os = "nto", + )))] { extern { pub fn cfmakeraw(termios: *mut ::termios); pub fn cfsetspeed(termios: *mut ::termios, @@ -1515,6 +1567,9 @@ } else if #[cfg(target_os = "redox")] { mod redox; pub use self::redox::*; + } else if #[cfg(target_os = "nto")] { + mod nto; + pub use self::nto::*; } else { // Unknown target_os } diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/newlib/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/newlib/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/newlib/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/newlib/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -621,7 +621,6 @@ pub fn sem_init(sem: *mut sem_t, pshared: ::c_int, value: ::c_uint) -> ::c_int; pub fn abs(i: ::c_int) -> ::c_int; - pub fn atof(s: *const ::c_char) -> ::c_double; pub fn labs(i: ::c_long) -> ::c_long; pub fn rand() -> ::c_int; pub fn srand(seed: ::c_uint); diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/nto/aarch64.rs suricata-6.0.10/rust/vendor/libc/src/unix/nto/aarch64.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/nto/aarch64.rs 1970-01-01 00:00:00.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/nto/aarch64.rs 2023-01-31 06:31:40.000000000 +0000 @@ -0,0 +1,36 @@ +pub type c_char = u8; +pub type wchar_t = u32; +pub type c_long = i64; +pub type c_ulong = u64; +pub type time_t = i64; + +s! { + pub struct aarch64_qreg_t { + pub qlo: u64, + pub qhi: u64, + } + + pub struct aarch64_fpu_registers { + pub reg: [::aarch64_qreg_t; 32], + pub fpsr: u32, + pub fpcr: u32, + } + + pub struct aarch64_cpu_registers { + pub gpr: [u64; 32], + pub elr: u64, + pub pstate: u64, + } + + #[repr(align(16))] + pub struct mcontext_t { + pub cpu: ::aarch64_cpu_registers, + pub fpu: ::aarch64_fpu_registers, + } + + pub struct stack_t { + pub ss_sp: *mut ::c_void, + pub ss_size: ::size_t, + pub ss_flags: ::c_int, + } +} diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/nto/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/nto/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/nto/mod.rs 1970-01-01 00:00:00.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/nto/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -0,0 +1,3286 @@ +pub type clock_t = u32; + +pub type sa_family_t = u8; +pub type speed_t = ::c_uint; +pub type tcflag_t = ::c_uint; +pub type clockid_t = ::c_int; +pub type timer_t = ::c_int; +pub type key_t = ::c_uint; +pub type id_t = ::c_int; + +pub type useconds_t = u32; +pub type dev_t = u32; +pub type socklen_t = u32; +pub type mode_t = u32; +pub type rlim64_t = u64; +pub type mqd_t = ::c_int; +pub type nfds_t = ::c_uint; +pub type idtype_t = ::c_uint; +pub type errno_t = ::c_int; +pub type rsize_t = c_ulong; + +pub type Elf32_Half = u16; +pub type Elf32_Word = u32; +pub type Elf32_Off = u32; +pub type Elf32_Addr = u32; +pub type Elf32_Lword = u64; +pub type Elf32_Sword = i32; + +pub type Elf64_Half = u16; +pub type Elf64_Word = u32; +pub type Elf64_Off = u64; +pub type Elf64_Addr = u64; +pub type Elf64_Xword = u64; +pub type Elf64_Sxword = i64; +pub type Elf64_Lword = u64; +pub type Elf64_Sword = i32; + +pub type Elf32_Section = u16; +pub type Elf64_Section = u16; + +pub type _Time32t = u32; + +pub type pthread_t = ::c_int; +pub type regoff_t = ::ssize_t; + +pub type nlink_t = u32; +pub type blksize_t = u32; +pub type suseconds_t = i32; + +pub type ino_t = u64; +pub type off_t = i64; +pub type blkcnt_t = u64; +pub type msgqnum_t = u64; +pub type msglen_t = u64; +pub type fsblkcnt_t = u64; +pub type fsfilcnt_t = u64; +pub type rlim_t = u64; +pub type posix_spawn_file_actions_t = *mut ::c_void; +pub type posix_spawnattr_t = ::uintptr_t; + +pub type pthread_mutex_t = ::sync_t; +pub type pthread_mutexattr_t = ::_sync_attr; +pub type pthread_cond_t = ::sync_t; +pub type pthread_condattr_t = ::_sync_attr; +pub type pthread_rwlockattr_t = ::_sync_attr; +pub type pthread_key_t = ::c_int; +pub type pthread_spinlock_t = sync_t; +pub type pthread_barrierattr_t = _sync_attr; +pub type sem_t = sync_t; + +pub type nl_item = ::c_int; + +#[cfg_attr(feature = "extra_traits", derive(Debug))] +pub enum timezone {} +impl ::Copy for timezone {} +impl ::Clone for timezone { + fn clone(&self) -> timezone { + *self + } +} + +s! { + pub struct ip_mreq { + pub imr_multiaddr: in_addr, + pub imr_interface: in_addr, + } + + #[repr(packed)] + pub struct in_addr { + pub s_addr: ::in_addr_t, + } + + pub struct sockaddr { + pub sa_len: u8, + pub sa_family: sa_family_t, + pub sa_data: [::c_char; 14], + } + + pub struct sockaddr_in { + pub sin_len: u8, + pub sin_family: sa_family_t, + pub sin_port: ::in_port_t, + pub sin_addr: ::in_addr, + pub sin_zero: [i8; 8], + } + + pub struct sockaddr_in6 { + pub sin6_len: u8, + pub sin6_family: sa_family_t, + pub sin6_port: ::in_port_t, + pub sin6_flowinfo: u32, + pub sin6_addr: ::in6_addr, + pub sin6_scope_id: u32, + } + + // The order of the `ai_addr` field in this struct is crucial + // for converting between the Rust and C types. + pub struct addrinfo { + pub ai_flags: ::c_int, + pub ai_family: ::c_int, + pub ai_socktype: ::c_int, + pub ai_protocol: ::c_int, + pub ai_addrlen: socklen_t, + pub ai_canonname: *mut c_char, + pub ai_addr: *mut ::sockaddr, + pub ai_next: *mut addrinfo, + } + + pub struct fd_set { + fds_bits: [::c_uint; 2 * FD_SETSIZE / ULONG_SIZE], + } + + pub struct tm { + pub tm_sec: ::c_int, + pub tm_min: ::c_int, + pub tm_hour: ::c_int, + pub tm_mday: ::c_int, + pub tm_mon: ::c_int, + pub tm_year: ::c_int, + pub tm_wday: ::c_int, + pub tm_yday: ::c_int, + pub tm_isdst: ::c_int, + pub tm_gmtoff: ::c_long, + pub tm_zone: *const ::c_char, + } + + #[repr(align(8))] + pub struct sched_param { + pub sched_priority: ::c_int, + pub sched_curpriority: ::c_int, + pub reserved: [::c_int; 10], + } + + #[repr(align(8))] + pub struct __sched_param { + pub __sched_priority: ::c_int, + pub __sched_curpriority: ::c_int, + pub reserved: [::c_int; 10], + } + + pub struct Dl_info { + pub dli_fname: *const ::c_char, + pub dli_fbase: *mut ::c_void, + pub dli_sname: *const ::c_char, + pub dli_saddr: *mut ::c_void, + } + + pub struct lconv { + pub currency_symbol: *mut ::c_char, + pub int_curr_symbol: *mut ::c_char, + pub mon_decimal_point: *mut ::c_char, + pub mon_grouping: *mut ::c_char, + pub mon_thousands_sep: *mut ::c_char, + pub negative_sign: *mut ::c_char, + pub positive_sign: *mut ::c_char, + pub frac_digits: ::c_char, + pub int_frac_digits: ::c_char, + pub n_cs_precedes: ::c_char, + pub n_sep_by_space: ::c_char, + pub n_sign_posn: ::c_char, + pub p_cs_precedes: ::c_char, + pub p_sep_by_space: ::c_char, + pub p_sign_posn: ::c_char, + + pub int_n_cs_precedes: ::c_char, + pub int_n_sep_by_space: ::c_char, + pub int_n_sign_posn: ::c_char, + pub int_p_cs_precedes: ::c_char, + pub int_p_sep_by_space: ::c_char, + pub int_p_sign_posn: ::c_char, + + pub decimal_point: *mut ::c_char, + pub grouping: *mut ::c_char, + pub thousands_sep: *mut ::c_char, + + pub _Frac_grouping: *mut ::c_char, + pub _Frac_sep: *mut ::c_char, + pub _False: *mut ::c_char, + pub _True: *mut ::c_char, + + pub _No: *mut ::c_char, + pub _Yes: *mut ::c_char, + pub _Nostr: *mut ::c_char, + pub _Yesstr: *mut ::c_char, + pub _Reserved: [*mut ::c_char; 8], + } + + pub struct in_pktinfo { + pub ipi_addr: ::in_addr, + pub ipi_ifindex: ::c_uint, + } + + pub struct ifaddrs { + pub ifa_next: *mut ifaddrs, + pub ifa_name: *mut c_char, + pub ifa_flags: ::c_uint, + pub ifa_addr: *mut ::sockaddr, + pub ifa_netmask: *mut ::sockaddr, + pub ifa_dstaddr: *mut ::sockaddr, + pub ifa_data: *mut ::c_void + } + + pub struct arpreq { + pub arp_pa: ::sockaddr, + pub arp_ha: ::sockaddr, + pub arp_flags: ::c_int, + } + + #[repr(packed)] + pub struct arphdr { + pub ar_hrd: u16, + pub ar_pro: u16, + pub ar_hln: u8, + pub ar_pln: u8, + pub ar_op: u16, + } + + pub struct mmsghdr { + pub msg_hdr: ::msghdr, + pub msg_len: ::c_uint, + } + + #[repr(align(8))] + pub struct siginfo_t { + pub si_signo: ::c_int, + pub si_code: ::c_int, + pub si_errno: ::c_int, + __data: [u8; 36], // union + } + + pub struct sigaction { + pub sa_sigaction: ::sighandler_t, + pub sa_flags: ::c_int, + pub sa_mask: ::sigset_t, + } + + pub struct _sync { + _union: ::c_uint, + __owner: ::c_uint, + } + pub struct rlimit64 { + pub rlim_cur: rlim64_t, + pub rlim_max: rlim64_t, + } + + pub struct glob_t { + pub gl_pathc: ::size_t, + pub gl_matchc: ::c_int, + pub gl_pathv: *mut *mut c_char, + pub gl_offs: ::size_t, + pub gl_flags: ::c_int, + pub gl_errfunc: extern "C" fn(*const ::c_char, ::c_int) -> ::c_int, + + __unused1: *mut ::c_void, + __unused2: *mut ::c_void, + __unused3: *mut ::c_void, + __unused4: *mut ::c_void, + __unused5: *mut ::c_void, + } + + pub struct passwd { + pub pw_name: *mut ::c_char, + pub pw_passwd: *mut ::c_char, + pub pw_uid: ::uid_t, + pub pw_gid: ::gid_t, + pub pw_age: *mut ::c_char, + pub pw_comment: *mut ::c_char, + pub pw_gecos: *mut ::c_char, + pub pw_dir: *mut ::c_char, + pub pw_shell: *mut ::c_char, + } + + pub struct if_nameindex { + pub if_index: ::c_uint, + pub if_name: *mut ::c_char, + } + + pub struct sembuf { + pub sem_num: ::c_ushort, + pub sem_op: ::c_short, + pub sem_flg: ::c_short, + } + + pub struct Elf32_Ehdr { + pub e_ident: [::c_uchar; 16], + pub e_type: Elf32_Half, + pub e_machine: Elf32_Half, + pub e_version: Elf32_Word, + pub e_entry: Elf32_Addr, + pub e_phoff: Elf32_Off, + pub e_shoff: Elf32_Off, + pub e_flags: Elf32_Word, + pub e_ehsize: Elf32_Half, + pub e_phentsize: Elf32_Half, + pub e_phnum: Elf32_Half, + pub e_shentsize: Elf32_Half, + pub e_shnum: Elf32_Half, + pub e_shstrndx: Elf32_Half, + } + + pub struct Elf64_Ehdr { + pub e_ident: [::c_uchar; 16], + pub e_type: Elf64_Half, + pub e_machine: Elf64_Half, + pub e_version: Elf64_Word, + pub e_entry: Elf64_Addr, + pub e_phoff: Elf64_Off, + pub e_shoff: Elf64_Off, + pub e_flags: Elf64_Word, + pub e_ehsize: Elf64_Half, + pub e_phentsize: Elf64_Half, + pub e_phnum: Elf64_Half, + pub e_shentsize: Elf64_Half, + pub e_shnum: Elf64_Half, + pub e_shstrndx: Elf64_Half, + } + + pub struct Elf32_Sym { + pub st_name: Elf32_Word, + pub st_value: Elf32_Addr, + pub st_size: Elf32_Word, + pub st_info: ::c_uchar, + pub st_other: ::c_uchar, + pub st_shndx: Elf32_Section, + } + + pub struct Elf64_Sym { + pub st_name: Elf64_Word, + pub st_info: ::c_uchar, + pub st_other: ::c_uchar, + pub st_shndx: Elf64_Section, + pub st_value: Elf64_Addr, + pub st_size: Elf64_Xword, + } + + pub struct Elf32_Phdr { + pub p_type: Elf32_Word, + pub p_offset: Elf32_Off, + pub p_vaddr: Elf32_Addr, + pub p_paddr: Elf32_Addr, + pub p_filesz: Elf32_Word, + pub p_memsz: Elf32_Word, + pub p_flags: Elf32_Word, + pub p_align: Elf32_Word, + } + + pub struct Elf64_Phdr { + pub p_type: Elf64_Word, + pub p_flags: Elf64_Word, + pub p_offset: Elf64_Off, + pub p_vaddr: Elf64_Addr, + pub p_paddr: Elf64_Addr, + pub p_filesz: Elf64_Xword, + pub p_memsz: Elf64_Xword, + pub p_align: Elf64_Xword, + } + + pub struct Elf32_Shdr { + pub sh_name: Elf32_Word, + pub sh_type: Elf32_Word, + pub sh_flags: Elf32_Word, + pub sh_addr: Elf32_Addr, + pub sh_offset: Elf32_Off, + pub sh_size: Elf32_Word, + pub sh_link: Elf32_Word, + pub sh_info: Elf32_Word, + pub sh_addralign: Elf32_Word, + pub sh_entsize: Elf32_Word, + } + + pub struct Elf64_Shdr { + pub sh_name: Elf64_Word, + pub sh_type: Elf64_Word, + pub sh_flags: Elf64_Xword, + pub sh_addr: Elf64_Addr, + pub sh_offset: Elf64_Off, + pub sh_size: Elf64_Xword, + pub sh_link: Elf64_Word, + pub sh_info: Elf64_Word, + pub sh_addralign: Elf64_Xword, + pub sh_entsize: Elf64_Xword, + } + + pub struct in6_pktinfo { + pub ipi6_addr: ::in6_addr, + pub ipi6_ifindex: ::c_uint, + } + + pub struct inotify_event { + pub wd: ::c_int, + pub mask: u32, + pub cookie: u32, + pub len: u32 + } + + pub struct regmatch_t { + pub rm_so: regoff_t, + pub rm_eo: regoff_t, + } + + pub struct msghdr { + pub msg_name: *mut ::c_void, + pub msg_namelen: ::socklen_t, + pub msg_iov: *mut ::iovec, + pub msg_iovlen: ::c_int, + pub msg_control: *mut ::c_void, + pub msg_controllen: ::socklen_t, + pub msg_flags: ::c_int, + } + + pub struct cmsghdr { + pub cmsg_len: ::socklen_t, + pub cmsg_level: ::c_int, + pub cmsg_type: ::c_int, + } + + pub struct termios { + pub c_iflag: ::tcflag_t, + pub c_oflag: ::tcflag_t, + pub c_cflag: ::tcflag_t, + pub c_lflag: ::tcflag_t, + pub c_cc: [::cc_t; ::NCCS], + __reserved: [::c_uint; 3], + pub c_ispeed: ::speed_t, + pub c_ospeed: ::speed_t, + } + + pub struct mallinfo { + pub arena: ::c_int, + pub ordblks: ::c_int, + pub smblks: ::c_int, + pub hblks: ::c_int, + pub hblkhd: ::c_int, + pub usmblks: ::c_int, + pub fsmblks: ::c_int, + pub uordblks: ::c_int, + pub fordblks: ::c_int, + pub keepcost: ::c_int, + } + + pub struct flock { + pub l_type: i16, + pub l_whence: i16, + pub l_zero1: i32, + pub l_start: ::off_t, + pub l_len: ::off_t, + pub l_pid: ::pid_t, + pub l_sysid: u32, + } + + pub struct statvfs { + pub f_bsize: ::c_ulong, + pub f_frsize: ::c_ulong, + pub f_blocks: ::fsblkcnt_t, + pub f_bfree: ::fsblkcnt_t, + pub f_bavail: ::fsblkcnt_t, + pub f_files: ::fsfilcnt_t, + pub f_ffree: ::fsfilcnt_t, + pub f_favail: ::fsfilcnt_t, + pub f_fsid: ::c_ulong, + pub f_basetype: [::c_char; 16], + pub f_flag: ::c_ulong, + pub f_namemax: ::c_ulong, + f_filler: [::c_uint; 21], + } + + pub struct aiocb { + pub aio_fildes: ::c_int, + pub aio_reqprio: ::c_int, + pub aio_offset: off_t, + pub aio_buf: *mut ::c_void, + pub aio_nbytes: ::size_t, + pub aio_sigevent: ::sigevent, + pub aio_lio_opcode: ::c_int, + pub _aio_lio_state: *mut ::c_void, + _aio_pad: [::c_int; 3], + pub _aio_next: *mut ::aiocb, + pub _aio_flag: ::c_uint, + pub _aio_iotype: ::c_uint, + pub _aio_result: ::ssize_t, + pub _aio_error: ::c_uint, + pub _aio_suspend: *mut ::c_void, + pub _aio_plist: *mut ::c_void, + pub _aio_policy: ::c_int, + pub _aio_param: ::__sched_param, + } + + pub struct pthread_attr_t { + __data1: ::c_long, + __data2: [u8; 96] + } + + pub struct ipc_perm { + pub uid: ::uid_t, + pub gid: ::gid_t, + pub cuid: ::uid_t, + pub cgid: ::gid_t, + pub mode: ::mode_t, + pub seq: ::c_uint, + pub key: ::key_t, + _reserved: [::c_int; 4], + } + + pub struct regex_t { + re_magic: ::c_int, + re_nsub: ::size_t, + re_endp: *const ::c_char, + re_g: *mut ::c_void, + } + + pub struct _thread_attr { + pub __flags: ::c_int, + pub __stacksize: ::size_t, + pub __stackaddr: *mut ::c_void, + pub __exitfunc: ::Option, + pub __policy: ::c_int, + pub __param: ::__sched_param, + pub __guardsize: ::c_uint, + pub __prealloc: ::c_uint, + __spare: [::c_int; 2], + } + + pub struct _sync_attr { + pub __protocol: ::c_int, + pub __flags: ::c_int, + pub __prioceiling: ::c_int, + pub __clockid: ::c_int, + pub __count: ::c_int, + __reserved: [::c_int; 3], + } + + pub struct sockcred { + pub sc_uid: ::uid_t, + pub sc_euid: ::uid_t, + pub sc_gid: ::gid_t, + pub sc_egid: ::gid_t, + pub sc_ngroups: ::c_int, + pub sc_groups: [::gid_t; 1], + } + + pub struct bpf_program { + pub bf_len: ::c_uint, + pub bf_insns: *mut ::bpf_insn, + } + + pub struct bpf_stat { + pub bs_recv: u64, + pub bs_drop: u64, + pub bs_capt: u64, + bs_padding: [u64; 13], + } + + pub struct bpf_version { + pub bv_major: ::c_ushort, + pub bv_minor: ::c_ushort, + } + + pub struct bpf_hdr { + pub bh_tstamp: ::timeval, + pub bh_caplen: u32, + pub bh_datalen: u32, + pub bh_hdrlen: u16, + } + + pub struct bpf_insn { + pub code: u16, + pub jt: ::c_uchar, + pub jf: ::c_uchar, + pub k: u32, + } + + pub struct bpf_dltlist { + pub bfl_len: ::c_uint, + pub bfl_list: *mut ::c_uint, + } + + pub struct unpcbid { + pub unp_pid: ::pid_t, + pub unp_euid: ::uid_t, + pub unp_egid: ::gid_t, + } + + pub struct dl_phdr_info { + pub dlpi_addr: ::Elf64_Addr, + pub dlpi_name: *const ::c_char, + pub dlpi_phdr: *const ::Elf64_Phdr, + pub dlpi_phnum: ::Elf64_Half, + } + + #[repr(align(8))] + pub struct ucontext_t { + pub uc_link: *mut ucontext_t, + pub uc_sigmask: ::sigset_t, + pub uc_stack: stack_t, + pub uc_mcontext: mcontext_t, + } +} + +s_no_extra_traits! { + pub struct sockaddr_un { + pub sun_len: u8, + pub sun_family: sa_family_t, + pub sun_path: [::c_char; 104] + } + + pub struct sockaddr_storage { + pub ss_len: u8, + pub ss_family: sa_family_t, + __ss_pad1: [::c_char; 6], + __ss_align: i64, + __ss_pad2: [::c_char; 112], + } + + pub struct utsname { + pub sysname: [::c_char; _SYSNAME_SIZE], + pub nodename: [::c_char; _SYSNAME_SIZE], + pub release: [::c_char; _SYSNAME_SIZE], + pub version: [::c_char; _SYSNAME_SIZE], + pub machine: [::c_char; _SYSNAME_SIZE], + } + + pub struct sigevent { + pub sigev_notify: ::c_int, + __sigev_un1: usize, // union + pub sigev_value: ::sigval, + __sigev_un2: usize, // union + + } + pub struct dirent { + pub d_ino: ::ino_t, + pub d_offset: ::off_t, + pub d_reclen: ::c_short, + pub d_namelen: ::c_short, + pub d_name: [::c_char; 1], // flex array + } + + pub struct dirent_extra { + pub d_datalen: u16, + pub d_type: u16, + pub d_reserved: u32, + } + + pub struct stat { + pub st_ino: ::ino_t, + pub st_size: ::off_t, + pub st_dev: ::dev_t, + pub st_rdev: ::dev_t, + pub st_uid: ::uid_t, + pub st_gid: ::gid_t, + pub __old_st_mtime: ::_Time32t, + pub __old_st_atime: ::_Time32t, + pub __old_st_ctime: ::_Time32t, + pub st_mode: ::mode_t, + pub st_nlink: ::nlink_t, + pub st_blocksize: ::blksize_t, + pub st_nblocks: i32, + pub st_blksize: ::blksize_t, + pub st_blocks: ::blkcnt_t, + pub st_mtim: ::timespec, + pub st_atim: ::timespec, + pub st_ctim: ::timespec, + } + + pub struct sigset_t { + __val: [u32; 2], + } + + pub struct mq_attr { + pub mq_maxmsg: ::c_long, + pub mq_msgsize: ::c_long, + pub mq_flags: ::c_long, + pub mq_curmsgs: ::c_long, + pub mq_sendwait: ::c_long, + pub mq_recvwait: ::c_long, + } + + pub struct msg { + pub msg_next: *mut ::msg, + pub msg_type: ::c_long, + pub msg_ts: ::c_ushort, + pub msg_spot: ::c_short, + _pad: [u8; 4], + } + + pub struct msqid_ds { + pub msg_perm: ::ipc_perm, + pub msg_first: *mut ::msg, + pub msg_last: *mut ::msg, + pub msg_cbytes: ::msglen_t, + pub msg_qnum: ::msgqnum_t, + pub msg_qbytes: ::msglen_t, + pub msg_lspid: ::pid_t, + pub msg_lrpid: ::pid_t, + pub msg_stime: ::time_t, + msg_pad1: ::c_long, + pub msg_rtime: ::time_t, + msg_pad2: ::c_long, + pub msg_ctime: ::time_t, + msg_pad3: ::c_long, + msg_pad4: [::c_long; 4], + } + + pub struct sockaddr_dl { + pub sdl_len: ::c_uchar, + pub sdl_family: ::sa_family_t, + pub sdl_index: u16, + pub sdl_type: ::c_uchar, + pub sdl_nlen: ::c_uchar, + pub sdl_alen: ::c_uchar, + pub sdl_slen: ::c_uchar, + pub sdl_data: [::c_char; 12], + } + + pub struct sync_t { + __u: ::c_uint, // union + pub __owner: ::c_uint, + } + + #[repr(align(4))] + pub struct pthread_barrier_t { // union + __pad: [u8; 28], // union + } + + pub struct pthread_rwlock_t { + pub __active: ::c_int, + pub __blockedwriters: ::c_int, + pub __blockedreaders: ::c_int, + pub __heavy: ::c_int, + pub __lock: ::pthread_mutex_t, // union + pub __rcond: ::pthread_cond_t, // union + pub __wcond: ::pthread_cond_t, // union + pub __owner: ::c_uint, + pub __spare: ::c_uint, + } +} + +cfg_if! { + if #[cfg(feature = "extra_traits")] { + impl PartialEq for sockaddr_un { + fn eq(&self, other: &sockaddr_un) -> bool { + self.sun_len == other.sun_len + && self.sun_family == other.sun_family + && self + .sun_path + .iter() + .zip(other.sun_path.iter()) + .all(|(a,b)| a == b) + } + } + + impl Eq for sockaddr_un {} + + impl ::fmt::Debug for sockaddr_un { + fn fmt(&self, f: &mut ::fmt::Formatter) -> ::fmt::Result { + f.debug_struct("sockaddr_un") + .field("sun_len", &self.sun_len) + .field("sun_family", &self.sun_family) + // FIXME: .field("sun_path", &self.sun_path) + .finish() + } + } + + impl ::hash::Hash for sockaddr_un { + fn hash(&self, state: &mut H) { + self.sun_len.hash(state); + self.sun_family.hash(state); + self.sun_path.hash(state); + } + } + + impl PartialEq for utsname { + fn eq(&self, other: &utsname) -> bool { + self.sysname + .iter() + .zip(other.sysname.iter()) + .all(|(a,b)| a == b) + && self + .nodename + .iter() + .zip(other.nodename.iter()) + .all(|(a,b)| a == b) + && self + .release + .iter() + .zip(other.release.iter()) + .all(|(a,b)| a == b) + && self + .version + .iter() + .zip(other.version.iter()) + .all(|(a,b)| a == b) + && self + .machine + .iter() + .zip(other.machine.iter()) + .all(|(a,b)| a == b) + } + } + + impl Eq for utsname {} + + impl ::fmt::Debug for utsname { + fn fmt(&self, f: &mut ::fmt::Formatter) -> ::fmt::Result { + f.debug_struct("utsname") + // FIXME: .field("sysname", &self.sysname) + // FIXME: .field("nodename", &self.nodename) + // FIXME: .field("release", &self.release) + // FIXME: .field("version", &self.version) + // FIXME: .field("machine", &self.machine) + .finish() + } + } + + impl ::hash::Hash for utsname { + fn hash(&self, state: &mut H) { + self.sysname.hash(state); + self.nodename.hash(state); + self.release.hash(state); + self.version.hash(state); + self.machine.hash(state); + } + } + + impl PartialEq for mq_attr { + fn eq(&self, other: &mq_attr) -> bool { + self.mq_maxmsg == other.mq_maxmsg && + self.mq_msgsize == other.mq_msgsize && + self.mq_flags == other.mq_flags && + self.mq_curmsgs == other.mq_curmsgs && + self.mq_msgsize == other.mq_msgsize && + self.mq_sendwait == other.mq_sendwait && + self.mq_recvwait == other.mq_recvwait + } + } + + impl Eq for mq_attr {} + + impl ::fmt::Debug for mq_attr { + fn fmt(&self, f: &mut ::fmt::Formatter) -> ::fmt::Result { + f.debug_struct("mq_attr") + .field("mq_maxmsg", &self.mq_maxmsg) + .field("mq_msgsize", &self.mq_msgsize) + .field("mq_flags", &self.mq_flags) + .field("mq_curmsgs", &self.mq_curmsgs) + .field("mq_msgsize", &self.mq_msgsize) + .field("mq_sendwait", &self.mq_sendwait) + .field("mq_recvwait", &self.mq_recvwait) + .finish() + } + } + + impl PartialEq for sockaddr_storage { + fn eq(&self, other: &sockaddr_storage) -> bool { + self.ss_len == other.ss_len + && self.ss_family == other.ss_family + && self.__ss_pad1 == other.__ss_pad1 + && self.__ss_align == other.__ss_align + && self + .__ss_pad2 + .iter() + .zip(other.__ss_pad2.iter()) + .all(|(a, b)| a == b) + } + } + + impl Eq for sockaddr_storage {} + + impl ::fmt::Debug for sockaddr_storage { + fn fmt(&self, f: &mut ::fmt::Formatter) -> ::fmt::Result { + f.debug_struct("sockaddr_storage") + .field("ss_len", &self.ss_len) + .field("ss_family", &self.ss_family) + .field("__ss_pad1", &self.__ss_pad1) + .field("__ss_align", &self.__ss_align) + // FIXME: .field("__ss_pad2", &self.__ss_pad2) + .finish() + } + } + + impl ::hash::Hash for sockaddr_storage { + fn hash(&self, state: &mut H) { + self.ss_len.hash(state); + self.ss_family.hash(state); + self.__ss_pad1.hash(state); + self.__ss_align.hash(state); + self.__ss_pad2.hash(state); + } + } + + impl PartialEq for dirent { + fn eq(&self, other: &dirent) -> bool { + self.d_ino == other.d_ino + && self.d_offset == other.d_offset + && self.d_reclen == other.d_reclen + && self.d_namelen == other.d_namelen + && self + .d_name[..self.d_namelen as _] + .iter() + .zip(other.d_name.iter()) + .all(|(a,b)| a == b) + } + } + + impl Eq for dirent {} + + impl ::fmt::Debug for dirent { + fn fmt(&self, f: &mut ::fmt::Formatter) -> ::fmt::Result { + f.debug_struct("dirent") + .field("d_ino", &self.d_ino) + .field("d_offset", &self.d_offset) + .field("d_reclen", &self.d_reclen) + .field("d_namelen", &self.d_namelen) + .field("d_name", &&self.d_name[..self.d_namelen as _]) + .finish() + } + } + + impl ::hash::Hash for dirent { + fn hash(&self, state: &mut H) { + self.d_ino.hash(state); + self.d_offset.hash(state); + self.d_reclen.hash(state); + self.d_namelen.hash(state); + self.d_name[..self.d_namelen as _].hash(state); + } + } + } +} + +pub const _SYSNAME_SIZE: usize = 256 + 1; +pub const RLIM_INFINITY: ::rlim_t = 0xfffffffffffffffd; +pub const O_LARGEFILE: ::c_int = 0o0100000; + +// intentionally not public, only used for fd_set +cfg_if! { + if #[cfg(target_pointer_width = "32")] { + const ULONG_SIZE: usize = 32; + } else if #[cfg(target_pointer_width = "64")] { + const ULONG_SIZE: usize = 64; + } else { + // Unknown target_pointer_width + } +} + +pub const EXIT_FAILURE: ::c_int = 1; +pub const EXIT_SUCCESS: ::c_int = 0; +pub const RAND_MAX: ::c_int = 32767; +pub const EOF: ::c_int = -1; +pub const SEEK_SET: ::c_int = 0; +pub const SEEK_CUR: ::c_int = 1; +pub const SEEK_END: ::c_int = 2; +pub const _IOFBF: ::c_int = 0; +pub const _IONBF: ::c_int = 2; +pub const _IOLBF: ::c_int = 1; + +pub const F_DUPFD: ::c_int = 0; +pub const F_GETFD: ::c_int = 1; +pub const F_SETFD: ::c_int = 2; +pub const F_GETFL: ::c_int = 3; +pub const F_SETFL: ::c_int = 4; + +pub const F_DUPFD_CLOEXEC: ::c_int = 5; + +pub const SIGTRAP: ::c_int = 5; + +pub const CLOCK_REALTIME: ::clockid_t = 0; +pub const CLOCK_MONOTONIC: ::clockid_t = 2; +pub const CLOCK_PROCESS_CPUTIME_ID: ::clockid_t = 3; +pub const CLOCK_THREAD_CPUTIME_ID: ::clockid_t = 4; +pub const TIMER_ABSTIME: ::c_uint = 0x80000000; + +pub const RUSAGE_SELF: ::c_int = 0; + +pub const F_OK: ::c_int = 0; +pub const X_OK: ::c_int = 1; +pub const W_OK: ::c_int = 2; +pub const R_OK: ::c_int = 4; + +pub const STDIN_FILENO: ::c_int = 0; +pub const STDOUT_FILENO: ::c_int = 1; +pub const STDERR_FILENO: ::c_int = 2; + +pub const SIGHUP: ::c_int = 1; +pub const SIGINT: ::c_int = 2; +pub const SIGQUIT: ::c_int = 3; +pub const SIGILL: ::c_int = 4; +pub const SIGABRT: ::c_int = 6; +pub const SIGFPE: ::c_int = 8; +pub const SIGKILL: ::c_int = 9; +pub const SIGSEGV: ::c_int = 11; +pub const SIGPIPE: ::c_int = 13; +pub const SIGALRM: ::c_int = 14; +pub const SIGTERM: ::c_int = 15; + +pub const PROT_NONE: ::c_int = 0x00000000; +pub const PROT_READ: ::c_int = 0x00000100; +pub const PROT_WRITE: ::c_int = 0x00000200; +pub const PROT_EXEC: ::c_int = 0x00000400; + +pub const MAP_FILE: ::c_int = 0; +pub const MAP_SHARED: ::c_int = 1; +pub const MAP_PRIVATE: ::c_int = 2; +pub const MAP_FIXED: ::c_int = 0x10; + +pub const MAP_FAILED: *mut ::c_void = !0 as *mut ::c_void; + +pub const MS_ASYNC: ::c_int = 1; +pub const MS_INVALIDATE: ::c_int = 4; +pub const MS_SYNC: ::c_int = 2; + +pub const SCM_RIGHTS: ::c_int = 0x01; +pub const SCM_TIMESTAMP: ::c_int = 0x02; +pub const SCM_CREDS: ::c_int = 0x04; + +pub const MAP_TYPE: ::c_int = 0x3; + +pub const IFF_UP: ::c_int = 0x00000001; +pub const IFF_BROADCAST: ::c_int = 0x00000002; +pub const IFF_DEBUG: ::c_int = 0x00000004; +pub const IFF_LOOPBACK: ::c_int = 0x00000008; +pub const IFF_POINTOPOINT: ::c_int = 0x00000010; +pub const IFF_NOTRAILERS: ::c_int = 0x00000020; +pub const IFF_RUNNING: ::c_int = 0x00000040; +pub const IFF_NOARP: ::c_int = 0x00000080; +pub const IFF_PROMISC: ::c_int = 0x00000100; +pub const IFF_ALLMULTI: ::c_int = 0x00000200; +pub const IFF_MULTICAST: ::c_int = 0x00008000; + +pub const AF_UNSPEC: ::c_int = 0; +pub const AF_UNIX: ::c_int = AF_LOCAL; +pub const AF_LOCAL: ::c_int = 1; +pub const AF_INET: ::c_int = 2; +pub const AF_IPX: ::c_int = 23; +pub const AF_APPLETALK: ::c_int = 16; +pub const AF_INET6: ::c_int = 24; +pub const AF_ROUTE: ::c_int = 17; +pub const AF_SNA: ::c_int = 11; +pub const AF_BLUETOOTH: ::c_int = 31; +pub const AF_ISDN: ::c_int = 26; + +pub const PF_UNSPEC: ::c_int = AF_UNSPEC; +pub const PF_UNIX: ::c_int = PF_LOCAL; +pub const PF_LOCAL: ::c_int = AF_LOCAL; +pub const PF_INET: ::c_int = AF_INET; +pub const PF_IPX: ::c_int = AF_IPX; +pub const PF_APPLETALK: ::c_int = AF_APPLETALK; +pub const PF_INET6: ::c_int = AF_INET6; +pub const pseudo_AF_KEY: ::c_int = 29; +pub const PF_KEY: ::c_int = pseudo_AF_KEY; +pub const PF_ROUTE: ::c_int = AF_ROUTE; +pub const PF_SNA: ::c_int = AF_SNA; + +pub const PF_BLUETOOTH: ::c_int = AF_BLUETOOTH; +pub const PF_ISDN: ::c_int = AF_ISDN; + +pub const SOMAXCONN: ::c_int = 128; + +pub const MSG_OOB: ::c_int = 0x0001; +pub const MSG_PEEK: ::c_int = 0x0002; +pub const MSG_DONTROUTE: ::c_int = 0x0004; +pub const MSG_CTRUNC: ::c_int = 0x0020; +pub const MSG_TRUNC: ::c_int = 0x0010; +pub const MSG_DONTWAIT: ::c_int = 0x0080; +pub const MSG_EOR: ::c_int = 0x0008; +pub const MSG_WAITALL: ::c_int = 0x0040; +pub const MSG_NOSIGNAL: ::c_int = 0x0800; +pub const MSG_WAITFORONE: ::c_int = 0x2000; + +pub const IP_TOS: ::c_int = 3; +pub const IP_TTL: ::c_int = 4; +pub const IP_HDRINCL: ::c_int = 2; +pub const IP_OPTIONS: ::c_int = 1; +pub const IP_RECVOPTS: ::c_int = 5; +pub const IP_RETOPTS: ::c_int = 8; +pub const IP_PKTINFO: ::c_int = 25; +pub const IP_IPSEC_POLICY_COMPAT: ::c_int = 22; +pub const IP_MULTICAST_IF: ::c_int = 9; +pub const IP_MULTICAST_TTL: ::c_int = 10; +pub const IP_MULTICAST_LOOP: ::c_int = 11; +pub const IP_ADD_MEMBERSHIP: ::c_int = 12; +pub const IP_DROP_MEMBERSHIP: ::c_int = 13; +pub const IP_DEFAULT_MULTICAST_TTL: ::c_int = 1; +pub const IP_DEFAULT_MULTICAST_LOOP: ::c_int = 1; + +pub const IPPROTO_HOPOPTS: ::c_int = 0; +pub const IPPROTO_IGMP: ::c_int = 2; +pub const IPPROTO_IPIP: ::c_int = 4; +pub const IPPROTO_EGP: ::c_int = 8; +pub const IPPROTO_PUP: ::c_int = 12; +pub const IPPROTO_IDP: ::c_int = 22; +pub const IPPROTO_TP: ::c_int = 29; +pub const IPPROTO_ROUTING: ::c_int = 43; +pub const IPPROTO_FRAGMENT: ::c_int = 44; +pub const IPPROTO_RSVP: ::c_int = 46; +pub const IPPROTO_GRE: ::c_int = 47; +pub const IPPROTO_ESP: ::c_int = 50; +pub const IPPROTO_AH: ::c_int = 51; +pub const IPPROTO_NONE: ::c_int = 59; +pub const IPPROTO_DSTOPTS: ::c_int = 60; +pub const IPPROTO_ENCAP: ::c_int = 98; +pub const IPPROTO_PIM: ::c_int = 103; +pub const IPPROTO_SCTP: ::c_int = 132; +pub const IPPROTO_RAW: ::c_int = 255; +pub const IPPROTO_MAX: ::c_int = 256; +pub const IPPROTO_CARP: ::c_int = 112; +pub const IPPROTO_DIVERT: ::c_int = 259; +pub const IPPROTO_DONE: ::c_int = 257; +pub const IPPROTO_EON: ::c_int = 80; +pub const IPPROTO_ETHERIP: ::c_int = 97; +pub const IPPROTO_GGP: ::c_int = 3; +pub const IPPROTO_IPCOMP: ::c_int = 108; +pub const IPPROTO_MOBILE: ::c_int = 55; + +pub const IPV6_RTHDR_LOOSE: ::c_int = 0; +pub const IPV6_RTHDR_STRICT: ::c_int = 1; +pub const IPV6_UNICAST_HOPS: ::c_int = 4; +pub const IPV6_MULTICAST_IF: ::c_int = 9; +pub const IPV6_MULTICAST_HOPS: ::c_int = 10; +pub const IPV6_MULTICAST_LOOP: ::c_int = 11; +pub const IPV6_JOIN_GROUP: ::c_int = 12; +pub const IPV6_LEAVE_GROUP: ::c_int = 13; +pub const IPV6_CHECKSUM: ::c_int = 26; +pub const IPV6_V6ONLY: ::c_int = 27; +pub const IPV6_IPSEC_POLICY_COMPAT: ::c_int = 28; +pub const IPV6_RTHDRDSTOPTS: ::c_int = 35; +pub const IPV6_RECVPKTINFO: ::c_int = 36; +pub const IPV6_RECVHOPLIMIT: ::c_int = 37; +pub const IPV6_RECVRTHDR: ::c_int = 38; +pub const IPV6_RECVHOPOPTS: ::c_int = 39; +pub const IPV6_RECVDSTOPTS: ::c_int = 40; +pub const IPV6_RECVPATHMTU: ::c_int = 43; +pub const IPV6_PATHMTU: ::c_int = 44; +pub const IPV6_PKTINFO: ::c_int = 46; +pub const IPV6_HOPLIMIT: ::c_int = 47; +pub const IPV6_NEXTHOP: ::c_int = 48; +pub const IPV6_HOPOPTS: ::c_int = 49; +pub const IPV6_DSTOPTS: ::c_int = 50; +pub const IPV6_RECVTCLASS: ::c_int = 57; +pub const IPV6_TCLASS: ::c_int = 61; +pub const IPV6_DONTFRAG: ::c_int = 62; + +pub const TCP_NODELAY: ::c_int = 0x01; +pub const TCP_MAXSEG: ::c_int = 0x02; +pub const TCP_MD5SIG: ::c_int = 0x10; +pub const TCP_KEEPALIVE: ::c_int = 0x04; + +pub const SHUT_RD: ::c_int = 0; +pub const SHUT_WR: ::c_int = 1; +pub const SHUT_RDWR: ::c_int = 2; + +pub const LOCK_SH: ::c_int = 0x1; +pub const LOCK_EX: ::c_int = 0x2; +pub const LOCK_NB: ::c_int = 0x4; +pub const LOCK_UN: ::c_int = 0x8; + +pub const SS_ONSTACK: ::c_int = 1; +pub const SS_DISABLE: ::c_int = 2; + +pub const PATH_MAX: ::c_int = 1024; + +pub const UIO_MAXIOV: ::c_int = 1024; + +pub const FD_SETSIZE: usize = 256; + +pub const TCIOFF: ::c_int = 0x0002; +pub const TCION: ::c_int = 0x0003; +pub const TCOOFF: ::c_int = 0x0000; +pub const TCOON: ::c_int = 0x0001; +pub const TCIFLUSH: ::c_int = 0; +pub const TCOFLUSH: ::c_int = 1; +pub const TCIOFLUSH: ::c_int = 2; +pub const NL0: ::tcflag_t = 0x000; +pub const NL1: ::tcflag_t = 0x100; +pub const TAB0: ::tcflag_t = 0x0000; +pub const CR0: ::tcflag_t = 0x000; +pub const FF0: ::tcflag_t = 0x0000; +pub const BS0: ::tcflag_t = 0x0000; +pub const VT0: ::tcflag_t = 0x0000; +pub const VERASE: usize = 2; +pub const VKILL: usize = 3; +pub const VINTR: usize = 0; +pub const VQUIT: usize = 1; +pub const VLNEXT: usize = 15; +pub const IGNBRK: ::tcflag_t = 0x00000001; +pub const BRKINT: ::tcflag_t = 0x00000002; +pub const IGNPAR: ::tcflag_t = 0x00000004; +pub const PARMRK: ::tcflag_t = 0x00000008; +pub const INPCK: ::tcflag_t = 0x00000010; +pub const ISTRIP: ::tcflag_t = 0x00000020; +pub const INLCR: ::tcflag_t = 0x00000040; +pub const IGNCR: ::tcflag_t = 0x00000080; +pub const ICRNL: ::tcflag_t = 0x00000100; +pub const IXANY: ::tcflag_t = 0x00000800; +pub const IMAXBEL: ::tcflag_t = 0x00002000; +pub const OPOST: ::tcflag_t = 0x00000001; +pub const CS5: ::tcflag_t = 0x00; +pub const ECHO: ::tcflag_t = 0x00000008; +pub const OCRNL: ::tcflag_t = 0x00000008; +pub const ONOCR: ::tcflag_t = 0x00000010; +pub const ONLRET: ::tcflag_t = 0x00000020; +pub const OFILL: ::tcflag_t = 0x00000040; +pub const OFDEL: ::tcflag_t = 0x00000080; + +pub const WNOHANG: ::c_int = 0x0040; +pub const WUNTRACED: ::c_int = 0x0004; +pub const WSTOPPED: ::c_int = WUNTRACED; +pub const WEXITED: ::c_int = 0x0001; +pub const WCONTINUED: ::c_int = 0x0008; +pub const WNOWAIT: ::c_int = 0x0080; +pub const WTRAPPED: ::c_int = 0x0002; + +pub const RTLD_LOCAL: ::c_int = 0x0200; +pub const RTLD_LAZY: ::c_int = 0x0001; + +pub const POSIX_FADV_NORMAL: ::c_int = 0; +pub const POSIX_FADV_RANDOM: ::c_int = 2; +pub const POSIX_FADV_SEQUENTIAL: ::c_int = 1; +pub const POSIX_FADV_WILLNEED: ::c_int = 3; + +pub const AT_FDCWD: ::c_int = -100; +pub const AT_EACCESS: ::c_int = 0x0001; +pub const AT_SYMLINK_NOFOLLOW: ::c_int = 0x0002; +pub const AT_SYMLINK_FOLLOW: ::c_int = 0x0004; +pub const AT_REMOVEDIR: ::c_int = 0x0008; + +pub const LOG_CRON: ::c_int = 9 << 3; +pub const LOG_AUTHPRIV: ::c_int = 10 << 3; +pub const LOG_FTP: ::c_int = 11 << 3; +pub const LOG_PERROR: ::c_int = 0x20; + +pub const PIPE_BUF: usize = 5120; + +pub const CLD_EXITED: ::c_int = 1; +pub const CLD_KILLED: ::c_int = 2; +pub const CLD_DUMPED: ::c_int = 3; +pub const CLD_TRAPPED: ::c_int = 4; +pub const CLD_STOPPED: ::c_int = 5; +pub const CLD_CONTINUED: ::c_int = 6; + +pub const UTIME_OMIT: c_long = 0x40000002; +pub const UTIME_NOW: c_long = 0x40000001; + +pub const POLLIN: ::c_short = POLLRDNORM | POLLRDBAND; +pub const POLLPRI: ::c_short = 0x0008; +pub const POLLOUT: ::c_short = 0x0002; +pub const POLLERR: ::c_short = 0x0020; +pub const POLLHUP: ::c_short = 0x0040; +pub const POLLNVAL: ::c_short = 0x1000; +pub const POLLRDNORM: ::c_short = 0x0001; +pub const POLLRDBAND: ::c_short = 0x0004; + +pub const IPTOS_LOWDELAY: u8 = 0x10; +pub const IPTOS_THROUGHPUT: u8 = 0x08; +pub const IPTOS_RELIABILITY: u8 = 0x04; +pub const IPTOS_MINCOST: u8 = 0x02; + +pub const IPTOS_PREC_NETCONTROL: u8 = 0xe0; +pub const IPTOS_PREC_INTERNETCONTROL: u8 = 0xc0; +pub const IPTOS_PREC_CRITIC_ECP: u8 = 0xa0; +pub const IPTOS_PREC_FLASHOVERRIDE: u8 = 0x80; +pub const IPTOS_PREC_FLASH: u8 = 0x60; +pub const IPTOS_PREC_IMMEDIATE: u8 = 0x40; +pub const IPTOS_PREC_PRIORITY: u8 = 0x20; +pub const IPTOS_PREC_ROUTINE: u8 = 0x00; + +pub const IPTOS_ECN_MASK: u8 = 0x03; +pub const IPTOS_ECN_ECT1: u8 = 0x01; +pub const IPTOS_ECN_ECT0: u8 = 0x02; +pub const IPTOS_ECN_CE: u8 = 0x03; + +pub const IPOPT_CONTROL: u8 = 0x00; +pub const IPOPT_RESERVED1: u8 = 0x20; +pub const IPOPT_RESERVED2: u8 = 0x60; +pub const IPOPT_LSRR: u8 = 131; +pub const IPOPT_RR: u8 = 7; +pub const IPOPT_SSRR: u8 = 137; +pub const IPDEFTTL: u8 = 64; +pub const IPOPT_OPTVAL: u8 = 0; +pub const IPOPT_OLEN: u8 = 1; +pub const IPOPT_OFFSET: u8 = 2; +pub const IPOPT_MINOFF: u8 = 4; +pub const IPOPT_NOP: u8 = 1; +pub const IPOPT_EOL: u8 = 0; +pub const IPOPT_TS: u8 = 68; +pub const IPOPT_TS_TSONLY: u8 = 0; +pub const IPOPT_TS_TSANDADDR: u8 = 1; +pub const IPOPT_TS_PRESPEC: u8 = 3; + +pub const MAX_IPOPTLEN: u8 = 40; +pub const IPVERSION: u8 = 4; +pub const MAXTTL: u8 = 255; + +pub const ARPHRD_ETHER: u16 = 1; +pub const ARPHRD_IEEE802: u16 = 6; +pub const ARPHRD_ARCNET: u16 = 7; +pub const ARPHRD_IEEE1394: u16 = 24; + +pub const SOL_SOCKET: ::c_int = 0xffff; + +pub const SO_DEBUG: ::c_int = 0x0001; +pub const SO_REUSEADDR: ::c_int = 0x0004; +pub const SO_TYPE: ::c_int = 0x1008; +pub const SO_ERROR: ::c_int = 0x1007; +pub const SO_DONTROUTE: ::c_int = 0x0010; +pub const SO_BROADCAST: ::c_int = 0x0020; +pub const SO_SNDBUF: ::c_int = 0x1001; +pub const SO_RCVBUF: ::c_int = 0x1002; +pub const SO_KEEPALIVE: ::c_int = 0x0008; +pub const SO_OOBINLINE: ::c_int = 0x0100; +pub const SO_LINGER: ::c_int = 0x0080; +pub const SO_REUSEPORT: ::c_int = 0x0200; +pub const SO_RCVLOWAT: ::c_int = 0x1004; +pub const SO_SNDLOWAT: ::c_int = 0x1003; +pub const SO_RCVTIMEO: ::c_int = 0x1006; +pub const SO_SNDTIMEO: ::c_int = 0x1005; +pub const SO_BINDTODEVICE: ::c_int = 0x0800; +pub const SO_TIMESTAMP: ::c_int = 0x0400; +pub const SO_ACCEPTCONN: ::c_int = 0x0002; + +pub const TIOCM_LE: ::c_int = 0x0100; +pub const TIOCM_DTR: ::c_int = 0x0001; +pub const TIOCM_RTS: ::c_int = 0x0002; +pub const TIOCM_ST: ::c_int = 0x0200; +pub const TIOCM_SR: ::c_int = 0x0400; +pub const TIOCM_CTS: ::c_int = 0x1000; +pub const TIOCM_CAR: ::c_int = TIOCM_CD; +pub const TIOCM_CD: ::c_int = 0x8000; +pub const TIOCM_RNG: ::c_int = TIOCM_RI; +pub const TIOCM_RI: ::c_int = 0x4000; +pub const TIOCM_DSR: ::c_int = 0x2000; + +pub const SCHED_OTHER: ::c_int = 3; +pub const SCHED_FIFO: ::c_int = 1; +pub const SCHED_RR: ::c_int = 2; + +pub const IPC_PRIVATE: ::key_t = 0; + +pub const IPC_CREAT: ::c_int = 0o001000; +pub const IPC_EXCL: ::c_int = 0o002000; +pub const IPC_NOWAIT: ::c_int = 0o004000; + +pub const IPC_RMID: ::c_int = 0; +pub const IPC_SET: ::c_int = 1; +pub const IPC_STAT: ::c_int = 2; + +pub const MSG_NOERROR: ::c_int = 0o010000; + +pub const LOG_NFACILITIES: ::c_int = 24; + +pub const SEM_FAILED: *mut ::sem_t = 0xFFFFFFFFFFFFFFFF as *mut sem_t; + +pub const AI_PASSIVE: ::c_int = 0x00000001; +pub const AI_CANONNAME: ::c_int = 0x00000002; +pub const AI_NUMERICHOST: ::c_int = 0x00000004; + +pub const AI_NUMERICSERV: ::c_int = 0x00000008; + +pub const EAI_BADFLAGS: ::c_int = 3; +pub const EAI_NONAME: ::c_int = 8; +pub const EAI_AGAIN: ::c_int = 2; +pub const EAI_FAIL: ::c_int = 4; +pub const EAI_NODATA: ::c_int = 7; +pub const EAI_FAMILY: ::c_int = 5; +pub const EAI_SOCKTYPE: ::c_int = 10; +pub const EAI_SERVICE: ::c_int = 9; +pub const EAI_MEMORY: ::c_int = 6; +pub const EAI_SYSTEM: ::c_int = 11; +pub const EAI_OVERFLOW: ::c_int = 14; + +pub const NI_NUMERICHOST: ::c_int = 0x00000002; +pub const NI_NUMERICSERV: ::c_int = 0x00000008; +pub const NI_NOFQDN: ::c_int = 0x00000001; +pub const NI_NAMEREQD: ::c_int = 0x00000004; +pub const NI_DGRAM: ::c_int = 0x00000010; + +pub const AIO_CANCELED: ::c_int = 0; +pub const AIO_NOTCANCELED: ::c_int = 2; +pub const AIO_ALLDONE: ::c_int = 1; +pub const LIO_READ: ::c_int = 1; +pub const LIO_WRITE: ::c_int = 2; +pub const LIO_NOP: ::c_int = 0; +pub const LIO_WAIT: ::c_int = 1; +pub const LIO_NOWAIT: ::c_int = 0; + +pub const ITIMER_REAL: ::c_int = 0; +pub const ITIMER_VIRTUAL: ::c_int = 1; +pub const ITIMER_PROF: ::c_int = 2; + +pub const POSIX_SPAWN_RESETIDS: ::c_int = 0x00000010; +pub const POSIX_SPAWN_SETPGROUP: ::c_int = 0x00000001; +pub const POSIX_SPAWN_SETSIGDEF: ::c_int = 0x00000004; +pub const POSIX_SPAWN_SETSIGMASK: ::c_int = 0x00000002; +pub const POSIX_SPAWN_SETSCHEDPARAM: ::c_int = 0x00000400; +pub const POSIX_SPAWN_SETSCHEDULER: ::c_int = 0x00000040; + +pub const IPTOS_ECN_NOT_ECT: u8 = 0x00; + +pub const RTF_UP: ::c_ushort = 0x0001; +pub const RTF_GATEWAY: ::c_ushort = 0x0002; + +pub const RTF_HOST: ::c_ushort = 0x0004; +pub const RTF_DYNAMIC: ::c_ushort = 0x0010; +pub const RTF_MODIFIED: ::c_ushort = 0x0020; +pub const RTF_REJECT: ::c_ushort = 0x0008; +pub const RTF_STATIC: ::c_ushort = 0x0800; +pub const RTF_XRESOLVE: ::c_ushort = 0x0200; +pub const RTF_BROADCAST: u32 = 0x80000; +pub const RTM_NEWADDR: u16 = 0xc; +pub const RTM_DELADDR: u16 = 0xd; +pub const RTA_DST: ::c_ushort = 0x1; +pub const RTA_GATEWAY: ::c_ushort = 0x2; + +pub const UDP_ENCAP: ::c_int = 100; + +pub const IN_ACCESS: u32 = 0x00000001; +pub const IN_MODIFY: u32 = 0x00000002; +pub const IN_ATTRIB: u32 = 0x00000004; +pub const IN_CLOSE_WRITE: u32 = 0x00000008; +pub const IN_CLOSE_NOWRITE: u32 = 0x00000010; +pub const IN_CLOSE: u32 = IN_CLOSE_WRITE | IN_CLOSE_NOWRITE; +pub const IN_OPEN: u32 = 0x00000020; +pub const IN_MOVED_FROM: u32 = 0x00000040; +pub const IN_MOVED_TO: u32 = 0x00000080; +pub const IN_MOVE: u32 = IN_MOVED_FROM | IN_MOVED_TO; +pub const IN_CREATE: u32 = 0x00000100; +pub const IN_DELETE: u32 = 0x00000200; +pub const IN_DELETE_SELF: u32 = 0x00000400; +pub const IN_MOVE_SELF: u32 = 0x00000800; +pub const IN_UNMOUNT: u32 = 0x00002000; +pub const IN_Q_OVERFLOW: u32 = 0x00004000; +pub const IN_IGNORED: u32 = 0x00008000; +pub const IN_ONLYDIR: u32 = 0x01000000; +pub const IN_DONT_FOLLOW: u32 = 0x02000000; + +pub const IN_ISDIR: u32 = 0x40000000; +pub const IN_ONESHOT: u32 = 0x80000000; + +pub const REG_EXTENDED: ::c_int = 0o0001; +pub const REG_ICASE: ::c_int = 0o0002; +pub const REG_NEWLINE: ::c_int = 0o0010; +pub const REG_NOSUB: ::c_int = 0o0004; + +pub const REG_NOTBOL: ::c_int = 0o00001; +pub const REG_NOTEOL: ::c_int = 0o00002; + +pub const REG_ENOSYS: ::c_int = 17; +pub const REG_NOMATCH: ::c_int = 1; +pub const REG_BADPAT: ::c_int = 2; +pub const REG_ECOLLATE: ::c_int = 3; +pub const REG_ECTYPE: ::c_int = 4; +pub const REG_EESCAPE: ::c_int = 5; +pub const REG_ESUBREG: ::c_int = 6; +pub const REG_EBRACK: ::c_int = 7; +pub const REG_EPAREN: ::c_int = 8; +pub const REG_EBRACE: ::c_int = 9; +pub const REG_BADBR: ::c_int = 10; +pub const REG_ERANGE: ::c_int = 11; +pub const REG_ESPACE: ::c_int = 12; +pub const REG_BADRPT: ::c_int = 13; + +// errno.h +pub const EOK: ::c_int = 0; +pub const EWOULDBLOCK: ::c_int = EAGAIN; +pub const EPERM: ::c_int = 1; +pub const ENOENT: ::c_int = 2; +pub const ESRCH: ::c_int = 3; +pub const EINTR: ::c_int = 4; +pub const EIO: ::c_int = 5; +pub const ENXIO: ::c_int = 6; +pub const E2BIG: ::c_int = 7; +pub const ENOEXEC: ::c_int = 8; +pub const EBADF: ::c_int = 9; +pub const ECHILD: ::c_int = 10; +pub const EAGAIN: ::c_int = 11; +pub const ENOMEM: ::c_int = 12; +pub const EACCES: ::c_int = 13; +pub const EFAULT: ::c_int = 14; +pub const ENOTBLK: ::c_int = 15; +pub const EBUSY: ::c_int = 16; +pub const EEXIST: ::c_int = 17; +pub const EXDEV: ::c_int = 18; +pub const ENODEV: ::c_int = 19; +pub const ENOTDIR: ::c_int = 20; +pub const EISDIR: ::c_int = 21; +pub const EINVAL: ::c_int = 22; +pub const ENFILE: ::c_int = 23; +pub const EMFILE: ::c_int = 24; +pub const ENOTTY: ::c_int = 25; +pub const ETXTBSY: ::c_int = 26; +pub const EFBIG: ::c_int = 27; +pub const ENOSPC: ::c_int = 28; +pub const ESPIPE: ::c_int = 29; +pub const EROFS: ::c_int = 30; +pub const EMLINK: ::c_int = 31; +pub const EPIPE: ::c_int = 32; +pub const EDOM: ::c_int = 33; +pub const ERANGE: ::c_int = 34; +pub const ENOMSG: ::c_int = 35; +pub const EIDRM: ::c_int = 36; +pub const ECHRNG: ::c_int = 37; +pub const EL2NSYNC: ::c_int = 38; +pub const EL3HLT: ::c_int = 39; +pub const EL3RST: ::c_int = 40; +pub const ELNRNG: ::c_int = 41; +pub const EUNATCH: ::c_int = 42; +pub const ENOCSI: ::c_int = 43; +pub const EL2HLT: ::c_int = 44; +pub const EDEADLK: ::c_int = 45; +pub const ENOLCK: ::c_int = 46; +pub const ECANCELED: ::c_int = 47; +pub const EDQUOT: ::c_int = 49; +pub const EBADE: ::c_int = 50; +pub const EBADR: ::c_int = 51; +pub const EXFULL: ::c_int = 52; +pub const ENOANO: ::c_int = 53; +pub const EBADRQC: ::c_int = 54; +pub const EBADSLT: ::c_int = 55; +pub const EDEADLOCK: ::c_int = 56; +pub const EBFONT: ::c_int = 57; +pub const EOWNERDEAD: ::c_int = 58; +pub const ENOSTR: ::c_int = 60; +pub const ENODATA: ::c_int = 61; +pub const ETIME: ::c_int = 62; +pub const ENOSR: ::c_int = 63; +pub const ENONET: ::c_int = 64; +pub const ENOPKG: ::c_int = 65; +pub const EREMOTE: ::c_int = 66; +pub const ENOLINK: ::c_int = 67; +pub const EADV: ::c_int = 68; +pub const ESRMNT: ::c_int = 69; +pub const ECOMM: ::c_int = 70; +pub const EPROTO: ::c_int = 71; +pub const EMULTIHOP: ::c_int = 74; +pub const EBADMSG: ::c_int = 77; +pub const ENAMETOOLONG: ::c_int = 78; +pub const EOVERFLOW: ::c_int = 79; +pub const ENOTUNIQ: ::c_int = 80; +pub const EBADFD: ::c_int = 81; +pub const EREMCHG: ::c_int = 82; +pub const ELIBACC: ::c_int = 83; +pub const ELIBBAD: ::c_int = 84; +pub const ELIBSCN: ::c_int = 85; +pub const ELIBMAX: ::c_int = 86; +pub const ELIBEXEC: ::c_int = 87; +pub const EILSEQ: ::c_int = 88; +pub const ENOSYS: ::c_int = 89; +pub const ELOOP: ::c_int = 90; +pub const ERESTART: ::c_int = 91; +pub const ESTRPIPE: ::c_int = 92; +pub const ENOTEMPTY: ::c_int = 93; +pub const EUSERS: ::c_int = 94; +pub const ENOTRECOVERABLE: ::c_int = 95; +pub const EOPNOTSUPP: ::c_int = 103; +pub const EFPOS: ::c_int = 110; +pub const ESTALE: ::c_int = 122; +pub const EINPROGRESS: ::c_int = 236; +pub const EALREADY: ::c_int = 237; +pub const ENOTSOCK: ::c_int = 238; +pub const EDESTADDRREQ: ::c_int = 239; +pub const EMSGSIZE: ::c_int = 240; +pub const EPROTOTYPE: ::c_int = 241; +pub const ENOPROTOOPT: ::c_int = 242; +pub const EPROTONOSUPPORT: ::c_int = 243; +pub const ESOCKTNOSUPPORT: ::c_int = 244; +pub const EPFNOSUPPORT: ::c_int = 246; +pub const EAFNOSUPPORT: ::c_int = 247; +pub const EADDRINUSE: ::c_int = 248; +pub const EADDRNOTAVAIL: ::c_int = 249; +pub const ENETDOWN: ::c_int = 250; +pub const ENETUNREACH: ::c_int = 251; +pub const ENETRESET: ::c_int = 252; +pub const ECONNABORTED: ::c_int = 253; +pub const ECONNRESET: ::c_int = 254; +pub const ENOBUFS: ::c_int = 255; +pub const EISCONN: ::c_int = 256; +pub const ENOTCONN: ::c_int = 257; +pub const ESHUTDOWN: ::c_int = 258; +pub const ETOOMANYREFS: ::c_int = 259; +pub const ETIMEDOUT: ::c_int = 260; +pub const ECONNREFUSED: ::c_int = 261; +pub const EHOSTDOWN: ::c_int = 264; +pub const EHOSTUNREACH: ::c_int = 265; +pub const EBADRPC: ::c_int = 272; +pub const ERPCMISMATCH: ::c_int = 273; +pub const EPROGUNAVAIL: ::c_int = 274; +pub const EPROGMISMATCH: ::c_int = 275; +pub const EPROCUNAVAIL: ::c_int = 276; +pub const ENOREMOTE: ::c_int = 300; +pub const ENONDP: ::c_int = 301; +pub const EBADFSYS: ::c_int = 302; +pub const EMORE: ::c_int = 309; +pub const ECTRLTERM: ::c_int = 310; +pub const ENOLIC: ::c_int = 311; +pub const ESRVRFAULT: ::c_int = 312; +pub const EENDIAN: ::c_int = 313; +pub const ESECTYPEINVAL: ::c_int = 314; + +pub const RUSAGE_CHILDREN: ::c_int = -1; +pub const L_tmpnam: ::c_uint = 255; + +pub const _PC_LINK_MAX: ::c_int = 1; +pub const _PC_MAX_CANON: ::c_int = 2; +pub const _PC_MAX_INPUT: ::c_int = 3; +pub const _PC_NAME_MAX: ::c_int = 4; +pub const _PC_PATH_MAX: ::c_int = 5; +pub const _PC_PIPE_BUF: ::c_int = 6; +pub const _PC_CHOWN_RESTRICTED: ::c_int = 9; +pub const _PC_NO_TRUNC: ::c_int = 7; +pub const _PC_VDISABLE: ::c_int = 8; +pub const _PC_SYNC_IO: ::c_int = 14; +pub const _PC_ASYNC_IO: ::c_int = 12; +pub const _PC_PRIO_IO: ::c_int = 13; +pub const _PC_SOCK_MAXBUF: ::c_int = 15; +pub const _PC_FILESIZEBITS: ::c_int = 16; +pub const _PC_REC_INCR_XFER_SIZE: ::c_int = 22; +pub const _PC_REC_MAX_XFER_SIZE: ::c_int = 23; +pub const _PC_REC_MIN_XFER_SIZE: ::c_int = 24; +pub const _PC_REC_XFER_ALIGN: ::c_int = 25; +pub const _PC_ALLOC_SIZE_MIN: ::c_int = 21; +pub const _PC_SYMLINK_MAX: ::c_int = 17; +pub const _PC_2_SYMLINKS: ::c_int = 20; + +pub const _SC_PAGE_SIZE: ::c_int = _SC_PAGESIZE; +pub const _SC_ARG_MAX: ::c_int = 1; +pub const _SC_CHILD_MAX: ::c_int = 2; +pub const _SC_CLK_TCK: ::c_int = 3; +pub const _SC_NGROUPS_MAX: ::c_int = 4; +pub const _SC_OPEN_MAX: ::c_int = 5; +pub const _SC_JOB_CONTROL: ::c_int = 6; +pub const _SC_SAVED_IDS: ::c_int = 7; +pub const _SC_VERSION: ::c_int = 8; +pub const _SC_PASS_MAX: ::c_int = 9; +pub const _SC_PAGESIZE: ::c_int = 11; +pub const _SC_XOPEN_VERSION: ::c_int = 12; +pub const _SC_STREAM_MAX: ::c_int = 13; +pub const _SC_TZNAME_MAX: ::c_int = 14; +pub const _SC_AIO_LISTIO_MAX: ::c_int = 15; +pub const _SC_AIO_MAX: ::c_int = 16; +pub const _SC_AIO_PRIO_DELTA_MAX: ::c_int = 17; +pub const _SC_DELAYTIMER_MAX: ::c_int = 18; +pub const _SC_MQ_OPEN_MAX: ::c_int = 19; +pub const _SC_MQ_PRIO_MAX: ::c_int = 20; +pub const _SC_RTSIG_MAX: ::c_int = 21; +pub const _SC_SEM_NSEMS_MAX: ::c_int = 22; +pub const _SC_SEM_VALUE_MAX: ::c_int = 23; +pub const _SC_SIGQUEUE_MAX: ::c_int = 24; +pub const _SC_TIMER_MAX: ::c_int = 25; +pub const _SC_ASYNCHRONOUS_IO: ::c_int = 26; +pub const _SC_FSYNC: ::c_int = 27; +pub const _SC_MAPPED_FILES: ::c_int = 28; +pub const _SC_MEMLOCK: ::c_int = 29; +pub const _SC_MEMLOCK_RANGE: ::c_int = 30; +pub const _SC_MEMORY_PROTECTION: ::c_int = 31; +pub const _SC_MESSAGE_PASSING: ::c_int = 32; +pub const _SC_PRIORITIZED_IO: ::c_int = 33; +pub const _SC_PRIORITY_SCHEDULING: ::c_int = 34; +pub const _SC_REALTIME_SIGNALS: ::c_int = 35; +pub const _SC_SEMAPHORES: ::c_int = 36; +pub const _SC_SHARED_MEMORY_OBJECTS: ::c_int = 37; +pub const _SC_SYNCHRONIZED_IO: ::c_int = 38; +pub const _SC_TIMERS: ::c_int = 39; +pub const _SC_GETGR_R_SIZE_MAX: ::c_int = 40; +pub const _SC_GETPW_R_SIZE_MAX: ::c_int = 41; +pub const _SC_LOGIN_NAME_MAX: ::c_int = 42; +pub const _SC_THREAD_DESTRUCTOR_ITERATIONS: ::c_int = 43; +pub const _SC_THREAD_KEYS_MAX: ::c_int = 44; +pub const _SC_THREAD_STACK_MIN: ::c_int = 45; +pub const _SC_THREAD_THREADS_MAX: ::c_int = 46; +pub const _SC_TTY_NAME_MAX: ::c_int = 47; +pub const _SC_THREADS: ::c_int = 48; +pub const _SC_THREAD_ATTR_STACKADDR: ::c_int = 49; +pub const _SC_THREAD_ATTR_STACKSIZE: ::c_int = 50; +pub const _SC_THREAD_PRIORITY_SCHEDULING: ::c_int = 51; +pub const _SC_THREAD_PRIO_INHERIT: ::c_int = 52; +pub const _SC_THREAD_PRIO_PROTECT: ::c_int = 53; +pub const _SC_THREAD_PROCESS_SHARED: ::c_int = 54; +pub const _SC_THREAD_SAFE_FUNCTIONS: ::c_int = 55; +pub const _SC_2_CHAR_TERM: ::c_int = 56; +pub const _SC_2_C_BIND: ::c_int = 57; +pub const _SC_2_C_DEV: ::c_int = 58; +pub const _SC_2_C_VERSION: ::c_int = 59; +pub const _SC_2_FORT_DEV: ::c_int = 60; +pub const _SC_2_FORT_RUN: ::c_int = 61; +pub const _SC_2_LOCALEDEF: ::c_int = 62; +pub const _SC_2_SW_DEV: ::c_int = 63; +pub const _SC_2_UPE: ::c_int = 64; +pub const _SC_2_VERSION: ::c_int = 65; +pub const _SC_ATEXIT_MAX: ::c_int = 66; +pub const _SC_AVPHYS_PAGES: ::c_int = 67; +pub const _SC_BC_BASE_MAX: ::c_int = 68; +pub const _SC_BC_DIM_MAX: ::c_int = 69; +pub const _SC_BC_SCALE_MAX: ::c_int = 70; +pub const _SC_BC_STRING_MAX: ::c_int = 71; +pub const _SC_CHARCLASS_NAME_MAX: ::c_int = 72; +pub const _SC_CHAR_BIT: ::c_int = 73; +pub const _SC_CHAR_MAX: ::c_int = 74; +pub const _SC_CHAR_MIN: ::c_int = 75; +pub const _SC_COLL_WEIGHTS_MAX: ::c_int = 76; +pub const _SC_EQUIV_CLASS_MAX: ::c_int = 77; +pub const _SC_EXPR_NEST_MAX: ::c_int = 78; +pub const _SC_INT_MAX: ::c_int = 79; +pub const _SC_INT_MIN: ::c_int = 80; +pub const _SC_LINE_MAX: ::c_int = 81; +pub const _SC_LONG_BIT: ::c_int = 82; +pub const _SC_MB_LEN_MAX: ::c_int = 83; +pub const _SC_NL_ARGMAX: ::c_int = 84; +pub const _SC_NL_LANGMAX: ::c_int = 85; +pub const _SC_NL_MSGMAX: ::c_int = 86; +pub const _SC_NL_NMAX: ::c_int = 87; +pub const _SC_NL_SETMAX: ::c_int = 88; +pub const _SC_NL_TEXTMAX: ::c_int = 89; +pub const _SC_NPROCESSORS_CONF: ::c_int = 90; +pub const _SC_NPROCESSORS_ONLN: ::c_int = 91; +pub const _SC_NZERO: ::c_int = 92; +pub const _SC_PHYS_PAGES: ::c_int = 93; +pub const _SC_PII: ::c_int = 94; +pub const _SC_PII_INTERNET: ::c_int = 95; +pub const _SC_PII_INTERNET_DGRAM: ::c_int = 96; +pub const _SC_PII_INTERNET_STREAM: ::c_int = 97; +pub const _SC_PII_OSI: ::c_int = 98; +pub const _SC_PII_OSI_CLTS: ::c_int = 99; +pub const _SC_PII_OSI_COTS: ::c_int = 100; +pub const _SC_PII_OSI_M: ::c_int = 101; +pub const _SC_PII_SOCKET: ::c_int = 102; +pub const _SC_PII_XTI: ::c_int = 103; +pub const _SC_POLL: ::c_int = 104; +pub const _SC_RE_DUP_MAX: ::c_int = 105; +pub const _SC_SCHAR_MAX: ::c_int = 106; +pub const _SC_SCHAR_MIN: ::c_int = 107; +pub const _SC_SELECT: ::c_int = 108; +pub const _SC_SHRT_MAX: ::c_int = 109; +pub const _SC_SHRT_MIN: ::c_int = 110; +pub const _SC_SSIZE_MAX: ::c_int = 111; +pub const _SC_T_IOV_MAX: ::c_int = 112; +pub const _SC_UCHAR_MAX: ::c_int = 113; +pub const _SC_UINT_MAX: ::c_int = 114; +pub const _SC_UIO_MAXIOV: ::c_int = 115; +pub const _SC_ULONG_MAX: ::c_int = 116; +pub const _SC_USHRT_MAX: ::c_int = 117; +pub const _SC_WORD_BIT: ::c_int = 118; +pub const _SC_XOPEN_CRYPT: ::c_int = 119; +pub const _SC_XOPEN_ENH_I18N: ::c_int = 120; +pub const _SC_XOPEN_SHM: ::c_int = 121; +pub const _SC_XOPEN_UNIX: ::c_int = 122; +pub const _SC_XOPEN_XCU_VERSION: ::c_int = 123; +pub const _SC_XOPEN_XPG2: ::c_int = 124; +pub const _SC_XOPEN_XPG3: ::c_int = 125; +pub const _SC_XOPEN_XPG4: ::c_int = 126; +pub const _SC_XBS5_ILP32_OFF32: ::c_int = 127; +pub const _SC_XBS5_ILP32_OFFBIG: ::c_int = 128; +pub const _SC_XBS5_LP64_OFF64: ::c_int = 129; +pub const _SC_XBS5_LPBIG_OFFBIG: ::c_int = 130; +pub const _SC_ADVISORY_INFO: ::c_int = 131; +pub const _SC_CPUTIME: ::c_int = 132; +pub const _SC_SPAWN: ::c_int = 133; +pub const _SC_SPORADIC_SERVER: ::c_int = 134; +pub const _SC_THREAD_CPUTIME: ::c_int = 135; +pub const _SC_THREAD_SPORADIC_SERVER: ::c_int = 136; +pub const _SC_TIMEOUTS: ::c_int = 137; +pub const _SC_BARRIERS: ::c_int = 138; +pub const _SC_CLOCK_SELECTION: ::c_int = 139; +pub const _SC_MONOTONIC_CLOCK: ::c_int = 140; +pub const _SC_READER_WRITER_LOCKS: ::c_int = 141; +pub const _SC_SPIN_LOCKS: ::c_int = 142; +pub const _SC_TYPED_MEMORY_OBJECTS: ::c_int = 143; +pub const _SC_TRACE_EVENT_FILTER: ::c_int = 144; +pub const _SC_TRACE: ::c_int = 145; +pub const _SC_TRACE_INHERIT: ::c_int = 146; +pub const _SC_TRACE_LOG: ::c_int = 147; +pub const _SC_2_PBS: ::c_int = 148; +pub const _SC_2_PBS_ACCOUNTING: ::c_int = 149; +pub const _SC_2_PBS_CHECKPOINT: ::c_int = 150; +pub const _SC_2_PBS_LOCATE: ::c_int = 151; +pub const _SC_2_PBS_MESSAGE: ::c_int = 152; +pub const _SC_2_PBS_TRACK: ::c_int = 153; +pub const _SC_HOST_NAME_MAX: ::c_int = 154; +pub const _SC_IOV_MAX: ::c_int = 155; +pub const _SC_IPV6: ::c_int = 156; +pub const _SC_RAW_SOCKETS: ::c_int = 157; +pub const _SC_REGEXP: ::c_int = 158; +pub const _SC_SHELL: ::c_int = 159; +pub const _SC_SS_REPL_MAX: ::c_int = 160; +pub const _SC_SYMLOOP_MAX: ::c_int = 161; +pub const _SC_TRACE_EVENT_NAME_MAX: ::c_int = 162; +pub const _SC_TRACE_NAME_MAX: ::c_int = 163; +pub const _SC_TRACE_SYS_MAX: ::c_int = 164; +pub const _SC_TRACE_USER_EVENT_MAX: ::c_int = 165; +pub const _SC_V6_ILP32_OFF32: ::c_int = 166; +pub const _SC_V6_ILP32_OFFBIG: ::c_int = 167; +pub const _SC_V6_LP64_OFF64: ::c_int = 168; +pub const _SC_V6_LPBIG_OFFBIG: ::c_int = 169; +pub const _SC_XOPEN_REALTIME: ::c_int = 170; +pub const _SC_XOPEN_REALTIME_THREADS: ::c_int = 171; +pub const _SC_XOPEN_LEGACY: ::c_int = 172; +pub const _SC_XOPEN_STREAMS: ::c_int = 173; +pub const _SC_V7_ILP32_OFF32: ::c_int = 176; +pub const _SC_V7_ILP32_OFFBIG: ::c_int = 177; +pub const _SC_V7_LP64_OFF64: ::c_int = 178; +pub const _SC_V7_LPBIG_OFFBIG: ::c_int = 179; + +pub const GLOB_ERR: ::c_int = 0x0001; +pub const GLOB_MARK: ::c_int = 0x0002; +pub const GLOB_NOSORT: ::c_int = 0x0004; +pub const GLOB_DOOFFS: ::c_int = 0x0008; +pub const GLOB_NOCHECK: ::c_int = 0x0010; +pub const GLOB_APPEND: ::c_int = 0x0020; +pub const GLOB_NOESCAPE: ::c_int = 0x0040; + +pub const GLOB_NOSPACE: ::c_int = 1; +pub const GLOB_ABORTED: ::c_int = 2; +pub const GLOB_NOMATCH: ::c_int = 3; + +pub const S_IEXEC: mode_t = ::S_IXUSR; +pub const S_IWRITE: mode_t = ::S_IWUSR; +pub const S_IREAD: mode_t = ::S_IRUSR; + +pub const S_IFIFO: ::mode_t = 0x1000; +pub const S_IFCHR: ::mode_t = 0x2000; +pub const S_IFDIR: ::mode_t = 0x4000; +pub const S_IFBLK: ::mode_t = 0x6000; +pub const S_IFREG: ::mode_t = 0x8000; +pub const S_IFLNK: ::mode_t = 0xA000; +pub const S_IFSOCK: ::mode_t = 0xC000; +pub const S_IFMT: ::mode_t = 0xF000; + +pub const S_IXOTH: ::mode_t = 0o000001; +pub const S_IWOTH: ::mode_t = 0o000002; +pub const S_IROTH: ::mode_t = 0o000004; +pub const S_IRWXO: ::mode_t = 0o000007; +pub const S_IXGRP: ::mode_t = 0o000010; +pub const S_IWGRP: ::mode_t = 0o000020; +pub const S_IRGRP: ::mode_t = 0o000040; +pub const S_IRWXG: ::mode_t = 0o000070; +pub const S_IXUSR: ::mode_t = 0o000100; +pub const S_IWUSR: ::mode_t = 0o000200; +pub const S_IRUSR: ::mode_t = 0o000400; +pub const S_IRWXU: ::mode_t = 0o000700; + +pub const F_LOCK: ::c_int = 1; +pub const F_TEST: ::c_int = 3; +pub const F_TLOCK: ::c_int = 2; +pub const F_ULOCK: ::c_int = 0; + +pub const ST_RDONLY: ::c_ulong = 0x01; +pub const ST_NOSUID: ::c_ulong = 0x04; +pub const ST_NOEXEC: ::c_ulong = 0x02; +pub const ST_NOATIME: ::c_ulong = 0x20; + +pub const RTLD_NEXT: *mut ::c_void = -3i64 as *mut ::c_void; +pub const RTLD_DEFAULT: *mut ::c_void = -2i64 as *mut ::c_void; +pub const RTLD_NODELETE: ::c_int = 0x1000; +pub const RTLD_NOW: ::c_int = 0x0002; + +pub const EMPTY: ::c_short = 0; +pub const RUN_LVL: ::c_short = 1; +pub const BOOT_TIME: ::c_short = 2; +pub const NEW_TIME: ::c_short = 4; +pub const OLD_TIME: ::c_short = 3; +pub const INIT_PROCESS: ::c_short = 5; +pub const LOGIN_PROCESS: ::c_short = 6; +pub const USER_PROCESS: ::c_short = 7; +pub const DEAD_PROCESS: ::c_short = 8; +pub const ACCOUNTING: ::c_short = 9; + +pub const ENOTSUP: ::c_int = 48; + +pub const BUFSIZ: ::c_uint = 1024; +pub const TMP_MAX: ::c_uint = 26 * 26 * 26; +pub const FOPEN_MAX: ::c_uint = 16; +pub const FILENAME_MAX: ::c_uint = 255; + +pub const NI_MAXHOST: ::socklen_t = 1025; +pub const M_KEEP: ::c_int = 4; +pub const REG_STARTEND: ::c_int = 0o00004; +pub const VEOF: usize = 4; + +pub const RTLD_GLOBAL: ::c_int = 0x0100; +pub const RTLD_NOLOAD: ::c_int = 0x0004; + +pub const O_RDONLY: ::c_int = 0o000000; +pub const O_WRONLY: ::c_int = 0o000001; +pub const O_RDWR: ::c_int = 0o000002; + +pub const O_EXEC: ::c_int = 0o00003; +pub const O_ASYNC: ::c_int = 0o0200000; +pub const O_NDELAY: ::c_int = O_NONBLOCK; +pub const O_TRUNC: ::c_int = 0o001000; +pub const O_CLOEXEC: ::c_int = 0o020000; +pub const O_DIRECTORY: ::c_int = 0o4000000; +pub const O_ACCMODE: ::c_int = 0o000007; +pub const O_APPEND: ::c_int = 0o000010; +pub const O_CREAT: ::c_int = 0o000400; +pub const O_EXCL: ::c_int = 0o002000; +pub const O_NOCTTY: ::c_int = 0o004000; +pub const O_NONBLOCK: ::c_int = 0o000200; +pub const O_SYNC: ::c_int = 0o000040; +pub const O_RSYNC: ::c_int = 0o000100; +pub const O_DSYNC: ::c_int = 0o000020; +pub const O_NOFOLLOW: ::c_int = 0o010000; + +pub const POSIX_FADV_DONTNEED: ::c_int = 4; +pub const POSIX_FADV_NOREUSE: ::c_int = 5; + +pub const SOCK_SEQPACKET: ::c_int = 5; +pub const SOCK_STREAM: ::c_int = 1; +pub const SOCK_DGRAM: ::c_int = 2; +pub const SOCK_RAW: ::c_int = 3; +pub const SOCK_RDM: ::c_int = 4; +pub const SOCK_CLOEXEC: ::c_int = 0x10000000; + +pub const SA_SIGINFO: ::c_int = 0x0002; +pub const SA_NOCLDWAIT: ::c_int = 0x0020; +pub const SA_NODEFER: ::c_int = 0x0010; +pub const SA_RESETHAND: ::c_int = 0x0004; +pub const SA_NOCLDSTOP: ::c_int = 0x0001; + +pub const SIGTTIN: ::c_int = 26; +pub const SIGTTOU: ::c_int = 27; +pub const SIGXCPU: ::c_int = 30; +pub const SIGXFSZ: ::c_int = 31; +pub const SIGVTALRM: ::c_int = 28; +pub const SIGPROF: ::c_int = 29; +pub const SIGWINCH: ::c_int = 20; +pub const SIGCHLD: ::c_int = 18; +pub const SIGBUS: ::c_int = 10; +pub const SIGUSR1: ::c_int = 16; +pub const SIGUSR2: ::c_int = 17; +pub const SIGCONT: ::c_int = 25; +pub const SIGSTOP: ::c_int = 23; +pub const SIGTSTP: ::c_int = 24; +pub const SIGURG: ::c_int = 21; +pub const SIGIO: ::c_int = SIGPOLL; +pub const SIGSYS: ::c_int = 12; +pub const SIGPOLL: ::c_int = 22; +pub const SIGPWR: ::c_int = 19; +pub const SIG_SETMASK: ::c_int = 2; +pub const SIG_BLOCK: ::c_int = 0; +pub const SIG_UNBLOCK: ::c_int = 1; + +pub const POLLWRNORM: ::c_short = ::POLLOUT; +pub const POLLWRBAND: ::c_short = 0x0010; + +pub const F_SETLK: ::c_int = 106; +pub const F_SETLKW: ::c_int = 107; +pub const F_ALLOCSP: ::c_int = 110; +pub const F_FREESP: ::c_int = 111; +pub const F_GETLK: ::c_int = 114; + +pub const F_RDLCK: ::c_int = 1; +pub const F_WRLCK: ::c_int = 2; +pub const F_UNLCK: ::c_int = 3; + +pub const NCCS: usize = 40; + +pub const MAP_ANON: ::c_int = MAP_ANONYMOUS; +pub const MAP_ANONYMOUS: ::c_int = 0x00080000; + +pub const MCL_CURRENT: ::c_int = 0x000000001; +pub const MCL_FUTURE: ::c_int = 0x000000002; + +pub const _TIO_CBAUD: ::tcflag_t = 15; +pub const CBAUD: ::tcflag_t = _TIO_CBAUD; +pub const TAB1: ::tcflag_t = 0x0800; +pub const TAB2: ::tcflag_t = 0x1000; +pub const TAB3: ::tcflag_t = 0x1800; +pub const CR1: ::tcflag_t = 0x200; +pub const CR2: ::tcflag_t = 0x400; +pub const CR3: ::tcflag_t = 0x600; +pub const FF1: ::tcflag_t = 0x8000; +pub const BS1: ::tcflag_t = 0x2000; +pub const VT1: ::tcflag_t = 0x4000; +pub const VWERASE: usize = 14; +pub const VREPRINT: usize = 12; +pub const VSUSP: usize = 10; +pub const VSTART: usize = 8; +pub const VSTOP: usize = 9; +pub const VDISCARD: usize = 13; +pub const VTIME: usize = 17; +pub const IXON: ::tcflag_t = 0x00000400; +pub const IXOFF: ::tcflag_t = 0x00001000; +pub const ONLCR: ::tcflag_t = 0x00000004; +pub const CSIZE: ::tcflag_t = 0x00000030; +pub const CS6: ::tcflag_t = 0x10; +pub const CS7: ::tcflag_t = 0x20; +pub const CS8: ::tcflag_t = 0x30; +pub const CSTOPB: ::tcflag_t = 0x00000040; +pub const CREAD: ::tcflag_t = 0x00000080; +pub const PARENB: ::tcflag_t = 0x00000100; +pub const PARODD: ::tcflag_t = 0x00000200; +pub const HUPCL: ::tcflag_t = 0x00000400; +pub const CLOCAL: ::tcflag_t = 0x00000800; +pub const ECHOKE: ::tcflag_t = 0x00000800; +pub const ECHOE: ::tcflag_t = 0x00000010; +pub const ECHOK: ::tcflag_t = 0x00000020; +pub const ECHONL: ::tcflag_t = 0x00000040; +pub const ECHOCTL: ::tcflag_t = 0x00000200; +pub const ISIG: ::tcflag_t = 0x00000001; +pub const ICANON: ::tcflag_t = 0x00000002; +pub const NOFLSH: ::tcflag_t = 0x00000080; +pub const OLCUC: ::tcflag_t = 0x00000002; +pub const NLDLY: ::tcflag_t = 0x00000100; +pub const CRDLY: ::tcflag_t = 0x00000600; +pub const TABDLY: ::tcflag_t = 0x00001800; +pub const BSDLY: ::tcflag_t = 0x00002000; +pub const FFDLY: ::tcflag_t = 0x00008000; +pub const VTDLY: ::tcflag_t = 0x00004000; +pub const XTABS: ::tcflag_t = 0x1800; + +pub const B0: ::speed_t = 0; +pub const B50: ::speed_t = 1; +pub const B75: ::speed_t = 2; +pub const B110: ::speed_t = 3; +pub const B134: ::speed_t = 4; +pub const B150: ::speed_t = 5; +pub const B200: ::speed_t = 6; +pub const B300: ::speed_t = 7; +pub const B600: ::speed_t = 8; +pub const B1200: ::speed_t = 9; +pub const B1800: ::speed_t = 10; +pub const B2400: ::speed_t = 11; +pub const B4800: ::speed_t = 12; +pub const B9600: ::speed_t = 13; +pub const B19200: ::speed_t = 14; +pub const B38400: ::speed_t = 15; +pub const EXTA: ::speed_t = 14; +pub const EXTB: ::speed_t = 15; +pub const B57600: ::speed_t = 57600; +pub const B115200: ::speed_t = 115200; + +pub const VEOL: usize = 5; +pub const VEOL2: usize = 6; +pub const VMIN: usize = 16; +pub const IEXTEN: ::tcflag_t = 0x00008000; +pub const TOSTOP: ::tcflag_t = 0x00000100; + +pub const TCSANOW: ::c_int = 0x0001; +pub const TCSADRAIN: ::c_int = 0x0002; +pub const TCSAFLUSH: ::c_int = 0x0004; + +pub const HW_MACHINE: ::c_int = 1; +pub const HW_MODEL: ::c_int = 2; +pub const HW_NCPU: ::c_int = 3; +pub const HW_BYTEORDER: ::c_int = 4; +pub const HW_PHYSMEM: ::c_int = 5; +pub const HW_USERMEM: ::c_int = 6; +pub const HW_PAGESIZE: ::c_int = 7; +pub const HW_DISKNAMES: ::c_int = 8; +pub const HW_IOSTATS: ::c_int = 9; +pub const HW_MACHINE_ARCH: ::c_int = 10; +pub const HW_ALIGNBYTES: ::c_int = 11; +pub const HW_CNMAGIC: ::c_int = 12; +pub const HW_PHYSMEM64: ::c_int = 13; +pub const HW_USERMEM64: ::c_int = 14; +pub const HW_IOSTATNAMES: ::c_int = 15; +pub const HW_MAXID: ::c_int = 15; + +pub const CTL_UNSPEC: ::c_int = 0; +pub const CTL_KERN: ::c_int = 1; +pub const CTL_VM: ::c_int = 2; +pub const CTL_VFS: ::c_int = 3; +pub const CTL_NET: ::c_int = 4; +pub const CTL_DEBUG: ::c_int = 5; +pub const CTL_HW: ::c_int = 6; +pub const CTL_MACHDEP: ::c_int = 7; +pub const CTL_USER: ::c_int = 8; +pub const CTL_QNX: ::c_int = 9; +pub const CTL_PROC: ::c_int = 10; +pub const CTL_VENDOR: ::c_int = 11; +pub const CTL_EMUL: ::c_int = 12; +pub const CTL_SECURITY: ::c_int = 13; +pub const CTL_MAXID: ::c_int = 14; + +pub const DAY_1: ::nl_item = 8; +pub const DAY_2: ::nl_item = 9; +pub const DAY_3: ::nl_item = 10; +pub const DAY_4: ::nl_item = 11; +pub const DAY_5: ::nl_item = 12; +pub const DAY_6: ::nl_item = 13; +pub const DAY_7: ::nl_item = 14; + +pub const MON_1: ::nl_item = 22; +pub const MON_2: ::nl_item = 23; +pub const MON_3: ::nl_item = 24; +pub const MON_4: ::nl_item = 25; +pub const MON_5: ::nl_item = 26; +pub const MON_6: ::nl_item = 27; +pub const MON_7: ::nl_item = 28; +pub const MON_8: ::nl_item = 29; +pub const MON_9: ::nl_item = 30; +pub const MON_10: ::nl_item = 31; +pub const MON_11: ::nl_item = 32; +pub const MON_12: ::nl_item = 33; + +pub const ABDAY_1: ::nl_item = 15; +pub const ABDAY_2: ::nl_item = 16; +pub const ABDAY_3: ::nl_item = 17; +pub const ABDAY_4: ::nl_item = 18; +pub const ABDAY_5: ::nl_item = 19; +pub const ABDAY_6: ::nl_item = 20; +pub const ABDAY_7: ::nl_item = 21; + +pub const ABMON_1: ::nl_item = 34; +pub const ABMON_2: ::nl_item = 35; +pub const ABMON_3: ::nl_item = 36; +pub const ABMON_4: ::nl_item = 37; +pub const ABMON_5: ::nl_item = 38; +pub const ABMON_6: ::nl_item = 39; +pub const ABMON_7: ::nl_item = 40; +pub const ABMON_8: ::nl_item = 41; +pub const ABMON_9: ::nl_item = 42; +pub const ABMON_10: ::nl_item = 43; +pub const ABMON_11: ::nl_item = 44; +pub const ABMON_12: ::nl_item = 45; + +pub const AF_ARP: ::c_int = 28; +pub const AF_CCITT: ::c_int = 10; +pub const AF_CHAOS: ::c_int = 5; +pub const AF_CNT: ::c_int = 21; +pub const AF_COIP: ::c_int = 20; +pub const AF_DATAKIT: ::c_int = 9; +pub const AF_DECnet: ::c_int = 12; +pub const AF_DLI: ::c_int = 