Feature/http range/v29 #6355
Closed
Feature/http range/v29 #6355
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Compares two buffers with their two sizes
adds a container, ie a thread safe hash table whose key is the filename keep a tree of unordered ranges, up to a memcap limit adds HTPFileOpenWithRange to handle like HTPFileOpen if there is a range : open 2 files, one for the whole reassembled, and one only for the current range
Simplify locking by using the THashData lock instead of a separate range lock. Avoid size_t in function arguments. Clean up file handling functions. Implement handling of alloc errors. Rename yaml entry to byterange Unify public api naming
Better structure design to ensure that one flow maximum is owning and appending into the file, adding fileOwning field. Adds also a gap field in a range buffer, so that we can feed the gap on closing, when we are protected from concurrency by a lock, (lock which got removed in the append path) Fixes memcap when encountering a duplicate while inserting in red and black tree Adds many comments
To make concurrency reasoning clearer
so that borrow check gets happy
for future compatibility with rust
A block is determined out of order on opening. But on closing, the gap before it may have been filled. So, we must post-process it, ie iterate over the red and black tree so see what blocks we can get.
Move the content-range parsing code to rust
catenacyber
requested review from
jasonish,
victorjulien and
a team
as code owners
Closed
Codecov Report
@@ Coverage Diff @@
## master #6355 +/- ##
==========================================
- Coverage 76.96% 76.94% -0.03%
==========================================
Files 612 613 +1
Lines 186410 186796 +386
==========================================
+ Hits 143477 143723 +246
- Misses 42933 43073 +140
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
Includes https://redmine.openinfosecfoundation.org/issues/4117 as well |
|
Information:
Pipeline 4089 |
|
|
| match unsafe { SC } { | ||
| None => panic!("BUG no suricata_config"), | ||
| Some(c) => { | ||
| //TODO get a file container instead of NULL |
There was a problem hiding this comment.
TODO: address or remove comment if its not needed
There was a problem hiding this comment.
It will be much easier when we have file per tx
Right now, I should do something like state.files.get(STREAM_TOCLIENT) but I do not have an easy reference to state in HTTP2Transaction::free
So, what should we do ?
| @@ -350,6 +402,7 @@ pub struct HTTP2State { | |||
| transactions: Vec<HTTP2Transaction>, | |||
| progress: HTTP2ConnectionState, | |||
| pub files: Files, | |||
| flow: *const Flow, | |||
There was a problem hiding this comment.
ideally we're not adding this if we can just pass it around as a function argument
| @@ -0,0 +1,241 @@ | |||
| /* Copyright (C) 2021 Open Information Security Foundation | |||
There was a problem hiding this comment.
Is the parsing of the content-range string the same for http1 and http2? If so I'd like to consolidate the parsing in Rust
There was a problem hiding this comment.
whoops already done it seems, please ignore
|
|
||
| return 0; | ||
| uint32_t len = bstr_len(rawvalue); | ||
| return rs_http2_parse_content_range(range, bstr_ptr(rawvalue), len); |
There was a problem hiding this comment.
nit: I don't like that the call has 'http2' in the name
There was a problem hiding this comment.
indeed, some leftover from development version when there were 2 parsing functions
squashed into the right commit |
Merged
|
Replaced by #6409 |
0xEniola
added a commit
to 0xEniola/suricata
that referenced
this pull request
Oct 21, 2023
Add more details to the tcp.mss keyword engine analysis output Issue: OISF#6355
0xEniola
added a commit
to 0xEniola/suricata
that referenced
this pull request
Oct 23, 2023
Add more details to the tcp.mss keyword engine analysis output Issue: OISF#6355
0xEniola
added a commit
to 0xEniola/suricata
that referenced
this pull request
Nov 11, 2023
Add more details to the tcp.mss keyword engine analysis output Issue: OISF#6355
0xEniola
added a commit
to 0xEniola/suricata
that referenced
this pull request
Nov 11, 2023
Add more details to the tcp.mss keyword engine analysis output Issue: OISF#6355
0xEniola
added a commit
to 0xEniola/suricata
that referenced
this pull request
Nov 12, 2023
Add more details to the tcp.mss keyword engine analysis output Issue: OISF#6355
0xEniola
added a commit
to 0xEniola/suricata
that referenced
this pull request
Nov 13, 2023
Add more details to the tcp.mss keyword engine analysis output Issue: OISF#6355
0xEniola
added a commit
to 0xEniola/suricata
that referenced
this pull request
Nov 13, 2023
Add more details to the tcp.mss keyword engine analysis output Issue: OISF#6355
catenacyber
pushed a commit
to catenacyber/suricata
that referenced
this pull request
Apr 12, 2024
Add more details to the tcp.mss keyword engine analysis output Issue: OISF#6355
catenacyber
pushed a commit
to catenacyber/suricata
that referenced
this pull request
Apr 12, 2024
Add more details to the tcp.mss keyword engine analysis output Issue: OISF#6355
catenacyber
pushed a commit
to catenacyber/suricata
that referenced
this pull request
Apr 12, 2024
Add more details to the tcp.mss keyword engine analysis output Issue: OISF#6355
catenacyber
added a commit
to catenacyber/suricata
that referenced
this pull request
Apr 14, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/1576
Describe changes:
suricata-verify-pr: 531
OISF/suricata-verify#531
Continues #6354 with
For testing : https://github.com/jasonish/suricata-http-range-test