Project

General

Profile

Actions

Optimization #7353

closed

files: remove deprecated force-md5 config option

Added by Philippe Antoine 7 months ago. Updated 9 days ago.

Status:
Closed
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:
Beginner, Good First Issue, Outreachy

Description

in util-file.c

Actions #1

Updated by Victor Julien 3 months ago

  • Subject changed from Remove deprecated force-md5 config option to files: remove deprecated force-md5 config option
  • Target version changed from 8.0.0-beta1 to TBD

This is something we'd only do if we remove md5 tracking, matching and logging.

Actions #2

Updated by Jason Ish 3 months ago

I'm curious what is the reason to deprecate md5? Besides not being cryptographically secure, it still seems to be in wide use for identifying files.

Actions #3

Updated by Philippe Antoine 3 months ago

        SCLogWarning("deprecated 'force-md5' option " 
                     "found. Please use 'force-hash: [md5]' instead");
Actions #4

Updated by Philippe Antoine 3 months ago

Victor Julien wrote in #note-1:

This is something we'd only do if we remove md5 tracking, matching and logging.

No, we do md5 tracking, matching and logging with force-hash: [md5] instead of force-md5 in suricata.yaml

Do not we want to have this for 8 ?

Actions #5

Updated by Philippe Antoine 3 months ago

git grep deprecated shows other stuff like legacy.uricontent ...

Actions #6

Updated by Jason Ish 3 months ago

Philippe Antoine wrote in #note-4:

Victor Julien wrote in #note-1:

This is something we'd only do if we remove md5 tracking, matching and logging.

No, we do md5 tracking, matching and logging with force-hash: [md5] instead of force-md5 in suricata.yaml

Do not we want to have this for 8 ?

I think this makes sense then. The ticket didn't have enough context to reason about it properly.

Actions #7

Updated by Philippe Antoine 3 months ago

  • Target version changed from TBD to 8.0.0-beta1
Actions #8

Updated by Victor Julien about 2 months ago

  • Target version changed from 8.0.0-beta1 to 8.0.0-rc1
Actions #9

Updated by Philippe Antoine 11 days ago

  • Status changed from New to In Review
  • Assignee changed from OISF Dev to Philippe Antoine
Actions #10

Updated by Philippe Antoine 9 days ago

  • Status changed from In Review to Closed
Actions

Also available in: Atom PDF