13; +pub const AF_E164: ::c_int = 26; +pub const AF_ECMA: ::c_int = 8; +pub const AF_HYLINK: ::c_int = 15; +pub const AF_IEEE80211: ::c_int = 32; +pub const AF_IMPLINK: ::c_int = 3; +pub const AF_ISO: ::c_int = 7; +pub const AF_LAT: ::c_int = 14; +pub const AF_LINK: ::c_int = 18; +pub const AF_NATM: ::c_int = 27; +pub const AF_NS: ::c_int = 6; +pub const AF_OSI: ::c_int = 7; +pub const AF_PUP: ::c_int = 4; +pub const ALT_DIGITS: ::nl_item = 50; +pub const AM_STR: ::nl_item = 6; +pub const B76800: ::speed_t = 76800; + +pub const BIOCFLUSH: ::c_int = 17000; +pub const BIOCGBLEN: ::c_int = 1074020966; +pub const BIOCGDLT: ::c_int = 1074020970; +pub const BIOCGDLTLIST: ::c_int = -1072676233; +pub const BIOCGETIF: ::c_int = 1083196011; +pub const BIOCGHDRCMPLT: ::c_int = 1074020980; +pub const BIOCGRTIMEOUT: ::c_int = 1074807406; +pub const BIOCGSEESENT: ::c_int = 1074020984; +pub const BIOCGSTATS: ::c_int = 1082147439; +pub const BIOCIMMEDIATE: ::c_int = -2147204496; +pub const BIOCPROMISC: ::c_int = 17001; +pub const BIOCSBLEN: ::c_int = -1073462682; +pub const BIOCSDLT: ::c_int = -2147204490; +pub const BIOCSETF: ::c_int = -2146418073; +pub const BIOCSETIF: ::c_int = -2138029460; +pub const BIOCSHDRCMPLT: ::c_int = -2147204491; +pub const BIOCSRTIMEOUT: ::c_int = -2146418067; +pub const BIOCSSEESENT: ::c_int = -2147204487; +pub const BIOCVERSION: ::c_int = 1074020977; + +pub const BPF_ALIGNMENT: usize = ::mem::size_of::<::c_long>(); +pub const CHAR_BIT: usize = 8; +pub const CODESET: ::nl_item = 1; +pub const CRNCYSTR: ::nl_item = 55; + +pub const D_FLAG_FILTER: ::c_int = 0x00000001; +pub const D_FLAG_STAT: ::c_int = 0x00000002; +pub const D_FLAG_STAT_FORM_MASK: ::c_int = 0x000000f0; +pub const D_FLAG_STAT_FORM_T32_2001: ::c_int = 0x00000010; +pub const D_FLAG_STAT_FORM_T32_2008: ::c_int = 0x00000020; +pub const D_FLAG_STAT_FORM_T64_2008: ::c_int = 0x00000030; +pub const D_FLAG_STAT_FORM_UNSET: ::c_int = 0x00000000; + +pub const D_FMT: ::nl_item = 3; +pub const D_GETFLAG: ::c_int = 1; +pub const D_SETFLAG: ::c_int = 2; +pub const D_T_FMT: ::nl_item = 2; +pub const ERA: ::nl_item = 46; +pub const ERA_D_FMT: ::nl_item = 47; +pub const ERA_D_T_FMT: ::nl_item = 48; +pub const ERA_T_FMT: ::nl_item = 49; +pub const RADIXCHAR: ::nl_item = 51; +pub const THOUSEP: ::nl_item = 52; +pub const YESEXPR: ::nl_item = 53; +pub const NOEXPR: ::nl_item = 54; +pub const F_GETOWN: ::c_int = 35; + +pub const FIONBIO: ::c_int = -2147195266; +pub const FIOASYNC: ::c_int = -2147195267; +pub const FIOCLEX: ::c_int = 26113; +pub const FIOGETOWN: ::c_int = 1074030203; +pub const FIONCLEX: ::c_int = 26114; +pub const FIONREAD: ::c_int = 1074030207; +pub const FIONSPACE: ::c_int = 1074030200; +pub const FIONWRITE: ::c_int = 1074030201; +pub const FIOSETOWN: ::c_int = -2147195268; + +pub const F_SETOWN: ::c_int = 36; +pub const IFF_ACCEPTRTADV: ::c_int = 0x40000000; +pub const IFF_IP6FORWARDING: ::c_int = 0x20000000; +pub const IFF_LINK0: ::c_int = 0x00001000; +pub const IFF_LINK1: ::c_int = 0x00002000; +pub const IFF_LINK2: ::c_int = 0x00004000; +pub const IFF_OACTIVE: ::c_int = 0x00000400; +pub const IFF_SHIM: ::c_int = 0x80000000; +pub const IFF_SIMPLEX: ::c_int = 0x00000800; +pub const IHFLOW: tcflag_t = 0x00000001; +pub const IIDLE: tcflag_t = 0x00000008; +pub const IP_RECVDSTADDR: ::c_int = 7; +pub const IP_RECVIF: ::c_int = 20; +pub const IPTOS_ECN_NOTECT: u8 = 0x00; +pub const IUCLC: tcflag_t = 0x00000200; +pub const IUTF8: tcflag_t = 0x0004000; + +pub const KERN_ARGMAX: ::c_int = 8; +pub const KERN_ARND: ::c_int = 81; +pub const KERN_BOOTTIME: ::c_int = 21; +pub const KERN_CLOCKRATE: ::c_int = 12; +pub const KERN_FILE: ::c_int = 15; +pub const KERN_HOSTID: ::c_int = 11; +pub const KERN_HOSTNAME: ::c_int = 10; +pub const KERN_IOV_MAX: ::c_int = 38; +pub const KERN_JOB_CONTROL: ::c_int = 19; +pub const KERN_LOGSIGEXIT: ::c_int = 46; +pub const KERN_MAXFILES: ::c_int = 7; +pub const KERN_MAXID: ::c_int = 83; +pub const KERN_MAXPROC: ::c_int = 6; +pub const KERN_MAXVNODES: ::c_int = 5; +pub const KERN_NGROUPS: ::c_int = 18; +pub const KERN_OSRELEASE: ::c_int = 2; +pub const KERN_OSREV: ::c_int = 3; +pub const KERN_OSTYPE: ::c_int = 1; +pub const KERN_POSIX1: ::c_int = 17; +pub const KERN_PROC: ::c_int = 14; +pub const KERN_PROC_ALL: ::c_int = 0; +pub const KERN_PROC_ARGS: ::c_int = 48; +pub const KERN_PROC_ENV: ::c_int = 3; +pub const KERN_PROC_GID: ::c_int = 7; +pub const KERN_PROC_PGRP: ::c_int = 2; +pub const KERN_PROC_PID: ::c_int = 1; +pub const KERN_PROC_RGID: ::c_int = 8; +pub const KERN_PROC_RUID: ::c_int = 6; +pub const KERN_PROC_SESSION: ::c_int = 3; +pub const KERN_PROC_TTY: ::c_int = 4; +pub const KERN_PROC_UID: ::c_int = 5; +pub const KERN_PROF: ::c_int = 16; +pub const KERN_SAVED_IDS: ::c_int = 20; +pub const KERN_SECURELVL: ::c_int = 9; +pub const KERN_VERSION: ::c_int = 4; +pub const KERN_VNODE: ::c_int = 13; + +pub const LC_ALL: ::c_int = 63; +pub const LC_COLLATE: ::c_int = 1; +pub const LC_CTYPE: ::c_int = 2; +pub const LC_MESSAGES: ::c_int = 32; +pub const LC_MONETARY: ::c_int = 4; +pub const LC_NUMERIC: ::c_int = 8; +pub const LC_TIME: ::c_int = 16; + +pub const LOCAL_CONNWAIT: ::c_int = 0x0002; +pub const LOCAL_CREDS: ::c_int = 0x0001; +pub const LOCAL_PEEREID: ::c_int = 0x0003; + +pub const MAP_STACK: ::c_int = 0x00001000; +pub const MNT_NOEXEC: ::c_int = 0x02; +pub const MNT_NOSUID: ::c_int = 0x04; +pub const MNT_RDONLY: ::c_int = 0x01; + +pub const MSG_NOTIFICATION: ::c_int = 0x0400; + +pub const NET_RT_DUMP: ::c_int = 1; +pub const NET_RT_FLAGS: ::c_int = 2; +pub const NET_RT_IFLIST: ::c_int = 4; +pub const NI_NUMERICSCOPE: ::c_int = 0x00000040; +pub const OHFLOW: tcflag_t = 0x00000002; +pub const P_ALL: idtype_t = 0; +pub const PARSTK: tcflag_t = 0x00000004; +pub const PF_ARP: ::c_int = 28; +pub const PF_CCITT: ::c_int = 10; +pub const PF_CHAOS: ::c_int = 5; +pub const PF_CNT: ::c_int = 21; +pub const PF_COIP: ::c_int = 20; +pub const PF_DATAKIT: ::c_int = 9; +pub const PF_DECnet: ::c_int = 12; +pub const PF_DLI: ::c_int = 13; +pub const PF_ECMA: ::c_int = 8; +pub const PF_HYLINK: ::c_int = 15; +pub const PF_IMPLINK: ::c_int = 3; +pub const PF_ISO: ::c_int = 7; +pub const PF_LAT: ::c_int = 14; +pub const PF_LINK: ::c_int = 18; +pub const PF_NATM: ::c_int = 27; +pub const PF_OSI: ::c_int = 7; +pub const PF_PIP: ::c_int = 25; +pub const PF_PUP: ::c_int = 4; +pub const PF_RTIP: ::c_int = 22; +pub const PF_XTP: ::c_int = 19; +pub const PM_STR: ::nl_item = 7; +pub const POSIX_MADV_DONTNEED: ::c_int = 4; +pub const POSIX_MADV_NORMAL: ::c_int = 0; +pub const POSIX_MADV_RANDOM: ::c_int = 2; +pub const POSIX_MADV_SEQUENTIAL: ::c_int = 1; +pub const POSIX_MADV_WILLNEED: ::c_int = 3; +pub const _POSIX_VDISABLE: ::c_int = 0; +pub const P_PGID: idtype_t = 2; +pub const P_PID: idtype_t = 1; +pub const PRIO_PGRP: ::c_int = 1; +pub const PRIO_PROCESS: ::c_int = 0; +pub const PRIO_USER: ::c_int = 2; +pub const pseudo_AF_HDRCMPLT: ::c_int = 30; +pub const pseudo_AF_PIP: ::c_int = 25; +pub const pseudo_AF_RTIP: ::c_int = 22; +pub const pseudo_AF_XTP: ::c_int = 19; +pub const REG_ASSERT: ::c_int = 15; +pub const REG_ATOI: ::c_int = 255; +pub const REG_BACKR: ::c_int = 0x400; +pub const REG_BASIC: ::c_int = 0x00; +pub const REG_DUMP: ::c_int = 0x80; +pub const REG_EMPTY: ::c_int = 14; +pub const REG_INVARG: ::c_int = 16; +pub const REG_ITOA: ::c_int = 0o400; +pub const REG_LARGE: ::c_int = 0x200; +pub const REG_NOSPEC: ::c_int = 0x10; +pub const REG_OK: ::c_int = 0; +pub const REG_PEND: ::c_int = 0x20; +pub const REG_TRACE: ::c_int = 0x100; + +pub const RLIMIT_AS: ::c_int = 6; +pub const RLIMIT_CORE: ::c_int = 4; +pub const RLIMIT_CPU: ::c_int = 0; +pub const RLIMIT_DATA: ::c_int = 2; +pub const RLIMIT_FSIZE: ::c_int = 1; +pub const RLIMIT_MEMLOCK: ::c_int = 7; +pub const RLIMIT_NOFILE: ::c_int = 5; +pub const RLIMIT_NPROC: ::c_int = 8; +pub const RLIMIT_RSS: ::c_int = 6; +pub const RLIMIT_STACK: ::c_int = 3; +pub const RLIMIT_VMEM: ::c_int = 6; +pub const RLIM_NLIMITS: ::c_int = 14; + +pub const SCHED_ADJTOHEAD: ::c_int = 5; +pub const SCHED_ADJTOTAIL: ::c_int = 6; +pub const SCHED_MAXPOLICY: ::c_int = 7; +pub const SCHED_SETPRIO: ::c_int = 7; +pub const SCHED_SPORADIC: ::c_int = 4; + +pub const SHM_ANON: *mut ::c_char = -1isize as *mut ::c_char; +pub const SIGCLD: ::c_int = SIGCHLD; +pub const SIGDEADLK: ::c_int = 7; +pub const SIGEMT: ::c_int = 7; +pub const SIGEV_NONE: ::c_int = 0; +pub const SIGEV_SIGNAL: ::c_int = 129; +pub const SIGEV_THREAD: ::c_int = 135; +pub const SIOCGIFADDR: ::c_int = -1064277727; +pub const SO_FIB: ::c_int = 0x100a; +pub const SO_OVERFLOWED: ::c_int = 0x1009; +pub const SO_SETFIB: ::c_int = 0x100a; +pub const SO_TXPRIO: ::c_int = 0x100b; +pub const SO_USELOOPBACK: ::c_int = 0x0040; +pub const SO_VLANPRIO: ::c_int = 0x100c; +pub const _SS_ALIGNSIZE: usize = ::mem::size_of::(); +pub const _SS_MAXSIZE: usize = 128; +pub const _SS_PAD1SIZE: usize = _SS_ALIGNSIZE - 2; +pub const _SS_PAD2SIZE: usize = _SS_MAXSIZE - 2 - _SS_PAD1SIZE - _SS_ALIGNSIZE; +pub const TC_CPOSIX: tcflag_t = CLOCAL | CREAD | CSIZE | CSTOPB | HUPCL | PARENB | PARODD; +pub const TCGETS: ::c_int = 0x404c540d; +pub const TC_IPOSIX: tcflag_t = + BRKINT | ICRNL | IGNBRK | IGNPAR | INLCR | INPCK | ISTRIP | IXOFF | IXON | PARMRK; +pub const TC_LPOSIX: tcflag_t = + ECHO | ECHOE | ECHOK | ECHONL | ICANON | IEXTEN | ISIG | NOFLSH | TOSTOP; +pub const TC_OPOSIX: tcflag_t = OPOST; +pub const T_FMT_AMPM: ::nl_item = 5; + +pub const TIOCCBRK: ::c_int = 29818; +pub const TIOCCDTR: ::c_int = 29816; +pub const TIOCDRAIN: ::c_int = 29790; +pub const TIOCEXCL: ::c_int = 29709; +pub const TIOCFLUSH: ::c_int = -2147191792; +pub const TIOCGETA: ::c_int = 1078752275; +pub const TIOCGPGRP: ::c_int = 1074033783; +pub const TIOCGWINSZ: ::c_int = 1074295912; +pub const TIOCMBIC: ::c_int = -2147191701; +pub const TIOCMBIS: ::c_int = -2147191700; +pub const TIOCMGET: ::c_int = 1074033770; +pub const TIOCMSET: ::c_int = -2147191699; +pub const TIOCNOTTY: ::c_int = 29809; +pub const TIOCNXCL: ::c_int = 29710; +pub const TIOCOUTQ: ::c_int = 1074033779; +pub const TIOCPKT: ::c_int = -2147191696; +pub const TIOCPKT_DATA: ::c_int = 0x00; +pub const TIOCPKT_DOSTOP: ::c_int = 0x20; +pub const TIOCPKT_FLUSHREAD: ::c_int = 0x01; +pub const TIOCPKT_FLUSHWRITE: ::c_int = 0x02; +pub const TIOCPKT_IOCTL: ::c_int = 0x40; +pub const TIOCPKT_NOSTOP: ::c_int = 0x10; +pub const TIOCPKT_START: ::c_int = 0x08; +pub const TIOCPKT_STOP: ::c_int = 0x04; +pub const TIOCSBRK: ::c_int = 29819; +pub const TIOCSCTTY: ::c_int = 29793; +pub const TIOCSDTR: ::c_int = 29817; +pub const TIOCSETA: ::c_int = -2142473196; +pub const TIOCSETAF: ::c_int = -2142473194; +pub const TIOCSETAW: ::c_int = -2142473195; +pub const TIOCSPGRP: ::c_int = -2147191690; +pub const TIOCSTART: ::c_int = 29806; +pub const TIOCSTI: ::c_int = -2147388302; +pub const TIOCSTOP: ::c_int = 29807; +pub const TIOCSWINSZ: ::c_int = -2146929561; + +pub const USER_CS_PATH: ::c_int = 1; +pub const USER_BC_BASE_MAX: ::c_int = 2; +pub const USER_BC_DIM_MAX: ::c_int = 3; +pub const USER_BC_SCALE_MAX: ::c_int = 4; +pub const USER_BC_STRING_MAX: ::c_int = 5; +pub const USER_COLL_WEIGHTS_MAX: ::c_int = 6; +pub const USER_EXPR_NEST_MAX: ::c_int = 7; +pub const USER_LINE_MAX: ::c_int = 8; +pub const USER_RE_DUP_MAX: ::c_int = 9; +pub const USER_POSIX2_VERSION: ::c_int = 10; +pub const USER_POSIX2_C_BIND: ::c_int = 11; +pub const USER_POSIX2_C_DEV: ::c_int = 12; +pub const USER_POSIX2_CHAR_TERM: ::c_int = 13; +pub const USER_POSIX2_FORT_DEV: ::c_int = 14; +pub const USER_POSIX2_FORT_RUN: ::c_int = 15; +pub const USER_POSIX2_LOCALEDEF: ::c_int = 16; +pub const USER_POSIX2_SW_DEV: ::c_int = 17; +pub const USER_POSIX2_UPE: ::c_int = 18; +pub const USER_STREAM_MAX: ::c_int = 19; +pub const USER_TZNAME_MAX: ::c_int = 20; +pub const USER_ATEXIT_MAX: ::c_int = 21; +pub const USER_MAXID: ::c_int = 22; + +pub const VDOWN: usize = 31; +pub const VINS: usize = 32; +pub const VDEL: usize = 33; +pub const VRUB: usize = 34; +pub const VCAN: usize = 35; +pub const VHOME: usize = 36; +pub const VEND: usize = 37; +pub const VSPARE3: usize = 38; +pub const VSPARE4: usize = 39; +pub const VSWTCH: usize = 7; +pub const VDSUSP: usize = 11; +pub const VFWD: usize = 18; +pub const VLOGIN: usize = 19; +pub const VPREFIX: usize = 20; +pub const VSUFFIX: usize = 24; +pub const VLEFT: usize = 28; +pub const VRIGHT: usize = 29; +pub const VUP: usize = 30; +pub const XCASE: tcflag_t = 0x00000004; + +pub const PTHREAD_CREATE_JOINABLE: ::c_int = 0x00; +pub const PTHREAD_CREATE_DETACHED: ::c_int = 0x01; + +pub const PTHREAD_MUTEX_ERRORCHECK: ::c_int = 1; +pub const PTHREAD_MUTEX_RECURSIVE: ::c_int = 2; +pub const PTHREAD_MUTEX_NORMAL: ::c_int = 3; +pub const PTHREAD_STACK_MIN: ::size_t = 256; +pub const PTHREAD_MUTEX_DEFAULT: ::c_int = 0; +pub const PTHREAD_MUTEX_STALLED: ::c_int = 0x00; +pub const PTHREAD_MUTEX_ROBUST: ::c_int = 0x10; +pub const PTHREAD_PROCESS_PRIVATE: ::c_int = 0x00; +pub const PTHREAD_PROCESS_SHARED: ::c_int = 0x01; + +pub const PTHREAD_KEYS_MAX: usize = 128; + +pub const PTHREAD_MUTEX_INITIALIZER: pthread_mutex_t = pthread_mutex_t { + __u: 0x80000000, + __owner: 0xffffffff, +}; +pub const PTHREAD_COND_INITIALIZER: pthread_cond_t = pthread_cond_t { + __u: CLOCK_REALTIME as u32, + __owner: 0xfffffffb, +}; +pub const PTHREAD_RWLOCK_INITIALIZER: pthread_rwlock_t = pthread_rwlock_t { + __active: 0, + __blockedwriters: 0, + __blockedreaders: 0, + __heavy: 0, + __lock: PTHREAD_MUTEX_INITIALIZER, + __rcond: PTHREAD_COND_INITIALIZER, + __wcond: PTHREAD_COND_INITIALIZER, + __owner: -2i32 as ::c_uint, + __spare: 0, +}; + +const_fn! { + {const} fn _CMSG_ALIGN(len: usize) -> usize { + len + ::mem::size_of::() - 1 & !(::mem::size_of::() - 1) + } + + {const} fn _ALIGN(p: usize, b: usize) -> usize { + (p + b - 1) & !(b-1) + } +} + +f! { + pub fn CMSG_FIRSTHDR(mhdr: *const msghdr) -> *mut cmsghdr { + if (*mhdr).msg_controllen as usize >= ::mem::size_of::() { + (*mhdr).msg_control as *mut cmsghdr + } else { + 0 as *mut cmsghdr + } + } + + pub fn CMSG_NXTHDR(mhdr: *const ::msghdr, cmsg: *const ::cmsghdr) + -> *mut ::cmsghdr + { + let msg = _CMSG_ALIGN((*cmsg).cmsg_len as usize); + let next = cmsg as usize + msg + _CMSG_ALIGN(::mem::size_of::<::cmsghdr>()); + if next > (*mhdr).msg_control as usize + (*mhdr).msg_controllen as usize { + 0 as *mut ::cmsghdr + } else { + (cmsg as usize + msg) as *mut ::cmsghdr + } + } + + pub fn CMSG_DATA(cmsg: *const ::cmsghdr) -> *mut ::c_uchar { + (cmsg as *mut ::c_uchar) + .offset(_CMSG_ALIGN(::mem::size_of::<::cmsghdr>()) as isize) + } + + pub fn CMSG_LEN(length: ::c_uint) -> ::c_uint { + _CMSG_ALIGN(::mem::size_of::<::cmsghdr>()) as ::c_uint + length + } + + pub {const} fn CMSG_SPACE(length: ::c_uint) -> ::c_uint { + (_CMSG_ALIGN(::mem::size_of::()) + _CMSG_ALIGN(length as usize) ) + as ::c_uint + } + + pub fn FD_CLR(fd: ::c_int, set: *mut fd_set) -> () { + let fd = fd as usize; + let size = ::mem::size_of_val(&(*set).fds_bits[0]) * 8; + (*set).fds_bits[fd / size] &= !(1 << (fd % size)); + return + } + + pub fn FD_ISSET(fd: ::c_int, set: *const fd_set) -> bool { + let fd = fd as usize; + let size = ::mem::size_of_val(&(*set).fds_bits[0]) * 8; + return ((*set).fds_bits[fd / size] & (1 << (fd % size))) != 0 + } + + pub fn FD_SET(fd: ::c_int, set: *mut fd_set) -> () { + let fd = fd as usize; + let size = ::mem::size_of_val(&(*set).fds_bits[0]) * 8; + (*set).fds_bits[fd / size] |= 1 << (fd % size); + return + } + + pub fn FD_ZERO(set: *mut fd_set) -> () { + for slot in (*set).fds_bits.iter_mut() { + *slot = 0; + } + } + + pub fn _DEXTRA_FIRST(_d: *const dirent) -> *mut ::dirent_extra { + let _f = &((*(_d)).d_name) as *const _; + let _s = _d as usize; + + _ALIGN(_s + _f as usize - _s + (*_d).d_namelen as usize + 1, 8) as *mut ::dirent_extra + } + + pub fn _DEXTRA_VALID(_x: *const ::dirent_extra, _d: *const dirent) -> bool { + let sz = _x as usize - _d as usize + ::mem::size_of::<::dirent_extra>(); + let rsz = (*_d).d_reclen as usize; + + if sz > rsz || sz + (*_x).d_datalen as usize > rsz { + false + } else { + true + } + } + + pub fn _DEXTRA_NEXT(_x: *const ::dirent_extra) -> *mut ::dirent_extra { + _ALIGN( + _x as usize + ::mem::size_of::<::dirent_extra>() + (*_x).d_datalen as usize, 8 + ) as *mut ::dirent_extra + } + + pub fn SOCKCREDSIZE(ngrps: usize) -> usize { + let ngrps = if ngrps > 0 { + ngrps - 1 + } else { + 0 + }; + ::mem::size_of::() + ::mem::size_of::<::gid_t>() * ngrps + } +} + +safe_f! { + pub {const} fn WIFSTOPPED(status: ::c_int) -> bool { + (status & 0xff) == 0x7f + } + + pub {const} fn WSTOPSIG(status: ::c_int) -> ::c_int { + (status >> 8) & 0xff + } + + pub {const} fn WIFCONTINUED(status: ::c_int) -> bool { + status == 0xffff + } + + pub {const} fn WIFSIGNALED(status: ::c_int) -> bool { + ((status & 0x7f) + 1) as i8 >= 2 + } + + pub {const} fn WTERMSIG(status: ::c_int) -> ::c_int { + status & 0x7f + } + + pub {const} fn WIFEXITED(status: ::c_int) -> bool { + (status & 0x7f) == 0 + } + + pub {const} fn WEXITSTATUS(status: ::c_int) -> ::c_int { + (status >> 8) & 0xff + } + + pub {const} fn WCOREDUMP(status: ::c_int) -> bool { + (status & 0x80) != 0 + } + + pub {const} fn IPTOS_ECN(x: u8) -> u8 { + x & ::IPTOS_ECN_MASK + } +} + +// Network related functions are provided by libsocket and regex +// functions are provided by libregex. +#[link(name = "socket")] +#[link(name = "regex")] + +extern "C" { + pub fn sem_destroy(sem: *mut sem_t) -> ::c_int; + pub fn sem_init(sem: *mut sem_t, pshared: ::c_int, value: ::c_uint) -> ::c_int; + pub fn fdatasync(fd: ::c_int) -> ::c_int; + pub fn getpriority(which: ::c_int, who: ::id_t) -> ::c_int; + pub fn setpriority(which: ::c_int, who: ::id_t, prio: ::c_int) -> ::c_int; + pub fn mkfifoat(dirfd: ::c_int, pathname: *const ::c_char, mode: ::mode_t) -> ::c_int; + + pub fn clock_getres(clk_id: ::clockid_t, tp: *mut ::timespec) -> ::c_int; + pub fn clock_gettime(clk_id: ::clockid_t, tp: *mut ::timespec) -> ::c_int; + pub fn clock_settime(clk_id: ::clockid_t, tp: *const ::timespec) -> ::c_int; + pub fn clock_getcpuclockid(pid: ::pid_t, clk_id: *mut ::clockid_t) -> ::c_int; + + pub fn pthread_attr_getstack( + attr: *const ::pthread_attr_t, + stackaddr: *mut *mut ::c_void, + stacksize: *mut ::size_t, + ) -> ::c_int; + pub fn memalign(align: ::size_t, size: ::size_t) -> *mut ::c_void; + pub fn setgroups(ngroups: ::c_int, ptr: *const ::gid_t) -> ::c_int; + + pub fn posix_fadvise(fd: ::c_int, offset: ::off_t, len: ::off_t, advise: ::c_int) -> ::c_int; + pub fn futimens(fd: ::c_int, times: *const ::timespec) -> ::c_int; + pub fn nl_langinfo(item: ::nl_item) -> *mut ::c_char; + + pub fn utimensat( + dirfd: ::c_int, + path: *const ::c_char, + times: *const ::timespec, + flag: ::c_int, + ) -> ::c_int; + + pub fn pthread_condattr_getclock( + attr: *const pthread_condattr_t, + clock_id: *mut clockid_t, + ) -> ::c_int; + pub fn pthread_condattr_setclock( + attr: *mut pthread_condattr_t, + clock_id: ::clockid_t, + ) -> ::c_int; + pub fn pthread_condattr_setpshared(attr: *mut pthread_condattr_t, pshared: ::c_int) -> ::c_int; + pub fn pthread_mutexattr_setpshared( + attr: *mut pthread_mutexattr_t, + pshared: ::c_int, + ) -> ::c_int; + pub fn pthread_rwlockattr_getpshared( + attr: *const pthread_rwlockattr_t, + val: *mut ::c_int, + ) -> ::c_int; + pub fn pthread_rwlockattr_setpshared(attr: *mut pthread_rwlockattr_t, val: ::c_int) -> ::c_int; + pub fn ptsname_r(fd: ::c_int, buf: *mut ::c_char, buflen: ::size_t) -> *mut ::c_char; + pub fn clearenv() -> ::c_int; + pub fn waitid(idtype: idtype_t, id: id_t, infop: *mut ::siginfo_t, options: ::c_int) + -> ::c_int; + pub fn wait4( + pid: ::pid_t, + status: *mut ::c_int, + options: ::c_int, + rusage: *mut ::rusage, + ) -> ::pid_t; + pub fn execvpe( + file: *const ::c_char, + argv: *const *const ::c_char, + envp: *const *const ::c_char, + ) -> ::c_int; + + pub fn getifaddrs(ifap: *mut *mut ::ifaddrs) -> ::c_int; + pub fn freeifaddrs(ifa: *mut ::ifaddrs); + pub fn bind(socket: ::c_int, address: *const ::sockaddr, address_len: ::socklen_t) -> ::c_int; + + pub fn writev(fd: ::c_int, iov: *const ::iovec, iovcnt: ::c_int) -> ::ssize_t; + pub fn readv(fd: ::c_int, iov: *const ::iovec, iovcnt: ::c_int) -> ::ssize_t; + + pub fn sendmsg(fd: ::c_int, msg: *const ::msghdr, flags: ::c_int) -> ::ssize_t; + pub fn recvmsg(fd: ::c_int, msg: *mut ::msghdr, flags: ::c_int) -> ::ssize_t; + pub fn openpty( + amaster: *mut ::c_int, + aslave: *mut ::c_int, + name: *mut ::c_char, + termp: *mut termios, + winp: *mut ::winsize, + ) -> ::c_int; + pub fn forkpty( + amaster: *mut ::c_int, + name: *mut ::c_char, + termp: *mut termios, + winp: *mut ::winsize, + ) -> ::pid_t; + pub fn login_tty(fd: ::c_int) -> ::c_int; + + pub fn uname(buf: *mut ::utsname) -> ::c_int; + + pub fn getpeereid(socket: ::c_int, euid: *mut ::uid_t, egid: *mut ::gid_t) -> ::c_int; + + pub fn strerror_r(errnum: ::c_int, buf: *mut c_char, buflen: ::size_t) -> ::c_int; + + pub fn abs(i: ::c_int) -> ::c_int; + pub fn atof(s: *const ::c_char) -> ::c_double; + pub fn labs(i: ::c_long) -> ::c_long; + pub fn rand() -> ::c_int; + pub fn srand(seed: ::c_uint); + + pub fn setpwent(); + pub fn endpwent(); + pub fn getpwent() -> *mut passwd; + pub fn setgrent(); + pub fn endgrent(); + pub fn getgrent() -> *mut ::group; + pub fn setspent(); + pub fn endspent(); + + pub fn shm_open(name: *const c_char, oflag: ::c_int, mode: mode_t) -> ::c_int; + + pub fn ftok(pathname: *const ::c_char, proj_id: ::c_int) -> ::key_t; + pub fn mprotect(addr: *mut ::c_void, len: ::size_t, prot: ::c_int) -> ::c_int; + + pub fn posix_fallocate(fd: ::c_int, offset: ::off_t, len: ::off_t) -> ::c_int; + pub fn mkostemp(template: *mut ::c_char, flags: ::c_int) -> ::c_int; + pub fn mkostemps(template: *mut ::c_char, suffixlen: ::c_int, flags: ::c_int) -> ::c_int; + pub fn sigtimedwait( + set: *const sigset_t, + info: *mut siginfo_t, + timeout: *const ::timespec, + ) -> ::c_int; + pub fn sigwaitinfo(set: *const sigset_t, info: *mut siginfo_t) -> ::c_int; + pub fn pthread_setschedprio(native: ::pthread_t, priority: ::c_int) -> ::c_int; + + pub fn if_nameindex() -> *mut if_nameindex; + pub fn if_freenameindex(ptr: *mut if_nameindex); + + pub fn glob( + pattern: *const c_char, + flags: ::c_int, + errfunc: ::Option ::c_int>, + pglob: *mut ::glob_t, + ) -> ::c_int; + pub fn globfree(pglob: *mut ::glob_t); + + pub fn posix_madvise(addr: *mut ::c_void, len: ::size_t, advice: ::c_int) -> ::c_int; + + pub fn shm_unlink(name: *const ::c_char) -> ::c_int; + + pub fn seekdir(dirp: *mut ::DIR, loc: ::c_long); + + pub fn telldir(dirp: *mut ::DIR) -> ::c_long; + + pub fn msync(addr: *mut ::c_void, len: ::size_t, flags: ::c_int) -> ::c_int; + + pub fn recvfrom( + socket: ::c_int, + buf: *mut ::c_void, + len: ::size_t, + flags: ::c_int, + addr: *mut ::sockaddr, + addrlen: *mut ::socklen_t, + ) -> ::ssize_t; + pub fn mkstemps(template: *mut ::c_char, suffixlen: ::c_int) -> ::c_int; + + pub fn getdomainname(name: *mut ::c_char, len: ::size_t) -> ::c_int; + pub fn setdomainname(name: *const ::c_char, len: ::size_t) -> ::c_int; + pub fn sync(); + pub fn pthread_getschedparam( + native: ::pthread_t, + policy: *mut ::c_int, + param: *mut ::sched_param, + ) -> ::c_int; + pub fn umount(target: *const ::c_char, flags: ::c_int) -> ::c_int; + pub fn sched_get_priority_max(policy: ::c_int) -> ::c_int; + pub fn settimeofday(tv: *const ::timeval, tz: *const ::c_void) -> ::c_int; + pub fn sched_rr_get_interval(pid: ::pid_t, tp: *mut ::timespec) -> ::c_int; + pub fn sem_timedwait(sem: *mut sem_t, abstime: *const ::timespec) -> ::c_int; + pub fn sem_getvalue(sem: *mut sem_t, sval: *mut ::c_int) -> ::c_int; + pub fn sched_setparam(pid: ::pid_t, param: *const ::sched_param) -> ::c_int; + pub fn mount( + special_device: *const ::c_char, + mount_directory: *const ::c_char, + flags: ::c_int, + mount_type: *const ::c_char, + mount_data: *const ::c_void, + mount_datalen: ::c_int, + ) -> ::c_int; + pub fn sched_getparam(pid: ::pid_t, param: *mut ::sched_param) -> ::c_int; + pub fn pthread_mutex_consistent(mutex: *mut pthread_mutex_t) -> ::c_int; + pub fn pthread_mutex_timedlock( + lock: *mut pthread_mutex_t, + abstime: *const ::timespec, + ) -> ::c_int; + pub fn pthread_spin_init(lock: *mut ::pthread_spinlock_t, pshared: ::c_int) -> ::c_int; + pub fn pthread_spin_destroy(lock: *mut ::pthread_spinlock_t) -> ::c_int; + pub fn pthread_spin_lock(lock: *mut ::pthread_spinlock_t) -> ::c_int; + pub fn pthread_spin_trylock(lock: *mut ::pthread_spinlock_t) -> ::c_int; + pub fn pthread_spin_unlock(lock: *mut ::pthread_spinlock_t) -> ::c_int; + pub fn pthread_barrierattr_init(__attr: *mut ::pthread_barrierattr_t) -> ::c_int; + pub fn pthread_barrierattr_destroy(__attr: *mut ::pthread_barrierattr_t) -> ::c_int; + pub fn pthread_barrierattr_getpshared( + __attr: *const ::pthread_barrierattr_t, + __pshared: *mut ::c_int, + ) -> ::c_int; + pub fn pthread_barrierattr_setpshared( + __attr: *mut ::pthread_barrierattr_t, + __pshared: ::c_int, + ) -> ::c_int; + pub fn pthread_barrier_init( + __barrier: *mut ::pthread_barrier_t, + __attr: *const ::pthread_barrierattr_t, + __count: ::c_uint, + ) -> ::c_int; + pub fn pthread_barrier_destroy(__barrier: *mut ::pthread_barrier_t) -> ::c_int; + pub fn pthread_barrier_wait(__barrier: *mut ::pthread_barrier_t) -> ::c_int; + + pub fn sched_getscheduler(pid: ::pid_t) -> ::c_int; + pub fn clock_nanosleep( + clk_id: ::clockid_t, + flags: ::c_int, + rqtp: *const ::timespec, + rmtp: *mut ::timespec, + ) -> ::c_int; + pub fn pthread_attr_getguardsize( + attr: *const ::pthread_attr_t, + guardsize: *mut ::size_t, + ) -> ::c_int; + pub fn sethostname(name: *const ::c_char, len: ::size_t) -> ::c_int; + pub fn sched_get_priority_min(policy: ::c_int) -> ::c_int; + pub fn pthread_condattr_getpshared( + attr: *const pthread_condattr_t, + pshared: *mut ::c_int, + ) -> ::c_int; + pub fn pthread_setschedparam( + native: ::pthread_t, + policy: ::c_int, + param: *const ::sched_param, + ) -> ::c_int; + pub fn sched_setscheduler( + pid: ::pid_t, + policy: ::c_int, + param: *const ::sched_param, + ) -> ::c_int; + pub fn sigsuspend(mask: *const ::sigset_t) -> ::c_int; + pub fn getgrgid_r( + gid: ::gid_t, + grp: *mut ::group, + buf: *mut ::c_char, + buflen: ::size_t, + result: *mut *mut ::group, + ) -> ::c_int; + pub fn sem_close(sem: *mut sem_t) -> ::c_int; + pub fn getdtablesize() -> ::c_int; + pub fn getgrnam_r( + name: *const ::c_char, + grp: *mut ::group, + buf: *mut ::c_char, + buflen: ::size_t, + result: *mut *mut ::group, + ) -> ::c_int; + pub fn initgroups(user: *const ::c_char, group: ::gid_t) -> ::c_int; + pub fn pthread_sigmask(how: ::c_int, set: *const sigset_t, oldset: *mut sigset_t) -> ::c_int; + pub fn sem_open(name: *const ::c_char, oflag: ::c_int, ...) -> *mut sem_t; + pub fn getgrnam(name: *const ::c_char) -> *mut ::group; + pub fn pthread_cancel(thread: ::pthread_t) -> ::c_int; + pub fn pthread_kill(thread: ::pthread_t, sig: ::c_int) -> ::c_int; + pub fn sem_unlink(name: *const ::c_char) -> ::c_int; + pub fn daemon(nochdir: ::c_int, noclose: ::c_int) -> ::c_int; + pub fn getpwnam_r( + name: *const ::c_char, + pwd: *mut passwd, + buf: *mut ::c_char, + buflen: ::size_t, + result: *mut *mut passwd, + ) -> ::c_int; + pub fn getpwuid_r( + uid: ::uid_t, + pwd: *mut passwd, + buf: *mut ::c_char, + buflen: ::size_t, + result: *mut *mut passwd, + ) -> ::c_int; + pub fn sigwait(set: *const sigset_t, sig: *mut ::c_int) -> ::c_int; + pub fn pthread_atfork( + prepare: ::Option, + parent: ::Option, + child: ::Option, + ) -> ::c_int; + pub fn getgrgid(gid: ::gid_t) -> *mut ::group; + pub fn getgrouplist( + user: *const ::c_char, + group: ::gid_t, + groups: *mut ::gid_t, + ngroups: *mut ::c_int, + ) -> ::c_int; + pub fn pthread_mutexattr_getpshared( + attr: *const pthread_mutexattr_t, + pshared: *mut ::c_int, + ) -> ::c_int; + pub fn pthread_mutexattr_getrobust( + attr: *const pthread_mutexattr_t, + robustness: *mut ::c_int, + ) -> ::c_int; + pub fn pthread_mutexattr_setrobust( + attr: *mut pthread_mutexattr_t, + robustness: ::c_int, + ) -> ::c_int; + pub fn pthread_create( + native: *mut ::pthread_t, + attr: *const ::pthread_attr_t, + f: extern "C" fn(*mut ::c_void) -> *mut ::c_void, + value: *mut ::c_void, + ) -> ::c_int; + pub fn getitimer(which: ::c_int, curr_value: *mut ::itimerval) -> ::c_int; + pub fn setitimer( + which: ::c_int, + value: *const ::itimerval, + ovalue: *mut ::itimerval, + ) -> ::c_int; + pub fn posix_spawn( + pid: *mut ::pid_t, + path: *const ::c_char, + file_actions: *const ::posix_spawn_file_actions_t, + attrp: *const ::posix_spawnattr_t, + argv: *const *mut ::c_char, + envp: *const *mut ::c_char, + ) -> ::c_int; + pub fn posix_spawnp( + pid: *mut ::pid_t, + file: *const ::c_char, + file_actions: *const ::posix_spawn_file_actions_t, + attrp: *const ::posix_spawnattr_t, + argv: *const *mut ::c_char, + envp: *const *mut ::c_char, + ) -> ::c_int; + pub fn posix_spawnattr_init(attr: *mut posix_spawnattr_t) -> ::c_int; + pub fn posix_spawnattr_destroy(attr: *mut posix_spawnattr_t) -> ::c_int; + pub fn posix_spawnattr_getsigdefault( + attr: *const posix_spawnattr_t, + default: *mut ::sigset_t, + ) -> ::c_int; + pub fn posix_spawnattr_setsigdefault( + attr: *mut posix_spawnattr_t, + default: *const ::sigset_t, + ) -> ::c_int; + pub fn posix_spawnattr_getsigmask( + attr: *const posix_spawnattr_t, + default: *mut ::sigset_t, + ) -> ::c_int; + pub fn posix_spawnattr_setsigmask( + attr: *mut posix_spawnattr_t, + default: *const ::sigset_t, + ) -> ::c_int; + pub fn posix_spawnattr_getflags( + attr: *const posix_spawnattr_t, + flags: *mut ::c_short, + ) -> ::c_int; + pub fn posix_spawnattr_setflags(attr: *mut posix_spawnattr_t, flags: ::c_short) -> ::c_int; + pub fn posix_spawnattr_getpgroup( + attr: *const posix_spawnattr_t, + flags: *mut ::pid_t, + ) -> ::c_int; + pub fn posix_spawnattr_setpgroup(attr: *mut posix_spawnattr_t, flags: ::pid_t) -> ::c_int; + pub fn posix_spawnattr_getschedpolicy( + attr: *const posix_spawnattr_t, + flags: *mut ::c_int, + ) -> ::c_int; + pub fn posix_spawnattr_setschedpolicy(attr: *mut posix_spawnattr_t, flags: ::c_int) -> ::c_int; + pub fn posix_spawnattr_getschedparam( + attr: *const posix_spawnattr_t, + param: *mut ::sched_param, + ) -> ::c_int; + pub fn posix_spawnattr_setschedparam( + attr: *mut posix_spawnattr_t, + param: *const ::sched_param, + ) -> ::c_int; + + pub fn posix_spawn_file_actions_init(actions: *mut posix_spawn_file_actions_t) -> ::c_int; + pub fn posix_spawn_file_actions_destroy(actions: *mut posix_spawn_file_actions_t) -> ::c_int; + pub fn posix_spawn_file_actions_addopen( + actions: *mut posix_spawn_file_actions_t, + fd: ::c_int, + path: *const ::c_char, + oflag: ::c_int, + mode: ::mode_t, + ) -> ::c_int; + pub fn posix_spawn_file_actions_addclose( + actions: *mut posix_spawn_file_actions_t, + fd: ::c_int, + ) -> ::c_int; + pub fn posix_spawn_file_actions_adddup2( + actions: *mut posix_spawn_file_actions_t, + fd: ::c_int, + newfd: ::c_int, + ) -> ::c_int; + pub fn popen(command: *const c_char, mode: *const c_char) -> *mut ::FILE; + pub fn faccessat( + dirfd: ::c_int, + pathname: *const ::c_char, + mode: ::c_int, + flags: ::c_int, + ) -> ::c_int; + pub fn inotify_rm_watch(fd: ::c_int, wd: ::c_int) -> ::c_int; + pub fn inotify_init() -> ::c_int; + pub fn inotify_add_watch(fd: ::c_int, path: *const ::c_char, mask: u32) -> ::c_int; + + pub fn gettid() -> ::pid_t; + + pub fn pthread_getcpuclockid(thread: ::pthread_t, clk_id: *mut ::clockid_t) -> ::c_int; + + pub fn getnameinfo( + sa: *const ::sockaddr, + salen: ::socklen_t, + host: *mut ::c_char, + hostlen: ::socklen_t, + serv: *mut ::c_char, + sevlen: ::socklen_t, + flags: ::c_int, + ) -> ::c_int; + + pub fn sendmmsg( + sockfd: ::c_int, + msgvec: *mut ::mmsghdr, + vlen: ::c_uint, + flags: ::c_uint, + ) -> ::c_int; + pub fn recvmmsg( + sockfd: ::c_int, + msgvec: *mut ::mmsghdr, + vlen: ::c_uint, + flags: ::c_uint, + timeout: *mut ::timespec, + ) -> ::c_int; + + pub fn mallopt(param: ::c_int, value: i64) -> ::c_int; + pub fn gettimeofday(tp: *mut ::timeval, tz: *mut ::c_void) -> ::c_int; + + pub fn ctermid(s: *mut ::c_char) -> *mut ::c_char; + pub fn ioctl(fd: ::c_int, request: ::c_int, ...) -> ::c_int; + + pub fn mallinfo() -> ::mallinfo; + pub fn getpwent_r( + pwd: *mut ::passwd, + buf: *mut ::c_char, + __bufsize: ::c_int, + __result: *mut *mut ::passwd, + ) -> ::c_int; + pub fn pthread_getname_np(thread: ::pthread_t, name: *mut ::c_char, len: ::c_int) -> ::c_int; + pub fn pthread_setname_np(thread: ::pthread_t, name: *const ::c_char) -> ::c_int; + + pub fn sysctl( + _: *const ::c_int, + _: ::c_uint, + _: *mut ::c_void, + _: *mut ::size_t, + _: *const ::c_void, + _: ::size_t, + ) -> ::c_int; + + pub fn getrlimit(resource: ::c_int, rlim: *mut ::rlimit) -> ::c_int; + pub fn setrlimit(resource: ::c_int, rlp: *const ::rlimit) -> ::c_int; + + pub fn lio_listio( + __mode: ::c_int, + __list: *const *mut aiocb, + __nent: ::c_int, + __sig: *mut sigevent, + ) -> ::c_int; + + pub fn dl_iterate_phdr( + callback: ::Option< + unsafe extern "C" fn( + info: *const dl_phdr_info, + size: ::size_t, + data: *mut ::c_void, + ) -> ::c_int, + >, + data: *mut ::c_void, + ) -> ::c_int; + + pub fn memset_s(s: *mut ::c_void, smax: ::size_t, c: ::c_int, n: ::size_t) -> ::c_int; + + pub fn regcomp( + __preg: *mut ::regex_t, + __pattern: *const ::c_char, + __cflags: ::c_int, + ) -> ::c_int; + pub fn regexec( + __preg: *const ::regex_t, + __str: *const ::c_char, + __nmatch: ::size_t, + __pmatch: *mut ::regmatch_t, + __eflags: ::c_int, + ) -> ::c_int; + pub fn regerror( + __errcode: ::c_int, + __preg: *const ::regex_t, + __errbuf: *mut ::c_char, + __errbuf_size: ::size_t, + ) -> ::size_t; + pub fn regfree(__preg: *mut ::regex_t); + pub fn dirfd(__dirp: *mut ::DIR) -> ::c_int; + pub fn dircntl(dir: *mut ::DIR, cmd: ::c_int, ...) -> ::c_int; + + pub fn aio_cancel(__fd: ::c_int, __aiocbp: *mut ::aiocb) -> ::c_int; + pub fn aio_error(__aiocbp: *const ::aiocb) -> ::c_int; + pub fn aio_fsync(__operation: ::c_int, __aiocbp: *mut ::aiocb) -> ::c_int; + pub fn aio_read(__aiocbp: *mut ::aiocb) -> ::c_int; + pub fn aio_return(__aiocpb: *mut ::aiocb) -> ::ssize_t; + pub fn aio_suspend( + __list: *const *const ::aiocb, + __nent: ::c_int, + __timeout: *const ::timespec, + ) -> ::c_int; + pub fn aio_write(__aiocpb: *mut ::aiocb) -> ::c_int; + + pub fn mq_close(__mqdes: ::mqd_t) -> ::c_int; + pub fn mq_getattr(__mqdes: ::mqd_t, __mqstat: *mut ::mq_attr) -> ::c_int; + pub fn mq_notify(__mqdes: ::mqd_t, __notification: *const ::sigevent) -> ::c_int; + pub fn mq_open(__name: *const ::c_char, __oflag: ::c_int, ...) -> ::mqd_t; + pub fn mq_receive( + __mqdes: ::mqd_t, + __msg_ptr: *mut ::c_char, + __msg_len: ::size_t, + __msg_prio: *mut ::c_uint, + ) -> ::ssize_t; + pub fn mq_send( + __mqdes: ::mqd_t, + __msg_ptr: *const ::c_char, + __msg_len: ::size_t, + __msg_prio: ::c_uint, + ) -> ::c_int; + pub fn mq_setattr( + __mqdes: ::mqd_t, + __mqstat: *const mq_attr, + __omqstat: *mut mq_attr, + ) -> ::c_int; + pub fn mq_timedreceive( + __mqdes: ::mqd_t, + __msg_ptr: *mut ::c_char, + __msg_len: ::size_t, + __msg_prio: *mut ::c_uint, + __abs_timeout: *const ::timespec, + ) -> ::ssize_t; + pub fn mq_timedsend( + __mqdes: ::mqd_t, + __msg_ptr: *const ::c_char, + __msg_len: ::size_t, + __msg_prio: ::c_uint, + __abs_timeout: *const ::timespec, + ) -> ::c_int; + pub fn mq_unlink(__name: *const ::c_char) -> ::c_int; + pub fn __get_errno_ptr() -> *mut ::c_int; + + // System page, see https://www.qnx.com/developers/docs/7.1#com.qnx.doc.neutrino.building/topic/syspage/syspage_about.html + pub static mut _syspage_ptr: *mut syspage_entry; + + // Function on the stack after a call to pthread_create(). This is used + // as a sentinel to work around an infitnite loop in the unwinding code. + pub fn __my_thread_exit(value_ptr: *mut *const ::c_void); +} + +// Models the implementation in stdlib.h. Ctest will fail if trying to use the +// default symbol from libc +pub unsafe fn atexit(cb: extern "C" fn()) -> ::c_int { + extern "C" { + static __dso_handle: *mut ::c_void; + pub fn __cxa_atexit( + cb: extern "C" fn(), + __arg: *mut ::c_void, + __dso: *mut ::c_void, + ) -> ::c_int; + } + __cxa_atexit(cb, 0 as *mut ::c_void, __dso_handle) +} + +impl siginfo_t { + pub unsafe fn si_addr(&self) -> *mut ::c_void { + #[repr(C)] + struct siginfo_si_addr { + _pad: [u8; 32], + si_addr: *mut ::c_void, + } + (*(self as *const siginfo_t as *const siginfo_si_addr)).si_addr + } + + pub unsafe fn si_value(&self) -> ::sigval { + #[repr(C)] + struct siginfo_si_value { + _pad: [u8; 32], + si_value: ::sigval, + } + (*(self as *const siginfo_t as *const siginfo_si_value)).si_value + } + + pub unsafe fn si_pid(&self) -> ::pid_t { + #[repr(C)] + struct siginfo_si_pid { + _pad: [u8; 16], + si_pid: ::pid_t, + } + (*(self as *const siginfo_t as *const siginfo_si_pid)).si_pid + } + + pub unsafe fn si_uid(&self) -> ::uid_t { + #[repr(C)] + struct siginfo_si_uid { + _pad: [u8; 24], + si_uid: ::uid_t, + } + (*(self as *const siginfo_t as *const siginfo_si_uid)).si_uid + } + + pub unsafe fn si_status(&self) -> ::c_int { + #[repr(C)] + struct siginfo_si_status { + _pad: [u8; 28], + si_status: ::c_int, + } + (*(self as *const siginfo_t as *const siginfo_si_status)).si_status + } +} + +cfg_if! { + if #[cfg(target_arch = "x86_64")] { + mod x86_64; + pub use self::x86_64::*; + } + else if #[cfg(target_arch = "aarch64")] { + mod aarch64; + pub use self::aarch64::*; + } + else { + panic!("Unsupported arch"); + } +} + +mod neutrino; +pub use self::neutrino::*; diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/nto/neutrino.rs suricata-6.0.10/rust/vendor/libc/src/unix/nto/neutrino.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/nto/neutrino.rs 1970-01-01 00:00:00.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/nto/neutrino.rs 2023-01-31 06:31:40.000000000 +0000 @@ -0,0 +1,1288 @@ +pub type nto_job_t = ::sync_t; + +s! { + pub struct intrspin { + pub value: ::c_uint, // volatile + } + + pub struct iov_t { + pub iov_base: *mut ::c_void, // union + pub iov_len: ::size_t, + } + + pub struct _itimer { + pub nsec: u64, + pub interval_nsec: u64, + } + + pub struct _msg_info64 { + pub nd: u32, + pub srcnd: u32, + pub pid: ::pid_t, + pub tid: i32, + pub chid: i32, + pub scoid: i32, + pub coid: i32, + pub priority: i16, + pub flags: i16, + pub msglen: isize, + pub srcmsglen: isize, + pub dstmsglen: isize, + pub type_id: u32, + reserved: u32, + } + + pub struct _cred_info { + pub ruid: ::uid_t, + pub euid: ::uid_t, + pub suid: ::uid_t, + pub rgid: ::gid_t, + pub egid: ::gid_t, + pub sgid: ::gid_t, + pub ngroups: u32, + pub grouplist: [::gid_t; 8], + } + + pub struct _client_info { + pub nd: u32, + pub pid: ::pid_t, + pub sid: ::pid_t, + pub flags: u32, + pub cred: ::_cred_info, + } + + pub struct _client_able { + pub ability: u32, + pub flags: u32, + pub range_lo: u64, + pub range_hi: u64, + } + + pub struct nto_channel_config { + pub event: ::sigevent, + pub num_pulses: ::c_uint, + pub rearm_threshold: ::c_uint, + pub options: ::c_uint, + reserved: [::c_uint; 3], + } + + // TODO: The following structures are defined in a header file which doesn't + // appear as part of the default headers found in a standard installation + // of Neutrino 7.1 SDP. Commented out for now. + //pub struct _asyncmsg_put_header { + // pub err: ::c_int, + // pub iov: *mut ::iov_t, + // pub parts: ::c_int, + // pub handle: ::c_uint, + // pub cb: ::Option< + // unsafe extern "C" fn( + // err: ::c_int, + // buf: *mut ::c_void, + // handle: ::c_uint, + // ) -> ::c_int>, + // pub put_hdr_flags: ::c_uint, + //} + + //pub struct _asyncmsg_connection_attr { + // pub call_back: ::Option< + // unsafe extern "C" fn( + // err: ::c_int, + // buff: *mut ::c_void, + // handle: ::c_uint, + // ) -> ::c_int>, + // pub buffer_size: ::size_t, + // pub max_num_buffer: ::c_uint, + // pub trigger_num_msg: ::c_uint, + // pub trigger_time: ::_itimer, + // reserve: ::c_uint, + //} + + //pub struct _asyncmsg_connection_descriptor { + // pub flags: ::c_uint, + // pub sendq_size: ::c_uint, + // pub sendq_head: ::c_uint, + // pub sendq_tail: ::c_uint, + // pub sendq_free: ::c_uint, + // pub err: ::c_int, + // pub ev: ::sigevent, + // pub num_curmsg: ::c_uint, + // pub ttimer: ::timer_t, + // pub block_con: ::pthread_cond_t, + // pub mu: ::pthread_mutex_t, + // reserved: ::c_uint, + // pub attr: ::_asyncmsg_connection_attr, + // pub reserves: [::c_uint; 3], + // pub sendq: [::_asyncmsg_put_header; 1], // flexarray + //} + + pub struct __c_anonymous_struct_ev { + pub event: ::sigevent, + pub coid: ::c_int, + } + + pub struct _channel_connect_attr { // union + pub ev: ::__c_anonymous_struct_ev, + } + + pub struct _sighandler_info { + pub siginfo: ::siginfo_t, + pub handler: ::Option, + pub context: *mut ::c_void, + } + + pub struct __c_anonymous_struct_time { + pub length: ::c_uint, + pub scale: ::c_uint, + } + + pub struct _idle_hook { + pub hook_size: ::c_uint, + pub cmd: ::c_uint, + pub mode: ::c_uint, + pub latency: ::c_uint, + pub next_fire: u64, + pub curr_time: u64, + pub tod_adjust: u64, + pub resp: ::c_uint, + pub time: __c_anonymous_struct_time, + pub trigger: ::sigevent, + pub intrs: *mut ::c_uint, + pub block_stack_size: ::c_uint, + } + + pub struct _clockadjust { + pub tick_count: u32, + pub tick_nsec_inc: i32, + } + + pub struct qtime_entry { + pub cycles_per_sec: u64, + pub nsec_tod_adjust: u64, // volatile + pub nsec: u64, // volatile + pub nsec_inc: u32, + pub boot_time: u32, + pub adjust: _clockadjust, + pub timer_rate: u32, + pub timer_scale: i32, + pub timer_load: u32, + pub intr: i32, + pub epoch: u32, + pub flags: u32, + pub rr_interval_mul: u32, + pub timer_load_hi: u32, + pub nsec_stable: u64, // volatile + pub timer_load_max: u64, + pub timer_prog_time: u32, + spare: [u32; 7], + } + + pub struct _sched_info { + pub priority_min: ::c_int, + pub priority_max: ::c_int, + pub interval: u64, + pub priority_priv: ::c_int, + reserved: [::c_int; 11], + } + + pub struct _timer_info { + pub itime: ::_itimer, + pub otime: ::_itimer, + pub flags: u32, + pub tid: i32, + pub notify: i32, + pub clockid: ::clockid_t, + pub overruns: u32, + pub event: ::sigevent, // union + } + + pub struct _clockperiod { + pub nsec: u32, + pub fract: i32, + } +} + +s_no_extra_traits! { + pub struct syspage_entry_info { + pub entry_off: u16, + pub entry_size: u16, + } + + pub struct syspage_array_info { + entry_off: u16, + entry_size: u16, + element_size: u16, + } + + #[repr(align(8))] + pub struct syspage_entry { + pub size: u16, + pub total_size: u16, + pub type_: u16, + pub num_cpu: u16, + pub system_private: syspage_entry_info, + pub old_asinfo: syspage_entry_info, + pub __mangle_name_to_cause_compilation_errs_meminfo: syspage_entry_info, + pub hwinfo: syspage_entry_info, + pub old_cpuinfo: syspage_entry_info, + pub old_cacheattr: syspage_entry_info, + pub qtime: syspage_entry_info, + pub callout: syspage_entry_info, + pub callin: syspage_entry_info, + pub typed_strings: syspage_entry_info, + pub strings: syspage_entry_info, + pub old_intrinfo: syspage_entry_info, + pub smp: syspage_entry_info, + pub pminfo: syspage_entry_info, + pub old_mdriver: syspage_entry_info, + spare0: [u32; 1], + __reserved: [u8; 160], // anonymous union with architecture dependent structs + pub new_asinfo: syspage_array_info, + pub new_cpuinfo: syspage_array_info, + pub new_cacheattr: syspage_array_info, + pub new_intrinfo: syspage_array_info, + pub new_mdriver: syspage_array_info, + } +} + +pub const SYSMGR_PID: u32 = 1; +pub const SYSMGR_CHID: u32 = 1; +pub const SYSMGR_COID: u32 = _NTO_SIDE_CHANNEL; +pub const SYSMGR_HANDLE: u32 = 0; + +pub const STATE_DEAD: ::c_int = 0x00; +pub const STATE_RUNNING: ::c_int = 0x01; +pub const STATE_READY: ::c_int = 0x02; +pub const STATE_STOPPED: ::c_int = 0x03; +pub const STATE_SEND: ::c_int = 0x04; +pub const STATE_RECEIVE: ::c_int = 0x05; +pub const STATE_REPLY: ::c_int = 0x06; +pub const STATE_STACK: ::c_int = 0x07; +pub const STATE_WAITTHREAD: ::c_int = 0x08; +pub const STATE_WAITPAGE: ::c_int = 0x09; +pub const STATE_SIGSUSPEND: ::c_int = 0x0a; +pub const STATE_SIGWAITINFO: ::c_int = 0x0b; +pub const STATE_NANOSLEEP: ::c_int = 0x0c; +pub const STATE_MUTEX: ::c_int = 0x0d; +pub const STATE_CONDVAR: ::c_int = 0x0e; +pub const STATE_JOIN: ::c_int = 0x0f; +pub const STATE_INTR: ::c_int = 0x10; +pub const STATE_SEM: ::c_int = 0x11; +pub const STATE_WAITCTX: ::c_int = 0x12; +pub const STATE_NET_SEND: ::c_int = 0x13; +pub const STATE_NET_REPLY: ::c_int = 0x14; +pub const STATE_MAX: ::c_int = 0x18; + +pub const _NTO_TIMEOUT_RECEIVE: i32 = 1 << STATE_RECEIVE; +pub const _NTO_TIMEOUT_SEND: i32 = 1 << STATE_SEND; +pub const _NTO_TIMEOUT_REPLY: i32 = 1 << STATE_REPLY; +pub const _NTO_TIMEOUT_SIGSUSPEND: i32 = 1 << STATE_SIGSUSPEND; +pub const _NTO_TIMEOUT_SIGWAITINFO: i32 = 1 << STATE_SIGWAITINFO; +pub const _NTO_TIMEOUT_NANOSLEEP: i32 = 1 << STATE_NANOSLEEP; +pub const _NTO_TIMEOUT_MUTEX: i32 = 1 << STATE_MUTEX; +pub const _NTO_TIMEOUT_CONDVAR: i32 = 1 << STATE_CONDVAR; +pub const _NTO_TIMEOUT_JOIN: i32 = 1 << STATE_JOIN; +pub const _NTO_TIMEOUT_INTR: i32 = 1 << STATE_INTR; +pub const _NTO_TIMEOUT_SEM: i32 = 1 << STATE_SEM; + +pub const _NTO_MI_ENDIAN_BIG: u32 = 1; +pub const _NTO_MI_ENDIAN_DIFF: u32 = 2; +pub const _NTO_MI_UNBLOCK_REQ: u32 = 256; +pub const _NTO_MI_NET_CRED_DIRTY: u32 = 512; +pub const _NTO_MI_CONSTRAINED: u32 = 1024; +pub const _NTO_MI_CHROOT: u32 = 2048; +pub const _NTO_MI_BITS_64: u32 = 4096; +pub const _NTO_MI_BITS_DIFF: u32 = 8192; +pub const _NTO_MI_SANDBOX: u32 = 16384; + +pub const _NTO_CI_ENDIAN_BIG: u32 = 1; +pub const _NTO_CI_BKGND_PGRP: u32 = 4; +pub const _NTO_CI_ORPHAN_PGRP: u32 = 8; +pub const _NTO_CI_STOPPED: u32 = 128; +pub const _NTO_CI_UNABLE: u32 = 256; +pub const _NTO_CI_TYPE_ID: u32 = 512; +pub const _NTO_CI_CHROOT: u32 = 2048; +pub const _NTO_CI_BITS_64: u32 = 4096; +pub const _NTO_CI_SANDBOX: u32 = 16384; +pub const _NTO_CI_LOADER: u32 = 32768; +pub const _NTO_CI_FULL_GROUPS: u32 = 2147483648; + +pub const _NTO_TI_ACTIVE: u32 = 1; +pub const _NTO_TI_ABSOLUTE: u32 = 2; +pub const _NTO_TI_EXPIRED: u32 = 4; +pub const _NTO_TI_TOD_BASED: u32 = 8; +pub const _NTO_TI_TARGET_PROCESS: u32 = 16; +pub const _NTO_TI_REPORT_TOLERANCE: u32 = 32; +pub const _NTO_TI_PRECISE: u32 = 64; +pub const _NTO_TI_TOLERANT: u32 = 128; +pub const _NTO_TI_WAKEUP: u32 = 256; +pub const _NTO_TI_PROCESS_TOLERANT: u32 = 512; +pub const _NTO_TI_HIGH_RESOLUTION: u32 = 1024; + +pub const _PULSE_TYPE: u32 = 0; +pub const _PULSE_SUBTYPE: u32 = 0; +pub const _PULSE_CODE_UNBLOCK: i32 = -32; +pub const _PULSE_CODE_DISCONNECT: i32 = -33; +pub const _PULSE_CODE_THREADDEATH: i32 = -34; +pub const _PULSE_CODE_COIDDEATH: i32 = -35; +pub const _PULSE_CODE_NET_ACK: i32 = -36; +pub const _PULSE_CODE_NET_UNBLOCK: i32 = -37; +pub const _PULSE_CODE_NET_DETACH: i32 = -38; +pub const _PULSE_CODE_RESTART: i32 = -39; +pub const _PULSE_CODE_NORESTART: i32 = -40; +pub const _PULSE_CODE_UNBLOCK_RESTART: i32 = -41; +pub const _PULSE_CODE_UNBLOCK_TIMER: i32 = -42; +pub const _PULSE_CODE_MINAVAIL: u32 = 0; +pub const _PULSE_CODE_MAXAVAIL: u32 = 127; + +pub const _NTO_HARD_FLAGS_END: u32 = 1; + +pub const _NTO_PULSE_IF_UNIQUE: u32 = 4096; +pub const _NTO_PULSE_REPLACE: u32 = 8192; + +pub const _NTO_PF_NOCLDSTOP: u32 = 1; +pub const _NTO_PF_LOADING: u32 = 2; +pub const _NTO_PF_TERMING: u32 = 4; +pub const _NTO_PF_ZOMBIE: u32 = 8; +pub const _NTO_PF_NOZOMBIE: u32 = 16; +pub const _NTO_PF_FORKED: u32 = 32; +pub const _NTO_PF_ORPHAN_PGRP: u32 = 64; +pub const _NTO_PF_STOPPED: u32 = 128; +pub const _NTO_PF_DEBUG_STOPPED: u32 = 256; +pub const _NTO_PF_BKGND_PGRP: u32 = 512; +pub const _NTO_PF_NOISYNC: u32 = 1024; +pub const _NTO_PF_CONTINUED: u32 = 2048; +pub const _NTO_PF_CHECK_INTR: u32 = 4096; +pub const _NTO_PF_COREDUMP: u32 = 8192; +pub const _NTO_PF_RING0: u32 = 32768; +pub const _NTO_PF_SLEADER: u32 = 65536; +pub const _NTO_PF_WAITINFO: u32 = 131072; +pub const _NTO_PF_DESTROYALL: u32 = 524288; +pub const _NTO_PF_NOCOREDUMP: u32 = 1048576; +pub const _NTO_PF_WAITDONE: u32 = 4194304; +pub const _NTO_PF_TERM_WAITING: u32 = 8388608; +pub const _NTO_PF_ASLR: u32 = 16777216; +pub const _NTO_PF_EXECED: u32 = 33554432; +pub const _NTO_PF_APP_STOPPED: u32 = 67108864; +pub const _NTO_PF_64BIT: u32 = 134217728; +pub const _NTO_PF_NET: u32 = 268435456; +pub const _NTO_PF_NOLAZYSTACK: u32 = 536870912; +pub const _NTO_PF_NOEXEC_STACK: u32 = 1073741824; +pub const _NTO_PF_LOADER_PERMS: u32 = 2147483648; + +pub const _NTO_TF_INTR_PENDING: u32 = 65536; +pub const _NTO_TF_DETACHED: u32 = 131072; +pub const _NTO_TF_SHR_MUTEX: u32 = 262144; +pub const _NTO_TF_SHR_MUTEX_EUID: u32 = 524288; +pub const _NTO_TF_THREADS_HOLD: u32 = 1048576; +pub const _NTO_TF_UNBLOCK_REQ: u32 = 4194304; +pub const _NTO_TF_ALIGN_FAULT: u32 = 16777216; +pub const _NTO_TF_SSTEP: u32 = 33554432; +pub const _NTO_TF_ALLOCED_STACK: u32 = 67108864; +pub const _NTO_TF_NOMULTISIG: u32 = 134217728; +pub const _NTO_TF_LOW_LATENCY: u32 = 268435456; +pub const _NTO_TF_IOPRIV: u32 = 2147483648; + +pub const _NTO_TCTL_IO_PRIV: u32 = 1; +pub const _NTO_TCTL_THREADS_HOLD: u32 = 2; +pub const _NTO_TCTL_THREADS_CONT: u32 = 3; +pub const _NTO_TCTL_RUNMASK: u32 = 4; +pub const _NTO_TCTL_ALIGN_FAULT: u32 = 5; +pub const _NTO_TCTL_RUNMASK_GET_AND_SET: u32 = 6; +pub const _NTO_TCTL_PERFCOUNT: u32 = 7; +pub const _NTO_TCTL_ONE_THREAD_HOLD: u32 = 8; +pub const _NTO_TCTL_ONE_THREAD_CONT: u32 = 9; +pub const _NTO_TCTL_RUNMASK_GET_AND_SET_INHERIT: u32 = 10; +pub const _NTO_TCTL_NAME: u32 = 11; +pub const _NTO_TCTL_RCM_GET_AND_SET: u32 = 12; +pub const _NTO_TCTL_SHR_MUTEX: u32 = 13; +pub const _NTO_TCTL_IO: u32 = 14; +pub const _NTO_TCTL_NET_KIF_GET_AND_SET: u32 = 15; +pub const _NTO_TCTL_LOW_LATENCY: u32 = 16; +pub const _NTO_TCTL_ADD_EXIT_EVENT: u32 = 17; +pub const _NTO_TCTL_DEL_EXIT_EVENT: u32 = 18; +pub const _NTO_TCTL_IO_LEVEL: u32 = 19; +pub const _NTO_TCTL_RESERVED: u32 = 2147483648; +pub const _NTO_TCTL_IO_LEVEL_INHERIT: u32 = 1073741824; +pub const _NTO_IO_LEVEL_NONE: u32 = 1; +pub const _NTO_IO_LEVEL_1: u32 = 2; +pub const _NTO_IO_LEVEL_2: u32 = 3; + +pub const _NTO_THREAD_NAME_MAX: u32 = 100; + +pub const _NTO_CHF_FIXED_PRIORITY: u32 = 1; +pub const _NTO_CHF_UNBLOCK: u32 = 2; +pub const _NTO_CHF_THREAD_DEATH: u32 = 4; +pub const _NTO_CHF_DISCONNECT: u32 = 8; +pub const _NTO_CHF_NET_MSG: u32 = 16; +pub const _NTO_CHF_SENDER_LEN: u32 = 32; +pub const _NTO_CHF_COID_DISCONNECT: u32 = 64; +pub const _NTO_CHF_REPLY_LEN: u32 = 128; +pub const _NTO_CHF_PULSE_POOL: u32 = 256; +pub const _NTO_CHF_ASYNC_NONBLOCK: u32 = 512; +pub const _NTO_CHF_ASYNC: u32 = 1024; +pub const _NTO_CHF_GLOBAL: u32 = 2048; +pub const _NTO_CHF_PRIVATE: u32 = 4096; +pub const _NTO_CHF_MSG_PAUSING: u32 = 8192; +pub const _NTO_CHF_INHERIT_RUNMASK: u32 = 16384; +pub const _NTO_CHF_UNBLOCK_TIMER: u32 = 32768; + +pub const _NTO_CHO_CUSTOM_EVENT: u32 = 1; + +pub const _NTO_COF_CLOEXEC: u32 = 1; +pub const _NTO_COF_DEAD: u32 = 2; +pub const _NTO_COF_NOSHARE: u32 = 64; +pub const _NTO_COF_NETCON: u32 = 128; +pub const _NTO_COF_NONBLOCK: u32 = 256; +pub const _NTO_COF_ASYNC: u32 = 512; +pub const _NTO_COF_GLOBAL: u32 = 1024; +pub const _NTO_COF_NOEVENT: u32 = 2048; +pub const _NTO_COF_INSECURE: u32 = 4096; +pub const _NTO_COF_REG_EVENTS: u32 = 8192; +pub const _NTO_COF_UNREG_EVENTS: u32 = 16384; +pub const _NTO_COF_MASK: u32 = 65535; + +pub const _NTO_SIDE_CHANNEL: u32 = 1073741824; + +pub const _NTO_CONNECTION_SCOID: u32 = 65536; +pub const _NTO_GLOBAL_CHANNEL: u32 = 1073741824; + +pub const _NTO_TIMEOUT_MASK: u32 = (1 << STATE_MAX) - 1; +pub const _NTO_TIMEOUT_ACTIVE: u32 = 1 << STATE_MAX; +pub const _NTO_TIMEOUT_IMMEDIATE: u32 = 1 << (STATE_MAX + 1); + +pub const _NTO_IC_LATENCY: u32 = 0; + +pub const _NTO_INTR_FLAGS_END: u32 = 1; +pub const _NTO_INTR_FLAGS_NO_UNMASK: u32 = 2; +pub const _NTO_INTR_FLAGS_PROCESS: u32 = 4; +pub const _NTO_INTR_FLAGS_TRK_MSK: u32 = 8; +pub const _NTO_INTR_FLAGS_ARRAY: u32 = 16; +pub const _NTO_INTR_FLAGS_EXCLUSIVE: u32 = 32; +pub const _NTO_INTR_FLAGS_FPU: u32 = 64; + +pub const _NTO_INTR_CLASS_EXTERNAL: u32 = 0; +pub const _NTO_INTR_CLASS_SYNTHETIC: u32 = 2147418112; + +pub const _NTO_INTR_SPARE: u32 = 2147483647; + +pub const _NTO_HOOK_IDLE: u32 = 2147418113; +pub const _NTO_HOOK_OVERDRIVE: u32 = 2147418114; +pub const _NTO_HOOK_LAST: u32 = 2147418114; +pub const _NTO_HOOK_IDLE2_FLAG: u32 = 32768; + +pub const _NTO_IH_CMD_SLEEP_SETUP: u32 = 1; +pub const _NTO_IH_CMD_SLEEP_BLOCK: u32 = 2; +pub const _NTO_IH_CMD_SLEEP_WAKEUP: u32 = 4; +pub const _NTO_IH_CMD_SLEEP_ONLINE: u32 = 8; +pub const _NTO_IH_RESP_NEEDS_BLOCK: u32 = 1; +pub const _NTO_IH_RESP_NEEDS_WAKEUP: u32 = 2; +pub const _NTO_IH_RESP_NEEDS_ONLINE: u32 = 4; +pub const _NTO_IH_RESP_SYNC_TIME: u32 = 16; +pub const _NTO_IH_RESP_SYNC_TLB: u32 = 32; +pub const _NTO_IH_RESP_SUGGEST_OFFLINE: u32 = 256; +pub const _NTO_IH_RESP_SLEEP_MODE_REACHED: u32 = 512; +pub const _NTO_IH_RESP_DELIVER_INTRS: u32 = 1024; + +pub const _NTO_READIOV_SEND: u32 = 0; +pub const _NTO_READIOV_REPLY: u32 = 1; + +pub const _NTO_KEYDATA_VTID: u32 = 2147483648; + +pub const _NTO_KEYDATA_PATHSIGN: u32 = 32768; +pub const _NTO_KEYDATA_OP_MASK: u32 = 255; +pub const _NTO_KEYDATA_VERIFY: u32 = 0; +pub const _NTO_KEYDATA_CALCULATE: u32 = 1; +pub const _NTO_KEYDATA_CALCULATE_REUSE: u32 = 2; +pub const _NTO_KEYDATA_PATHSIGN_VERIFY: u32 = 32768; +pub const _NTO_KEYDATA_PATHSIGN_CALCULATE: u32 = 32769; +pub const _NTO_KEYDATA_PATHSIGN_CALCULATE_REUSE: u32 = 32770; + +pub const _NTO_SCTL_SETPRIOCEILING: u32 = 1; +pub const _NTO_SCTL_GETPRIOCEILING: u32 = 2; +pub const _NTO_SCTL_SETEVENT: u32 = 3; +pub const _NTO_SCTL_MUTEX_WAKEUP: u32 = 4; +pub const _NTO_SCTL_MUTEX_CONSISTENT: u32 = 5; +pub const _NTO_SCTL_SEM_VALUE: u32 = 6; + +pub const _NTO_CLIENTINFO_GETGROUPS: u32 = 1; +pub const _NTO_CLIENTINFO_GETTYPEID: u32 = 2; + +extern "C" { + pub fn ChannelCreate(__flags: ::c_uint) -> ::c_int; + pub fn ChannelCreate_r(__flags: ::c_uint) -> ::c_int; + pub fn ChannelCreatePulsePool( + __flags: ::c_uint, + __config: *const nto_channel_config, + ) -> ::c_int; + pub fn ChannelCreateExt( + __flags: ::c_uint, + __mode: ::mode_t, + __bufsize: usize, + __maxnumbuf: ::c_uint, + __ev: *const ::sigevent, + __cred: *mut _cred_info, + ) -> ::c_int; + pub fn ChannelDestroy(__chid: ::c_int) -> ::c_int; + pub fn ChannelDestroy_r(__chid: ::c_int) -> ::c_int; + pub fn ConnectAttach( + __nd: u32, + __pid: ::pid_t, + __chid: ::c_int, + __index: ::c_uint, + __flags: ::c_int, + ) -> ::c_int; + pub fn ConnectAttach_r( + __nd: u32, + __pid: ::pid_t, + __chid: ::c_int, + __index: ::c_uint, + __flags: ::c_int, + ) -> ::c_int; + + // TODO: The following function uses a structure defined in a header file + // which doesn't appear as part of the default headers found in a + // standard installation of Neutrino 7.1 SDP. Commented out for now. + //pub fn ConnectAttachExt( + // __nd: u32, + // __pid: ::pid_t, + // __chid: ::c_int, + // __index: ::c_uint, + // __flags: ::c_int, + // __cd: *mut _asyncmsg_connection_descriptor, + //) -> ::c_int; + pub fn ConnectDetach(__coid: ::c_int) -> ::c_int; + pub fn ConnectDetach_r(__coid: ::c_int) -> ::c_int; + pub fn ConnectServerInfo(__pid: ::pid_t, __coid: ::c_int, __info: *mut _msg_info64) -> ::c_int; + pub fn ConnectServerInfo_r( + __pid: ::pid_t, + __coid: ::c_int, + __info: *mut _msg_info64, + ) -> ::c_int; + pub fn ConnectClientInfoExtraArgs( + __scoid: ::c_int, + __info_pp: *mut _client_info, + __ngroups: ::c_int, + __abilities: *mut _client_able, + __nable: ::c_int, + __type_id: *mut ::c_uint, + ) -> ::c_int; + pub fn ConnectClientInfoExtraArgs_r( + __scoid: ::c_int, + __info_pp: *mut _client_info, + __ngroups: ::c_int, + __abilities: *mut _client_able, + __nable: ::c_int, + __type_id: *mut ::c_uint, + ) -> ::c_int; + pub fn ConnectClientInfo( + __scoid: ::c_int, + __info: *mut _client_info, + __ngroups: ::c_int, + ) -> ::c_int; + pub fn ConnectClientInfo_r( + __scoid: ::c_int, + __info: *mut _client_info, + __ngroups: ::c_int, + ) -> ::c_int; + pub fn ConnectClientInfoExt( + __scoid: ::c_int, + __info_pp: *mut *mut _client_info, + flags: ::c_int, + ) -> ::c_int; + pub fn ClientInfoExtFree(__info_pp: *mut *mut _client_info) -> ::c_int; + pub fn ConnectClientInfoAble( + __scoid: ::c_int, + __info_pp: *mut *mut _client_info, + flags: ::c_int, + abilities: *mut _client_able, + nable: ::c_int, + ) -> ::c_int; + pub fn ConnectFlags( + __pid: ::pid_t, + __coid: ::c_int, + __mask: ::c_uint, + __bits: ::c_uint, + ) -> ::c_int; + pub fn ConnectFlags_r( + __pid: ::pid_t, + __coid: ::c_int, + __mask: ::c_uint, + __bits: ::c_uint, + ) -> ::c_int; + pub fn ChannelConnectAttr( + __id: ::c_uint, + __old_attr: *mut _channel_connect_attr, + __new_attr: *mut _channel_connect_attr, + __flags: ::c_uint, + ) -> ::c_int; + pub fn MsgSend( + __coid: ::c_int, + __smsg: *const ::c_void, + __sbytes: usize, + __rmsg: *mut ::c_void, + __rbytes: usize, + ) -> ::c_long; + pub fn MsgSend_r( + __coid: ::c_int, + __smsg: *const ::c_void, + __sbytes: usize, + __rmsg: *mut ::c_void, + __rbytes: usize, + ) -> ::c_long; + pub fn MsgSendnc( + __coid: ::c_int, + __smsg: *const ::c_void, + __sbytes: usize, + __rmsg: *mut ::c_void, + __rbytes: usize, + ) -> ::c_long; + pub fn MsgSendnc_r( + __coid: ::c_int, + __smsg: *const ::c_void, + __sbytes: usize, + __rmsg: *mut ::c_void, + __rbytes: usize, + ) -> ::c_long; + pub fn MsgSendsv( + __coid: ::c_int, + __smsg: *const ::c_void, + __sbytes: usize, + __riov: *const ::iovec, + __rparts: usize, + ) -> ::c_long; + pub fn MsgSendsv_r( + __coid: ::c_int, + __smsg: *const ::c_void, + __sbytes: usize, + __riov: *const ::iovec, + __rparts: usize, + ) -> ::c_long; + pub fn MsgSendsvnc( + __coid: ::c_int, + __smsg: *const ::c_void, + __sbytes: usize, + __riov: *const ::iovec, + __rparts: usize, + ) -> ::c_long; + pub fn MsgSendsvnc_r( + __coid: ::c_int, + __smsg: *const ::c_void, + __sbytes: usize, + __riov: *const ::iovec, + __rparts: usize, + ) -> ::c_long; + pub fn MsgSendvs( + __coid: ::c_int, + __siov: *const ::iovec, + __sparts: usize, + __rmsg: *mut ::c_void, + __rbytes: usize, + ) -> ::c_long; + pub fn MsgSendvs_r( + __coid: ::c_int, + __siov: *const ::iovec, + __sparts: usize, + __rmsg: *mut ::c_void, + __rbytes: usize, + ) -> ::c_long; + pub fn MsgSendvsnc( + __coid: ::c_int, + __siov: *const ::iovec, + __sparts: usize, + __rmsg: *mut ::c_void, + __rbytes: usize, + ) -> ::c_long; + pub fn MsgSendvsnc_r( + __coid: ::c_int, + __siov: *const ::iovec, + __sparts: usize, + __rmsg: *mut ::c_void, + __rbytes: usize, + ) -> ::c_long; + pub fn MsgSendv( + __coid: ::c_int, + __siov: *const ::iovec, + __sparts: usize, + __riov: *const ::iovec, + __rparts: usize, + ) -> ::c_long; + pub fn MsgSendv_r( + __coid: ::c_int, + __siov: *const ::iovec, + __sparts: usize, + __riov: *const ::iovec, + __rparts: usize, + ) -> ::c_long; + pub fn MsgSendvnc( + __coid: ::c_int, + __siov: *const ::iovec, + __sparts: usize, + __riov: *const ::iovec, + __rparts: usize, + ) -> ::c_long; + pub fn MsgSendvnc_r( + __coid: ::c_int, + __siov: *const ::iovec, + __sparts: usize, + __riov: *const ::iovec, + __rparts: usize, + ) -> ::c_long; + pub fn MsgReceive( + __chid: ::c_int, + __msg: *mut ::c_void, + __bytes: usize, + __info: *mut _msg_info64, + ) -> ::c_int; + pub fn MsgReceive_r( + __chid: ::c_int, + __msg: *mut ::c_void, + __bytes: usize, + __info: *mut _msg_info64, + ) -> ::c_int; + pub fn MsgReceivev( + __chid: ::c_int, + __iov: *const ::iovec, + __parts: usize, + __info: *mut _msg_info64, + ) -> ::c_int; + pub fn MsgReceivev_r( + __chid: ::c_int, + __iov: *const ::iovec, + __parts: usize, + __info: *mut _msg_info64, + ) -> ::c_int; + pub fn MsgReceivePulse( + __chid: ::c_int, + __pulse: *mut ::c_void, + __bytes: usize, + __info: *mut _msg_info64, + ) -> ::c_int; + pub fn MsgReceivePulse_r( + __chid: ::c_int, + __pulse: *mut ::c_void, + __bytes: usize, + __info: *mut _msg_info64, + ) -> ::c_int; + pub fn MsgReceivePulsev( + __chid: ::c_int, + __iov: *const ::iovec, + __parts: usize, + __info: *mut _msg_info64, + ) -> ::c_int; + pub fn MsgReceivePulsev_r( + __chid: ::c_int, + __iov: *const ::iovec, + __parts: usize, + __info: *mut _msg_info64, + ) -> ::c_int; + pub fn MsgReply( + __rcvid: ::c_int, + __status: ::c_long, + __msg: *const ::c_void, + __bytes: usize, + ) -> ::c_int; + pub fn MsgReply_r( + __rcvid: ::c_int, + __status: ::c_long, + __msg: *const ::c_void, + __bytes: usize, + ) -> ::c_int; + pub fn MsgReplyv( + __rcvid: ::c_int, + __status: ::c_long, + __iov: *const ::iovec, + __parts: usize, + ) -> ::c_int; + pub fn MsgReplyv_r( + __rcvid: ::c_int, + __status: ::c_long, + __iov: *const ::iovec, + __parts: usize, + ) -> ::c_int; + pub fn MsgReadiov( + __rcvid: ::c_int, + __iov: *const ::iovec, + __parts: usize, + __offset: usize, + __flags: ::c_int, + ) -> isize; + pub fn MsgReadiov_r( + __rcvid: ::c_int, + __iov: *const ::iovec, + __parts: usize, + __offset: usize, + __flags: ::c_int, + ) -> isize; + pub fn MsgRead( + __rcvid: ::c_int, + __msg: *mut ::c_void, + __bytes: usize, + __offset: usize, + ) -> isize; + pub fn MsgRead_r( + __rcvid: ::c_int, + __msg: *mut ::c_void, + __bytes: usize, + __offset: usize, + ) -> isize; + pub fn MsgReadv( + __rcvid: ::c_int, + __iov: *const ::iovec, + __parts: usize, + __offset: usize, + ) -> isize; + pub fn MsgReadv_r( + __rcvid: ::c_int, + __iov: *const ::iovec, + __parts: usize, + __offset: usize, + ) -> isize; + pub fn MsgWrite( + __rcvid: ::c_int, + __msg: *const ::c_void, + __bytes: usize, + __offset: usize, + ) -> isize; + pub fn MsgWrite_r( + __rcvid: ::c_int, + __msg: *const ::c_void, + __bytes: usize, + __offset: usize, + ) -> isize; + pub fn MsgWritev( + __rcvid: ::c_int, + __iov: *const ::iovec, + __parts: usize, + __offset: usize, + ) -> isize; + pub fn MsgWritev_r( + __rcvid: ::c_int, + __iov: *const ::iovec, + __parts: usize, + __offset: usize, + ) -> isize; + pub fn MsgSendPulse( + __coid: ::c_int, + __priority: ::c_int, + __code: ::c_int, + __value: ::c_int, + ) -> ::c_int; + pub fn MsgSendPulse_r( + __coid: ::c_int, + __priority: ::c_int, + __code: ::c_int, + __value: ::c_int, + ) -> ::c_int; + pub fn MsgSendPulsePtr( + __coid: ::c_int, + __priority: ::c_int, + __code: ::c_int, + __value: *mut ::c_void, + ) -> ::c_int; + pub fn MsgSendPulsePtr_r( + __coid: ::c_int, + __priority: ::c_int, + __code: ::c_int, + __value: *mut ::c_void, + ) -> ::c_int; + pub fn MsgDeliverEvent(__rcvid: ::c_int, __event: *const ::sigevent) -> ::c_int; + pub fn MsgDeliverEvent_r(__rcvid: ::c_int, __event: *const ::sigevent) -> ::c_int; + pub fn MsgVerifyEvent(__rcvid: ::c_int, __event: *const ::sigevent) -> ::c_int; + pub fn MsgVerifyEvent_r(__rcvid: ::c_int, __event: *const ::sigevent) -> ::c_int; + pub fn MsgRegisterEvent(__event: *mut ::sigevent, __coid: ::c_int) -> ::c_int; + pub fn MsgRegisterEvent_r(__event: *mut ::sigevent, __coid: ::c_int) -> ::c_int; + pub fn MsgUnregisterEvent(__event: *const ::sigevent) -> ::c_int; + pub fn MsgUnregisterEvent_r(__event: *const ::sigevent) -> ::c_int; + pub fn MsgInfo(__rcvid: ::c_int, __info: *mut _msg_info64) -> ::c_int; + pub fn MsgInfo_r(__rcvid: ::c_int, __info: *mut _msg_info64) -> ::c_int; + pub fn MsgKeyData( + __rcvid: ::c_int, + __oper: ::c_int, + __key: u32, + __newkey: *mut u32, + __iov: *const ::iovec, + __parts: ::c_int, + ) -> ::c_int; + pub fn MsgKeyData_r( + __rcvid: ::c_int, + __oper: ::c_int, + __key: u32, + __newkey: *mut u32, + __iov: *const ::iovec, + __parts: ::c_int, + ) -> ::c_int; + pub fn MsgError(__rcvid: ::c_int, __err: ::c_int) -> ::c_int; + pub fn MsgError_r(__rcvid: ::c_int, __err: ::c_int) -> ::c_int; + pub fn MsgCurrent(__rcvid: ::c_int) -> ::c_int; + pub fn MsgCurrent_r(__rcvid: ::c_int) -> ::c_int; + pub fn MsgSendAsyncGbl( + __coid: ::c_int, + __smsg: *const ::c_void, + __sbytes: usize, + __msg_prio: ::c_uint, + ) -> ::c_int; + pub fn MsgSendAsync(__coid: ::c_int) -> ::c_int; + pub fn MsgReceiveAsyncGbl( + __chid: ::c_int, + __rmsg: *mut ::c_void, + __rbytes: usize, + __info: *mut _msg_info64, + __coid: ::c_int, + ) -> ::c_int; + pub fn MsgReceiveAsync(__chid: ::c_int, __iov: *const ::iovec, __parts: ::c_uint) -> ::c_int; + pub fn MsgPause(__rcvid: ::c_int, __cookie: ::c_uint) -> ::c_int; + pub fn MsgPause_r(__rcvid: ::c_int, __cookie: ::c_uint) -> ::c_int; + + pub fn SignalKill( + __nd: u32, + __pid: ::pid_t, + __tid: ::c_int, + __signo: ::c_int, + __code: ::c_int, + __value: ::c_int, + ) -> ::c_int; + pub fn SignalKill_r( + __nd: u32, + __pid: ::pid_t, + __tid: ::c_int, + __signo: ::c_int, + __code: ::c_int, + __value: ::c_int, + ) -> ::c_int; + pub fn SignalKillSigval( + __nd: u32, + __pid: ::pid_t, + __tid: ::c_int, + __signo: ::c_int, + __code: ::c_int, + __value: *const ::sigval, + ) -> ::c_int; + pub fn SignalKillSigval_r( + __nd: u32, + __pid: ::pid_t, + __tid: ::c_int, + __signo: ::c_int, + __code: ::c_int, + __value: *const ::sigval, + ) -> ::c_int; + pub fn SignalReturn(__info: *mut _sighandler_info) -> ::c_int; + pub fn SignalFault(__sigcode: ::c_uint, __regs: *mut ::c_void, __refaddr: usize) -> ::c_int; + pub fn SignalAction( + __pid: ::pid_t, + __sigstub: unsafe extern "C" fn(), + __signo: ::c_int, + __act: *const ::sigaction, + __oact: *mut ::sigaction, + ) -> ::c_int; + pub fn SignalAction_r( + __pid: ::pid_t, + __sigstub: unsafe extern "C" fn(), + __signo: ::c_int, + __act: *const ::sigaction, + __oact: *mut ::sigaction, + ) -> ::c_int; + pub fn SignalProcmask( + __pid: ::pid_t, + __tid: ::c_int, + __how: ::c_int, + __set: *const ::sigset_t, + __oldset: *mut ::sigset_t, + ) -> ::c_int; + pub fn SignalProcmask_r( + __pid: ::pid_t, + __tid: ::c_int, + __how: ::c_int, + __set: *const ::sigset_t, + __oldset: *mut ::sigset_t, + ) -> ::c_int; + pub fn SignalSuspend(__set: *const ::sigset_t) -> ::c_int; + pub fn SignalSuspend_r(__set: *const ::sigset_t) -> ::c_int; + pub fn SignalWaitinfo(__set: *const ::sigset_t, __info: *mut ::siginfo_t) -> ::c_int; + pub fn SignalWaitinfo_r(__set: *const ::sigset_t, __info: *mut ::siginfo_t) -> ::c_int; + pub fn SignalWaitinfoMask( + __set: *const ::sigset_t, + __info: *mut ::siginfo_t, + __mask: *const ::sigset_t, + ) -> ::c_int; + pub fn SignalWaitinfoMask_r( + __set: *const ::sigset_t, + __info: *mut ::siginfo_t, + __mask: *const ::sigset_t, + ) -> ::c_int; + pub fn ThreadCreate( + __pid: ::pid_t, + __func: unsafe extern "C" fn(__arg: *mut ::c_void) -> *mut ::c_void, + __arg: *mut ::c_void, + __attr: *const ::_thread_attr, + ) -> ::c_int; + pub fn ThreadCreate_r( + __pid: ::pid_t, + __func: unsafe extern "C" fn(__arg: *mut ::c_void) -> *mut ::c_void, + __arg: *mut ::c_void, + __attr: *const ::_thread_attr, + ) -> ::c_int; + + pub fn ThreadDestroy(__tid: ::c_int, __priority: ::c_int, __status: *mut ::c_void) -> ::c_int; + pub fn ThreadDestroy_r(__tid: ::c_int, __priority: ::c_int, __status: *mut ::c_void) + -> ::c_int; + pub fn ThreadDetach(__tid: ::c_int) -> ::c_int; + pub fn ThreadDetach_r(__tid: ::c_int) -> ::c_int; + pub fn ThreadJoin(__tid: ::c_int, __status: *mut *mut ::c_void) -> ::c_int; + pub fn ThreadJoin_r(__tid: ::c_int, __status: *mut *mut ::c_void) -> ::c_int; + pub fn ThreadCancel(__tid: ::c_int, __canstub: unsafe extern "C" fn()) -> ::c_int; + pub fn ThreadCancel_r(__tid: ::c_int, __canstub: unsafe extern "C" fn()) -> ::c_int; + pub fn ThreadCtl(__cmd: ::c_int, __data: *mut ::c_void) -> ::c_int; + pub fn ThreadCtl_r(__cmd: ::c_int, __data: *mut ::c_void) -> ::c_int; + pub fn ThreadCtlExt( + __pid: ::pid_t, + __tid: ::c_int, + __cmd: ::c_int, + __data: *mut ::c_void, + ) -> ::c_int; + pub fn ThreadCtlExt_r( + __pid: ::pid_t, + __tid: ::c_int, + __cmd: ::c_int, + __data: *mut ::c_void, + ) -> ::c_int; + + pub fn InterruptHookTrace( + __handler: ::Option *const ::sigevent>, + __flags: ::c_uint, + ) -> ::c_int; + pub fn InterruptHookIdle( + __handler: ::Option, + __flags: ::c_uint, + ) -> ::c_int; + pub fn InterruptHookIdle2( + __handler: ::Option< + unsafe extern "C" fn(arg1: ::c_uint, arg2: *mut syspage_entry, arg3: *mut _idle_hook), + >, + __flags: ::c_uint, + ) -> ::c_int; + pub fn InterruptHookOverdriveEvent(__event: *const ::sigevent, __flags: ::c_uint) -> ::c_int; + pub fn InterruptAttachEvent( + __intr: ::c_int, + __event: *const ::sigevent, + __flags: ::c_uint, + ) -> ::c_int; + pub fn InterruptAttachEvent_r( + __intr: ::c_int, + __event: *const ::sigevent, + __flags: ::c_uint, + ) -> ::c_int; + pub fn InterruptAttach( + __intr: ::c_int, + __handler: ::Option< + unsafe extern "C" fn(__area: *mut ::c_void, __id: ::c_int) -> *const ::sigevent, + >, + __area: *const ::c_void, + __size: ::c_int, + __flags: ::c_uint, + ) -> ::c_int; + pub fn InterruptAttach_r( + __intr: ::c_int, + __handler: ::Option< + unsafe extern "C" fn(__area: *mut ::c_void, __id: ::c_int) -> *const ::sigevent, + >, + __area: *const ::c_void, + __size: ::c_int, + __flags: ::c_uint, + ) -> ::c_int; + pub fn InterruptAttachArray( + __intr: ::c_int, + __handler: ::Option< + unsafe extern "C" fn(__area: *mut ::c_void, __id: ::c_int) -> *const *const ::sigevent, + >, + __area: *const ::c_void, + __size: ::c_int, + __flags: ::c_uint, + ) -> ::c_int; + pub fn InterruptAttachArray_r( + __intr: ::c_int, + __handler: ::Option< + unsafe extern "C" fn(__area: *mut ::c_void, __id: ::c_int) -> *const *const ::sigevent, + >, + __area: *const ::c_void, + __size: ::c_int, + __flags: ::c_uint, + ) -> ::c_int; + pub fn InterruptDetach(__id: ::c_int) -> ::c_int; + pub fn InterruptDetach_r(__id: ::c_int) -> ::c_int; + pub fn InterruptWait(__flags: ::c_int, __timeout: *const u64) -> ::c_int; + pub fn InterruptWait_r(__flags: ::c_int, __timeout: *const u64) -> ::c_int; + pub fn InterruptCharacteristic( + __type: ::c_int, + __id: ::c_int, + __new: *mut ::c_uint, + __old: *mut ::c_uint, + ) -> ::c_int; + pub fn InterruptCharacteristic_r( + __type: ::c_int, + __id: ::c_int, + __new: *mut ::c_uint, + __old: *mut ::c_uint, + ) -> ::c_int; + + pub fn SchedGet(__pid: ::pid_t, __tid: ::c_int, __param: *mut ::sched_param) -> ::c_int; + pub fn SchedGet_r(__pid: ::pid_t, __tid: ::c_int, __param: *mut ::sched_param) -> ::c_int; + pub fn SchedGetCpuNum() -> ::c_uint; + pub fn SchedSet( + __pid: ::pid_t, + __tid: ::c_int, + __algorithm: ::c_int, + __param: *const ::sched_param, + ) -> ::c_int; + pub fn SchedSet_r( + __pid: ::pid_t, + __tid: ::c_int, + __algorithm: ::c_int, + __param: *const ::sched_param, + ) -> ::c_int; + pub fn SchedInfo(__pid: ::pid_t, __algorithm: ::c_int, __info: *mut ::_sched_info) -> ::c_int; + pub fn SchedInfo_r(__pid: ::pid_t, __algorithm: ::c_int, __info: *mut ::_sched_info) + -> ::c_int; + pub fn SchedYield() -> ::c_int; + pub fn SchedYield_r() -> ::c_int; + pub fn SchedCtl(__cmd: ::c_int, __data: *mut ::c_void, __length: usize) -> ::c_int; + pub fn SchedCtl_r(__cmd: ::c_int, __data: *mut ::c_void, __length: usize) -> ::c_int; + pub fn SchedJobCreate(__job: *mut nto_job_t) -> ::c_int; + pub fn SchedJobCreate_r(__job: *mut nto_job_t) -> ::c_int; + pub fn SchedJobDestroy(__job: *mut nto_job_t) -> ::c_int; + pub fn SchedJobDestroy_r(__job: *mut nto_job_t) -> ::c_int; + pub fn SchedWaypoint( + __job: *mut nto_job_t, + __new: *const i64, + __max: *const i64, + __old: *mut i64, + ) -> ::c_int; + pub fn SchedWaypoint_r( + __job: *mut nto_job_t, + __new: *const i64, + __max: *const i64, + __old: *mut i64, + ) -> ::c_int; + + pub fn TimerCreate(__id: ::clockid_t, __notify: *const ::sigevent) -> ::c_int; + pub fn TimerCreate_r(__id: ::clockid_t, __notify: *const ::sigevent) -> ::c_int; + pub fn TimerDestroy(__id: ::timer_t) -> ::c_int; + pub fn TimerDestroy_r(__id: ::timer_t) -> ::c_int; + pub fn TimerSettime( + __id: ::timer_t, + __flags: ::c_int, + __itime: *const ::_itimer, + __oitime: *mut ::_itimer, + ) -> ::c_int; + pub fn TimerSettime_r( + __id: ::timer_t, + __flags: ::c_int, + __itime: *const ::_itimer, + __oitime: *mut ::_itimer, + ) -> ::c_int; + pub fn TimerInfo( + __pid: ::pid_t, + __id: ::timer_t, + __flags: ::c_int, + __info: *mut ::_timer_info, + ) -> ::c_int; + pub fn TimerInfo_r( + __pid: ::pid_t, + __id: ::timer_t, + __flags: ::c_int, + __info: *mut ::_timer_info, + ) -> ::c_int; + pub fn TimerAlarm( + __id: ::clockid_t, + __itime: *const ::_itimer, + __otime: *mut ::_itimer, + ) -> ::c_int; + pub fn TimerAlarm_r( + __id: ::clockid_t, + __itime: *const ::_itimer, + __otime: *mut ::_itimer, + ) -> ::c_int; + pub fn TimerTimeout( + __id: ::clockid_t, + __flags: ::c_int, + __notify: *const ::sigevent, + __ntime: *const u64, + __otime: *mut u64, + ) -> ::c_int; + pub fn TimerTimeout_r( + __id: ::clockid_t, + __flags: ::c_int, + __notify: *const ::sigevent, + __ntime: *const u64, + __otime: *mut u64, + ) -> ::c_int; + + pub fn SyncTypeCreate( + __type: ::c_uint, + __sync: *mut ::sync_t, + __attr: *const ::_sync_attr, + ) -> ::c_int; + pub fn SyncTypeCreate_r( + __type: ::c_uint, + __sync: *mut ::sync_t, + __attr: *const ::_sync_attr, + ) -> ::c_int; + pub fn SyncDestroy(__sync: *mut ::sync_t) -> ::c_int; + pub fn SyncDestroy_r(__sync: *mut ::sync_t) -> ::c_int; + pub fn SyncCtl(__cmd: ::c_int, __sync: *mut ::sync_t, __data: *mut ::c_void) -> ::c_int; + pub fn SyncCtl_r(__cmd: ::c_int, __sync: *mut ::sync_t, __data: *mut ::c_void) -> ::c_int; + pub fn SyncMutexEvent(__sync: *mut ::sync_t, event: *const ::sigevent) -> ::c_int; + pub fn SyncMutexEvent_r(__sync: *mut ::sync_t, event: *const ::sigevent) -> ::c_int; + pub fn SyncMutexLock(__sync: *mut ::sync_t) -> ::c_int; + pub fn SyncMutexLock_r(__sync: *mut ::sync_t) -> ::c_int; + pub fn SyncMutexUnlock(__sync: *mut ::sync_t) -> ::c_int; + pub fn SyncMutexUnlock_r(__sync: *mut ::sync_t) -> ::c_int; + pub fn SyncMutexRevive(__sync: *mut ::sync_t) -> ::c_int; + pub fn SyncMutexRevive_r(__sync: *mut ::sync_t) -> ::c_int; + pub fn SyncCondvarWait(__sync: *mut ::sync_t, __mutex: *mut ::sync_t) -> ::c_int; + pub fn SyncCondvarWait_r(__sync: *mut ::sync_t, __mutex: *mut ::sync_t) -> ::c_int; + pub fn SyncCondvarSignal(__sync: *mut ::sync_t, __all: ::c_int) -> ::c_int; + pub fn SyncCondvarSignal_r(__sync: *mut ::sync_t, __all: ::c_int) -> ::c_int; + pub fn SyncSemPost(__sync: *mut ::sync_t) -> ::c_int; + pub fn SyncSemPost_r(__sync: *mut ::sync_t) -> ::c_int; + pub fn SyncSemWait(__sync: *mut ::sync_t, __tryto: ::c_int) -> ::c_int; + pub fn SyncSemWait_r(__sync: *mut ::sync_t, __tryto: ::c_int) -> ::c_int; + + pub fn ClockTime(__id: ::clockid_t, _new: *const u64, __old: *mut u64) -> ::c_int; + pub fn ClockTime_r(__id: ::clockid_t, _new: *const u64, __old: *mut u64) -> ::c_int; + pub fn ClockAdjust( + __id: ::clockid_t, + _new: *const ::_clockadjust, + __old: *mut ::_clockadjust, + ) -> ::c_int; + pub fn ClockAdjust_r( + __id: ::clockid_t, + _new: *const ::_clockadjust, + __old: *mut ::_clockadjust, + ) -> ::c_int; + pub fn ClockPeriod( + __id: ::clockid_t, + _new: *const ::_clockperiod, + __old: *mut ::_clockperiod, + __reserved: ::c_int, + ) -> ::c_int; + pub fn ClockPeriod_r( + __id: ::clockid_t, + _new: *const ::_clockperiod, + __old: *mut ::_clockperiod, + __reserved: ::c_int, + ) -> ::c_int; + pub fn ClockId(__pid: ::pid_t, __tid: ::c_int) -> ::c_int; + pub fn ClockId_r(__pid: ::pid_t, __tid: ::c_int) -> ::c_int; + + // + //TODO: The following commented out functions are implemented in assembly. + // We can implmement them either via a C stub or rust's inline assembly. + // + //pub fn InterruptEnable(); + //pub fn InterruptDisable(); + pub fn InterruptMask(__intr: ::c_int, __id: ::c_int) -> ::c_int; + pub fn InterruptUnmask(__intr: ::c_int, __id: ::c_int) -> ::c_int; + //pub fn InterruptLock(__spin: *mut ::intrspin); + //pub fn InterruptUnlock(__spin: *mut ::intrspin); + //pub fn InterruptStatus() -> ::c_uint; +} diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/nto/x86_64.rs suricata-6.0.10/rust/vendor/libc/src/unix/nto/x86_64.