Upgrading your code from 3.0 to 3.1¶

Detection engine and locking¶

The detection engine now has a much simplified locking scheme. If your code is called from the detection engine, you can assume that if you have a Packet::flow, then it's locked.

See also:
https://github.com/inliniac/suricata/pull/2084
https://github.com/inliniac/suricata/pull/2089

File API needs a config argument¶

The File API uses a new underlying API called the StreamBuffer API.

Here is the updated FileOpen call: https://github.com/inliniac/suricata/pull/2008/files#diff-c55860046f9110db7359adf0c01b6f1cR436

Here is how SMTP handles it:
https://github.com/inliniac/suricata/pull/2008/files#diff-8417216222dd62d4be05971877228a24R97
https://github.com/inliniac/suricata/pull/2008/files#diff-b7c0f60a040a567a600ab22375f8b73eR449

See also:
https://github.com/inliniac/suricata/pull/2008
https://github.com/inliniac/suricata/pull/2091

Unittests¶

Unittests registration has been simplified. It's no longer possible to register the value that signifies 'success'. For this the value of 1 is now hardcoded.

A set of macro's has been added:
https://github.com/inliniac/suricata/commit/13cf2f829e7ed3acbd8555bd6c2d652ffaa1b770#diff-36a2878288e2a2ccafcb818ef674cb2cR60

New tests should all follow the following logic:

use FAIL_IF and friends
use no conditional logic
clean up memory only for the success case
See https://github.com/inliniac/suricata/commit/d7d05b007cffd92003a50f5b3861010a6b30505f for examples

Files (0)

Project

General

Profile

Suricata

Wiki

Upgrading your code from 3.0 to 3.1¶

Detection engine and locking¶

File API needs a config argument¶

Unittests¶