Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Decouple stream bypass from TLS encrypted bypass v9 #12572

Closed
wants to merge 4 commits into from
Closed

Decouple stream bypass from TLS encrypted bypass v9 #12572

wants to merge 4 commits into from

Conversation

lukashino
Copy link
Contributor

Following up on #12388

Redmine ticket: https://redmine.openinfosecfoundation.org/issues/6788

Describe changes:
v9:

  • changed mutex to atomicu8 for SSH encryption handling choice
  • rebased

v8.1:

  • specify the correct SV test

v8:

v7

  • Style guide changes as suggested in the prev PR
  • Encryption Handling has now three states, similar to TLS
  • rebased

v6

  • rebased

v5

  • rebased
  • added upgrade section
  • fixed docs - Thanks Juliana
  • SV tests should pass now

v4

  • rebased
  • changed SSH bypass defaults to hopefully be in sync with the previous settings

v3

  • added SSH app-layer option encryption-handling allowing to choose whether to continue inspection on SSH once it turns encrypted
  • added SV tests
  • minor docs updates

SV_BRANCH=OISF/suricata-verify#2288

Lukas Sismis and others added 4 commits February 13, 2025 09:54
@lukashino
ssh: add option to select behavior of encrypted parts
64239e0 
Ticket: 6788
@msdean @lukashino
stream: decouple stream.bypass dependency from tls bypass
0d804b8 
Decouple app.protocols.tls.encryption-handling and stream.bypass.
There's no apparent reason why encrypted TLS bypass traffic should
depend on stream bypass, as these are unrelated features.

Ticket: 6788
@lukashino
doc: remove trailing spaces in DPDK section
d6da3dd
@lukashino
ssh: sync the hassh setting with the defaults
4061e9c
@lukashino lukashino mentioned this pull request Feb 13, 2025
Closed
@lukashino
Copy link
Contributor Author

digging up a comment from the previous PR:

@catenacyber wrote:

@victorjulien could I review this ? (asking since you self-assigned yourself)

I want to dig into the QA diff and the explanation of it in the previous version especially...

@github-actions GitHub Actions
Copy link

NOTE: This PR may contain new authors.

@lukashino lukashino closed this Feb 13, 2025
@codecov Codecov
Copy link

codecov bot commented Feb 13, 2025

Codecov Report

Attention: Patch coverage is 80.00000% with 8 lines in your changes missing coverage. Please review.

Project coverage is 80.72%. Comparing base (3831843) to head (4061e9c).

Additional details and impacted files 
@@           Coverage Diff           @@
##           master   #12572   +/-   ##
=======================================
  Coverage   80.72%   80.72%           
=======================================
  Files         929      929           
  Lines      259062   259094   +32     
=======================================
+ Hits       209119   209148   +29     
- Misses      49943    49946    +3
Flag Coverage Δ
fuzzcorpus 56.94% <42.50%> (-0.01%) ⬇️
livemode 19.39% <12.50%> (-0.01%) ⬇️
pcap 44.14% <42.50%> (-0.05%) ⬇️
suricata-verify 63.41% <82.05%> (+0.02%) ⬆️
unittests 58.35% <42.50%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

@lukashino lukashino mentioned this pull request Feb 13, 2025
Open
@lukashino
Copy link
Contributor Author

Follow-up in #12573

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@catenacyber catenacyber Awaiting requested review from catenacyber catenacyber is a code owner

@jufajardini jufajardini Awaiting requested review from jufajardini jufajardini is a code owner

@victorjulien victorjulien Awaiting requested review from victorjulien victorjulien is a code owner

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lukashino @msdean