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/nto/x86_64.rs 1970-01-01 00:00:00.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/nto/x86_64.rs 2023-01-31 06:31:40.000000000 +0000 @@ -0,0 +1,132 @@ +pub type c_char = i8; +pub type wchar_t = u32; +pub type c_long = i64; +pub type c_ulong = u64; +pub type time_t = i64; + +s! { + #[repr(align(8))] + pub struct x86_64_cpu_registers { + pub rdi: u64, + pub rsi: u64, + pub rdx: u64, + pub r10: u64, + pub r8: u64, + pub r9: u64, + pub rax: u64, + pub rbx: u64, + pub rbp: u64, + pub rcx: u64, + pub r11: u64, + pub r12: u64, + pub r13: u64, + pub r14: u64, + pub r15: u64, + pub rip: u64, + pub cs: u32, + rsvd1: u32, + pub rflags: u64, + pub rsp: u64, + pub ss: u32, + rsvd2: u32, + } + + #[repr(align(8))] + pub struct mcontext_t { + pub cpu: x86_64_cpu_registers, + #[cfg(libc_union)] + pub fpu: x86_64_fpu_registers, + #[cfg(not(libc_union))] + __reserved: [u8; 1024], + } + + pub struct stack_t { + pub ss_sp: *mut ::c_void, + pub ss_size: ::size_t, + pub ss_flags: ::c_int, + } + + pub struct fsave_area_64 { + pub fpu_control_word: u32, + pub fpu_status_word: u32, + pub fpu_tag_word: u32, + pub fpu_ip: u32, + pub fpu_cs: u32, + pub fpu_op: u32, + pub fpu_ds: u32, + pub st_regs: [u8; 80], + } + + pub struct fxsave_area_64 { + pub fpu_control_word: u16, + pub fpu_status_word: u16, + pub fpu_tag_word: u16, + pub fpu_operand: u16, + pub fpu_rip: u64, + pub fpu_rdp: u64, + pub mxcsr: u32, + pub mxcsr_mask: u32, + pub st_regs: [u8; 128], + pub xmm_regs: [u8; 128], + reserved2: [u8; 224], + } + + pub struct fpu_extention_savearea_64 { + pub other: [u8; 512], + pub xstate_bv: u64, + pub xstate_undef: [u64; 7], + pub xstate_info: [u8; 224], + } +} + +s_no_extra_traits! { + #[cfg(libc_union)] + pub union x86_64_fpu_registers { + pub fsave_area: fsave_area_64, + pub fxsave_area: fxsave_area_64, + pub xsave_area: fpu_extention_savearea_64, + pub data: [u8; 1024], + } +} + +cfg_if! { + if #[cfg(feature = "extra_traits")] { + #[cfg(libc_union)] + impl Eq for x86_64_fpu_registers {} + + #[cfg(libc_union)] + impl PartialEq for x86_64_fpu_registers { + fn eq(&self, other: &x86_64_fpu_registers) -> bool { + unsafe { + self.fsave_area == other.fsave_area + || self.fxsave_area == other.fxsave_area + || self.xsave_area == other.xsave_area + } + } + } + + #[cfg(libc_union)] + impl ::fmt::Debug for x86_64_fpu_registers { + fn fmt(&self, f: &mut ::fmt::Formatter) -> ::fmt::Result { + unsafe { + f.debug_struct("x86_64_fpu_registers") + .field("fsave_area", &self.fsave_area) + .field("fxsave_area", &self.fxsave_area) + .field("xsave_area", &self.xsave_area) + .finish() + } + } + } + + #[cfg(libc_union)] + impl ::hash::Hash for x86_64_fpu_registers { + fn hash(&self, state: &mut H) { + unsafe { + self.fsave_area.hash(state); + self.fxsave_area.hash(state); + self.xsave_area.hash(state); + } + } + } + } +} diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/redox/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/redox/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/redox/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/redox/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -1,8 +1,20 @@ pub type c_char = i8; -pub type c_long = i64; -pub type c_ulong = u64; pub type wchar_t = i32; +cfg_if! { + if #[cfg(target_pointer_width = "32")] { + pub type c_long = i32; + pub type c_ulong = u32; + } +} + +cfg_if! { + if #[cfg(target_pointer_width = "64")] { + pub type c_long = i64; + pub type c_ulong = u64; + } +} + pub type blkcnt_t = ::c_ulong; pub type blksize_t = ::c_long; pub type clock_t = ::c_long; @@ -14,7 +26,7 @@ pub type mode_t = ::c_int; pub type nfds_t = ::c_ulong; pub type nlink_t = ::c_ulong; -pub type off_t = ::c_long; +pub type off_t = ::c_longlong; pub type pthread_t = *mut ::c_void; pub type pthread_attr_t = *mut ::c_void; pub type pthread_cond_t = *mut ::c_void; @@ -34,7 +46,7 @@ pub type speed_t = u32; pub type suseconds_t = ::c_int; pub type tcflag_t = u32; -pub type time_t = ::c_long; +pub type time_t = ::c_longlong; #[cfg_attr(feature = "extra_traits", derive(Debug))] pub enum timezone {} diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/solarish/compat.rs suricata-6.0.10/rust/vendor/libc/src/unix/solarish/compat.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/solarish/compat.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/solarish/compat.rs 2023-01-31 06:31:40.000000000 +0000 @@ -1,6 +1,7 @@ // Common functions that are unfortunately missing on illumos and // Solaris, but often needed by other crates. +use core::cmp::min; use unix::solarish::*; const PTEM: &[u8] = b"ptem\0"; @@ -169,3 +170,51 @@ 0 } + +pub unsafe fn getpwent_r( + pwd: *mut passwd, + buf: *mut ::c_char, + buflen: ::size_t, + result: *mut *mut passwd, +) -> ::c_int { + let old_errno = *::___errno(); + *::___errno() = 0; + *result = native_getpwent_r( + pwd, + buf, + min(buflen, ::c_int::max_value() as ::size_t) as ::c_int, + ); + + let ret = if (*result).is_null() { + *::___errno() + } else { + 0 + }; + *::___errno() = old_errno; + + ret +} + +pub unsafe fn getgrent_r( + grp: *mut ::group, + buf: *mut ::c_char, + buflen: ::size_t, + result: *mut *mut ::group, +) -> ::c_int { + let old_errno = *::___errno(); + *::___errno() = 0; + *result = native_getgrent_r( + grp, + buf, + min(buflen, ::c_int::max_value() as ::size_t) as ::c_int, + ); + + let ret = if (*result).is_null() { + *::___errno() + } else { + 0 + }; + *::___errno() = old_errno; + + ret +} diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/solarish/mod.rs suricata-6.0.10/rust/vendor/libc/src/unix/solarish/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/solarish/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/solarish/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -466,6 +466,13 @@ pub pi_fputypes: [::c_char; PI_FPUTYPE as usize], pub pi_clock: ::c_int, } + + pub struct option { + pub name: *const ::c_char, + pub has_arg: ::c_int, + pub flag: *mut ::c_int, + pub val: ::c_int, + } } s_no_extra_traits! { @@ -2703,7 +2710,6 @@ pub fn abs(i: ::c_int) -> ::c_int; pub fn acct(filename: *const ::c_char) -> ::c_int; - pub fn atof(s: *const ::c_char) -> ::c_double; pub fn dirfd(dirp: *mut ::DIR) -> ::c_int; pub fn labs(i: ::c_long) -> ::c_long; pub fn rand() -> ::c_int; @@ -3016,24 +3022,14 @@ ) -> ::c_int; #[cfg_attr( any(target_os = "solaris", target_os = "illumos"), - link_name = "__posix_getpwent_r" + link_name = "getpwent_r" )] - pub fn getpwent_r( - pwd: *mut passwd, - buf: *mut ::c_char, - buflen: ::size_t, - result: *mut *mut passwd, - ) -> ::c_int; + fn native_getpwent_r(pwd: *mut passwd, buf: *mut ::c_char, buflen: ::c_int) -> *mut passwd; #[cfg_attr( any(target_os = "solaris", target_os = "illumos"), - link_name = "__posix_getgrent_r" + link_name = "getgrent_r" )] - pub fn getgrent_r( - grp: *mut ::group, - buf: *mut ::c_char, - buflen: ::size_t, - result: *mut *mut ::group, - ) -> ::c_int; + fn native_getgrent_r(grp: *mut ::group, buf: *mut ::c_char, buflen: ::c_int) -> *mut ::group; #[cfg_attr( any(target_os = "solaris", target_os = "illumos"), link_name = "__posix_sigwait" @@ -3192,6 +3188,14 @@ pub fn backtrace(buffer: *mut *mut ::c_void, size: ::c_int) -> ::c_int; pub fn backtrace_symbols(buffer: *const *mut ::c_void, size: ::c_int) -> *mut *mut ::c_char; pub fn backtrace_symbols_fd(buffer: *const *mut ::c_void, size: ::c_int, fd: ::c_int); + + pub fn getopt_long( + argc: ::c_int, + argv: *const *mut c_char, + optstring: *const c_char, + longopts: *const option, + longindex: *mut ::c_int, + ) -> ::c_int; } #[link(name = "sendfile")] diff -Nru suricata-6.0.9/rust/vendor/libc/src/unix/solarish/solaris.rs suricata-6.0.10/rust/vendor/libc/src/unix/solarish/solaris.rs --- suricata-6.0.9/rust/vendor/libc/src/unix/solarish/solaris.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/unix/solarish/solaris.rs 2023-01-31 06:31:40.000000000 +0000 @@ -26,6 +26,30 @@ } } +s_no_extra_traits! { + #[cfg_attr(feature = "extra_traits", allow(missing_debug_implementations))] + pub union door_desc_t__d_data { + pub d_desc: door_desc_t__d_data__d_desc, + d_resv: [::c_int; 5], /* Check out /usr/include/sys/door.h */ + } + + #[cfg_attr(feature = "extra_traits", allow(missing_debug_implementations))] + pub struct door_desc_t { + pub d_attributes: door_attr_t, + pub d_data: door_desc_t__d_data, + } + + #[cfg_attr(feature = "extra_traits", allow(missing_debug_implementations))] + pub struct door_arg_t { + pub data_ptr: *const ::c_char, + pub data_size: ::size_t, + pub desc_ptr: *const door_desc_t, + pub dec_num: ::c_uint, + pub rbuf: *const ::c_char, + pub rsize: ::size_t, + } +} + pub const PORT_SOURCE_POSTWAIT: ::c_int = 8; pub const PORT_SOURCE_SIGNAL: ::c_int = 9; @@ -75,27 +99,3 @@ pub fn euidaccess(path: *const ::c_char, amode: ::c_int) -> ::c_int; } - -s_no_extra_traits! { - #[cfg_attr(feature = "extra_traits", allow(missing_debug_implementations))] - pub union door_desc_t__d_data { - pub d_desc: door_desc_t__d_data__d_desc, - d_resv: [::c_int; 5], /* Check out /usr/include/sys/door.h */ - } - - #[cfg_attr(feature = "extra_traits", allow(missing_debug_implementations))] - pub struct door_desc_t { - pub d_attributes: door_attr_t, - pub d_data: door_desc_t__d_data, - } - - #[cfg_attr(feature = "extra_traits", allow(missing_debug_implementations))] - pub struct door_arg_t { - pub data_ptr: *const ::c_char, - pub data_size: ::size_t, - pub desc_ptr: *const door_desc_t, - pub dec_num: ::c_uint, - pub rbuf: *const ::c_char, - pub rsize: ::size_t, - } -} diff -Nru suricata-6.0.9/rust/vendor/libc/src/vxworks/mod.rs suricata-6.0.10/rust/vendor/libc/src/vxworks/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/vxworks/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/vxworks/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -1119,11 +1119,16 @@ pub fn feof(stream: *mut FILE) -> c_int; pub fn ferror(stream: *mut FILE) -> c_int; pub fn perror(s: *const c_char); + pub fn atof(s: *const c_char) -> c_double; pub fn atoi(s: *const c_char) -> c_int; + pub fn atol(s: *const c_char) -> c_long; + pub fn atoll(s: *const c_char) -> c_longlong; pub fn strtod(s: *const c_char, endp: *mut *mut c_char) -> c_double; pub fn strtof(s: *const c_char, endp: *mut *mut c_char) -> c_float; pub fn strtol(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_long; + pub fn strtoll(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_longlong; pub fn strtoul(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_ulong; + pub fn strtoull(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_ulonglong; pub fn calloc(nobj: size_t, size: size_t) -> *mut c_void; pub fn malloc(size: size_t) -> *mut c_void; pub fn realloc(p: *mut c_void, size: size_t) -> *mut c_void; diff -Nru suricata-6.0.9/rust/vendor/libc/src/wasi.rs suricata-6.0.10/rust/vendor/libc/src/wasi.rs --- suricata-6.0.9/rust/vendor/libc/src/wasi.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/wasi.rs 2023-01-31 06:31:40.000000000 +0000 @@ -39,6 +39,7 @@ pub type nfds_t = c_ulong; pub type wchar_t = i32; pub type nl_item = c_int; +pub type __wasi_rights_t = u64; s_no_extra_traits! { #[repr(align(16))] @@ -48,8 +49,6 @@ } } -pub type __wasi_rights_t = u64; - #[allow(missing_copy_implementations)] #[cfg_attr(feature = "extra_traits", derive(Debug))] pub enum FILE {} @@ -541,12 +540,16 @@ pub fn setvbuf(stream: *mut FILE, buffer: *mut c_char, mode: c_int, size: size_t) -> c_int; pub fn setbuf(stream: *mut FILE, buf: *mut c_char); pub fn fgets(buf: *mut c_char, n: c_int, stream: *mut FILE) -> *mut c_char; - pub fn atoi(s: *const c_char) -> c_int; pub fn atof(s: *const c_char) -> c_double; + pub fn atoi(s: *const c_char) -> c_int; + pub fn atol(s: *const c_char) -> c_long; + pub fn atoll(s: *const c_char) -> c_longlong; pub fn strtod(s: *const c_char, endp: *mut *mut c_char) -> c_double; pub fn strtof(s: *const c_char, endp: *mut *mut c_char) -> c_float; pub fn strtol(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_long; + pub fn strtoll(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_longlong; pub fn strtoul(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_ulong; + pub fn strtoull(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_ulonglong; pub fn strcpy(dst: *mut c_char, src: *const c_char) -> *mut c_char; pub fn strncpy(dst: *mut c_char, src: *const c_char, n: size_t) -> *mut c_char; diff -Nru suricata-6.0.9/rust/vendor/libc/src/windows/mod.rs suricata-6.0.10/rust/vendor/libc/src/windows/mod.rs --- suricata-6.0.9/rust/vendor/libc/src/windows/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/libc/src/windows/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -329,11 +329,16 @@ pub fn feof(stream: *mut FILE) -> c_int; pub fn ferror(stream: *mut FILE) -> c_int; pub fn perror(s: *const c_char); + pub fn atof(s: *const c_char) -> c_double; pub fn atoi(s: *const c_char) -> c_int; + pub fn atol(s: *const c_char) -> c_long; + pub fn atoll(s: *const c_char) -> c_longlong; pub fn strtod(s: *const c_char, endp: *mut *mut c_char) -> c_double; pub fn strtof(s: *const c_char, endp: *mut *mut c_char) -> c_float; pub fn strtol(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_long; + pub fn strtoll(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_longlong; pub fn strtoul(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_ulong; + pub fn strtoull(s: *const c_char, endp: *mut *mut c_char, base: c_int) -> c_ulonglong; pub fn calloc(nobj: size_t, size: size_t) -> *mut c_void; pub fn malloc(size: size_t) -> *mut c_void; pub fn realloc(p: *mut c_void, size: size_t) -> *mut c_void; @@ -374,7 +379,6 @@ pub fn memset(dest: *mut c_void, c: c_int, n: size_t) -> *mut c_void; pub fn abs(i: c_int) -> c_int; - pub fn atof(s: *const c_char) -> c_double; pub fn labs(i: c_long) -> c_long; pub fn rand() -> c_int; pub fn srand(seed: c_uint); diff -Nru suricata-6.0.9/rust/vendor/proc-macro2/.cargo-checksum.json suricata-6.0.10/rust/vendor/proc-macro2/.cargo-checksum.json --- suricata-6.0.9/rust/vendor/proc-macro2/.cargo-checksum.json 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro2/.cargo-checksum.json 2023-01-31 06:31:40.000000000 +0000 @@ -1 +1 @@ -{"files":{"Cargo.toml":"070b0704e5cdbac330b9cecee44e488a40b6daf6161215e4457bdfc3e7e9bf94","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"378f5840b258e2779c39418f3f2d7b2ba96f1c7917dd6be0713f88305dbda397","README.md":"0c17148c1957c3f721d99fc99aedaefee5f2f1ba7e2336a289b02f91609099fb","build.rs":"275f7a9ee0b9eff972124951de544ae17ee3e698a4e89b0f0393b334344f5e30","src/detection.rs":"ed9a5f9a979ab01247d7a68eeb1afa3c13209334c5bfff0f9289cb07e5bb4e8b","src/fallback.rs":"a9e6fa159d6a111a231fa9367d54859103e9d49f6662397baea951b5f3e7e983","src/lib.rs":"81865a868ef697987cafef5eb9512d3109da373456eead2a36c22d44e769c947","src/marker.rs":"344a8394f06a1d43355b514920e7e3c0c6dce507be767e3a590bbe3552edd110","src/parse.rs":"637a9fe6e3e21c36fa411b70674f617743fe0129787c17a559e78f86418d0da4","src/rcvec.rs":"49b6784c6ca5f32573cd8a83758b485d8acbfa126e5fb516ae439e429ef4c144","src/wrapper.rs":"8ea825cdac628570719a258419fcffd1c9d2ca1ca5e2fbbbf283dd9cc6695910","tests/comments.rs":"31115b3a56c83d93eef2fb4c9566bf4543e302560732986161b98aef504785ed","tests/features.rs":"a86deb8644992a4eb64d9fd493eff16f9cf9c5cb6ade3a634ce0c990cf87d559","tests/marker.rs":"cb6d776eba6a238d726b0f531883adf41957e06f2717ee8a069821c81e7081d6","tests/test.rs":"d7f21088314d1df25447fdc0a32feffae26d4d637e3ce68e23c0190060cb5652","tests/test_fmt.rs":"9357769945784354909259084ec8b34d2aa52081dd3967cac6dae3a5e3df3bc0"},"package":"5ea3d908b0e36316caf9e9e2c4625cdde190a7e6f440d794667ed17a1855e725"} \ No newline at end of file +{"files":{"Cargo.toml":"a4f134ba553220d2d6a3ae778423be3e0223ad8b301a64c0e00ec97c65388de2","LICENSE-APACHE":"62c7a1e35f56406896d7aa7ca52d0cc0d272ac022b5d2796e7d6905db8a3636a","LICENSE-MIT":"23f18e03dc49df91622fe2a76176497404e46ced8a715d9d2b67a7446571cca3","README.md":"32cbd395594db59ecc43d7866cfa2663f3687bb7df631781d60ae83200dae8a8","build.rs":"275f7a9ee0b9eff972124951de544ae17ee3e698a4e89b0f0393b334344f5e30","src/detection.rs":"ed9a5f9a979ab01247d7a68eeb1afa3c13209334c5bfff0f9289cb07e5bb4e8b","src/fallback.rs":"7b581d52bea33e78542c230afb6ae5212b322f6a584244a63ddc28ed32939a12","src/lib.rs":"4a7358479655f388f11f2255783b97ee4caa9d63a59be6f60e50760a7d836b2c","src/location.rs":"f55d2e61f1bb1af65e14ed04c9e91eb1ddbf8430e8c05f2048d1cd538d27368e","src/marker.rs":"344a8394f06a1d43355b514920e7e3c0c6dce507be767e3a590bbe3552edd110","src/parse.rs":"637a9fe6e3e21c36fa411b70674f617743fe0129787c17a559e78f86418d0da4","src/rcvec.rs":"49b6784c6ca5f32573cd8a83758b485d8acbfa126e5fb516ae439e429ef4c144","src/wrapper.rs":"75fd4c805da3d384fb957f6ac76ec33398d45b121e49a3a5e5403301062c6619","tests/comments.rs":"31115b3a56c83d93eef2fb4c9566bf4543e302560732986161b98aef504785ed","tests/features.rs":"a86deb8644992a4eb64d9fd493eff16f9cf9c5cb6ade3a634ce0c990cf87d559","tests/marker.rs":"cb6d776eba6a238d726b0f531883adf41957e06f2717ee8a069821c81e7081d6","tests/test.rs":"d7f21088314d1df25447fdc0a32feffae26d4d637e3ce68e23c0190060cb5652","tests/test_fmt.rs":"9357769945784354909259084ec8b34d2aa52081dd3967cac6dae3a5e3df3bc0"},"package":"6ef7d57beacfaf2d8aee5937dab7b7f28de3cb8b1828479bb5de2a7106f2bae2"} \ No newline at end of file diff -Nru suricata-6.0.9/rust/vendor/proc-macro2/Cargo.toml suricata-6.0.10/rust/vendor/proc-macro2/Cargo.toml --- suricata-6.0.9/rust/vendor/proc-macro2/Cargo.toml 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro2/Cargo.toml 2023-01-31 06:31:40.000000000 +0000 @@ -13,7 +13,7 @@ edition = "2018" rust-version = "1.31" name = "proc-macro2" -version = "1.0.47" +version = "1.0.50" authors = [ "David Tolnay ", "Alex Crichton ", @@ -46,6 +46,9 @@ [package.metadata.playground] features = ["span-locations"] +[lib] +doc-scrape-examples = false + [dependencies.unicode-ident] version = "1.0" diff -Nru suricata-6.0.9/rust/vendor/proc-macro2/LICENSE-APACHE suricata-6.0.10/rust/vendor/proc-macro2/LICENSE-APACHE --- suricata-6.0.9/rust/vendor/proc-macro2/LICENSE-APACHE 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro2/LICENSE-APACHE 2023-01-31 06:31:40.000000000 +0000 @@ -174,28 +174,3 @@ of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff -Nru suricata-6.0.9/rust/vendor/proc-macro2/LICENSE-MIT suricata-6.0.10/rust/vendor/proc-macro2/LICENSE-MIT --- suricata-6.0.9/rust/vendor/proc-macro2/LICENSE-MIT 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro2/LICENSE-MIT 2023-01-31 06:31:40.000000000 +0000 @@ -1,5 +1,3 @@ -Copyright (c) 2014 Alex Crichton - Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the diff -Nru suricata-6.0.9/rust/vendor/proc-macro2/README.md suricata-6.0.10/rust/vendor/proc-macro2/README.md --- suricata-6.0.9/rust/vendor/proc-macro2/README.md 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro2/README.md 2023-01-31 06:31:40.000000000 +0000 @@ -3,7 +3,7 @@ [github](https://github.com/dtolnay/proc-macro2) [crates.io](https://crates.io/crates/proc-macro2) [docs.rs](https://docs.rs/proc-macro2) -[build status](https://github.com/dtolnay/proc-macro2/actions?query=branch%3Amaster) +[build status](https://github.com/dtolnay/proc-macro2/actions?query=branch%3Amaster) A wrapper around the procedural macro API of the compiler's `proc_macro` crate. This library serves two purposes: diff -Nru suricata-6.0.9/rust/vendor/proc-macro2/src/fallback.rs suricata-6.0.10/rust/vendor/proc-macro2/src/fallback.rs --- suricata-6.0.9/rust/vendor/proc-macro2/src/fallback.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro2/src/fallback.rs 2023-01-31 06:31:40.000000000 +0000 @@ -1,3 +1,5 @@ +#[cfg(span_locations)] +use crate::location::LineColumn; use crate::parse::{self, Cursor}; use crate::rcvec::{RcVec, RcVecBuilder, RcVecIntoIter, RcVecMut}; use crate::{Delimiter, Spacing, TokenTree}; @@ -332,12 +334,6 @@ } } -#[derive(Clone, Copy, Debug, PartialEq, Eq)] -pub(crate) struct LineColumn { - pub line: usize, - pub column: usize, -} - #[cfg(span_locations)] thread_local! { static SOURCE_MAP: RefCell = RefCell::new(SourceMap { diff -Nru suricata-6.0.9/rust/vendor/proc-macro2/src/lib.rs suricata-6.0.10/rust/vendor/proc-macro2/src/lib.rs --- suricata-6.0.9/rust/vendor/proc-macro2/src/lib.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro2/src/lib.rs 2023-01-31 06:31:40.000000000 +0000 @@ -86,7 +86,7 @@ //! a different thread. // Proc-macro2 types in rustdoc of other crates get linked to here. -#![doc(html_root_url = "https://docs.rs/proc-macro2/1.0.47")] +#![doc(html_root_url = "https://docs.rs/proc-macro2/1.0.50")] #![cfg_attr( any(proc_macro_span, super_unstable), feature(proc_macro_span, proc_macro_span_shrink) @@ -139,6 +139,9 @@ #[cfg(wrap_proc_macro)] mod imp; +#[cfg(span_locations)] +mod location; + use crate::marker::Marker; use core::cmp::Ordering; use core::fmt::{self, Debug, Display}; @@ -150,6 +153,9 @@ #[cfg(procmacro2_semver_exempt)] use std::path::PathBuf; +#[cfg(span_locations)] +pub use crate::location::LineColumn; + /// An abstract stream of tokens, or more concretely a sequence of token trees. /// /// This type provides interfaces for iterating over token trees and for @@ -356,37 +362,6 @@ } } -/// A line-column pair representing the start or end of a `Span`. -/// -/// This type is semver exempt and not exposed by default. -#[cfg(span_locations)] -#[cfg_attr(doc_cfg, doc(cfg(feature = "span-locations")))] -#[derive(Copy, Clone, Debug, PartialEq, Eq)] -pub struct LineColumn { - /// The 1-indexed line in the source file on which the span starts or ends - /// (inclusive). - pub line: usize, - /// The 0-indexed column (in UTF-8 characters) in the source file on which - /// the span starts or ends (inclusive). - pub column: usize, -} - -#[cfg(span_locations)] -impl Ord for LineColumn { - fn cmp(&self, other: &Self) -> Ordering { - self.line - .cmp(&other.line) - .then(self.column.cmp(&other.column)) - } -} - -#[cfg(span_locations)] -impl PartialOrd for LineColumn { - fn partial_cmp(&self, other: &Self) -> Option { - Some(self.cmp(other)) - } -} - /// A region of source code, along with macro expansion information. #[derive(Copy, Clone)] pub struct Span { @@ -492,8 +467,7 @@ #[cfg(span_locations)] #[cfg_attr(doc_cfg, doc(cfg(feature = "span-locations")))] pub fn start(&self) -> LineColumn { - let imp::LineColumn { line, column } = self.inner.start(); - LineColumn { line, column } + self.inner.start() } /// Get the ending line/column in the source file for this span. @@ -508,8 +482,7 @@ #[cfg(span_locations)] #[cfg_attr(doc_cfg, doc(cfg(feature = "span-locations")))] pub fn end(&self) -> LineColumn { - let imp::LineColumn { line, column } = self.inner.end(); - LineColumn { line, column } + self.inner.end() } /// Creates an empty span pointing to directly before this span. diff -Nru suricata-6.0.9/rust/vendor/proc-macro2/src/location.rs suricata-6.0.10/rust/vendor/proc-macro2/src/location.rs --- suricata-6.0.9/rust/vendor/proc-macro2/src/location.rs 1970-01-01 00:00:00.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro2/src/location.rs 2023-01-31 06:31:40.000000000 +0000 @@ -0,0 +1,29 @@ +use core::cmp::Ordering; + +/// A line-column pair representing the start or end of a `Span`. +/// +/// This type is semver exempt and not exposed by default. +#[cfg_attr(doc_cfg, doc(cfg(feature = "span-locations")))] +#[derive(Copy, Clone, Debug, PartialEq, Eq, Hash)] +pub struct LineColumn { + /// The 1-indexed line in the source file on which the span starts or ends + /// (inclusive). + pub line: usize, + /// The 0-indexed column (in UTF-8 characters) in the source file on which + /// the span starts or ends (inclusive). + pub column: usize, +} + +impl Ord for LineColumn { + fn cmp(&self, other: &Self) -> Ordering { + self.line + .cmp(&other.line) + .then(self.column.cmp(&other.column)) + } +} + +impl PartialOrd for LineColumn { + fn partial_cmp(&self, other: &Self) -> Option { + Some(self.cmp(other)) + } +} diff -Nru suricata-6.0.9/rust/vendor/proc-macro2/src/wrapper.rs suricata-6.0.10/rust/vendor/proc-macro2/src/wrapper.rs --- suricata-6.0.9/rust/vendor/proc-macro2/src/wrapper.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro2/src/wrapper.rs 2023-01-31 06:31:40.000000000 +0000 @@ -1,4 +1,6 @@ use crate::detection::inside_proc_macro; +#[cfg(span_locations)] +use crate::location::LineColumn; use crate::{fallback, Delimiter, Punct, Spacing, TokenTree}; use core::fmt::{self, Debug, Display}; use core::iter::FromIterator; @@ -389,12 +391,6 @@ } } -#[cfg(any(super_unstable, feature = "span-locations"))] -pub(crate) struct LineColumn { - pub line: usize, - pub column: usize, -} - #[derive(Copy, Clone)] pub(crate) enum Span { Compiler(proc_macro::Span), @@ -471,7 +467,7 @@ } } - #[cfg(any(super_unstable, feature = "span-locations"))] + #[cfg(span_locations)] pub fn start(&self) -> LineColumn { match self { #[cfg(proc_macro_span)] @@ -481,14 +477,11 @@ } #[cfg(not(proc_macro_span))] Span::Compiler(_) => LineColumn { line: 0, column: 0 }, - Span::Fallback(s) => { - let fallback::LineColumn { line, column } = s.start(); - LineColumn { line, column } - } + Span::Fallback(s) => s.start(), } } - #[cfg(any(super_unstable, feature = "span-locations"))] + #[cfg(span_locations)] pub fn end(&self) -> LineColumn { match self { #[cfg(proc_macro_span)] @@ -498,10 +491,7 @@ } #[cfg(not(proc_macro_span))] Span::Compiler(_) => LineColumn { line: 0, column: 0 }, - Span::Fallback(s) => { - let fallback::LineColumn { line, column } = s.end(); - LineColumn { line, column } - } + Span::Fallback(s) => s.end(), } } diff -Nru suricata-6.0.9/rust/vendor/proc-macro-hack/.cargo-checksum.json suricata-6.0.10/rust/vendor/proc-macro-hack/.cargo-checksum.json --- suricata-6.0.9/rust/vendor/proc-macro-hack/.cargo-checksum.json 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro-hack/.cargo-checksum.json 2023-01-31 06:31:40.000000000 +0000 @@ -1 +1 @@ -{"files":{"Cargo.toml":"4676ee2135f0167cbdd7abe42349084e0107b9614804caf5049c714170f181ec","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"d59d2723bbc1627b629429a9c779d5dcfde579c9723e6ded1052931c4e8efa0a","README.md":"5b08393db968a3113d81d991365c354dbf7ac84d02f6afbdda99732b80620812","build.rs":"eae956d2a2de606f0c26741fbc849f3c9db89bf14f743d76a452b85c7904860c","src/error.rs":"d31547fe853819b03cf1a485827ceaa7ebffbd45a8d5ef066e94cc862f499583","src/iter.rs":"8d4b817b9abc4e817105b673e15f29ef9bb8284a010ce01ac2d83387fe136947","src/lib.rs":"3a9de3931a57b7673dcee9341823b9ec7a350aae391e987ea74166f495e6dc5a","src/parse.rs":"84901bdb47460286d7ae6840c057a09ffc88906b097da2bcb32056a7190fade7","src/quote.rs":"2f8c5ff5174f8869f4fd317156396be6d90b0af566f44840a2cadb2d1180fb45","tests/compiletest.rs":"0a52a44786aea1c299c695bf948b2ed2081e4cc344e5c2cadceab4eb03d0010d","tests/ui/private.rs":"f58d9fafe29bb624cbd8b2fbfce4e0ba9526d5e7a7bcb4366ebe02a192d742e4","tests/ui/private.stderr":"d0204151ff6347cb5d37bef41879183322dd2ad3749dcb51586e834a605e9d09","tests/ui/unexpected-arg.rs":"27f8baf78620673ce49eb4a376dd2210e446d2fbc33a4160aa72c40f597a599a","tests/ui/unexpected-arg.stderr":"6a380293011f7f4f513d982ad3af0ce0c9629a2284d9bdbdf171badb8af31f77","tests/ui/unexpected.rs":"157afd8323c9226a8f9ac1f1623a7747d8b9563e95b66d0208020d2d15781adc","tests/ui/unexpected.stderr":"2c07c1a739dc889cde323e0a4d337f7c596c928e7b7e479ee27cc4a85b124927","tests/ui/unknown-arg.rs":"724aeb6614c96e925856fb0e73ec38312cc9abc918094188d928e41626fbe512","tests/ui/unknown-arg.stderr":"20fdd8652293733c5edc8a6fb1dc3296094ab98a56fc9cf2e538be2d09703c38"},"package":"dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5"} \ No newline at end of file +{"files":{"Cargo.toml":"1833d37aad8fa07e58d16c840b2815da2114c6d92d3625de45baa66b986a68cc","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"d59d2723bbc1627b629429a9c779d5dcfde579c9723e6ded1052931c4e8efa0a","README.md":"ca7e8118aeda26c39cbeaeb0a4cbf5d44bdf17eedc89abbff5d307e4abffdf33","build.rs":"eae956d2a2de606f0c26741fbc849f3c9db89bf14f743d76a452b85c7904860c","src/error.rs":"d31547fe853819b03cf1a485827ceaa7ebffbd45a8d5ef066e94cc862f499583","src/iter.rs":"8d4b817b9abc4e817105b673e15f29ef9bb8284a010ce01ac2d83387fe136947","src/lib.rs":"4b966fffe1e74857e902f0417bfc6f59d063f48f24bc12f0fec3d35e9882365f","src/parse.rs":"53f45dff0aa345644e6cf56619704d413ed732d30f353b966cbf39dd0c00e093","src/quote.rs":"2f8c5ff5174f8869f4fd317156396be6d90b0af566f44840a2cadb2d1180fb45","tests/compiletest.rs":"0a52a44786aea1c299c695bf948b2ed2081e4cc344e5c2cadceab4eb03d0010d","tests/ui/private.rs":"f58d9fafe29bb624cbd8b2fbfce4e0ba9526d5e7a7bcb4366ebe02a192d742e4","tests/ui/private.stderr":"ef4b8437d818a0e037ad23b19ef6d2971e46a4cfe94707d9c5dd402e390ef595","tests/ui/unexpected-arg.rs":"27f8baf78620673ce49eb4a376dd2210e446d2fbc33a4160aa72c40f597a599a","tests/ui/unexpected-arg.stderr":"79e6ff168baf87576c95821d11ec48e7701d50c8c93811aaf9715c1de8e77ce0","tests/ui/unexpected.rs":"157afd8323c9226a8f9ac1f1623a7747d8b9563e95b66d0208020d2d15781adc","tests/ui/unexpected.stderr":"7478c6e53832e3fe5fd6be30aad2824e920780d9b6355b95ca35ffcd2522c3b0","tests/ui/unknown-arg.rs":"724aeb6614c96e925856fb0e73ec38312cc9abc918094188d928e41626fbe512","tests/ui/unknown-arg.stderr":"379cb35e501c17091dd999f0bb889c25596d94838ff5a1437407d4f97f8c13b1"},"package":"dc375e1527247fe1a97d8b7156678dfe7c1af2fc075c9a4db3690ecd2a148068"} \ No newline at end of file diff -Nru suricata-6.0.9/rust/vendor/proc-macro-hack/Cargo.toml suricata-6.0.10/rust/vendor/proc-macro-hack/Cargo.toml --- suricata-6.0.9/rust/vendor/proc-macro-hack/Cargo.toml 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro-hack/Cargo.toml 2023-01-31 06:31:40.000000000 +0000 @@ -3,28 +3,30 @@ # When uploading crates to the registry Cargo will automatically # "normalize" Cargo.toml files for maximal compatibility # with all versions of Cargo and also rewrite `path` dependencies -# to registry (e.g., crates.io) dependencies +# to registry (e.g., crates.io) dependencies. # -# If you believe there's an error in this file please file an -# issue against the rust-lang/cargo repository. If you're -# editing this file be aware that the upstream Cargo.toml -# will likely look very different (and much more reasonable) +# If you are reading this file be aware that the original Cargo.toml +# will likely look very different (and much more reasonable). +# See Cargo.toml.orig for the original contents. [package] edition = "2018" +rust-version = "1.31" name = "proc-macro-hack" -version = "0.5.19" +version = "0.5.20+deprecated" authors = ["David Tolnay "] description = "Procedural macros in expression position" readme = "README.md" categories = ["development-tools::procedural-macro-helpers"] license = "MIT OR Apache-2.0" repository = "https://github.com/dtolnay/proc-macro-hack" + [package.metadata.docs.rs] targets = ["x86_64-unknown-linux-gnu"] [lib] proc-macro = true + [dev-dependencies.demo-hack] version = "0.0.5" @@ -41,4 +43,5 @@ version = "1.0.5" [dev-dependencies.trybuild] -version = "1.0" +version = "1.0.49" +features = ["diff"] diff -Nru suricata-6.0.9/rust/vendor/proc-macro-hack/README.md suricata-6.0.10/rust/vendor/proc-macro-hack/README.md --- suricata-6.0.9/rust/vendor/proc-macro-hack/README.md 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro-hack/README.md 2023-01-31 06:31:40.000000000 +0000 @@ -3,8 +3,8 @@ [github](https://github.com/dtolnay/proc-macro-hack) [crates.io](https://crates.io/crates/proc-macro-hack) -[docs.rs](https://docs.rs/proc-macro-hack) -[build status](https://github.com/dtolnay/proc-macro-hack/actions?query=branch%3Amaster) +[docs.rs](https://docs.rs/proc-macro-hack) +[build status](https://github.com/dtolnay/proc-macro-hack/actions?query=branch%3Amaster)
Note: As of Rust 1.45 this crate is superseded by native support for diff -Nru suricata-6.0.9/rust/vendor/proc-macro-hack/src/lib.rs suricata-6.0.10/rust/vendor/proc-macro-hack/src/lib.rs --- suricata-6.0.9/rust/vendor/proc-macro-hack/src/lib.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro-hack/src/lib.rs 2023-01-31 06:31:40.000000000 +0000 @@ -2,7 +2,7 @@ //! //! [github]: https://img.shields.io/badge/github-8da0cb?style=for-the-badge&labelColor=555555&logo=github //! [crates-io]: https://img.shields.io/badge/crates.io-fc8d62?style=for-the-badge&labelColor=555555&logo=rust -//! [docs-rs]: https://img.shields.io/badge/docs.rs-66c2a5?style=for-the-badge&labelColor=555555&logoColor=white&logo=data:image/svg+xml;base64,PHN2ZyByb2xlPSJpbWciIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgdmlld0JveD0iMCAwIDUxMiA1MTIiPjxwYXRoIGZpbGw9IiNmNWY1ZjUiIGQ9Ik00ODguNiAyNTAuMkwzOTIgMjE0VjEwNS41YzAtMTUtOS4zLTI4LjQtMjMuNC0zMy43bC0xMDAtMzcuNWMtOC4xLTMuMS0xNy4xLTMuMS0yNS4zIDBsLTEwMCAzNy41Yy0xNC4xIDUuMy0yMy40IDE4LjctMjMuNCAzMy43VjIxNGwtOTYuNiAzNi4yQzkuMyAyNTUuNSAwIDI2OC45IDAgMjgzLjlWMzk0YzAgMTMuNiA3LjcgMjYuMSAxOS45IDMyLjJsMTAwIDUwYzEwLjEgNS4xIDIyLjEgNS4xIDMyLjIgMGwxMDMuOS01MiAxMDMuOSA1MmMxMC4xIDUuMSAyMi4xIDUuMSAzMi4yIDBsMTAwLTUwYzEyLjItNi4xIDE5LjktMTguNiAxOS45LTMyLjJWMjgzLjljMC0xNS05LjMtMjguNC0yMy40LTMzLjd6TTM1OCAyMTQuOGwtODUgMzEuOXYtNjguMmw4NS0zN3Y3My4zek0xNTQgMTA0LjFsMTAyLTM4LjIgMTAyIDM4LjJ2LjZsLTEwMiA0MS40LTEwMi00MS40di0uNnptODQgMjkxLjFsLTg1IDQyLjV2LTc5LjFsODUtMzguOHY3NS40em0wLTExMmwtMTAyIDQxLjQtMTAyLTQxLjR2LS42bDEwMi0zOC4yIDEwMiAzOC4ydi42em0yNDAgMTEybC04NSA0Mi41di03OS4xbDg1LTM4Ljh2NzUuNHptMC0xMTJsLTEwMiA0MS40LTEwMi00MS40di0uNmwxMDItMzguMiAxMDIgMzguMnYuNnoiPjwvcGF0aD48L3N2Zz4K +//! [docs-rs]: https://img.shields.io/badge/docs.rs-66c2a5?style=for-the-badge&labelColor=555555&logo=docs.rs //! //!
//! @@ -145,7 +145,15 @@ //! [`proc-macro-nested`]: https://docs.rs/proc-macro-nested #![recursion_limit = "512"] -#![allow(clippy::needless_doctest_main, clippy::toplevel_ref_arg)] +#![allow( + clippy::doc_markdown, + clippy::manual_strip, + clippy::module_name_repetitions, + clippy::needless_doctest_main, + clippy::needless_pass_by_value, + clippy::too_many_lines, + clippy::toplevel_ref_arg +)] extern crate proc_macro; @@ -286,9 +294,9 @@ let mut export_call_site = TokenStream::new(); let mut macro_rules = TokenStream::new(); for Macro { name, export_as } in &export.macros { - let hacked = hacked_proc_macro_name(&name); - let dispatch = dispatch_macro_name(&name); - let call_site = call_site_macro_name(&name); + let hacked = hacked_proc_macro_name(name); + let dispatch = dispatch_macro_name(name); + let call_site = call_site_macro_name(name); if !actual_names.is_empty() { actual_names.extend(quote!(,)); @@ -395,7 +403,7 @@ let mut names = TokenStream::new(); for Macro { name, export_as } in &export.macros { - let pub_name = pub_proc_macro_name(&name); + let pub_name = pub_proc_macro_name(name); if !names.is_empty() { names.extend(quote!(,)); } diff -Nru suricata-6.0.9/rust/vendor/proc-macro-hack/src/parse.rs suricata-6.0.10/rust/vendor/proc-macro-hack/src/parse.rs --- suricata-6.0.9/rust/vendor/proc-macro-hack/src/parse.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro-hack/src/parse.rs 2023-01-31 06:31:40.000000000 +0000 @@ -5,7 +5,7 @@ pub(crate) fn parse_input(tokens: Iter) -> Result { let attrs = parse_attributes(tokens)?; - let vis = parse_visibility(tokens)?; + let vis = parse_visibility(tokens); let kw = parse_ident(tokens)?; if kw.to_string() == "use" { parse_export(attrs, vis, tokens).map(Input::Export) @@ -136,16 +136,16 @@ } } -fn parse_visibility(tokens: Iter) -> Result { +fn parse_visibility(tokens: Iter) -> Visibility { if let Some(TokenTree::Ident(ident)) = tokens.peek() { if ident.to_string() == "pub" { match tokens.next().unwrap() { - TokenTree::Ident(vis) => return Ok(Some(vis)), + TokenTree::Ident(vis) => return Some(vis), _ => unreachable!(), } } } - Ok(None) + None } fn parse_attributes(tokens: Iter) -> Result { diff -Nru suricata-6.0.9/rust/vendor/proc-macro-hack/tests/ui/private.stderr suricata-6.0.10/rust/vendor/proc-macro-hack/tests/ui/private.stderr --- suricata-6.0.9/rust/vendor/proc-macro-hack/tests/ui/private.stderr 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro-hack/tests/ui/private.stderr 2023-01-31 06:31:40.000000000 +0000 @@ -1,5 +1,5 @@ error: functions tagged with `#[proc_macro_hack]` must be `pub` - --> $DIR/private.rs:4:1 + --> tests/ui/private.rs:4:1 | 4 | fn my_macro(input: TokenStream) -> TokenStream { | ^^ diff -Nru suricata-6.0.9/rust/vendor/proc-macro-hack/tests/ui/unexpected-arg.stderr suricata-6.0.10/rust/vendor/proc-macro-hack/tests/ui/unexpected-arg.stderr --- suricata-6.0.9/rust/vendor/proc-macro-hack/tests/ui/unexpected-arg.stderr 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro-hack/tests/ui/unexpected-arg.stderr 2023-01-31 06:31:40.000000000 +0000 @@ -1,5 +1,5 @@ error: unexpected argument to proc_macro_hack macro implementation; args are only accepted on the macro declaration (the `pub use`) - --> $DIR/unexpected-arg.rs:3:19 + --> tests/ui/unexpected-arg.rs:3:19 | 3 | #[proc_macro_hack(fake_call_site)] | ^^^^^^^^^^^^^^ diff -Nru suricata-6.0.9/rust/vendor/proc-macro-hack/tests/ui/unexpected.stderr suricata-6.0.10/rust/vendor/proc-macro-hack/tests/ui/unexpected.stderr --- suricata-6.0.9/rust/vendor/proc-macro-hack/tests/ui/unexpected.stderr 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro-hack/tests/ui/unexpected.stderr 2023-01-31 06:31:40.000000000 +0000 @@ -1,5 +1,5 @@ error: unexpected input to #[proc_macro_hack] - --> $DIR/unexpected.rs:4:5 + --> tests/ui/unexpected.rs:4:5 | 4 | pub struct What; | ^^^^^^ diff -Nru suricata-6.0.9/rust/vendor/proc-macro-hack/tests/ui/unknown-arg.stderr suricata-6.0.10/rust/vendor/proc-macro-hack/tests/ui/unknown-arg.stderr --- suricata-6.0.9/rust/vendor/proc-macro-hack/tests/ui/unknown-arg.stderr 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/proc-macro-hack/tests/ui/unknown-arg.stderr 2023-01-31 06:31:40.000000000 +0000 @@ -1,5 +1,5 @@ error: expected one of: `support_nested`, `internal_macro_calls`, `fake_call_site`, `only_hack_old_rustc` - --> $DIR/unknown-arg.rs:3:35 + --> tests/ui/unknown-arg.rs:3:35 | 3 | #[proc_macro_hack(fake_call_site, support_nexted)] | ^^^^^^^^^^^^^^ diff -Nru suricata-6.0.9/rust/vendor/quote/.cargo-checksum.json suricata-6.0.10/rust/vendor/quote/.cargo-checksum.json --- suricata-6.0.9/rust/vendor/quote/.cargo-checksum.json 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/quote/.cargo-checksum.json 2023-01-31 06:31:40.000000000 +0000 @@ -1 +1 @@ -{"files":{"Cargo.toml":"f4cf791ed3ccb9a3d5840f63af9c8d6b60453d9cd2451bf71c98f413e639b5ac","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"c9a75f18b9ab2927829a208fc6aa2cf4e63b8420887ba29cdb265d6619ae82d5","README.md":"1aed9e312142718f8e1a37a0a982d8e45398dee835776b0ffa54639efdd75dfb","build.rs":"3733c86ae2733629f873f93c2f45da30164beee8de9ee0833099fac6a05a3e6b","rust-toolchain.toml":"6bbb61302978c736b2da03e4fb40e3beab908f85d533ab46fd541e637b5f3e0f","src/ext.rs":"9881576cac3e476a4bf04f9b601cf9a53b79399fb0ca9634e8b861ac91709843","src/format.rs":"c595015418f35e6992e710441b9999f09b2afe4678b138039d670d100c0bdd86","src/ident_fragment.rs":"66788c5f57681547d936a9bcf51873b658630c76b2e690df4b3158edf573384a","src/lib.rs":"17db85f0808d31a597ea7f56744b031b5bdba548d9474efd874cacfe6541ff60","src/runtime.rs":"79bbb2fe5b18bc3ec9f8f8143bd120b45680a3027c89f37b0a6a6b97bdaadb21","src/spanned.rs":"43ff919f1d2d27dff6b2db409539b1c697e913eb8c3131cf5de45a845752b7b5","src/to_tokens.rs":"99bb6f467289c32af6c1f7af0d45cc6ac7b31e2436774e616770152a49e6ac0f","tests/compiletest.rs":"022a8e400ef813d7ea1875b944549cee5125f6a995dc33e93b48cba3e1b57bd1","tests/test.rs":"29221bc5eb9497a2fcda1b44e9535c645f7c7ca84ffc32e6040e57d94dbda2c8","tests/ui/does-not-have-iter-interpolated-dup.rs":"ad13eea21d4cdd2ab6c082f633392e1ff20fb0d1af5f2177041e0bf7f30da695","tests/ui/does-not-have-iter-interpolated-dup.stderr":"be67a6c99eed689aa08b46afd0ab3ed4e71fde42e5efed41ab05741710f42fe5","tests/ui/does-not-have-iter-interpolated.rs":"83a5b3f240651adcbe4b6e51076d76d653ad439b37442cf4054f1fd3c073f3b7","tests/ui/does-not-have-iter-interpolated.stderr":"ed05bc229abf5a267ea3d194336a3a845a061bd10c1be7020b9351f81e737946","tests/ui/does-not-have-iter-separated.rs":"fe413c48331d5e3a7ae5fef6a5892a90c72f610d54595879eb49d0a94154ba3f","tests/ui/does-not-have-iter-separated.stderr":"873f4db0ec63606d64d46790f3ee24bdb4dd04379b8e57dc5ac1114cc3775fb3","tests/ui/does-not-have-iter.rs":"09dc9499d861b63cebb0848b855b78e2dc9497bfde37ba6339f3625ae009a62f","tests/ui/does-not-have-iter.stderr":"0e3de2635a79cce9226113fa8cb6bdbdc0ffcd487d7537d4dd0dc8222adf4a8a","tests/ui/not-quotable.rs":"5759d0884943417609f28faadc70254a3e2fd3d9bd6ff7297a3fb70a77fafd8a","tests/ui/not-quotable.stderr":"d55354e6a963b5eedce9bc68a1b04bf5b82f966c3c1bb987d1690e74c0c3d69c","tests/ui/not-repeatable.rs":"a4b115c04e4e41049a05f5b69450503fbffeba031218b4189cb931839f7f9a9c","tests/ui/not-repeatable.stderr":"27149da38cc074953f124e995d76e569e0f718a5431c321cb5d639b0065520b3","tests/ui/wrong-type-span.rs":"6195e35ea844c0c52ba1cff5d790c3a371af6915d137d377834ad984229ef9ea","tests/ui/wrong-type-span.stderr":"c986de5cb858272636c9e36ae5f57e5ee13589d4f1a73a050b21824010314f8d"},"package":"bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179"} \ No newline at end of file +{"files":{"Cargo.toml":"b31678b5e9696b0320493f7120e873490183308fc5afb052dc23a265048b8e16","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"23f18e03dc49df91622fe2a76176497404e46ced8a715d9d2b67a7446571cca3","README.md":"66f3cf08338e47618fd23d810355b075da573815d9c1e158a7f7ab140decc16d","build.rs":"3733c86ae2733629f873f93c2f45da30164beee8de9ee0833099fac6a05a3e6b","rust-toolchain.toml":"6bbb61302978c736b2da03e4fb40e3beab908f85d533ab46fd541e637b5f3e0f","src/ext.rs":"9881576cac3e476a4bf04f9b601cf9a53b79399fb0ca9634e8b861ac91709843","src/format.rs":"c595015418f35e6992e710441b9999f09b2afe4678b138039d670d100c0bdd86","src/ident_fragment.rs":"66788c5f57681547d936a9bcf51873b658630c76b2e690df4b3158edf573384a","src/lib.rs":"5f0dac39c736d01c698745909c93efb7e701aed4493c488a32239a7efd7d4469","src/runtime.rs":"79bbb2fe5b18bc3ec9f8f8143bd120b45680a3027c89f37b0a6a6b97bdaadb21","src/spanned.rs":"43ff919f1d2d27dff6b2db409539b1c697e913eb8c3131cf5de45a845752b7b5","src/to_tokens.rs":"99bb6f467289c32af6c1f7af0d45cc6ac7b31e2436774e616770152a49e6ac0f","tests/compiletest.rs":"022a8e400ef813d7ea1875b944549cee5125f6a995dc33e93b48cba3e1b57bd1","tests/test.rs":"c4967a33fcf7c2effd1979bcb4c03ae797359eeab92c627ab4b609cd8678ff78","tests/ui/does-not-have-iter-interpolated-dup.rs":"ad13eea21d4cdd2ab6c082f633392e1ff20fb0d1af5f2177041e0bf7f30da695","tests/ui/does-not-have-iter-interpolated-dup.stderr":"be67a6c99eed689aa08b46afd0ab3ed4e71fde42e5efed41ab05741710f42fe5","tests/ui/does-not-have-iter-interpolated.rs":"83a5b3f240651adcbe4b6e51076d76d653ad439b37442cf4054f1fd3c073f3b7","tests/ui/does-not-have-iter-interpolated.stderr":"ed05bc229abf5a267ea3d194336a3a845a061bd10c1be7020b9351f81e737946","tests/ui/does-not-have-iter-separated.rs":"fe413c48331d5e3a7ae5fef6a5892a90c72f610d54595879eb49d0a94154ba3f","tests/ui/does-not-have-iter-separated.stderr":"873f4db0ec63606d64d46790f3ee24bdb4dd04379b8e57dc5ac1114cc3775fb3","tests/ui/does-not-have-iter.rs":"09dc9499d861b63cebb0848b855b78e2dc9497bfde37ba6339f3625ae009a62f","tests/ui/does-not-have-iter.stderr":"0e3de2635a79cce9226113fa8cb6bdbdc0ffcd487d7537d4dd0dc8222adf4a8a","tests/ui/not-quotable.rs":"d630ed8e5fe16f125015999d068569cc3fe5dc1033a56e622690ec2c080c13f4","tests/ui/not-quotable.stderr":"4b81ec7bb82ba197ede6d47c1b6e5cacc0999cc8c9e2fa77a46db5e29397153c","tests/ui/not-repeatable.rs":"dbfedcad67b57543aa7d6684b6549db90fbdb74ffebcae42323d31eb88e59c87","tests/ui/not-repeatable.stderr":"a578a6293fef33c54f8e8114bf72a933a1315b45e866e4bcef1e31ce2ce55dcd","tests/ui/wrong-type-span.rs":"6195e35ea844c0c52ba1cff5d790c3a371af6915d137d377834ad984229ef9ea","tests/ui/wrong-type-span.stderr":"c986de5cb858272636c9e36ae5f57e5ee13589d4f1a73a050b21824010314f8d"},"package":"8856d8364d252a14d474036ea1358d63c9e6965c8e5c1885c18f73d70bff9c7b"} \ No newline at end of file diff -Nru suricata-6.0.9/rust/vendor/quote/Cargo.toml suricata-6.0.10/rust/vendor/quote/Cargo.toml --- suricata-6.0.9/rust/vendor/quote/Cargo.toml 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/quote/Cargo.toml 2023-01-31 06:31:40.000000000 +0000 @@ -13,7 +13,7 @@ edition = "2018" rust-version = "1.31" name = "quote" -version = "1.0.21" +version = "1.0.23" authors = ["David Tolnay "] autobenches = false description = "Quasi-quoting macro quote!(...)" @@ -30,6 +30,9 @@ [package.metadata.docs.rs] targets = ["x86_64-unknown-linux-gnu"] +[lib] +doc-scrape-examples = false + [dependencies.proc-macro2] version = "1.0.40" default-features = false @@ -38,7 +41,7 @@ version = "1.0" [dev-dependencies.trybuild] -version = "1.0.52" +version = "1.0.66" features = ["diff"] [features] diff -Nru suricata-6.0.9/rust/vendor/quote/LICENSE-MIT suricata-6.0.10/rust/vendor/quote/LICENSE-MIT --- suricata-6.0.9/rust/vendor/quote/LICENSE-MIT 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/quote/LICENSE-MIT 2023-01-31 06:31:40.000000000 +0000 @@ -1,5 +1,3 @@ -Copyright (c) 2016 The Rust Project Developers - Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the diff -Nru suricata-6.0.9/rust/vendor/quote/README.md suricata-6.0.10/rust/vendor/quote/README.md --- suricata-6.0.9/rust/vendor/quote/README.md 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/quote/README.md 2023-01-31 06:31:40.000000000 +0000 @@ -4,7 +4,7 @@ [github](https://github.com/dtolnay/quote) [crates.io](https://crates.io/crates/quote) [docs.rs](https://docs.rs/quote) -[build status](https://github.com/dtolnay/quote/actions?query=branch%3Amaster) +[build status](https://github.com/dtolnay/quote/actions?query=branch%3Amaster) This crate provides the [`quote!`] macro for turning Rust syntax tree data structures into tokens of source code. diff -Nru suricata-6.0.9/rust/vendor/quote/src/lib.rs suricata-6.0.10/rust/vendor/quote/src/lib.rs --- suricata-6.0.9/rust/vendor/quote/src/lib.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/quote/src/lib.rs 2023-01-31 06:31:40.000000000 +0000 @@ -81,7 +81,7 @@ //! ``` // Quote types in rustdoc of other crates get linked to here. -#![doc(html_root_url = "https://docs.rs/quote/1.0.21")] +#![doc(html_root_url = "https://docs.rs/quote/1.0.23")] #![allow( clippy::doc_markdown, clippy::missing_errors_doc, diff -Nru suricata-6.0.9/rust/vendor/quote/tests/test.rs suricata-6.0.10/rust/vendor/quote/tests/test.rs --- suricata-6.0.9/rust/vendor/quote/tests/test.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/quote/tests/test.rs 2023-01-31 06:31:40.000000000 +0000 @@ -1,6 +1,5 @@ #![allow( - clippy::blacklisted_name, - clippy::let_underscore_drop, + clippy::disallowed_names, clippy::shadow_unrelated, clippy::unseparated_literal_suffix, clippy::used_underscore_binding diff -Nru suricata-6.0.9/rust/vendor/quote/tests/ui/not-quotable.rs suricata-6.0.10/rust/vendor/quote/tests/ui/not-quotable.rs --- suricata-6.0.9/rust/vendor/quote/tests/ui/not-quotable.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/quote/tests/ui/not-quotable.rs 2023-01-31 06:31:40.000000000 +0000 @@ -3,5 +3,5 @@ fn main() { let ip = Ipv4Addr::LOCALHOST; - let _ = quote! { #ip }; + _ = quote! { #ip }; } diff -Nru suricata-6.0.9/rust/vendor/quote/tests/ui/not-quotable.stderr suricata-6.0.10/rust/vendor/quote/tests/ui/not-quotable.stderr --- suricata-6.0.9/rust/vendor/quote/tests/ui/not-quotable.stderr 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/quote/tests/ui/not-quotable.stderr 2023-01-31 06:31:40.000000000 +0000 @@ -1,8 +1,11 @@ error[E0277]: the trait bound `Ipv4Addr: ToTokens` is not satisfied - --> tests/ui/not-quotable.rs:6:13 + --> tests/ui/not-quotable.rs:6:9 | -6 | let _ = quote! { #ip }; - | ^^^^^^^^^^^^^^ the trait `ToTokens` is not implemented for `Ipv4Addr` +6 | _ = quote! { #ip }; + | ^^^^^^^^^^^^^^ + | | + | the trait `ToTokens` is not implemented for `Ipv4Addr` + | required by a bound introduced by this call | = help: the following other types implement trait `ToTokens`: &'a T diff -Nru suricata-6.0.9/rust/vendor/quote/tests/ui/not-repeatable.rs suricata-6.0.10/rust/vendor/quote/tests/ui/not-repeatable.rs --- suricata-6.0.9/rust/vendor/quote/tests/ui/not-repeatable.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/quote/tests/ui/not-repeatable.rs 2023-01-31 06:31:40.000000000 +0000 @@ -4,5 +4,5 @@ fn main() { let ip = Ipv4Addr; - let _ = quote! { #(#ip)* }; + _ = quote! { #(#ip)* }; } diff -Nru suricata-6.0.9/rust/vendor/quote/tests/ui/not-repeatable.stderr suricata-6.0.10/rust/vendor/quote/tests/ui/not-repeatable.stderr --- suricata-6.0.9/rust/vendor/quote/tests/ui/not-repeatable.stderr 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/quote/tests/ui/not-repeatable.stderr 2023-01-31 06:31:40.000000000 +0000 @@ -1,35 +1,35 @@ error[E0599]: the method `quote_into_iter` exists for struct `Ipv4Addr`, but its trait bounds were not satisfied - --> tests/ui/not-repeatable.rs:7:13 - | -3 | struct Ipv4Addr; - | --------------- - | | - | method `quote_into_iter` not found for this struct - | doesn't satisfy `Ipv4Addr: Iterator` - | doesn't satisfy `Ipv4Addr: ToTokens` - | doesn't satisfy `Ipv4Addr: ext::RepIteratorExt` - | doesn't satisfy `Ipv4Addr: ext::RepToTokensExt` + --> tests/ui/not-repeatable.rs:7:9 + | +3 | struct Ipv4Addr; + | --------------- + | | + | method `quote_into_iter` not found for this struct + | doesn't satisfy `Ipv4Addr: Iterator` + | doesn't satisfy `Ipv4Addr: ToTokens` + | doesn't satisfy `Ipv4Addr: ext::RepIteratorExt` + | doesn't satisfy `Ipv4Addr: ext::RepToTokensExt` ... -7 | let _ = quote! { #(#ip)* }; - | ^^^^^^^^^^^^^^^^^^ method cannot be called on `Ipv4Addr` due to unsatisfied trait bounds - | - = note: the following trait bounds were not satisfied: - `Ipv4Addr: Iterator` - which is required by `Ipv4Addr: ext::RepIteratorExt` - `&Ipv4Addr: Iterator` - which is required by `&Ipv4Addr: ext::RepIteratorExt` - `Ipv4Addr: ToTokens` - which is required by `Ipv4Addr: ext::RepToTokensExt` - `&mut Ipv4Addr: Iterator` - which is required by `&mut Ipv4Addr: ext::RepIteratorExt` -note: the following traits must be implemented - --> $RUST/core/src/iter/traits/iterator.rs - | - | pub trait Iterator { - | ^^^^^^^^^^^^^^^^^^ - | - ::: src/to_tokens.rs - | - | pub trait ToTokens { - | ^^^^^^^^^^^^^^^^^^ - = note: this error originates in the macro `$crate::quote_bind_into_iter` which comes from the expansion of the macro `quote` (in Nightly builds, run with -Z macro-backtrace for more info) +7 | _ = quote! { #(#ip)* }; + | ^^^^^^^^^^^^^^^^^^ method cannot be called on `Ipv4Addr` due to unsatisfied trait bounds + | + = note: the following trait bounds were not satisfied: + `Ipv4Addr: Iterator` + which is required by `Ipv4Addr: ext::RepIteratorExt` + `&Ipv4Addr: Iterator` + which is required by `&Ipv4Addr: ext::RepIteratorExt` + `Ipv4Addr: ToTokens` + which is required by `Ipv4Addr: ext::RepToTokensExt` + `&mut Ipv4Addr: Iterator` + which is required by `&mut Ipv4Addr: ext::RepIteratorExt` +note: the traits `ToTokens` and `Iterator` must be implemented + --> src/to_tokens.rs + | + | pub trait ToTokens { + | ^^^^^^^^^^^^^^^^^^ + | + ::: $RUST/core/src/iter/traits/iterator.rs + | + | pub trait Iterator { + | ^^^^^^^^^^^^^^^^^^ + = note: this error originates in the macro `$crate::quote_bind_into_iter` which comes from the expansion of the macro `quote` (in Nightly builds, run with -Z macro-backtrace for more info) diff -Nru suricata-6.0.9/rust/vendor/ryu/.cargo-checksum.json suricata-6.0.10/rust/vendor/ryu/.cargo-checksum.json --- suricata-6.0.9/rust/vendor/ryu/.cargo-checksum.json 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/ryu/.cargo-checksum.json 2023-01-31 06:31:40.000000000 +0000 @@ -1 +1 @@ -{"files":{"Cargo.lock":"2717f9b8d4230094a8c92ce37bb7bf56f5f869da3904b5b8f177b0c44f32389f","Cargo.toml":"a022feb14dc0f3979da30277ecce957cfefe78e6638d27882bf4cd1f8106e15f","LICENSE-APACHE":"c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4","LICENSE-BOOST":"c9bff75738922193e67fa726fa225535870d2aa1059f91452c411736284ad566","README.md":"6f91d4158af93dccaf61aab14ba9db78cce0413a70c8d7e63bf2823c0262be28","benches/bench.rs":"703521c8cb9c6959ee305776a9971d24754b6fff5c1737741be04f956a3692e8","examples/upstream_benchmark.rs":"f702d3598a8fac59134a8058ebf74ba90163b1f23ebbd6c5978a7bd8a888d357","src/buffer/mod.rs":"c5adf9aa037271916e78c61c9fd98e3230a0fed1fca15694d4d57166fa697125","src/common.rs":"cae347e97fc30c50a964f80425e8c3e69ece2b8ab81f9b81b9baa7fcec64a001","src/d2s.rs":"83f821f17fd8d2cf72bcc47cc8c603ab24f2377db6cd0f08638031716f8dc17c","src/d2s_full_table.rs":"9b0186acbc6d65dc55c17e16125be707a2bfb920d22b35d33234b4cc38566a36","src/d2s_intrinsics.rs":"658d00a64ce2aca7f0780a1acc5939167e4a66d836b51c46de1047820992fec1","src/d2s_small_table.rs":"7b25cfbf0793d0662d83f5d92a9f880295652db9979b5acf702b313359996508","src/digit_table.rs":"02351ca54cb8cb3679f635115dd094f32fd91750e9f66103c1ee9ec3db507072","src/f2s.rs":"55320c2301680d8be3a908620cccd9d103b0cd3ad7a7d3378589e274ffc2587b","src/f2s_intrinsics.rs":"97bab98093838e30c60f5135f54f5ccb039ff7d9f35553ac8e74437743ca47e2","src/lib.rs":"b4d5d3d390511b01f81df6321aad564d457cf390e6e2276ad3974564a54527ec","src/parse.rs":"7f8aa7e007caf5dcb03abdc4238157724bb742d0823a3b8a01646fa1f1129154","src/pretty/exponent.rs":"6c9aa1c707c567ae338647056e37557a94e5120781ee9f6f64e9c7071ffb50d0","src/pretty/mantissa.rs":"a3eb97fd8928bfabef4523501f204fc7254e948318d727eff8327b9b06e76242","src/pretty/mod.rs":"169c57b14075295b07fa408963c300cefa94fd0b17e098d524ef46535bd84019","src/s2d.rs":"2f572603eedaa9efbe864105999a1ceac8aa4ff4e1d2fbd96127692460194d16","src/s2f.rs":"411b1e5acdeb3d7a29f4fddfdf9ce77e6395475d1c053a05e31482d49e6bf1ee","tests/common_test.rs":"275184cf366f80c11e5f33c2d53065a073e20d81bf71ca70478c89e47fb8da36","tests/d2s_table_test.rs":"54b3a7d40aa9bec03e9dc555d15fb4512ee16a16398b3098a97819fab50c81f3","tests/d2s_test.rs":"39014777edd6e3231095186174c4ef341fd9c12ecc5510765761713b6cac3bb4","tests/exhaustive.rs":"f475ed9008a2cd86ce95abb577a4b01e9fed23fc16f7e217ccffb3b834005fa0","tests/f2s_test.rs":"10940f005e73a42bb106ff498e7a6cc4665d04d82829fef8dc7d0eb36f574e6f","tests/macros/mod.rs":"8e90a674b3960f9516cb38f4eea0e0981ff902c3b33572ebdb6c5528d3ffa72c","tests/s2d_test.rs":"75c3a1044881718db65e05f25c9f6e1d005392dddb2e8dafb799668bb6a9a5c3","tests/s2f_test.rs":"1ec06646cb65229bfe866ec913901a0d8d736668f30b812fc4b00136a43f5142"},"package":"4501abdff3ae82a1c1b477a17252eb69cee9e66eb915c1abaa4f44d873df9f09"} \ No newline at end of file +{"files":{"Cargo.lock":"aa8c35b390605eedd4a9c43615ca68a001cfdc5055ac2f09bec221a8f38c67ab","Cargo.toml":"490b9d1a775582ca920bdf5a9b2aa278425e72d240b0464c076b6374ad117137","LICENSE-APACHE":"c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4","LICENSE-BOOST":"c9bff75738922193e67fa726fa225535870d2aa1059f91452c411736284ad566","README.md":"df6a7a024b604ad98dd7603ad261150ef73a94a9de691bd5d2510e12a200021a","benches/bench.rs":"703521c8cb9c6959ee305776a9971d24754b6fff5c1737741be04f956a3692e8","examples/upstream_benchmark.rs":"f702d3598a8fac59134a8058ebf74ba90163b1f23ebbd6c5978a7bd8a888d357","src/buffer/mod.rs":"c5adf9aa037271916e78c61c9fd98e3230a0fed1fca15694d4d57166fa697125","src/common.rs":"cae347e97fc30c50a964f80425e8c3e69ece2b8ab81f9b81b9baa7fcec64a001","src/d2s.rs":"83f821f17fd8d2cf72bcc47cc8c603ab24f2377db6cd0f08638031716f8dc17c","src/d2s_full_table.rs":"9b0186acbc6d65dc55c17e16125be707a2bfb920d22b35d33234b4cc38566a36","src/d2s_intrinsics.rs":"658d00a64ce2aca7f0780a1acc5939167e4a66d836b51c46de1047820992fec1","src/d2s_small_table.rs":"7b25cfbf0793d0662d83f5d92a9f880295652db9979b5acf702b313359996508","src/digit_table.rs":"02351ca54cb8cb3679f635115dd094f32fd91750e9f66103c1ee9ec3db507072","src/f2s.rs":"55320c2301680d8be3a908620cccd9d103b0cd3ad7a7d3378589e274ffc2587b","src/f2s_intrinsics.rs":"97bab98093838e30c60f5135f54f5ccb039ff7d9f35553ac8e74437743ca47e2","src/lib.rs":"fb2239e04c0524db49077adbd6128b622f42239c9b9362289861487c6a530f9a","src/parse.rs":"7f8aa7e007caf5dcb03abdc4238157724bb742d0823a3b8a01646fa1f1129154","src/pretty/exponent.rs":"6c9aa1c707c567ae338647056e37557a94e5120781ee9f6f64e9c7071ffb50d0","src/pretty/mantissa.rs":"5e8d0a6bfdfd04e599a9fc8aefd638e3288651279e870e7cd44820717c3b6438","src/pretty/mod.rs":"731798246d414ca54df739c212f1cb8e05991a0472a7a1c28771e24d7a1cf09b","src/s2d.rs":"2f572603eedaa9efbe864105999a1ceac8aa4ff4e1d2fbd96127692460194d16","src/s2f.rs":"6ae7430fba61f59aa6010d446f5c1043974b6fadb8e4c75ce2ad56f73ee48f4a","tests/common_test.rs":"275184cf366f80c11e5f33c2d53065a073e20d81bf71ca70478c89e47fb8da36","tests/d2s_table_test.rs":"54b3a7d40aa9bec03e9dc555d15fb4512ee16a16398b3098a97819fab50c81f3","tests/d2s_test.rs":"39014777edd6e3231095186174c4ef341fd9c12ecc5510765761713b6cac3bb4","tests/exhaustive.rs":"f475ed9008a2cd86ce95abb577a4b01e9fed23fc16f7e217ccffb3b834005fa0","tests/f2s_test.rs":"10940f005e73a42bb106ff498e7a6cc4665d04d82829fef8dc7d0eb36f574e6f","tests/macros/mod.rs":"8e90a674b3960f9516cb38f4eea0e0981ff902c3b33572ebdb6c5528d3ffa72c","tests/s2d_test.rs":"75c3a1044881718db65e05f25c9f6e1d005392dddb2e8dafb799668bb6a9a5c3","tests/s2f_test.rs":"1ec06646cb65229bfe866ec913901a0d8d736668f30b812fc4b00136a43f5142"},"package":"7b4b9743ed687d4b4bcedf9ff5eaa7398495ae14e61cba0a295704edbc7decde"} \ No newline at end of file diff -Nru suricata-6.0.9/rust/vendor/ryu/Cargo.lock suricata-6.0.10/rust/vendor/ryu/Cargo.lock --- suricata-6.0.9/rust/vendor/ryu/Cargo.lock 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/ryu/Cargo.lock 2023-01-31 06:31:40.000000000 +0000 @@ -30,15 +30,15 @@ [[package]] name = "libc" -version = "0.2.126" +version = "0.2.134" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "349d5a591cd28b49e1d1037471617a32ddcda5731b99419008085f72d5a53836" +checksum = "329c933548736bc49fd575ee68c89e8be4d260064184389a5b77517cddd99ffb" [[package]] name = "no-panic" -version = "0.1.15" +version = "0.1.