Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Decouple stream bypass from TLS encrypted bypass v5 #11886

Closed
wants to merge 4 commits into from
Closed

Decouple stream bypass from TLS encrypted bypass v5 #11886

wants to merge 4 commits into from

Conversation

lukashino
Copy link
Contributor

Following up on #11831

Redmine ticket: https://redmine.openinfosecfoundation.org/issues/6788

Describe changes:
v5

  • rebased
  • added upgrade section
  • fixed docs - Thanks Juliana
  • SV tests should pass now

v4

  • rebased
  • changed SSH bypass defaults to hopefully be in sync with the previous settings

v3

  • added SSH app-layer option encryption-handling allowing to choose whether to continue inspection on SSH once it turns encrypted
  • added SV tests
  • minor docs updates

SV_BRANCH=OISF/suricata-verify#2078

Lukas Sismis and others added 4 commits October 6, 2024 22:28
ssh: add option to select behavior of encrypted parts
7ee1327 
Ticket: 6788
@msdean
stream: decouple stream.bypass dependency from tls bypass
48febc5 
Decouple app.protocols.tls.encryption-handling and stream.bypass.
There's no apparent reason why encrypted TLS bypass traffic should
depend on stream bypass, as these are unrelated features.

Ticket: 6788
doc: remove trailing spaces in DPDK section
0e6f4e4
ssh: sync the hassh setting with the defaults
a403c81
@codecov Codecov
Copy link

codecov bot commented Oct 6, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 89.28571% with 3 lines in your changes missing coverage. Please review.

Project coverage is 82.57%. Comparing base (3f0512e) to head (a403c81).
Report is 80 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #11886      +/-   ##
==========================================
- Coverage   82.61%   82.57%   -0.04%     
==========================================
  Files         912      912              
  Lines      249354   249377      +23     
==========================================
- Hits       205992   205935      -57     
- Misses      43362    43442      +80
Flag Coverage Δ
fuzzcorpus 60.55% <71.42%> (-0.08%) ⬇️
livemode 18.73% <32.14%> (-0.12%) ⬇️
pcap 44.13% <71.42%> (+0.04%) ⬆️
suricata-verify 62.03% <89.28%> (+0.02%) ⬆️
unittests 58.93% <67.85%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

@lukashino lukashino mentioned this pull request Oct 6, 2024
Closed
@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 23001

@lukashino lukashino mentioned this pull request Nov 3, 2024
Closed
@lukashino
Copy link
Contributor Author

rebased in #12082

@lukashino lukashino closed this Nov 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@catenacyber catenacyber Awaiting requested review from catenacyber catenacyber is a code owner

@jufajardini jufajardini Awaiting requested review from jufajardini jufajardini is a code owner

@victorjulien victorjulien Awaiting requested review from victorjulien victorjulien is a code owner

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lukashino @suricata-qa @msdean