Project

General

Profile

Actions
Copy link

Feature #470

closed

Feature #775: libhtp 0.5 support

gzip extension support incomplete

Added by Victor Julien almost 12 years ago. Updated almost 11 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Anoop Saldanha
Target version:
2.0beta1
Effort:
Difficulty:
Label:

Description

The current git master supports FNAME and FCOMMENT gzip extensions. Support for FEXTRA and FHCRC is missing: http://www.gzip.org/zlib/rfc-gzip.html

If a gzip stream is encountered that contains an unsupported flag, the "http.gzip_decompression_failed" app layer event is set.

Support needs to be added to libhtp, not Suricata itself.

When complete, patches need to be submitted to upstream libhtp.

Actions
Copy link
 #1

Updated by Victor Julien over 11 years ago

  • Target version changed from 1.4 to 1.4beta2
Actions
Copy link
 #2

Updated by Victor Julien over 11 years ago

  • Target version changed from 1.4beta2 to 2.0rc2

Working with libhtp upstream on this.

Actions
Copy link
 #3

Updated by Victor Julien about 11 years ago

  • Parent task set to #775
Actions
Copy link
 #4

Updated by Victor Julien almost 11 years ago

  • Assignee changed from Victor Julien to Anoop Saldanha
  • Target version changed from 2.0rc2 to 2.0beta1

Part of libhtp 0.5.x upgrade work.

Actions
Copy link
 #5

Updated by Victor Julien almost 11 years ago

  • Status changed from Assigned to Closed
Actions
Copy link

Also available in: Atom PDF