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b884e0f4a7a80970539a7757902675ce503d98615f5b564564b4bd0236f7f36" +checksum = "12f10d4b6dcf2138f0fc171f4cc8f49517cc71ac57e29aa061c61aa57ec2dffc" dependencies = [ "proc-macro2", "quote", @@ -63,18 +63,18 @@ [[package]] name = "proc-macro2" -version = "1.0.42" +version = "1.0.46" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c278e965f1d8cf32d6e0e96de3d3e79712178ae67986d9cf9151f51e95aac89b" +checksum = "94e2ef8dbfc347b10c094890f778ee2e36ca9bb4262e86dc99cd217e35f3470b" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.20" +version = "1.0.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3bcdf212e9776fbcb2d23ab029360416bb1706b1aea2d1a5ba002727cbcab804" +checksum = "bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179" dependencies = [ "proc-macro2", ] @@ -102,9 +102,9 @@ [[package]] name = "rand_core" -version = "0.6.3" +version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" +checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" dependencies = [ "getrandom", ] @@ -120,7 +120,7 @@ [[package]] name = "ryu" -version = "1.0.11" +version = "1.0.12" dependencies = [ "no-panic", "num_cpus", @@ -130,9 +130,9 @@ [[package]] name = "syn" -version = "1.0.98" +version = "1.0.102" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c50aef8a904de4c23c788f104b7dddc7d6f79c647c7c8ce4cc8f73eb0ca773dd" +checksum = "3fcd952facd492f9be3ef0d0b7032a6e442ee9b361d4acc2b1d0c4aaa5f613a1" dependencies = [ "proc-macro2", "quote", @@ -141,9 +141,9 @@ [[package]] name = "unicode-ident" -version = "1.0.2" +version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "15c61ba63f9235225a22310255a29b806b907c9b8c964bcbd0a2c70f3f2deea7" +checksum = "dcc811dc4066ac62f84f11307873c4850cb653bfa9b1719cee2bd2204a4bc5dd" [[package]] name = "wasi" diff -Nru suricata-6.0.9/rust/vendor/ryu/Cargo.toml suricata-6.0.10/rust/vendor/ryu/Cargo.toml --- suricata-6.0.9/rust/vendor/ryu/Cargo.toml 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/ryu/Cargo.toml 2023-01-31 06:31:40.000000000 +0000 @@ -13,7 +13,7 @@ edition = "2018" rust-version = "1.36" name = "ryu" -version = "1.0.11" +version = "1.0.12" authors = ["David Tolnay "] exclude = [ "performance.png", diff -Nru suricata-6.0.9/rust/vendor/ryu/README.md suricata-6.0.10/rust/vendor/ryu/README.md --- suricata-6.0.9/rust/vendor/ryu/README.md 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/ryu/README.md 2023-01-31 06:31:40.000000000 +0000 @@ -3,7 +3,7 @@ [github](https://github.com/dtolnay/ryu) [crates.io](https://crates.io/crates/ryu) [docs.rs](https://docs.rs/ryu) -[build status](https://github.com/dtolnay/ryu/actions?query=branch%3Amaster) +[build status](https://github.com/dtolnay/ryu/actions?query=branch%3Amaster) Pure Rust implementation of RyÅ«, an algorithm to quickly convert floating point numbers to decimal strings. diff -Nru suricata-6.0.9/rust/vendor/ryu/src/lib.rs suricata-6.0.10/rust/vendor/ryu/src/lib.rs --- suricata-6.0.9/rust/vendor/ryu/src/lib.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/ryu/src/lib.rs 2023-01-31 06:31:40.000000000 +0000 @@ -81,7 +81,7 @@ //! notation. #![no_std] -#![doc(html_root_url = "https://docs.rs/ryu/1.0.11")] +#![doc(html_root_url = "https://docs.rs/ryu/1.0.12")] #![allow( clippy::cast_lossless, clippy::cast_possible_truncation, diff -Nru suricata-6.0.9/rust/vendor/ryu/src/pretty/mantissa.rs suricata-6.0.10/rust/vendor/ryu/src/pretty/mantissa.rs --- suricata-6.0.9/rust/vendor/ryu/src/pretty/mantissa.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/ryu/src/pretty/mantissa.rs 2023-01-31 06:31:40.000000000 +0000 @@ -43,7 +43,7 @@ #[cfg_attr(feature = "no-panic", inline)] pub unsafe fn write_mantissa(mut output: u32, mut result: *mut u8) { while output >= 10_000 { - let c = (output - 10_000 * (output / 10_000)) as u32; + let c = output - 10_000 * (output / 10_000); output /= 10_000; let c0 = (c % 100) << 1; let c1 = (c / 100) << 1; @@ -60,7 +60,7 @@ result = result.offset(-4); } if output >= 100 { - let c = ((output % 100) << 1) as u32; + let c = (output % 100) << 1; output /= 100; ptr::copy_nonoverlapping( DIGIT_TABLE.as_ptr().offset(c as isize), @@ -70,7 +70,7 @@ result = result.offset(-2); } if output >= 10 { - let c = (output << 1) as u32; + let c = output << 1; ptr::copy_nonoverlapping( DIGIT_TABLE.as_ptr().offset(c as isize), result.offset(-2), diff -Nru suricata-6.0.9/rust/vendor/ryu/src/pretty/mod.rs suricata-6.0.10/rust/vendor/ryu/src/pretty/mod.rs --- suricata-6.0.9/rust/vendor/ryu/src/pretty/mod.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/ryu/src/pretty/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -160,8 +160,7 @@ let bits = f.to_bits(); let sign = ((bits >> (FLOAT_MANTISSA_BITS + FLOAT_EXPONENT_BITS)) & 1) != 0; let ieee_mantissa = bits & ((1u32 << FLOAT_MANTISSA_BITS) - 1); - let ieee_exponent = - ((bits >> FLOAT_MANTISSA_BITS) & ((1u32 << FLOAT_EXPONENT_BITS) - 1)) as u32; + let ieee_exponent = (bits >> FLOAT_MANTISSA_BITS) & ((1u32 << FLOAT_EXPONENT_BITS) - 1); let mut index = 0isize; if sign { diff -Nru suricata-6.0.9/rust/vendor/ryu/src/s2f.rs suricata-6.0.10/rust/vendor/ryu/src/s2f.rs --- suricata-6.0.9/rust/vendor/ryu/src/s2f.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/ryu/src/s2f.rs 2023-01-31 06:31:40.000000000 +0000 @@ -220,7 +220,7 @@ // for overflow here. ieee_e2 += 1; } - let ieee = ((((signed_m as u32) << f2s::FLOAT_EXPONENT_BITS) | ieee_e2 as u32) + let ieee = ((((signed_m as u32) << f2s::FLOAT_EXPONENT_BITS) | ieee_e2) << f2s::FLOAT_MANTISSA_BITS) | ieee_m2; Ok(f32::from_bits(ieee)) diff -Nru suricata-6.0.9/rust/vendor/syn/.cargo-checksum.json suricata-6.0.10/rust/vendor/syn/.cargo-checksum.json --- suricata-6.0.9/rust/vendor/syn/.cargo-checksum.json 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/syn/.cargo-checksum.json 2023-01-31 06:31:40.000000000 +0000 @@ -1 +1 @@ -{"files":{"Cargo.toml":"f320d1cf3c5f5a7e6728f5db101759958366f0750235693344e43d8c83556ae5","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"23f18e03dc49df91622fe2a76176497404e46ced8a715d9d2b67a7446571cca3","README.md":"b1546652aefba564455c1ebbf0f276450d4fdb19755e08bfa03c13c8bab241fc","benches/file.rs":"3d737ef3878f6e242b003af9bd539e565f98439a12ee44d9548d84e3fdd7af0c","benches/rust.rs":"11ac9fe898a7bf1bd63e8a8cc9c08bd795b01f0248215cff99afaaf28ce87fab","build.rs":"b815649fd2929d3debd93a58f5da2fb8eba506047a6a5ba538347305828a87b0","src/attr.rs":"234d9cebe2c5e92cd0f5e1117bf5755037e2e905788a337000a65d4bd82b63aa","src/await.rs":"8aa22e3c201cb2bdb6b4817fa00901f308ab06817607aa7b884c58c957705969","src/bigint.rs":"efc7f64959980653d73fe4f8bc2a3a2904dc05f45b02c6dc15cd316fa3d7c338","src/buffer.rs":"4d15f35273d485261be4f1a765ae03abc1daee9fc9dac5fb4f9b624d6b22cb58","src/custom_keyword.rs":"5c706fc3611e73d16b8c019d7ecb848a86b1ccfcd9e556f80bb6e6a4abe058a8","src/custom_punctuation.rs":"8a666298e774b0d326642f0f73284f6677d0d0a7c9e4a712c9c98d010b4d8a2c","src/data.rs":"75d2c2b5d6a01bf8a6fa2845e41663d8045a78b4b191f1a1bd7c93619d20017a","src/derive.rs":"ee24a202be2d36ccdff576dd9cd765e94b33ef2286946e6725d75b08e777d462","src/discouraged.rs":"6c6a9298f8d24f578da119557bc588f3bd928f7b79fca27d6bdfe3e786dd005f","src/error.rs":"b30e738fdab7d10e126350e09f7ad907bf4dc14e684b9ed9eeea001c7ee356e0","src/export.rs":"0cf50d70c32d5fddba8b1193032df62e560237c113df3e86ba26b565cc82838e","src/expr.rs":"5eea3828f3291b0ce5463ed5f0c23fc8a39aeceae68a3247ae02ae467dd35a98","src/ext.rs":"1f648cff1d705a1cea64b32b77482b97a82d2fe0aaf63b40cade91e5c02dc969","src/file.rs":"f86697655222ae294215114f4eae8e6b0b5e2a935d6c479ff8f8f889c4efd2e2","src/gen/clone.rs":"76e89fe155fedf43bc4a252af7e35319b82ce455f584bad8698fdc3f9b7f5d4e","src/gen/debug.rs":"4b05e474e864ce6bf1a5a6ab48ee6c0ecdf41a0d750237990cf2e31963bc1208","src/gen/eq.rs":"79f84836fdcd5cfa352f38055dab7c3246c7757650946c1c701234b11021652a","src/gen/fold.rs":"fcd6a05c8c8e0c36e7ede8593002528b553c8b648fbed452106fd6a8a8c9212a","src/gen/hash.rs":"575e8beae303c1eabda12bf76cbd82672268c502a8ebb8517aab18b40fdbc44e","src/gen/visit.rs":"ced9f6c17d2b3eb3553faab710cb2b3d44d6bca7d1862c8c5da09c3d45debecb","src/gen/visit_mut.rs":"966ea340c53461bf8a1c6bed3c882e4ab8b8907fd18ac35531266f7891ae5f46","src/gen_helper.rs":"ea6c66388365971db6a2fc86cbb208f7eacde77e245bc8623f27a3642a3d7741","src/generics.rs":"46ed41bf116448822ddfefcb62e803fd33264ca8ba672efc0612674d85b6dd11","src/group.rs":"166f0fbb365471ffa3e4f554b72c2b460cbf7e3a1f9bec6c01ef6bbbcd751041","src/ident.rs":"2443e43561abea7eea577b141422258237a663499c839923d8a5ca6fea2470db","src/item.rs":"419c4d6135a7ca7b8f94b5ba038b6af8fcb3939ae807153a19e3c82e9b01e0b7","src/lib.rs":"83cbfec87ee80a8c79105df16468a8da3e681576d8fd629bd6ada0deb138f4cd","src/lifetime.rs":"b18862ef1e690037a4f308ea897debad7bc5038584e3b26c6d8809752ea0e3c2","src/lit.rs":"fc06ddd523f7f9971d8abdb4c8d5d51030ffb3d6810615d5575ae210a7800695","src/lookahead.rs":"e2c2b6d55906421e83dab51463b58bc6dcb582f1bff9303c8b62afefb8d71e5f","src/mac.rs":"004cb89f9697564f6c9ee837e08ead68463ef946fb4c13c6c105adf2ba364b2b","src/macros.rs":"936f503c2fcde602f05220954ecaf87625c6138d0af13d33d56c7b6530110084","src/op.rs":"9d499022902743a6a0a19223b356449a979b90e60552d0446497d72750e646a4","src/parse.rs":"7b2f8caddf25a5734cbcdf7cbf043cbf9afbc07b484966cd59ddfcec9f970fb3","src/parse_macro_input.rs":"a5d16859b782bb6a2754c1066468a2f1ea05b57390caa32175bb84064973be7b","src/parse_quote.rs":"d7d996f1382c68b5fbfd4b7327ce1d389cd43c3bb3c4f382a35994d0bb79d8ab","src/pat.rs":"b2de04ae6c01df50eab9d1c3908287aca8424adc2007b926c7bcf74d1f64d40a","src/path.rs":"58a4fb3b1ff76d32cfd84a3914f8cadbf55b363c1929222b362b7465385520ac","src/print.rs":"da6529c1d9d21aaf6c835f66b4e67eacb7cf91a10eb5e9a2143b49bf99b3b5e1","src/punctuated.rs":"f687c23bd3ae512e7412c28ac68030d3bc7a384d1ca8b3da6620e364b0cbbb78","src/reserved.rs":"e70e028bd55cfa43e23cab4ba29e4dc53a3d91eff685ef2b6e57efc2b87a3428","src/sealed.rs":"896a495a5340eec898527f18bd4ddca408ea03ea0ee3af30074ff48deace778d","src/span.rs":"748c51c6feb223c26d3b1701f5bb98aee823666c775c98106cfa24fe29d8cec1","src/spanned.rs":"3ca016a943637653ab98e373dfb826a120f3c159867346fa38a844439944eb39","src/stmt.rs":"601a6914f1e0bf97ae0d31d474a531d195b8c251a4ded11aa8746ac0018d367b","src/thread.rs":"815eca6bd64f4eef7c447f0809e84108f5428ff50225224b373efd8fbb696874","src/token.rs":"5e423a696f80e281c322f37c87577f9fdc28607e9c007e24896a2b12da62d5ad","src/tt.rs":"32402645b6e82ef1e882945721b59b5fb7b0ee337d1972876362ecacef643d0f","src/ty.rs":"7e678749af18fc84ae9220435e467e520de05eea66adeeed3b5d634cd744561c","src/verbatim.rs":"96d4280e4556a1841b8dcb306bc35a94d18f71dceb63f3c27a4fe7f776191760","src/whitespace.rs":"e63dd0aa3d34029f17766a8b09c1a6e4479e36c552c8b7023d710a399333aace","tests/common/eq.rs":"bd190cb18450c83fc60be083a347ddbb9fc72b4c0a6b24588bf0d2e7acafbb76","tests/common/mod.rs":"432ad35577f836a20b517d8c26ed994ac25fe73ef2f461c67688b61b99762015","tests/common/parse.rs":"81580f23583723f7a2a337c4d13ebc021057cd825562fb4e474caa7cc641fed9","tests/debug/gen.rs":"1b7f875344cb04a7dd3df62deac2f410a9d107c097986e68006d87465f5f5306","tests/debug/mod.rs":"3a6bb799f478101f71c84c6f1a854a58afe2f9db43c39017909346ca20262d94","tests/macros/mod.rs":"aff805b35cfd55aef6a1359ff747e4023afcb08d69d86aff4c19465d29dda088","tests/regression.rs":"86731134bfb9bb693d9a4fc62393027de80a8bf031109ea6c7ea475b1ebdde8d","tests/regression/issue1108.rs":"adcc55a42239d344da74216ed85fc14153ddd6ca4dec4872d8339604ba78c185","tests/regression/issue1235.rs":"a2266b10c3f7c7af5734817ab0a3e8b309b51e7d177b63f26e67e6b744d280b0","tests/repo/mod.rs":"159c2c4b6416d26ac42ffc35f6cb587c4c1e2b0f24de9aa42b0337a534d7d86d","tests/repo/progress.rs":"c08d0314a7f3ecf760d471f27da3cd2a500aeb9f1c8331bffb2aa648f9fabf3f","tests/test_asyncness.rs":"cff01db49d28ab23b0b258bc6c0a5cc4071be4fe7248eef344a5d79d2fb649b7","tests/test_attribute.rs":"0ffd99384e1a52ae17d9fed5c4053e411e8f9018decef07ffa621d1faa7329d8","tests/test_derive_input.rs":"62bb86aaaaf730187a46ff700a8e3b2d1a163039b109b6a483aa44ed2b6806fe","tests/test_expr.rs":"a639728866a063b590430965a4840c01755e398b89be12d8d09b0aa97837ecac","tests/test_generics.rs":"54b7d2afc19aa6e9049585f4c8f7d3f0c29ac3bd11a2c769e9df76f18a4f5ecb","tests/test_grouping.rs":"6276c3c73bba649dec5c97904ad2492879f918bc887a2c425d095c654ca0d925","tests/test_ident.rs":"9eb53d1e21edf23e7c9e14dc74dcc2b2538e9221e19dbcc0a44e3acc2e90f3f6","tests/test_item.rs":"a3642c80066f1e7787becfd0278af90a6b7968d6c1249e25e81663aa454cfb2a","tests/test_iterators.rs":"53ed6078d37550bd6765d2411e3660be401aef8a31a407350cc064a7d08c7c33","tests/test_lit.rs":"19740ea9cd4a980bcab9b0dcaa4b032bb6ebb137fa5e4237140b97da1d9679fa","tests/test_meta.rs":"65d4586d131f6cac66694ca5e936748ec4e7f7423af6d8da509240e6be14800b","tests/test_parse_buffer.rs":"68d857f776396d064fcc0023c37093c2fbf75ee68e8241d4014d00d1423c18e9","tests/test_parse_stream.rs":"bf1db6fab7ac396fa61012faccbe6ffbc9c3d795ed2900be75e91c5b09b0c62f","tests/test_pat.rs":"d4465f4fc3fd5d6e534ba8efabe1e0ed6da89de4ac7c96effa6bfb880c4287cf","tests/test_path.rs":"71092a5ae2c9143b92a8fe15a92d39958b3c28bd4d4275cfb2d22cbdd53ada07","tests/test_precedence.rs":"736eee861c4c7a3d7d4387d2fb1b5eced1541790d34974f72b0a5532797e73c3","tests/test_receiver.rs":"084eca59984b9a18651da52f2c4407355da3de1335916a12477652999e2d01cc","tests/test_round_trip.rs":"c3c415413d5177a728c7cbbfb7ef44aebbc6a2c821dd56695156e9e33636fd57","tests/test_shebang.rs":"f5772cadad5b56e3112cb16308b779f92bce1c3a48091fc9933deb2276a69331","tests/test_should_parse.rs":"1d3535698a446e2755bfc360676bdb161841a1f454cdef6e7556c6d06a95c89d","tests/test_size.rs":"6720d55569808244ab011364c39931f06aa509cd05f98ab908b0670e8501b3c8","tests/test_stmt.rs":"0601fc32131b5501dfcdc4b4248d46bf21e0a98a49eb19439e1a46869dfb30b7","tests/test_token_trees.rs":"43e56a701817e3c3bfd0cae54a457dd7a38ccb3ca19da41e2b995fdf20e6ed18","tests/test_ty.rs":"f71d7f7f1c038aaabea8dd4c03c0d5752c76d570f8b4885a81659825bbb4d576","tests/test_visibility.rs":"7456fcb3a6634db509748aededff9c2d8b242d511a3e5ee3022e40b232892704","tests/zzz_stable.rs":"2a862e59cb446235ed99aec0e6ada8e16d3ecc30229b29d825b7c0bbc2602989"},"package":"4ae548ec36cf198c0ef7710d3c230987c2d6d7bd98ad6edc0274462724c585ce"} \ No newline at end of file +{"files":{"Cargo.toml":"1ff565970239963d56cbfdd20476fd265fcf2d050fc5ed92a298686321985230","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"23f18e03dc49df91622fe2a76176497404e46ced8a715d9d2b67a7446571cca3","README.md":"ea9f2b6340b302b5608d2bedcda7e2d707f3eaebf4cc983c02d55071ead7096f","benches/file.rs":"3d737ef3878f6e242b003af9bd539e565f98439a12ee44d9548d84e3fdd7af0c","benches/rust.rs":"11ac9fe898a7bf1bd63e8a8cc9c08bd795b01f0248215cff99afaaf28ce87fab","build.rs":"b815649fd2929d3debd93a58f5da2fb8eba506047a6a5ba538347305828a87b0","src/attr.rs":"234d9cebe2c5e92cd0f5e1117bf5755037e2e905788a337000a65d4bd82b63aa","src/await.rs":"8aa22e3c201cb2bdb6b4817fa00901f308ab06817607aa7b884c58c957705969","src/bigint.rs":"efc7f64959980653d73fe4f8bc2a3a2904dc05f45b02c6dc15cd316fa3d7c338","src/buffer.rs":"4d15f35273d485261be4f1a765ae03abc1daee9fc9dac5fb4f9b624d6b22cb58","src/custom_keyword.rs":"5c706fc3611e73d16b8c019d7ecb848a86b1ccfcd9e556f80bb6e6a4abe058a8","src/custom_punctuation.rs":"8a666298e774b0d326642f0f73284f6677d0d0a7c9e4a712c9c98d010b4d8a2c","src/data.rs":"75d2c2b5d6a01bf8a6fa2845e41663d8045a78b4b191f1a1bd7c93619d20017a","src/derive.rs":"ee24a202be2d36ccdff576dd9cd765e94b33ef2286946e6725d75b08e777d462","src/discouraged.rs":"6c6a9298f8d24f578da119557bc588f3bd928f7b79fca27d6bdfe3e786dd005f","src/drops.rs":"013385f1dd95663f1afab41abc1e2eea04181998644828935ca564c74d6462ae","src/error.rs":"b30e738fdab7d10e126350e09f7ad907bf4dc14e684b9ed9eeea001c7ee356e0","src/export.rs":"0cf50d70c32d5fddba8b1193032df62e560237c113df3e86ba26b565cc82838e","src/expr.rs":"5eea3828f3291b0ce5463ed5f0c23fc8a39aeceae68a3247ae02ae467dd35a98","src/ext.rs":"1f648cff1d705a1cea64b32b77482b97a82d2fe0aaf63b40cade91e5c02dc969","src/file.rs":"f86697655222ae294215114f4eae8e6b0b5e2a935d6c479ff8f8f889c4efd2e2","src/gen/clone.rs":"76e89fe155fedf43bc4a252af7e35319b82ce455f584bad8698fdc3f9b7f5d4e","src/gen/debug.rs":"4b05e474e864ce6bf1a5a6ab48ee6c0ecdf41a0d750237990cf2e31963bc1208","src/gen/eq.rs":"79f84836fdcd5cfa352f38055dab7c3246c7757650946c1c701234b11021652a","src/gen/fold.rs":"fcd6a05c8c8e0c36e7ede8593002528b553c8b648fbed452106fd6a8a8c9212a","src/gen/hash.rs":"575e8beae303c1eabda12bf76cbd82672268c502a8ebb8517aab18b40fdbc44e","src/gen/visit.rs":"ced9f6c17d2b3eb3553faab710cb2b3d44d6bca7d1862c8c5da09c3d45debecb","src/gen/visit_mut.rs":"966ea340c53461bf8a1c6bed3c882e4ab8b8907fd18ac35531266f7891ae5f46","src/gen_helper.rs":"ea6c66388365971db6a2fc86cbb208f7eacde77e245bc8623f27a3642a3d7741","src/generics.rs":"b81ce0d3ea0f7accef4590d5181cecc4589395865abaea60b0470da727f17340","src/group.rs":"166f0fbb365471ffa3e4f554b72c2b460cbf7e3a1f9bec6c01ef6bbbcd751041","src/ident.rs":"2443e43561abea7eea577b141422258237a663499c839923d8a5ca6fea2470db","src/item.rs":"419c4d6135a7ca7b8f94b5ba038b6af8fcb3939ae807153a19e3c82e9b01e0b7","src/lib.rs":"8c152481907905472fc3e4aae63f82ed78d4d16cf8cc286675727668760c7f2e","src/lifetime.rs":"b18862ef1e690037a4f308ea897debad7bc5038584e3b26c6d8809752ea0e3c2","src/lit.rs":"fc06ddd523f7f9971d8abdb4c8d5d51030ffb3d6810615d5575ae210a7800695","src/lookahead.rs":"e2c2b6d55906421e83dab51463b58bc6dcb582f1bff9303c8b62afefb8d71e5f","src/mac.rs":"004cb89f9697564f6c9ee837e08ead68463ef946fb4c13c6c105adf2ba364b2b","src/macros.rs":"936f503c2fcde602f05220954ecaf87625c6138d0af13d33d56c7b6530110084","src/op.rs":"9d499022902743a6a0a19223b356449a979b90e60552d0446497d72750e646a4","src/parse.rs":"7b2f8caddf25a5734cbcdf7cbf043cbf9afbc07b484966cd59ddfcec9f970fb3","src/parse_macro_input.rs":"a5d16859b782bb6a2754c1066468a2f1ea05b57390caa32175bb84064973be7b","src/parse_quote.rs":"d7d996f1382c68b5fbfd4b7327ce1d389cd43c3bb3c4f382a35994d0bb79d8ab","src/pat.rs":"b2de04ae6c01df50eab9d1c3908287aca8424adc2007b926c7bcf74d1f64d40a","src/path.rs":"58a4fb3b1ff76d32cfd84a3914f8cadbf55b363c1929222b362b7465385520ac","src/print.rs":"da6529c1d9d21aaf6c835f66b4e67eacb7cf91a10eb5e9a2143b49bf99b3b5e1","src/punctuated.rs":"44c29523dee76605be2531674fe21ed2f1bbd02559aac8b7a49c70af23129ca1","src/reserved.rs":"e70e028bd55cfa43e23cab4ba29e4dc53a3d91eff685ef2b6e57efc2b87a3428","src/sealed.rs":"896a495a5340eec898527f18bd4ddca408ea03ea0ee3af30074ff48deace778d","src/span.rs":"748c51c6feb223c26d3b1701f5bb98aee823666c775c98106cfa24fe29d8cec1","src/spanned.rs":"3ca016a943637653ab98e373dfb826a120f3c159867346fa38a844439944eb39","src/stmt.rs":"601a6914f1e0bf97ae0d31d474a531d195b8c251a4ded11aa8746ac0018d367b","src/thread.rs":"815eca6bd64f4eef7c447f0809e84108f5428ff50225224b373efd8fbb696874","src/token.rs":"5e423a696f80e281c322f37c87577f9fdc28607e9c007e24896a2b12da62d5ad","src/tt.rs":"32402645b6e82ef1e882945721b59b5fb7b0ee337d1972876362ecacef643d0f","src/ty.rs":"9befd22f8c8ac731b7f68008552a1335797a3ef19184190eec0e103e4ebe18a7","src/verbatim.rs":"96d4280e4556a1841b8dcb306bc35a94d18f71dceb63f3c27a4fe7f776191760","src/whitespace.rs":"e63dd0aa3d34029f17766a8b09c1a6e4479e36c552c8b7023d710a399333aace","tests/common/eq.rs":"e930fb0bdcec3e787986b56785b1db580e5a26a5131df2f2b91a6da37069de15","tests/common/mod.rs":"432ad35577f836a20b517d8c26ed994ac25fe73ef2f461c67688b61b99762015","tests/common/parse.rs":"81580f23583723f7a2a337c4d13ebc021057cd825562fb4e474caa7cc641fed9","tests/debug/gen.rs":"1b7f875344cb04a7dd3df62deac2f410a9d107c097986e68006d87465f5f5306","tests/debug/mod.rs":"3a6bb799f478101f71c84c6f1a854a58afe2f9db43c39017909346ca20262d94","tests/macros/mod.rs":"aff805b35cfd55aef6a1359ff747e4023afcb08d69d86aff4c19465d29dda088","tests/regression.rs":"86731134bfb9bb693d9a4fc62393027de80a8bf031109ea6c7ea475b1ebdde8d","tests/regression/issue1108.rs":"adcc55a42239d344da74216ed85fc14153ddd6ca4dec4872d8339604ba78c185","tests/regression/issue1235.rs":"a2266b10c3f7c7af5734817ab0a3e8b309b51e7d177b63f26e67e6b744d280b0","tests/repo/mod.rs":"159c2c4b6416d26ac42ffc35f6cb587c4c1e2b0f24de9aa42b0337a534d7d86d","tests/repo/progress.rs":"c08d0314a7f3ecf760d471f27da3cd2a500aeb9f1c8331bffb2aa648f9fabf3f","tests/test_asyncness.rs":"cff01db49d28ab23b0b258bc6c0a5cc4071be4fe7248eef344a5d79d2fb649b7","tests/test_attribute.rs":"0ffd99384e1a52ae17d9fed5c4053e411e8f9018decef07ffa621d1faa7329d8","tests/test_derive_input.rs":"62bb86aaaaf730187a46ff700a8e3b2d1a163039b109b6a483aa44ed2b6806fe","tests/test_expr.rs":"41eb343829ad36cdea40cd06d45a90765e7fe6f1e47dd550daf1b6096c3a7b44","tests/test_generics.rs":"54b7d2afc19aa6e9049585f4c8f7d3f0c29ac3bd11a2c769e9df76f18a4f5ecb","tests/test_grouping.rs":"6276c3c73bba649dec5c97904ad2492879f918bc887a2c425d095c654ca0d925","tests/test_ident.rs":"9eb53d1e21edf23e7c9e14dc74dcc2b2538e9221e19dbcc0a44e3acc2e90f3f6","tests/test_item.rs":"a3642c80066f1e7787becfd0278af90a6b7968d6c1249e25e81663aa454cfb2a","tests/test_iterators.rs":"9cf6fde17853ce7d5617e1de9ef901c47ca35c0f1c2dd668c0d0604d7b48598c","tests/test_lit.rs":"19740ea9cd4a980bcab9b0dcaa4b032bb6ebb137fa5e4237140b97da1d9679fa","tests/test_meta.rs":"65d4586d131f6cac66694ca5e936748ec4e7f7423af6d8da509240e6be14800b","tests/test_parse_buffer.rs":"68d857f776396d064fcc0023c37093c2fbf75ee68e8241d4014d00d1423c18e9","tests/test_parse_stream.rs":"bf1db6fab7ac396fa61012faccbe6ffbc9c3d795ed2900be75e91c5b09b0c62f","tests/test_pat.rs":"d4465f4fc3fd5d6e534ba8efabe1e0ed6da89de4ac7c96effa6bfb880c4287cf","tests/test_path.rs":"71092a5ae2c9143b92a8fe15a92d39958b3c28bd4d4275cfb2d22cbdd53ada07","tests/test_precedence.rs":"736eee861c4c7a3d7d4387d2fb1b5eced1541790d34974f72b0a5532797e73c3","tests/test_receiver.rs":"084eca59984b9a18651da52f2c4407355da3de1335916a12477652999e2d01cc","tests/test_round_trip.rs":"c3c415413d5177a728c7cbbfb7ef44aebbc6a2c821dd56695156e9e33636fd57","tests/test_shebang.rs":"f5772cadad5b56e3112cb16308b779f92bce1c3a48091fc9933deb2276a69331","tests/test_should_parse.rs":"1d3535698a446e2755bfc360676bdb161841a1f454cdef6e7556c6d06a95c89d","tests/test_size.rs":"6720d55569808244ab011364c39931f06aa509cd05f98ab908b0670e8501b3c8","tests/test_stmt.rs":"0601fc32131b5501dfcdc4b4248d46bf21e0a98a49eb19439e1a46869dfb30b7","tests/test_token_trees.rs":"43e56a701817e3c3bfd0cae54a457dd7a38ccb3ca19da41e2b995fdf20e6ed18","tests/test_ty.rs":"f71d7f7f1c038aaabea8dd4c03c0d5752c76d570f8b4885a81659825bbb4d576","tests/test_visibility.rs":"7456fcb3a6634db509748aededff9c2d8b242d511a3e5ee3022e40b232892704","tests/zzz_stable.rs":"2a862e59cb446235ed99aec0e6ada8e16d3ecc30229b29d825b7c0bbc2602989"},"package":"1f4064b5b16e03ae50984a5a8ed5d4f8803e6bc1fd170a3cda91a1be4b18e3f5"} \ No newline at end of file diff -Nru suricata-6.0.9/rust/vendor/syn/Cargo.toml suricata-6.0.10/rust/vendor/syn/Cargo.toml --- suricata-6.0.9/rust/vendor/syn/Cargo.toml 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/syn/Cargo.toml 2023-01-31 06:31:40.000000000 +0000 @@ -13,7 +13,7 @@ edition = "2018" rust-version = "1.31" name = "syn" -version = "1.0.104" +version = "1.0.107" authors = ["David Tolnay "] include = [ "/benches/**", @@ -56,6 +56,9 @@ "extra-traits", ] +[lib] +doc-scrape-examples = false + [[bench]] name = "rust" harness = false diff -Nru suricata-6.0.9/rust/vendor/syn/README.md suricata-6.0.10/rust/vendor/syn/README.md --- suricata-6.0.9/rust/vendor/syn/README.md 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/syn/README.md 2023-01-31 06:31:40.000000000 +0000 @@ -4,7 +4,7 @@ [github](https://github.com/dtolnay/syn) [crates.io](https://crates.io/crates/syn) [docs.rs](https://docs.rs/syn) -[build status](https://github.com/dtolnay/syn/actions?query=branch%3Amaster) +[build status](https://github.com/dtolnay/syn/actions?query=branch%3Amaster) Syn is a parsing library for parsing a stream of Rust tokens into a syntax tree of Rust source code. diff -Nru suricata-6.0.9/rust/vendor/syn/src/drops.rs suricata-6.0.10/rust/vendor/syn/src/drops.rs --- suricata-6.0.9/rust/vendor/syn/src/drops.rs 1970-01-01 00:00:00.000000000 +0000 +++ suricata-6.0.10/rust/vendor/syn/src/drops.rs 2023-01-31 06:31:40.000000000 +0000 @@ -0,0 +1,58 @@ +use std::iter; +use std::mem::ManuallyDrop; +use std::ops::{Deref, DerefMut}; +use std::option; +use std::slice; + +#[repr(transparent)] +pub(crate) struct NoDrop(ManuallyDrop); + +impl NoDrop { + pub(crate) fn new(value: T) -> Self + where + T: TrivialDrop, + { + NoDrop(ManuallyDrop::new(value)) + } +} + +impl Deref for NoDrop { + type Target = T; + fn deref(&self) -> &Self::Target { + &self.0 + } +} + +impl DerefMut for NoDrop { + fn deref_mut(&mut self) -> &mut Self::Target { + &mut self.0 + } +} + +pub(crate) trait TrivialDrop {} + +impl TrivialDrop for iter::Empty {} +impl<'a, T> TrivialDrop for slice::Iter<'a, T> {} +impl<'a, T> TrivialDrop for slice::IterMut<'a, T> {} +impl<'a, T> TrivialDrop for option::IntoIter<&'a T> {} +impl<'a, T> TrivialDrop for option::IntoIter<&'a mut T> {} + +#[test] +fn test_needs_drop() { + use std::mem::needs_drop; + + struct NeedsDrop; + + impl Drop for NeedsDrop { + fn drop(&mut self) {} + } + + assert!(needs_drop::()); + + // Test each of the types with a handwritten TrivialDrop impl above. + assert!(!needs_drop::>()); + assert!(!needs_drop::>()); + assert!(!needs_drop::>()); + assert!(!needs_drop::>()); + assert!(!needs_drop::>()); +} diff -Nru suricata-6.0.9/rust/vendor/syn/src/generics.rs suricata-6.0.10/rust/vendor/syn/src/generics.rs --- suricata-6.0.9/rust/vendor/syn/src/generics.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/syn/src/generics.rs 2023-01-31 06:31:40.000000000 +0000 @@ -828,6 +828,31 @@ } } + impl TypeParamBound { + pub(crate) fn parse_multiple( + input: ParseStream, + allow_plus: bool, + ) -> Result> { + let mut bounds = Punctuated::new(); + loop { + bounds.push_value(input.parse()?); + if !(allow_plus && input.peek(Token![+])) { + break; + } + bounds.push_punct(input.parse()?); + if !(input.peek(Ident::peek_any) + || input.peek(Token![::]) + || input.peek(Token![?]) + || input.peek(Lifetime) + || input.peek(token::Paren)) + { + break; + } + } + Ok(bounds) + } + } + #[cfg_attr(doc_cfg, doc(cfg(feature = "parsing")))] impl Parse for TraitBound { fn parse(input: ParseStream) -> Result { diff -Nru suricata-6.0.9/rust/vendor/syn/src/lib.rs suricata-6.0.10/rust/vendor/syn/src/lib.rs --- suricata-6.0.9/rust/vendor/syn/src/lib.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/syn/src/lib.rs 2023-01-31 06:31:40.000000000 +0000 @@ -250,7 +250,7 @@ //! dynamic library libproc_macro from rustc toolchain. // Syn types in rustdoc of other crates get linked to here. -#![doc(html_root_url = "https://docs.rs/syn/1.0.104")] +#![doc(html_root_url = "https://docs.rs/syn/1.0.107")] #![cfg_attr(doc_cfg, feature(doc_cfg))] #![allow(non_camel_case_types)] #![allow( @@ -429,6 +429,7 @@ #[cfg(feature = "parsing")] #[cfg_attr(doc_cfg, doc(cfg(feature = "parsing")))] pub mod buffer; +mod drops; #[cfg(feature = "parsing")] #[cfg_attr(doc_cfg, doc(cfg(feature = "parsing")))] pub mod ext; diff -Nru suricata-6.0.9/rust/vendor/syn/src/punctuated.rs suricata-6.0.10/rust/vendor/syn/src/punctuated.rs --- suricata-6.0.9/rust/vendor/syn/src/punctuated.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/syn/src/punctuated.rs 2023-01-31 06:31:40.000000000 +0000 @@ -32,6 +32,7 @@ use std::slice; use std::vec; +use crate::drops::{NoDrop, TrivialDrop}; #[cfg(feature = "parsing")] use crate::parse::{Parse, ParseStream, Result}; #[cfg(feature = "parsing")] @@ -104,10 +105,10 @@ /// Returns an iterator over borrowed syntax tree nodes of type `&T`. pub fn iter(&self) -> Iter { Iter { - inner: Box::new(PrivateIter { + inner: Box::new(NoDrop::new(PrivateIter { inner: self.inner.iter(), last: self.last.as_ref().map(Box::as_ref).into_iter(), - }), + })), } } @@ -115,10 +116,10 @@ /// `&mut T`. pub fn iter_mut(&mut self) -> IterMut { IterMut { - inner: Box::new(PrivateIterMut { + inner: Box::new(NoDrop::new(PrivateIterMut { inner: self.inner.iter_mut(), last: self.last.as_mut().map(Box::as_mut).into_iter(), - }), + })), } } @@ -721,13 +722,13 @@ // The `Item = &'a T` needs to be specified to support rustc 1.31 and older. // On modern compilers we would be able to write just IterTrait<'a, T> where // Item can be inferred unambiguously from the supertrait. - inner: Box + 'a>, + inner: Box + 'a>>, } trait IterTrait<'a, T: 'a>: DoubleEndedIterator + ExactSizeIterator { - fn clone_box(&self) -> Box + 'a>; + fn clone_box(&self) -> Box + 'a>>; } struct PrivateIter<'a, T: 'a, P: 'a> { @@ -735,10 +736,17 @@ last: option::IntoIter<&'a T>, } +impl<'a, T, P> TrivialDrop for PrivateIter<'a, T, P> +where + slice::Iter<'a, (T, P)>: TrivialDrop, + option::IntoIter<&'a T>: TrivialDrop, +{ +} + #[cfg(any(feature = "full", feature = "derive"))] pub(crate) fn empty_punctuated_iter<'a, T>() -> Iter<'a, T> { Iter { - inner: Box::new(iter::empty()), + inner: Box::new(NoDrop::new(iter::empty())), } } @@ -813,10 +821,14 @@ impl<'a, T, I> IterTrait<'a, T> for I where T: 'a, - I: DoubleEndedIterator + ExactSizeIterator + Clone + 'a, + I: DoubleEndedIterator + + ExactSizeIterator + + Clone + + TrivialDrop + + 'a, { - fn clone_box(&self) -> Box + 'a> { - Box::new(self.clone()) + fn clone_box(&self) -> Box + 'a>> { + Box::new(NoDrop::new(self.clone())) } } @@ -826,7 +838,7 @@ /// /// [module documentation]: self pub struct IterMut<'a, T: 'a> { - inner: Box + 'a>, + inner: Box + 'a>>, } trait IterMutTrait<'a, T: 'a>: @@ -839,10 +851,17 @@ last: option::IntoIter<&'a mut T>, } +impl<'a, T, P> TrivialDrop for PrivateIterMut<'a, T, P> +where + slice::IterMut<'a, (T, P)>: TrivialDrop, + option::IntoIter<&'a mut T>: TrivialDrop, +{ +} + #[cfg(any(feature = "full", feature = "derive"))] pub(crate) fn empty_punctuated_iter_mut<'a, T>() -> IterMut<'a, T> { IterMut { - inner: Box::new(iter::empty()), + inner: Box::new(NoDrop::new(iter::empty())), } } diff -Nru suricata-6.0.9/rust/vendor/syn/src/ty.rs suricata-6.0.10/rust/vendor/syn/src/ty.rs --- suricata-6.0.9/rust/vendor/syn/src/ty.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/syn/src/ty.rs 2023-01-31 06:31:40.000000000 +0000 @@ -337,7 +337,7 @@ use crate::ext::IdentExt; use crate::parse::{Parse, ParseStream, Result}; use crate::path; - use proc_macro2::{Punct, Spacing, TokenTree}; + use proc_macro2::{Punct, Spacing, Span, TokenTree}; #[cfg_attr(doc_cfg, doc(cfg(feature = "parsing")))] impl Parse for Type { @@ -546,13 +546,17 @@ || lookahead.peek(Token![<]) { let dyn_token: Option = input.parse()?; - if dyn_token.is_some() { + if let Some(dyn_token) = dyn_token { + let dyn_span = dyn_token.span; let star_token: Option = input.parse()?; - let bounds = TypeTraitObject::parse_bounds(input, allow_plus)?; + let bounds = TypeTraitObject::parse_bounds(dyn_span, input, allow_plus)?; return Ok(if star_token.is_some() { Type::Verbatim(verbatim::between(begin, input)) } else { - Type::TraitObject(TypeTraitObject { dyn_token, bounds }) + Type::TraitObject(TypeTraitObject { + dyn_token: Some(dyn_token), + bounds, + }) }); } @@ -896,15 +900,6 @@ } } - fn at_least_one_type(bounds: &Punctuated) -> bool { - for bound in bounds { - if let TypeParamBound::Trait(_) = *bound { - return true; - } - } - false - } - impl TypeTraitObject { #[cfg_attr(doc_cfg, doc(cfg(feature = "parsing")))] pub fn without_plus(input: ParseStream) -> Result { @@ -914,35 +909,38 @@ // Only allow multiple trait references if allow_plus is true. pub(crate) fn parse(input: ParseStream, allow_plus: bool) -> Result { - Ok(TypeTraitObject { - dyn_token: input.parse()?, - bounds: Self::parse_bounds(input, allow_plus)?, - }) + let dyn_token: Option = input.parse()?; + let dyn_span = match &dyn_token { + Some(token) => token.span, + None => input.span(), + }; + let bounds = Self::parse_bounds(dyn_span, input, allow_plus)?; + Ok(TypeTraitObject { dyn_token, bounds }) } fn parse_bounds( + dyn_span: Span, input: ParseStream, allow_plus: bool, ) -> Result> { - let mut bounds = Punctuated::new(); - loop { - bounds.push_value(input.parse()?); - if !(allow_plus && input.peek(Token![+])) { - break; - } - bounds.push_punct(input.parse()?); - if !(input.peek(Ident::peek_any) - || input.peek(Token![::]) - || input.peek(Token![?]) - || input.peek(Lifetime) - || input.peek(token::Paren)) - { - break; + let bounds = TypeParamBound::parse_multiple(input, allow_plus)?; + let mut last_lifetime_span = None; + let mut at_least_one_trait = false; + for bound in &bounds { + match bound { + TypeParamBound::Trait(_) => { + at_least_one_trait = true; + break; + } + TypeParamBound::Lifetime(lifetime) => { + last_lifetime_span = Some(lifetime.ident.span()); + } } } // Just lifetimes like `'a + 'b` is not a TraitObject. - if !at_least_one_type(&bounds) { - return Err(input.error("expected at least one type")); + if !at_least_one_trait { + let msg = "at least one trait is required for an object type"; + return Err(error::new2(dyn_span, last_lifetime_span.unwrap(), msg)); } Ok(bounds) } @@ -964,10 +962,30 @@ } pub(crate) fn parse(input: ParseStream, allow_plus: bool) -> Result { - Ok(TypeImplTrait { - impl_token: input.parse()?, - bounds: TypeTraitObject::parse_bounds(input, allow_plus)?, - }) + let impl_token: Token![impl] = input.parse()?; + let bounds = TypeParamBound::parse_multiple(input, allow_plus)?; + let mut last_lifetime_span = None; + let mut at_least_one_trait = false; + for bound in &bounds { + match bound { + TypeParamBound::Trait(_) => { + at_least_one_trait = true; + break; + } + TypeParamBound::Lifetime(lifetime) => { + last_lifetime_span = Some(lifetime.ident.span()); + } + } + } + if !at_least_one_trait { + let msg = "at least one trait must be specified"; + return Err(error::new2( + impl_token.span, + last_lifetime_span.unwrap(), + msg, + )); + } + Ok(TypeImplTrait { impl_token, bounds }) } } diff -Nru suricata-6.0.9/rust/vendor/syn/tests/common/eq.rs suricata-6.0.10/rust/vendor/syn/tests/common/eq.rs --- suricata-6.0.9/rust/vendor/syn/tests/common/eq.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/syn/tests/common/eq.rs 2023-01-31 06:31:40.000000000 +0000 @@ -69,7 +69,6 @@ use rustc_ast::ast::ItemKind; use rustc_ast::ast::Label; use rustc_ast::ast::Lifetime; -use rustc_ast::ast::Lit; use rustc_ast::ast::LitFloatType; use rustc_ast::ast::LitIntType; use rustc_ast::ast::LitKind; @@ -80,6 +79,7 @@ use rustc_ast::ast::MacDelimiter; use rustc_ast::ast::MacStmtStyle; use rustc_ast::ast::MacroDef; +use rustc_ast::ast::MetaItemLit; use rustc_ast::ast::MethodCall; use rustc_ast::ast::ModKind; use rustc_ast::ast::ModSpans; @@ -131,7 +131,7 @@ use rustc_ast::ast::WherePredicate; use rustc_ast::ast::WhereRegionPredicate; use rustc_ast::ptr::P; -use rustc_ast::token::{self, CommentKind, Delimiter, Nonterminal, Token, TokenKind}; +use rustc_ast::token::{self, CommentKind, Delimiter, Lit, Nonterminal, Token, TokenKind}; use rustc_ast::tokenstream::{ AttrTokenStream, AttrTokenTree, AttributesData, DelimSpan, LazyAttrTokenStream, Spacing, TokenStream, TokenTree, @@ -434,11 +434,12 @@ spanless_eq_struct!(Item; attrs id span vis ident kind !tokens); spanless_eq_struct!(Label; ident); spanless_eq_struct!(Lifetime; id ident); -spanless_eq_struct!(Lit; token_lit kind span); +spanless_eq_struct!(Lit; kind symbol suffix); spanless_eq_struct!(Local; pat ty kind id span attrs !tokens); spanless_eq_struct!(MacCall; path args prior_type_ascription); spanless_eq_struct!(MacCallStmt; mac style attrs tokens); spanless_eq_struct!(MacroDef; body macro_rules); +spanless_eq_struct!(MetaItemLit; token_lit kind span); spanless_eq_struct!(MethodCall; seg receiver args !span); spanless_eq_struct!(ModSpans; !inner_span !inject_use_span); spanless_eq_struct!(MutTy; ty mutbl); @@ -466,7 +467,6 @@ spanless_eq_struct!(WhereClause; has_where_token predicates span); spanless_eq_struct!(WhereEqPredicate; span lhs_ty rhs_ty); spanless_eq_struct!(WhereRegionPredicate; span lifetime bounds); -spanless_eq_struct!(token::Lit; kind symbol suffix); spanless_eq_enum!(AngleBracketedArg; Arg(0) Constraint(0)); spanless_eq_enum!(AssocItemKind; Const(0 1 2) Fn(0) Type(0) MacCall(0)); spanless_eq_enum!(AssocConstraintKind; Equality(term) Bound(bounds)); @@ -518,7 +518,7 @@ spanless_eq_enum!(UnOp; Deref Not Neg); spanless_eq_enum!(Unsafe; Yes(0) No); spanless_eq_enum!(UnsafeSource; CompilerGenerated UserProvided); -spanless_eq_enum!(UseTreeKind; Simple(0 1 2) Nested(0) Glob); +spanless_eq_enum!(UseTreeKind; Simple(0) Nested(0) Glob); spanless_eq_enum!(VariantData; Struct(0 1) Tuple(0 1) Unit(0)); spanless_eq_enum!(VisibilityKind; Public Restricted(path id shorthand) Inherited); spanless_eq_enum!(WherePredicate; BoundPredicate(0) RegionPredicate(0) EqPredicate(0)); @@ -703,8 +703,8 @@ Token { kind: TokenKind::Literal(lit), span: _, - } => match Lit::from_token_lit(*lit, DUMMY_SP) { - Ok(lit) => is_escaped_literal_ast_lit(&lit, unescaped), + } => match MetaItemLit::from_token_lit(*lit, DUMMY_SP) { + Ok(lit) => is_escaped_literal_meta_item_lit(&lit, unescaped), Err(_) => false, }, Token { @@ -712,7 +712,7 @@ span: _, } => match nonterminal.as_ref() { Nonterminal::NtExpr(expr) => match &expr.kind { - ExprKind::Lit(lit) => is_escaped_literal_token_lit(lit, unescaped), + ExprKind::Lit(lit) => is_escaped_lit(lit, unescaped), _ => false, }, _ => false, @@ -721,47 +721,47 @@ } } -fn is_escaped_literal_macro_arg(arg: &AttrArgsEq, unescaped: Symbol) -> bool { - match arg { +fn is_escaped_literal_attr_args(value: &AttrArgsEq, unescaped: Symbol) -> bool { + match value { AttrArgsEq::Ast(expr) => match &expr.kind { - ExprKind::Lit(lit) => is_escaped_literal_token_lit(lit, unescaped), + ExprKind::Lit(lit) => is_escaped_lit(lit, unescaped), _ => false, }, - AttrArgsEq::Hir(lit) => is_escaped_literal_ast_lit(lit, unescaped), + AttrArgsEq::Hir(lit) => is_escaped_literal_meta_item_lit(lit, unescaped), } } -fn is_escaped_literal_ast_lit(lit: &Lit, unescaped: Symbol) -> bool { +fn is_escaped_literal_meta_item_lit(lit: &MetaItemLit, unescaped: Symbol) -> bool { match lit { - Lit { + MetaItemLit { token_lit: - token::Lit { + Lit { kind: token::LitKind::Str, symbol: _, suffix: None, }, kind, span: _, - } => is_escaped_literal_lit_kind(kind, unescaped), + } => is_escaped_lit_kind(kind, unescaped), _ => false, } } -fn is_escaped_literal_token_lit(lit: &token::Lit, unescaped: Symbol) -> bool { +fn is_escaped_lit(lit: &Lit, unescaped: Symbol) -> bool { match lit { - token::Lit { + Lit { kind: token::LitKind::Str, symbol: _, suffix: None, } => match LitKind::from_token_lit(*lit) { - Ok(lit_kind) => is_escaped_literal_lit_kind(&lit_kind, unescaped), + Ok(lit_kind) => is_escaped_lit_kind(&lit_kind, unescaped), _ => false, }, _ => false, } } -fn is_escaped_literal_lit_kind(kind: &LitKind, unescaped: Symbol) -> bool { +fn is_escaped_lit_kind(kind: &LitKind, unescaped: Symbol) -> bool { match kind { LitKind::Str(symbol, StrStyle::Cooked) => { symbol.as_str().replace('\r', "") == unescaped.as_str().replace('\r', "") @@ -795,8 +795,8 @@ SpanlessEq::eq(&path, &normal2.item.path) && match &normal2.item.args { AttrArgs::Empty | AttrArgs::Delimited(_) => false, - AttrArgs::Eq(_span, token) => { - is_escaped_literal_macro_arg(token, *unescaped) + AttrArgs::Eq(_span, value) => { + is_escaped_literal_attr_args(value, *unescaped) } } } diff -Nru suricata-6.0.9/rust/vendor/syn/tests/test_expr.rs suricata-6.0.10/rust/vendor/syn/tests/test_expr.rs --- suricata-6.0.9/rust/vendor/syn/tests/test_expr.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/syn/tests/test_expr.rs 2023-01-31 06:31:40.000000000 +0000 @@ -53,36 +53,37 @@ #[rustfmt::skip] #[test] fn test_tuple_multi_index() { + let expected = snapshot!("tuple.0.0" as Expr, @r###" + Expr::Field { + base: Expr::Field { + base: Expr::Path { + path: Path { + segments: [ + PathSegment { + ident: "tuple", + arguments: None, + }, + ], + }, + }, + member: Unnamed(Index { + index: 0, + }), + }, + member: Unnamed(Index { + index: 0, + }), + } + "###); + for &input in &[ - "tuple.0.0", "tuple .0.0", "tuple. 0.0", "tuple.0 .0", "tuple.0. 0", "tuple . 0 . 0", ] { - snapshot!(input as Expr, @r###" - Expr::Field { - base: Expr::Field { - base: Expr::Path { - path: Path { - segments: [ - PathSegment { - ident: "tuple", - arguments: None, - }, - ], - }, - }, - member: Unnamed(Index { - index: 0, - }), - }, - member: Unnamed(Index { - index: 0, - }), - } - "###); + assert_eq!(expected, syn::parse_str(input).unwrap()); } for tokens in vec![ @@ -93,28 +94,7 @@ quote!(tuple.0. 0), quote!(tuple . 0 . 0), ] { - snapshot!(tokens as Expr, @r###" - Expr::Field { - base: Expr::Field { - base: Expr::Path { - path: Path { - segments: [ - PathSegment { - ident: "tuple", - arguments: None, - }, - ], - }, - }, - member: Unnamed(Index { - index: 0, - }), - }, - member: Unnamed(Index { - index: 0, - }), - } - "###); + assert_eq!(expected, syn::parse2(tokens).unwrap()); } } diff -Nru suricata-6.0.9/rust/vendor/syn/tests/test_iterators.rs suricata-6.0.10/rust/vendor/syn/tests/test_iterators.rs --- suricata-6.0.9/rust/vendor/syn/tests/test_iterators.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/syn/tests/test_iterators.rs 2023-01-31 06:31:40.000000000 +0000 @@ -47,3 +47,22 @@ assert_eq!(p.iter_mut().next_back(), Some(&mut 4)); assert_eq!(p.into_iter().next_back(), Some(4)); } + +#[test] +fn may_dangle() { + let p: Punctuated<_, Token![,]> = punctuated!(2, 3, 4); + for element in &p { + if *element == 2 { + drop(p); + break; + } + } + + let mut p: Punctuated<_, Token![,]> = punctuated!(2, 3, 4); + for element in &mut p { + if *element == 2 { + drop(p); + break; + } + } +} diff -Nru suricata-6.0.9/rust/vendor/unicode-ident/.cargo-checksum.json suricata-6.0.10/rust/vendor/unicode-ident/.cargo-checksum.json --- suricata-6.0.9/rust/vendor/unicode-ident/.cargo-checksum.json 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/unicode-ident/.cargo-checksum.json 2023-01-31 06:31:40.000000000 +0000 @@ -1 +1 @@ -{"files":{"Cargo.toml":"4589e7f695ce2ae3c0dbb7a79647d044b8f2ef71183bf478fe01922966c54556","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"23f18e03dc49df91622fe2a76176497404e46ced8a715d9d2b67a7446571cca3","LICENSE-UNICODE":"68f5b9f5ea36881a0942ba02f558e9e1faf76cc09cb165ad801744c61b738844","README.md":"3dc1793fcaf87c77c5ed467c4a76cb696883f2f4329c011a869fbd34c4404382","benches/xid.rs":"a61f61ecc7d5124c759cdeb55ab74470ab69f2f3ca37613da65f16e0e5e33487","src/lib.rs":"d0030259a628125669ad6c02d3eb791526e6d6ae35d8a858a87f90245162666c","src/tables.rs":"4a84cc7a1a391abebe5672db993c519b9f8fe462690d7e5a8bdd43be8481c10b","tests/compare.rs":"89c4dc4f745064a9f734667b1d960596a10b8cb019a8ed1c5b9512678a866ad5","tests/fst/mod.rs":"69a3aaf59acd8bca962ecc6234be56be8c0934ab79b253162f10eb881523901f","tests/fst/xid_continue.fst":"0624500413ac318fee8424eecdad70397f911e3beae52231bfca295bb1bb9e04","tests/fst/xid_start.fst":"cc36f4f1149a4004ea7e2075cfb54756328b571946fda526be508cf5ed53dbdb","tests/roaring/mod.rs":"784f65a48477fab7549620c7843c7ad6da533f69a18abca1172f6acb95045e53","tests/static_size.rs":"6686edc08a6718cb4be03916b87a2594a2d2f2c779dbac6372fd27d5d7f7d8b6","tests/trie/mod.rs":"d4acbb716bcbaf80660039797f45e138ed8bbd66749fa3b19b1a971574679cc9","tests/trie/trie.rs":"dbd7de5fe601159643a4c6febed06793f812e8d71010b0ec78f2557353a976b2"},"package":"6ceab39d59e4c9499d4e5a8ee0e2735b891bb7308ac83dfb4e80cad195c9f6f3"} \ No newline at end of file +{"files":{"Cargo.toml":"29d1c02ffc7c1f34067b04bcc6b38ec41918838d553176d805644d8c03ab3f62","LICENSE-APACHE":"a60eea817514531668d7e00765731449fe14d059d3249e0bc93b36de45f759f2","LICENSE-MIT":"23f18e03dc49df91622fe2a76176497404e46ced8a715d9d2b67a7446571cca3","LICENSE-UNICODE":"68f5b9f5ea36881a0942ba02f558e9e1faf76cc09cb165ad801744c61b738844","README.md":"4e3b8b33ce66d038b932b0824e9c5f459893c2004ce68065fb8b68c98692d298","benches/xid.rs":"a61f61ecc7d5124c759cdeb55ab74470ab69f2f3ca37613da65f16e0e5e33487","src/lib.rs":"d0030259a628125669ad6c02d3eb791526e6d6ae35d8a858a87f90245162666c","src/tables.rs":"b4609d6c2e2ba44fba8cdbcec271325ff196afba8001dee805be95424219f01b","tests/compare.rs":"89c4dc4f745064a9f734667b1d960596a10b8cb019a8ed1c5b9512678a866ad5","tests/fst/mod.rs":"69a3aaf59acd8bca962ecc6234be56be8c0934ab79b253162f10eb881523901f","tests/fst/xid_continue.fst":"0624500413ac318fee8424eecdad70397f911e3beae52231bfca295bb1bb9e04","tests/fst/xid_start.fst":"cc36f4f1149a4004ea7e2075cfb54756328b571946fda526be508cf5ed53dbdb","tests/roaring/mod.rs":"784f65a48477fab7549620c7843c7ad6da533f69a18abca1172f6acb95045e53","tests/static_size.rs":"f1275c2bc59e85b5a7c2ce500b50c00a479d314b925538083917dc001c41b187","tests/tables/mod.rs":"e6949172d10fc4b2431ce7546269bfd4f9146454c8c3e31faf5e5d80c16a8ab6","tests/tables/tables.rs":"5194ac98137a3b61322213f2f8e8b83ff925ffcdd79e93a2ec414ef944dc63a3","tests/trie/mod.rs":"d4acbb716bcbaf80660039797f45e138ed8bbd66749fa3b19b1a971574679cc9","tests/trie/trie.rs":"dbd7de5fe601159643a4c6febed06793f812e8d71010b0ec78f2557353a976b2"},"package":"84a22b9f218b40614adcb3f4ff08b703773ad44fa9423e4e0d346d5db86e4ebc"} \ No newline at end of file diff -Nru suricata-6.0.9/rust/vendor/unicode-ident/Cargo.toml suricata-6.0.10/rust/vendor/unicode-ident/Cargo.toml --- suricata-6.0.9/rust/vendor/unicode-ident/Cargo.toml 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/unicode-ident/Cargo.toml 2023-01-31 06:31:40.000000000 +0000 @@ -13,7 +13,7 @@ edition = "2018" rust-version = "1.31" name = "unicode-ident" -version = "1.0.5" +version = "1.0.6" authors = ["David Tolnay "] description = "Determine whether characters have the XID_Start or XID_Continue properties according to Unicode Standard Annex #31" documentation = "https://docs.rs/unicode-ident" diff -Nru suricata-6.0.9/rust/vendor/unicode-ident/README.md suricata-6.0.10/rust/vendor/unicode-ident/README.md --- suricata-6.0.9/rust/vendor/unicode-ident/README.md 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/unicode-ident/README.md 2023-01-31 06:31:40.000000000 +0000 @@ -4,7 +4,7 @@ [github](https://github.com/dtolnay/unicode-ident) [crates.io](https://crates.io/crates/unicode-ident) [docs.rs](https://docs.rs/unicode-ident) -[build status](https://github.com/dtolnay/unicode-ident/actions?query=branch%3Amaster) +[build status](https://github.com/dtolnay/unicode-ident/actions?query=branch%3Amaster) Implementation of [Unicode Standard Annex #31][tr31] for determining which `char` values are valid in programming language identifiers. diff -Nru suricata-6.0.9/rust/vendor/unicode-ident/src/tables.rs suricata-6.0.10/rust/vendor/unicode-ident/src/tables.rs --- suricata-6.0.9/rust/vendor/unicode-ident/src/tables.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/unicode-ident/src/tables.rs 2023-01-31 06:31:40.000000000 +0000 @@ -1,6 +1,6 @@ // @generated by ../generate. To regenerate, run the following in the repo root: // -// $ curl -LO https://www.unicode.org/Public/zipped/14.0.0/UCD.zip +// $ curl -LO https://www.unicode.org/Public/zipped/15.0.0/UCD.zip // $ unzip UCD.zip -d UCD // $ cargo run --manifest-path generate/Cargo.toml diff -Nru suricata-6.0.9/rust/vendor/unicode-ident/tests/static_size.rs suricata-6.0.10/rust/vendor/unicode-ident/tests/static_size.rs --- suricata-6.0.9/rust/vendor/unicode-ident/tests/static_size.rs 2022-11-28 06:37:34.000000000 +0000 +++ suricata-6.0.10/rust/vendor/unicode-ident/tests/static_size.rs 2023-01-31 06:31:40.000000000 +0000 @@ -19,14 +19,13 @@ #[test] fn test_xid_size() { #[deny(dead_code)] - #[allow(clippy::redundant_static_lifetimes)] - #[path = "../generate/src/ucd.rs"] - mod ucd; + #[path = "tables/mod.rs"] + mod tables; - let size = size_of_val(ucd::XID_START) + size_of_val(ucd::XID_CONTINUE); + let size = size_of_val(tables::XID_START) + size_of_val(tables::XID_CONTINUE); assert_eq!(11528, size); - let _ = ucd::BY_NAME; + let _ = tables::BY_NAME; } #[cfg(target_pointer_width = "64")] diff -Nru suricata-6.0.9/rust/vendor/unicode-ident/tests/tables/mod.rs suricata-6.0.10/rust/vendor/unicode-ident/tests/tables/mod.rs --- suricata-6.0.9/rust/vendor/unicode-ident/tests/tables/mod.rs 1970-01-01 00:00:00.000000000 +0000 +++ suricata-6.0.10/rust/vendor/unicode-ident/tests/tables/mod.rs 2023-01-31 06:31:40.000000000 +0000 @@ -0,0 +1,7 @@ +#![allow(clippy::module_inception)] + +#[allow(clippy::redundant_static_lifetimes)] +#[rustfmt::skip] +mod tables; + +pub(crate) use self::tables::*; diff -Nru suricata-6.0.9/rust/vendor/unicode-ident/tests/tables/tables.rs suricata-6.0.10/rust/vendor/unicode-ident/tests/tables/tables.rs --- suricata-6.0.9/rust/vendor/unicode-ident/tests/tables/tables.rs 1970-01-01 00:00:00.000000000 +0000 +++ suricata-6.0.10/rust/vendor/unicode-ident/tests/tables/tables.rs 2023-01-31 06:31:40.000000000 +0000 @@ -0,0 +1,347 @@ +// DO NOT EDIT THIS FILE. IT WAS AUTOMATICALLY GENERATED BY: +// +// ucd-generate property-bool UCD --include XID_Start,XID_Continue +// +// Unicode version: 15.0.0. +// +// ucd-generate 0.2.13 is available on crates.io. + +pub const BY_NAME: &'static [(&'static str, &'static [(u32, u32)])] = &[ + ("XID_Continue", XID_CONTINUE), ("XID_Start", XID_START), +]; + +pub const XID_CONTINUE: &'static [(u32, u32)] = &[ + (48, 57), (65, 90), (95, 95), (97, 122), (170, 170), (181, 181), (183, 183), + (186, 186), (192, 214), (216, 246), (248, 705), (710, 721), (736, 740), + (748, 748), (750, 750), (768, 884), (886, 887), (891, 893), (895, 895), + (902, 906), (908, 908), (910, 929), (931, 1013), (1015, 1153), (1155, 1159), + (1162, 1327), (1329, 1366), (1369, 1369), (1376, 1416), (1425, 1469), + (1471, 1471), (1473, 1474), (1476, 1477), (1479, 1479), (1488, 1514), + (1519, 1522), (1552, 1562), (1568, 1641), (1646, 1747), (1749, 1756), + (1759, 1768), (1770, 1788), (1791, 1791), (1808, 1866), (1869, 1969), + (1984, 2037), (2042, 2042), (2045, 2045), (2048, 2093), (2112, 2139), + (2144, 2154), (2160, 2183), (2185, 2190), (2200, 2273), (2275, 2403), + (2406, 2415), (2417, 2435), (2437, 2444), (2447, 2448), (2451, 2472), + (2474, 2480), (2482, 2482), (2486, 2489), (2492, 2500), (2503, 2504), + (2507, 2510), (2519, 2519), (2524, 2525), (2527, 2531), (2534, 2545), + (2556, 2556), (2558, 2558), (2561, 2563), (2565, 2570), (2575, 2576), + (2579, 2600), (2602, 2608), (2610, 2611), (2613, 2614), (2616, 2617), + (2620, 2620), (2622, 2626), (2631, 2632), (2635, 2637), (2641, 2641), + (2649, 2652), (2654, 2654), (2662, 2677), (2689, 2691), (2693, 2701), + (2703, 2705), (2707, 2728), (2730, 2736), (2738, 2739), (2741, 2745), + (2748, 2757), (2759, 2761), (2763, 2765), (2768, 2768), (2784, 2787), + (2790, 2799), (2809, 2815), (2817, 2819), (2821, 2828), (2831, 2832), + (2835, 2856), (2858, 2864), (2866, 2867), (2869, 2873), (2876, 2884), + (2887, 2888), (2891, 2893), (2901, 2903), (2908, 2909), (2911, 2915), + (2918, 2927), (2929, 2929), (2946, 2947), (2949, 2954), (2958, 2960), + (2962, 2965), (2969, 2970), (2972, 2972), (2974, 2975), (2979, 2980), + (2984, 2986), (2990, 3001), (3006, 3010), (3014, 3016), (3018, 3021), + (3024, 3024), (3031, 3031), (3046, 3055), (3072, 3084), (3086, 3088), + (3090, 3112), (3114, 3129), (3132, 3140), (3142, 3144), (3146, 3149), + (3157, 3158), (3160, 3162), (3165, 3165), (3168, 3171), (3174, 3183), + (3200, 3203), (3205, 3212), (3214, 3216), (3218, 3240), (3242, 3251), + (3253, 3257), (3260, 3268), (3270, 3272), (3274, 3277), (3285, 3286), + (3293, 3294), (3296, 3299), (3302, 3311), (3313, 3315), (3328, 3340), + (3342, 3344), (3346, 3396), (3398, 3400), (3402, 3406), (3412, 3415), + (3423, 3427), (3430, 3439), (3450, 3455), (3457, 3459), (3461, 3478), + (3482, 3505), (3507, 3515), (3517, 3517), (3520, 3526), (3530, 3530), + (3535, 3540), (3542, 3542), (3544, 3551), (3558, 3567), (3570, 3571), + (3585, 3642), (3648, 3662), (3664, 3673), (3713, 3714), (3716, 3716), + (3718, 3722), (3724, 3747), (3749, 3749), (3751, 3773), (3776, 3780), + (3782, 3782), (3784, 3790), (3792, 3801), (3804, 3807), (3840, 3840), + (3864, 3865), (3872, 3881), (3893, 3893), (3895, 3895), (3897, 3897), + (3902, 3911), (3913, 3948), (3953, 3972), (3974, 3991), (3993, 4028), + (4038, 4038), (4096, 4169), (4176, 4253), (4256, 4293), (4295, 4295), + (4301, 4301), (4304, 4346), (4348, 4680), (4682, 4685), (4688, 4694), + (4696, 4696), (4698, 4701), (4704, 4744), (4746, 4749), (4752, 4784), + (4786, 4789), (4792, 4798), (4800, 4800), (4802, 4805), (4808, 4822), + (4824, 4880), (4882, 4885), (4888, 4954), (4957, 4959), (4969, 4977), + (4992, 5007), (5024, 5109), (5112, 5117), (5121, 5740), (5743, 5759), + (5761, 5786), (5792, 5866), (5870, 5880), (5888, 5909), (5919, 5940), + (5952, 5971), (5984, 5996), (5998, 6000), (6002, 6003), (6016, 6099), + (6103, 6103), (6108, 6109), (6112, 6121), (6155, 6157), (6159, 6169), + (6176, 6264), (6272, 6314), (6320, 6389), (6400, 6430), (6432, 6443), + (6448, 6459), (6470, 6509), (6512, 6516), (6528, 6571), (6576, 6601), + (6608, 6618), (6656, 6683), (6688, 6750), (6752, 6780), (6783, 6793), + (6800, 6809), (6823, 6823), (6832, 6845), (6847, 6862), (6912, 6988), + (6992, 7001), (7019, 7027), (7040, 7155), (7168, 7223), (7232, 7241), + (7245, 7293), (7296, 7304), (7312, 7354), (7357, 7359), (7376, 7378), + (7380, 7418), (7424, 7957), (7960, 7965), (7968, 8005), (8008, 8013), + (8016, 8023), (8025, 8025), (8027, 8027), (8029, 8029), (8031, 8061), + (8064, 8116), (8118, 8124), (8126, 8126), (8130, 8132), (8134, 8140), + (8144, 8147), (8150, 8155), (8160, 8172), (8178, 8180), (8182, 8188), + (8255, 8256), (8276, 8276), (8305, 8305), (8319, 8319), (8336, 8348), + (8400, 8412), (8417, 8417), (8421, 8432), (8450, 8450), (8455, 8455), + (8458, 8467), (8469, 8469), (8472, 8477), (8484, 8484), (8486, 8486), + (8488, 8488), (8490, 8505), (8508, 8511), (8517, 8521), (8526, 8526), + (8544, 8584), (11264, 11492), (11499, 11507), (11520, 11557), + (11559, 11559), (11565, 11565), (11568, 11623), (11631, 11631), + (11647, 11670), (11680, 11686), (11688, 11694), (11696, 11702), + (11704, 11710), (11712, 11718), (11720, 11726), (11728, 11734), + (11736, 11742), (11744, 11775), (12293, 12295), (12321, 12335), + (12337, 12341), (12344, 12348), (12353, 12438), (12441, 12442), + (12445, 12447), (12449, 12538), (12540, 12543), (12549, 12591), + (12593, 12686), (12704, 12735), (12784, 12799), (13312, 19903), + (19968, 42124), (42192, 42237), (42240, 42508), (42512, 42539), + (42560, 42607), (42612, 42621), (42623, 42737), (42775, 42783), + (42786, 42888), (42891, 42954), (42960, 42961), (42963, 42963), + (42965, 42969), (42994, 43047), (43052, 43052), (43072, 43123), + (43136, 43205), (43216, 43225), (43232, 43255), (43259, 43259), + (43261, 43309), (43312, 43347), (43360, 43388), (43392, 43456), + (43471, 43481), (43488, 43518), (43520, 43574), (43584, 43597), + (43600, 43609), (43616, 43638), (43642, 43714), (43739, 43741), + (43744, 43759), (43762, 43766), (43777, 43782), (43785, 43790), + (43793, 43798), (43808, 43814), (43816, 43822), (43824, 43866), + (43868, 43881), (43888, 44010), (44012, 44013), (44016, 44025), + (44032, 55203), (55216, 55238), (55243, 55291), (63744, 64109), + (64112, 64217), (64256, 64262), (64275, 64279), (64285, 64296), + (64298, 64310), (64312, 64316), (64318, 64318), (64320, 64321), + (64323, 64324), (64326, 64433), (64467, 64605), (64612, 64829), + (64848, 64911), (64914, 64967), (65008, 65017), (65024, 65039), + (65056, 65071), (65075, 65076), (65101, 65103), (65137, 65137), + (65139, 65139), (65143, 65143), (65145, 65145), (65147, 65147), + (65149, 65149), (65151, 65276), (65296, 65305), (65313, 65338), + (65343, 65343), (65345, 65370), (65382, 65470), (65474, 65479), + (65482, 65487), (65490, 65495), (65498, 65500), (65536, 65547), + (65549, 65574), (65576, 65594), (65596, 65597), (65599, 65613), + (65616, 65629), (65664, 65786), (65856, 65908), (66045, 66045), + (66176, 66204), (66208, 66256), (66272, 66272), (66304, 66335), + (66349, 66378), (66384, 66426), (66432, 66461), (66464, 66499), + (66504, 66511), (66513, 66517), (66560, 66717), (66720, 66729), + (66736, 66771), (66776, 66811), (66816, 66855), (66864, 66915), + (66928, 66938), (66940, 66954), (66956, 66962), (66964, 66965), + (66967, 66977), (66979, 66993), (66995, 67001), (67003, 67004), + (67072, 67382), (67392, 67413), (67424, 67431), (67456, 67461), + (67463, 67504), (67506, 67514), (67584, 67589), (67592, 67592), + (67594, 67637), (67639, 67640), (67644, 67644), (67647, 67669), + (67680, 67702), (67712, 67742), (67808, 67826), (67828, 67829), + (67840, 67861), (67872, 67897), (67968, 68023), (68030, 68031), + (68096, 68099), (68101, 68102), (68108, 68115), (68117, 68119), + (68121, 68149), (68152, 68154), (68159, 68159), (68192, 68220), + (68224, 68252), (68288, 68295), (68297, 68326), (68352, 68405), + (68416, 68437), (68448, 68466), (68480, 68497), (68608, 68680), + (68736, 68786), (68800, 68850), (68864, 68903), (68912, 68921), + (69248, 69289), (69291, 69292), (69296, 69297), (69373, 69404), + (69415, 69415), (69424, 69456), (69488, 69509), (69552, 69572), + (69600, 69622), (69632, 69702), (69734, 69749), (69759, 69818), + (69826, 69826), (69840, 69864), (69872, 69881), (69888, 69940), + (69942, 69951), (69956, 69959), (69968, 70003), (70006, 70006), + (70016, 70084), (70089, 70092), (70094, 70106), (70108, 70108), + (70144, 70161), (70163, 70199), (70206, 70209), (70272, 70278), + (70280, 70280), (70282, 70285), (70287, 70301), (70303, 70312), + (70320, 70378), (70384, 70393), (70400, 70403), (70405, 70412), + (70415, 70416), (70419, 70440), (70442, 70448), (70450, 70451), + (70453, 70457), (70459, 70468), (70471, 70472), (70475, 70477), + (70480, 70480), (70487, 70487), (70493, 70499), (70502, 70508), + (70512, 70516), (70656, 70730), (70736, 70745), (70750, 70753), + (70784, 70853), (70855, 70855), (70864, 70873), (71040, 71093), + (71096, 71104), (71128, 71133), (71168, 71232), (71236, 71236), + (71248, 71257), (71296, 71352), (71360, 71369), (71424, 71450), + (71453, 71467), (71472, 71481), (71488, 71494), (71680, 71738), + (71840, 71913), (71935, 71942), (71945, 71945), (71948, 71955), + (71957, 71958), (71960, 71989), (71991, 71992), (71995, 72003), + (72016, 72025), (72096, 72103), (72106, 72151), (72154, 72161), + (72163, 72164), (72192, 72254), (72263, 72263), (72272, 72345), + (72349, 72349), (72368, 72440), (72704, 72712), (72714, 72758), + (72760, 72768), (72784, 72793), (72818, 72847), (72850, 72871), + (72873, 72886), (72960, 72966), (72968, 72969), (72971, 73014), + (73018, 73018), (73020, 73021), (73023, 73031), (73040, 73049), + (73056, 73061), (73063, 73064), (73066, 73102), (73104, 73105), + (73107, 73112), (73120, 73129), (73440, 73462), (73472, 73488), + (73490, 73530), (73534, 73538), (73552, 73561), (73648, 73648), + (73728, 74649), (74752, 74862), (74880, 75075), (77712, 77808), + (77824, 78895), (78912, 78933), (82944, 83526), (92160, 92728), + (92736, 92766), (92768, 92777), (92784, 92862), (92864, 92873), + (92880, 92909), (92912, 92916), (92928, 92982), (92992, 92995), + (93008, 93017), (93027, 93047), (93053, 93071), (93760, 93823), + (93952, 94026), (94031, 94087), (94095, 94111), (94176, 94177), + (94179, 94180), (94192, 94193), (94208, 100343), (100352, 101589), + (101632, 101640), (110576, 110579), (110581, 110587), (110589, 110590), + (110592, 110882), (110898, 110898), (110928, 110930), (110933, 110933), + (110948, 110951), (110960, 111355), (113664, 113770), (113776, 113788), + (113792, 113800), (113808, 113817), (113821, 113822), (118528, 118573), + (118576, 118598), (119141, 119145), (119149, 119154), (119163, 119170), + (119173, 119179), (119210, 119213), (119362, 119364), (119808, 119892), + (119894, 119964), (119966, 119967), (119970, 119970), (119973, 119974), + (119977, 119980), (119982, 119993), (119995, 119995), (119997, 120003), + (120005, 120069), (120071, 120074), (120077, 120084), (120086, 120092), + (120094, 120121), (120123, 120126), (120128, 120132), (120134, 120134), + (120138, 120144), (120146, 120485), (120488, 120512), (120514, 120538), + (120540, 120570), (120572, 120596), (120598, 120628), (120630, 120654), + (120656, 120686), (120688, 120712), (120714, 120744), (120746, 120770), + (120772, 120779), (120782, 120831), (121344, 121398), (121403, 121452), + (121461, 121461), (121476, 121476), (121499, 121503), (121505, 121519), + (122624, 122654), (122661, 122666), (122880, 122886), (122888, 122904), + (122907, 122913), (122915, 122916), (122918, 122922), (122928, 122989), + (123023, 123023), (123136, 123180), (123184, 123197), (123200, 123209), + (123214, 123214), (123536, 123566), (123584, 123641), (124112, 124153), + (124896, 124902), (124904, 124907), (124909, 124910), (124912, 124926), + (124928, 125124), (125136, 125142), (125184, 125259), (125264, 125273), + (126464, 126467), (126469, 126495), (126497, 126498), (126500, 126500), + (126503, 126503), (126505, 126514), (126516, 126519), (126521, 126521), + (126523, 126523), (126530, 126530), (126535, 126535), (126537, 126537), + (126539, 126539), (126541, 126543), (126545, 126546), (126548, 126548), + (126551, 126551), (126553, 126553), (126555, 126555), (126557, 126557), + (126559, 126559), (126561, 126562), (126564, 126564), (126567, 126570), + (126572, 126578), (126580, 126583), (126585, 126588), (126590, 126590), + (126592, 126601), (126603, 126619), (126625, 126627), (126629, 126633), + (126635, 126651), (130032, 130041), (131072, 173791), (173824, 177977), + (177984, 178205), (178208, 183969), (183984, 191456), (194560, 195101), + (196608, 201546), (201552, 205743), (917760, 917999), +]; + +pub const XID_START: &'static [(u32, u32)] = &[ + (65, 90), (97, 122), (170, 170), (181, 181), (186, 186), (192, 214), + (216, 246), (248, 705), (710, 721), (736, 740), (748, 748), (750, 750), + (880, 884), (886, 887), (891, 893), (895, 895), (902, 902), (904, 906), + (908, 908), (910, 929), (931, 1013), (1015, 1153), (1162, 1327), + (1329, 1366), (1369, 1369), (1376, 1416), (1488, 1514), (1519, 1522), + (1568, 1610), (1646, 1647), (1649, 1747), (1749, 1749), (1765, 1766), + (1774, 1775), (1786, 1788), (1791, 1791), (1808, 1808), (1810, 1839), + (1869, 1957), (1969, 1969), (1994, 2026), (2036, 2037), (2042, 2042), + (2048, 2069), (2074, 2074), (2084, 2084), (2088, 2088), (2112, 2136), + (2144, 2154), (2160, 2183), (2185, 2190), (2208, 2249), (2308, 2361), + (2365, 2365), (2384, 2384), (2392, 2401), (2417, 2432), (2437, 2444), + (2447, 2448), (2451, 2472), (2474, 2480), (2482, 2482), (2486, 2489), + (2493, 2493), (2510, 2510), (2524, 2525), (2527, 2529), (2544, 2545), + (2556, 2556), (2565, 2570), (2575, 2576), (2579, 2600), (2602, 2608), + (2610, 2611), (2613, 2614), (2616, 2617), (2649, 2652), (2654, 2654), + (2674, 2676), (2693, 2701), (2703, 2705), (2707, 2728), (2730, 2736), + (2738, 2739), (2741, 2745), (2749, 2749), (2768, 2768), (2784, 2785), + (2809, 2809), (2821, 2828), (2831, 2832), (2835, 2856), (2858, 2864), + (2866, 2867), (2869, 2873), (2877, 2877), (2908, 2909), (2911, 2913), + (2929, 2929), (2947, 2947), (2949, 2954), (2958, 2960), (2962, 2965), + (2969, 2970), (2972, 2972), (2974, 2975), (2979, 2980), (2984, 2986), + (2990, 3001), (3024, 3024), (3077, 3084), (3086, 3088), (3090, 3112), + (3114, 3129), (3133, 3133), (3160, 3162), (3165, 3165), (3168, 3169), + (3200, 3200), (3205, 3212), (3214, 3216), (3218, 3240), (3242, 3251), + (3253, 3257), (3261, 3261), (3293, 3294), (3296, 3297), (3313, 3314), + (3332, 3340), (3342, 3344), (3346, 3386), (3389, 3389), (3406, 3406), + (3412, 3414), (3423, 3425), (3450, 3455), (3461, 3478), (3482, 3505), + (3507, 3515), (3517, 3517), (3520, 3526), (3585, 3632), (3634, 3634), + (3648, 3654), (3713, 3714), (3716, 3716), (3718, 3722), (3724, 3747), + (3749, 3749), (3751, 3760), (3762, 3762), (3773, 3773), (3776, 3780), + (3782, 3782), (3804, 3807), (3840, 3840), (3904, 3911), (3913, 3948), + (3976, 3980), (4096, 4138), (4159, 4159), (4176, 4181), (4186, 4189), + (4193, 4193), (4197, 4198), (4206, 4208), (4213, 4225), (4238, 4238), + (4256, 4293), (4295, 4295), (4301, 4301), (4304, 4346), (4348, 4680), + (4682, 4685), (4688, 4694), (4696, 4696), (4698, 4701), (4704, 4744), + (4746, 4749), (4752, 4784), (4786, 4789), (4792, 4798), (4800, 4800), + (4802, 4805), (4808, 4822), (4824, 4880), (4882, 4885), (4888, 4954), + (4992, 5007), (5024, 5109), (5112, 5117), (5121, 5740), (5743, 5759), + (5761, 5786), (5792, 5866), (5870, 5880), (5888, 5905), (5919, 5937), + (5952, 5969), (5984, 5996), (5998, 6000), (6016, 6067), (6103, 6103), + (6108, 6108), (6176, 6264), (6272, 6312), (6314, 6314), (6320, 6389), + (6400, 6430), (6480, 6509), (6512, 6516), (6528, 6571), (6576, 6601), + (6656, 6678), (6688, 6740), (6823, 6823), (6917, 6963), (6981, 6988), + (7043, 7072), (7086, 7087), (7098, 7141), (7168, 7203), (7245, 7247), + (7258, 7293), (7296, 7304), (7312, 7354), (7357, 7359), (7401, 7404), + (7406, 7411), (7413, 7414), (7418, 7418), (7424, 7615), (7680, 7957), + (7960, 7965), (7968, 8005), (8008, 8013), (8016, 8023), (8025, 8025), + (8027, 8027), (8029, 8029), (8031, 8061), (8064, 8116), (8118, 8124), + (8126, 8126), (8130, 8132), (8134, 8140), (8144, 8147), (8150, 8155), + (8160, 8172), (8178, 8180), (8182, 8188), (8305, 8305), (8319, 8319), + (8336, 8348), (8450, 8450), (8455, 8455), (8458, 8467), (8469, 8469), + (8472, 8477), (8484, 8484), (8486, 8486), (8488, 8488), (8490, 8505), + (8508, 8511), (8517, 8521), (8526, 8526), (8544, 8584), (11264, 11492), + (11499, 11502), (11506, 11507), (11520, 11557), (11559, 11559), + (11565, 11565), (11568, 11623), (11631, 11631), (11648, 11670), + (11680, 11686), (11688, 11694), (11696, 11702), (11704, 11710), + (11712, 11718), (11720, 11726), (11728, 11734), (11736, 11742), + (12293, 12295), (12321, 12329), (12337, 12341), (12344, 12348), + (12353, 12438), (12445, 12447), (12449, 12538), (12540, 12543), + (12549, 12591), (12593, 12686), (12704, 12735), (12784, 12799), + (13312, 19903), (19968, 42124), (42192, 42237), (42240, 42508), + (42512, 42527), (42538, 42539), (42560, 42606), (42623, 42653), + (42656, 42735), (42775, 42783), (42786, 42888), (42891, 42954), + (42960, 42961), (42963, 42963), (42965, 42969), (42994, 43009), + (43011, 43013), (43015, 43018), (43020, 43042), (43072, 43123), + (43138, 43187), (43250, 43255), (43259, 43259), (43261, 43262), + (43274, 43301), (43312, 43334), (43360, 43388), (43396, 43442), + (43471, 43471), (43488, 43492), (43494, 43503), (43514, 43518), + (43520, 43560), (43584, 43586), (43588, 43595), (43616, 43638), + (43642, 43642), (43646, 43695), (43697, 43697), (43701, 43702), + (43705, 43709), (43712, 43712), (43714, 43714), (43739, 43741), + (43744, 43754), (43762, 43764), (43777, 43782), (43785, 43790), + (43793, 43798), (43808, 43814), (43816, 43822), (43824, 43866), + (43868, 43881), (43888, 44002), (44032, 55203), (55216, 55238), + (55243, 55291), (63744, 64109), (64112, 64217), (64256, 64262), + (64275, 64279), (64285, 64285), (64287, 64296), (64298, 64310), + (64312, 64316), (64318, 64318), (64320, 64321), (64323, 64324), + (64326, 64433), (64467, 64605), (64612, 64829), (64848, 64911), + (64914, 64967), (65008, 65017), (65137, 65137), (65139, 65139), + (65143, 65143), (65145, 65145), (65147, 65147), (65149, 65149), + (65151, 65276), (65313, 65338), (65345, 65370), (65382, 65437), + (65440, 65470), (65474, 65479), (65482, 65487), (65490, 65495), + (65498, 65500), (65536, 65547), (65549, 65574), (65576, 65594), + (65596, 65597), (65599, 65613), (65616, 65629), (65664, 65786), + (65856, 65908), (66176, 66204), (66208, 66256), (66304, 66335), + (66349, 66378), (66384, 66421), (66432, 66461), (66464, 66499), + (66504, 66511), (66513, 66517), (66560, 66717), (66736, 66771), + (66776, 66811), (66816, 66855), (66864, 66915), (66928, 66938), + (66940, 66954), (66956, 66962), (66964, 66965), (66967, 66977), + (66979, 66993), (66995, 67001), (67003, 67004), (67072, 67382), + (67392, 67413), (67424, 67431), (67456, 67461), (67463, 67504), + (67506, 67514), (67584, 67589), (67592, 67592), (67594, 67637), + (67639, 67640), (67644, 67644), (67647, 67669), (67680, 67702), + (67712, 67742), (67808, 67826), (67828, 67829), (67840, 67861), + (67872, 67897), (67968, 68023), (68030, 68031), (68096, 68096), + (68112, 68115), (68117, 68119), (68121, 68149), (68192, 68220), + (68224, 68252), (68288, 68295), (68297, 68324), (68352, 68405), + (68416, 68437), (68448, 68466), (68480, 68497), (68608, 68680), + (68736, 68786), (68800, 68850), (68864, 68899), (69248, 69289), + (69296, 69297), (69376, 69404), (69415, 69415), (69424, 69445), + (69488, 69505), (69552, 69572), (69600, 69622), (69635, 69687), + (69745, 69746), (69749, 69749), (69763, 69807), (69840, 69864), + (69891, 69926), (69956, 69956), (69959, 69959), (69968, 70002), + (70006, 70006), (70019, 70066), (70081, 70084), (70106, 70106), + (70108, 70108), (70144, 70161), (70163, 70187), (70207, 70208), + (70272, 70278), (70280, 70280), (70282, 70285), (70287, 70301), + (70303, 70312), (70320, 70366), (70405, 70412), (70415, 70416), + (70419, 70440), (70442, 70448), (70450, 70451), (70453, 70457), + (70461, 70461), (70480, 70480), (70493, 70497), (70656, 70708), + (70727, 70730), (70751, 70753), (70784, 70831), (70852, 70853), + (70855, 70855), (71040, 71086), (71128, 71131), (71168, 71215), + (71236, 71236), (71296, 71338), (71352, 71352), (71424, 71450), + (71488, 71494), (71680, 71723), (71840, 71903), (71935, 71942), + (71945, 71945), (71948, 71955), (71957, 71958), (71960, 71983), + (71999, 71999), (72001, 72001), (72096, 72103), (72106, 72144), + (72161, 72161), (72163, 72163), (72192, 72192), (72203, 72242), + (72250, 72250), (72272, 72272), (72284, 72329), (72349, 72349), + (72368, 72440), (72704, 72712), (72714, 72750), (72768, 72768), + (72818, 72847), (72960, 72966), (72968, 72969), (72971, 73008), + (73030, 73030), (73056, 73061), (73063, 73064), (73066, 73097), + (73112, 73112), (73440, 73458), (73474, 73474), (73476, 73488), + (73490, 73523), (73648, 73648), (73728, 74649), (74752, 74862), + (74880, 75075), (77712, 77808), (77824, 78895), (78913, 78918), + (82944, 83526), (92160, 92728), (92736, 92766), (92784, 92862), + (92880, 92909), (92928, 92975), (92992, 92995), (93027, 93047), + (93053, 93071), (93760, 93823), (93952, 94026), (94032, 94032), + (94099, 94111), (94176, 94177), (94179, 94179), (94208, 100343), + (100352, 101589), (101632, 101640), (110576, 110579), (110581, 110587), + (110589, 110590), (110592, 110882), (110898, 110898), (110928, 110930), + (110933, 110933), (110948, 110951), (110960, 111355), (113664, 113770), + (113776, 113788), (113792, 113800), (113808, 113817), (119808, 119892), + (119894, 119964), (119966, 119967), (119970, 119970), (119973, 119974), + (119977, 119980), (119982, 119993), (119995, 119995), (119997, 120003), + (120005, 120069), (120071, 120074), (120077, 120084), (120086, 120092), + (120094, 120121), (120123, 120126), (120128, 120132), (120134, 120134), + (120138, 120144), (120146, 120485), (120488, 120512), (120514, 120538), + (120540, 120570), (120572, 120596), (120598, 120628), (120630, 120654), + (120656, 120686), (120688, 120712), (120714, 120744), (120746, 120770), + (120772, 120779), (122624, 122654), (122661, 122666), (122928, 122989), + (123136, 123180), (123191, 123197), (123214, 123214), (123536, 123565), + (123584, 123627), (124112, 124139), (124896, 124902), (124904, 124907), + (124909, 124910), (124912, 124926), (124928, 125124), (125184, 125251), + (125259, 125259), (126464, 126467), (126469, 126495), (126497, 126498), + (126500, 126500), (126503, 126503), (126505, 126514), (126516, 126519), + (126521, 126521), (126523, 126523), (126530, 126530), (126535, 126535), + (126537, 126537), (126539, 126539), (126541, 126543), (126545, 126546), + (126548, 126548), (126551, 126551), (126553, 126553), (126555, 126555), + (126557, 126557), (126559, 126559), (126561, 126562), (126564, 126564), + (126567, 126570), (126572, 126578), (126580, 126583), (126585, 126588), + (126590, 126590), (126592, 126601), (126603, 126619), (126625, 126627), + (126629, 126633), (126635, 126651), (131072, 173791), (173824, 177977), + (177984, 178205), (178208, 183969), (183984, 191456), (194560, 195101), + (196608, 201546), (201552, 205743), +]; diff -Nru suricata-6.0.9/src/app-layer.c suricata-6.0.10/src/app-layer.c --- suricata-6.0.9/src/app-layer.