Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Next/50x/20210223/v3 #5912

Merged
merged 2 commits into from
Feb 23, 2021
Merged

Next/50x/20210223/v3 #5912

merged 2 commits into from
Feb 23, 2021

Conversation

victorjulien
Copy link
Member

#5907, with cherry-pick line fixup

@victorjulien victorjulien requested review from norg and a team as code owners February 23, 2021 19:18
@victorjulien victorjulien mentioned this pull request Feb 23, 2021
Closed
@victorjulien victorjulien merged commit 176ba44 into OISF:master-5.0.x Feb 23, 2021
@victorjulien victorjulien deleted the next/50x/20210223/v3 branch March 7, 2021 08:27
satta added a commit to satta/suricata that referenced this pull request Jun 26, 2023
@satta
rfb: never return error on unknown traffic
d0dc924 
We only try to parse a small subset of what is possible in
RFB. Currently we only understand some standard auth schemes
and stop parsing when the server-client handshake is complete.
Since in IPS mode returning an error from the parser causes
drops that are likely uncalled for, we do not want to return
errors when we simply do not understand what happens in the
traffic. This addresses Redmine OISF#5912.
victorjulien pushed a commit to victorjulien/suricata that referenced this pull request Jun 27, 2023
@satta @victorjulien
rfb: never return error on unknown traffic
1f8a587 
We only try to parse a small subset of what is possible in
RFB. Currently we only understand some standard auth schemes
and stop parsing when the server-client handshake is complete.
Since in IPS mode returning an error from the parser causes
drops that are likely uncalled for, we do not want to return
errors when we simply do not understand what happens in the
traffic. This addresses Redmine OISF#5912.

Bug: OISF#5912.
victorjulien pushed a commit to victorjulien/suricata that referenced this pull request Jun 27, 2023
@satta @victorjulien
rfb: never return error on unknown traffic
ca9ee1c 
We only try to parse a small subset of what is possible in
RFB. Currently we only understand some standard auth schemes
and stop parsing when the server-client handshake is complete.
Since in IPS mode returning an error from the parser causes
drops that are likely uncalled for, we do not want to return
errors when we simply do not understand what happens in the
traffic. This addresses Redmine OISF#5912.
satta added a commit to satta/suricata that referenced this pull request Jul 13, 2023
@satta
rfb: never return error on unknown traffic
c7fd790 
We only try to parse a small subset of what is possible in
RFB. Currently we only understand some standard auth schemes
and stop parsing when the server-client handshake is complete.
Since in IPS mode returning an error from the parser causes
drops that are likely uncalled for, we do not want to return
errors when we simply do not understand what happens in the
traffic. This addresses Redmine OISF#5912.

Bug: OISF#5915.
satta added a commit to satta/suricata that referenced this pull request Jul 14, 2023
@satta
rfb: never return error on unknown traffic
45b6d5e 
We only try to parse a small subset of what is possible in
RFB. Currently we only understand some standard auth schemes
and stop parsing when the server-client handshake is complete.
Since in IPS mode returning an error from the parser causes
drops that are likely uncalled for, we do not want to return
errors when we simply do not understand what happens in the
traffic. This addresses Redmine OISF#5912.

Bug: OISF#5915.
(cherry picked from commit d0dc924)
satta added a commit to satta/suricata that referenced this pull request Jul 14, 2023
@satta
rfb: never return error on unknown traffic
8f1e08b 
We only try to parse a small subset of what is possible in
RFB. Currently we only understand some standard auth schemes
and stop parsing when the server-client handshake is complete.
Since in IPS mode returning an error from the parser causes
drops that are likely uncalled for, we do not want to return
errors when we simply do not understand what happens in the
traffic. This addresses Redmine OISF#5912.

Bug: OISF#5915.
(cherry picked from commit 1f8a587)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@norg norg Awaiting requested review from norg norg is a code owner

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@victorjulien @catenacyber @ilya-bakhtin