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/app-layer.c 2023-01-31 06:26:24.000000000 +0000 @@ -949,7 +949,7 @@ } #define IPPROTOS_MAX 2 -void AppLayerSetupCounters() +void AppLayerSetupCounters(void) { uint8_t ipprotos[] = { IPPROTO_TCP, IPPROTO_UDP }; uint8_t ipproto; @@ -1022,7 +1022,7 @@ } } -void AppLayerDeSetupCounters() +void AppLayerDeSetupCounters(void) { memset(applayer_counter_names, 0, sizeof(applayer_counter_names)); memset(applayer_counters, 0, sizeof(applayer_counters)); diff -Nru suricata-6.0.9/src/app-layer-ftp.c suricata-6.0.10/src/app-layer-ftp.c --- suricata-6.0.9/src/app-layer-ftp.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/app-layer-ftp.c 2023-01-31 06:26:24.000000000 +0000 @@ -656,6 +656,7 @@ FTPFree(state->port_line, state->port_line_size); state->port_line = NULL; state->port_line_size = 0; + state->port_line_len = 0; } SCReturnStruct(APP_LAYER_OK); } diff -Nru suricata-6.0.9/src/app-layer-htp-mem.c suricata-6.0.10/src/app-layer-htp-mem.c --- suricata-6.0.9/src/app-layer-htp-mem.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/app-layer-htp-mem.c 2023-01-31 06:26:24.000000000 +0000 @@ -42,7 +42,7 @@ SC_ATOMIC_DECLARE(uint64_t, htp_memuse); SC_ATOMIC_DECLARE(uint64_t, htp_memcap); -void HTPParseMemcap() +void HTPParseMemcap(void) { const char *conf_val; diff -Nru suricata-6.0.9/src/app-layer-ssl.c suricata-6.0.10/src/app-layer-ssl.c --- suricata-6.0.9/src/app-layer-ssl.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/app-layer-ssl.c 2023-01-31 06:26:24.000000000 +0000 @@ -54,39 +54,41 @@ #include "flow-private.h" #include "util-validate.h" -SCEnumCharMap tls_decoder_event_table[ ] = { +SCEnumCharMap tls_decoder_event_table[] = { /* TLS protocol messages */ - { "INVALID_SSLV2_HEADER", TLS_DECODER_EVENT_INVALID_SSLV2_HEADER }, - { "INVALID_TLS_HEADER", TLS_DECODER_EVENT_INVALID_TLS_HEADER }, - { "INVALID_RECORD_VERSION", TLS_DECODER_EVENT_INVALID_RECORD_VERSION }, - { "INVALID_RECORD_TYPE", TLS_DECODER_EVENT_INVALID_RECORD_TYPE }, - { "INVALID_HANDSHAKE_MESSAGE", TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE }, - { "HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_HEARTBEAT }, - { "INVALID_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_INVALID_HEARTBEAT }, - { "OVERFLOW_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT }, + { "INVALID_SSLV2_HEADER", TLS_DECODER_EVENT_INVALID_SSLV2_HEADER }, + { "INVALID_TLS_HEADER", TLS_DECODER_EVENT_INVALID_TLS_HEADER }, + { "INVALID_RECORD_VERSION", TLS_DECODER_EVENT_INVALID_RECORD_VERSION }, + { "INVALID_RECORD_TYPE", TLS_DECODER_EVENT_INVALID_RECORD_TYPE }, + { "INVALID_RECORD_LENGTH", TLS_DECODER_EVENT_INVALID_RECORD_LENGTH }, + { "INVALID_HANDSHAKE_MESSAGE", TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE }, + { "HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_HEARTBEAT }, + { "INVALID_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_INVALID_HEARTBEAT }, + { "OVERFLOW_HEARTBEAT_MESSAGE", TLS_DECODER_EVENT_OVERFLOW_HEARTBEAT }, { "DATALEAK_HEARTBEAT_MISMATCH", TLS_DECODER_EVENT_DATALEAK_HEARTBEAT_MISMATCH }, - { "HANDSHAKE_INVALID_LENGTH", TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH }, - { "MULTIPLE_SNI_EXTENSIONS", TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS }, - { "INVALID_SNI_TYPE", TLS_DECODER_EVENT_INVALID_SNI_TYPE }, - { "INVALID_SNI_LENGTH", TLS_DECODER_EVENT_INVALID_SNI_LENGTH }, - { "TOO_MANY_RECORDS_IN_PACKET", TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET }, + { "HANDSHAKE_INVALID_LENGTH", TLS_DECODER_EVENT_HANDSHAKE_INVALID_LENGTH }, + { "MULTIPLE_SNI_EXTENSIONS", TLS_DECODER_EVENT_MULTIPLE_SNI_EXTENSIONS }, + { "INVALID_SNI_TYPE", TLS_DECODER_EVENT_INVALID_SNI_TYPE }, + { "INVALID_SNI_LENGTH", TLS_DECODER_EVENT_INVALID_SNI_LENGTH }, + { "TOO_MANY_RECORDS_IN_PACKET", TLS_DECODER_EVENT_TOO_MANY_RECORDS_IN_PACKET }, /* certificate decoding messages */ - { "INVALID_CERTIFICATE", TLS_DECODER_EVENT_INVALID_CERTIFICATE }, - { "CERTIFICATE_INVALID_LENGTH", TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH }, + { "INVALID_CERTIFICATE", TLS_DECODER_EVENT_INVALID_CERTIFICATE }, + { "CERTIFICATE_INVALID_LENGTH", TLS_DECODER_EVENT_CERTIFICATE_INVALID_LENGTH }, { "CERTIFICATE_INVALID_VERSION", TLS_DECODER_EVENT_CERTIFICATE_INVALID_VERSION }, - { "CERTIFICATE_INVALID_SERIAL", TLS_DECODER_EVENT_CERTIFICATE_INVALID_SERIAL }, - { "CERTIFICATE_INVALID_ALGORITHMIDENTIFIER", TLS_DECODER_EVENT_CERTIFICATE_INVALID_ALGORITHMIDENTIFIER }, + { "CERTIFICATE_INVALID_SERIAL", TLS_DECODER_EVENT_CERTIFICATE_INVALID_SERIAL }, + { "CERTIFICATE_INVALID_ALGORITHMIDENTIFIER", + TLS_DECODER_EVENT_CERTIFICATE_INVALID_ALGORITHMIDENTIFIER }, { "CERTIFICATE_INVALID_X509NAME", TLS_DECODER_EVENT_CERTIFICATE_INVALID_X509NAME }, - { "CERTIFICATE_INVALID_DATE", TLS_DECODER_EVENT_CERTIFICATE_INVALID_DATE }, + { "CERTIFICATE_INVALID_DATE", TLS_DECODER_EVENT_CERTIFICATE_INVALID_DATE }, { "CERTIFICATE_INVALID_EXTENSIONS", TLS_DECODER_EVENT_CERTIFICATE_INVALID_EXTENSIONS }, - { "CERTIFICATE_INVALID_DER", TLS_DECODER_EVENT_CERTIFICATE_INVALID_DER }, + { "CERTIFICATE_INVALID_DER", TLS_DECODER_EVENT_CERTIFICATE_INVALID_DER }, { "CERTIFICATE_INVALID_SUBJECT", TLS_DECODER_EVENT_CERTIFICATE_INVALID_SUBJECT }, - { "CERTIFICATE_INVALID_ISSUER", TLS_DECODER_EVENT_CERTIFICATE_INVALID_ISSUER }, + { "CERTIFICATE_INVALID_ISSUER", TLS_DECODER_EVENT_CERTIFICATE_INVALID_ISSUER }, { "CERTIFICATE_INVALID_VALIDITY", TLS_DECODER_EVENT_CERTIFICATE_INVALID_VALIDITY }, - { "ERROR_MESSAGE_ENCOUNTERED", TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED }, + { "ERROR_MESSAGE_ENCOUNTERED", TLS_DECODER_EVENT_ERROR_MSG_ENCOUNTERED }, /* used as a generic error event */ - { "INVALID_SSL_RECORD", TLS_DECODER_EVENT_INVALID_SSL_RECORD }, - { NULL, -1 }, + { "INVALID_SSL_RECORD", TLS_DECODER_EVENT_INVALID_SSL_RECORD }, + { NULL, -1 }, }; enum { @@ -162,6 +164,8 @@ #define SSLV3_RECORD_HDR_LEN 5 #define SSLV3_MESSAGE_HDR_LEN 4 +/** max length according to RFC 5246 6.2.2 is 2^14 + 1024 */ +#define SSLV3_RECORD_MAX_LEN ((1 << 14) + 1024) #define SSLV3_CLIENT_HELLO_VERSION_LEN 2 #define SSLV3_CLIENT_HELLO_RANDOM_LEN 32 @@ -176,6 +180,26 @@ #define HAS_SPACE(n) ((uint64_t)(input - initial_input) + (uint64_t)(n) <= (uint64_t)(input_len)) +struct SSLDecoderResult { + int retval; // nr bytes consumed from input, or < 0 on error + uint32_t needed; // more bytes needed +}; +#define SSL_DECODER_ERROR(e) \ + (struct SSLDecoderResult) \ + { \ + (e), 0 \ + } +#define SSL_DECODER_OK(c) \ + (struct SSLDecoderResult) \ + { \ + (c), 0 \ + } +#define SSL_DECODER_INCOMPLETE(c, n) \ + (struct SSLDecoderResult) \ + { \ + (c), (n) \ + } + static inline int SafeMemcpy(void *dst, size_t dst_offset, size_t dst_size, const void *src, size_t src_offset, size_t src_size, size_t src_tocopy) WARN_UNUSED; @@ -206,25 +230,11 @@ #define ValidateRecordState(...) #endif -#ifdef DEBUG_VALIDATION -#define ValidateTrecBuffer(connp) \ - do { \ - DEBUG_VALIDATE_BUG_ON((connp)->trec_pos > (connp)->trec_len); \ - DEBUG_VALIDATE_BUG_ON((connp)->trec == NULL && (connp)->trec_len > 0); \ - DEBUG_VALIDATE_BUG_ON((connp)->trec == NULL && (connp)->trec_pos > 0); \ - } while(0) -#else -#define ValidateTrecBuffer(...) -#endif - -#define SSLParserHSReset(connp) \ - do { \ - (connp)->trec_pos = 0; \ - (connp)->handshake_type = 0; \ - (connp)->hs_bytes_processed = 0; \ - (connp)->message_length = 0; \ - (connp)->message_start = 0; \ - } while(0) +#define SSLParserHSReset(connp) \ + do { \ + (connp)->handshake_type = 0; \ + (connp)->message_length = 0; \ + } while (0) #define SSLParserReset(state) \ do { \ @@ -445,33 +455,29 @@ } } -static inline int TlsDecodeHSCertificateFingerprint(SSLState *ssl_state, - const uint8_t *input, - uint32_t cert_len) +static inline int TlsDecodeHSCertificateFingerprint( + SSLStateConnp *connp, const uint8_t *input, uint32_t cert_len) { - if (unlikely(ssl_state->server_connp.cert0_fingerprint != NULL)) + if (unlikely(connp->cert0_fingerprint != NULL)) return 0; - ssl_state->server_connp.cert0_fingerprint = SCCalloc(1, SHA1_STRING_LENGTH * - sizeof(char)); - if (ssl_state->server_connp.cert0_fingerprint == NULL) + connp->cert0_fingerprint = SCCalloc(1, SHA1_STRING_LENGTH * sizeof(char)); + if (connp->cert0_fingerprint == NULL) return -1; uint8_t hash[SHA1_LENGTH]; if (ComputeSHA1(input, cert_len, hash, sizeof(hash)) == 1) { for (int i = 0, x = 0; x < SHA1_LENGTH; x++) { - i += snprintf(ssl_state->server_connp.cert0_fingerprint + i, - SHA1_STRING_LENGTH - i, i == 0 ? "%02x" : ":%02x", - hash[x]); + i += snprintf(connp->cert0_fingerprint + i, SHA1_STRING_LENGTH - i, + i == 0 ? "%02x" : ":%02x", hash[x]); } } return 0; } -static inline int TlsDecodeHSCertificateAddCertToChain(SSLState *ssl_state, - const uint8_t *input, - uint32_t cert_len) +static inline int TlsDecodeHSCertificateAddCertToChain( + SSLStateConnp *connp, const uint8_t *input, uint32_t cert_len) { SSLCertsChain *cert = SCCalloc(1, sizeof(SSLCertsChain)); if (cert == NULL) @@ -479,109 +485,86 @@ cert->cert_data = (uint8_t *)input; cert->cert_len = cert_len; - TAILQ_INSERT_TAIL(&ssl_state->server_connp.certs, cert, next); + TAILQ_INSERT_TAIL(&connp->certs, cert, next); return 0; } -/** \retval consumed bytes consumed or -1 on error */ -static int TlsDecodeHSCertificate(SSLState *ssl_state, - const uint8_t * const initial_input, - const uint32_t input_len) +static int TlsDecodeHSCertificate(SSLState *ssl_state, SSLStateConnp *connp, + const uint8_t *const initial_input, const uint32_t input_len, const int certn) { const uint8_t *input = (uint8_t *)initial_input; uint32_t err_code = 0; X509 *x509 = NULL; + int rc = 0; if (!(HAS_SPACE(3))) - return 0; + goto invalid_cert; - uint32_t cert_chain_len = *input << 16 | *(input + 1) << 8 | *(input + 2); + uint32_t cert_len = *input << 16 | *(input + 1) << 8 | *(input + 2); input += 3; - if (!(HAS_SPACE(cert_chain_len))) - return 0; - - uint32_t processed_len = 0; - /* coverity[tainted_data] */ - while (processed_len < cert_chain_len) - { - err_code = 0; - int rc = 0; - - if (!(HAS_SPACE(3))) - goto invalid_cert; - - uint32_t cert_len = *input << 16 | *(input + 1) << 8 | *(input + 2); - input += 3; - - if (!(HAS_SPACE(cert_len))) - goto invalid_cert; - - /* only store fields from the first certificate in the chain */ - if (processed_len == 0 && - ssl_state->server_connp.cert0_subject == NULL && - ssl_state->server_connp.cert0_issuerdn == NULL && - ssl_state->server_connp.cert0_serial == NULL) - { - int64_t not_before, not_after; - - x509 = rs_x509_decode(input, cert_len, &err_code); - if (x509 == NULL) { - TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code); - goto next; - } - - char *str = rs_x509_get_subject(x509); - if (str == NULL) { - err_code = ERR_EXTRACT_SUBJECT; - goto error; - } - ssl_state->server_connp.cert0_subject = str; - - str = rs_x509_get_issuer(x509); - if (str == NULL) { - err_code = ERR_EXTRACT_ISSUER; - goto error; - } - ssl_state->server_connp.cert0_issuerdn = str; + if (!(HAS_SPACE(cert_len))) + goto invalid_cert; - str = rs_x509_get_serial(x509); - if (str == NULL) { - err_code = ERR_INVALID_SERIAL; - goto error; - } - ssl_state->server_connp.cert0_serial = str; + /* only store fields from the first certificate in the chain */ + if (certn == 0 && connp->cert0_subject == NULL && connp->cert0_issuerdn == NULL && + connp->cert0_serial == NULL) { + int64_t not_before, not_after; + + x509 = rs_x509_decode(input, cert_len, &err_code); + if (x509 == NULL) { + TlsDecodeHSCertificateErrSetEvent(ssl_state, err_code); + goto next; + } + + char *str = rs_x509_get_subject(x509); + if (str == NULL) { + err_code = ERR_EXTRACT_SUBJECT; + goto error; + } + connp->cert0_subject = str; - rc = rs_x509_get_validity(x509, ¬_before, ¬_after); - if (rc != 0) { - err_code = ERR_EXTRACT_VALIDITY; - goto error; - } - ssl_state->server_connp.cert0_not_before = (time_t)not_before; - ssl_state->server_connp.cert0_not_after = (time_t)not_after; + str = rs_x509_get_issuer(x509); + if (str == NULL) { + err_code = ERR_EXTRACT_ISSUER; + goto error; + } + connp->cert0_issuerdn = str; - rs_x509_free(x509); - x509 = NULL; + str = rs_x509_get_serial(x509); + if (str == NULL) { + err_code = ERR_INVALID_SERIAL; + goto error; + } + connp->cert0_serial = str; - rc = TlsDecodeHSCertificateFingerprint(ssl_state, input, cert_len); - if (rc != 0) { - SCLogDebug("TlsDecodeHSCertificateFingerprint failed with %d", rc); - goto error; - } + rc = rs_x509_get_validity(x509, ¬_before, ¬_after); + if (rc != 0) { + err_code = ERR_EXTRACT_VALIDITY; + goto error; } + connp->cert0_not_before = (time_t)not_before; + connp->cert0_not_after = (time_t)not_after; + + rs_x509_free(x509); + x509 = NULL; - rc = TlsDecodeHSCertificateAddCertToChain(ssl_state, input, cert_len); + rc = TlsDecodeHSCertificateFingerprint(connp, input, cert_len); if (rc != 0) { - SCLogDebug("TlsDecodeHSCertificateAddCertToChain failed with %d", rc); + SCLogDebug("TlsDecodeHSCertificateFingerprint failed with %d", rc); goto error; } + } -next: - input += cert_len; - processed_len += cert_len + 3; + rc = TlsDecodeHSCertificateAddCertToChain(connp, input, cert_len); + if (rc != 0) { + SCLogDebug("TlsDecodeHSCertificateAddCertToChain failed with %d", rc); + goto error; } +next: + input += cert_len; return (input - initial_input); error: @@ -597,6 +580,57 @@ return -1; } +/** \internal + * \brief parse cert data in a certificate handshake message + * will be called with all data. + * \retval consumed bytes consumed or -1 on error + */ +static int TlsDecodeHSCertificates(SSLState *ssl_state, SSLStateConnp *connp, + const uint8_t *const initial_input, const uint32_t input_len) +{ + const uint8_t *input = (uint8_t *)initial_input; + + if (!(HAS_SPACE(3))) + return -1; + + const uint32_t cert_chain_len = *input << 16 | *(input + 1) << 8 | *(input + 2); + input += 3; + + if (!(HAS_SPACE(cert_chain_len))) + return -1; + + if (connp->certs_buffer != NULL) { + // TODO should we set an event here? + return -1; + } + + connp->certs_buffer = SCCalloc(1, cert_chain_len); + if (connp->certs_buffer == NULL) { + return -1; + } + connp->certs_buffer_size = cert_chain_len; + memcpy(connp->certs_buffer, input, cert_chain_len); + + int cert_cnt = 0; + uint32_t processed_len = 0; + /* coverity[tainted_data] */ + while (processed_len < cert_chain_len) { + int rc = TlsDecodeHSCertificate(ssl_state, connp, connp->certs_buffer + processed_len, + connp->certs_buffer_size - processed_len, cert_cnt); + if (rc <= 0) { // 0 should be impossible, but lets be defensive + return -1; + } + DEBUG_VALIDATE_BUG_ON(processed_len + (uint32_t)rc > cert_chain_len); + if (processed_len + (uint32_t)rc > cert_chain_len) { + return -1; + } + + processed_len += (uint32_t)rc; + } + + return processed_len + 3; +} + /** * \inline * \brief Check if value is GREASE. @@ -969,8 +1003,17 @@ if (!(HAS_SPACE(supported_ver_len))) goto invalid_length; - /* Use the first (and prefered) version as client version */ - ssl_state->curr_connp->version = *input << 8 | *(input + 1); + /* Use the first (and prefered) valid version as client version, + * skip over GREASE and other possible noise. */ + uint16_t i = 0; + while (i + 1 < (uint16_t)supported_ver_len) { + uint16_t ver = (uint16_t)(input[i] << 8) | input[i + 1]; + if (TLSVersionValid(ver)) { + ssl_state->curr_connp->version = ver; + break; + } + i += 2; + } /* Set a flag to indicate that we have seen this extension */ ssl_state->flags |= SSL_AL_FLAG_CH_VERSION_EXTENSION; @@ -1370,103 +1413,7 @@ } end: - ssl_state->curr_connp->hs_bytes_processed = 0; - return 0; -} - -/** \internal - * \brief Get Certificates len so we can know now much (more) we need to buffer - * If we already have a few bytes queued up in 'trec' we use those or a mix of - * those with the input. - */ -static uint32_t GetCertsLen(SSLStateConnp *curr_connp, const uint8_t *input, - const uint32_t input_len) -{ - if (curr_connp->trec != NULL && curr_connp->trec_pos > 0) { - if (curr_connp->trec_pos >= 3) { - const uint8_t * const ptr = curr_connp->trec; - uint32_t len = (*ptr << 16 | *(ptr + 1) << 8 | *(ptr + 2)) + 3; - SCLogDebug("length %u (trec)", len); - return len; - } else if (input_len + curr_connp->trec_pos >= 3) { - uint8_t buf[3] = { 0, 0, 0, }; // init to 0 to make scan-build happy - uint32_t i = 0; - for (uint32_t x = 0; x < curr_connp->trec_pos && i < 3; x++) { - buf[i++] = curr_connp->trec[x]; - } - for (uint32_t x = 0; x < input_len && i < 3; x++) { - buf[i++] = input[x]; - } - uint32_t len = (buf[0] << 16 | buf[1] << 8 | buf[2]) + 3; - SCLogDebug("length %u (part trec, part input)", len); - return len; - } - return 0; - } else if (input_len >= 3) { - uint32_t len = (*input << 16 | *(input + 1) << 8 | *(input + 2)) + 3; - SCLogDebug("length %u (input)", len); - return len; - } else { - SCLogDebug("length unknown (input len %u)", input_len); - return 0; - } -} - -// For certificates whose size is bigger than this, -// we do not allocate all the required memory straight away, -// to avoid DOS by RAM exhaustion, but we will allocate -// this memory once a consequent part of the certificate has been seen. -#define SSL_CERT_MAX_FIRST_ALLOC 65536 // 0x10000 - -/** \internal - * \brief setup or grow the `trec` space in the connp - */ -static int EnsureRecordSpace(SSLStateConnp *curr_connp, const uint8_t * const input, - const uint32_t input_len) -{ - ValidateTrecBuffer(curr_connp); - - uint32_t certs_len = GetCertsLen(curr_connp, input, input_len); - if (certs_len == 0) { - SCLogDebug("cert_len unknown still, create small buffer to start"); - certs_len = 256; - } - // Limit in a first time allocation for very large certificates - if (certs_len > SSL_CERT_MAX_FIRST_ALLOC && certs_len > curr_connp->trec_pos + input_len) { - certs_len = SSL_CERT_MAX_FIRST_ALLOC; - } - - if (curr_connp->trec == NULL) { - curr_connp->trec_len = certs_len; - curr_connp->trec = SCMalloc(curr_connp->trec_len); - if (unlikely(curr_connp->trec == NULL)) - goto error; - } - - if (certs_len > curr_connp->trec_len) { - curr_connp->trec_len = certs_len; - void *ptmp = SCRealloc(curr_connp->trec, curr_connp->trec_len); - if (unlikely(ptmp == NULL)) { - SCFree(curr_connp->trec); - curr_connp->trec = NULL; - goto error; - } - curr_connp->trec = ptmp; - } - ValidateTrecBuffer(curr_connp); return 0; -error: - curr_connp->trec_len = 0; - curr_connp->trec_pos = 0; - ValidateTrecBuffer(curr_connp); - return -1; -} - -static inline bool -HaveEntireRecord(const SSLStateConnp *curr_connp, const uint32_t input_len) -{ - return (curr_connp->bytes_processed + input_len) >= - (curr_connp->record_length + SSLV3_RECORD_HDR_LEN); } #ifdef DEBUG_VALIDATION @@ -1478,79 +1425,45 @@ } #endif -static inline int SSLv3ParseHandshakeTypeCertificate(SSLState *ssl_state, - const uint8_t * const initial_input, - const uint32_t input_len) -{ - ValidateTrecBuffer(ssl_state->curr_connp); - const uint32_t certs_len = GetCertsLen(ssl_state->curr_connp, initial_input, input_len); - SCLogDebug("certs_len %u", certs_len); - - if (EnsureRecordSpace(ssl_state->curr_connp, initial_input, input_len) < 0) { - /* error, skip input data */ - ssl_state->curr_connp->bytes_processed += input_len; - return -1; - } - ValidateTrecBuffer(ssl_state->curr_connp); - - uint32_t write_len = 0; - if (certs_len != 0 && ssl_state->curr_connp->trec_pos + input_len >= certs_len) { - write_len = certs_len - ssl_state->curr_connp->trec_pos; - /* get data left in this frag. The length field may indicate more - * data than just in this record. */ - uint32_t cur_frag_left = ssl_state->curr_connp->record_length + - SSLV3_RECORD_HDR_LEN - ssl_state->curr_connp->bytes_processed; - SCLogDebug("write_len %u cur_frag_left %u", write_len, cur_frag_left); - write_len = MIN(write_len, cur_frag_left); - } else { - uint32_t cur_frag_left = (ssl_state->curr_connp->record_length + - SSLV3_RECORD_HDR_LEN - ssl_state->curr_connp->bytes_processed); - SCLogDebug("cur_frag_left %u", cur_frag_left); - write_len = MIN(input_len, cur_frag_left); - SCLogDebug("write_len %u", write_len); - } - if (write_len == 0) { - /* no (new) data, so we're done */ - ValidateTrecBuffer(ssl_state->curr_connp); - return 0; - } - BUG_ON(write_len > input_len); - - if (SafeMemcpy(ssl_state->curr_connp->trec, - ssl_state->curr_connp->trec_pos, - ssl_state->curr_connp->trec_len, - initial_input, 0, input_len, write_len) != 0) { - return -1; - } - ssl_state->curr_connp->trec_pos += write_len; - SCLogDebug("ssl_state->curr_connp->trec_pos %u", ssl_state->curr_connp->trec_pos); - DEBUG_VALIDATE_BUG_ON(certs_len != 0 && certs_len < ssl_state->curr_connp->trec_pos); - - /* if we didn't yet get enough to determine the certs len, or we can - * see we didn't buffer enough for the certs, don't bother trying to - * parse it the data */ - if (certs_len == 0 || certs_len > ssl_state->curr_connp->trec_pos) { - ssl_state->curr_connp->bytes_processed += write_len; - SCLogDebug("bytes_processed %u record_len %u", - ssl_state->curr_connp->bytes_processed, ssl_state->curr_connp->record_length); - ValidateTrecBuffer(ssl_state->curr_connp); - return write_len; - } - - int rc = TlsDecodeHSCertificate(ssl_state, ssl_state->curr_connp->trec, - ssl_state->curr_connp->trec_pos); +static inline int SSLv3ParseHandshakeTypeCertificate(SSLState *ssl_state, SSLStateConnp *connp, + const uint8_t *const initial_input, const uint32_t input_len) +{ + int rc = TlsDecodeHSCertificates(ssl_state, connp, initial_input, input_len); SCLogDebug("rc %d", rc); if (rc > 0) { - DEBUG_VALIDATE_BUG_ON(rc != (int)ssl_state->curr_connp->trec_pos); - SSLParserHSReset(ssl_state->curr_connp); + DEBUG_VALIDATE_BUG_ON(rc > (int)input_len); + SSLParserHSReset(connp); } else if (rc < 0) { SCLogDebug("error parsing cert, reset state"); - SSLParserHSReset(ssl_state->curr_connp); + SSLParserHSReset(connp); /* fall through to still consume the cert bytes */ } - ssl_state->curr_connp->bytes_processed += write_len; - ValidateTrecBuffer(ssl_state->curr_connp); - return write_len; + return input_len; +} + +static int SupportedHandshakeType(const uint8_t type) +{ + switch (type) { + case SSLV3_HS_CLIENT_HELLO: + case SSLV3_HS_SERVER_HELLO: + case SSLV3_HS_SERVER_KEY_EXCHANGE: + case SSLV3_HS_CLIENT_KEY_EXCHANGE: + case SSLV3_HS_CERTIFICATE: + case SSLV3_HS_HELLO_REQUEST: + case SSLV3_HS_CERTIFICATE_REQUEST: + case SSLV3_HS_CERTIFICATE_VERIFY: + case SSLV3_HS_FINISHED: + case SSLV3_HS_CERTIFICATE_URL: + case SSLV3_HS_CERTIFICATE_STATUS: + case SSLV3_HS_NEW_SESSION_TICKET: + case SSLV3_HS_SERVER_HELLO_DONE: + return true; + break; + + default: + return false; + break; + } } /** @@ -1572,28 +1485,18 @@ case SSLV3_HS_CLIENT_HELLO: ssl_state->current_flags = SSL_AL_FLAG_STATE_CLIENT_HELLO; - /* Only parse the message if it is complete */ - if (input_len >= ssl_state->curr_connp->message_length && - input_len >= 40) { - rc = TLSDecodeHandshakeHello(ssl_state, input, input_len); - if (rc < 0) - return rc; - } - + rc = TLSDecodeHandshakeHello(ssl_state, input, input_len); + if (rc < 0) + return rc; break; case SSLV3_HS_SERVER_HELLO: ssl_state->current_flags = SSL_AL_FLAG_STATE_SERVER_HELLO; - /* Only parse the message if it is complete */ - if (input_len >= ssl_state->curr_connp->message_length && - input_len >= 40) { - rc = TLSDecodeHandshakeHello(ssl_state, input, - ssl_state->curr_connp->message_length); - if (rc < 0) - return rc; - } - + DEBUG_VALIDATE_BUG_ON(ssl_state->curr_connp->message_length != input_len); + rc = TLSDecodeHandshakeHello(ssl_state, input, input_len); + if (rc < 0) + return rc; break; case SSLV3_HS_SERVER_KEY_EXCHANGE: @@ -1611,9 +1514,11 @@ "direction!"); break; } - rc = SSLv3ParseHandshakeTypeCertificate(ssl_state, - initial_input, input_len); - return rc; + + rc = SSLv3ParseHandshakeTypeCertificate( + ssl_state, &ssl_state->server_connp, initial_input, input_len); + if (rc < 0) + return rc; break; case SSLV3_HS_HELLO_REQUEST: @@ -1626,6 +1531,8 @@ case SSLV3_HS_NEW_SESSION_TICKET: SCLogDebug("new session ticket"); break; + case SSLV3_HS_SERVER_HELLO_DONE: + break; default: SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); return -1; @@ -1633,29 +1540,10 @@ ssl_state->flags |= ssl_state->current_flags; - SCLogDebug("message: start %u length %u", ssl_state->curr_connp->message_start, ssl_state->curr_connp->message_length); + SCLogDebug("message: length %u", ssl_state->curr_connp->message_length); SCLogDebug("input_len %u ssl_state->curr_connp->bytes_processed %u", input_len, ssl_state->curr_connp->bytes_processed); - uint32_t write_len = 0; - if (ssl_state->curr_connp->message_start + ssl_state->curr_connp->message_length < - ssl_state->curr_connp->bytes_processed + input_len) { - SCLogDebug("msg done"); - - // Safety check against integer underflow - DEBUG_VALIDATE_BUG_ON( - ssl_state->curr_connp->message_start + ssl_state->curr_connp->message_length < - ssl_state->curr_connp->bytes_processed); - write_len = (ssl_state->curr_connp->message_start + ssl_state->curr_connp->message_length) - - ssl_state->curr_connp->bytes_processed; - DEBUG_VALIDATE_BUG_ON(write_len > input_len); - ssl_state->curr_connp->bytes_processed += write_len; - SSLParserHSReset(ssl_state->curr_connp); - SCLogDebug("write_len %u", write_len); - return write_len; - } else { - ssl_state->curr_connp->bytes_processed += input_len; - return input_len; - } + return input_len; } static int SSLv3ParseHandshakeProtocol(SSLState *ssl_state, const uint8_t *input, @@ -1665,66 +1553,168 @@ if (input_len == 0 || ssl_state->curr_connp->bytes_processed == (ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN)) { - return 0; + SCReturnInt(0); } - SCLogDebug("bytes_processed %u", ssl_state->curr_connp->bytes_processed); - SCLogDebug("ssl_state->curr_connp->hs_bytes_processed %u input %p input_len %u", - ssl_state->curr_connp->hs_bytes_processed, input, input_len); + while (input_len) { + SCLogDebug("input_len %u", input_len); - switch (ssl_state->curr_connp->hs_bytes_processed) { - case 0: - ssl_state->curr_connp->handshake_type = *(input++); - ssl_state->curr_connp->bytes_processed++; - ssl_state->curr_connp->hs_bytes_processed++; - if (--input_len == 0 || ssl_state->curr_connp->bytes_processed == - (ssl_state->curr_connp->record_length + - SSLV3_RECORD_HDR_LEN)) { - return (input - initial_input); + if (ssl_state->curr_connp->hs_buffer != NULL) { + SCLogDebug("partial handshake record in place"); + const uint32_t need = ssl_state->curr_connp->hs_buffer_message_size - + ssl_state->curr_connp->hs_buffer_offset; + const uint32_t add = MIN(need, input_len); + + /* grow buffer to next multiple of 4k that fits all data we have */ + if (ssl_state->curr_connp->hs_buffer_offset + add > + ssl_state->curr_connp->hs_buffer_size) { + const uint32_t avail = ssl_state->curr_connp->hs_buffer_offset + add; + const uint32_t new_size = avail + (4096 - (avail % 4096)); + SCLogDebug("new_size %u, avail %u", new_size, avail); + void *ptr = SCRealloc(ssl_state->curr_connp->hs_buffer, new_size); + if (ptr == NULL) + return -1; + ssl_state->curr_connp->hs_buffer = ptr; + ssl_state->curr_connp->hs_buffer_size = new_size; } - /* fall through */ - case 1: - ssl_state->curr_connp->message_length = *(input++) << 16; - ssl_state->curr_connp->bytes_processed++; - ssl_state->curr_connp->hs_bytes_processed++; - if (--input_len == 0 || ssl_state->curr_connp->bytes_processed == - (ssl_state->curr_connp->record_length + - SSLV3_RECORD_HDR_LEN)) { - return (input - initial_input); + SCLogDebug("ssl_state->curr_connp->hs_buffer_offset %u " + "ssl_state->curr_connp->hs_buffer_size %u", + ssl_state->curr_connp->hs_buffer_offset, ssl_state->curr_connp->hs_buffer_size); + SCLogDebug("to add %u total %u", add, ssl_state->curr_connp->hs_buffer_offset + add); + + if (SafeMemcpy(ssl_state->curr_connp->hs_buffer, + ssl_state->curr_connp->hs_buffer_offset, + ssl_state->curr_connp->hs_buffer_size, input, 0, add, add) != 0) { + SCLogDebug("copy failed"); + return -1; } + ssl_state->curr_connp->hs_buffer_offset += add; - /* fall through */ - case 2: - ssl_state->curr_connp->message_length |= *(input++) << 8; - ssl_state->curr_connp->bytes_processed++; - ssl_state->curr_connp->hs_bytes_processed++; - if (--input_len == 0 || ssl_state->curr_connp->bytes_processed == - (ssl_state->curr_connp->record_length + - SSLV3_RECORD_HDR_LEN)) { - return (input - initial_input); + if (ssl_state->curr_connp->hs_buffer_message_size <= + ssl_state->curr_connp->hs_buffer_offset) { + DEBUG_VALIDATE_BUG_ON(ssl_state->curr_connp->hs_buffer_message_size != + ssl_state->curr_connp->hs_buffer_offset); + + ssl_state->curr_connp->handshake_type = + ssl_state->curr_connp->hs_buffer_message_type; + ssl_state->curr_connp->message_length = + ssl_state->curr_connp->hs_buffer_message_size; + + SCLogDebug("got all data now: handshake_type %u message_length %u", + ssl_state->curr_connp->handshake_type, + ssl_state->curr_connp->message_length); + + int retval = SSLv3ParseHandshakeType(ssl_state, ssl_state->curr_connp->hs_buffer, + ssl_state->curr_connp->hs_buffer_offset, direction); + if (retval < 0) { + SSLParserHSReset(ssl_state->curr_connp); + return (retval); + } + SCLogDebug("retval %d", retval); + + /* data processed, reset buffer */ + SCFree(ssl_state->curr_connp->hs_buffer); + ssl_state->curr_connp->hs_buffer = NULL; + ssl_state->curr_connp->hs_buffer_size = 0; + ssl_state->curr_connp->hs_buffer_message_size = 0; + ssl_state->curr_connp->hs_buffer_message_type = 0; + ssl_state->curr_connp->hs_buffer_offset = 0; + } else { + SCLogDebug("partial data"); } - /* fall through */ - case 3: - ssl_state->curr_connp->message_length |= *(input++); - ssl_state->curr_connp->bytes_processed++; - ssl_state->curr_connp->hs_bytes_processed++; - --input_len; - ssl_state->curr_connp->message_start = ssl_state->curr_connp->bytes_processed; + input += add; + input_len -= add; + SCLogDebug("input_len %u", input_len); + SSLParserHSReset(ssl_state->curr_connp); + continue; + } - /* fall through */ - } - SCLogDebug("message len %u input %p", ssl_state->curr_connp->message_length, input); + SCLogDebug("bytes_processed %u", ssl_state->curr_connp->bytes_processed); + SCLogDebug("input %p input_len %u", input, input_len); - int retval = SSLv3ParseHandshakeType(ssl_state, input, input_len, direction); - if (retval < 0 || retval > (int)input_len) { - DEBUG_VALIDATE_BUG_ON(retval > (int)input_len); - return retval; - } - SCLogDebug("retval %d input_len %u", retval, input_len); - input += retval; + if (input_len < 4) { + SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); + SCReturnInt(-1); + } + ssl_state->curr_connp->handshake_type = input[0]; + ssl_state->curr_connp->message_length = input[1] << 16 | input[2] << 8 | input[3]; + SCLogDebug("handshake_type %u message len %u input %p input_len %u", + ssl_state->curr_connp->handshake_type, ssl_state->curr_connp->message_length, input, + input_len); + input += 4; + input_len -= 4; + + const uint32_t record_len = ssl_state->curr_connp->message_length; + /* see if we support this type. We check here to not use the fragment + * handling on things we don't support. */ + const bool supported_type = SupportedHandshakeType(ssl_state->curr_connp->handshake_type); + SCLogDebug("supported_type %s handshake_type %u/%02x", supported_type ? "true" : "false", + ssl_state->curr_connp->handshake_type, ssl_state->curr_connp->handshake_type); + if (!supported_type) { + uint32_t avail_record_len = MIN(input_len, record_len); + input += avail_record_len; + input_len -= avail_record_len; + + SSLParserHSReset(ssl_state->curr_connp); + + if ((direction && (ssl_state->flags & SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC)) || + (!direction && (ssl_state->flags & SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC))) { + // after Change Cipher Spec we get Encrypted Handshake Messages + } else { + SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE); + } + continue; + } + + /* if the message lenght exceeds our input_len, we have a tls fragment. */ + if (record_len > input_len) { + const uint32_t avail = input_len; + const uint32_t size = avail + (4096 - (avail % 4096)); + SCLogDebug("initial buffer size %u, based on input %u", size, avail); + ssl_state->curr_connp->hs_buffer = SCCalloc(1, size); + if (ssl_state->curr_connp->hs_buffer == NULL) { + return -1; + } + ssl_state->curr_connp->hs_buffer_size = size; + ssl_state->curr_connp->hs_buffer_message_size = record_len; + ssl_state->curr_connp->hs_buffer_message_type = ssl_state->curr_connp->handshake_type; + + if (input_len > 0) { + if (SafeMemcpy(ssl_state->curr_connp->hs_buffer, 0, + ssl_state->curr_connp->hs_buffer_size, input, 0, input_len, + input_len) != 0) { + return -1; + } + ssl_state->curr_connp->hs_buffer_offset = input_len; + } + SCLogDebug("opened record buffer %p size %u offset %u type %u msg_size %u", + ssl_state->curr_connp->hs_buffer, ssl_state->curr_connp->hs_buffer_size, + ssl_state->curr_connp->hs_buffer_offset, + ssl_state->curr_connp->hs_buffer_message_type, + ssl_state->curr_connp->hs_buffer_message_size); + input += input_len; + SSLParserHSReset(ssl_state->curr_connp); + return (input - initial_input); + + } else { + /* full record, parse it now */ + int retval = SSLv3ParseHandshakeType( + ssl_state, input, ssl_state->curr_connp->message_length, direction); + if (retval < 0 || retval > (int)input_len) { + DEBUG_VALIDATE_BUG_ON(retval > (int)input_len); + return (retval); + } + SCLogDebug("retval %d input_len %u", retval, input_len); + input += retval; + input_len -= retval; + + SSLParserHSReset(ssl_state->curr_connp); + } + SCLogDebug("input_len left %u", input_len); + } return (input - initial_input); } @@ -2019,11 +2009,9 @@ return (input - initial_input); } -static int SSLv2Decode(uint8_t direction, SSLState *ssl_state, - AppLayerParserState *pstate, const uint8_t *input, - uint32_t input_len) +static struct SSLDecoderResult SSLv2Decode(uint8_t direction, SSLState *ssl_state, + AppLayerParserState *pstate, const uint8_t *input, uint32_t input_len) { - int retval = 0; const uint8_t *initial_input = input; if (ssl_state->curr_connp->bytes_processed == 0) { @@ -2038,32 +2026,44 @@ to read the msg_type */ if (ssl_state->curr_connp->bytes_processed < (ssl_state->curr_connp->record_lengths_length + 1)) { - retval = SSLv2ParseRecord(direction, ssl_state, input, input_len); + const int retval = SSLv2ParseRecord(direction, ssl_state, input, input_len); + SCLogDebug("retval %d ssl_state->curr_connp->record_length %u", retval, + ssl_state->curr_connp->record_length); if (retval < 0 || retval > (int)input_len) { DEBUG_VALIDATE_BUG_ON(retval > (int)input_len); SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSLV2_HEADER); - return -1; + return SSL_DECODER_ERROR(-1); } input += retval; input_len -= retval; } + /* if we don't have the full record, we return incomplete */ + if (ssl_state->curr_connp->record_lengths_length + ssl_state->curr_connp->record_length > + input_len + ssl_state->curr_connp->bytes_processed) { + uint32_t needed = ssl_state->curr_connp->record_length; + SCLogDebug("record len %u input_len %u parsed %u: need %u bytes more data", + ssl_state->curr_connp->record_length, input_len, (uint32_t)(input - initial_input), + needed); + return SSL_DECODER_INCOMPLETE((input - initial_input), needed); + } + if (input_len == 0) { - return (input - initial_input); + return SSL_DECODER_OK((input - initial_input)); } /* record_length should never be zero */ if (ssl_state->curr_connp->record_length == 0) { SCLogDebug("SSLv2 record length is zero"); SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSLV2_HEADER); - return -1; + return SSL_DECODER_ERROR(-1); } /* record_lenghts_length should never be zero */ if (ssl_state->curr_connp->record_lengths_length == 0) { SCLogDebug("SSLv2 record lengths length is zero"); SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSLV2_HEADER); - return -1; + return SSL_DECODER_ERROR(-1); } switch (ssl_state->curr_connp->content_type) { @@ -2075,122 +2075,24 @@ break; case SSLV2_MT_CLIENT_HELLO: + if (input_len < 6) { + SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); + return SSL_DECODER_ERROR(-1); + } + ssl_state->current_flags = SSL_AL_FLAG_STATE_CLIENT_HELLO; ssl_state->current_flags |= SSL_AL_FLAG_SSL_CLIENT_HS; - if (ssl_state->curr_connp->record_lengths_length == 3) { - switch (ssl_state->curr_connp->bytes_processed) { - case 4: - if (input_len >= 6) { - uint16_t session_id_length = input[5] | (input[4] << 8); - input += 6; - input_len -= 6; - ssl_state->curr_connp->bytes_processed += 6; - if (session_id_length == 0) { - ssl_state->current_flags |= SSL_AL_FLAG_SSL_NO_SESSION_ID; - } - - break; - } else { - input++; - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - } - - /* fall through */ - case 5: - input++; - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - - /* fall through */ - case 6: - input++; - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - - /* fall through */ - case 7: - input++; - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - - /* fall through */ - case 8: - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - - /* fall through */ - case 9: - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - - /* fall through */ - } - - } else { - switch (ssl_state->curr_connp->bytes_processed) { - case 3: - if (input_len >= 6) { - uint16_t session_id_length = input[5] | (input[4] << 8); - input += 6; - input_len -= 6; - ssl_state->curr_connp->bytes_processed += 6; - if (session_id_length == 0) { - ssl_state->current_flags |= SSL_AL_FLAG_SSL_NO_SESSION_ID; - } - - break; - } else { - input++; - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - } - - /* fall through */ - case 4: - input++; - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - - /* fall through */ - case 5: - input++; - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - - /* fall through */ - case 6: - input++; - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - - /* fall through */ - case 7: - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - - /* fall through */ - case 8: - ssl_state->curr_connp->bytes_processed++; - if (--input_len == 0) - break; - - /* fall through */ - } + const uint16_t version = (uint16_t)(input[0] << 8) | input[1]; + SCLogDebug("SSLv2: version %04x", version); + ssl_state->curr_connp->version = version; + uint16_t session_id_length = (input[5]) | (uint16_t)(input[4] << 8); + input += 6; + input_len -= 6; + ssl_state->curr_connp->bytes_processed += 6; + if (session_id_length == 0) { + ssl_state->current_flags |= SSL_AL_FLAG_SSL_NO_SESSION_ID; } - break; case SSLV2_MT_CLIENT_MASTER_KEY: @@ -2277,36 +2179,105 @@ ssl_state->curr_connp->bytes_processed; input += diff; SSLParserReset(ssl_state); - return (input - initial_input); - /* we still don't have the entire record for the one we are - currently parsing */ + /* we still don't have the entire record for the one we are + currently parsing */ } else { input += input_len; ssl_state->curr_connp->bytes_processed += input_len; - return (input - initial_input); } + return SSL_DECODER_OK((input - initial_input)); } -static int SSLv3Decode(uint8_t direction, SSLState *ssl_state, - AppLayerParserState *pstate, const uint8_t *input, - const uint32_t input_len) +static struct SSLDecoderResult SSLv3Decode(uint8_t direction, SSLState *ssl_state, + AppLayerParserState *pstate, const uint8_t *input, const uint32_t input_len) { uint32_t parsed = 0; uint32_t record_len; /* slice of input_len for the current record */ if (ssl_state->curr_connp->bytes_processed < SSLV3_RECORD_HDR_LEN) { + const uint16_t prev_version = ssl_state->curr_connp->version; + int retval = SSLv3ParseRecord(direction, ssl_state, input, input_len); if (retval < 0 || retval > (int)input_len) { DEBUG_VALIDATE_BUG_ON(retval > (int)input_len); SCLogDebug("SSLv3ParseRecord returned %d", retval); SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_TLS_HEADER); - return -1; + return SSL_DECODER_ERROR(-1); + } + parsed = retval; + + SCLogDebug("%s input %p record_length %u", (direction == 0) ? "toserver" : "toclient", + input, ssl_state->curr_connp->record_length); + + /* parser is streaming for the initial header, then switches to incomplete + * API: so if we don't have the hdr yet, return consumed bytes and wait + * until we are called again with new data. */ + if (ssl_state->curr_connp->bytes_processed < SSLV3_RECORD_HDR_LEN) { + SCLogDebug( + "incomplete header, return %u bytes consumed and wait for more data", parsed); + return SSL_DECODER_OK(parsed); } - parsed += retval; + record_len = MIN(input_len - parsed, ssl_state->curr_connp->record_length); - SCLogDebug("record_len %u (input_len %u, parsed %u, ssl_state->curr_connp->record_length %u)", + SCLogDebug( + "record_len %u (input_len %u, parsed %u, ssl_state->curr_connp->record_length %u)", record_len, input_len, parsed, ssl_state->curr_connp->record_length); + + bool unknown_record = false; + switch (ssl_state->curr_connp->content_type) { + case SSLV3_CHANGE_CIPHER_SPEC: + case SSLV3_ALERT_PROTOCOL: + case SSLV3_HANDSHAKE_PROTOCOL: + case SSLV3_APPLICATION_PROTOCOL: + case SSLV3_HEARTBEAT_PROTOCOL: + break; + default: + unknown_record = true; + break; + } + + /* unknown record type. For TLS 1.0, 1.1 and 1.2 this is ok. For the rest it is fatal. Based + * on Wireshark logic. */ + if (prev_version == TLS_VERSION_10 || prev_version == TLS_VERSION_11) { + if (unknown_record) { + SCLogDebug("unknown record, ignore it"); + SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_TYPE); + + ssl_state->curr_connp->bytes_processed = 0; // TODO review this reset logic + ssl_state->curr_connp->content_type = 0; + ssl_state->curr_connp->record_length = 0; + // restore last good version + ssl_state->curr_connp->version = prev_version; + return SSL_DECODER_OK(input_len); // consume everything + } + } else { + if (unknown_record) { + SCLogDebug("unknown record, fatal"); + SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_TYPE); + return SSL_DECODER_ERROR(-1); + } + } + + /* record_length should never be zero */ + if (ssl_state->curr_connp->record_length == 0) { + SCLogDebug("SSLv3 Record length is 0"); + SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_LENGTH); + return SSL_DECODER_ERROR(-1); + } + + if (!TLSVersionValid(ssl_state->curr_connp->version)) { + SCLogDebug("ssl_state->curr_connp->version %04x", ssl_state->curr_connp->version); + SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_VERSION); + return SSL_DECODER_ERROR(-1); + } + + if (ssl_state->curr_connp->bytes_processed == SSLV3_RECORD_HDR_LEN && + ssl_state->curr_connp->record_length > SSLV3_RECORD_MAX_LEN) { + SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_LENGTH); + return SSL_DECODER_ERROR(-1); + } + DEBUG_VALIDATE_BUG_ON(ssl_state->curr_connp->bytes_processed > SSLV3_RECORD_HDR_LEN); } else { ValidateRecordState(ssl_state->curr_connp); @@ -2316,19 +2287,26 @@ SCLogDebug("record length %u processed %u got %u", ssl_state->curr_connp->record_length, ssl_state->curr_connp->bytes_processed, record_len); - if (record_len == 0) { - return parsed; + /* if we don't have the full record, we return incomplete */ + if (ssl_state->curr_connp->record_length > input_len - parsed) { + /* no need to use incomplete api buffering for application + * records that we'll not use anyway. */ + if (ssl_state->curr_connp->content_type == SSLV3_APPLICATION_PROTOCOL) { + SCLogDebug("application record"); + } else { + uint32_t needed = ssl_state->curr_connp->record_length; + SCLogDebug("record len %u input_len %u parsed %u: need %u bytes more data", + ssl_state->curr_connp->record_length, input_len, parsed, needed); + DEBUG_VALIDATE_BUG_ON(needed > SSLV3_RECORD_MAX_LEN); + return SSL_DECODER_INCOMPLETE(parsed, needed); + } } - /* record_length should never be zero */ - if (ssl_state->curr_connp->record_length == 0) { - SCLogDebug("SSLv3 Record length is 0"); - SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_TLS_HEADER); - return -1; + if (record_len == 0) { + return SSL_DECODER_OK(parsed); } switch (ssl_state->curr_connp->content_type) { - /* we don't need any data from these types */ case SSLV3_CHANGE_CIPHER_SPEC: ssl_state->flags |= SSL_AL_FLAG_CHANGE_CIPHER_SPEC; @@ -2338,7 +2316,6 @@ } else { ssl_state->flags |= SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC; } - break; case SSLV3_ALERT_PROTOCOL: @@ -2374,7 +2351,6 @@ AppLayerParserStateSetFlag(pstate, APP_LAYER_PARSER_BYPASS_READY); } - break; case SSLV3_HANDSHAKE_PROTOCOL: { @@ -2388,7 +2364,6 @@ /* do nothing */ } else { // if we started parsing this, we must stop - ssl_state->curr_connp->hs_bytes_processed = 0; break; } } @@ -2397,90 +2372,54 @@ SSLParserReset(ssl_state); SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); SCLogDebug("record len < 4 => %u", ssl_state->curr_connp->record_length); - return -1; + return SSL_DECODER_ERROR(-1); } int retval = SSLv3ParseHandshakeProtocol(ssl_state, input + parsed, record_len, direction); + SCLogDebug("retval %d", retval); if (retval < 0 || retval > (int)record_len) { DEBUG_VALIDATE_BUG_ON(retval > (int)record_len); - SSLSetEvent(ssl_state, - TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE); - SSLSetEvent(ssl_state, - TLS_DECODER_EVENT_INVALID_SSL_RECORD); + SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE); SCLogDebug("SSLv3ParseHandshakeProtocol returned %d", retval); - return -1; + return SSL_DECODER_ERROR(-1); } - SCLogDebug("retval %d", retval); - - parsed += retval; - record_len -= retval; - (void)record_len; /* for scan-build */ - - SCLogDebug("bytes_processed %u (record+hdr %u)", ssl_state->curr_connp->bytes_processed, - (ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN)); ValidateRecordState(ssl_state->curr_connp); - - if (ssl_state->curr_connp->bytes_processed >= - ssl_state->curr_connp->record_length + - SSLV3_RECORD_HDR_LEN) { - SCLogDebug("record ready"); - SSLParserReset(ssl_state); - } - - SCLogDebug("trigger RAW! (post HS)"); - AppLayerParserTriggerRawStreamReassembly(ssl_state->f, - direction == 0 ? STREAM_TOSERVER : STREAM_TOCLIENT); - return parsed; + break; } case SSLV3_HEARTBEAT_PROTOCOL: { int retval = SSLv3ParseHeartbeatProtocol(ssl_state, input + parsed, record_len, direction); if (retval < 0) { SCLogDebug("SSLv3ParseHeartbeatProtocol returned %d", retval); - return -1; + return SSL_DECODER_ERROR(-1); } break; } default: - /* \todo fix the event from invalid rule to unknown rule */ - SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_RECORD_TYPE); - SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); + // should be unreachable now that we check after header parsing + DEBUG_VALIDATE_BUG_ON(1); SCLogDebug("unsupported record type"); - return -1; + return SSL_DECODER_ERROR(-1); } - if (HaveEntireRecord(ssl_state->curr_connp, record_len)) { - DEBUG_VALIDATE_BUG_ON(((ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN) < - ssl_state->curr_connp->bytes_processed)); - - if ((ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN) < - ssl_state->curr_connp->bytes_processed) { - /* defensive checks. Something is wrong. */ - SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); - SCLogDebug("defensive checks. Something is wrong."); - return -1; - } + parsed += record_len; + ssl_state->curr_connp->bytes_processed += record_len; + if (ssl_state->curr_connp->bytes_processed >= + ssl_state->curr_connp->record_length + SSLV3_RECORD_HDR_LEN) { SCLogDebug("record complete, trigger RAW"); - AppLayerParserTriggerRawStreamReassembly(ssl_state->f, - direction == 0 ? STREAM_TOSERVER : STREAM_TOCLIENT); - - /* looks like we have another record */ - uint32_t diff = ssl_state->curr_connp->record_length + - SSLV3_RECORD_HDR_LEN - ssl_state->curr_connp->bytes_processed; - parsed += diff; + AppLayerParserTriggerRawStreamReassembly( + ssl_state->f, direction == 0 ? STREAM_TOSERVER : STREAM_TOCLIENT); SSLParserReset(ssl_state); ValidateRecordState(ssl_state->curr_connp); - return parsed; + return SSL_DECODER_OK(parsed); - /* we still don't have the entire record for the one we are - currently parsing */ } else { - parsed += record_len; - ssl_state->curr_connp->bytes_processed += record_len; + /* we still don't have the entire record for the one we are + currently parsing */ ValidateRecordState(ssl_state->curr_connp); - return parsed; + return SSL_DECODER_OK(parsed); } } @@ -2510,6 +2449,7 @@ SSLState *ssl_state = (SSLState *)alstate; uint32_t counter = 0; int32_t input_len = (int32_t)ilen; + const uint8_t *init_input = input; ssl_state->f = f; if (input == NULL && @@ -2557,8 +2497,8 @@ SCLogDebug("SSL/TLS version reset"); } } - SCLogDebug("record %u: bytes_processed %u, version %02X", counter, - ssl_state->curr_connp->bytes_processed, ssl_state->curr_connp->version); + SCLogDebug("record %u: bytes_processed %u, version %02X, input_len %u", counter, + ssl_state->curr_connp->bytes_processed, ssl_state->curr_connp->version, input_len); if (ssl_state->curr_connp->version == SSL_VERSION_2) { if (ssl_state->curr_connp->bytes_processed == 0) { @@ -2566,20 +2506,24 @@ } else { SCLogDebug("Continuing parsing SSLv2 record"); } - int retval = SSLv2Decode(direction, ssl_state, pstate, input, - input_len); - if (retval < 0 || retval > input_len) { - DEBUG_VALIDATE_BUG_ON(retval > input_len); + struct SSLDecoderResult r = SSLv2Decode(direction, ssl_state, pstate, input, input_len); + if (r.retval < 0 || r.retval > input_len) { + DEBUG_VALIDATE_BUG_ON(r.retval > input_len); SCLogDebug("Error parsing SSLv2. Reseting parser " "state. Let's get outta here"); SSLParserReset(ssl_state); SSLSetEvent(ssl_state, TLS_DECODER_EVENT_INVALID_SSL_RECORD); - return APP_LAYER_OK; - } - input_len -= retval; - input += retval; - SCLogDebug("SSLv2 decoder consumed %d bytes: %u left", retval, input_len); + return APP_LAYER_ERROR; + } else if (r.needed) { + input += r.retval; + SCLogDebug("returning consumed %" PRIuMAX " needed %u", + (uintmax_t)(input - init_input), r.needed); + SCReturnStruct(APP_LAYER_INCOMPLETE(input - init_input, r.needed)); + } + input_len -= r.retval; + input += r.retval; + SCLogDebug("SSLv2 decoder consumed %d bytes: %u left", r.retval, input_len); } else { if (ssl_state->curr_connp->bytes_processed == 0) { SCLogDebug("New TLS record: record_length %u", @@ -2588,18 +2532,22 @@ SCLogDebug("Continuing parsing TLS record: record_length %u, bytes_processed %u", ssl_state->curr_connp->record_length, ssl_state->curr_connp->bytes_processed); } - int retval = SSLv3Decode(direction, ssl_state, pstate, input, - input_len); - if (retval < 0 || retval > input_len) { - DEBUG_VALIDATE_BUG_ON(retval > input_len); + struct SSLDecoderResult r = SSLv3Decode(direction, ssl_state, pstate, input, input_len); + if (r.retval < 0 || r.retval > input_len) { + DEBUG_VALIDATE_BUG_ON(r.retval > input_len); SCLogDebug("Error parsing TLS. Reseting parser " "state. Let's get outta here"); SSLParserReset(ssl_state); return APP_LAYER_ERROR; - } - input_len -= retval; - input += retval; - SCLogDebug("TLS decoder consumed %d bytes: %u left", retval, input_len); + } else if (r.needed) { + input += r.retval; + SCLogDebug("returning consumed %" PRIuMAX " needed %u", + (uintmax_t)(input - init_input), r.needed); + SCReturnStruct(APP_LAYER_INCOMPLETE(input - init_input, r.needed)); + } + input_len -= r.retval; + input += r.retval; + SCLogDebug("TLS decoder consumed %d bytes: %u left", r.retval, input_len); if (ssl_state->curr_connp->bytes_processed == SSLV3_RECORD_HDR_LEN && ssl_state->curr_connp->record_length == 0) { @@ -2668,8 +2616,6 @@ SSLState *ssl_state = (SSLState *)p; SSLCertsChain *item; - if (ssl_state->client_connp.trec) - SCFree(ssl_state->client_connp.trec); if (ssl_state->client_connp.cert0_subject) rs_cstring_free(ssl_state->client_connp.cert0_subject); if (ssl_state->client_connp.cert0_issuerdn) @@ -2682,9 +2628,9 @@ SCFree(ssl_state->client_connp.sni); if (ssl_state->client_connp.session_id) SCFree(ssl_state->client_connp.session_id); + if (ssl_state->client_connp.hs_buffer) + SCFree(ssl_state->client_connp.hs_buffer); - if (ssl_state->server_connp.trec) - SCFree(ssl_state->server_connp.trec); if (ssl_state->server_connp.cert0_subject) rs_cstring_free(ssl_state->server_connp.cert0_subject); if (ssl_state->server_connp.cert0_issuerdn) @@ -2706,6 +2652,8 @@ Ja3BufferFree(&ssl_state->server_connp.ja3_str); if (ssl_state->server_connp.ja3_hash) SCFree(ssl_state->server_connp.ja3_hash); + if (ssl_state->server_connp.hs_buffer) + SCFree(ssl_state->server_connp.hs_buffer); AppLayerDecoderEventsFreeEvents(&ssl_state->decoder_events); @@ -2714,6 +2662,8 @@ } /* Free certificate chain */ + if (ssl_state->server_connp.certs_buffer) + SCFree(ssl_state->server_connp.certs_buffer); while ((item = TAILQ_FIRST(&ssl_state->server_connp.certs))) { TAILQ_REMOVE(&ssl_state->server_connp.certs, item, next); SCFree(item); @@ -3056,9 +3006,6 @@ "still on.", proto_name); } -#ifdef UNITTESTS - AppLayerParserRegisterProtocolUnittests(IPPROTO_TCP, ALPROTO_TLS, SSLParserRegisterTests); -#endif return; } @@ -3090,2455 +3037,3 @@ #endif return false; } - -/***************************************Unittests******************************/ - -#ifdef UNITTESTS - -/** - *\test Send a get request in one chunk. - */ -static int SSLParserTest01(void) -{ - Flow f; - uint8_t tlsbuf[] = { 0x16, 0x03, 0x01 }; - uint32_t tlslen = sizeof(tlsbuf); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER | STREAM_EOF, tlsbuf, tlslen); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** \test Send a get request in two chunks. */ -static int SSLParserTest02(void) -{ - Flow f; - uint8_t tlsbuf1[] = { 0x16 }; - uint32_t tlslen1 = sizeof(tlsbuf1); - uint8_t tlsbuf2[] = { 0x03, 0x01 }; - uint32_t tlslen2 = sizeof(tlsbuf2); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, tlsbuf1, tlslen1); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf2, tlslen2); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** \test Send a get request in three chunks. */ -static int SSLParserTest03(void) -{ - Flow f; - uint8_t tlsbuf1[] = { 0x16 }; - uint32_t tlslen1 = sizeof(tlsbuf1); - uint8_t tlsbuf2[] = { 0x03 }; - uint32_t tlslen2 = sizeof(tlsbuf2); - uint8_t tlsbuf3[] = { 0x01 }; - uint32_t tlslen3 = sizeof(tlsbuf3); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, tlsbuf1, tlslen1); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf2, tlslen2); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf3, tlslen3); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** \test Send a get request in three chunks + more data. */ -static int SSLParserTest04(void) -{ - Flow f; - uint8_t tlsbuf1[] = { 0x16 }; - uint32_t tlslen1 = sizeof(tlsbuf1); - uint8_t tlsbuf2[] = { 0x03 }; - uint32_t tlslen2 = sizeof(tlsbuf2); - uint8_t tlsbuf3[] = { 0x01 }; - uint32_t tlslen3 = sizeof(tlsbuf3); - uint8_t tlsbuf4[] = { 0x01, 0x00, 0x00, 0xad, 0x03, 0x01 }; - uint32_t tlslen4 = sizeof(tlsbuf4); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, tlsbuf1, tlslen1); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf2, tlslen2); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf3, tlslen3); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf4, tlslen4); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -#if 0 -/** \test Test the setting up of no reassembly and no payload inspection flag - * after detection of the TLS handshake completion */ -static int SSLParserTest05(void) -{ - int result = 1; - Flow f; - uint8_t tlsbuf[] = { 0x16, 0x03, 0x01, 0x00, 0x01 }; - uint32_t tlslen = sizeof(tlsbuf); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - int r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - tlsbuf[0] = 0x14; - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - tlsbuf[0] = 0x14; - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - tlsbuf[0] = 0x17; - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - SSLState *ssl_state = f.alstate; - if (ssl_state == NULL) { - printf("no tls state: "); - result = 0; - goto end; - } - - if (ssl_state->client_connp.content_type != 0x17) { - printf("expected content_type %" PRIu8 ", got %" PRIu8 ": ", 0x17, - ssl_state->client_connp.content_type); - result = 0; - goto end; - } - - if (ssl_state->client_connp.version != TLS_VERSION_10) { - printf("expected version %04" PRIu16 ", got %04" PRIu16 ": ", - TLS_VERSION_10, ssl_state->client_connp.client_version); - result = 0; - goto end; - } - - AppLayerParserStateStore *parser_state_store = (AppLayerParserStateStore *) - ssn.alparser; - AppLayerParserState *parser_state = &parser_state_store->to_server; - - if (!(parser_state->flags & APP_LAYER_PARSER_NO_INSPECTION) && - !(ssn.client.flags & STREAMTCP_STREAM_FLAG_NOREASSEMBLY) && - !(ssn.server.flags & STREAMTCP_STREAM_FLAG_NOREASSEMBLY)) - { - printf("The flags should be set\n"); - result = 0; - goto end; - } - - if (!(f.flags & FLOW_NOPAYLOAD_INSPECTION)) { - printf("The flags should be set\n"); - result = 0; - goto end; - } - -end: - if (alp_tctx != NULL) - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - return result; -} -#endif - -#if 0 -/** \test Test the setting up of no reassembly and no payload inspection flag - * after detection of the valid TLS handshake completion, the rouge - * 0x17 packet will not be considered in the detection process */ -static int SSLParserTest06(void) -{ - int result = 1; - Flow f; - uint8_t tlsbuf[] = { 0x16, 0x03, 0x01, 0x00, 0x01 }; - uint32_t tlslen = sizeof(tlsbuf); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - int r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - tlsbuf[0] = 0x14; - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - tlsbuf[0] = 0x17; - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - SSLState *ssl_state = f.alstate; - if (ssl_state == NULL) { - printf("no tls state: "); - result = 0; - goto end; - } - - if (ssl_state->client_connp.content_type != 0x17) { - printf("expected content_type %" PRIu8 ", got %" PRIu8 ": ", 0x17, - ssl_state->client_connp._content_type); - result = 0; - goto end; - } - - if (ssl_state->client_connp.version != TLS_VERSION_10) { - printf("expected version %04" PRIu16 ", got %04" PRIu16 ": ", - TLS_VERSION_10, ssl_state->client_connp.version); - result = 0; - goto end; - } - - AppLayerParserStateStore *parser_state_store = (AppLayerParserStateStore *) - ssn.alparser; - AppLayerParserState *parser_state = &parser_state_store->to_server; - - if ((parser_state->flags & APP_LAYER_PARSER_NO_INSPECTION) || - (ssn.client.flags & STREAMTCP_STREAM_FLAG_NOREASSEMBLY) || - (ssn.server.flags & STREAMTCP_STREAM_FLAG_NOREASSEMBLY)) { - printf("The flags should not be set\n"); - result = 0; - goto end; - } - - tlsbuf[0] = 0x14; - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - tlsbuf[0] = 0x17; - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - if (!(parser_state->flags & APP_LAYER_PARSER_NO_INSPECTION) && - !(ssn.client.flags & STREAMTCP_STREAM_FLAG_NOREASSEMBLY) && - !(ssn.server.flags & STREAMTCP_STREAM_FLAG_NOREASSEMBLY)) { - printf("The flags should be set\n"); - result = 0; - goto end; - } - - if (!(f.flags & FLOW_NOPAYLOAD_INSPECTION)) { - printf("The flags should be set\n"); - result = 0; - goto end; - } - -end: - if (alp_tctx != NULL) - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - return result; -} -#endif - -/** \test multimsg test */ -static int SSLParserMultimsgTest01(void) -{ - Flow f; - /* 3 msgs */ - uint8_t tlsbuf1[] = { - 0x16, 0x03, 0x01, 0x00, 0x86, 0x10, 0x00, 0x00, - 0x82, 0x00, 0x80, 0xd3, 0x6f, 0x1f, 0x63, 0x82, - 0x8d, 0x75, 0x77, 0x8c, 0x91, 0xbc, 0xa1, 0x3d, - 0xbb, 0xe1, 0xb5, 0xd3, 0x31, 0x92, 0x59, 0x2b, - 0x2c, 0x43, 0x96, 0xa3, 0xaa, 0x23, 0x92, 0xd0, - 0x91, 0x2a, 0x5e, 0x10, 0x5b, 0xc8, 0xc1, 0xe2, - 0xd3, 0x5c, 0x8b, 0x8c, 0x91, 0x9e, 0xc2, 0xf2, - 0x9c, 0x3c, 0x4f, 0x37, 0x1e, 0x20, 0x5e, 0x33, - 0xd5, 0xf0, 0xd6, 0xaf, 0x89, 0xf5, 0xcc, 0xb2, - 0xcf, 0xc1, 0x60, 0x3a, 0x46, 0xd5, 0x4e, 0x2a, - 0xb6, 0x6a, 0xb9, 0xfc, 0x32, 0x8b, 0xe0, 0x6e, - 0xa0, 0xed, 0x25, 0xa0, 0xa4, 0x82, 0x81, 0x73, - 0x90, 0xbf, 0xb5, 0xde, 0xeb, 0x51, 0x8d, 0xde, - 0x5b, 0x6f, 0x94, 0xee, 0xba, 0xe5, 0x69, 0xfa, - 0x1a, 0x80, 0x30, 0x54, 0xeb, 0x12, 0x01, 0xb9, - 0xfe, 0xbf, 0x82, 0x95, 0x01, 0x7b, 0xb0, 0x97, - 0x14, 0xc2, 0x06, 0x3c, 0x69, 0xfb, 0x1c, 0x66, - 0x47, 0x17, 0xd9, 0x14, 0x03, 0x01, 0x00, 0x01, - 0x01, 0x16, 0x03, 0x01, 0x00, 0x30, 0xf6, 0xbc, - 0x0d, 0x6f, 0xe8, 0xbb, 0xaa, 0xbf, 0x14, 0xeb, - 0x7b, 0xcc, 0x6c, 0x28, 0xb0, 0xfc, 0xa6, 0x01, - 0x2a, 0x97, 0x96, 0x17, 0x5e, 0xe8, 0xb4, 0x4e, - 0x78, 0xc9, 0x04, 0x65, 0x53, 0xb6, 0x93, 0x3d, - 0xeb, 0x44, 0xee, 0x86, 0xf9, 0x80, 0x49, 0x45, - 0x21, 0x34, 0xd1, 0xee, 0xc8, 0x9c - }; - uint32_t tlslen1 = sizeof(tlsbuf1); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, tlsbuf1, tlslen1); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** \test multimsg test server */ -static int SSLParserMultimsgTest02(void) -{ - Flow f; - /* 3 msgs */ - uint8_t tlsbuf1[] = { - 0x16, 0x03, 0x01, 0x00, 0x86, 0x10, 0x00, 0x00, - 0x82, 0x00, 0x80, 0xd3, 0x6f, 0x1f, 0x63, 0x82, - 0x8d, 0x75, 0x77, 0x8c, 0x91, 0xbc, 0xa1, 0x3d, - 0xbb, 0xe1, 0xb5, 0xd3, 0x31, 0x92, 0x59, 0x2b, - 0x2c, 0x43, 0x96, 0xa3, 0xaa, 0x23, 0x92, 0xd0, - 0x91, 0x2a, 0x5e, 0x10, 0x5b, 0xc8, 0xc1, 0xe2, - 0xd3, 0x5c, 0x8b, 0x8c, 0x91, 0x9e, 0xc2, 0xf2, - 0x9c, 0x3c, 0x4f, 0x37, 0x1e, 0x20, 0x5e, 0x33, - 0xd5, 0xf0, 0xd6, 0xaf, 0x89, 0xf5, 0xcc, 0xb2, - 0xcf, 0xc1, 0x60, 0x3a, 0x46, 0xd5, 0x4e, 0x2a, - 0xb6, 0x6a, 0xb9, 0xfc, 0x32, 0x8b, 0xe0, 0x6e, - 0xa0, 0xed, 0x25, 0xa0, 0xa4, 0x82, 0x81, 0x73, - 0x90, 0xbf, 0xb5, 0xde, 0xeb, 0x51, 0x8d, 0xde, - 0x5b, 0x6f, 0x94, 0xee, 0xba, 0xe5, 0x69, 0xfa, - 0x1a, 0x80, 0x30, 0x54, 0xeb, 0x12, 0x01, 0xb9, - 0xfe, 0xbf, 0x82, 0x95, 0x01, 0x7b, 0xb0, 0x97, - 0x14, 0xc2, 0x06, 0x3c, 0x69, 0xfb, 0x1c, 0x66, - 0x47, 0x17, 0xd9, 0x14, 0x03, 0x01, 0x00, 0x01, - 0x01, 0x16, 0x03, 0x01, 0x00, 0x30, 0xf6, 0xbc, - 0x0d, 0x6f, 0xe8, 0xbb, 0xaa, 0xbf, 0x14, 0xeb, - 0x7b, 0xcc, 0x6c, 0x28, 0xb0, 0xfc, 0xa6, 0x01, - 0x2a, 0x97, 0x96, 0x17, 0x5e, 0xe8, 0xb4, 0x4e, - 0x78, 0xc9, 0x04, 0x65, 0x53, 0xb6, 0x93, 0x3d, - 0xeb, 0x44, 0xee, 0x86, 0xf9, 0x80, 0x49, 0x45, - 0x21, 0x34, 0xd1, 0xee, 0xc8, 0x9c - }; - uint32_t tlslen1 = sizeof(tlsbuf1); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOCLIENT, tlsbuf1, tlslen1); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->server_connp.content_type != 0x16); - - FAIL_IF(ssl_state->server_connp.version != 0x0301); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Test the detection of SSLv3 protocol from the given packet - */ -static int SSLParserTest07(void) -{ - Flow f; - uint8_t tlsbuf[] = { 0x16, 0x03, 0x00, 0x00, 0x4c, 0x01, - 0x00, 0x00, 0x48, 0x03, 0x00, 0x57, 0x04, 0x9f, - 0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f, 0xbf, 0xbb, - 0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f, - 0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93, - 0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06, - 0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00, - 0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13, - 0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65, - 0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68, - 0x2e, 0x6e, 0x6f }; - uint32_t tlslen = sizeof(tlsbuf); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, tlsbuf, tlslen); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -#if 0 -/** \test Test the setting up of no reassembly and no payload inspection flag - * after detection of the SSLv3 handshake completion */ -static int SSLParserTest08(void) -{ - int result = 1; - Flow f; - uint8_t tlsbuf[] = { 0x16, 0x03, 0x00, 0x00, 0x01 }; - uint32_t tlslen = sizeof(tlsbuf); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - int r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - tlsbuf[0] = 0x14; - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - tlsbuf[0] = 0x14; - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - tlsbuf[0] = 0x17; - - r = AppLayerParserParse(alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, tlsbuf, tlslen); - if (r != 0) { - printf("toserver chunk 1 returned %" PRId32 ", expected 0: ", r); - result = 0; - goto end; - } - - SSLState *ssl_state = f.alstate; - if (ssl_state == NULL) { - printf("no tls state: "); - result = 0; - goto end; - } - - if (ssl_state->client_connp.content_type != 0x17) { - printf("expected content_type %" PRIu8 ", got %" PRIu8 ": ", 0x17, - ssl_state->client_connp.content_type); - result = 0; - goto end; - } - - if (ssl_state->client_connp.version != SSL_VERSION_3) { - printf("expected version %04" PRIu16 ", got %04" PRIu16 ": ", - SSL_VERSION_3, ssl_state->client_connp.version); - result = 0; - goto end; - } - - AppLayerParserStateStore *parser_state_store = (AppLayerParserStateStore *) - ssn.alparser; - AppLayerParserState *parser_state = &parser_state_store->to_server; - - if (!(parser_state->flags & APP_LAYER_PARSER_NO_INSPECTION) && - !(ssn.client.flags & STREAMTCP_STREAM_FLAG_NOREASSEMBLY) && - !(ssn.server.flags & STREAMTCP_STREAM_FLAG_NOREASSEMBLY)) { - printf("The flags should be set\n"); - result = 0; - goto end; - } - - if (!(f.flags & FLOW_NOPAYLOAD_INSPECTION)) { - printf("The flags should be set\n"); - result = 0; - goto end; - } - -end: - if (alp_tctx != NULL) - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - return result; -} - -#endif - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest09(void) -{ - Flow f; - uint8_t buf1[] = { - 0x16, - }; - uint32_t buf1_len = sizeof(buf1); - - uint8_t buf2[] = { - 0x03, 0x00, 0x00, 0x4c, 0x01, - 0x00, 0x00, 0x48, 0x03, 0x00, 0x57, 0x04, 0x9f, - 0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f, 0xbf, 0xbb, - 0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f, - 0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93, - 0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06, - 0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00, - 0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13, - 0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65, - 0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68, - 0x2e, 0x6e, 0x6f - }; - uint32_t buf2_len = sizeof(buf2); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - buf2, buf2_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest10(void) -{ - Flow f; - uint8_t buf1[] = { - 0x16, 0x03, - }; - uint32_t buf1_len = sizeof(buf1); - - uint8_t buf2[] = { - 0x00, 0x00, 0x4c, 0x01, - 0x00, 0x00, 0x48, 0x03, 0x00, 0x57, 0x04, 0x9f, - 0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f, 0xbf, 0xbb, - 0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f, - 0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93, - 0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06, - 0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00, - 0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13, - 0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65, - 0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68, - 0x2e, 0x6e, 0x6f - }; - uint32_t buf2_len = sizeof(buf2); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - buf2, buf2_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest11(void) -{ - Flow f; - uint8_t buf1[] = { - 0x16, 0x03, 0x00, 0x00, 0x4c, 0x01, - }; - uint32_t buf1_len = sizeof(buf1); - - uint8_t buf2[] = { - 0x00, 0x00, 0x48, 0x03, 0x00, 0x57, 0x04, 0x9f, - 0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f, 0xbf, 0xbb, - 0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f, - 0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93, - 0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06, - 0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00, - 0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13, - 0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65, - 0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68, - 0x2e, 0x6e, 0x6f - }; - uint32_t buf2_len = sizeof(buf2); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - buf2, buf2_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest12(void) -{ - Flow f; - uint8_t buf1[] = { - 0x16, 0x03, 0x00, 0x00, 0x4c, 0x01, - }; - uint32_t buf1_len = sizeof(buf1); - - uint8_t buf2[] = { - 0x00, 0x00, 0x48, - }; - uint32_t buf2_len = sizeof(buf2); - - uint8_t buf3[] = { - 0x03, 0x00, 0x57, 0x04, 0x9f, - 0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f, 0xbf, 0xbb, - 0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f, - 0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93, - 0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06, - 0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00, - 0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13, - 0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65, - 0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68, - 0x2e, 0x6e, 0x6f - }; - uint32_t buf3_len = sizeof(buf2); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - buf2, buf2_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - buf3, buf3_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest13(void) -{ - Flow f; - uint8_t buf1[] = { - 0x16, 0x03, 0x00, 0x00, 0x4c, 0x01, - }; - uint32_t buf1_len = sizeof(buf1); - - uint8_t buf2[] = { - 0x00, 0x00, 0x48, - }; - uint32_t buf2_len = sizeof(buf2); - - uint8_t buf3[] = { - 0x03, 0x00, 0x57, 0x04, 0x9f, - 0x8c, 0x66, 0x61, 0xf6, 0x3d, 0x4f, - }; - uint32_t buf3_len = sizeof(buf3); - - uint8_t buf4[] = { - 0xbf, 0xbb, - 0xa7, 0x47, 0x21, 0x76, 0x6c, 0x21, 0x08, 0x9f, - 0xef, 0x3d, 0x0e, 0x5f, 0x65, 0x1a, 0xe1, 0x93, - 0xb8, 0xaf, 0xd2, 0x82, 0xbd, 0x00, 0x00, 0x06, - 0x00, 0x0a, 0x00, 0x16, 0x00, 0xff, 0x01, 0x00, - 0x00, 0x19, 0x00, 0x00, 0x00, 0x15, 0x00, 0x13, - 0x00, 0x00, 0x10, 0x61, 0x62, 0x63, 0x64, 0x65, - 0x66, 0x67, 0x68, 0x2e, 0x65, 0x66, 0x67, 0x68, - 0x2e, 0x6e, 0x6f - }; - uint32_t buf4_len = sizeof(buf4); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - buf2, buf2_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - buf3, buf3_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - buf4, buf4_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest14(void) -{ - Flow f; - - uint8_t buf1[] = { - 0x16, 0x03, 0x00, 0x00, 0x00, - }; - uint32_t buf1_len = sizeof(buf1); - - uint8_t buf2[] = { - 0x16, 0x03, 0x00, 0x00, 0x00, - }; - uint32_t buf2_len = sizeof(buf2); - - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - buf2, buf2_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest15(void) -{ - Flow f; - - uint8_t buf1[] = { - 0x16, 0x03, 0x00, 0x00, 0x01, 0x01, - }; - uint32_t buf1_len = sizeof(buf1); - - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r == 0); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest16(void) -{ - Flow f; - - uint8_t buf1[] = { - 0x16, 0x03, 0x00, 0x00, 0x02, 0x01, 0x00 - }; - uint32_t buf1_len = sizeof(buf1); - - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r == 0); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest17(void) -{ - Flow f; - - uint8_t buf1[] = { - 0x16, 0x03, 0x00, 0x00, 0x03, 0x01, 0x00, 0x00 - }; - uint32_t buf1_len = sizeof(buf1); - - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r == 0); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest18(void) -{ - Flow f; - - uint8_t buf1[] = { - 0x16, 0x03, 0x00, 0x00, 0x04, 0x01, 0x00, 0x00, - 0x6b, - }; - uint32_t buf1_len = sizeof(buf1); - - uint8_t buf2[] = { - 0x16, 0x03, 0x00, 0x00, 0x00, - }; - uint32_t buf2_len = sizeof(buf2); - - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - buf2, buf2_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest19(void) -{ - Flow f; - - uint8_t buf1[] = { - 0x16, 0x03, 0x00, 0x00, 0x04, 0x01, 0x00, 0x00, - 0x6b, 0x16, 0x03, 0x00, 0x00, 0x00, - }; - uint32_t buf1_len = sizeof(buf1); - - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest20(void) -{ - Flow f; - - uint8_t buf1[] = { - 0x16, 0x03, 0x00, 0x00, 0x03, 0x01, 0x00, 0x00, - 0x16, 0x03, 0x00, 0x00, 0x00, - }; - uint32_t buf1_len = sizeof(buf1); - - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r == 0); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test SSLv2 Record parsing. - */ -static int SSLParserTest21(void) -{ - Flow f; - uint8_t buf[] = { - 0x80, 0x31, 0x01, 0x00, 0x02, 0x00, 0x00, 0x00, - 0x01, - }; - uint32_t buf_len = sizeof(buf); - - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER | STREAM_EOF, buf, buf_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *app_state = f.alstate; - FAIL_IF_NULL(app_state); - - FAIL_IF(app_state->client_connp.content_type != SSLV2_MT_CLIENT_HELLO); - - FAIL_IF(app_state->client_connp.version != SSL_VERSION_2); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test SSLv2 Record parsing. - */ -static int SSLParserTest22(void) -{ - Flow f; - uint8_t buf[] = { - 0x80, 0x31, 0x04, 0x00, 0x01, 0x00, - 0x02, 0x00, 0x00, 0x00, 0x10, 0x07, 0x00, 0xc0, - 0x05, 0x00, 0x80, 0x03, 0x00, 0x80, 0x01, 0x00, - 0x80, 0x08, 0x00, 0x80, 0x06, 0x00, 0x40, 0x04, - 0x00, 0x80, 0x02, 0x00, 0x80, 0x76, 0x64, 0x75, - 0x2d, 0xa7, 0x98, 0xfe, 0xc9, 0x12, 0x92, 0xc1, - 0x2f, 0x34, 0x84, 0x20, 0xc5}; - uint32_t buf_len = sizeof(buf); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - //AppLayerDetectProtoThreadInit(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOCLIENT | STREAM_EOF, buf, buf_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *app_state = f.alstate; - FAIL_IF_NULL(app_state); - - FAIL_IF(app_state->server_connp.content_type != SSLV2_MT_SERVER_HELLO); - - FAIL_IF(app_state->server_connp.version != SSL_VERSION_2); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test SSLv2 Record parsing. - */ -static int SSLParserTest23(void) -{ - Flow f; - uint8_t chello_buf[] = { - 0x80, 0x67, 0x01, 0x03, 0x00, 0x00, 0x4e, 0x00, - 0x00, 0x00, 0x10, 0x01, 0x00, 0x80, 0x03, 0x00, - 0x80, 0x07, 0x00, 0xc0, 0x06, 0x00, 0x40, 0x02, - 0x00, 0x80, 0x04, 0x00, 0x80, 0x00, 0x00, 0x39, - 0x00, 0x00, 0x38, 0x00, 0x00, 0x35, 0x00, 0x00, - 0x33, 0x00, 0x00, 0x32, 0x00, 0x00, 0x04, 0x00, - 0x00, 0x05, 0x00, 0x00, 0x2f, 0x00, 0x00, 0x16, - 0x00, 0x00, 0x13, 0x00, 0xfe, 0xff, 0x00, 0x00, - 0x0a, 0x00, 0x00, 0x15, 0x00, 0x00, 0x12, 0x00, - 0xfe, 0xfe, 0x00, 0x00, 0x09, 0x00, 0x00, 0x64, - 0x00, 0x00, 0x62, 0x00, 0x00, 0x03, 0x00, 0x00, - 0x06, 0xa8, 0xb8, 0x93, 0xbb, 0x90, 0xe9, 0x2a, - 0xa2, 0x4d, 0x6d, 0xcc, 0x1c, 0xe7, 0x2a, 0x80, - 0x21 - }; - uint32_t chello_buf_len = sizeof(chello_buf); - - uint8_t shello_buf[] = { - 0x16, 0x03, 0x00, 0x00, 0x4a, 0x02, - 0x00, 0x00, 0x46, 0x03, 0x00, 0x44, 0x4c, 0x94, - 0x8f, 0xfe, 0x81, 0xed, 0x93, 0x65, 0x02, 0x88, - 0xa3, 0xf8, 0xeb, 0x63, 0x86, 0x0e, 0x2c, 0xf6, - 0x8d, 0xd0, 0x0f, 0x2c, 0x2a, 0xd6, 0x4f, 0xcd, - 0x2d, 0x3c, 0x16, 0xd7, 0xd6, 0x20, 0xa0, 0xfb, - 0x60, 0x86, 0x3d, 0x1e, 0x76, 0xf3, 0x30, 0xfe, - 0x0b, 0x01, 0xfd, 0x1a, 0x01, 0xed, 0x95, 0xf6, - 0x7b, 0x8e, 0xc0, 0xd4, 0x27, 0xbf, 0xf0, 0x6e, - 0xc7, 0x56, 0xb1, 0x47, 0xce, 0x98, 0x00, 0x35, - 0x00, 0x16, 0x03, 0x00, 0x03, 0x44, 0x0b, 0x00, - 0x03, 0x40, 0x00, 0x03, 0x3d, 0x00, 0x03, 0x3a, - 0x30, 0x82, 0x03, 0x36, 0x30, 0x82, 0x02, 0x9f, - 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, - 0xf7, 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30, - 0x81, 0xa9, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, - 0x55, 0x04, 0x06, 0x13, 0x02, 0x58, 0x59, 0x31, - 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x08, - 0x13, 0x0c, 0x53, 0x6e, 0x61, 0x6b, 0x65, 0x20, - 0x44, 0x65, 0x73, 0x65, 0x72, 0x74, 0x31, 0x13, - 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, - 0x0a, 0x53, 0x6e, 0x61, 0x6b, 0x65, 0x20, 0x54, - 0x6f, 0x77, 0x6e, 0x31, 0x17, 0x30, 0x15, 0x06, - 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0e, 0x53, 0x6e, - 0x61, 0x6b, 0x65, 0x20, 0x4f, 0x69, 0x6c, 0x2c, - 0x20, 0x4c, 0x74, 0x64, 0x31, 0x1e, 0x30, 0x1c, - 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x15, 0x43, - 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, - 0x74, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, - 0x72, 0x69, 0x74, 0x79, 0x31, 0x15, 0x30, 0x13, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0c, 0x53, - 0x6e, 0x61, 0x6b, 0x65, 0x20, 0x4f, 0x69, 0x6c, - 0x20, 0x43, 0x41, 0x31, 0x1e, 0x30, 0x1c, 0x06, - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, - 0x09, 0x01, 0x16, 0x0f, 0x63, 0x61, 0x40, 0x73, - 0x6e, 0x61, 0x6b, 0x65, 0x6f, 0x69, 0x6c, 0x2e, - 0x64, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x30, - 0x33, 0x30, 0x33, 0x30, 0x35, 0x31, 0x36, 0x34, - 0x37, 0x34, 0x35, 0x5a, 0x17, 0x0d, 0x30, 0x38, - 0x30, 0x33, 0x30, 0x33, 0x31, 0x36, 0x34, 0x37, - 0x34, 0x35, 0x5a, 0x30, 0x81, 0xa7, 0x31, 0x0b, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x58, 0x59, 0x31, 0x15, 0x30, 0x13, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x13, 0x0c, 0x53, 0x6e, - 0x61, 0x6b, 0x65, 0x20, 0x44, 0x65, 0x73, 0x65, - 0x72, 0x74, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x13, 0x0a, 0x53, 0x6e, 0x61, - 0x6b, 0x65, 0x20, 0x54, 0x6f, 0x77, 0x6e, 0x31, - 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0a, - 0x13, 0x0e, 0x53, 0x6e, 0x61, 0x6b, 0x65, 0x20, - 0x4f, 0x69, 0x6c, 0x2c, 0x20, 0x4c, 0x74, 0x64, - 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, - 0x0b, 0x13, 0x0e, 0x57, 0x65, 0x62, 0x73, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x20, 0x54, 0x65, 0x61, - 0x6d, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x13, 0x10, 0x77, 0x77, 0x77, 0x2e, - 0x73, 0x6e, 0x61, 0x6b, 0x65, 0x6f, 0x69, 0x6c, - 0x2e, 0x64, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x77, 0x77, 0x77, - 0x40, 0x73, 0x6e, 0x61, 0x6b, 0x65, 0x6f, 0x69, - 0x6c, 0x2e, 0x64, 0x6f, 0x6d, 0x30, 0x81, 0x9f, - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, - 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, - 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, - 0x81, 0x00, 0xa4, 0x6e, 0x53, 0x14, 0x0a, 0xde, - 0x2c, 0xe3, 0x60, 0x55, 0x9a, 0xf2, 0x42, 0xa6, - 0xaf, 0x47, 0x12, 0x2f, 0x17, 0xce, 0xfa, 0xba, - 0xdc, 0x4e, 0x63, 0x56, 0x34, 0xb9, 0xba, 0x73, - 0x4b, 0x78, 0x44, 0x3d, 0xc6, 0x6c, 0x69, 0xa4, - 0x25, 0xb3, 0x61, 0x02, 0x9d, 0x09, 0x04, 0x3f, - 0x72, 0x3d, 0xd8, 0x27, 0xd3, 0xb0, 0x5a, 0x45, - 0x77, 0xb7, 0x36, 0xe4, 0x26, 0x23, 0xcc, 0x12, - 0xb8, 0xae, 0xde, 0xa7, 0xb6, 0x3a, 0x82, 0x3c, - 0x7c, 0x24, 0x59, 0x0a, 0xf8, 0x96, 0x43, 0x8b, - 0xa3, 0x29, 0x36, 0x3f, 0x91, 0x7f, 0x5d, 0xc7, - 0x23, 0x94, 0x29, 0x7f, 0x0a, 0xce, 0x0a, 0xbd, - 0x8d, 0x9b, 0x2f, 0x19, 0x17, 0xaa, 0xd5, 0x8e, - 0xec, 0x66, 0xa2, 0x37, 0xeb, 0x3f, 0x57, 0x53, - 0x3c, 0xf2, 0xaa, 0xbb, 0x79, 0x19, 0x4b, 0x90, - 0x7e, 0xa7, 0xa3, 0x99, 0xfe, 0x84, 0x4c, 0x89, - 0xf0, 0x3d, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, - 0x6e, 0x30, 0x6c, 0x30, 0x1b, 0x06, 0x03, 0x55, - 0x1d, 0x11, 0x04, 0x14, 0x30, 0x12, 0x81, 0x10, - 0x77, 0x77, 0x77, 0x40, 0x73, 0x6e, 0x61, 0x6b, - 0x65, 0x6f, 0x69, 0x6c, 0x2e, 0x64, 0x6f, 0x6d, - 0x30, 0x3a, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, - 0x86, 0xf8, 0x42, 0x01, 0x0d, 0x04, 0x2d, 0x16, - 0x2b, 0x6d, 0x6f, 0x64, 0x5f, 0x73, 0x73, 0x6c, - 0x20, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, - 0x65, 0x64, 0x20, 0x63, 0x75, 0x73, 0x74, 0x6f, - 0x6d, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x20, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, - 0x63, 0x61, 0x74, 0x65, 0x30, 0x11, 0x06, 0x09, - 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, - 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, - 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, - 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00, 0x03, 0x81, - 0x81, 0x00, 0xae, 0x79, 0x79, 0x22, 0x90, 0x75, - 0xfd, 0xa6, 0xd5, 0xc4, 0xb8, 0xc4, 0x99, 0x4e, - 0x1c, 0x05, 0x7c, 0x91, 0x59, 0xbe, 0x89, 0x0d, - 0x3d, 0xc6, 0x8c, 0xa3, 0xcf, 0xf6, 0xba, 0x23, - 0xdf, 0xb8, 0xae, 0x44, 0x68, 0x8a, 0x8f, 0xb9, - 0x8b, 0xcb, 0x12, 0xda, 0xe6, 0xa2, 0xca, 0xa5, - 0xa6, 0x55, 0xd9, 0xd2, 0xa1, 0xad, 0xba, 0x9b, - 0x2c, 0x44, 0x95, 0x1d, 0x4a, 0x90, 0x59, 0x7f, - 0x83, 0xae, 0x81, 0x5e, 0x3f, 0x92, 0xe0, 0x14, - 0x41, 0x82, 0x4e, 0x7f, 0x53, 0xfd, 0x10, 0x23, - 0xeb, 0x8a, 0xeb, 0xe9, 0x92, 0xea, 0x61, 0xf2, - 0x8e, 0x19, 0xa1, 0xd3, 0x49, 0xc0, 0x84, 0x34, - 0x1e, 0x2e, 0x6e, 0xf6, 0x98, 0xe2, 0x87, 0x53, - 0xd6, 0x55, 0xd9, 0x1a, 0x8a, 0x92, 0x5c, 0xad, - 0xdc, 0x1e, 0x1c, 0x30, 0xa7, 0x65, 0x9d, 0xc2, - 0x4f, 0x60, 0xd2, 0x6f, 0xdb, 0xe0, 0x9f, 0x9e, - 0xbc, 0x41, 0x16, 0x03, 0x00, 0x00, 0x04, 0x0e, - 0x00, 0x00, 0x00 - }; - uint32_t shello_buf_len = sizeof(shello_buf); - - uint8_t client_change_cipher_spec_buf[] = { - 0x16, 0x03, 0x00, 0x00, 0x84, 0x10, 0x00, 0x00, - 0x80, 0x65, 0x51, 0x2d, 0xa6, 0xd4, 0xa7, 0x38, - 0xdf, 0xac, 0x79, 0x1f, 0x0b, 0xd9, 0xb2, 0x61, - 0x7d, 0x73, 0x88, 0x32, 0xd9, 0xf2, 0x62, 0x3a, - 0x8b, 0x11, 0x04, 0x75, 0xca, 0x42, 0xff, 0x4e, - 0xd9, 0xcc, 0xb9, 0xfa, 0x86, 0xf3, 0x16, 0x2f, - 0x09, 0x73, 0x51, 0x66, 0xaa, 0x29, 0xcd, 0x80, - 0x61, 0x0f, 0xe8, 0x13, 0xce, 0x5b, 0x8e, 0x0a, - 0x23, 0xf8, 0x91, 0x5e, 0x5f, 0x54, 0x70, 0x80, - 0x8e, 0x7b, 0x28, 0xef, 0xb6, 0x69, 0xb2, 0x59, - 0x85, 0x74, 0x98, 0xe2, 0x7e, 0xd8, 0xcc, 0x76, - 0x80, 0xe1, 0xb6, 0x45, 0x4d, 0xc7, 0xcd, 0x84, - 0xce, 0xb4, 0x52, 0x79, 0x74, 0xcd, 0xe6, 0xd7, - 0xd1, 0x9c, 0xad, 0xef, 0x63, 0x6c, 0x0f, 0xf7, - 0x05, 0xe4, 0x4d, 0x1a, 0xd3, 0xcb, 0x9c, 0xd2, - 0x51, 0xb5, 0x61, 0xcb, 0xff, 0x7c, 0xee, 0xc7, - 0xbc, 0x5e, 0x15, 0xa3, 0xf2, 0x52, 0x0f, 0xbb, - 0x32, 0x14, 0x03, 0x00, 0x00, 0x01, 0x01, 0x16, - 0x03, 0x00, 0x00, 0x40, 0xa9, 0xd8, 0xd7, 0x35, - 0xbc, 0x39, 0x56, 0x98, 0xad, 0x87, 0x61, 0x2a, - 0xc4, 0x8f, 0xcc, 0x03, 0xcb, 0x93, 0x80, 0x81, - 0xb0, 0x4a, 0xc4, 0xd2, 0x09, 0x71, 0x3e, 0x90, - 0x3c, 0x8d, 0xe0, 0x95, 0x44, 0xfe, 0x56, 0xd1, - 0x7e, 0x88, 0xe2, 0x48, 0xfd, 0x76, 0x70, 0x76, - 0xe2, 0xcd, 0x06, 0xd0, 0xf3, 0x9d, 0x13, 0x79, - 0x67, 0x1e, 0x37, 0xf6, 0x98, 0xbe, 0x59, 0x18, - 0x4c, 0xfc, 0x75, 0x56 - }; - uint32_t client_change_cipher_spec_buf_len = - sizeof(client_change_cipher_spec_buf); - - uint8_t server_change_cipher_spec_buf[] = { - 0x14, 0x03, 0x00, 0x00, 0x01, 0x01, 0x16, 0x03, - 0x00, 0x00, 0x40, 0xce, 0x7c, 0x92, 0x43, 0x59, - 0xcc, 0x3d, 0x90, 0x91, 0x9c, 0x58, 0xf0, 0x7a, - 0xce, 0xae, 0x0d, 0x08, 0xe0, 0x76, 0xb4, 0x86, - 0xb1, 0x15, 0x5b, 0x32, 0xb8, 0x77, 0x53, 0xe7, - 0xa6, 0xf9, 0xd0, 0x95, 0x5f, 0xaa, 0x07, 0xc3, - 0x96, 0x7c, 0xc9, 0x88, 0xc2, 0x7a, 0x20, 0x89, - 0x4f, 0xeb, 0xeb, 0xb6, 0x19, 0xef, 0xaa, 0x27, - 0x73, 0x9d, 0xa6, 0xb4, 0x9f, 0xeb, 0x34, 0xe2, - 0x4d, 0x9f, 0x6b - }; - uint32_t server_change_cipher_spec_buf_len = - sizeof(server_change_cipher_spec_buf); - - uint8_t toserver_app_data_buf[] = { - 0x17, 0x03, 0x00, 0x01, 0xb0, 0x4a, 0xc3, 0x3e, - 0x9d, 0x77, 0x78, 0x01, 0x2c, 0xb4, 0xbc, 0x4c, - 0x9a, 0x84, 0xd7, 0xb9, 0x90, 0x0c, 0x21, 0x10, - 0xf0, 0xfa, 0x00, 0x7c, 0x16, 0xbb, 0x77, 0xfb, - 0x72, 0x42, 0x4f, 0xad, 0x50, 0x4a, 0xd0, 0xaa, - 0x6f, 0xaa, 0x44, 0x6c, 0x62, 0x94, 0x1b, 0xc5, - 0xfe, 0xe9, 0x1c, 0x5e, 0xde, 0x85, 0x0b, 0x0e, - 0x05, 0xe4, 0x18, 0x6e, 0xd2, 0xd3, 0xb5, 0x20, - 0xab, 0x81, 0xfd, 0x18, 0x9a, 0x73, 0xb8, 0xd7, - 0xef, 0xc3, 0xdd, 0x74, 0xd7, 0x9c, 0x1e, 0x6f, - 0x21, 0x6d, 0xf8, 0x24, 0xca, 0x3c, 0x70, 0x78, - 0x36, 0x12, 0x7a, 0x8a, 0x9c, 0xac, 0x4e, 0x1c, - 0xa8, 0xfb, 0x27, 0x30, 0xba, 0x9a, 0xf4, 0x2f, - 0x0a, 0xab, 0x80, 0x6a, 0xa1, 0x60, 0x74, 0xf0, - 0xe3, 0x91, 0x84, 0xe7, 0x90, 0x88, 0xcc, 0xf0, - 0x95, 0x7b, 0x0a, 0x22, 0xf2, 0xf9, 0x27, 0xe0, - 0xdd, 0x38, 0x0c, 0xfd, 0xe9, 0x03, 0x71, 0xdc, - 0x70, 0xa4, 0x6e, 0xdf, 0xe3, 0x72, 0x9e, 0xa1, - 0xf0, 0xc9, 0x00, 0xd6, 0x03, 0x55, 0x6a, 0x67, - 0x5d, 0x9c, 0xb8, 0x75, 0x01, 0xb0, 0x01, 0x9f, - 0xe6, 0xd2, 0x44, 0x18, 0xbc, 0xca, 0x7a, 0x10, - 0x39, 0xa6, 0xcf, 0x15, 0xc7, 0xf5, 0x35, 0xd4, - 0xb3, 0x6d, 0x91, 0x23, 0x84, 0x99, 0xba, 0xb0, - 0x7e, 0xd0, 0xc9, 0x4c, 0xbf, 0x3f, 0x33, 0x68, - 0x37, 0xb7, 0x7d, 0x44, 0xb0, 0x0b, 0x2c, 0x0f, - 0xd0, 0x75, 0xa2, 0x6b, 0x5b, 0xe1, 0x9f, 0xd4, - 0x69, 0x9a, 0x14, 0xc8, 0x29, 0xb7, 0xd9, 0x10, - 0xbb, 0x99, 0x30, 0x9a, 0xfb, 0xcc, 0x13, 0x1f, - 0x76, 0x4e, 0xe6, 0xdf, 0x14, 0xaa, 0xd5, 0x60, - 0xbf, 0x91, 0x49, 0x0d, 0x64, 0x42, 0x29, 0xa8, - 0x64, 0x27, 0xd4, 0x5e, 0x1b, 0x18, 0x03, 0xa8, - 0x73, 0xd6, 0x05, 0x6e, 0xf7, 0x50, 0xb0, 0x09, - 0x6b, 0x69, 0x7a, 0x12, 0x28, 0x58, 0xef, 0x5a, - 0x86, 0x11, 0xde, 0x71, 0x71, 0x9f, 0xca, 0xbd, - 0x79, 0x2a, 0xc2, 0xe5, 0x9b, 0x5e, 0x32, 0xe7, - 0xcb, 0x97, 0x6e, 0xa0, 0xea, 0xa4, 0xa4, 0x6a, - 0x32, 0xf9, 0x37, 0x39, 0xd8, 0x37, 0x6d, 0x63, - 0xf3, 0x08, 0x1c, 0xdd, 0x06, 0xdd, 0x2c, 0x2b, - 0x9f, 0x04, 0x88, 0x5f, 0x36, 0x42, 0xc1, 0xb1, - 0xc7, 0xe8, 0x2d, 0x5d, 0xa4, 0x6c, 0xe5, 0x60, - 0x94, 0xae, 0xd0, 0x90, 0x1e, 0x88, 0xa0, 0x87, - 0x52, 0xfb, 0xed, 0x97, 0xa5, 0x25, 0x5a, 0xb7, - 0x55, 0xc5, 0x13, 0x07, 0x85, 0x27, 0x40, 0xed, - 0xb8, 0xa0, 0x26, 0x13, 0x44, 0x0c, 0xfc, 0xcc, - 0x5a, 0x09, 0xe5, 0x44, 0xb5, 0x63, 0xa1, 0x43, - 0x51, 0x23, 0x4f, 0x17, 0x21, 0x89, 0x2e, 0x58, - 0xfd, 0xf9, 0x63, 0x74, 0x04, 0x70, 0x1e, 0x7d, - 0xd0, 0x66, 0xba, 0x40, 0x5e, 0x45, 0xdc, 0x39, - 0x7c, 0x53, 0x0f, 0xa8, 0x38, 0xb2, 0x13, 0x99, - 0x27, 0xd9, 0x4a, 0x51, 0xe9, 0x9f, 0x2a, 0x92, - 0xbb, 0x9c, 0x90, 0xab, 0xfd, 0xf1, 0xb7, 0x40, - 0x05, 0xa9, 0x7a, 0x20, 0x63, 0x36, 0xc1, 0xef, - 0xb9, 0xad, 0xa2, 0xe0, 0x1d, 0x20, 0x4f, 0xb2, - 0x34, 0xbd, 0xea, 0x07, 0xac, 0x21, 0xce, 0xf6, - 0x8a, 0xa2, 0x9e, 0xcd, 0xfa - }; - uint32_t toserver_app_data_buf_len = sizeof(toserver_app_data_buf); - - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - //AppLayerDetectProtoThreadInit(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER | STREAM_START, chello_buf, - chello_buf_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *app_state = f.alstate; - FAIL_IF_NULL(app_state); - - FAIL_IF(app_state->client_connp.content_type != SSLV2_MT_CLIENT_HELLO); - - FAIL_IF(app_state->client_connp.version != SSL_VERSION_2); - - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) == 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, - shello_buf, shello_buf_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FAIL_IF(app_state->server_connp.content_type != SSLV3_HANDSHAKE_PROTOCOL); - - FAIL_IF(app_state->server_connp.version != SSL_VERSION_3); - - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - client_change_cipher_spec_buf, - client_change_cipher_spec_buf_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - /* with multiple records the client content type hold the type from the last - * record */ - FAIL_IF(app_state->client_connp.content_type != SSLV3_HANDSHAKE_PROTOCOL); - - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_KEYX) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) == 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, - server_change_cipher_spec_buf, - server_change_cipher_spec_buf_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - /* with multiple records the serve content type hold the type from the last - * record */ - FAIL_IF(app_state->server_connp.content_type != SSLV3_HANDSHAKE_PROTOCOL); - - FAIL_IF(app_state->server_connp.version != SSL_VERSION_3); - - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_KEYX) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) == 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - toserver_app_data_buf, toserver_app_data_buf_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FAIL_IF(app_state->client_connp.content_type != SSLV3_APPLICATION_PROTOCOL); - - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_CLIENT_HS) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SSL_NO_SESSION_ID) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_SERVER_HELLO) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_STATE_CLIENT_KEYX) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_CLIENT_CHANGE_CIPHER_SPEC) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC) == 0); - FAIL_IF((app_state->flags & SSL_AL_FLAG_CHANGE_CIPHER_SPEC) == 0); - - FAIL_IF_NOT(f.flags & FLOW_NOPAYLOAD_INSPECTION); - - if (alp_tctx != NULL) - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Tests the parser for handling fragmented records. - */ -static int SSLParserTest24(void) -{ - Flow f; - uint8_t buf1[] = { - 0x16, 0x03, 0x00, 0x00, 0x6f, 0x01, 0x00, 0x00, - 0x6b, 0x03, - }; - uint32_t buf1_len = sizeof(buf1); - - uint8_t buf2[] = { - 0x00, 0x4b, 0x2f, 0xdc, - 0x4e, 0xe6, 0x95, 0xf1, 0xa0, 0xc7, 0xcf, 0x8e, - 0xf6, 0xeb, 0x22, 0x6d, 0xce, 0x9c, 0x44, 0xfb, - 0xc8, 0xa0, 0x44, 0x31, 0x15, 0x4c, 0xe9, 0x97, - 0xa7, 0xa1, 0xfe, 0xea, 0xcc, 0x20, 0x4b, 0x5d, - 0xfb, 0xa5, 0x63, 0x7a, 0x73, 0x95, 0xf7, 0xff, - 0x42, 0xac, 0x8f, 0x46, 0xed, 0xe4, 0xb1, 0x35, - 0x35, 0x78, 0x1a, 0x9d, 0xaf, 0x10, 0xc5, 0x52, - 0xf3, 0x7b, 0xfb, 0xb5, 0xe9, 0xa8, 0x00, 0x24, - 0x00, 0x88, 0x00, 0x87, 0x00, 0x39, 0x00, 0x38, - 0x00, 0x84, 0x00, 0x35, 0x00, 0x45, 0x00, 0x44, - 0x00, 0x33, 0x00, 0x32, 0x00, 0x96, 0x00, 0x41, - 0x00, 0x2f, 0x00, 0x16, 0x00, 0x13, 0xfe, 0xff, - 0x00, 0x0a, 0x00, 0x02, 0x01, 0x00 - }; - uint32_t buf2_len = sizeof(buf2); - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf1, buf1_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - buf2, buf2_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != SSL_VERSION_3); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -/** - * \test Test for bug #955 and CVE-2013-5919. The data is from the - * pcap that was used to report this issue. - */ -static int SSLParserTest25(void) -{ - Flow f; - uint8_t client_hello[] = { - 0x16, 0x03, 0x01, 0x00, 0xd3, 0x01, 0x00, 0x00, - 0xcf, 0x03, 0x01, 0x51, 0x60, 0xc2, 0x15, 0x36, - 0x73, 0xf5, 0xb8, 0x58, 0x55, 0x3b, 0x68, 0x12, - 0x7d, 0xe3, 0x28, 0xa3, 0xe1, 0x02, 0x79, 0x2d, - 0x12, 0xe1, 0xf4, 0x24, 0x12, 0xa2, 0x9e, 0xf1, - 0x08, 0x49, 0x68, 0x20, 0x0e, 0x96, 0x46, 0x3d, - 0x84, 0x5a, 0xc6, 0x55, 0xeb, 0x3b, 0x53, 0x77, - 0xf4, 0x8e, 0xf4, 0xd2, 0x8b, 0xec, 0xd6, 0x99, - 0x63, 0x64, 0x62, 0xf8, 0x3f, 0x3b, 0xd5, 0x35, - 0x45, 0x1b, 0x16, 0xac, 0x00, 0x46, 0x00, 0x04, - 0x00, 0x05, 0x00, 0x2f, 0x00, 0x35, 0xc0, 0x02, - 0xc0, 0x04, 0xc0, 0x05, 0xc0, 0x0c, 0xc0, 0x0e, - 0xc0, 0x0f, 0xc0, 0x07, 0xc0, 0x09, 0xc0, 0x0a, - 0xc0, 0x11, 0xc0, 0x13, 0xc0, 0x14, 0x00, 0x33, - 0x00, 0x39, 0x00, 0x32, 0x00, 0x38, 0x00, 0x0a, - 0xc0, 0x03, 0xc0, 0x0d, 0xc0, 0x08, 0xc0, 0x12, - 0x00, 0x16, 0x00, 0x13, 0x00, 0x09, 0x00, 0x15, - 0x00, 0x12, 0x00, 0x03, 0x00, 0x08, 0x00, 0x14, - 0x00, 0x11, 0x00, 0xff, 0x01, 0x00, 0x00, 0x40, - 0x00, 0x0b, 0x00, 0x04, 0x03, 0x00, 0x01, 0x02, - 0x00, 0x0a, 0x00, 0x34, 0x00, 0x32, 0x00, 0x0e, - 0x00, 0x0d, 0x00, 0x19, 0x00, 0x0b, 0x00, 0x0c, - 0x00, 0x18, 0x00, 0x09, 0x00, 0x0a, 0x00, 0x16, - 0x00, 0x17, 0x00, 0x08, 0x00, 0x06, 0x00, 0x07, - 0x00, 0x14, 0x00, 0x15, 0x00, 0x04, 0x00, 0x05, - 0x00, 0x12, 0x00, 0x13, 0x00, 0x01, 0x00, 0x02, - 0x00, 0x03, 0x00, 0x0f, 0x00, 0x10, 0x00, 0x11 - }; - uint32_t client_hello_len = sizeof(client_hello); - - uint8_t server_hello_certificate_done[] = { - 0x16, 0x03, 0x01, 0x00, 0x51, 0x02, 0x00, 0x00, - 0x4d, 0x03, 0x01, 0x51, 0x60, 0xc2, 0x17, 0xb7, - 0x81, 0xaa, 0x27, 0xa1, 0xd5, 0xfa, 0x14, 0xc1, - 0xe0, 0x05, 0xab, 0x75, 0xf2, 0x51, 0xe7, 0x6e, - 0xe6, 0xf9, 0xc4, 0x8f, 0x16, 0x08, 0x26, 0x6c, - 0x1b, 0x86, 0x90, 0x20, 0x0a, 0x38, 0x90, 0x2d, - 0x17, 0x7d, 0xb7, 0x6b, 0x6b, 0xe5, 0xeb, 0x61, - 0x90, 0x35, 0xf8, 0xcd, 0xb1, 0x2a, 0x69, 0x6e, - 0x0e, 0x3e, 0x5f, 0x90, 0xdc, 0x2f, 0x51, 0x45, - 0x68, 0x63, 0xe3, 0xb3, 0x00, 0x05, 0x00, 0x00, - 0x05, 0xff, 0x01, 0x00, 0x01, 0x00, 0x16, 0x03, - 0x01, 0x07, 0x60, 0x0b, 0x00, 0x07, 0x5c, 0x00, - 0x07, 0x59, 0x00, 0x03, 0xcc, 0x30, 0x82, 0x03, - 0xc8, 0x30, 0x82, 0x03, 0x31, 0xa0, 0x03, 0x02, - 0x01, 0x02, 0x02, 0x10, 0x01, 0x7f, 0x77, 0xde, - 0xb3, 0xbc, 0xbb, 0x23, 0x5d, 0x44, 0xcc, 0xc7, - 0xdb, 0xa6, 0x2e, 0x72, 0x30, 0x0d, 0x06, 0x09, - 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, - 0x05, 0x05, 0x00, 0x30, 0x81, 0xba, 0x31, 0x1f, - 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, - 0x16, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, - 0x6e, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, - 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x31, - 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0b, - 0x13, 0x0e, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, - 0x67, 0x6e, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e, - 0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, - 0x0b, 0x13, 0x2a, 0x56, 0x65, 0x72, 0x69, 0x53, - 0x69, 0x67, 0x6e, 0x20, 0x49, 0x6e, 0x74, 0x65, - 0x72, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x61, - 0x6c, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x20, 0x43, 0x41, 0x20, 0x2d, 0x20, 0x43, 0x6c, - 0x61, 0x73, 0x73, 0x20, 0x33, 0x31, 0x49, 0x30, - 0x47, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x40, - 0x77, 0x77, 0x77, 0x2e, 0x76, 0x65, 0x72, 0x69, - 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d, - 0x2f, 0x43, 0x50, 0x53, 0x20, 0x49, 0x6e, 0x63, - 0x6f, 0x72, 0x70, 0x2e, 0x62, 0x79, 0x20, 0x52, - 0x65, 0x66, 0x2e, 0x20, 0x4c, 0x49, 0x41, 0x42, - 0x49, 0x4c, 0x49, 0x54, 0x59, 0x20, 0x4c, 0x54, - 0x44, 0x2e, 0x28, 0x63, 0x29, 0x39, 0x37, 0x20, - 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6e, - 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x32, 0x30, 0x36, - 0x32, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, - 0x5a, 0x17, 0x0d, 0x31, 0x33, 0x31, 0x32, 0x33, - 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, - 0x30, 0x68, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, - 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, - 0x13, 0x0a, 0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, - 0x72, 0x6e, 0x69, 0x61, 0x31, 0x12, 0x30, 0x10, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x09, 0x50, - 0x61, 0x6c, 0x6f, 0x20, 0x41, 0x6c, 0x74, 0x6f, - 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, - 0x0a, 0x13, 0x0e, 0x46, 0x61, 0x63, 0x65, 0x62, - 0x6f, 0x6f, 0x6b, 0x2c, 0x20, 0x49, 0x6e, 0x63, - 0x2e, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, - 0x04, 0x02, 0x14, 0x0e, 0x2a, 0x2e, 0x66, 0x61, - 0x63, 0x65, 0x62, 0x6f, 0x6f, 0x6b, 0x2e, 0x63, - 0x6f, 0x6d, 0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06, - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, - 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, - 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xae, - 0x94, 0xb1, 0x71, 0xe2, 0xde, 0xcc, 0xc1, 0x69, - 0x3e, 0x05, 0x10, 0x63, 0x24, 0x01, 0x02, 0xe0, - 0x68, 0x9a, 0xe8, 0x3c, 0x39, 0xb6, 0xb3, 0xe7, - 0x4b, 0x97, 0xd4, 0x8d, 0x7b, 0x23, 0x68, 0x91, - 0x00, 0xb0, 0xb4, 0x96, 0xee, 0x62, 0xf0, 0xe6, - 0xd3, 0x56, 0xbc, 0xf4, 0xaa, 0x0f, 0x50, 0x64, - 0x34, 0x02, 0xf5, 0xd1, 0x76, 0x6a, 0xa9, 0x72, - 0x83, 0x5a, 0x75, 0x64, 0x72, 0x3f, 0x39, 0xbb, - 0xef, 0x52, 0x90, 0xde, 0xd9, 0xbc, 0xdb, 0xf9, - 0xd3, 0xd5, 0x5d, 0xfa, 0xd2, 0x3a, 0xa0, 0x3d, - 0xc6, 0x04, 0xc5, 0x4d, 0x29, 0xcf, 0x1d, 0x4b, - 0x3b, 0xdb, 0xd1, 0xa8, 0x09, 0xcf, 0xae, 0x47, - 0xb4, 0x4c, 0x7e, 0xae, 0x17, 0xc5, 0x10, 0x9b, - 0xee, 0x24, 0xa9, 0xcf, 0x4a, 0x8d, 0x91, 0x1b, - 0xb0, 0xfd, 0x04, 0x15, 0xae, 0x4c, 0x3f, 0x43, - 0x0a, 0xa1, 0x2a, 0x55, 0x7e, 0x2a, 0xe1, 0x02, - 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, 0x01, 0x1e, - 0x30, 0x82, 0x01, 0x1a, 0x30, 0x09, 0x06, 0x03, - 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, - 0x44, 0x06, 0x03, 0x55, 0x1d, 0x20, 0x04, 0x3d, - 0x30, 0x3b, 0x30, 0x39, 0x06, 0x0b, 0x60, 0x86, - 0x48, 0x01, 0x86, 0xf8, 0x45, 0x01, 0x07, 0x17, - 0x03, 0x30, 0x2a, 0x30, 0x28, 0x06, 0x08, 0x2b, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x00, 0x01, 0x16, - 0x1c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, - 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x76, 0x65, 0x72, - 0x69, 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, - 0x6d, 0x2f, 0x72, 0x70, 0x61, 0x30, 0x3c, 0x06, - 0x03, 0x55, 0x1d, 0x1f, 0x04, 0x35, 0x30, 0x33, - 0x30, 0x31, 0xa0, 0x2f, 0xa0, 0x2d, 0x86, 0x2b, - 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x53, - 0x56, 0x52, 0x49, 0x6e, 0x74, 0x6c, 0x2d, 0x63, - 0x72, 0x6c, 0x2e, 0x76, 0x65, 0x72, 0x69, 0x73, - 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, - 0x53, 0x56, 0x52, 0x49, 0x6e, 0x74, 0x6c, 0x2e, - 0x63, 0x72, 0x6c, 0x30, 0x1d, 0x06, 0x03, 0x55, - 0x1d, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, - 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, - 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, - 0x03, 0x02, 0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, - 0x0f, 0x04, 0x04, 0x03, 0x02, 0x05, 0xa0, 0x30, - 0x34, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x01, 0x01, 0x04, 0x28, 0x30, 0x26, 0x30, - 0x24, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x30, 0x01, 0x86, 0x18, 0x68, 0x74, 0x74, - 0x70, 0x3a, 0x2f, 0x2f, 0x6f, 0x63, 0x73, 0x70, - 0x2e, 0x76, 0x65, 0x72, 0x69, 0x73, 0x69, 0x67, - 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x27, 0x06, - 0x03, 0x55, 0x1d, 0x11, 0x04, 0x20, 0x30, 0x1e, - 0x82, 0x0e, 0x2a, 0x2e, 0x66, 0x61, 0x63, 0x65, - 0x62, 0x6f, 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, - 0x82, 0x0c, 0x66, 0x61, 0x63, 0x65, 0x62, 0x6f, - 0x6f, 0x6b, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x0d, - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x81, 0x81, - 0x00, 0x5b, 0x6c, 0x2b, 0x75, 0xf8, 0xed, 0x30, - 0xaa, 0x51, 0xaa, 0xd3, 0x6a, 0xba, 0x59, 0x5e, - 0x55, 0x51, 0x41, 0x95, 0x1f, 0x81, 0xa5, 0x3b, - 0x44, 0x79, 0x10, 0xac, 0x1f, 0x76, 0xff, 0x78, - 0xfc, 0x27, 0x81, 0x61, 0x6b, 0x58, 0xf3, 0x12, - 0x2a, 0xfc, 0x1c, 0x87, 0x01, 0x04, 0x25, 0xe9, - 0xed, 0x43, 0xdf, 0x1a, 0x7b, 0xa6, 0x49, 0x80, - 0x60, 0x67, 0xe2, 0x68, 0x8a, 0xf0, 0x3d, 0xb5, - 0x8c, 0x7d, 0xf4, 0xee, 0x03, 0x30, 0x9a, 0x6a, - 0xfc, 0x24, 0x7c, 0xcb, 0x13, 0x4d, 0xc3, 0x3e, - 0x54, 0xc6, 0xbc, 0x1d, 0x51, 0x33, 0xa5, 0x32, - 0xa7, 0x32, 0x73, 0xb1, 0xd7, 0x9c, 0xad, 0xc0, - 0x8e, 0x7e, 0x1a, 0x83, 0x11, 0x6d, 0x34, 0x52, - 0x33, 0x40, 0xb0, 0x30, 0x54, 0x27, 0xa2, 0x17, - 0x42, 0x82, 0x7c, 0x98, 0x91, 0x66, 0x98, 0xee, - 0x7e, 0xaf, 0x8c, 0x3b, 0xdd, 0x71, 0x70, 0x08, - 0x17, 0x00, 0x03, 0x87, 0x30, 0x82, 0x03, 0x83, - 0x30, 0x82, 0x02, 0xec, 0xa0, 0x03, 0x02, 0x01, - 0x02, 0x02, 0x10, 0x46, 0xfc, 0xeb, 0xba, 0xb4, - 0xd0, 0x2f, 0x0f, 0x92, 0x60, 0x98, 0x23, 0x3f, - 0x93, 0x07, 0x8f, 0x30, 0x0d, 0x06, 0x09, 0x2a, - 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, - 0x05, 0x00, 0x30, 0x5f, 0x31, 0x0b, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, - 0x53, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, - 0x04, 0x0a, 0x13, 0x0e, 0x56, 0x65, 0x72, 0x69, - 0x53, 0x69, 0x67, 0x6e, 0x2c, 0x20, 0x49, 0x6e, - 0x63, 0x2e, 0x31, 0x37, 0x30, 0x35, 0x06, 0x03, - 0x55, 0x04, 0x0b, 0x13, 0x2e, 0x43, 0x6c, 0x61, - 0x73, 0x73, 0x20, 0x33, 0x20, 0x50, 0x75, 0x62, - 0x6c, 0x69, 0x63, 0x20, 0x50, 0x72, 0x69, 0x6d, - 0x61, 0x72, 0x79, 0x20, 0x43, 0x65, 0x72, 0x74, - 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x20, 0x41, 0x75, 0x64, 0x68, 0x6f, 0x72, - 0x69, 0x74, 0x79, 0x30, 0x1e, 0x17, 0x0d, 0x39, - 0x37, 0x30, 0x34, 0x31, 0x37, 0x30, 0x30, 0x30, - 0x30, 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x31, 0x36, - 0x31, 0x30, 0x32, 0x34, 0x32, 0x33, 0x35, 0x39, - 0x35, 0x39, 0x5a, 0x30, 0x81, 0xba, 0x31, 0x1f, - 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, - 0x16, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, - 0x6e, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, - 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x31, - 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0b, - 0x13, 0x0e, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, - 0x67, 0x6e, 0x2c, 0x20, 0x49, 0x6e, 0x63, 0x2e, - 0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, - 0x0b, 0x13, 0x2a, 0x56, 0x65, 0x72, 0x69, 0x53, - 0x69, 0x67, 0x6e, 0x20, 0x49, 0x6e, 0x74, 0x65, - 0x72, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x61, - 0x6c, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x20, 0x43, 0x41, 0x20, 0x2d, 0x20, 0x43, 0x6c, - 0x61, 0x73, 0x73, 0x20, 0x33, 0x31, 0x49, 0x30, - 0x47, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x40, - 0x77, 0x77, 0x77, 0x2e, 0x76, 0x65, 0x72, 0x69, - 0x73, 0x69, - 0x67, 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x43, - 0x50, 0x53, 0x20, 0x49, 0x6e, 0x63, 0x6f, 0x72, - 0x70, 0x2e, 0x62, 0x79, 0x20, 0x52, 0x65, 0x66, - 0x2e, 0x20, 0x4c, 0x49, 0x41, 0x42, 0x49, 0x4c, - 0x49, 0x54, 0x59, 0x20, 0x4c, 0x54, 0x44, 0x2e, - 0x28, 0x63, 0x29, 0x39, 0x37, 0x20, 0x56, 0x65, - 0x72, 0x69, 0x53, 0x69, 0x67, 0x6e, 0x30, 0x81, - 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, - 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, - 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, - 0x81, 0x81, 0x00, 0xd8, 0x82, 0x80, 0xe8, 0xd6, - 0x19, 0x02, 0x7d, 0x1f, 0x85, 0x18, 0x39, 0x25, - 0xa2, 0x65, 0x2b, 0xe1, 0xbf, 0xd4, 0x05, 0xd3, - 0xbc, 0xe6, 0x36, 0x3b, 0xaa, 0xf0, 0x4c, 0x6c, - 0x5b, 0xb6, 0xe7, 0xaa, 0x3c, 0x73, 0x45, 0x55, - 0xb2, 0xf1, 0xbd, 0xea, 0x97, 0x42, 0xed, 0x9a, - 0x34, 0x0a, 0x15, 0xd4, 0xa9, 0x5c, 0xf5, 0x40, - 0x25, 0xdd, 0xd9, 0x07, 0xc1, 0x32, 0xb2, 0x75, - 0x6c, 0xc4, 0xca, 0xbb, 0xa3, 0xfe, 0x56, 0x27, - 0x71, 0x43, 0xaa, 0x63, 0xf5, 0x30, 0x3e, 0x93, - 0x28, 0xe5, 0xfa, 0xf1, 0x09, 0x3b, 0xf3, 0xb7, - 0x4d, 0x4e, 0x39, 0xf7, 0x5c, 0x49, 0x5a, 0xb8, - 0xc1, 0x1d, 0xd3, 0xb2, 0x8a, 0xfe, 0x70, 0x30, - 0x95, 0x42, 0xcb, 0xfe, 0x2b, 0x51, 0x8b, 0x5a, - 0x3c, 0x3a, 0xf9, 0x22, 0x4f, 0x90, 0xb2, 0x02, - 0xa7, 0x53, 0x9c, 0x4f, 0x34, 0xe7, 0xab, 0x04, - 0xb2, 0x7b, 0x6f, 0x02, 0x03, 0x01, 0x00, 0x01, - 0xa3, 0x81, 0xe3, 0x30, 0x81, 0xe0, 0x30, 0x0f, - 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x08, 0x30, - 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x00, 0x30, - 0x44, 0x06, 0x03, 0x55, 0x1d, 0x20, 0x04, 0x3d, - 0x30, 0x3b, 0x30, 0x39, 0x06, 0x0b, 0x60, 0x86, - 0x48, 0x01, 0x86, 0xf8, 0x45, 0x01, 0x07, 0x01, - 0x01, 0x30, 0x2a, 0x30, 0x28, 0x06, 0x08, 0x2b, - 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01, 0x16, - 0x1c, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, - 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x76, 0x65, 0x72, - 0x69, 0x73, 0x69, 0x67, 0x6e, 0x2e, 0x63, 0x6f, - 0x6d, 0x2f, 0x43, 0x50, 0x53, 0x30, 0x34, 0x06, - 0x03, 0x55, 0x1d, 0x25, 0x04, 0x2d, 0x30, 0x2b, - 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, - 0x03, 0x01, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, - 0x05, 0x07, 0x03, 0x02, 0x06, 0x09, 0x60, 0x86, - 0x48, 0x01, 0x86, 0xf8, 0x42, 0x04, 0x01, 0x06, - 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x45, - 0x01, 0x08, 0x01, 0x30, 0x0b, 0x06, 0x03, 0x55, - 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x01, 0x06, - 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, - 0x86, 0xf8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, - 0x02, 0x01, 0x06, 0x30, 0x31, 0x06, 0x03, 0x55, - 0x1d, 0x1f, 0x04, 0x2a, 0x30, 0x28, 0x30, 0x26, - 0xa0, 0x24, 0xa0, 0x22, 0x86, 0x20, 0x68, 0x74, - 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x63, 0x72, 0x6c, - 0x2e, 0x76, 0x65, 0x72, 0x69, 0x73, 0x69, 0x67, - 0x6e, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x63, - 0x61, 0x33, 0x2e, 0x63, 0x72, 0x6c, 0x30, 0x0d, - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x81, 0x81, - 0x00, 0x40, 0x8e, 0x49, 0x97, 0x96, 0x8a, 0x73, - 0xdd, 0x8e, 0x4d, 0xef, 0x3e, 0x61, 0xb7, 0xca, - 0xa0, 0x62, 0xad, 0xf4, 0x0e, 0x0a, 0xbb, 0x75, - 0x3d, 0xe2, 0x6e, 0xd8, 0x2c, 0xc7, 0xbf, 0xf4, - 0xb9, 0x8c, 0x36, 0x9b, 0xca, 0xa2, 0xd0, 0x9c, - 0x72, 0x46, 0x39, 0xf6, 0xa6, 0x82, 0x03, 0x65, - 0x11, 0xc4, 0xbc, 0xbf, 0x2d, 0xa6, 0xf5, 0xd9, - 0x3b, 0x0a, 0xb5, 0x98, 0xfa, 0xb3, 0x78, 0xb9, - 0x1e, 0xf2, 0x2b, 0x4c, 0x62, 0xd5, 0xfd, 0xb2, - 0x7a, 0x1d, 0xdf, 0x33, 0xfd, 0x73, 0xf9, 0xa5, - 0xd8, 0x2d, 0x8c, 0x2a, 0xea, 0xd1, 0xfc, 0xb0, - 0x28, 0xb6, 0xe9, 0x49, 0x48, 0x13, 0x4b, 0x83, - 0x8a, 0x1b, 0x48, 0x7b, 0x24, 0xf7, 0x38, 0xde, - 0x6f, 0x41, 0x54, 0xb8, 0xab, 0x57, 0x6b, 0x06, - 0xdf, 0xc7, 0xa2, 0xd4, 0xa9, 0xf6, 0xf1, 0x36, - 0x62, 0x80, 0x88, 0xf2, 0x8b, 0x75, 0xd6, 0x80, - 0x75, 0x16, 0x03, 0x01, 0x00, 0x04, 0x0e, 0x00, - 0x00, 0x00 - }; - uint32_t server_hello_certificate_done_len = sizeof(server_hello_certificate_done); - - uint8_t client_key_exchange_cipher_enc_hs[] = { - 0x16, 0x03, 0x01, 0x00, 0x86, 0x10, 0x00, 0x00, - 0x80, 0x00, 0x80, 0x14, 0x2b, 0x2f, 0x9f, 0x02, - 0x1d, 0x4e, 0x0d, 0xa7, 0x41, 0x0f, 0x99, 0xc5, - 0xe9, 0x49, 0x22, 0x14, 0xa0, 0x42, 0x7b, 0xb4, - 0x6d, 0x4f, 0x82, 0x3c, 0x3a, 0x6e, 0xed, 0xd5, - 0x6e, 0x72, 0x71, 0xae, 0x00, 0x4a, 0x9a, 0xc9, - 0x0e, 0x2d, 0x08, 0xa2, 0xd3, 0x3a, 0xb0, 0xb2, - 0x1a, 0x56, 0x01, 0x7c, 0x9a, 0xfa, 0xfb, 0x1a, - 0xd7, 0x7e, 0x20, 0x68, 0x51, 0xd0, 0xfe, 0xd9, - 0xdc, 0xa7, 0x0b, 0xeb, 0x1a, 0xb6, 0xd3, 0xc7, - 0x17, 0x1f, 0xf3, 0x6e, 0x91, 0xdd, 0x06, 0x0d, - 0x48, 0xde, 0xcd, 0x0c, 0x36, 0x8c, 0x83, 0x29, - 0x9a, 0x40, 0x03, 0xcd, 0xf3, 0x1b, 0xdb, 0xd8, - 0x44, 0x6b, 0x75, 0xf3, 0x5a, 0x9f, 0x26, 0x1a, - 0xc4, 0x16, 0x35, 0x8f, 0xc1, 0x15, 0x19, 0xa9, - 0xdf, 0x07, 0xa9, 0xe5, 0x56, 0x45, 0x6d, 0xca, - 0x20, 0x3c, 0xcf, 0x8e, 0xbe, 0x44, 0x68, 0x73, - 0xc8, 0x0b, 0xc7, 0x14, 0x03, 0x01, 0x00, 0x01, - 0x01, 0x16, 0x03, 0x01, 0x00, 0x24, 0xf9, 0x7e, - 0x28, 0x77, 0xa9, 0x9a, 0x08, 0x0c, 0x2e, 0xa9, - 0x09, 0x15, 0x27, 0xcd, 0x93, 0x5f, 0xc0, 0x32, - 0x0a, 0x8d, 0x62, 0xd3, 0x54, 0x79, 0x6b, 0x51, - 0xd7, 0xba, 0x02, 0xd6, 0xdb, 0x66, 0xe8, 0x97, - 0x5d, 0x7a - }; - uint32_t client_key_exchange_cipher_enc_hs_len = sizeof(client_key_exchange_cipher_enc_hs); - - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, client_hello, - client_hello_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.bytes_processed != 0); - FAIL_IF(ssl_state->client_connp.hs_bytes_processed != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, - server_hello_certificate_done, - server_hello_certificate_done_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FAIL_IF(ssl_state->client_connp.bytes_processed != 0); - FAIL_IF(ssl_state->client_connp.hs_bytes_processed != 0); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - client_key_exchange_cipher_enc_hs, - client_key_exchange_cipher_enc_hs_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -static int SSLParserTest26(void) -{ - Flow f; - uint8_t client_hello[] = { - 0x16, 0x03, 0x01, 0x02, 0x0e, 0x01, 0x00, 0x02, - 0x0a, 0x03, 0x03, 0x58, 0x36, 0x15, 0x03, 0x8e, - 0x07, 0xf9, 0xad, 0x2a, 0xb7, 0x56, 0xbf, 0xe2, - 0xa2, 0xf8, 0x21, 0xe0, 0xbb, 0x69, 0xc2, 0xd6, - 0x76, 0xe6, 0x77, 0xfe, 0x09, 0xff, 0x8e, 0xac, - 0x80, 0xb5, 0x27, 0x20, 0xb7, 0xbb, 0x90, 0x35, - 0x7a, 0xdd, 0xd9, 0x67, 0xdf, 0x79, 0xd6, 0x16, - 0x90, 0xf6, 0xd7, 0x5c, 0xd3, 0x07, 0x19, 0x20, - 0x01, 0x39, 0x76, 0x25, 0x12, 0x32, 0x71, 0xa1, - 0x84, 0x8d, 0x2d, 0xea, 0x00, 0x88, 0xc0, 0x30, - 0xc0, 0x2c, 0xc0, 0x28, 0xc0, 0x24, 0xc0, 0x14, - 0xc0, 0x0a, 0x00, 0xa3, 0x00, 0x9f, 0x00, 0x6b, - 0x00, 0x6a, 0x00, 0x39, 0x00, 0x38, 0x00, 0x88, - 0x00, 0x87, 0xc0, 0x32, 0xc0, 0x2e, 0xc0, 0x2a, - 0xc0, 0x26, 0xc0, 0x0f, 0xc0, 0x05, 0x00, 0x9d, - 0x00, 0x3d, 0x00, 0x35, 0x00, 0x84, 0xc0, 0x12, - 0xc0, 0x08, 0x00, 0x16, 0x00, 0x13, 0xc0, 0x0d, - 0xc0, 0x03, 0x00, 0x0a, 0xc0, 0x2f, 0xc0, 0x2b, - 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x13, 0xc0, 0x09, - 0x00, 0xa2, 0x00, 0x9e, 0x00, 0x67, 0x00, 0x40, - 0x00, 0x33, 0x00, 0x32, 0x00, 0x9a, 0x00, 0x99, - 0x00, 0x45, 0x00, 0x44, 0xc0, 0x31, 0xc0, 0x2d, - 0xc0, 0x29, 0xc0, 0x25, 0xc0, 0x0e, 0xc0, 0x04, - 0x00, 0x9c, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0x96, - 0x00, 0x41, 0xc0, 0x11, 0xc0, 0x07, 0xc0, 0x0c, - 0xc0, 0x02, 0x00, 0x05, 0x00, 0x04, 0x00, 0x15, - 0x00, 0x12, 0x00, 0x09, 0x00, 0xff, 0x01, 0x00, - 0x01, 0x39, 0x00, 0x00, 0x00, 0x14, 0x00, 0x12, - 0x00, 0x00, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x79, - 0x6f, 0x75, 0x74, 0x75, 0x62, 0x65, 0x2e, 0x63, - 0x6f, 0x6d, 0x00, 0x0b, 0x00, 0x04, 0x03, 0x00, - 0x01, 0x02, 0x00, 0x0a, 0x00, 0x34, 0x00, 0x32, - 0x00, 0x0e, 0x00, 0x0d, 0x00, 0x19, 0x00, 0x0b, - 0x00, 0x0c, 0x00, 0x18, 0x00, 0x09, 0x00, 0x0a, - 0x00, 0x16, 0x00, 0x17, 0x00, 0x08, 0x00, 0x06, - 0x00, 0x07, 0x00, 0x14, 0x00, 0x15, 0x00, 0x04, - 0x00, 0x05, 0x00, 0x12, 0x00, 0x13, 0x00, 0x01, - 0x00, 0x02, 0x00, 0x03, 0x00, 0x0f, 0x00, 0x10, - 0x00, 0x11, 0x00, 0x23, 0x00, 0xb4, 0x05, 0x6c, - 0xfa, 0x27, 0x6f, 0x12, 0x2f, 0x2a, 0xe5, 0x56, - 0xcb, 0x42, 0x62, 0x44, 0xf2, 0xd7, 0xd1, 0x05, - 0x87, 0xd4, 0x52, 0x02, 0x10, 0x85, 0xa4, 0xa6, - 0x82, 0x6f, 0x6d, 0x7b, 0xaf, 0x11, 0xbe, 0x21, - 0x7e, 0x7c, 0x36, 0x03, 0x20, 0x29, 0xd8, 0xf9, - 0xe5, 0x2b, 0xe2, 0x26, 0xb2, 0x27, 0xc7, 0xb9, - 0xda, 0x59, 0xd7, 0xdc, 0xfd, 0x74, 0x74, 0x76, - 0xd0, 0x5e, 0xe4, 0xfe, 0x9d, 0xb7, 0x1b, 0x13, - 0x81, 0xce, 0x63, 0x75, 0x2b, 0x2f, 0x98, 0x3a, - 0x84, 0x46, 0xd3, 0x0c, 0xb3, 0x01, 0xdb, 0x62, - 0x51, 0x97, 0x92, 0x1c, 0xa5, 0x94, 0x60, 0xef, - 0xa6, 0xd8, 0xb2, 0x2f, 0x02, 0x42, 0x5c, 0xac, - 0xb4, 0xd9, 0x10, 0x2f, 0x7e, 0x89, 0xab, 0xa5, - 0xd7, 0x56, 0x6d, 0x03, 0xd2, 0x5f, 0x20, 0x2c, - 0xb6, 0x99, 0x2b, 0x66, 0xbd, 0xd4, 0xde, 0x53, - 0x76, 0x5c, 0x78, 0xf0, 0xe9, 0x6d, 0xa5, 0xc3, - 0x1a, 0x9e, 0x61, 0xb2, 0x45, 0xb0, 0xb3, 0x61, - 0xee, 0xa1, 0x07, 0xab, 0x2f, 0x84, 0xea, 0x43, - 0x76, 0x4b, 0x3d, 0xb0, 0xbe, 0xa4, 0xb4, 0x21, - 0xe1, 0xd3, 0xfd, 0x91, 0xe2, 0xe7, 0xf3, 0x38, - 0x9c, 0x56, 0x5f, 0xa1, 0xde, 0xa8, 0x2f, 0x0a, - 0x49, 0x6d, 0x44, 0x8e, 0xb7, 0xef, 0x4a, 0x6f, - 0x79, 0xb2, 0x00, 0x0d, 0x00, 0x20, 0x00, 0x1e, - 0x06, 0x01, 0x06, 0x02, 0x06, 0x03, 0x05, 0x01, - 0x05, 0x02, 0x05, 0x03, 0x04, 0x01, 0x04, 0x02, - 0x04, 0x03, 0x03, 0x01, 0x03, 0x02, 0x03, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x02, 0x03, 0x00, 0x0f, - 0x00, 0x01, 0x01 - }; - uint32_t client_hello_len = sizeof(client_hello); - - uint8_t server_hello_change_cipher_spec[] = { - 0x16, 0x03, 0x03, 0x00, 0x57, 0x02, 0x00, 0x00, - 0x53, 0x03, 0x03, 0x58, 0x36, 0x15, 0x03, 0x9f, - 0x3b, 0xf3, 0x11, 0x96, 0x2b, 0xc3, 0xae, 0x91, - 0x8c, 0x5f, 0x8b, 0x3f, 0x90, 0xbd, 0xa9, 0x26, - 0x26, 0xb2, 0xfd, 0x12, 0xc5, 0xc5, 0x7b, 0xe4, - 0xd1, 0x3e, 0x81, 0x20, 0xb7, 0xbb, 0x90, 0x35, - 0x7a, 0xdd, 0xd9, 0x67, 0xdf, 0x79, 0xd6, 0x16, - 0x90, 0xf6, 0xd7, 0x5c, 0xd3, 0x07, 0x19, 0x20, - 0x01, 0x39, 0x76, 0x25, 0x12, 0x32, 0x71, 0xa1, - 0x84, 0x8d, 0x2d, 0xea, 0xc0, 0x2b, 0x00, 0x00, - 0x0b, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x0b, - 0x00, 0x02, 0x01, 0x00, 0x14, 0x03, 0x03, 0x00, - 0x01, 0x01, 0x16, 0x03, 0x03, 0x00, 0x28, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, - 0x66, 0xfe, 0x07, 0x08, 0x33, 0x4d, 0xc2, 0x83, - 0x8e, 0x05, 0x8b, 0xf8, 0xd1, 0xb1, 0xa7, 0x16, - 0x4b, 0x42, 0x5c, 0x3a, 0xa4, 0x31, 0x0f, 0xba, - 0x84, 0x06, 0xcb, 0x9d, 0xc6, 0xc4, 0x66 - }; - uint32_t server_hello_change_cipher_spec_len = sizeof(server_hello_change_cipher_spec); - - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - FLOWLOCK_WRLOCK(&f); - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, client_hello, - client_hello_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF((ssl_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) == 0); - FAIL_IF_NULL(ssl_state->client_connp.session_id); - - FLOWLOCK_WRLOCK(&f); - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, - server_hello_change_cipher_spec, - server_hello_change_cipher_spec_len); - FLOWLOCK_UNLOCK(&f); - FAIL_IF(r != 0); - - FAIL_IF((ssl_state->flags & SSL_AL_FLAG_SERVER_CHANGE_CIPHER_SPEC) == 0); - FAIL_IF((ssl_state->flags & SSL_AL_FLAG_SESSION_RESUMED) == 0); - - AppLayerParserThreadCtxFree(alp_tctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - PASS; -} - -#endif /* UNITTESTS */ - -void SSLParserRegisterTests(void) -{ -#ifdef UNITTESTS - UtRegisterTest("SSLParserTest01", SSLParserTest01); - UtRegisterTest("SSLParserTest02", SSLParserTest02); - UtRegisterTest("SSLParserTest03", SSLParserTest03); - UtRegisterTest("SSLParserTest04", SSLParserTest04); - /* Updated by Anoop Saldanha. Faulty tests. Disable it for now */ - //UtRegisterTest("SSLParserTest05", SSLParserTest05, 1); - //UtRegisterTest("SSLParserTest06", SSLParserTest06, 1); - UtRegisterTest("SSLParserTest07", SSLParserTest07); - //UtRegisterTest("SSLParserTest08", SSLParserTest08, 1); - UtRegisterTest("SSLParserTest09", SSLParserTest09); - UtRegisterTest("SSLParserTest10", SSLParserTest10); - UtRegisterTest("SSLParserTest11", SSLParserTest11); - UtRegisterTest("SSLParserTest12", SSLParserTest12); - UtRegisterTest("SSLParserTest13", SSLParserTest13); - - UtRegisterTest("SSLParserTest14", SSLParserTest14); - UtRegisterTest("SSLParserTest15", SSLParserTest15); - UtRegisterTest("SSLParserTest16", SSLParserTest16); - UtRegisterTest("SSLParserTest17", SSLParserTest17); - UtRegisterTest("SSLParserTest18", SSLParserTest18); - UtRegisterTest("SSLParserTest19", SSLParserTest19); - UtRegisterTest("SSLParserTest20", SSLParserTest20); - UtRegisterTest("SSLParserTest21", SSLParserTest21); - UtRegisterTest("SSLParserTest22", SSLParserTest22); - UtRegisterTest("SSLParserTest23", SSLParserTest23); - UtRegisterTest("SSLParserTest24", SSLParserTest24); - UtRegisterTest("SSLParserTest25", SSLParserTest25); - UtRegisterTest("SSLParserTest26", SSLParserTest26); - - UtRegisterTest("SSLParserMultimsgTest01", SSLParserMultimsgTest01); - UtRegisterTest("SSLParserMultimsgTest02", SSLParserMultimsgTest02); -#endif /* UNITTESTS */ - - return; -} diff -Nru suricata-6.0.9/src/app-layer-ssl.h suricata-6.0.10/src/app-layer-ssl.h --- suricata-6.0.9/src/app-layer-ssl.h 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/app-layer-ssl.h 2023-01-31 06:26:24.000000000 +0000 @@ -38,6 +38,7 @@ TLS_DECODER_EVENT_INVALID_TLS_HEADER, TLS_DECODER_EVENT_INVALID_RECORD_VERSION, TLS_DECODER_EVENT_INVALID_RECORD_TYPE, + TLS_DECODER_EVENT_INVALID_RECORD_LENGTH, TLS_DECODER_EVENT_INVALID_HANDSHAKE_MESSAGE, TLS_DECODER_EVENT_HEARTBEAT, TLS_DECODER_EVENT_INVALID_HEARTBEAT, @@ -169,6 +170,39 @@ TLS_VERSION_13_DRAFT26_FB = 0xfb1a, }; +static inline bool TLSVersionValid(const uint16_t version) +{ + switch (version) { + case TLS_VERSION_13: + case TLS_VERSION_12: + case TLS_VERSION_11: + case TLS_VERSION_10: + case SSL_VERSION_3: + + case TLS_VERSION_13_DRAFT28: + case TLS_VERSION_13_DRAFT27: + case TLS_VERSION_13_DRAFT26: + case TLS_VERSION_13_DRAFT25: + case TLS_VERSION_13_DRAFT24: + case TLS_VERSION_13_DRAFT23: + case TLS_VERSION_13_DRAFT22: + case TLS_VERSION_13_DRAFT21: + case TLS_VERSION_13_DRAFT20: + case TLS_VERSION_13_DRAFT19: + case TLS_VERSION_13_DRAFT18: + case TLS_VERSION_13_DRAFT17: + case TLS_VERSION_13_DRAFT16: + case TLS_VERSION_13_PRE_DRAFT16: + case TLS_VERSION_13_DRAFT20_FB: + case TLS_VERSION_13_DRAFT21_FB: + case TLS_VERSION_13_DRAFT22_FB: + case TLS_VERSION_13_DRAFT23_FB: + case TLS_VERSION_13_DRAFT26_FB: + return true; + } + return false; +} + typedef struct SSLCertsChain_ { uint8_t *cert_data; uint32_t cert_len; @@ -183,7 +217,6 @@ uint32_t record_lengths_length; /* offset of the beginning of the current message (including header) */ - uint32_t message_start; uint32_t message_length; uint16_t version; @@ -194,8 +227,6 @@ /* the no of bytes processed in the currently parsed record */ uint32_t bytes_processed; - /* the no of bytes processed in the currently parsed handshake */ - uint16_t hs_bytes_processed; uint16_t session_id_length; @@ -213,16 +244,21 @@ TAILQ_HEAD(, SSLCertsChain_) certs; + uint8_t *certs_buffer; + uint32_t certs_buffer_size; + uint32_t cert_log_flag; JA3Buffer *ja3_str; char *ja3_hash; - /* buffer for the tls record. - * We use a malloced buffer, if the record is fragmented */ - uint8_t *trec; - uint32_t trec_len; - uint32_t trec_pos; + /* handshake tls fragmentation buffer. Handshake messages can be fragmented over multiple + * TLS records. */ + uint8_t *hs_buffer; + uint8_t hs_buffer_message_type; + uint32_t hs_buffer_message_size; + uint32_t hs_buffer_size; /**< allocation size */ + uint32_t hs_buffer_offset; /**< write offset */ } SSLStateConnp; /** diff -Nru suricata-6.0.9/src/autoconf.h.in suricata-6.0.10/src/autoconf.h.in --- suricata-6.0.9/src/autoconf.h.in 2022-11-28 06:35:25.000000000 +0000 +++ suricata-6.0.10/src/autoconf.h.in 2023-01-31 06:30:30.000000000 +0000 @@ -54,6 +54,12 @@ /* Define to 1 if you have the `bpf_program__section_name' function. */ #undef HAVE_BPF_PROGRAM__SECTION_NAME +/* Define to 1 if you have the `bpf_program__set_type' function. */ +#undef HAVE_BPF_PROGRAM__SET_TYPE + +/* Define to 1 if you have the `bpf_xdp_attach' function. */ +#undef HAVE_BPF_XDP_ATTACH + /* Define to 1 if you have the `clock_gettime' function. */ #undef HAVE_CLOCK_GETTIME diff -Nru suricata-6.0.9/src/counters.c suricata-6.0.10/src/counters.c --- suricata-6.0.9/src/counters.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/counters.c 2023-01-31 06:26:24.000000000 +0000 @@ -1252,7 +1252,7 @@ /** * \brief Releases the resources alloted by the Stats API */ -void StatsReleaseResources() +void StatsReleaseResources(void) { StatsLogSummary(); StatsReleaseCtx(); diff -Nru suricata-6.0.9/src/datasets.c suricata-6.0.10/src/datasets.c --- suricata-6.0.9/src/datasets.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/datasets.c 2023-01-31 06:26:24.000000000 +0000 @@ -633,7 +633,6 @@ int DatasetsInit(void) { SCLogDebug("datasets start"); - int n = 0; ConfNode *datasets = ConfGetNode("datasets"); uint64_t default_memcap = 0; uint32_t default_hashsize = 0; @@ -701,7 +700,7 @@ char conf_str[1024]; snprintf(conf_str, sizeof(conf_str), "datasets.%d.%s", list_pos, set_name); - SCLogDebug("(%d) set %s type %s. Conf %s", n, set_name, set_type->val, conf_str); + SCLogDebug("set %s type %s. Conf %s", set_name, set_type->val, conf_str); if (strcmp(set_type->val, "md5") == 0) { Dataset *dset = DatasetGet(set_name, DATASET_TYPE_MD5, save, load, @@ -709,9 +708,8 @@ hashsize > 0 ? hashsize : default_hashsize); if (dset == NULL) FatalError(SC_ERR_FATAL, "failed to setup dataset for %s", set_name); - SCLogDebug("dataset %s: id %d type %s", set_name, n, set_type->val); + SCLogDebug("dataset %s: id %u type %s", set_name, dset->id, set_type->val); dset->from_yaml = true; - n++; } else if (strcmp(set_type->val, "sha256") == 0) { Dataset *dset = DatasetGet(set_name, DATASET_TYPE_SHA256, save, load, @@ -719,9 +717,8 @@ hashsize > 0 ? hashsize : default_hashsize); if (dset == NULL) FatalError(SC_ERR_FATAL, "failed to setup dataset for %s", set_name); - SCLogDebug("dataset %s: id %d type %s", set_name, n, set_type->val); + SCLogDebug("dataset %s: id %u type %s", set_name, dset->id, set_type->val); dset->from_yaml = true; - n++; } else if (strcmp(set_type->val, "string") == 0) { Dataset *dset = DatasetGet(set_name, DATASET_TYPE_STRING, save, load, @@ -729,9 +726,8 @@ hashsize > 0 ? hashsize : default_hashsize); if (dset == NULL) FatalError(SC_ERR_FATAL, "failed to setup dataset for %s", set_name); - SCLogDebug("dataset %s: id %d type %s", set_name, n, set_type->val); + SCLogDebug("dataset %s: id %u type %s", set_name, dset->id, set_type->val); dset->from_yaml = true; - n++; } list_pos++; diff -Nru suricata-6.0.9/src/decode-events.c suricata-6.0.10/src/decode-events.c --- suricata-6.0.9/src/decode-events.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/decode-events.c 2023-01-31 06:26:24.000000000 +0000 @@ -270,6 +270,10 @@ "decoder.udp.hlen_invalid", UDP_HLEN_INVALID, }, + { + "decoder.udp.len_invalid", + UDP_LEN_INVALID, + }, /* SLL EVENTS */ { diff -Nru suricata-6.0.9/src/decode-events.h suricata-6.0.10/src/decode-events.h --- suricata-6.0.9/src/decode-events.h 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/decode-events.h 2023-01-31 06:26:24.000000000 +0000 @@ -103,6 +103,7 @@ UDP_PKT_TOO_SMALL, /**< udp packet smaller than minimum size */ UDP_HLEN_TOO_SMALL, /**< udp header smaller than minimum size */ UDP_HLEN_INVALID, /**< invalid len of upd header */ + UDP_LEN_INVALID, /**< packet len in header is invalid */ /* SLL EVENTS */ SLL_PKT_TOO_SMALL, /**< sll packet smaller than minimum size */ diff -Nru suricata-6.0.9/src/decode-udp.c suricata-6.0.10/src/decode-udp.c --- suricata-6.0.9/src/decode-udp.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/decode-udp.c 2023-01-31 06:26:24.000000000 +0000 @@ -57,7 +57,11 @@ } if (unlikely(len != UDP_GET_LEN(p))) { + // packet can still be valid, keeping for consistency with decoder.udp.hlen_invalid event ENGINE_SET_INVALID_EVENT(p, UDP_HLEN_INVALID); + } + if (unlikely(UDP_GET_LEN(p) < UDP_HEADER_LEN)) { + ENGINE_SET_INVALID_EVENT(p, UDP_LEN_INVALID); return -1; } @@ -65,7 +69,7 @@ SET_UDP_DST_PORT(p,&p->dp); p->payload = (uint8_t *)pkt + UDP_HEADER_LEN; - p->payload_len = len - UDP_HEADER_LEN; + p->payload_len = UDP_GET_LEN(p) - UDP_HEADER_LEN; p->proto = IPPROTO_UDP; diff -Nru suricata-6.0.9/src/defrag-queue.c suricata-6.0.10/src/defrag-queue.c --- suricata-6.0.9/src/defrag-queue.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/defrag-queue.c 2023-01-31 06:26:24.000000000 +0000 @@ -40,7 +40,7 @@ return q; } -DefragTrackerQueue *DefragTrackerQueueNew() +DefragTrackerQueue *DefragTrackerQueueNew(void) { DefragTrackerQueue *q = (DefragTrackerQueue *)SCMalloc(sizeof(DefragTrackerQueue)); if (q == NULL) { diff -Nru suricata-6.0.9/src/detect-content.c suricata-6.0.10/src/detect-content.c --- suricata-6.0.9/src/detect-content.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-content.c 2023-01-31 06:26:24.000000000 +0000 @@ -165,8 +165,10 @@ // SCLogDebug("space as part of binary string"); } else if (str[i] != ',') { - SCLogError(SC_ERR_INVALID_SIGNATURE, "Invalid hex code in " - "content - %s, hex %c. Invalidating signature.", str, str[i]); + SCLogError(SC_ERR_INVALID_SIGNATURE, + "Invalid hex code in " + "content - %s, hex %c. Invalidating signature.", + contentstr, str[i]); goto error; } } else if (escape) { diff -Nru suricata-6.0.9/src/detect-engine-analyzer.c suricata-6.0.10/src/detect-engine-analyzer.c --- suricata-6.0.9/src/detect-engine-analyzer.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-engine-analyzer.c 2023-01-31 06:26:24.000000000 +0000 @@ -425,7 +425,7 @@ * \retval 1 if successful * \retval 0 if on error */ -int PerCentEncodingSetup () +int PerCentEncodingSetup(void) { #define DETECT_PERCENT_ENCODING_REGEX "%[0-9|a-f|A-F]{2}" const char *eb = NULL; diff -Nru suricata-6.0.9/src/detect-engine-build.c suricata-6.0.10/src/detect-engine-build.c --- suricata-6.0.9/src/detect-engine-build.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-engine-build.c 2023-01-31 06:26:24.000000000 +0000 @@ -1652,8 +1652,6 @@ */ int SigAddressPrepareStage2(DetectEngineCtx *de_ctx) { - uint32_t sigs = 0; - SCLogDebug("building signature grouping structure, stage 2: " "building source address lists..."); @@ -1677,8 +1675,6 @@ if (s->init_data->init_flags & SIG_FLAG_INIT_DEONLY) { DetectEngineAddDecoderEventSig(de_ctx, s); } - - sigs++; } IPOnlyPrepare(de_ctx); diff -Nru suricata-6.0.9/src/detect-engine.c suricata-6.0.10/src/detect-engine.c --- suricata-6.0.9/src/detect-engine.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-engine.c 2023-01-31 06:26:24.000000000 +0000 @@ -4582,7 +4582,7 @@ #endif -void DetectEngineRegisterTests() +void DetectEngineRegisterTests(void) { #ifdef UNITTESTS UtRegisterTest("DetectEngineTest01", DetectEngineTest01); diff -Nru suricata-6.0.9/src/detect-engine-enip.c suricata-6.0.10/src/detect-engine-enip.c --- suricata-6.0.9/src/detect-engine-enip.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-engine-enip.c 2023-01-31 06:26:24.000000000 +0000 @@ -164,7 +164,9 @@ static int CIPServiceMatch(ENIPTransaction *enip_data, DetectCipServiceData *cipserviced) { +#ifdef DEBUG int count = 1; +#endif CIPServiceEntry *svc = NULL; //SCLogDebug("CIPServiceMatchAL"); TAILQ_FOREACH(svc, &enip_data->service_list, next) @@ -200,7 +202,9 @@ return 1; } } +#ifdef DEBUG count++; +#endif } return 0; } diff -Nru suricata-6.0.9/src/detect-engine-event.c suricata-6.0.10/src/detect-engine-event.c --- suricata-6.0.9/src/detect-engine-event.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-engine-event.c 2023-01-31 06:26:24.000000000 +0000 @@ -110,6 +110,14 @@ SCReturnInt(0); } +static bool OutdatedEvent(const char *raw) +{ + if (strcmp(raw, "decoder.udp.hlen_invalid") == 0) { + return true; + } + return false; +} + /** * \brief This function is used to parse decoder events options passed via decode-event: keyword * @@ -163,6 +171,17 @@ if (de->event == STREAM_REASSEMBLY_OVERLAP_DIFFERENT_DATA) { StreamTcpReassembleConfigEnableOverlapCheck(); } + + if (OutdatedEvent(rawstr)) { + if (SigMatchStrictEnabled(DETECT_DECODE_EVENT)) { + SCLogError(SC_WARN_DEPRECATED, "decode-event keyword no longer supports event \"%s\"", + rawstr); + goto error; + } else { + SCLogNotice("decode-event keyword no longer supports event \"%s\"", rawstr); + } + } + return de; error: diff -Nru suricata-6.0.9/src/detect-engine-iponly.c suricata-6.0.10/src/detect-engine-iponly.c --- suricata-6.0.9/src/detect-engine-iponly.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-engine-iponly.c 2023-01-31 06:26:24.000000000 +0000 @@ -448,8 +448,9 @@ void IPOnlyCIDRListFree(IPOnlyCIDRItem *tmphead) { SCEnter(); +#ifdef DEBUG uint32_t i = 0; - +#endif IPOnlyCIDRItem *it, *next = NULL; if (tmphead == NULL) { @@ -461,8 +462,10 @@ next = it->next; while (it != NULL) { +#ifdef DEBUG i++; SCLogDebug("Item(%p) %"PRIu32" removed", it, i); +#endif SCFree(it); it = next; diff -Nru suricata-6.0.9/src/detect-engine-loader.c suricata-6.0.10/src/detect-engine-loader.c --- suricata-6.0.9/src/detect-engine-loader.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-engine-loader.c 2023-01-31 06:26:24.000000000 +0000 @@ -493,7 +493,7 @@ /** * \brief Unpauses all threads present in tv_root */ -void TmThreadWakeupDetectLoaderThreads() +void TmThreadWakeupDetectLoaderThreads(void) { ThreadVars *tv = NULL; int i = 0; @@ -517,7 +517,7 @@ /** * \brief Unpauses all threads present in tv_root */ -void TmThreadContinueDetectLoaderThreads() +void TmThreadContinueDetectLoaderThreads(void) { ThreadVars *tv = NULL; int i = 0; diff -Nru suricata-6.0.9/src/detect-engine-port.c suricata-6.0.10/src/detect-engine-port.c --- suricata-6.0.9/src/detect-engine-port.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-engine-port.c 2023-01-31 06:26:24.000000000 +0000 @@ -100,13 +100,16 @@ void DetectPortPrintList(DetectPort *head) { DetectPort *cur; +#ifdef DEBUG uint16_t cnt = 0; - +#endif SCLogDebug("= list start:"); if (head != NULL) { for (cur = head; cur != NULL; cur = cur->next) { DetectPortPrint(cur); +#ifdef DEBUG cnt++; +#endif } SCLogDebug(" "); } diff -Nru suricata-6.0.9/src/detect-engine-sigorder.c suricata-6.0.10/src/detect-engine-sigorder.c --- suricata-6.0.9/src/detect-engine-sigorder.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-engine-sigorder.c 2023-01-31 06:26:24.000000000 +0000 @@ -730,8 +730,9 @@ Signature *sig = NULL; SCSigSignatureWrapper *sigw = NULL; SCSigSignatureWrapper *sigw_list = NULL; - +#ifdef DEBUG int i = 0; +#endif SCLogDebug("ordering signatures in memory"); sig = de_ctx->sig_list; @@ -742,7 +743,9 @@ sigw_list = sigw; sig = sig->next; +#ifdef DEBUG i++; +#endif } /* Sort the list */ @@ -754,9 +757,13 @@ /* Recreate the sig list in order */ de_ctx->sig_list = NULL; sigw = sigw_list; +#ifdef DEBUG i = 0; +#endif while (sigw != NULL) { +#ifdef DEBUG i++; +#endif sigw->sig->next = NULL; if (de_ctx->sig_list == NULL) { /* First entry on the list */ diff -Nru suricata-6.0.9/src/detect-engine-tag.c suricata-6.0.10/src/detect-engine-tag.c --- suricata-6.0.9/src/detect-engine-tag.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-engine-tag.c 2023-01-31 06:26:24.000000000 +0000 @@ -77,7 +77,7 @@ /** \brief Reset the tagging engine context */ -void TagRestartCtx() +void TagRestartCtx(void) { TagDestroyCtx(); TagInitCtx(); diff -Nru suricata-6.0.9/src/detect-engine-threshold.c suricata-6.0.10/src/detect-engine-threshold.c --- suricata-6.0.9/src/detect-engine-threshold.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-engine-threshold.c 2023-01-31 06:26:24.000000000 +0000 @@ -302,7 +302,6 @@ case TH_ACTION_DROP: pa->flags |= PACKET_ALERT_RATE_FILTER_MODIFIED; pa->action = ACTION_DROP; - SCLogNotice("DROP DROP DROP DROP DROP DROP"); break; case TH_ACTION_REJECT: pa->flags |= PACKET_ALERT_RATE_FILTER_MODIFIED; diff -Nru suricata-6.0.9/src/detect-http-uri.c suricata-6.0.10/src/detect-http-uri.c --- suricata-6.0.9/src/detect-http-uri.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-http-uri.c 2023-01-31 06:26:24.000000000 +0000 @@ -55,7 +55,6 @@ #include "app-layer-htp.h" #include "detect-http-uri.h" -#include "detect-uricontent.h" #include "stream-tcp.h" #ifdef UNITTESTS diff -Nru suricata-6.0.9/src/detect-pcre.c suricata-6.0.10/src/detect-pcre.c --- suricata-6.0.9/src/detect-pcre.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-pcre.c 2023-01-31 06:26:24.000000000 +0000 @@ -874,11 +874,14 @@ goto error; #ifdef PCRE_HAVE_JIT_EXEC - /* Deliberately silent on failures. Not having a context id means - * JIT will be bypassed */ - pd->thread_ctx_jit_stack_id = DetectRegisterThreadCtxFuncs(de_ctx, "pcre", - DetectPcreThreadInit, (void *)pd, - DetectPcreThreadFree, 1); + if (pcre_use_jit) { + /* Deliberately silent on failures. Not having a context id means + * JIT will be bypassed */ + pd->thread_ctx_jit_stack_id = DetectRegisterThreadCtxFuncs( + de_ctx, "pcre", DetectPcreThreadInit, (void *)pd, DetectPcreThreadFree, 1); + } else { + pd->thread_ctx_jit_stack_id = -1; + } #endif int sm_list = -1; diff -Nru suricata-6.0.9/src/detect-tls.c suricata-6.0.10/src/detect-tls.c --- suricata-6.0.9/src/detect-tls.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-tls.c 2023-01-31 06:26:24.000000000 +0000 @@ -1,5 +1,6 @@ /* * Copyright (C) 2011-2012 ANSSI + * Copyright (C) 2022 Open Information Security Foundation * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -57,6 +58,7 @@ #include "app-layer-ssl.h" #include "detect-tls.h" +#include "detect-tls-cert-fingerprint.h" #include "stream-tcp.h" @@ -83,9 +85,6 @@ static int DetectTlsIssuerDNSetup (DetectEngineCtx *, Signature *, const char *); static void DetectTlsIssuerDNFree(DetectEngineCtx *, void *); -static int DetectTlsFingerprintMatch (DetectEngineThreadCtx *, - Flow *, uint8_t, void *, void *, - const Signature *, const SigMatchCtx *); static int DetectTlsFingerprintSetup (DetectEngineCtx *, Signature *, const char *); static void DetectTlsFingerprintFree(DetectEngineCtx *, void *); @@ -94,6 +93,7 @@ Packet *, const Signature *s, const SigMatchCtx *unused); static int g_tls_cert_list_id = 0; +static int g_tls_cert_fingerprint_list_id = 0; static int InspectTlsCert(ThreadVars *tv, DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, @@ -131,7 +131,6 @@ sigmatch_table[DETECT_AL_TLS_FINGERPRINT].name = "tls.fingerprint"; sigmatch_table[DETECT_AL_TLS_FINGERPRINT].desc = "match TLS/SSL certificate SHA1 fingerprint"; sigmatch_table[DETECT_AL_TLS_FINGERPRINT].url = "/rules/tls-keywords.html#tls-fingerprint"; - sigmatch_table[DETECT_AL_TLS_FINGERPRINT].AppLayerTxMatch = DetectTlsFingerprintMatch; sigmatch_table[DETECT_AL_TLS_FINGERPRINT].Setup = DetectTlsFingerprintSetup; sigmatch_table[DETECT_AL_TLS_FINGERPRINT].Free = DetectTlsFingerprintFree; sigmatch_table[DETECT_AL_TLS_FINGERPRINT].flags = SIGMATCH_QUOTES_MANDATORY|SIGMATCH_HANDLE_NEGATION; @@ -150,6 +149,7 @@ DetectSetupParseRegexes(PARSE_REGEX_FINGERPRINT, &fingerprint_parse_regex); g_tls_cert_list_id = DetectBufferTypeRegister("tls_cert"); + g_tls_cert_fingerprint_list_id = DetectBufferTypeRegister("tls.cert_fingerprint"); DetectAppLayerInspectEngineRegister("tls_cert", ALPROTO_TLS, SIG_FLAG_TOCLIENT, TLS_STATE_CERT_READY, @@ -545,129 +545,6 @@ * \retval pointer to DetectTlsData on success * \retval NULL on failure */ -static DetectTlsData *DetectTlsFingerprintParse (DetectEngineCtx *de_ctx, const char *str, bool negate) -{ - DetectTlsData *tls = NULL; - int ret = 0, res = 0; - int ov[MAX_SUBSTRINGS]; - const char *str_ptr; - char *orig; - char *tmp_str; - uint32_t flag = 0; - - ret = DetectParsePcreExec(&fingerprint_parse_regex, str, 0, 0, ov, MAX_SUBSTRINGS); - if (ret != 2) { - SCLogError(SC_ERR_PCRE_MATCH, "invalid tls.fingerprint option"); - goto error; - } - - if (negate) - flag = DETECT_CONTENT_NEGATED; - - res = pcre_get_substring((char *)str, ov, MAX_SUBSTRINGS, 1, &str_ptr); - if (res < 0) { - SCLogError(SC_ERR_PCRE_GET_SUBSTRING, "pcre_get_substring failed"); - goto error; - } - - /* We have a correct id option */ - tls = SCMalloc(sizeof(DetectTlsData)); - if (unlikely(tls == NULL)) - goto error; - tls->fingerprint = NULL; - tls->flags = flag; - - orig = SCStrdup((char*)str_ptr); - if (unlikely(orig == NULL)) { - goto error; - } - pcre_free_substring(str_ptr); - - tmp_str=orig; - - /* Let's see if we need to escape "'s */ - if (tmp_str[0] == '"') - { - tmp_str[strlen(tmp_str) - 1] = '\0'; - tmp_str += 1; - } - - tls->fingerprint = SCStrdup(tmp_str); - if (tls->fingerprint == NULL) { - SCLogError(SC_ERR_MEM_ALLOC, "Unable to allocate fingerprint"); - } - - SCFree(orig); - - SCLogDebug("will look for TLS fingerprint %s", tls->fingerprint); - - return tls; - -error: - if (tls != NULL) - DetectTlsFingerprintFree(de_ctx, tls); - return NULL; - -} -/** - * \brief match the specified fingerprint on a tls session - * - * \param t pointer to thread vars - * \param det_ctx pointer to the pattern matcher thread - * \param p pointer to the current packet - * \param m pointer to the sigmatch that we will cast into DetectTlsData - * - * \retval 0 no match - * \retval 1 match - */ -static int DetectTlsFingerprintMatch (DetectEngineThreadCtx *det_ctx, - Flow *f, uint8_t flags, void *state, void *txv, - const Signature *s, const SigMatchCtx *m) -{ - SCEnter(); - const DetectTlsData *tls_data = (const DetectTlsData *)m; - SSLState *ssl_state = (SSLState *)state; - if (ssl_state == NULL) { - SCLogDebug("no tls state, no match"); - SCReturnInt(0); - } - - int ret = 0; - - SSLStateConnp *connp = NULL; - if (flags & STREAM_TOSERVER) { - connp = &ssl_state->client_connp; - } else { - connp = &ssl_state->server_connp; - } - - if (connp->cert0_fingerprint != NULL) { - SCLogDebug("TLS: Fingerprint is [%s], looking for [%s]\n", - connp->cert0_fingerprint, - tls_data->fingerprint); - - if (tls_data->fingerprint && - (strstr(connp->cert0_fingerprint, - tls_data->fingerprint) != NULL)) { - if (tls_data->flags & DETECT_CONTENT_NEGATED) { - ret = 0; - } else { - ret = 1; - - } - } else { - if (tls_data->flags & DETECT_CONTENT_NEGATED) { - ret = 1; - } else { - ret = 0; - } - } - } else { - ret = 0; - } - - SCReturnInt(ret); -} /** * \brief this function is used to add the parsed "fingerprint" option @@ -682,35 +559,16 @@ */ static int DetectTlsFingerprintSetup (DetectEngineCtx *de_ctx, Signature *s, const char *str) { - DetectTlsData *tls = NULL; - SigMatch *sm = NULL; - if (DetectSignatureSetAppProto(s, ALPROTO_TLS) != 0) + if (DetectContentSetup(de_ctx, s, str) < 0) { return -1; + } - tls = DetectTlsFingerprintParse(de_ctx, str, s->init_data->negated); - if (tls == NULL) - goto error; - - /* Okay so far so good, lets get this into a SigMatch - * and put it in the Signature. */ - sm = SigMatchAlloc(); - if (sm == NULL) - goto error; - - sm->type = DETECT_AL_TLS_FINGERPRINT; - sm->ctx = (void *)tls; + if (DetectEngineContentModifierBufferSetup(de_ctx, s, NULL, DETECT_AL_TLS_CERT_FINGERPRINT, + g_tls_cert_fingerprint_list_id, ALPROTO_TLS) < 0) + return -1; - SigMatchAppendSMToList(s, sm, g_tls_cert_list_id); return 0; - -error: - if (tls != NULL) - DetectTlsFingerprintFree(de_ctx, tls); - if (sm != NULL) - SCFree(sm); - return -1; - } /** @@ -772,4 +630,4 @@ ssl_state->server_connp.cert_log_flag |= SSL_TLS_LOG_PEM; SCReturnInt(1); -} \ No newline at end of file +} diff -Nru suricata-6.0.9/src/detect-tls-ja3-hash.c suricata-6.0.10/src/detect-tls-ja3-hash.c --- suricata-6.0.9/src/detect-tls-ja3-hash.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-tls-ja3-hash.c 2023-01-31 06:26:24.000000000 +0000 @@ -59,9 +59,6 @@ #include "util-unittest-helper.h" static int DetectTlsJa3HashSetup(DetectEngineCtx *, Signature *, const char *); -#ifdef UNITTESTS -static void DetectTlsJa3HashRegisterTests(void); -#endif static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, @@ -82,9 +79,6 @@ sigmatch_table[DETECT_AL_TLS_JA3_HASH].desc = "content modifier to match the JA3 hash buffer"; sigmatch_table[DETECT_AL_TLS_JA3_HASH].url = "/rules/ja3-keywords.html#ja3-hash"; sigmatch_table[DETECT_AL_TLS_JA3_HASH].Setup = DetectTlsJa3HashSetup; -#ifdef UNITTESTS - sigmatch_table[DETECT_AL_TLS_JA3_HASH].RegisterTests = DetectTlsJa3HashRegisterTests; -#endif sigmatch_table[DETECT_AL_TLS_JA3_HASH].flags |= SIGMATCH_NOOPT; sigmatch_table[DETECT_AL_TLS_JA3_HASH].flags |= SIGMATCH_INFO_STICKY_BUFFER; @@ -220,7 +214,3 @@ } } } - -#ifdef UNITTESTS -#include "tests/detect-tls-ja3-hash.c" -#endif diff -Nru suricata-6.0.9/src/detect-tls-ja3s-hash.c suricata-6.0.10/src/detect-tls-ja3s-hash.c --- suricata-6.0.9/src/detect-tls-ja3s-hash.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-tls-ja3s-hash.c 2023-01-31 06:26:24.000000000 +0000 @@ -59,9 +59,6 @@ #include "util-unittest-helper.h" static int DetectTlsJa3SHashSetup(DetectEngineCtx *, Signature *, const char *); -#ifdef UNITTESTS -static void DetectTlsJa3SHashRegisterTests(void); -#endif static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, @@ -81,9 +78,6 @@ sigmatch_table[DETECT_AL_TLS_JA3S_HASH].desc = "content modifier to match the JA3S hash sticky buffer"; sigmatch_table[DETECT_AL_TLS_JA3S_HASH].url = "/rules/ja3-keywords.html#ja3s-hash"; sigmatch_table[DETECT_AL_TLS_JA3S_HASH].Setup = DetectTlsJa3SHashSetup; -#ifdef UNITTESTS - sigmatch_table[DETECT_AL_TLS_JA3S_HASH].RegisterTests = DetectTlsJa3SHashRegisterTests; -#endif sigmatch_table[DETECT_AL_TLS_JA3S_HASH].flags |= SIGMATCH_NOOPT; sigmatch_table[DETECT_AL_TLS_JA3S_HASH].flags |= SIGMATCH_INFO_STICKY_BUFFER; @@ -218,7 +212,3 @@ } } } - -#ifdef UNITTESTS -#include "tests/detect-tls-ja3s-hash.c" -#endif diff -Nru suricata-6.0.9/src/detect-tls-ja3s-string.c suricata-6.0.10/src/detect-tls-ja3s-string.c --- suricata-6.0.9/src/detect-tls-ja3s-string.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-tls-ja3s-string.c 2023-01-31 06:26:24.000000000 +0000 @@ -59,9 +59,6 @@ #include "util-unittest-helper.h" static int DetectTlsJa3SStringSetup(DetectEngineCtx *, Signature *, const char *); -#ifdef UNITTESTS -static void DetectTlsJa3SStringRegisterTests(void); -#endif static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, @@ -77,9 +74,6 @@ sigmatch_table[DETECT_AL_TLS_JA3S_STRING].desc = "content modifier to match the JA3S string sticky buffer"; sigmatch_table[DETECT_AL_TLS_JA3S_STRING].url = "/rules/ja3-keywords.html#ja3s-string"; sigmatch_table[DETECT_AL_TLS_JA3S_STRING].Setup = DetectTlsJa3SStringSetup; -#ifdef UNITTESTS - sigmatch_table[DETECT_AL_TLS_JA3S_STRING].RegisterTests = DetectTlsJa3SStringRegisterTests; -#endif sigmatch_table[DETECT_AL_TLS_JA3S_STRING].flags |= SIGMATCH_NOOPT; sigmatch_table[DETECT_AL_TLS_JA3S_STRING].flags |= SIGMATCH_INFO_STICKY_BUFFER; @@ -148,7 +142,3 @@ return buffer; } - -#ifdef UNITTESTS -#include "tests/detect-tls-ja3s-string.c" -#endif diff -Nru suricata-6.0.9/src/detect-tls-ja3-string.c suricata-6.0.10/src/detect-tls-ja3-string.c --- suricata-6.0.9/src/detect-tls-ja3-string.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-tls-ja3-string.c 2023-01-31 06:26:24.000000000 +0000 @@ -59,9 +59,6 @@ #include "util-unittest-helper.h" static int DetectTlsJa3StringSetup(DetectEngineCtx *, Signature *, const char *); -#ifdef UNITTESTS -static void DetectTlsJa3StringRegisterTests(void); -#endif static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, @@ -78,9 +75,6 @@ sigmatch_table[DETECT_AL_TLS_JA3_STRING].desc = "content modifier to match the JA3 string buffer"; sigmatch_table[DETECT_AL_TLS_JA3_STRING].url = "/rules/ja3-keywords.html#ja3-string"; sigmatch_table[DETECT_AL_TLS_JA3_STRING].Setup = DetectTlsJa3StringSetup; -#ifdef UNITTESTS - sigmatch_table[DETECT_AL_TLS_JA3_STRING].RegisterTests = DetectTlsJa3StringRegisterTests; -#endif sigmatch_table[DETECT_AL_TLS_JA3_STRING].flags |= SIGMATCH_NOOPT; sigmatch_table[DETECT_AL_TLS_JA3_STRING].flags |= SIGMATCH_INFO_STICKY_BUFFER; @@ -149,7 +143,3 @@ return buffer; } - -#ifdef UNITTESTS -#include "tests/detect-tls-ja3-string.c" -#endif diff -Nru suricata-6.0.9/src/detect-tls-sni.c suricata-6.0.10/src/detect-tls-sni.c --- suricata-6.0.9/src/detect-tls-sni.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/detect-tls-sni.c 2023-01-31 06:26:24.000000000 +0000 @@ -55,9 +55,6 @@ #include "util-unittest-helper.h" static int DetectTlsSniSetup(DetectEngineCtx *, Signature *, const char *); -#ifdef UNITTESTS -static void DetectTlsSniRegisterTests(void); -#endif static InspectionBuffer *GetData(DetectEngineThreadCtx *det_ctx, const DetectEngineTransforms *transforms, Flow *f, const uint8_t flow_flags, @@ -74,9 +71,6 @@ sigmatch_table[DETECT_AL_TLS_SNI].desc = "content modifier to match specifically and only on the TLS SNI buffer"; sigmatch_table[DETECT_AL_TLS_SNI].url = "/rules/tls-keywords.html#tls-sni"; sigmatch_table[DETECT_AL_TLS_SNI].Setup = DetectTlsSniSetup; -#ifdef UNITTESTS - sigmatch_table[DETECT_AL_TLS_SNI].RegisterTests = DetectTlsSniRegisterTests; -#endif sigmatch_table[DETECT_AL_TLS_SNI].flags |= SIGMATCH_NOOPT; sigmatch_table[DETECT_AL_TLS_SNI].flags |= SIGMATCH_INFO_STICKY_BUFFER; @@ -135,7 +129,3 @@ return buffer; } - -#ifdef UNITTESTS -#include "tests/detect-tls-sni.c" -#endif diff -Nru suricata-6.0.9/src/flow-bypass.c suricata-6.0.10/src/flow-bypass.c --- suricata-6.0.9/src/flow-bypass.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/flow-bypass.c 2023-01-31 06:26:24.000000000 +0000 @@ -180,7 +180,7 @@ #endif /** \brief spawn the flow bypass manager thread */ -void BypassedFlowManagerThreadSpawn() +void BypassedFlowManagerThreadSpawn(void) { #ifdef CAPTURE_OFFLOAD_MANAGER diff -Nru suricata-6.0.9/src/flow-manager.c suricata-6.0.10/src/flow-manager.c --- suricata-6.0.9/src/flow-manager.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/flow-manager.c 2023-01-31 06:26:24.000000000 +0000 @@ -737,12 +737,12 @@ uint16_t flow_mgr_host_spare = StatsRegisterCounter("hosts.spare", th_v); */ memset(&ts, 0, sizeof(ts)); - uint32_t hash_passes = 0; #ifdef FM_PROFILE + uint32_t hash_passes = 0; uint32_t hash_row_checks = 0; uint32_t hash_passes_chunks = 0; -#endif uint32_t hash_full_passes = 0; +#endif const uint32_t min_timeout = FlowTimeoutsMin(); const uint32_t pass_in_sec = min_timeout ? min_timeout * 8 : 60; @@ -836,10 +836,9 @@ if (emerg) { /* in emergency mode, do a full pass of the hash table */ FlowTimeoutHash(&ftd->timeout, &ts, ftd->min, ftd->max, &counters); - hash_passes++; +#ifdef FM_PROFILE hash_full_passes++; hash_passes++; -#ifdef FM_PROFILE hash_passes_chunks += 1; hash_row_checks += counters.rows_checked; #endif @@ -853,12 +852,14 @@ hash_pass_iter++; if (hash_pass_iter == pass_in_sec) { hash_pass_iter = 0; +#ifdef FM_PROFILE hash_full_passes++; +#endif StatsIncr(th_v, ftd->cnt.flow_mgr_full_pass); } } - hash_passes++; #ifdef FM_PROFILE + hash_passes++; hash_row_checks += counters.rows_checked; hash_passes_chunks += chunks; #endif @@ -1028,7 +1029,7 @@ } /** \brief spawn the flow manager thread */ -void FlowManagerThreadSpawn() +void FlowManagerThreadSpawn(void) { intmax_t setting = 1; (void)ConfGetInt("flow.managers", &setting); @@ -1105,9 +1106,9 @@ uint64_t recycled_cnt = 0; struct timeval ts; memset(&ts, 0, sizeof(ts)); - uint32_t fr_passes = 0; #ifdef FM_PROFILE + uint32_t fr_passes = 0; struct timeval endts; struct timeval active; struct timeval paused; @@ -1144,8 +1145,8 @@ #endif TmThreadsUnsetFlag(th_v, THV_PAUSED); } - fr_passes++; #ifdef FM_PROFILE + fr_passes++; struct timeval run_startts; memset(&run_startts, 0, sizeof(run_startts)); gettimeofday(&run_startts, NULL); @@ -1243,7 +1244,7 @@ } /** \brief spawn the flow recycler thread */ -void FlowRecyclerThreadSpawn() +void FlowRecyclerThreadSpawn(void) { intmax_t setting = 1; (void)ConfGetInt("flow.recyclers", &setting); @@ -1286,8 +1287,6 @@ */ void FlowDisableFlowRecyclerThread(void) { - int cnt = 0; - /* move all flows still in the hash to the recycler queue */ #ifndef DEBUG (void)FlowCleanupHash(); @@ -1309,7 +1308,6 @@ strlen(thread_name_flow_rec)) == 0) { TmThreadsSetFlag(tv, THV_KILL); - cnt++; } } SCMutexUnlock(&tv_root_lock); diff -Nru suricata-6.0.9/src/flow-queue.c suricata-6.0.10/src/flow-queue.c --- suricata-6.0.9/src/flow-queue.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/flow-queue.c 2023-01-31 06:26:24.000000000 +0000 @@ -33,7 +33,7 @@ #include "util-debug.h" #include "util-print.h" -FlowQueue *FlowQueueNew() +FlowQueue *FlowQueueNew(void) { FlowQueue *q = (FlowQueue *)SCMalloc(sizeof(FlowQueue)); if (q == NULL) { diff -Nru suricata-6.0.9/src/host-queue.c suricata-6.0.10/src/host-queue.c --- suricata-6.0.9/src/host-queue.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/host-queue.c 2023-01-31 06:26:24.000000000 +0000 @@ -40,7 +40,7 @@ return q; } -HostQueue *HostQueueNew() +HostQueue *HostQueueNew(void) { HostQueue *q = (HostQueue *)SCMalloc(sizeof(HostQueue)); if (q == NULL) { diff -Nru suricata-6.0.9/src/ippair-queue.c suricata-6.0.10/src/ippair-queue.c --- suricata-6.0.9/src/ippair-queue.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/ippair-queue.c 2023-01-31 06:26:24.000000000 +0000 @@ -40,7 +40,7 @@ return q; } -IPPairQueue *IPPairQueueNew() +IPPairQueue *IPPairQueueNew(void) { IPPairQueue *q = (IPPairQueue *)SCMalloc(sizeof(IPPairQueue)); if (q == NULL) { diff -Nru suricata-6.0.9/src/log-cf-common.c suricata-6.0.10/src/log-cf-common.c --- suricata-6.0.9/src/log-cf-common.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/log-cf-common.c 2023-01-31 06:26:24.000000000 +0000 @@ -34,7 +34,7 @@ * \retval LogCustomFormatNode * ptr if created * \retval NULL if failed to allocate */ -LogCustomFormatNode * LogCustomFormatNodeAlloc() +LogCustomFormatNode *LogCustomFormatNodeAlloc(void) { LogCustomFormatNode * node = SCCalloc(1, sizeof(LogCustomFormatNode)); if (unlikely(node == NULL)) { @@ -49,7 +49,7 @@ * \retval LogCustomFormat * ptr if created * \retval NULL if failed to allocate */ -LogCustomFormat * LogCustomFormatAlloc() +LogCustomFormat *LogCustomFormatAlloc(void) { LogCustomFormat * cf = SCCalloc(1, sizeof(LogCustomFormat)); if (unlikely(cf == NULL)) { diff -Nru suricata-6.0.9/src/Makefile.am suricata-6.0.10/src/Makefile.am --- suricata-6.0.9/src/Makefile.am 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/Makefile.am 2023-01-31 06:26:24.000000000 +0000 @@ -621,11 +621,6 @@ tests/detect-tls-cert-serial.c \ tests/detect-tls-cert-subject.c \ tests/detect-tls-cert-validity.c \ - tests/detect-tls-ja3-hash.c \ - tests/detect-tls-ja3s-hash.c \ - tests/detect-tls-ja3s-string.c \ - tests/detect-tls-ja3-string.c \ - tests/detect-tls-sni.c \ tests/detect-tls-version.c \ tests/detect-transform-pcrexform.c \ tests/detect-ttl.c \ diff -Nru suricata-6.0.9/src/Makefile.in suricata-6.0.10/src/Makefile.in --- suricata-6.0.9/src/Makefile.in 2022-11-28 06:35:27.000000000 +0000 +++ suricata-6.0.10/src/Makefile.in 2023-01-31 06:30:32.000000000 +0000 @@ -1858,11 +1858,6 @@ tests/detect-tls-cert-serial.c \ tests/detect-tls-cert-subject.c \ tests/detect-tls-cert-validity.c \ - tests/detect-tls-ja3-hash.c \ - tests/detect-tls-ja3s-hash.c \ - tests/detect-tls-ja3s-string.c \ - tests/detect-tls-ja3-string.c \ - tests/detect-tls-sni.c \ tests/detect-tls-version.c \ tests/detect-transform-pcrexform.c \ tests/detect-ttl.c \ diff -Nru suricata-6.0.9/src/output-filestore.c suricata-6.0.10/src/output-filestore.c --- suricata-6.0.9/src/output-filestore.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/output-filestore.c 2023-01-31 06:26:24.000000000 +0000 @@ -170,8 +170,8 @@ WARN_ONCE(SC_ERR_SPRINTF, "Failed to write file info record. Output filename truncated."); } else { - JsonBuilder *js_fileinfo = JsonBuildFileInfoRecord(p, ff, true, dir, - ctx->xff_cfg); + JsonBuilder *js_fileinfo = + JsonBuildFileInfoRecord(p, ff, true, dir, ctx->xff_cfg, NULL); if (likely(js_fileinfo != NULL)) { jb_close(js_fileinfo); FILE *out = fopen(js_metadata_filename, "w"); diff -Nru suricata-6.0.9/src/output-json-dcerpc.c suricata-6.0.10/src/output-json-dcerpc.c --- suricata-6.0.9/src/output-json-dcerpc.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/output-json-dcerpc.c 2023-01-31 06:26:24.000000000 +0000 @@ -50,6 +50,7 @@ if (unlikely(jb == NULL)) { return TM_ECODE_FAILED; } + EveAddCommonOptions(&thread->ctx->cfg, p, f, jb); jb_open_object(jb, "dcerpc"); if (p->proto == IPPROTO_TCP) { diff -Nru suricata-6.0.9/src/output-json-file.c suricata-6.0.10/src/output-json-file.c --- suricata-6.0.9/src/output-json-file.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/output-json-file.c 2023-01-31 06:26:24.000000000 +0000 @@ -74,6 +74,7 @@ uint32_t file_cnt; HttpXFFCfg *xff_cfg; HttpXFFCfg *parent_xff_cfg; + OutputJsonCommonSettings cfg; } OutputFileCtx; typedef struct JsonFileLogThread_ { @@ -82,8 +83,8 @@ MemBuffer *buffer; } JsonFileLogThread; -JsonBuilder *JsonBuildFileInfoRecord(const Packet *p, const File *ff, - const bool stored, uint8_t dir, HttpXFFCfg *xff_cfg) +JsonBuilder *JsonBuildFileInfoRecord(const Packet *p, const File *ff, const bool stored, + uint8_t dir, HttpXFFCfg *xff_cfg, OutputJsonCommonSettings *cfg) { enum OutputJsonLogDirection fdir = LOG_DIR_FLOW; @@ -122,6 +123,9 @@ JsonBuilder *js = CreateEveHeader(p, fdir, "fileinfo", &addr); if (unlikely(js == NULL)) return NULL; + if (cfg != NULL) { + EveAddCommonOptions(cfg, p, p->flow, js); + } JsonBuilderMark mark = { 0, 0, 0 }; switch (p->flow->alproto) { @@ -207,8 +211,8 @@ { HttpXFFCfg *xff_cfg = aft->filelog_ctx->xff_cfg != NULL ? aft->filelog_ctx->xff_cfg : aft->filelog_ctx->parent_xff_cfg;; - JsonBuilder *js = JsonBuildFileInfoRecord(p, ff, - ff->flags & FILE_STORED ? true : false, dir, xff_cfg); + JsonBuilder *js = JsonBuildFileInfoRecord( + p, ff, ff->flags & FILE_STORED ? true : false, dir, xff_cfg, &aft->filelog_ctx->cfg); if (unlikely(js == NULL)) { return; } @@ -313,6 +317,7 @@ } output_file_ctx->file_ctx = ojc->file_ctx; + output_file_ctx->cfg = ojc->cfg; if (conf) { const char *force_filestore = ConfNodeLookupChildValue(conf, "force-filestore"); diff -Nru suricata-6.0.9/src/output-json-file.h suricata-6.0.10/src/output-json-file.h --- suricata-6.0.9/src/output-json-file.h 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/output-json-file.h 2023-01-31 06:26:24.000000000 +0000 @@ -25,9 +25,10 @@ #define __OUTPUT_JSON_FILE_H__ #include "app-layer-htp-xff.h" +#include "output-json.h" void JsonFileLogRegister(void); -JsonBuilder *JsonBuildFileInfoRecord(const Packet *p, const File *ff, - const bool stored, uint8_t dir, HttpXFFCfg *xff_cfg); +JsonBuilder *JsonBuildFileInfoRecord(const Packet *p, const File *ff, const bool stored, + uint8_t dir, HttpXFFCfg *xff_cfg, OutputJsonCommonSettings *cfg); #endif /* __OUTPUT_JSON_FILE_H__ */ diff -Nru suricata-6.0.9/src/output-json-ftp.c suricata-6.0.10/src/output-json-ftp.c --- suricata-6.0.9/src/output-json-ftp.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/output-json-ftp.c 2023-01-31 06:26:24.000000000 +0000 @@ -87,7 +87,6 @@ bool reply_truncated = false; if (!TAILQ_EMPTY(&tx->response_list)) { - int resp_code_cnt = 0; int resp_cnt = 0; FTPString *response; bool is_cc_array_open = false; @@ -115,7 +114,6 @@ is_cc_array_open = true; } jb_append_string_from_bytes(jb, (const uint8_t *)where, 3); - resp_code_cnt++; offset = 4; } } diff -Nru suricata-6.0.9/src/output-json-mqtt.c suricata-6.0.10/src/output-json-mqtt.c --- suricata-6.0.9/src/output-json-mqtt.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/output-json-mqtt.c 2023-01-31 06:26:24.000000000 +0000 @@ -52,6 +52,7 @@ typedef struct LogMQTTFileCtx_ { LogFileCtx *file_ctx; uint32_t flags; + OutputJsonCommonSettings cfg; } LogMQTTFileCtx; typedef struct LogMQTTLogThread_ { @@ -90,6 +91,7 @@ if (unlikely(js == NULL)) { return TM_ECODE_FAILED; } + EveAddCommonOptions(&thread->mqttlog_ctx->cfg, p, f, js); if (!rs_mqtt_logger_log(state, tx, thread->mqttlog_ctx->flags, js)) goto error; @@ -137,6 +139,7 @@ return result; } mqttlog_ctx->file_ctx = ajt->file_ctx; + mqttlog_ctx->cfg = ajt->cfg; OutputCtx *output_ctx = SCCalloc(1, sizeof(*output_ctx)); if (unlikely(output_ctx == NULL)) { diff -Nru suricata-6.0.9/src/output-json-rfb.c suricata-6.0.10/src/output-json-rfb.c --- suricata-6.0.9/src/output-json-rfb.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/output-json-rfb.c 2023-01-31 06:26:24.000000000 +0000 @@ -49,6 +49,7 @@ typedef struct LogRFBFileCtx_ { LogFileCtx *file_ctx; uint32_t flags; + OutputJsonCommonSettings cfg; } LogRFBFileCtx; typedef struct LogRFBLogThread_ { @@ -80,6 +81,8 @@ return TM_ECODE_FAILED; } + EveAddCommonOptions(&thread->rfblog_ctx->cfg, p, f, js); + if (!rs_rfb_logger_log(NULL, tx, js)) { goto error; } @@ -113,6 +116,7 @@ return result; } rfblog_ctx->file_ctx = ajt->file_ctx; + rfblog_ctx->cfg = ajt->cfg; OutputCtx *output_ctx = SCCalloc(1, sizeof(*output_ctx)); if (unlikely(output_ctx == NULL)) { diff -Nru suricata-6.0.9/src/output-tx.c suricata-6.0.10/src/output-tx.c --- suricata-6.0.9/src/output-tx.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/output-tx.c 2023-01-31 06:26:24.000000000 +0000 @@ -225,6 +225,8 @@ SCLogDebug("tx %p/%"PRIu64" txd %p: log_flags %x", tx, tx_id, txd, txd->config.log_flags); if (txd->config.log_flags & BIT_U8(CONFIG_TYPE_TX)) { SCLogDebug("SKIP tx %p/%"PRIu64, tx, tx_id); + // so that AppLayerParserTransactionsCleanup can clean this tx + txd->logged.flags |= logger_expectation; goto next_tx; } diff -Nru suricata-6.0.9/src/runmode-af-packet.c suricata-6.0.10/src/runmode-af-packet.c --- suricata-6.0.9/src/runmode-af-packet.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/runmode-af-packet.c 2023-01-31 06:26:24.000000000 +0000 @@ -717,7 +717,7 @@ return afp->threads; } -int AFPRunModeIsIPS() +int AFPRunModeIsIPS(void) { int nlive = LiveGetDeviceCount(); int ldev; diff -Nru suricata-6.0.9/src/runmode-netmap.c suricata-6.0.10/src/runmode-netmap.c --- suricata-6.0.9/src/runmode-netmap.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/runmode-netmap.c 2023-01-31 06:26:24.000000000 +0000 @@ -53,7 +53,7 @@ #include "util-ioctl.h" #include "util-byte.h" -#ifdef HAVE_NETMAP +#if HAVE_NETMAP && USE_NEW_NETMAP_API #define NETMAP_WITH_LIBS #include #endif /* HAVE_NETMAP */ @@ -70,14 +70,11 @@ void RunModeIdsNetmapRegister(void) { #if HAVE_NETMAP - SCLogInfo("Using netmap version %d [" #if USE_NEW_NETMAP_API - "new" -#else - "legacy" -#endif + SCLogInfo("Using netmap version %d" " API interfaces]", NETMAP_API); +#endif RunModeRegisterNewRunMode(RUNMODE_NETMAP, "single", "Single threaded netmap mode", RunModeIdsNetmapSingle); @@ -127,6 +124,7 @@ } } +#ifdef USE_NEW_NETMAP_API /* we will need the base interface name for later */ char base_name[IFNAMSIZ]; strlcpy(base_name, ns->iface, sizeof(base_name)); @@ -134,6 +132,9 @@ (base_name[strlen(base_name) - 1] == '^' || base_name[strlen(base_name) - 1] == '*')) { base_name[strlen(base_name) - 1] = '\0'; } +#else + char *base_name = ns->iface; +#endif /* prefixed with netmap or vale means it's not a real interface * and we don't check offloading. */ @@ -254,6 +255,7 @@ ns->threads = 1; } + SCLogDebug("Setting thread count to %d", ns->threads); return 0; } @@ -373,7 +375,7 @@ return aconf->in.threads; } -int NetmapRunModeIsIPS() +int NetmapRunModeIsIPS(void) { int nlive = LiveGetDeviceCount(); int ldev; diff -Nru suricata-6.0.9/src/source-af-packet.c suricata-6.0.10/src/source-af-packet.c --- suricata-6.0.9/src/source-af-packet.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/source-af-packet.c 2023-01-31 06:26:24.000000000 +0000 @@ -437,7 +437,7 @@ /** * \brief Init the global list of ::AFPPeer */ -TmEcode AFPPeersListInit() +TmEcode AFPPeersListInit(void) { SCEnter(); TAILQ_INIT(&peerslist.peers); @@ -454,7 +454,7 @@ * * \retval TM_ECODE_FAILED if some threads are not peered or TM_ECODE_OK else. */ -TmEcode AFPPeersListCheck() +TmEcode AFPPeersListCheck(void) { #define AFP_PEERS_MAX_TRY 4 #define AFP_PEERS_WAIT 20000 @@ -569,7 +569,7 @@ /** * \brief Clean the global peers list. */ -void AFPPeersListClean() +void AFPPeersListClean(void) { AFPPeer *pitem; diff -Nru suricata-6.0.9/src/source-netmap.c suricata-6.0.10/src/source-netmap.c --- suricata-6.0.9/src/source-netmap.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/source-netmap.c 2023-01-31 06:26:24.000000000 +0000 @@ -187,10 +187,15 @@ */ int NetmapGetRSSCount(const char *ifname) { +#if USE_NEW_NETMAP_API struct nmreq_port_info_get req; struct nmreq_header hdr; +#else + struct nmreq nm_req; +#endif int rx_rings = 0; +#if USE_NEW_NETMAP_API /* we need the base interface name to query queues */ char base_name[IFNAMSIZ]; strlcpy(base_name, ifname, sizeof(base_name)); @@ -198,7 +203,7 @@ (base_name[strlen(base_name) - 1] == '^' || base_name[strlen(base_name) - 1] == '*')) { base_name[strlen(base_name) - 1] = '\0'; } - +#endif SCMutexLock(&netmap_devlist_lock); /* open netmap device */ @@ -211,23 +216,36 @@ } /* query netmap interface info */ +#if USE_NEW_NETMAP_API memset(&req, 0, sizeof(req)); memset(&hdr, 0, sizeof(hdr)); hdr.nr_version = NETMAP_API; hdr.nr_reqtype = NETMAP_REQ_PORT_INFO_GET; hdr.nr_body = (uintptr_t)&req; strlcpy(hdr.nr_name, base_name, sizeof(hdr.nr_name)); +#else + memset(&nm_req, 0, sizeof(nm_req)); + strlcpy(nm_req.nr_name, ifname, sizeof(nm_req.nr_name)); + nm_req.nr_version = NETMAP_API; +#endif +#if USE_NEW_NETMAP_API if (ioctl(fd, NIOCCTRL, &hdr) != 0) { +#else + if (ioctl(fd, NIOCGINFO, &nm_req) != 0) { +#endif SCLogError(SC_ERR_NETMAP_CREATE, "Couldn't query netmap for info about %s, error %s", ifname, strerror(errno)); goto error_fd; }; +#if USE_NEW_NETMAP_API /* return RX rings count if it equals TX rings count */ - if (req.nr_rx_rings == req.nr_tx_rings) { + if (req.nr_rx_rings == req.nr_tx_rings) rx_rings = req.nr_rx_rings; - } +#else + rx_rings = nm_req.nr_rx_rings; +#endif error_fd: close(fd); @@ -412,7 +430,7 @@ ns->iface, ring, strlen(optstr) ? "/" : "", optstr); } else if (strlen(ns->iface) > 5 && strncmp(ns->iface, "vale", 4) == 0 && isdigit(ns->iface[4])) { snprintf(devname, sizeof(devname), "%s", ns->iface); -#if NETMAP_API < 14 || !USET_NET_NETMAP_API +#if NETMAP_API < 14 || !USE_NEW_NETMAP_API } else if (ns->iface[strlen(ns->iface)-1] == '*' || ns->iface[strlen(ns->iface)-1] == '^') { SCLogDebug("device with SW-ring enabled (ns->iface): %s",ns->iface); @@ -500,11 +518,13 @@ FatalError(SC_ERR_FATAL, "opening devname %s failed: %s", devname, strerror(errno)); } +#if USE_NEW_NETMAP_API /* Work around bug in libnetmap library where "cur_{r,t}x_ring" values not initialized */ SCLogDebug("%s -- cur rings: [%d, %d] first rings: [%d, %d]", devname, pdev->nmd->cur_rx_ring, pdev->nmd->cur_tx_ring, pdev->nmd->first_rx_ring, pdev->nmd->first_tx_ring); pdev->nmd->cur_rx_ring = pdev->nmd->first_rx_ring; pdev->nmd->cur_tx_ring = pdev->nmd->first_tx_ring; +#endif SCLogInfo("devname [fd: %d] %s %s opened", pdev->nmd->fd, devname, ns->iface); @@ -597,7 +617,7 @@ if (aconf->in.copy_mode != NETMAP_COPY_MODE_NONE) { if (NetmapOpen(&aconf->out, &ntv->ifdst, 1, 0, (ntv->flags & NETMAP_FLAG_ZERO_COPY) != 0, soft) != 0) { - goto error_src; + goto error_dst; } } @@ -627,7 +647,7 @@ } } - SCLogNotice("thread: %s polling on fd: %d", tv->name, ntv->ifsrc->nmd->fd); + SCLogDebug("thread: %s polling on fd: %d", tv->name, ntv->ifsrc->nmd->fd); *data = (void *)ntv; aconf->DerefFunc(aconf); @@ -636,7 +656,9 @@ if (aconf->in.copy_mode != NETMAP_COPY_MODE_NONE) { NetmapClose(ntv->ifdst); } +#if !USE_NEW_NETMAP_API error_src: +#endif NetmapClose(ntv->ifsrc); error_ntv: SCFree(ntv); @@ -667,12 +689,12 @@ /* attempt to write the packet into the netmap ring buffer(s) */ #if USE_NEW_NETMAP_API if (nmport_inject(ntv->ifdst->nmd, GET_PKT_DATA(p), GET_PKT_LEN(p)) == 0) { - if (ntv->flags & NETMAP_FLAG_EXCL_RING_ACCESS) { - SCMutexUnlock(&ntv->ifdst->netmap_dev_lock); - } #else if (nm_inject(ntv->ifdst->nmd, GET_PKT_DATA(p), GET_PKT_LEN(p)) == 0) { #endif + if (ntv->flags & NETMAP_FLAG_EXCL_RING_ACCESS) { + SCMutexUnlock(&ntv->ifdst->netmap_dev_lock); + } SCLogDebug("failed to send %s -> %s", ntv->ifsrc->ifname, ntv->ifdst->ifname); ntv->drops++; return TM_ECODE_FAILED; @@ -703,12 +725,21 @@ PacketFreeOrRelease(p); } +#if USE_NEW_NETMAP_API static void NetmapProcessPacket(NetmapThreadVars *ntv, const struct nm_pkthdr *ph) +#else +static void NetmapCallback(u_char *user, const struct nm_pkthdr *ph, const u_char *d) +#endif { +#if USE_NEW_NETMAP_API + const u_char *d = ph->buf; +#else + NetmapThreadVars *ntv = (NetmapThreadVars *)user; +#endif if (ntv->bpf_prog.bf_len) { struct pcap_pkthdr pkthdr = { {0, 0}, ph->len, ph->len }; - if (pcap_offline_filter(&ntv->bpf_prog, &pkthdr, ph->buf) == 0) { + if (pcap_offline_filter(&ntv->bpf_prog, &pkthdr, d) == 0) { return; } } @@ -726,12 +757,12 @@ ntv->bytes += ph->len; if (ntv->flags & NETMAP_FLAG_ZERO_COPY) { - if (PacketSetData(p, (uint8_t *)ph->buf, ph->len) == -1) { + if (PacketSetData(p, (uint8_t *)d, ph->len) == -1) { TmqhOutputPacketpool(ntv->tv, p); return; } } else { - if (PacketCopyData(p, (uint8_t *)ph->buf, ph->len) == -1) { + if (PacketCopyData(p, (uint8_t *)d, ph->len) == -1) { TmqhOutputPacketpool(ntv->tv, p); return; } @@ -754,9 +785,6 @@ */ #if USE_NEW_NETMAP_API static TmEcode NetmapReadPackets(struct nmport_d *d, int cnt, NetmapThreadVars *ntv) -#else -static TmEcode NetmapReadPackets(struct nm_desc *d, int cnt, NetmapThreadVars *ntv) -#endif { struct nm_pkthdr hdr; int last_ring = d->last_rx_ring - d->first_rx_ring + 1; @@ -826,6 +854,7 @@ } return got; } +#endif /** * \brief Main netmap reading loop function @@ -890,8 +919,12 @@ } if (likely(fds.revents & POLLIN)) { +#if USE_NEW_NETMAP_API /* have data on RX ring, so copy to Packet for processing */ NetmapReadPackets(ntv->ifsrc->nmd, -1, ntv); +#else + nm_dispatch(ntv->ifsrc->nmd, -1, NetmapCallback, (void *)ntv); +#endif } NetmapDumpCounters(ntv); diff -Nru suricata-6.0.9/src/source-nfq.c suricata-6.0.10/src/source-nfq.c --- suricata-6.0.9/src/source-nfq.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/source-nfq.c 2023-01-31 06:26:24.000000000 +0000 @@ -1271,7 +1271,7 @@ /** * \brief Clean global contexts. Must be called on exit. */ -void NFQContextsClean() +void NFQContextsClean(void) { if (g_nfq_q != NULL) { SCFree(g_nfq_q); diff -Nru suricata-6.0.9/src/source-pcap-file.c suricata-6.0.10/src/source-pcap-file.c --- suricata-6.0.9/src/source-pcap-file.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/source-pcap-file.c 2023-01-31 06:26:24.000000000 +0000 @@ -133,7 +133,7 @@ tmm_modules[TMM_DECODEPCAPFILE].flags = TM_FLAG_DECODE_TM; } -void PcapFileGlobalInit() +void PcapFileGlobalInit(void) { memset(&pcap_g, 0x00, sizeof(pcap_g)); SC_ATOMIC_INIT(pcap_g.invalid_checksums); @@ -461,7 +461,7 @@ SCReturnInt(TM_ECODE_OK); } -void PcapIncreaseInvalidChecksum() +void PcapIncreaseInvalidChecksum(void) { (void) SC_ATOMIC_ADD(pcap_g.invalid_checksums, 1); } diff -Nru suricata-6.0.9/src/source-windivert.c suricata-6.0.10/src/source-windivert.c --- suricata-6.0.9/src/source-windivert.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/source-windivert.c 2023-01-31 06:26:24.000000000 +0000 @@ -1000,7 +1000,7 @@ /** * \brief this function registers unit tests for the WinDivert Source */ -void SourceWinDivertRegisterTests() +void SourceWinDivertRegisterTests(void) { #ifdef UNITTESTS UtRegisterTest("SourceWinDivertTestIfaceMatchFilter", diff -Nru suricata-6.0.9/src/stream-tcp.c suricata-6.0.10/src/stream-tcp.c --- suricata-6.0.9/src/stream-tcp.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/stream-tcp.c 2023-01-31 06:26:24.000000000 +0000 @@ -1,4 +1,4 @@ -/* Copyright (C) 2007-2022 Open Information Security Foundation +/* Copyright (C) 2007-2023 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -474,9 +474,15 @@ stream_config.ssn_memcap_policy = ExceptionPolicyParse("stream.memcap-policy", true); stream_config.reassembly_memcap_policy = ExceptionPolicyParse("stream.reassembly.memcap-policy", true); - stream_config.midstream_policy = ExceptionPolicyParse("stream.midstream-policy", true); SCLogConfig("memcap-policy: %u/%u", stream_config.ssn_memcap_policy, stream_config.reassembly_memcap_policy); + stream_config.midstream_policy = ExceptionPolicyParse("stream.midstream-policy", true); + if (stream_config.midstream && stream_config.midstream_policy != EXCEPTION_POLICY_IGNORE) { + SCLogWarning(SC_WARN_COMPATIBILITY, + "stream.midstream_policy setting conflicting with stream.midstream enabled. " + "Ignoring stream.midstream_policy."); + stream_config.midstream_policy = EXCEPTION_POLICY_IGNORE; + } if (!quiet) { SCLogConfig("stream.\"inline\": %s", @@ -914,7 +920,7 @@ * * \param tv Thread Variable containig input/output queue, cpu affinity * \param p Packet which has to be handled in this TCP state. - * \param stt Strean Thread module registered to handle the stream handling + * \param stt Stream Thread module registered to handle the stream handling * * \retval 0 ok * \retval -1 error diff -Nru suricata-6.0.9/src/stream-tcp-list.c suricata-6.0.10/src/stream-tcp-list.c --- suricata-6.0.9/src/stream-tcp-list.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/stream-tcp-list.c 2023-01-31 06:26:24.000000000 +0000 @@ -376,9 +376,9 @@ const uint8_t *list_data; StreamingBufferSegmentGetData(&stream->sb, &list->sbseg, &list_data, &list_len); - if (list_data == NULL || list_len == 0) + DEBUG_VALIDATE_BUG_ON(list_len > USHRT_MAX); + if (list_data == NULL || list_len == 0 || list_len > USHRT_MAX) return 0; - BUG_ON(list_len > USHRT_MAX); /* if list seg is partially before base_seq, list_len (from stream) and * TCP_SEG_LEN(list) will not be the same */ diff -Nru suricata-6.0.9/src/stream-tcp-reassemble.c suricata-6.0.10/src/stream-tcp-reassemble.c --- suricata-6.0.9/src/stream-tcp-reassemble.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/stream-tcp-reassemble.c 2023-01-31 06:26:24.000000000 +0000 @@ -184,7 +184,7 @@ * * \return memcap memcap value */ -uint64_t StreamTcpReassembleGetMemcap() +uint64_t StreamTcpReassembleGetMemcap(void) { uint64_t memcapcopy = SC_ATOMIC_GET(stream_config.reassembly_memcap); return memcapcopy; diff -Nru suricata-6.0.9/src/tests/detect-ssl-state.c suricata-6.0.10/src/tests/detect-ssl-state.c --- suricata-6.0.9/src/tests/detect-ssl-state.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/tests/detect-ssl-state.c 2023-01-31 06:26:24.000000000 +0000 @@ -88,411 +88,6 @@ } /** - * \test Test a valid dce_iface entry for a bind and bind_ack - */ -static int DetectSslStateTest07(void) -{ - uint8_t chello_buf[] = { - 0x80, 0x67, 0x01, 0x03, 0x00, 0x00, 0x4e, 0x00, - 0x00, 0x00, 0x10, 0x01, 0x00, 0x80, 0x03, 0x00, - 0x80, 0x07, 0x00, 0xc0, 0x06, 0x00, 0x40, 0x02, - 0x00, 0x80, 0x04, 0x00, 0x80, 0x00, 0x00, 0x39, - 0x00, 0x00, 0x38, 0x00, 0x00, 0x35, 0x00, 0x00, - 0x33, 0x00, 0x00, 0x32, 0x00, 0x00, 0x04, 0x00, - 0x00, 0x05, 0x00, 0x00, 0x2f, 0x00, 0x00, 0x16, - 0x00, 0x00, 0x13, 0x00, 0xfe, 0xff, 0x00, 0x00, - 0x0a, 0x00, 0x00, 0x15, 0x00, 0x00, 0x12, 0x00, - 0xfe, 0xfe, 0x00, 0x00, 0x09, 0x00, 0x00, 0x64, - 0x00, 0x00, 0x62, 0x00, 0x00, 0x03, 0x00, 0x00, - 0x06, 0xa8, 0xb8, 0x93, 0xbb, 0x90, 0xe9, 0x2a, - 0xa2, 0x4d, 0x6d, 0xcc, 0x1c, 0xe7, 0x2a, 0x80, - 0x21 - }; - uint32_t chello_buf_len = sizeof(chello_buf); - - uint8_t shello_buf[] = { - 0x16, 0x03, 0x00, 0x00, 0x4a, 0x02, - 0x00, 0x00, 0x46, 0x03, 0x00, 0x44, 0x4c, 0x94, - 0x8f, 0xfe, 0x81, 0xed, 0x93, 0x65, 0x02, 0x88, - 0xa3, 0xf8, 0xeb, 0x63, 0x86, 0x0e, 0x2c, 0xf6, - 0x8d, 0xd0, 0x0f, 0x2c, 0x2a, 0xd6, 0x4f, 0xcd, - 0x2d, 0x3c, 0x16, 0xd7, 0xd6, 0x20, 0xa0, 0xfb, - 0x60, 0x86, 0x3d, 0x1e, 0x76, 0xf3, 0x30, 0xfe, - 0x0b, 0x01, 0xfd, 0x1a, 0x01, 0xed, 0x95, 0xf6, - 0x7b, 0x8e, 0xc0, 0xd4, 0x27, 0xbf, 0xf0, 0x6e, - 0xc7, 0x56, 0xb1, 0x47, 0xce, 0x98, 0x00, 0x35, - 0x00, 0x16, 0x03, 0x00, 0x03, 0x44, 0x0b, 0x00, - 0x03, 0x40, 0x00, 0x03, 0x3d, 0x00, 0x03, 0x3a, - 0x30, 0x82, 0x03, 0x36, 0x30, 0x82, 0x02, 0x9f, - 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, - 0xf7, 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30, - 0x81, 0xa9, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, - 0x55, 0x04, 0x06, 0x13, 0x02, 0x58, 0x59, 0x31, - 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x08, - 0x13, 0x0c, 0x53, 0x6e, 0x61, 0x6b, 0x65, 0x20, - 0x44, 0x65, 0x73, 0x65, 0x72, 0x74, 0x31, 0x13, - 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, - 0x0a, 0x53, 0x6e, 0x61, 0x6b, 0x65, 0x20, 0x54, - 0x6f, 0x77, 0x6e, 0x31, 0x17, 0x30, 0x15, 0x06, - 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0e, 0x53, 0x6e, - 0x61, 0x6b, 0x65, 0x20, 0x4f, 0x69, 0x6c, 0x2c, - 0x20, 0x4c, 0x74, 0x64, 0x31, 0x1e, 0x30, 0x1c, - 0x06, 0x03, 0x55, 0x04, 0x0b, 0x13, 0x15, 0x43, - 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, - 0x74, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f, - 0x72, 0x69, 0x74, 0x79, 0x31, 0x15, 0x30, 0x13, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0c, 0x53, - 0x6e, 0x61, 0x6b, 0x65, 0x20, 0x4f, 0x69, 0x6c, - 0x20, 0x43, 0x41, 0x31, 0x1e, 0x30, 0x1c, 0x06, - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, - 0x09, 0x01, 0x16, 0x0f, 0x63, 0x61, 0x40, 0x73, - 0x6e, 0x61, 0x6b, 0x65, 0x6f, 0x69, 0x6c, 0x2e, - 0x64, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x30, - 0x33, 0x30, 0x33, 0x30, 0x35, 0x31, 0x36, 0x34, - 0x37, 0x34, 0x35, 0x5a, 0x17, 0x0d, 0x30, 0x38, - 0x30, 0x33, 0x30, 0x33, 0x31, 0x36, 0x34, 0x37, - 0x34, 0x35, 0x5a, 0x30, 0x81, 0xa7, 0x31, 0x0b, - 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, - 0x02, 0x58, 0x59, 0x31, 0x15, 0x30, 0x13, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x13, 0x0c, 0x53, 0x6e, - 0x61, 0x6b, 0x65, 0x20, 0x44, 0x65, 0x73, 0x65, - 0x72, 0x74, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, - 0x55, 0x04, 0x07, 0x13, 0x0a, 0x53, 0x6e, 0x61, - 0x6b, 0x65, 0x20, 0x54, 0x6f, 0x77, 0x6e, 0x31, - 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0a, - 0x13, 0x0e, 0x53, 0x6e, 0x61, 0x6b, 0x65, 0x20, - 0x4f, 0x69, 0x6c, 0x2c, 0x20, 0x4c, 0x74, 0x64, - 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, - 0x0b, 0x13, 0x0e, 0x57, 0x65, 0x62, 0x73, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x20, 0x54, 0x65, 0x61, - 0x6d, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x13, 0x10, 0x77, 0x77, 0x77, 0x2e, - 0x73, 0x6e, 0x61, 0x6b, 0x65, 0x6f, 0x69, 0x6c, - 0x2e, 0x64, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, - 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x09, 0x01, 0x16, 0x10, 0x77, 0x77, 0x77, - 0x40, 0x73, 0x6e, 0x61, 0x6b, 0x65, 0x6f, 0x69, - 0x6c, 0x2e, 0x64, 0x6f, 0x6d, 0x30, 0x81, 0x9f, - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, - 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, - 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, - 0x81, 0x00, 0xa4, 0x6e, 0x53, 0x14, 0x0a, 0xde, - 0x2c, 0xe3, 0x60, 0x55, 0x9a, 0xf2, 0x42, 0xa6, - 0xaf, 0x47, 0x12, 0x2f, 0x17, 0xce, 0xfa, 0xba, - 0xdc, 0x4e, 0x63, 0x56, 0x34, 0xb9, 0xba, 0x73, - 0x4b, 0x78, 0x44, 0x3d, 0xc6, 0x6c, 0x69, 0xa4, - 0x25, 0xb3, 0x61, 0x02, 0x9d, 0x09, 0x04, 0x3f, - 0x72, 0x3d, 0xd8, 0x27, 0xd3, 0xb0, 0x5a, 0x45, - 0x77, 0xb7, 0x36, 0xe4, 0x26, 0x23, 0xcc, 0x12, - 0xb8, 0xae, 0xde, 0xa7, 0xb6, 0x3a, 0x82, 0x3c, - 0x7c, 0x24, 0x59, 0x0a, 0xf8, 0x96, 0x43, 0x8b, - 0xa3, 0x29, 0x36, 0x3f, 0x91, 0x7f, 0x5d, 0xc7, - 0x23, 0x94, 0x29, 0x7f, 0x0a, 0xce, 0x0a, 0xbd, - 0x8d, 0x9b, 0x2f, 0x19, 0x17, 0xaa, 0xd5, 0x8e, - 0xec, 0x66, 0xa2, 0x37, 0xeb, 0x3f, 0x57, 0x53, - 0x3c, 0xf2, 0xaa, 0xbb, 0x79, 0x19, 0x4b, 0x90, - 0x7e, 0xa7, 0xa3, 0x99, 0xfe, 0x84, 0x4c, 0x89, - 0xf0, 0x3d, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, - 0x6e, 0x30, 0x6c, 0x30, 0x1b, 0x06, 0x03, 0x55, - 0x1d, 0x11, 0x04, 0x14, 0x30, 0x12, 0x81, 0x10, - 0x77, 0x77, 0x77, 0x40, 0x73, 0x6e, 0x61, 0x6b, - 0x65, 0x6f, 0x69, 0x6c, 0x2e, 0x64, 0x6f, 0x6d, - 0x30, 0x3a, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, - 0x86, 0xf8, 0x42, 0x01, 0x0d, 0x04, 0x2d, 0x16, - 0x2b, 0x6d, 0x6f, 0x64, 0x5f, 0x73, 0x73, 0x6c, - 0x20, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, - 0x65, 0x64, 0x20, 0x63, 0x75, 0x73, 0x74, 0x6f, - 0x6d, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x20, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, - 0x63, 0x61, 0x74, 0x65, 0x30, 0x11, 0x06, 0x09, - 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x01, - 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, - 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, - 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00, 0x03, 0x81, - 0x81, 0x00, 0xae, 0x79, 0x79, 0x22, 0x90, 0x75, - 0xfd, 0xa6, 0xd5, 0xc4, 0xb8, 0xc4, 0x99, 0x4e, - 0x1c, 0x05, 0x7c, 0x91, 0x59, 0xbe, 0x89, 0x0d, - 0x3d, 0xc6, 0x8c, 0xa3, 0xcf, 0xf6, 0xba, 0x23, - 0xdf, 0xb8, 0xae, 0x44, 0x68, 0x8a, 0x8f, 0xb9, - 0x8b, 0xcb, 0x12, 0xda, 0xe6, 0xa2, 0xca, 0xa5, - 0xa6, 0x55, 0xd9, 0xd2, 0xa1, 0xad, 0xba, 0x9b, - 0x2c, 0x44, 0x95, 0x1d, 0x4a, 0x90, 0x59, 0x7f, - 0x83, 0xae, 0x81, 0x5e, 0x3f, 0x92, 0xe0, 0x14, - 0x41, 0x82, 0x4e, 0x7f, 0x53, 0xfd, 0x10, 0x23, - 0xeb, 0x8a, 0xeb, 0xe9, 0x92, 0xea, 0x61, 0xf2, - 0x8e, 0x19, 0xa1, 0xd3, 0x49, 0xc0, 0x84, 0x34, - 0x1e, 0x2e, 0x6e, 0xf6, 0x98, 0xe2, 0x87, 0x53, - 0xd6, 0x55, 0xd9, 0x1a, 0x8a, 0x92, 0x5c, 0xad, - 0xdc, 0x1e, 0x1c, 0x30, 0xa7, 0x65, 0x9d, 0xc2, - 0x4f, 0x60, 0xd2, 0x6f, 0xdb, 0xe0, 0x9f, 0x9e, - 0xbc, 0x41, 0x16, 0x03, 0x00, 0x00, 0x04, 0x0e, - 0x00, 0x00, 0x00 - }; - uint32_t shello_buf_len = sizeof(shello_buf); - - uint8_t client_change_cipher_spec_buf[] = { - 0x16, 0x03, 0x00, 0x00, 0x84, 0x10, 0x00, 0x00, - 0x80, 0x65, 0x51, 0x2d, 0xa6, 0xd4, 0xa7, 0x38, - 0xdf, 0xac, 0x79, 0x1f, 0x0b, 0xd9, 0xb2, 0x61, - 0x7d, 0x73, 0x88, 0x32, 0xd9, 0xf2, 0x62, 0x3a, - 0x8b, 0x11, 0x04, 0x75, 0xca, 0x42, 0xff, 0x4e, - 0xd9, 0xcc, 0xb9, 0xfa, 0x86, 0xf3, 0x16, 0x2f, - 0x09, 0x73, 0x51, 0x66, 0xaa, 0x29, 0xcd, 0x80, - 0x61, 0x0f, 0xe8, 0x13, 0xce, 0x5b, 0x8e, 0x0a, - 0x23, 0xf8, 0x91, 0x5e, 0x5f, 0x54, 0x70, 0x80, - 0x8e, 0x7b, 0x28, 0xef, 0xb6, 0x69, 0xb2, 0x59, - 0x85, 0x74, 0x98, 0xe2, 0x7e, 0xd8, 0xcc, 0x76, - 0x80, 0xe1, 0xb6, 0x45, 0x4d, 0xc7, 0xcd, 0x84, - 0xce, 0xb4, 0x52, 0x79, 0x74, 0xcd, 0xe6, 0xd7, - 0xd1, 0x9c, 0xad, 0xef, 0x63, 0x6c, 0x0f, 0xf7, - 0x05, 0xe4, 0x4d, 0x1a, 0xd3, 0xcb, 0x9c, 0xd2, - 0x51, 0xb5, 0x61, 0xcb, 0xff, 0x7c, 0xee, 0xc7, - 0xbc, 0x5e, 0x15, 0xa3, 0xf2, 0x52, 0x0f, 0xbb, - 0x32, 0x14, 0x03, 0x00, 0x00, 0x01, 0x01, 0x16, - 0x03, 0x00, 0x00, 0x40, 0xa9, 0xd8, 0xd7, 0x35, - 0xbc, 0x39, 0x56, 0x98, 0xad, 0x87, 0x61, 0x2a, - 0xc4, 0x8f, 0xcc, 0x03, 0xcb, 0x93, 0x80, 0x81, - 0xb0, 0x4a, 0xc4, 0xd2, 0x09, 0x71, 0x3e, 0x90, - 0x3c, 0x8d, 0xe0, 0x95, 0x44, 0xfe, 0x56, 0xd1, - 0x7e, 0x88, 0xe2, 0x48, 0xfd, 0x76, 0x70, 0x76, - 0xe2, 0xcd, 0x06, 0xd0, 0xf3, 0x9d, 0x13, 0x79, - 0x67, 0x1e, 0x37, 0xf6, 0x98, 0xbe, 0x59, 0x18, - 0x4c, 0xfc, 0x75, 0x56 - }; - uint32_t client_change_cipher_spec_buf_len = - sizeof(client_change_cipher_spec_buf); - - uint8_t server_change_cipher_spec_buf[] = { - 0x14, 0x03, 0x00, 0x00, 0x01, 0x01, 0x16, 0x03, - 0x00, 0x00, 0x40, 0xce, 0x7c, 0x92, 0x43, 0x59, - 0xcc, 0x3d, 0x90, 0x91, 0x9c, 0x58, 0xf0, 0x7a, - 0xce, 0xae, 0x0d, 0x08, 0xe0, 0x76, 0xb4, 0x86, - 0xb1, 0x15, 0x5b, 0x32, 0xb8, 0x77, 0x53, 0xe7, - 0xa6, 0xf9, 0xd0, 0x95, 0x5f, 0xaa, 0x07, 0xc3, - 0x96, 0x7c, 0xc9, 0x88, 0xc2, 0x7a, 0x20, 0x89, - 0x4f, 0xeb, 0xeb, 0xb6, 0x19, 0xef, 0xaa, 0x27, - 0x73, 0x9d, 0xa6, 0xb4, 0x9f, 0xeb, 0x34, 0xe2, - 0x4d, 0x9f, 0x6b - }; - uint32_t server_change_cipher_spec_buf_len = - sizeof(server_change_cipher_spec_buf); - - uint8_t toserver_app_data_buf[] = { - 0x17, 0x03, 0x00, 0x01, 0xb0, 0x4a, 0xc3, 0x3e, - 0x9d, 0x77, 0x78, 0x01, 0x2c, 0xb4, 0xbc, 0x4c, - 0x9a, 0x84, 0xd7, 0xb9, 0x90, 0x0c, 0x21, 0x10, - 0xf0, 0xfa, 0x00, 0x7c, 0x16, 0xbb, 0x77, 0xfb, - 0x72, 0x42, 0x4f, 0xad, 0x50, 0x4a, 0xd0, 0xaa, - 0x6f, 0xaa, 0x44, 0x6c, 0x62, 0x94, 0x1b, 0xc5, - 0xfe, 0xe9, 0x1c, 0x5e, 0xde, 0x85, 0x0b, 0x0e, - 0x05, 0xe4, 0x18, 0x6e, 0xd2, 0xd3, 0xb5, 0x20, - 0xab, 0x81, 0xfd, 0x18, 0x9a, 0x73, 0xb8, 0xd7, - 0xef, 0xc3, 0xdd, 0x74, 0xd7, 0x9c, 0x1e, 0x6f, - 0x21, 0x6d, 0xf8, 0x24, 0xca, 0x3c, 0x70, 0x78, - 0x36, 0x12, 0x7a, 0x8a, 0x9c, 0xac, 0x4e, 0x1c, - 0xa8, 0xfb, 0x27, 0x30, 0xba, 0x9a, 0xf4, 0x2f, - 0x0a, 0xab, 0x80, 0x6a, 0xa1, 0x60, 0x74, 0xf0, - 0xe3, 0x91, 0x84, 0xe7, 0x90, 0x88, 0xcc, 0xf0, - 0x95, 0x7b, 0x0a, 0x22, 0xf2, 0xf9, 0x27, 0xe0, - 0xdd, 0x38, 0x0c, 0xfd, 0xe9, 0x03, 0x71, 0xdc, - 0x70, 0xa4, 0x6e, 0xdf, 0xe3, 0x72, 0x9e, 0xa1, - 0xf0, 0xc9, 0x00, 0xd6, 0x03, 0x55, 0x6a, 0x67, - 0x5d, 0x9c, 0xb8, 0x75, 0x01, 0xb0, 0x01, 0x9f, - 0xe6, 0xd2, 0x44, 0x18, 0xbc, 0xca, 0x7a, 0x10, - 0x39, 0xa6, 0xcf, 0x15, 0xc7, 0xf5, 0x35, 0xd4, - 0xb3, 0x6d, 0x91, 0x23, 0x84, 0x99, 0xba, 0xb0, - 0x7e, 0xd0, 0xc9, 0x4c, 0xbf, 0x3f, 0x33, 0x68, - 0x37, 0xb7, 0x7d, 0x44, 0xb0, 0x0b, 0x2c, 0x0f, - 0xd0, 0x75, 0xa2, 0x6b, 0x5b, 0xe1, 0x9f, 0xd4, - 0x69, 0x9a, 0x14, 0xc8, 0x29, 0xb7, 0xd9, 0x10, - 0xbb, 0x99, 0x30, 0x9a, 0xfb, 0xcc, 0x13, 0x1f, - 0x76, 0x4e, 0xe6, 0xdf, 0x14, 0xaa, 0xd5, 0x60, - 0xbf, 0x91, 0x49, 0x0d, 0x64, 0x42, 0x29, 0xa8, - 0x64, 0x27, 0xd4, 0x5e, 0x1b, 0x18, 0x03, 0xa8, - 0x73, 0xd6, 0x05, 0x6e, 0xf7, 0x50, 0xb0, 0x09, - 0x6b, 0x69, 0x7a, 0x12, 0x28, 0x58, 0xef, 0x5a, - 0x86, 0x11, 0xde, 0x71, 0x71, 0x9f, 0xca, 0xbd, - 0x79, 0x2a, 0xc2, 0xe5, 0x9b, 0x5e, 0x32, 0xe7, - 0xcb, 0x97, 0x6e, 0xa0, 0xea, 0xa4, 0xa4, 0x6a, - 0x32, 0xf9, 0x37, 0x39, 0xd8, 0x37, 0x6d, 0x63, - 0xf3, 0x08, 0x1c, 0xdd, 0x06, 0xdd, 0x2c, 0x2b, - 0x9f, 0x04, 0x88, 0x5f, 0x36, 0x42, 0xc1, 0xb1, - 0xc7, 0xe8, 0x2d, 0x5d, 0xa4, 0x6c, 0xe5, 0x60, - 0x94, 0xae, 0xd0, 0x90, 0x1e, 0x88, 0xa0, 0x87, - 0x52, 0xfb, 0xed, 0x97, 0xa5, 0x25, 0x5a, 0xb7, - 0x55, 0xc5, 0x13, 0x07, 0x85, 0x27, 0x40, 0xed, - 0xb8, 0xa0, 0x26, 0x13, 0x44, 0x0c, 0xfc, 0xcc, - 0x5a, 0x09, 0xe5, 0x44, 0xb5, 0x63, 0xa1, 0x43, - 0x51, 0x23, 0x4f, 0x17, 0x21, 0x89, 0x2e, 0x58, - 0xfd, 0xf9, 0x63, 0x74, 0x04, 0x70, 0x1e, 0x7d, - 0xd0, 0x66, 0xba, 0x40, 0x5e, 0x45, 0xdc, 0x39, - 0x7c, 0x53, 0x0f, 0xa8, 0x38, 0xb2, 0x13, 0x99, - 0x27, 0xd9, 0x4a, 0x51, 0xe9, 0x9f, 0x2a, 0x92, - 0xbb, 0x9c, 0x90, 0xab, 0xfd, 0xf1, 0xb7, 0x40, - 0x05, 0xa9, 0x7a, 0x20, 0x63, 0x36, 0xc1, 0xef, - 0xb9, 0xad, 0xa2, 0xe0, 0x1d, 0x20, 0x4f, 0xb2, - 0x34, 0xbd, 0xea, 0x07, 0xac, 0x21, 0xce, 0xf6, - 0x8a, 0xa2, 0x9e, 0xcd, 0xfa - }; - uint32_t toserver_app_data_buf_len = sizeof(toserver_app_data_buf); - - Signature *s = NULL; - ThreadVars th_v; - Packet *p = NULL; - Flow f; - TcpSession ssn; - DetectEngineThreadCtx *det_ctx = NULL; - DetectEngineCtx *de_ctx = NULL; - SSLState *ssl_state = NULL; - int r = 0; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&th_v, 0, sizeof(th_v)); - memset(&p, 0, sizeof(p)); - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - - p = UTHBuildPacket(NULL, 0, IPPROTO_TCP); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - p->flow = &f; - p->flags |= PKT_HAS_FLOW|PKT_STREAM_EST; - p->flowflags |= FLOW_PKT_TOSERVER; - p->flowflags |= FLOW_PKT_ESTABLISHED; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->flags |= DE_QUIET; - - s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any " - "(msg:\"ssl state\"; ssl_state:client_hello; " - "sid:1;)"); - FAIL_IF_NULL(s); - - s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any " - "(msg:\"ssl state\"; " - "ssl_state:server_hello; " - "sid:2;)"); - FAIL_IF_NULL(s); - - s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any " - "(msg:\"ssl state\"; " - "ssl_state:client_keyx; " - "sid:3;)"); - FAIL_IF_NULL(s); - - s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any " - "(msg:\"ssl state\"; " - "ssl_state:server_keyx; " - "sid:4;)"); - FAIL_IF_NULL(s); - - s = DetectEngineAppendSig(de_ctx, "alert tcp any any -> any any " - "(msg:\"ssl state\"; " - "ssl_state:!client_hello; " - "sid:5;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER | STREAM_START, chello_buf, - chello_buf_len); - FAIL_IF(r != 0); - - ssl_state = f.alstate; - FAIL_IF(ssl_state == NULL); - - /* do detect */ - p->alerts.cnt = 0; - SigMatchSignatures(&th_v, de_ctx, det_ctx, p); - - FAIL_IF(!PacketAlertCheck(p, 1)); - FAIL_IF(PacketAlertCheck(p, 2)); - FAIL_IF(PacketAlertCheck(p, 3)); - FAIL_IF(PacketAlertCheck(p, 4)); - FAIL_IF(PacketAlertCheck(p, 5)); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, - shello_buf, shello_buf_len); - FAIL_IF(r != 0); - - /* do detect */ - p->alerts.cnt = 0; - p->flowflags = (FLOW_PKT_TOCLIENT | FLOW_PKT_ESTABLISHED); - - SigMatchSignatures(&th_v, de_ctx, det_ctx, p); - - FAIL_IF(PacketAlertCheck(p, 1)); - FAIL_IF(!PacketAlertCheck(p, 2)); - FAIL_IF(PacketAlertCheck(p, 3)); - FAIL_IF(PacketAlertCheck(p, 4)); - FAIL_IF(!PacketAlertCheck(p, 5)); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - client_change_cipher_spec_buf, - client_change_cipher_spec_buf_len); - FAIL_IF(r != 0); - - /* do detect */ - p->alerts.cnt = 0; - SigMatchSignatures(&th_v, de_ctx, det_ctx, p); - - FAIL_IF(PacketAlertCheck(p, 1)); - FAIL_IF(PacketAlertCheck(p, 2)); - FAIL_IF(!PacketAlertCheck(p, 3)); - FAIL_IF(PacketAlertCheck(p, 4)); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, - server_change_cipher_spec_buf, - server_change_cipher_spec_buf_len); - FAIL_IF(r != 0); - - /* do detect */ - p->alerts.cnt = 0; - SigMatchSignatures(&th_v, de_ctx, det_ctx, p); - - FAIL_IF(PacketAlertCheck(p, 1)); - FAIL_IF(PacketAlertCheck(p, 2)); - FAIL_IF(PacketAlertCheck(p, 3)); - FAIL_IF(PacketAlertCheck(p, 4)); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - toserver_app_data_buf, toserver_app_data_buf_len); - FAIL_IF(r != 0); - - /* do detect */ - p->alerts.cnt = 0; - SigMatchSignatures(&th_v, de_ctx, det_ctx, p); - - FAIL_IF(PacketAlertCheck(p, 1)); - FAIL_IF(PacketAlertCheck(p, 2)); - FAIL_IF(PacketAlertCheck(p, 3)); - FAIL_IF(PacketAlertCheck(p, 4)); - - if (alp_tctx != NULL) - AppLayerParserThreadCtxFree(alp_tctx); - SigGroupCleanup(de_ctx); - SigCleanSignatures(de_ctx); - - DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); - DetectEngineCtxFree(de_ctx); - - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - UTHFreePackets(&p, 1); - PASS; -} - -/** * \brief Test that the "|" character still works as a separate for * compatibility with older Suricata rules. */ @@ -534,7 +129,6 @@ UtRegisterTest("DetectSslStateTest04", DetectSslStateTest04); UtRegisterTest("DetectSslStateTest05", DetectSslStateTest05); UtRegisterTest("DetectSslStateTest06", DetectSslStateTest06); - UtRegisterTest("DetectSslStateTest07", DetectSslStateTest07); UtRegisterTest("DetectSslStateTest08", DetectSslStateTest08); UtRegisterTest("DetectSslStateTestParseNegate", DetectSslStateTestParseNegate); diff -Nru suricata-6.0.9/src/tests/detect-ssl-version.c suricata-6.0.10/src/tests/detect-ssl-version.c --- suricata-6.0.9/src/tests/detect-ssl-version.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/tests/detect-ssl-version.c 2023-01-31 06:26:24.000000000 +0000 @@ -82,182 +82,6 @@ PASS; } -#include "stream-tcp-reassemble.h" - -/** \test Send a get request in three chunks + more data. */ -static int DetectSslVersionTestDetect01(void) -{ - Flow f; - uint8_t sslbuf1[] = { 0x16 }; - uint32_t ssllen1 = sizeof(sslbuf1); - uint8_t sslbuf2[] = { 0x03 }; - uint32_t ssllen2 = sizeof(sslbuf2); - uint8_t sslbuf3[] = { 0x01 }; - uint32_t ssllen3 = sizeof(sslbuf3); - uint8_t sslbuf4[] = { 0x01, 0x00, 0x00, 0xad, 0x03, 0x01 }; - uint32_t ssllen4 = sizeof(sslbuf4); - TcpSession ssn; - Packet *p = NULL; - Signature *s = NULL; - ThreadVars th_v; - DetectEngineThreadCtx *det_ctx = NULL; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&th_v, 0, sizeof(th_v)); - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - - p = UTHBuildPacket(NULL, 0, IPPROTO_TCP); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - p->flow = &f; - p->flowflags |= FLOW_PKT_TOSERVER; - p->flowflags |= FLOW_PKT_ESTABLISHED; - p->flags |= PKT_HAS_FLOW | PKT_STREAM_EST; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - DetectEngineCtx *de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->flags |= DE_QUIET; - - s = de_ctx->sig_list = SigInit(de_ctx,"alert tls any any -> any any (msg:\"TLS\"; ssl_version:tls1.0; sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, sslbuf1, ssllen1); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - sslbuf2, ssllen2); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - sslbuf3, ssllen3); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - sslbuf4, ssllen4); - FAIL_IF(r != 0); - - SSLState *app_state = f.alstate; - FAIL_IF_NULL(app_state); - - FAIL_IF(app_state->client_connp.content_type != 0x16); - - FAIL_IF(app_state->client_connp.version != TLS_VERSION_10); - - SCLogDebug("app_state is at %p, app_state->server_connp.version 0x%02X app_state->client_connp.version 0x%02X", - app_state, app_state->server_connp.version, app_state->client_connp.version); - - /* do detect */ - SigMatchSignatures(&th_v, de_ctx, det_ctx, p); - - FAIL_IF_NOT(PacketAlertCheck(p, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); - DetectEngineCtxFree(de_ctx); - - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - UTHFreePackets(&p, 1); - - PASS; -} - -static int DetectSslVersionTestDetect02(void) -{ - Flow f; - uint8_t sslbuf1[] = { 0x16 }; - uint32_t ssllen1 = sizeof(sslbuf1); - uint8_t sslbuf2[] = { 0x03 }; - uint32_t ssllen2 = sizeof(sslbuf2); - uint8_t sslbuf3[] = { 0x01 }; - uint32_t ssllen3 = sizeof(sslbuf3); - uint8_t sslbuf4[] = { 0x01, 0x00, 0x00, 0xad, 0x03, 0x02 }; - uint32_t ssllen4 = sizeof(sslbuf4); - TcpSession ssn; - Packet *p = NULL; - Signature *s = NULL; - ThreadVars th_v; - DetectEngineThreadCtx *det_ctx = NULL; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&th_v, 0, sizeof(th_v)); - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - - p = UTHBuildPacket(NULL, 0, IPPROTO_TCP); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - p->flow = &f; - p->flowflags |= FLOW_PKT_TOSERVER; - p->flowflags |= FLOW_PKT_ESTABLISHED; - p->flags |= PKT_HAS_FLOW | PKT_STREAM_EST; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - DetectEngineCtx *de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->flags |= DE_QUIET; - - s = de_ctx->sig_list = SigInit(de_ctx,"alert tls any any -> any any (msg:\"TLS\"; ssl_version:tls1.0; sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, sslbuf1, ssllen1); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - sslbuf2, ssllen2); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - sslbuf3, ssllen3); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - sslbuf4, ssllen4); - FAIL_IF(r != 0); - - SSLState *app_state = f.alstate; - FAIL_IF_NULL(app_state); - - FAIL_IF(app_state->client_connp.content_type != 0x16); - - FAIL_IF(app_state->client_connp.version != TLS_VERSION_10); - - /* do detect */ - SigMatchSignatures(&th_v, de_ctx, det_ctx, p); - - FAIL_IF_NOT(PacketAlertCheck(p, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); - DetectEngineCtxFree(de_ctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - UTHFreePackets(&p, 1); - - PASS; -} - /** * \brief this function registers unit tests for DetectSslVersion */ @@ -266,8 +90,4 @@ UtRegisterTest("DetectSslVersionTestParse01", DetectSslVersionTestParse01); UtRegisterTest("DetectSslVersionTestParse02", DetectSslVersionTestParse02); UtRegisterTest("DetectSslVersionTestParse03", DetectSslVersionTestParse03); - UtRegisterTest("DetectSslVersionTestDetect01", - DetectSslVersionTestDetect01); - UtRegisterTest("DetectSslVersionTestDetect02", - DetectSslVersionTestDetect02); } diff -Nru suricata-6.0.9/src/tests/detect-tls-ja3-hash.c suricata-6.0.10/src/tests/detect-tls-ja3-hash.c --- suricata-6.0.9/src/tests/detect-tls-ja3-hash.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/tests/detect-tls-ja3-hash.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,228 +0,0 @@ -/* Copyright (C) 2019 Open Information Security Foundation - * - * You can copy, redistribute or modify this Program under the terms of - * the GNU General Public License version 2 as published by the Free - * Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * version 2 along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301, USA. - */ - -/** - * \file - * - * \author Mats Klepsland - * - */ - -#ifndef HAVE_NSS - -static void DetectTlsJa3HashRegisterTests(void) -{ - /* Don't register any tests */ -} - -#else /* HAVE_NSS */ - -/** - * \test Test matching on a simple client hello packet - */ -static int DetectTlsJa3HashTest01(void) -{ - /* Client hello */ - uint8_t buf[] = { 0x16, 0x03, 0x03, 0x00, 0x84, 0x01, 0x00, 0x00, 0x7E, - 0x03, 0x03, 0x57, 0x04, 0x9F, 0x5D, 0xC9, 0x5C, 0x87, - 0xAE, 0xF2, 0xA7, 0x4A, 0xFC, 0x59, 0x78, 0x23, 0x31, - 0x61, 0x2D, 0x29, 0x92, 0xB6, 0x70, 0xA5, 0xA1, 0xFC, - 0x0E, 0x79, 0xFE, 0xC3, 0x97, 0x37, 0xC0, 0x00, 0x00, - 0x44, 0x00, 0x04, 0x00, 0x05, 0x00, 0x0A, 0x00, 0x0D, - 0x00, 0x10, 0x00, 0x13, 0x00, 0x16, 0x00, 0x2F, 0x00, - 0x30, 0x00, 0x31, 0x00, 0x32, 0x00, 0x33, 0x00, 0x35, - 0x00, 0x36, 0x00, 0x37, 0x00, 0x38, 0x00, 0x39, 0x00, - 0x3C, 0x00, 0x3D, 0x00, 0x3E, 0x00, 0x3F, 0x00, 0x40, - 0x00, 0x41, 0x00, 0x44, 0x00, 0x45, 0x00, 0x66, 0x00, - 0x67, 0x00, 0x68, 0x00, 0x69, 0x00, 0x6A, 0x00, 0x6B, - 0x00, 0x84, 0x00, 0x87, 0x00, 0xFF, 0x01, 0x00, 0x00, - 0x13, 0x00, 0x00, 0x00, 0x0F, 0x00, 0x0D, 0x00, 0x00, - 0x0A, 0x67, 0x6F, 0x6F, 0x67, 0x6C, 0x65, 0x2E, 0x63, - 0x6F, 0x6D, }; - - - Flow f; - SSLState *ssl_state = NULL; - Packet *p = NULL; - ThreadVars tv; - DetectEngineThreadCtx *det_ctx = NULL; - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&tv, 0, sizeof(ThreadVars)); - memset(&f, 0, sizeof(Flow)); - memset(&ssn, 0, sizeof(TcpSession)); - - p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP, - "192.168.1.5", "192.168.1.1", - 41424, 443); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.flags |= FLOW_IPV4; - f.proto = IPPROTO_TCP; - f.protomap = FlowGetProtoMapping(f.proto); - - p->flow = &f; - p->flags |= PKT_HAS_FLOW|PKT_STREAM_EST; - p->flowflags |= FLOW_PKT_TOSERVER|FLOW_PKT_ESTABLISHED; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - DetectEngineCtx *de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->mpm_matcher = mpm_default_matcher; - de_ctx->flags |= DE_QUIET; - - Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any " - "(msg:\"Test ja3.hash\"; ja3.hash; " - "content:\"e7eca2baf4458d095b7f45da28c16c34\"; " - "sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf, sizeof(buf)); - FAIL_IF(r != 0); - - ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF_NULL(ssl_state->client_connp.ja3_hash); - - SigMatchSignatures(&tv, de_ctx, det_ctx, p); - - FAIL_IF_NOT(PacketAlertCheck(p, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&tv, det_ctx); - DetectEngineCtxFree(de_ctx); - - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - UTHFreePacket(p); - - PASS; -} - -/** - * \test Test matching on a simple client hello packet - */ -static int DetectTlsJa3HashTest02(void) -{ - /* Client hello */ - uint8_t buf[] = { 0x16, 0x03, 0x01, 0x00, 0xc0, 0x01, 0x00, 0x00, 0xbc, - 0x03, 0x03, 0x03, 0xb7, 0x16, 0x16, 0x5a, 0xe7, 0xc1, - 0xbd, 0x46, 0x2f, 0xff, 0xf3, 0x68, 0xb8, 0x6f, 0x6e, - 0x93, 0xdf, 0x06, 0x6a, 0xa7, 0x2d, 0xa0, 0xea, 0x9f, - 0x48, 0xb5, 0xe7, 0x91, 0x20, 0xd7, 0x25, 0x00, 0x00, - 0x1c, 0x0a, 0x0a, 0xc0, 0x2b, 0xc0, 0x2f, 0xc0, 0x2c, - 0xc0, 0x30, 0xcc, 0xa9, 0xcc, 0xa8, 0xc0, 0x13, 0xc0, - 0x14, 0x00, 0x9c, 0x00, 0x9d, 0x00, 0x2f, 0x00, 0x35, - 0x00, 0x0a, 0x01, 0x00, 0x00, 0x77, 0x1a, 0x1a, 0x00, - 0x00, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, - 0x12, 0x00, 0x10, 0x00, 0x00, 0x0d, 0x77, 0x77, 0x77, - 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x6e, - 0x6f, 0x00, 0x17, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, - 0x00, 0x0d, 0x00, 0x14, 0x00, 0x12, 0x04, 0x03, 0x08, - 0x04, 0x04, 0x01, 0x05, 0x03, 0x08, 0x05, 0x05, 0x01, - 0x08, 0x06, 0x06, 0x01, 0x02, 0x01, 0x00, 0x05, 0x00, - 0x05, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x00, - 0x00, 0x00, 0x10, 0x00, 0x0e, 0x00, 0x0c, 0x02, 0x68, - 0x32, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, - 0x31, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0a, - 0x00, 0x0a, 0x00, 0x08, 0xba, 0xba, 0x00, 0x1d, 0x00, - 0x17, 0x00, 0x18, 0x0a, 0x0a, 0x00, 0x01, 0x00 }; - - Flow f; - SSLState *ssl_state = NULL; - ThreadVars tv; - DetectEngineThreadCtx *det_ctx = NULL; - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&tv, 0, sizeof(ThreadVars)); - memset(&f, 0, sizeof(Flow)); - memset(&ssn, 0, sizeof(TcpSession)); - - Packet *p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP, - "192.168.1.5", "192.168.1.1", - 41424, 443); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.flags |= FLOW_IPV4; - f.proto = IPPROTO_TCP; - f.protomap = FlowGetProtoMapping(f.proto); - - p->flow = &f; - p->flags |= PKT_HAS_FLOW|PKT_STREAM_EST; - p->flowflags |= FLOW_PKT_TOSERVER|FLOW_PKT_ESTABLISHED; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - DetectEngineCtx *de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->mpm_matcher = mpm_default_matcher; - de_ctx->flags |= DE_QUIET; - - Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any " - "(msg:\"Test ja3.hash\"; ja3.hash; " - "content:\"bc6c386f480ee97b9d9e52d472b772d8\"; " - "sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf, sizeof(buf)); - FAIL_IF(r != 0); - - ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF_NULL(ssl_state->client_connp.ja3_hash); - - SigMatchSignatures(&tv, de_ctx, det_ctx, p); - - FAIL_IF_NOT(PacketAlertCheck(p, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&tv, det_ctx); - DetectEngineCtxFree(de_ctx); - - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - UTHFreePacket(p); - - PASS; -} - -static void DetectTlsJa3HashRegisterTests(void) -{ - UtRegisterTest("DetectTlsJa3HashTest01", DetectTlsJa3HashTest01); - UtRegisterTest("DetectTlsJa3HashTest02", DetectTlsJa3HashTest02); -} - -#endif /* HAVE_NSS */ diff -Nru suricata-6.0.9/src/tests/detect-tls-ja3s-hash.c suricata-6.0.10/src/tests/detect-tls-ja3s-hash.c --- suricata-6.0.9/src/tests/detect-tls-ja3s-hash.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/tests/detect-tls-ja3s-hash.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,177 +0,0 @@ -/* Copyright (C) 2019 Open Information Security Foundation - * - * You can copy, redistribute or modify this Program under the terms of - * the GNU General Public License version 2 as published by the Free - * Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * version 2 along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301, USA. - */ - -/** - * \file - * - * \author Mats Klepsland - * - */ - -#ifndef HAVE_NSS - -static void DetectTlsJa3SHashRegisterTests(void) -{ - /* Don't register any tests */ -} - -#else /* HAVE_NSS */ - -/** - * \test Test matching on a JA3S hash from a ServerHello record - */ -static int DetectTlsJa3SHashTest01(void) -{ - /* client hello */ - uint8_t client_hello[] = { - 0x16, 0x03, 0x01, 0x00, 0xc8, 0x01, 0x00, 0x00, - 0xc4, 0x03, 0x03, 0xd6, 0x08, 0x5a, 0xa2, 0x86, - 0x5b, 0x85, 0xd4, 0x40, 0xab, 0xbe, 0xc0, 0xbc, - 0x41, 0xf2, 0x26, 0xf0, 0xfe, 0x21, 0xee, 0x8b, - 0x4c, 0x7e, 0x07, 0xc8, 0xec, 0xd2, 0x00, 0x46, - 0x4c, 0xeb, 0xb7, 0x00, 0x00, 0x16, 0xc0, 0x2b, - 0xc0, 0x2f, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x13, - 0xc0, 0x14, 0x00, 0x33, 0x00, 0x39, 0x00, 0x2f, - 0x00, 0x35, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x85, - 0x00, 0x00, 0x00, 0x12, 0x00, 0x10, 0x00, 0x00, - 0x0d, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, - 0x67, 0x6c, 0x65, 0x2e, 0x6e, 0x6f, 0xff, 0x01, - 0x00, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, - 0x06, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, - 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00, - 0x00, 0x33, 0x74, 0x00, 0x00, 0x00, 0x10, 0x00, - 0x29, 0x00, 0x27, 0x05, 0x68, 0x32, 0x2d, 0x31, - 0x36, 0x05, 0x68, 0x32, 0x2d, 0x31, 0x35, 0x05, - 0x68, 0x32, 0x2d, 0x31, 0x34, 0x02, 0x68, 0x32, - 0x08, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33, 0x2e, - 0x31, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, - 0x2e, 0x31, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x16, 0x00, - 0x14, 0x04, 0x01, 0x05, 0x01, 0x06, 0x01, 0x02, - 0x01, 0x04, 0x03, 0x05, 0x03, 0x06, 0x03, 0x02, - 0x03, 0x04, 0x02, 0x02, 0x02 - }; - - /* server hello */ - uint8_t server_hello[] = { - 0x16, 0x03, 0x03, 0x00, 0x48, 0x02, 0x00, 0x00, - 0x44, 0x03, 0x03, 0x57, 0x91, 0xb8, 0x63, 0xdd, - 0xdb, 0xbb, 0x23, 0xcf, 0x0b, 0x43, 0x02, 0x1d, - 0x46, 0x11, 0x27, 0x5c, 0x98, 0xcf, 0x67, 0xe1, - 0x94, 0x3d, 0x62, 0x7d, 0x38, 0x48, 0x21, 0x23, - 0xa5, 0x62, 0x31, 0x00, 0xc0, 0x2f, 0x00, 0x00, - 0x1c, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x10, - 0x00, 0x05, 0x00, 0x03, 0x02, 0x68, 0x32, 0x00, - 0x0b, 0x00, 0x02, 0x01, 0x00 - }; - - Flow f; - SSLState *ssl_state = NULL; - TcpSession ssn; - Packet *p1 = NULL; - Packet *p2 = NULL; - ThreadVars tv; - DetectEngineThreadCtx *det_ctx = NULL; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&tv, 0, sizeof(ThreadVars)); - memset(&f, 0, sizeof(Flow)); - memset(&ssn, 0, sizeof(TcpSession)); - - p1 = UTHBuildPacketReal(client_hello, sizeof(client_hello), IPPROTO_TCP, - "192.168.1.5", "192.168.1.1", 51251, 443); - p2 = UTHBuildPacketReal(server_hello, sizeof(server_hello), IPPROTO_TCP, - "192.168.1.1", "192.168.1.5", 443, 51251); - - FLOW_INITIALIZE(&f); - f.flags |= FLOW_IPV4; - f.proto = IPPROTO_TCP; - f.protomap = FlowGetProtoMapping(f.proto); - f.alproto = ALPROTO_TLS; - - p1->flow = &f; - p1->flags |= PKT_HAS_FLOW | PKT_STREAM_EST; - p1->flowflags |= FLOW_PKT_TOSERVER; - p1->flowflags |= FLOW_PKT_ESTABLISHED; - p1->pcap_cnt = 1; - - p2->flow = &f; - p2->flags |= PKT_HAS_FLOW | PKT_STREAM_EST; - p2->flowflags |= FLOW_PKT_TOCLIENT; - p2->flowflags |= FLOW_PKT_ESTABLISHED; - p2->pcap_cnt = 2; - - StreamTcpInitConfig(TRUE); - - DetectEngineCtx *de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->mpm_matcher = mpm_default_matcher; - de_ctx->flags |= DE_QUIET; - - Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any " - "(msg:\"Test ja3s.hash\"; " - "ja3s.hash; " - "content:\"8217013c502e3461d19c75bb02a12aaf\"; " - "sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, client_hello, - sizeof(client_hello)); - - FAIL_IF(r != 0); - - ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - SigMatchSignatures(&tv, de_ctx, det_ctx, p1); - - FAIL_IF(PacketAlertCheck(p1, 1)); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, - server_hello, sizeof(server_hello)); - - FAIL_IF(r != 0); - - FAIL_IF_NULL(ssl_state->server_connp.ja3_hash); - - SigMatchSignatures(&tv, de_ctx, det_ctx, p2); - - FAIL_IF_NOT(PacketAlertCheck(p2, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&tv, det_ctx); - DetectEngineCtxFree(de_ctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - UTHFreePacket(p1); - UTHFreePacket(p2); - - PASS; -} - -void DetectTlsJa3SHashRegisterTests(void) -{ - UtRegisterTest("DetectTlsJa3SHashTest01", DetectTlsJa3SHashTest01); -} - -#endif /* HAVE_NSS */ diff -Nru suricata-6.0.9/src/tests/detect-tls-ja3s-string.c suricata-6.0.10/src/tests/detect-tls-ja3s-string.c --- suricata-6.0.9/src/tests/detect-tls-ja3s-string.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/tests/detect-tls-ja3s-string.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,170 +0,0 @@ -/* Copyright (C) 2019 Open Information Security Foundation - * - * You can copy, redistribute or modify this Program under the terms of - * the GNU General Public License version 2 as published by the Free - * Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * version 2 along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301, USA. - */ - -#ifndef HAVE_NSS - -static void DetectTlsJa3SStringRegisterTests(void) -{ - /* Don't register any tests */ -} - -#else /* HAVE_NSS */ - -/** - * \test Test matching on a simple client hello packet - */ -static int DetectTlsJa3SStringTest01(void) -{ - /* client hello */ - uint8_t client_hello[] = { - 0x16, 0x03, 0x01, 0x00, 0xc8, 0x01, 0x00, 0x00, - 0xc4, 0x03, 0x03, 0xd6, 0x08, 0x5a, 0xa2, 0x86, - 0x5b, 0x85, 0xd4, 0x40, 0xab, 0xbe, 0xc0, 0xbc, - 0x41, 0xf2, 0x26, 0xf0, 0xfe, 0x21, 0xee, 0x8b, - 0x4c, 0x7e, 0x07, 0xc8, 0xec, 0xd2, 0x00, 0x46, - 0x4c, 0xeb, 0xb7, 0x00, 0x00, 0x16, 0xc0, 0x2b, - 0xc0, 0x2f, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x13, - 0xc0, 0x14, 0x00, 0x33, 0x00, 0x39, 0x00, 0x2f, - 0x00, 0x35, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x85, - 0x00, 0x00, 0x00, 0x12, 0x00, 0x10, 0x00, 0x00, - 0x0d, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, - 0x67, 0x6c, 0x65, 0x2e, 0x6e, 0x6f, 0xff, 0x01, - 0x00, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, - 0x06, 0x00, 0x17, 0x00, 0x18, 0x00, 0x19, 0x00, - 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00, - 0x00, 0x33, 0x74, 0x00, 0x00, 0x00, 0x10, 0x00, - 0x29, 0x00, 0x27, 0x05, 0x68, 0x32, 0x2d, 0x31, - 0x36, 0x05, 0x68, 0x32, 0x2d, 0x31, 0x35, 0x05, - 0x68, 0x32, 0x2d, 0x31, 0x34, 0x02, 0x68, 0x32, - 0x08, 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33, 0x2e, - 0x31, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, - 0x2e, 0x31, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x16, 0x00, - 0x14, 0x04, 0x01, 0x05, 0x01, 0x06, 0x01, 0x02, - 0x01, 0x04, 0x03, 0x05, 0x03, 0x06, 0x03, 0x02, - 0x03, 0x04, 0x02, 0x02, 0x02 - }; - - /* server hello */ - uint8_t server_hello[] = { - 0x16, 0x03, 0x03, 0x00, 0x48, 0x02, 0x00, 0x00, - 0x44, 0x03, 0x03, 0x57, 0x91, 0xb8, 0x63, 0xdd, - 0xdb, 0xbb, 0x23, 0xcf, 0x0b, 0x43, 0x02, 0x1d, - 0x46, 0x11, 0x27, 0x5c, 0x98, 0xcf, 0x67, 0xe1, - 0x94, 0x3d, 0x62, 0x7d, 0x38, 0x48, 0x21, 0x23, - 0xa5, 0x62, 0x31, 0x00, 0xc0, 0x2f, 0x00, 0x00, - 0x1c, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x10, - 0x00, 0x05, 0x00, 0x03, 0x02, 0x68, 0x32, 0x00, - 0x0b, 0x00, 0x02, 0x01, 0x00 - }; - - Flow f; - SSLState *ssl_state = NULL; - TcpSession ssn; - Packet *p1 = NULL; - Packet *p2 = NULL; - ThreadVars tv; - DetectEngineThreadCtx *det_ctx = NULL; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&tv, 0, sizeof(ThreadVars)); - memset(&f, 0, sizeof(Flow)); - memset(&ssn, 0, sizeof(TcpSession)); - - p1 = UTHBuildPacketReal(client_hello, sizeof(client_hello), IPPROTO_TCP, - "192.168.1.5", "192.168.1.1", 51251, 443); - p2 = UTHBuildPacketReal(server_hello, sizeof(server_hello), IPPROTO_TCP, - "192.168.1.1", "192.168.1.5", 443, 51251); - - FLOW_INITIALIZE(&f); - f.flags |= FLOW_IPV4; - f.proto = IPPROTO_TCP; - f.protomap = FlowGetProtoMapping(f.proto); - f.alproto = ALPROTO_TLS; - - p1->flow = &f; - p1->flags |= PKT_HAS_FLOW | PKT_STREAM_EST; - p1->flowflags |= FLOW_PKT_TOSERVER; - p1->flowflags |= FLOW_PKT_ESTABLISHED; - p1->pcap_cnt = 1; - - p2->flow = &f; - p2->flags |= PKT_HAS_FLOW | PKT_STREAM_EST; - p2->flowflags |= FLOW_PKT_TOCLIENT; - p2->flowflags |= FLOW_PKT_ESTABLISHED; - p2->pcap_cnt = 2; - - StreamTcpInitConfig(TRUE); - - DetectEngineCtx *de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->mpm_matcher = mpm_default_matcher; - de_ctx->flags |= DE_QUIET; - - Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any " - "(msg:\"Test ja3s_hash\"; " - "ja3s.string; " - "content:\"771,49199,65281-0-35-16-11\"; " - "sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, client_hello, - sizeof(client_hello)); - - FAIL_IF(r != 0); - - ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - SigMatchSignatures(&tv, de_ctx, det_ctx, p1); - - FAIL_IF(PacketAlertCheck(p1, 1)); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOCLIENT, - server_hello, sizeof(server_hello)); - - FAIL_IF(r != 0); - - FAIL_IF_NULL(ssl_state->server_connp.ja3_str); - - SigMatchSignatures(&tv, de_ctx, det_ctx, p2); - - FAIL_IF_NOT(PacketAlertCheck(p2, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&tv, det_ctx); - DetectEngineCtxFree(de_ctx); - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - UTHFreePacket(p1); - UTHFreePacket(p2); - - PASS; -} - -static void DetectTlsJa3SStringRegisterTests(void) -{ - UtRegisterTest("DetectTlsJa3SStringTest01", DetectTlsJa3SStringTest01); -} - -#endif /* HAVE_NSS */ diff -Nru suricata-6.0.9/src/tests/detect-tls-ja3-string.c suricata-6.0.10/src/tests/detect-tls-ja3-string.c --- suricata-6.0.9/src/tests/detect-tls-ja3-string.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/tests/detect-tls-ja3-string.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,131 +0,0 @@ -/* Copyright (C) 2019 Open Information Security Foundation - * - * You can copy, redistribute or modify this Program under the terms of - * the GNU General Public License version 2 as published by the Free - * Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * version 2 along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301, USA. - */ - -/** - * \file - * - * \author Mats Klepsland - * - */ - -#ifndef HAVE_NSS - -static void DetectTlsJa3StringRegisterTests(void) -{ - /* Don't register any tests */ -} - -#else /* HAVE_NSS */ - -/** - * \test Test matching on a simple client hello packet - */ -static int DetectTlsJa3StringTest01(void) -{ - /* Client hello */ - uint8_t buf[] = { 0x16, 0x03, 0x03, 0x00, 0x84, 0x01, 0x00, 0x00, 0x7E, - 0x03, 0x03, 0x57, 0x04, 0x9F, 0x5D, 0xC9, 0x5C, 0x87, - 0xAE, 0xF2, 0xA7, 0x4A, 0xFC, 0x59, 0x78, 0x23, 0x31, - 0x61, 0x2D, 0x29, 0x92, 0xB6, 0x70, 0xA5, 0xA1, 0xFC, - 0x0E, 0x79, 0xFE, 0xC3, 0x97, 0x37, 0xC0, 0x00, 0x00, - 0x44, 0x00, 0x04, 0x00, 0x05, 0x00, 0x0A, 0x00, 0x0D, - 0x00, 0x10, 0x00, 0x13, 0x00, 0x16, 0x00, 0x2F, 0x00, - 0x30, 0x00, 0x31, 0x00, 0x32, 0x00, 0x33, 0x00, 0x35, - 0x00, 0x36, 0x00, 0x37, 0x00, 0x38, 0x00, 0x39, 0x00, - 0x3C, 0x00, 0x3D, 0x00, 0x3E, 0x00, 0x3F, 0x00, 0x40, - 0x00, 0x41, 0x00, 0x44, 0x00, 0x45, 0x00, 0x66, 0x00, - 0x67, 0x00, 0x68, 0x00, 0x69, 0x00, 0x6A, 0x00, 0x6B, - 0x00, 0x84, 0x00, 0x87, 0x00, 0xFF, 0x01, 0x00, 0x00, - 0x13, 0x00, 0x00, 0x00, 0x0F, 0x00, 0x0D, 0x00, 0x00, - 0x0A, 0x67, 0x6F, 0x6F, 0x67, 0x6C, 0x65, 0x2E, 0x63, - 0x6F, 0x6D, }; - - - Flow f; - SSLState *ssl_state = NULL; - ThreadVars tv; - DetectEngineThreadCtx *det_ctx = NULL; - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&tv, 0, sizeof(ThreadVars)); - memset(&f, 0, sizeof(Flow)); - memset(&ssn, 0, sizeof(TcpSession)); - - Packet *p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP, - "192.168.1.5", "192.168.1.1", - 41424, 443); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.flags |= FLOW_IPV4; - f.proto = IPPROTO_TCP; - f.protomap = FlowGetProtoMapping(f.proto); - - p->flow = &f; - p->flags |= PKT_HAS_FLOW|PKT_STREAM_EST; - p->flowflags |= FLOW_PKT_TOSERVER|FLOW_PKT_ESTABLISHED; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - DetectEngineCtx *de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->mpm_matcher = mpm_default_matcher; - de_ctx->flags |= DE_QUIET; - - Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any " - "(msg:\"Test ja3.string\"; ja3.string; " - "content:\"-65-68-69-102-103-104-105-106-107-132-135-255,0,,\"; " - "sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf, sizeof(buf)); - FAIL_IF(r != 0); - - ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF_NULL(ssl_state->client_connp.ja3_str); - FAIL_IF_NULL(ssl_state->client_connp.ja3_str->data); - - SigMatchSignatures(&tv, de_ctx, det_ctx, p); - - FAIL_IF_NOT(PacketAlertCheck(p, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&tv, det_ctx); - DetectEngineCtxFree(de_ctx); - - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - UTHFreePacket(p); - - PASS; -} - -static void DetectTlsJa3StringRegisterTests(void) -{ - UtRegisterTest("DetectTlsJa3StringTest01", DetectTlsJa3StringTest01); -} - -#endif /* HAVE_NSS */ diff -Nru suricata-6.0.9/src/tests/detect-tls-sni.c suricata-6.0.10/src/tests/detect-tls-sni.c --- suricata-6.0.9/src/tests/detect-tls-sni.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/tests/detect-tls-sni.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,213 +0,0 @@ -/* Copyright (C) 2007-2019 Open Information Security Foundation - * - * You can copy, redistribute or modify this Program under the terms of - * the GNU General Public License version 2 as published by the Free - * Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * version 2 along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA - * 02110-1301, USA. - */ - -/** - * \file - * - * \author Mats Klepsland - * - */ - -/** - * \test Test matching on a simple google.com SNI - */ -static int DetectTlsSniTest01(void) -{ - /* client hello */ - uint8_t buf[] = { 0x16, 0x03, 0x03, 0x00, 0x84, 0x01, 0x00, 0x00, 0x7E, - 0x03, 0x03, 0x57, 0x04, 0x9F, 0x5D, 0xC9, 0x5C, 0x87, - 0xAE, 0xF2, 0xA7, 0x4A, 0xFC, 0x59, 0x78, 0x23, 0x31, - 0x61, 0x2D, 0x29, 0x92, 0xB6, 0x70, 0xA5, 0xA1, 0xFC, - 0x0E, 0x79, 0xFE, 0xC3, 0x97, 0x37, 0xC0, 0x00, 0x00, - 0x44, 0x00, 0x04, 0x00, 0x05, 0x00, 0x0A, 0x00, 0x0D, - 0x00, 0x10, 0x00, 0x13, 0x00, 0x16, 0x00, 0x2F, 0x00, - 0x30, 0x00, 0x31, 0x00, 0x32, 0x00, 0x33, 0x00, 0x35, - 0x00, 0x36, 0x00, 0x37, 0x00, 0x38, 0x00, 0x39, 0x00, - 0x3C, 0x00, 0x3D, 0x00, 0x3E, 0x00, 0x3F, 0x00, 0x40, - 0x00, 0x41, 0x00, 0x44, 0x00, 0x45, 0x00, 0x66, 0x00, - 0x67, 0x00, 0x68, 0x00, 0x69, 0x00, 0x6A, 0x00, 0x6B, - 0x00, 0x84, 0x00, 0x87, 0x00, 0xFF, 0x01, 0x00, 0x00, - 0x13, 0x00, 0x00, 0x00, 0x0F, 0x00, 0x0D, 0x00, 0x00, - 0x0A, 0x67, 0x6F, 0x6F, 0x67, 0x6C, 0x65, 0x2E, 0x63, - 0x6F, 0x6D, }; - - Flow f; - SSLState *ssl_state = NULL; - ThreadVars tv; - DetectEngineThreadCtx *det_ctx = NULL; - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&tv, 0, sizeof(ThreadVars)); - memset(&f, 0, sizeof(Flow)); - memset(&ssn, 0, sizeof(TcpSession)); - - Packet *p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP, - "192.168.1.5", "192.168.1.1", - 41424, 443); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.flags |= FLOW_IPV4; - f.proto = IPPROTO_TCP; - f.protomap = FlowGetProtoMapping(f.proto); - - p->flow = &f; - p->flags |= PKT_HAS_FLOW|PKT_STREAM_EST; - p->flowflags |= FLOW_PKT_TOSERVER|FLOW_PKT_ESTABLISHED; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - DetectEngineCtx *de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->mpm_matcher = mpm_default_matcher; - de_ctx->flags |= DE_QUIET; - - Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any " - "(msg:\"Test tls.sni option\"; " - "tls.sni; content:\"google.com\"; sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf, sizeof(buf)); - FAIL_IF(r != 0); - - ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - /* do detect */ - SigMatchSignatures(&tv, de_ctx, det_ctx, p); - - FAIL_IF_NOT(PacketAlertCheck(p, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&tv, det_ctx); - DetectEngineCtxFree(de_ctx); - - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - UTHFreePacket(p); - - PASS; -} - -/** - * \test Test matching on a simple google.com SNI with pcre - */ -static int DetectTlsSniTest02(void) -{ - /* client hello */ - uint8_t buf[] = { 0x16, 0x03, 0x03, 0x00, 0x84, 0x01, 0x00, 0x00, 0x7E, - 0x03, 0x03, 0x57, 0x04, 0x9F, 0x5D, 0xC9, 0x5C, 0x87, - 0xAE, 0xF2, 0xA7, 0x4A, 0xFC, 0x59, 0x78, 0x23, 0x31, - 0x61, 0x2D, 0x29, 0x92, 0xB6, 0x70, 0xA5, 0xA1, 0xFC, - 0x0E, 0x79, 0xFE, 0xC3, 0x97, 0x37, 0xC0, 0x00, 0x00, - 0x44, 0x00, 0x04, 0x00, 0x05, 0x00, 0x0A, 0x00, 0x0D, - 0x00, 0x10, 0x00, 0x13, 0x00, 0x16, 0x00, 0x2F, 0x00, - 0x30, 0x00, 0x31, 0x00, 0x32, 0x00, 0x33, 0x00, 0x35, - 0x00, 0x36, 0x00, 0x37, 0x00, 0x38, 0x00, 0x39, 0x00, - 0x3C, 0x00, 0x3D, 0x00, 0x3E, 0x00, 0x3F, 0x00, 0x40, - 0x00, 0x41, 0x00, 0x44, 0x00, 0x45, 0x00, 0x66, 0x00, - 0x67, 0x00, 0x68, 0x00, 0x69, 0x00, 0x6A, 0x00, 0x6B, - 0x00, 0x84, 0x00, 0x87, 0x00, 0xFF, 0x01, 0x00, 0x00, - 0x13, 0x00, 0x00, 0x00, 0x0F, 0x00, 0x0D, 0x00, 0x00, - 0x0A, 0x67, 0x6F, 0x6F, 0x67, 0x6C, 0x65, 0x2E, 0x63, - 0x6F, 0x6D, }; - - Flow f; - SSLState *ssl_state = NULL; - ThreadVars tv; - DetectEngineThreadCtx *det_ctx = NULL; - TcpSession ssn; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&tv, 0, sizeof(ThreadVars)); - memset(&f, 0, sizeof(Flow)); - memset(&ssn, 0, sizeof(TcpSession)); - - Packet *p = UTHBuildPacketReal(buf, sizeof(buf), IPPROTO_TCP, - "192.168.1.5", "192.168.1.1", - 41424, 443); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.flags |= FLOW_IPV4; - f.proto = IPPROTO_TCP; - f.protomap = FlowGetProtoMapping(f.proto); - - p->flow = &f; - p->flags |= PKT_HAS_FLOW|PKT_STREAM_EST; - p->flowflags |= FLOW_PKT_TOSERVER|FLOW_PKT_ESTABLISHED; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - DetectEngineCtx *de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->mpm_matcher = mpm_default_matcher; - de_ctx->flags |= DE_QUIET; - - Signature *s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any " - "(msg:\"Test tls.sni option\"; " - "tls.sni; content:\"google\"; nocase; " - "pcre:\"/google\\.com$/i\"; sid:1;)"); - FAIL_IF_NULL(s); - - s = DetectEngineAppendSig(de_ctx, "alert tls any any -> any any " - "(msg:\"Test tls.sni option\"; " - "tls.sni; content:\"google\"; nocase; " - "pcre:\"/^\\.[a-z]{2,3}$/iR\"; sid:2;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&tv, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, buf, sizeof(buf)); - FAIL_IF(r != 0); - - ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - /* do detect */ - SigMatchSignatures(&tv, de_ctx, det_ctx, p); - - FAIL_IF_NOT(PacketAlertCheck(p, 1)); - FAIL_IF_NOT(PacketAlertCheck(p, 2)); - - AppLayerParserThreadCtxFree(alp_tctx); - DetectEngineThreadCtxDeinit(&tv, det_ctx); - DetectEngineCtxFree(de_ctx); - - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - UTHFreePacket(p); - - PASS; -} - -static void DetectTlsSniRegisterTests(void) -{ - UtRegisterTest("DetectTlsSniTest01", DetectTlsSniTest01); - UtRegisterTest("DetectTlsSniTest02", DetectTlsSniTest02); -} diff -Nru suricata-6.0.9/src/tests/detect-tls-version.c suricata-6.0.10/src/tests/detect-tls-version.c --- suricata-6.0.9/src/tests/detect-tls-version.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/tests/detect-tls-version.c 2023-01-31 06:26:24.000000000 +0000 @@ -50,192 +50,6 @@ PASS; } -#include "stream-tcp-reassemble.h" - -/** \test Send a get request in three chunks + more data. */ -static int DetectTlsVersionTestDetect01(void) -{ - Flow f; - uint8_t tlsbuf1[] = { 0x16 }; - uint32_t tlslen1 = sizeof(tlsbuf1); - uint8_t tlsbuf2[] = { 0x03 }; - uint32_t tlslen2 = sizeof(tlsbuf2); - uint8_t tlsbuf3[] = { 0x01 }; - uint32_t tlslen3 = sizeof(tlsbuf3); - uint8_t tlsbuf4[] = { 0x01, 0x00, 0x00, 0xad, 0x03, 0x01 }; - uint32_t tlslen4 = sizeof(tlsbuf4); - TcpSession ssn; - Packet *p = NULL; - Signature *s = NULL; - ThreadVars th_v; - DetectEngineThreadCtx *det_ctx = NULL; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&th_v, 0, sizeof(th_v)); - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - - p = UTHBuildPacket(NULL, 0, IPPROTO_TCP); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - p->flow = &f; - p->flowflags |= FLOW_PKT_TOSERVER; - p->flowflags |= FLOW_PKT_ESTABLISHED; - p->flags |= PKT_HAS_FLOW|PKT_STREAM_EST; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - DetectEngineCtx *de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->flags |= DE_QUIET; - - s = de_ctx->sig_list = SigInit(de_ctx,"alert tls any any -> any any (msg:\"TLS\"; tls.version:1.0; sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, tlsbuf1, tlslen1); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf2, tlslen2); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf3, tlslen3); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf4, tlslen4); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10); - - SCLogDebug("ssl_state is at %p, ssl_state->server_version 0x%02X " - "ssl_state->client_version 0x%02X", - ssl_state, ssl_state->server_connp.version, - ssl_state->client_connp.version); - - /* do detect */ - SigMatchSignatures(&th_v, de_ctx, det_ctx, p); - - FAIL_IF_NOT(PacketAlertCheck(p, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - SigGroupCleanup(de_ctx); - SigCleanSignatures(de_ctx); - - DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); - DetectEngineCtxFree(de_ctx); - - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - UTHFreePackets(&p, 1); - - PASS; -} - -static int DetectTlsVersionTestDetect02(void) -{ - Flow f; - uint8_t tlsbuf1[] = { 0x16 }; - uint32_t tlslen1 = sizeof(tlsbuf1); - uint8_t tlsbuf2[] = { 0x03 }; - uint32_t tlslen2 = sizeof(tlsbuf2); - uint8_t tlsbuf3[] = { 0x01 }; - uint32_t tlslen3 = sizeof(tlsbuf3); - uint8_t tlsbuf4[] = { 0x01, 0x00, 0x00, 0xad, 0x03, 0x02 }; - uint32_t tlslen4 = sizeof(tlsbuf4); - TcpSession ssn; - Packet *p = NULL; - Signature *s = NULL; - ThreadVars th_v; - DetectEngineThreadCtx *det_ctx = NULL; - AppLayerParserThreadCtx *alp_tctx = AppLayerParserThreadCtxAlloc(); - - memset(&th_v, 0, sizeof(th_v)); - memset(&f, 0, sizeof(f)); - memset(&ssn, 0, sizeof(ssn)); - - p = UTHBuildPacket(NULL, 0, IPPROTO_TCP); - - FLOW_INITIALIZE(&f); - f.protoctx = (void *)&ssn; - f.proto = IPPROTO_TCP; - p->flow = &f; - p->flowflags |= FLOW_PKT_TOSERVER; - p->flowflags |= FLOW_PKT_ESTABLISHED; - p->flags |= PKT_HAS_FLOW|PKT_STREAM_EST; - f.alproto = ALPROTO_TLS; - - StreamTcpInitConfig(TRUE); - - DetectEngineCtx *de_ctx = DetectEngineCtxInit(); - FAIL_IF_NULL(de_ctx); - - de_ctx->flags |= DE_QUIET; - - s = de_ctx->sig_list = SigInit(de_ctx,"alert tls any any -> any any (msg:\"TLS\"; tls.version:1.0; sid:1;)"); - FAIL_IF_NULL(s); - - SigGroupBuild(de_ctx); - DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); - - int r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, - STREAM_TOSERVER, tlsbuf1, tlslen1); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf2, tlslen2); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf3, tlslen3); - FAIL_IF(r != 0); - - r = AppLayerParserParse(NULL, alp_tctx, &f, ALPROTO_TLS, STREAM_TOSERVER, - tlsbuf4, tlslen4); - FAIL_IF(r != 0); - - SSLState *ssl_state = f.alstate; - FAIL_IF_NULL(ssl_state); - - FAIL_IF(ssl_state->client_connp.content_type != 0x16); - - FAIL_IF(ssl_state->client_connp.version != TLS_VERSION_10); - - /* do detect */ - SigMatchSignatures(&th_v, de_ctx, det_ctx, p); - - FAIL_IF_NOT(PacketAlertCheck(p, 1)); - - AppLayerParserThreadCtxFree(alp_tctx); - SigGroupCleanup(de_ctx); - SigCleanSignatures(de_ctx); - - DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); - DetectEngineCtxFree(de_ctx); - - StreamTcpFreeConfig(TRUE); - FLOW_DESTROY(&f); - - UTHFreePackets(&p, 1); - - PASS; -} - /** * \brief this function registers unit tests for DetectTlsVersion */ @@ -243,8 +57,4 @@ { UtRegisterTest("DetectTlsVersionTestParse01", DetectTlsVersionTestParse01); UtRegisterTest("DetectTlsVersionTestParse02", DetectTlsVersionTestParse02); - UtRegisterTest("DetectTlsVersionTestDetect01", - DetectTlsVersionTestDetect01); - UtRegisterTest("DetectTlsVersionTestDetect02", - DetectTlsVersionTestDetect02); } diff -Nru suricata-6.0.9/src/tests/fuzz/fuzz_applayerparserparse.c suricata-6.0.10/src/tests/fuzz/fuzz_applayerparserparse.c --- suricata-6.0.9/src/tests/fuzz/fuzz_applayerparserparse.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/tests/fuzz/fuzz_applayerparserparse.c 2023-01-31 06:26:24.000000000 +0000 @@ -16,6 +16,7 @@ #define HEADER_LEN 6 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); +int LLVMFuzzerInitialize(int *argc, char ***argv); AppLayerParserThreadCtx *alp_tctx = NULL; @@ -35,6 +36,30 @@ SCInstance surifuzz; uint64_t forceLayer = 0; +int LLVMFuzzerInitialize(int *argc, char ***argv) +{ + char *target_suffix = strrchr((*argv)[0], '_'); + if (target_suffix != NULL) { + AppProto applayer = StringToAppProto(target_suffix + 1); + if (applayer != ALPROTO_UNKNOWN) { + forceLayer = applayer; + printf("Forcing %s=%" PRIu64 "\n", AppProtoToString(forceLayer), forceLayer); + return 0; + } + } + // else + const char *forceLayerStr = getenv("FUZZ_APPLAYER"); + if (forceLayerStr) { + if (ByteExtractStringUint64(&forceLayer, 10, 0, forceLayerStr) < 0) { + forceLayer = 0; + printf("Invalid numeric value for FUZZ_APPLAYER environment variable"); + } else { + printf("Forcing %s\n", AppProtoToString(forceLayer)); + } + } + return 0; +} + int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { Flow * f; @@ -68,15 +93,6 @@ PostConfLoadedSetup(&surifuzz); alp_tctx = AppLayerParserThreadCtxAlloc(); - const char* forceLayerStr = getenv("FUZZ_APPLAYER"); - if (forceLayerStr) { - if (ByteExtractStringUint64(&forceLayer, 10, 0, forceLayerStr) < 0) { - forceLayer = 0; - printf("Invalid numeric value for FUZZ_APPLAYER environment variable"); - } else { - printf("Forcing %s\n", AppProtoToString(forceLayer)); - } - } } if (data[0] >= ALPROTO_MAX) { diff -Nru suricata-6.0.9/src/tests/fuzz/fuzz_sigpcap.c suricata-6.0.10/src/tests/fuzz/fuzz_sigpcap.c --- suricata-6.0.9/src/tests/fuzz/fuzz_sigpcap.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/tests/fuzz/fuzz_sigpcap.c 2023-01-31 06:26:24.000000000 +0000 @@ -1,7 +1,7 @@ /** * @file * @author Philippe Antoine - * fuzz target for AppLayerProtoDetectGetProto + * fuzz target for signature file and pcap file */ #include "suricata-common.h" @@ -141,6 +141,9 @@ //loop over packets r = pcap_next_ex(pkts, &header, &pkt); p = PacketGetFromAlloc(); + if (r <= 0 || header->ts.tv_sec >= INT_MAX - 3600 || header->ts.tv_usec < 0) { + goto bail; + } p->ts.tv_sec = header->ts.tv_sec; p->ts.tv_usec = header->ts.tv_usec % 1000000; p->datalink = pcap_datalink(pkts); @@ -165,12 +168,16 @@ } r = pcap_next_ex(pkts, &header, &pkt); PACKET_RECYCLE(p); + if (r <= 0 || header->ts.tv_sec >= INT_MAX - 3600 || header->ts.tv_usec < 0) { + goto bail; + } p->ts.tv_sec = header->ts.tv_sec; p->ts.tv_usec = header->ts.tv_usec % 1000000; p->datalink = pcap_datalink(pkts); pcap_cnt++; p->pcap_cnt = pcap_cnt; } +bail: //close structure pcap_close(pkts); PacketFree(p); diff -Nru suricata-6.0.9/src/tm-threads.c suricata-6.0.10/src/tm-threads.c --- suricata-6.0.9/src/tm-threads.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/tm-threads.c 2023-01-31 06:26:24.000000000 +0000 @@ -1864,7 +1864,7 @@ /** * \brief Unpauses all threads present in tv_root */ -void TmThreadContinueThreads() +void TmThreadContinueThreads(void) { SCMutexLock(&tv_root_lock); for (int i = 0; i < TVT_MAX; i++) { @@ -1892,7 +1892,7 @@ /** * \brief Pauses all threads present in tv_root */ -void TmThreadPauseThreads() +void TmThreadPauseThreads(void) { TmThreadsListThreads(); @@ -2291,7 +2291,7 @@ SCLogDebug("ts->tv_sec %"PRIuMAX, (uintmax_t)ts->tv_sec); } -uint16_t TmThreadsGetWorkerThreadMax() +uint16_t TmThreadsGetWorkerThreadMax(void) { uint16_t ncpus = UtilCpuGetNumProcessorsOnline(); int thread_max = TmThreadGetNbThreads(WORKER_CPU_SET); diff -Nru suricata-6.0.9/src/util-action.c suricata-6.0.10/src/util-action.c --- suricata-6.0.9/src/util-action.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-action.c 2023-01-31 06:26:24.000000000 +0000 @@ -95,7 +95,7 @@ * * \retval 0 on success; -1 on fatal error; */ -int ActionInitConfig() +int ActionInitConfig(void) { uint8_t actions_used = 0; uint8_t action_flag = 0; diff -Nru suricata-6.0.9/src/util-affinity.c suricata-6.0.10/src/util-affinity.c --- suricata-6.0.9/src/util-affinity.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-affinity.c 2023-01-31 06:26:24.000000000 +0000 @@ -177,7 +177,7 @@ * \brief Extract cpu affinity configuration from current config file */ -void AffinitySetupLoadFromConfig() +void AffinitySetupLoadFromConfig(void) { #if !defined __CYGWIN__ && !defined OS_WIN32 && !defined __OpenBSD__ && !defined sun ConfNode *root = ConfGetNode("threading.cpu-affinity"); diff -Nru suricata-6.0.9/src/util-conf.c suricata-6.0.10/src/util-conf.c --- suricata-6.0.9/src/util-conf.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-conf.c 2023-01-31 06:26:24.000000000 +0000 @@ -32,7 +32,7 @@ return ConfSetFinal("default-log-dir", name) ? TM_ECODE_OK : TM_ECODE_FAILED; } -const char *ConfigGetLogDirectory() +const char *ConfigGetLogDirectory(void) { const char *log_dir = NULL; @@ -79,7 +79,7 @@ return ConfSetFinal("default-data-dir", tmp) ? TM_ECODE_OK : TM_ECODE_FAILED; } -const char *ConfigGetDataDirectory() +const char *ConfigGetDataDirectory(void) { const char *data_dir = NULL; diff -Nru suricata-6.0.9/src/util-debug.c suricata-6.0.10/src/util-debug.c --- suricata-6.0.9/src/util-debug.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-debug.c 2023-01-31 06:26:24.000000000 +0000 @@ -1725,7 +1725,7 @@ #endif /* UNITTESTS */ -void SCLogRegisterTests() +void SCLogRegisterTests(void) { #ifdef UNITTESTS diff -Nru suricata-6.0.9/src/util-debug-filters.c suricata-6.0.10/src/util-debug-filters.c --- suricata-6.0.9/src/util-debug-filters.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-debug-filters.c 2023-01-31 06:26:24.000000000 +0000 @@ -405,7 +405,7 @@ * * \retval count The no of FG filters */ -int SCLogPrintFGFilters() +int SCLogPrintFGFilters(void) { SCLogFGFilterFile *fgf_file = NULL; SCLogFGFilterFunc *fgf_func = NULL; diff -Nru suricata-6.0.9/src/util-decode-mime.c suricata-6.0.10/src/util-decode-mime.c --- suricata-6.0.9/src/util-decode-mime.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-decode-mime.c 2023-01-31 06:26:24.000000000 +0000 @@ -1301,6 +1301,24 @@ return buf_consumed; } +static inline MimeDecRetCode ProcessBase64BodyLineCopyRemainder( + const uint8_t *buf, const uint32_t buf_len, const uint32_t offset, MimeDecParseState *state) +{ + DEBUG_VALIDATE_BUG_ON(offset > buf_len); + if (offset > buf_len) + return MIME_DEC_ERR_DATA; + + for (uint32_t i = offset; i < buf_len; i++) { + if (buf[i] != ' ') { + DEBUG_VALIDATE_BUG_ON(state->bvr_len >= B64_BLOCK); + if (state->bvr_len >= B64_BLOCK) + return MIME_DEC_ERR_DATA; + state->bvremain[state->bvr_len++] = buf[i]; + } + } + return MIME_DEC_OK; +} + /** * \brief Processes a body line by base64-decoding and passing to the data chunk * processing callback function when the buffer is read @@ -1321,14 +1339,11 @@ if (len > MAX_ENC_LINE_LEN) { state->stack->top->data->anomaly_flags |= ANOM_LONG_ENC_LINE; state->msg->anomaly_flags |= ANOM_LONG_ENC_LINE; - SCLogDebug("Error: Max encoded input line length exceeded %u > %u", - len, MAX_ENC_LINE_LEN); + SCLogDebug("max encoded input line length exceeded %u > %u", len, MAX_ENC_LINE_LEN); } if (state->bvr_len + len < B64_BLOCK) { - memcpy(state->bvremain + state->bvr_len, buf, len); - state->bvr_len += len; - return MIME_DEC_OK; + return ProcessBase64BodyLineCopyRemainder(buf, len, 0, state); } /* First process remaining from previous line. We will consume @@ -1344,11 +1359,7 @@ uint32_t left = len - consumed; if (left < B64_BLOCK) { DEBUG_VALIDATE_BUG_ON(left + state->bvr_len > B64_BLOCK); - if (left + state->bvr_len > B64_BLOCK) - return MIME_DEC_ERR_PARSE; - memcpy(state->bvremain, buf + consumed, left); - state->bvr_len += left; - return MIME_DEC_OK; + return ProcessBase64BodyLineCopyRemainder(buf, len, consumed, state); } remaining -= consumed; @@ -1401,23 +1412,11 @@ * size. We strip of spaces this while storing it in bvremain */ if (consumed_bytes == 0 && leftover_bytes > B64_BLOCK) { DEBUG_VALIDATE_BUG_ON(state->bvr_len != 0); - for (uint32_t i = 0; i < leftover_bytes; i++) { - if (buf[offset] != ' ') { - DEBUG_VALIDATE_BUG_ON(state->bvr_len >= B64_BLOCK); - if (state->bvr_len >= B64_BLOCK) - return MIME_DEC_ERR_DATA; - state->bvremain[state->bvr_len++] = buf[offset]; - } - offset++; - } - return MIME_DEC_OK; - + return ProcessBase64BodyLineCopyRemainder(buf, len, offset, state); } else if (leftover_bytes > 0 && leftover_bytes <= B64_BLOCK) { /* If remaining is 4 by this time, we encountered spaces during processing */ DEBUG_VALIDATE_BUG_ON(state->bvr_len != 0); - memcpy(state->bvremain, buf + offset + consumed_bytes, leftover_bytes); - state->bvr_len = leftover_bytes; - return MIME_DEC_OK; + return ProcessBase64BodyLineCopyRemainder(buf, len, offset + consumed_bytes, state); } /* Update counts */ @@ -1480,6 +1479,12 @@ SCLogDebug("Error: Max encoded input line length exceeded %u > %u", len, MAX_ENC_LINE_LEN); } + if (len == 0) { + memcpy(state->data_chunk + state->data_chunk_len, buf + len, + state->current_line_delimiter_len); + state->data_chunk_len += state->current_line_delimiter_len; + return ProcessDecodedDataChunk(state->data_chunk, state->data_chunk_len, state); + } remaining = len; offset = 0; @@ -2280,9 +2285,6 @@ if (mdcfg->decode_base64 && (entity->ctnt_flags & CTNT_IS_BASE64)) { SCLogDebug("skip empty line"); return MIME_DEC_OK; - } else if (mdcfg->decode_quoted_printable && (entity->ctnt_flags & CTNT_IS_QP)) { - SCLogDebug("skip empty line"); - return MIME_DEC_OK; } SCLogDebug("not skipping empty line"); } diff -Nru suricata-6.0.9/src/util-device.c suricata-6.0.10/src/util-device.c --- suricata-6.0.9/src/util-device.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-device.c 2023-01-31 06:26:24.000000000 +0000 @@ -277,7 +277,6 @@ */ LiveDevice *LiveGetDevice(const char *name) { - int i = 0; LiveDevice *pd; if (name == NULL) { @@ -289,8 +288,6 @@ if (!strcmp(name, pd->dev)) { return pd; } - - i++; } return NULL; @@ -339,12 +336,12 @@ * * This can be useful in the case, this is not a real interface. */ -void LiveDeviceHasNoStats() +void LiveDeviceHasNoStats(void) { live_devices_stats = 0; } -int LiveDeviceListClean() +int LiveDeviceListClean(void) { SCEnter(); LiveDevice *pd, *tpd; diff -Nru suricata-6.0.9/src/util-ebpf.c suricata-6.0.10/src/util-ebpf.c --- suricata-6.0.9/src/util-ebpf.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-ebpf.c 2023-01-31 06:26:24.000000000 +0000 @@ -372,9 +372,19 @@ #endif if (!strcmp(title, section)) { if (config->flags & EBPF_SOCKET_FILTER) { +#ifdef HAVE_BPF_PROGRAM__SET_TYPE + bpf_program__set_type(bpfprog, BPF_PROG_TYPE_SOCKET_FILTER); +#else + /* Fall back to legacy API */ bpf_program__set_socket_filter(bpfprog); +#endif } else { +#ifdef HAVE_BPF_PROGRAM__SET_TYPE + bpf_program__set_type(bpfprog, BPF_PROG_TYPE_XDP); +#else + /* Fall back to legacy API */ bpf_program__set_xdp(bpfprog); +#endif } found = true; break; @@ -488,7 +498,12 @@ "Unknown interface '%s'", iface); return -1; } +#ifdef HAVE_BPF_XDP_ATTACH + int err = bpf_xdp_attach(ifindex, fd, flags, NULL); +#else + /* Fall back to legacy API */ int err = bpf_set_link_xdp_fd(ifindex, fd, flags); +#endif if (err != 0) { char buf[129]; libbpf_strerror(err, buf, sizeof(buf)); diff -Nru suricata-6.0.9/src/util-hash-lookup3.c suricata-6.0.10/src/util-hash-lookup3.c --- suricata-6.0.9/src/util-hash-lookup3.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-hash-lookup3.c 2023-01-31 06:26:24.000000000 +0000 @@ -940,7 +940,7 @@ #ifdef SELF_TEST /* used for timings */ -void driver1() +void driver1(void) { uint8_t buf[256]; uint32_t i; @@ -962,7 +962,7 @@ #define HASHLEN 1 #define MAXPAIR 60 #define MAXLEN 70 -void driver2() +void driver2(void) { uint8_t qa[MAXLEN+1], qb[MAXLEN+2], *a = &qa[0], *b = &qb[1]; uint32_t c[HASHSTATE], d[HASHSTATE], i=0, j=0, k, l, m=0, z; @@ -1032,7 +1032,7 @@ } /* Check for reading beyond the end of the buffer and alignment problems */ -void driver3() +void driver3(void) { uint8_t buf[MAXLEN+20], *b; uint32_t len; @@ -1123,7 +1123,7 @@ } /* check for problems with nulls */ - void driver4() +void driver4(void) { uint8_t buf[1]; uint32_t h,i,state[HASHSTATE]; @@ -1139,7 +1139,7 @@ } } -void driver5() +void driver5(void) { uint32_t b,c; b=0, c=0, hashlittle2("", 0, &c, &b); @@ -1160,8 +1160,7 @@ printf("hash is %.8lx\n", c); /* cd628161 */ } - -int main() +int main(void) { driver1(); /* test that the key is hashed: used for timings */ driver2(); /* test that whole key is hashed thoroughly */ diff -Nru suricata-6.0.9/src/util-log-redis.c suricata-6.0.10/src/util-log-redis.c --- suricata-6.0.9/src/util-log-redis.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-log-redis.c 2023-01-31 06:26:24.000000000 +0000 @@ -46,7 +46,7 @@ /** * \brief SCLogRedisInit() - Initializes global stuff before threads */ -void SCLogRedisInit() +void SCLogRedisInit(void) { #ifdef HAVE_LIBEVENT_PTHREADS evthread_use_pthreads(); diff -Nru suricata-6.0.9/src/util-profiling-locks.c suricata-6.0.10/src/util-profiling-locks.c --- suricata-6.0.9/src/util-profiling-locks.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-profiling-locks.c 2023-01-31 06:26:24.000000000 +0000 @@ -93,7 +93,7 @@ SCFree(fn); } -int LockRecordInitHash() +int LockRecordInitHash(void) { pthread_mutex_init(&lock_records_mutex, NULL); pthread_mutex_lock(&lock_records_mutex); @@ -218,7 +218,7 @@ fclose(fp); } -void LockRecordFreeHash() +void LockRecordFreeHash(void) { if (profiling_locks_enabled == 0) return; diff -Nru suricata-6.0.9/src/util-radix-tree.c suricata-6.0.10/src/util-radix-tree.c --- suricata-6.0.9/src/util-radix-tree.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-radix-tree.c 2023-01-31 06:26:24.000000000 +0000 @@ -1078,14 +1078,19 @@ } if (netmask != 128) { - struct in6_addr mask6; + struct in6_addr mask6, check; CIDRGetIPv6(netmask, &mask6); + memcpy(&check, &addr, sizeof(check)); + bool diff = false; for (int i = 0; i < 16; i++) { addr.s6_addr[i] &= mask6.s6_addr[i]; + diff |= (addr.s6_addr[i] != check.s6_addr[i]); + } + if (diff) { + char nstr[64]; + PrintInet(AF_INET6, (void *)&addr.s6_addr, nstr, sizeof(nstr)); + SCLogWarning(SC_ERR_INVALID_IP_NETBLOCK, "adding '%s' as '%s/%u'", str, nstr, netmask); } - char nstr[64]; - PrintInet(AF_INET6, (void *)&addr.s6_addr, nstr, sizeof(nstr)); - SCLogWarning(SC_ERR_INVALID_IP_NETBLOCK, "adding '%s' as '%s/%u'", str, nstr, netmask); #if defined(DEBUG_VALIDATION) || defined(UNITTESTS) SCRadixValidateIPv6Key((uint8_t *)&addr.s6_addr, netmask); #endif diff -Nru suricata-6.0.9/src/util-reference-config.c suricata-6.0.10/src/util-reference-config.c --- suricata-6.0.9/src/util-reference-config.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-reference-config.c 2023-01-31 06:26:24.000000000 +0000 @@ -325,8 +325,6 @@ static bool SCRConfParseFile(DetectEngineCtx *de_ctx, FILE *fd) { char line[1024]; - uint8_t i = 1; - int runmode = RunmodeGetCurrent(); bool is_conf_test_mode = runmode == RUNMODE_CONF_TEST; while (fgets(line, sizeof(line), fd) != NULL) { @@ -338,7 +336,6 @@ return false; } } - i++; } #ifdef UNITTESTS diff -Nru suricata-6.0.9/src/util-streaming-buffer.c suricata-6.0.10/src/util-streaming-buffer.c --- suricata-6.0.9/src/util-streaming-buffer.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-streaming-buffer.c 2023-01-31 06:26:24.000000000 +0000 @@ -362,7 +362,7 @@ static int Insert(StreamingBuffer *sb, struct SBB *tree, uint32_t rel_offset, uint32_t len) { - SCLogDebug("* inserting: %u/%u\n", rel_offset, len); + SCLogDebug("* inserting: %u/%u", rel_offset, len); StreamingBufferBlock *sbb = CALLOC(sb->cfg, 1, sizeof(*sbb)); if (sbb == NULL) diff -Nru suricata-6.0.9/src/util-strlcatu.c suricata-6.0.10/src/util-strlcatu.c --- suricata-6.0.9/src/util-strlcatu.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-strlcatu.c 2023-01-31 06:26:24.000000000 +0000 @@ -42,10 +42,7 @@ * Returns strlen(initial dst) + strlen(src); if retval >= siz, * truncation occurred. */ -size_t strlcat(dst, src, siz) - char *dst; - const char *src; - size_t siz; +size_t strlcat(char *dst, const char *src, size_t siz) { register char *d = dst; register const char *s = src; diff -Nru suricata-6.0.9/src/util-strlcpyu.c suricata-6.0.10/src/util-strlcpyu.c --- suricata-6.0.9/src/util-strlcpyu.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/util-strlcpyu.c 2023-01-31 06:26:24.000000000 +0000 @@ -40,10 +40,7 @@ * will be copied. Always NUL terminates (unless siz == 0). * Returns strlen(src); if retval >= siz, truncation occurred. */ -size_t strlcpy(dst, src, siz) - char *dst; - const char *src; - size_t siz; +size_t strlcpy(char *dst, const char *src, size_t siz) { register char *d = dst; register const char *s = src; diff -Nru suricata-6.0.9/src/win32-syscall.c suricata-6.0.10/src/win32-syscall.c --- suricata-6.0.9/src/win32-syscall.c 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/src/win32-syscall.c 2023-01-31 06:26:24.000000000 +0000 @@ -315,7 +315,7 @@ /** * \brief get the maximum transmissible unit for all devices on the system */ -int GetGlobalMTUWin32() +int GetGlobalMTUWin32(void) { uint32_t mtu = 0; @@ -1682,7 +1682,7 @@ } #endif /* UNITTESTS */ -void Win32SyscallRegisterTests() +void Win32SyscallRegisterTests(void) { #ifdef UNITTESTS UtRegisterTest("Win32TestStripPcapPrefix", Win32TestStripPcapPrefix); diff -Nru suricata-6.0.9/suricata-update/CHANGELOG.md suricata-6.0.10/suricata-update/CHANGELOG.md --- suricata-6.0.9/suricata-update/CHANGELOG.md 2022-11-28 06:35:04.000000000 +0000 +++ suricata-6.0.10/suricata-update/CHANGELOG.md 2023-01-31 06:30:08.000000000 +0000 @@ -1,5 +1,10 @@ # Change Log +## 1.2.7 - 2022-01-30 +- Embed an index that has been formatted so diffs are more readable. +- Documentation update with respect to how Suricata-Update is bundled + with all versions of Suricata now. + ## 1.2.6 - 2022-11-25 - Allow checksum URL to be specified by the index: https://redmine.openinfosecfoundation.org/issues/5684 diff -Nru suricata-6.0.9/suricata-update/doc/quickstart.rst suricata-6.0.10/suricata-update/doc/quickstart.rst --- suricata-6.0.9/suricata-update/doc/quickstart.rst 2022-11-28 06:35:04.000000000 +0000 +++ suricata-6.0.10/suricata-update/doc/quickstart.rst 2023-01-31 06:30:08.000000000 +0000 @@ -4,20 +4,23 @@ Install Suricata Update ======================= -.. note:: If you have already installed Suricata 4.1 or newer you - likely already have Suricata-Update installed. Please check - if the ``suricata-update`` command is available to you - before installing. +Suricata-Update is bundled with all supported versions of Suricata and +should be installed when Suricata is installed. Please check if +``suricata-update`` is already installed before proceeding with these +installation directions, for example, the following command will tell +you the version:: + + suricata-update -V + +You should only need to install Suricata-Update manually if it is +required independently of a Suricata install. Suricata-Update is a tool written in Python and best installed with the ``pip`` tool for installing Python packages. Pip can install ``suricata-update`` globally making it available to all users or it can install ``suricata-update`` into your home -directory for use by your user. - -.. note:: At some point ``suricata-update`` should be bundled with - Suricata avoid the need for a separate installation. +directory. To install ``suricata-update`` globally:: @@ -27,6 +30,12 @@ pip install --user --upgrade suricata-update +Pip can also be used to install the latest development version of +Suricata-Update:: + + pip install --user --upgrade \ + https://github.com/oisf/suricata-update/archive/master.zip + .. note:: When installing to your home directory the ``suricata-update`` program will be installed to $HOME/.local/bin, so make sure this directory is in your diff -Nru suricata-6.0.9/suricata-update/Makefile suricata-6.0.10/suricata-update/Makefile --- suricata-6.0.9/suricata-update/Makefile 2022-11-28 06:35:41.000000000 +0000 +++ suricata-6.0.10/suricata-update/Makefile 2023-01-31 06:30:46.000000000 +0000 @@ -258,10 +258,10 @@ PACKAGE = suricata PACKAGE_BUGREPORT = PACKAGE_NAME = suricata -PACKAGE_STRING = suricata 6.0.9 +PACKAGE_STRING = suricata 6.0.10 PACKAGE_TARNAME = suricata PACKAGE_URL = -PACKAGE_VERSION = 6.0.9 +PACKAGE_VERSION = 6.0.10 PATH_SEPARATOR = : PCAP_CFLAGS = -I/usr/include PCAP_LIBS = @@ -283,7 +283,7 @@ SHELL = /bin/bash STRIP = strip SURICATA_UPDATE_DIR = suricata-update -VERSION = 6.0.9 +VERSION = 6.0.10 abs_builddir = /builds/dev/suricata/suricata-update abs_srcdir = /builds/dev/suricata/suricata-update abs_top_builddir = /builds/dev/suricata @@ -478,8 +478,8 @@ maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -#clean-local: #install-exec-local: +#clean-local: #uninstall-local: clean: clean-am diff -Nru suricata-6.0.9/suricata-update/Makefile.in suricata-6.0.10/suricata-update/Makefile.in --- suricata-6.0.9/suricata-update/Makefile.in 2022-11-28 06:35:27.000000000 +0000 +++ suricata-6.0.10/suricata-update/Makefile.in 2023-01-31 06:30:32.000000000 +0000 @@ -478,8 +478,8 @@ maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -@HAVE_PYTHON_FALSE@clean-local: @HAVE_PYTHON_FALSE@install-exec-local: +@HAVE_PYTHON_FALSE@clean-local: @HAVE_PYTHON_FALSE@uninstall-local: clean: clean-am diff -Nru suricata-6.0.9/suricata-update/suricata/update/data/index.py suricata-6.0.10/suricata-update/suricata/update/data/index.py --- suricata-6.0.9/suricata-update/suricata/update/data/index.py 2022-11-28 06:35:04.000000000 +0000 +++ suricata-6.0.10/suricata-update/suricata/update/data/index.py 2023-01-31 06:30:08.000000000 +0000 @@ -1 +1,276 @@ -index = {'version': 1, 'sources': {'et/open': {'summary': 'Emerging Threats Open Ruleset', 'description': 'Proofpoint ET Open is a timely and accurate rule set for detecting and blocking advanced threats\n', 'vendor': 'Proofpoint', 'license': 'MIT', 'url': 'https://rules.emergingthreats.net/open/suricata-%(__version__)s/emerging.rules.tar.gz'}, 'et/pro': {'summary': 'Emerging Threats Pro Ruleset', 'description': 'Proofpoint ET Pro is a timely and accurate rule set for detecting and blocking advanced threats\n', 'vendor': 'Proofpoint', 'license': 'Commercial', 'url': 'https://rules.emergingthreatspro.com/%(secret-code)s/suricata-%(__version__)s/etpro.rules.tar.gz', 'subscribe-url': 'https://www.proofpoint.com/us/threat-insight/et-pro-ruleset', 'parameters': {'secret-code': {'prompt': 'Emerging Threats Pro access code'}}, 'replaces': ['et/open'], 'checksum': False}, 'oisf/trafficid': {'summary': 'Suricata Traffic ID ruleset', 'vendor': 'OISF', 'license': 'MIT', 'url': 'https://openinfosecfoundation.org/rules/trafficid/trafficid.rules', 'support-url': 'https://redmine.openinfosecfoundation.org/', 'min-version': '4.0.0', 'checksum': False}, 'ptresearch/attackdetection': {'summary': 'Positive Technologies Attack Detection Team ruleset', 'description': "The Attack Detection Team searches for new vulnerabilities and 0-days, reproduces it and creates PoC exploits to understand how these security flaws work and how related attacks can be detected on the network layer. Additionally, we are interested in malware and hackers' TTPs, so we develop Suricata rules for detecting all sorts of such activities.\n", 'vendor': 'Positive Technologies', 'license': 'Custom', 'license-url': 'https://raw.githubusercontent.com/ptresearch/AttackDetection/master/LICENSE', 'url': 'https://raw.githubusercontent.com/ptresearch/AttackDetection/master/pt.rules.tar.gz', 'obsolete': 'no longer exists'}, 'scwx/enhanced': {'summary': 'Secureworks suricata-enhanced ruleset', 'description': 'Broad ruleset composed of malware rules and other security-related countermeasures, and curated by the Secureworks Counter Threat Unit research team. This ruleset has been enhanced with comprehensive and fully standard-compliant BETTER metadata (https://better-schema.readthedocs.io/).\n', 'vendor': 'Secureworks', 'license': 'Commercial', 'url': 'https://ws.secureworks.com/ti/ruleset/%(secret-code)s/Suricata_suricata-enhanced_latest.tgz', 'parameters': {'secret-code': {'prompt': 'Secureworks Threat Intelligence Authentication Token'}}, 'subscribe-url': 'https://www.secureworks.com/contact/ (Please reference CTU Countermeasures)', 'min-version': '3.0.0'}, 'scwx/malware': {'summary': 'Secureworks suricata-malware ruleset', 'description': 'High-fidelity, high-priority ruleset composed mainly of malware-related countermeasures and curated by the Secureworks Counter Threat Unit research team.\n', 'vendor': 'Secureworks', 'license': 'Commercial', 'url': 'https://ws.secureworks.com/ti/ruleset/%(secret-code)s/Suricata_suricata-malware_latest.tgz', 'parameters': {'secret-code': {'prompt': 'Secureworks Threat Intelligence Authentication Token'}}, 'subscribe-url': 'https://www.secureworks.com/contact/ (Please reference CTU Countermeasures)', 'min-version': '3.0.0'}, 'scwx/security': {'summary': 'Secureworks suricata-security ruleset', 'description': 'Broad ruleset composed of malware rules and other security-related countermeasures, and curated by the Secureworks Counter Threat Unit research team.\n', 'vendor': 'Secureworks', 'license': 'Commercial', 'url': 'https://ws.secureworks.com/ti/ruleset/%(secret-code)s/Suricata_suricata-security_latest.tgz', 'parameters': {'secret-code': {'prompt': 'Secureworks Threat Intelligence Authentication Token'}}, 'subscribe-url': 'https://www.secureworks.com/contact/ (Please reference CTU Countermeasures)', 'min-version': '3.0.0'}, 'sslbl/ssl-fp-blacklist': {'summary': 'Abuse.ch SSL Blacklist', 'description': 'The SSL Blacklist (SSLBL) is a project of abuse.ch with the goal of detecting malicious SSL connections, by identifying and blacklisting SSL certificates used by botnet C&C servers. In addition, SSLBL identifies JA3 fingerprints that helps you to detect & block malware botnet C&C communication on the TCP layer.\n', 'vendor': 'Abuse.ch', 'license': 'Non-Commercial', 'url': 'https://sslbl.abuse.ch/blacklist/sslblacklist.rules', 'checksum': False}, 'sslbl/ja3-fingerprints': {'summary': 'Abuse.ch Suricata JA3 Fingerprint Ruleset', 'description': "If you are running Suricata, you can use the SSLBL's Suricata JA3 FingerprintRuleset to detect and/or block malicious SSL connections in your network based on the JA3 fingerprint. Please note that your need Suricata 4.1.0 or newer in order to use the JA3 fingerprint ruleset.\n", 'vendor': 'Abuse.ch', 'license': 'Non-Commercial', 'url': 'https://sslbl.abuse.ch/blacklist/ja3_fingerprints.rules', 'min-version': '4.1.0', 'checksum': False}, 'etnetera/aggressive': {'summary': 'Etnetera aggressive IP blacklist', 'vendor': 'Etnetera a.s.', 'license': 'MIT', 'url': 'https://security.etnetera.cz/feeds/etn_aggressive.rules', 'min-version': '4.0.0', 'checksum': False}, 'tgreen/hunting': {'summary': 'Threat hunting rules', 'description': 'Heuristic ruleset for hunting. Focus on anomaly detection and showcasing latest engine features, not performance.\n', 'vendor': 'tgreen', 'license': 'GPLv3', 'url': 'https://raw.githubusercontent.com/travisbgreen/hunting-rules/master/hunting.rules', 'min-version': '4.1.0', 'checksum': False}, 'malsilo/win-malware': {'summary': 'Commodity malware rules', 'description': 'TCP/UDP, DNS and HTTP Windows threats artifacts observed at runtime.\n', 'vendor': 'malsilo', 'license': 'MIT', 'url': 'https://malsilo.gitlab.io/feeds/dumps/malsilo.rules.tar.gz', 'min-version': '4.1.0', 'homepage': 'https://raw-data.gitlab.io/post/malsilo_2.1/', 'checksum': True}, 'stamus/lateral': {'summary': 'Lateral movement rules', 'description': 'Suricata ruleset specifically focused on detecting lateral\nmovement in Microsoft Windows environments by Stamus Networks\n', 'vendor': 'Stamus Networks', 'min-version': '6.0.6', 'license': 'GPL-3.0-only', 'support-url': 'https://discord.com/channels/911231224448712714/911238451842666546', 'url': 'https://ti.stamus-networks.io/open/stamus-lateral-rules.tar.gz'}}} \ No newline at end of file +index = { 'sources': { 'et/open': { 'description': 'Proofpoint ET Open is a ' + 'timely and accurate rule set ' + 'for detecting and blocking ' + 'advanced threats\n', + 'license': 'MIT', + 'summary': 'Emerging Threats Open Ruleset', + 'url': 'https://rules.emergingthreats.net/open/suricata-%(__version__)s/emerging.rules.tar.gz', + 'vendor': 'Proofpoint'}, + 'et/pro': { 'checksum': False, + 'description': 'Proofpoint ET Pro is a timely ' + 'and accurate rule set for ' + 'detecting and blocking ' + 'advanced threats\n', + 'license': 'Commercial', + 'parameters': { 'secret-code': { 'prompt': 'Emerging ' + 'Threats ' + 'Pro ' + 'access ' + 'code'}}, + 'replaces': ['et/open'], + 'subscribe-url': 'https://www.proofpoint.com/us/threat-insight/et-pro-ruleset', + 'summary': 'Emerging Threats Pro Ruleset', + 'url': 'https://rules.emergingthreatspro.com/%(secret-code)s/suricata-%(__version__)s/etpro.rules.tar.gz', + 'vendor': 'Proofpoint'}, + 'etnetera/aggressive': { 'checksum': False, + 'license': 'MIT', + 'min-version': '4.0.0', + 'summary': 'Etnetera aggressive ' + 'IP blacklist', + 'url': 'https://security.etnetera.cz/feeds/etn_aggressive.rules', + 'vendor': 'Etnetera a.s.'}, + 'malsilo/win-malware': { 'checksum': True, + 'description': 'TCP/UDP, DNS and ' + 'HTTP Windows ' + 'threats ' + 'artifacts ' + 'observed at ' + 'runtime.\n', + 'homepage': 'https://raw-data.gitlab.io/post/malsilo_2.1/', + 'license': 'MIT', + 'min-version': '4.1.0', + 'summary': 'Commodity malware ' + 'rules', + 'url': 'https://malsilo.gitlab.io/feeds/dumps/malsilo.rules.tar.gz', + 'vendor': 'malsilo'}, + 'oisf/trafficid': { 'checksum': False, + 'license': 'MIT', + 'min-version': '4.0.0', + 'summary': 'Suricata Traffic ID ' + 'ruleset', + 'support-url': 'https://redmine.openinfosecfoundation.org/', + 'url': 'https://openinfosecfoundation.org/rules/trafficid/trafficid.rules', + 'vendor': 'OISF'}, + 'ptresearch/attackdetection': { 'description': 'The ' + 'Attack ' + 'Detection ' + 'Team ' + 'searches ' + 'for new ' + 'vulnerabilities ' + 'and ' + '0-days, ' + 'reproduces ' + 'it and ' + 'creates ' + 'PoC ' + 'exploits ' + 'to ' + 'understand ' + 'how these ' + 'security ' + 'flaws ' + 'work and ' + 'how ' + 'related ' + 'attacks ' + 'can be ' + 'detected ' + 'on the ' + 'network ' + 'layer. ' + 'Additionally, ' + 'we are ' + 'interested ' + 'in ' + 'malware ' + 'and ' + "hackers' " + 'TTPs, so ' + 'we ' + 'develop ' + 'Suricata ' + 'rules for ' + 'detecting ' + 'all sorts ' + 'of such ' + 'activities.\n', + 'license': 'Custom', + 'license-url': 'https://raw.githubusercontent.com/ptresearch/AttackDetection/master/LICENSE', + 'obsolete': 'no longer ' + 'exists', + 'summary': 'Positive ' + 'Technologies ' + 'Attack ' + 'Detection ' + 'Team ruleset', + 'url': 'https://raw.githubusercontent.com/ptresearch/AttackDetection/master/pt.rules.tar.gz', + 'vendor': 'Positive ' + 'Technologies'}, + 'scwx/enhanced': { 'description': 'Broad ruleset composed ' + 'of malware rules and ' + 'other security-related ' + 'countermeasures, and ' + 'curated by the ' + 'Secureworks Counter ' + 'Threat Unit research ' + 'team. This ruleset ' + 'has been enhanced with ' + 'comprehensive and ' + 'fully ' + 'standard-compliant ' + 'BETTER metadata ' + '(https://better-schema.readthedocs.io/).\n', + 'license': 'Commercial', + 'min-version': '3.0.0', + 'parameters': { 'secret-code': { 'prompt': 'Secureworks ' + 'Threat ' + 'Intelligence ' + 'Authentication ' + 'Token'}}, + 'subscribe-url': 'https://www.secureworks.com/contact/ ' + '(Please reference ' + 'CTU Countermeasures)', + 'summary': 'Secureworks ' + 'suricata-enhanced ruleset', + 'url': 'https://ws.secureworks.com/ti/ruleset/%(secret-code)s/Suricata_suricata-enhanced_latest.tgz', + 'vendor': 'Secureworks'}, + 'scwx/malware': { 'description': 'High-fidelity, ' + 'high-priority ruleset ' + 'composed mainly of ' + 'malware-related ' + 'countermeasures and ' + 'curated by the ' + 'Secureworks Counter ' + 'Threat Unit research ' + 'team.\n', + 'license': 'Commercial', + 'min-version': '3.0.0', + 'parameters': { 'secret-code': { 'prompt': 'Secureworks ' + 'Threat ' + 'Intelligence ' + 'Authentication ' + 'Token'}}, + 'subscribe-url': 'https://www.secureworks.com/contact/ ' + '(Please reference CTU ' + 'Countermeasures)', + 'summary': 'Secureworks ' + 'suricata-malware ruleset', + 'url': 'https://ws.secureworks.com/ti/ruleset/%(secret-code)s/Suricata_suricata-malware_latest.tgz', + 'vendor': 'Secureworks'}, + 'scwx/security': { 'description': 'Broad ruleset composed ' + 'of malware rules and ' + 'other security-related ' + 'countermeasures, and ' + 'curated by the ' + 'Secureworks Counter ' + 'Threat Unit research ' + 'team.\n', + 'license': 'Commercial', + 'min-version': '3.0.0', + 'parameters': { 'secret-code': { 'prompt': 'Secureworks ' + 'Threat ' + 'Intelligence ' + 'Authentication ' + 'Token'}}, + 'subscribe-url': 'https://www.secureworks.com/contact/ ' + '(Please reference ' + 'CTU Countermeasures)', + 'summary': 'Secureworks ' + 'suricata-security ruleset', + 'url': 'https://ws.secureworks.com/ti/ruleset/%(secret-code)s/Suricata_suricata-security_latest.tgz', + 'vendor': 'Secureworks'}, + 'sslbl/ja3-fingerprints': { 'checksum': False, + 'description': 'If you are ' + 'running ' + 'Suricata, you ' + 'can use the ' + "SSLBL's " + 'Suricata JA3 ' + 'FingerprintRuleset ' + 'to detect ' + 'and/or block ' + 'malicious SSL ' + 'connections ' + 'in your ' + 'network based ' + 'on the JA3 ' + 'fingerprint. ' + 'Please note ' + 'that your ' + 'need Suricata ' + '4.1.0 or ' + 'newer in ' + 'order to use ' + 'the JA3 ' + 'fingerprint ' + 'ruleset.\n', + 'license': 'Non-Commercial', + 'min-version': '4.1.0', + 'summary': 'Abuse.ch Suricata ' + 'JA3 Fingerprint ' + 'Ruleset', + 'url': 'https://sslbl.abuse.ch/blacklist/ja3_fingerprints.rules', + 'vendor': 'Abuse.ch'}, + 'sslbl/ssl-fp-blacklist': { 'checksum': False, + 'description': 'The SSL ' + 'Blacklist ' + '(SSLBL) is a ' + 'project of ' + 'abuse.ch with ' + 'the goal of ' + 'detecting ' + 'malicious SSL ' + 'connections, ' + 'by ' + 'identifying ' + 'and ' + 'blacklisting ' + 'SSL ' + 'certificates ' + 'used by ' + 'botnet C&C ' + 'servers. In ' + 'addition, ' + 'SSLBL ' + 'identifies ' + 'JA3 ' + 'fingerprints ' + 'that helps ' + 'you to detect ' + '& block ' + 'malware ' + 'botnet C&C ' + 'communication ' + 'on the TCP ' + 'layer.\n', + 'license': 'Non-Commercial', + 'summary': 'Abuse.ch SSL ' + 'Blacklist', + 'url': 'https://sslbl.abuse.ch/blacklist/sslblacklist.rules', + 'vendor': 'Abuse.ch'}, + 'stamus/lateral': { 'description': 'Suricata ruleset ' + 'specifically focused ' + 'on detecting lateral\n' + 'movement in Microsoft ' + 'Windows environments ' + 'by Stamus Networks\n', + 'license': 'GPL-3.0-only', + 'min-version': '6.0.6', + 'summary': 'Lateral movement rules', + 'support-url': 'https://discord.com/channels/911231224448712714/911238451842666546', + 'url': 'https://ti.stamus-networks.io/open/stamus-lateral-rules.tar.gz', + 'vendor': 'Stamus Networks'}, + 'tgreen/hunting': { 'checksum': False, + 'description': 'Heuristic ruleset for ' + 'hunting. Focus on ' + 'anomaly detection and ' + 'showcasing latest ' + 'engine features, not ' + 'performance.\n', + 'license': 'GPLv3', + 'min-version': '4.1.0', + 'summary': 'Threat hunting rules', + 'url': 'https://raw.githubusercontent.com/travisbgreen/hunting-rules/master/hunting.rules', + 'vendor': 'tgreen'}}, + 'version': 1} \ No newline at end of file diff -Nru suricata-6.0.9/suricata-update/suricata/update/data/update.py suricata-6.0.10/suricata-update/suricata/update/data/update.py --- suricata-6.0.9/suricata-update/suricata/update/data/update.py 2022-11-28 06:35:04.000000000 +0000 +++ suricata-6.0.10/suricata-update/suricata/update/data/update.py 2023-01-31 06:30:08.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (C) 2018 Open Information Security Foundation +# Copyright (C) 2018-2022 Open Information Security Foundation # # You can copy, redistribute or modify this Program under the terms of # the GNU General Public License version 2 as published by the Free @@ -16,6 +16,7 @@ import os.path import sys +import pprint try: from urllib2 import urlopen @@ -43,8 +44,10 @@ # sources to run the version check. del(index["versions"]) + pp = pprint.PrettyPrinter(indent=4) + with open(dist_filename, "w") as fileobj: - fileobj.write("index = %s" % (str(index))) + fileobj.write("index = {}".format(pp.pformat(index))) if __name__ == "__main__": embed_index() diff -Nru suricata-6.0.9/suricata-update/suricata/update/version.py suricata-6.0.10/suricata-update/suricata/update/version.py --- suricata-6.0.9/suricata-update/suricata/update/version.py 2022-11-28 06:35:04.000000000 +0000 +++ suricata-6.0.10/suricata-update/suricata/update/version.py 2023-01-31 06:30:08.000000000 +0000 @@ -4,4 +4,4 @@ # Alpha: 1.0.0a1 # Development: 1.0.0dev0 # Release candidate: 1.0.0rc1 -version = "1.2.6" +version = "1.2.7" diff -Nru suricata-6.0.9/suricata.yaml.in suricata-6.0.10/suricata.yaml.in --- suricata-6.0.9/suricata.yaml.in 2022-11-28 06:31:05.000000000 +0000 +++ suricata-6.0.10/suricata.yaml.in 2023-01-31 06:26:24.000000000 +0000 @@ -734,7 +734,7 @@ dp: 5900, 5901, 5902, 5903, 5904, 5905, 5906, 5907, 5908, 5909 # MQTT, disabled by default. mqtt: - # enabled: no + enabled: yes # max-msg-length: 1mb # subscribe-topic-match-limit: 100 # unsubscribe-topic-match-limit: 100 @@ -775,7 +775,7 @@ enabled: yes # memcap: 64mb rdp: - #enabled: yes + enabled: yes ssh: enabled: yes #hassh: yes @@ -986,7 +986,7 @@ enabled: yes sip: - #enabled: no + enabled: yes # Limit for the maximum number of asn1 frames to decode (default 256) asn1-max-frames: 256