* origin/topic/robin/pp-alarms:
The silliest, tiniest little whitespace fixes.
Update missing in last commit to this branch.
Adding test for alarm mail.
Tuning the pretty-printed alarms output.
- Skip diffing of debug.log always.
- Skip diffing of reporter.log if it only contains an error about
missing GeoIP support.
- Canonicalize X.509 Distinguished Name subjects since that can vary
depending on installed OpenSSL version.
* origin/fastpath:
Enable warnings for malformed Broxygen xref roles.
Broxygen fix for function parameter recognition; better than 80b2451.
Allow Broxygen markup "##<" for more general use.
* origin/fastpath:
Fix missing action in notice policy for looking up GeoIP data.
Better persistent state config warning messages (fixes#433).
A few updates for SQL injection detection.
Fixed some DPD signatures for IRC. Fixes ticket #311.
Removing Off_Port_Protocol_Found notice.
SSH::Interesting_Hostname_Login cleanup. Fixes#664.
Teach Broxygen to more generally reference attribute values by name.
Fixed a really dumb bug that was causing the malware hash registry script to break.
Fix Broxygen confusing scoped id at start of line as function parameter.
Remove remnant of libmagic optionality
- The biggest change is the change in notice names from
HTTP::SQL_Injection_Attack_Against to
HTTP::SQL_Injection_Victim
- A few new SQL injection attacks in the tests that we need to
support at some point.
In DNS::Resolve, they could be deleted once from where they were
stored in the nb_dns_info cookie and once again from where they
were stored in the DNS_Mgr::requests list. Before commit
bd9c937236, they were only deleted
from the requests list, so this commit reverts to that behavior
without any leaks being reported by the core/leaks tests.
- Answers and TTLs are now vectors.
- The warning that was being generated (dns_reply_seen_after_done)
from transaction ID reuse is fixed.
- Updated the single failing btest baseline.
* origin/topic/jsiwek/custom-b64-alphabet:
Add decode_base64_custom BiF to allow alternate base64 alphabets.
Simplified the code a little bit.
Closes#670.
- Some (all?) of the DNS servers aren't being detected
anymore because the test tracefile isn't long enough.
Logging servers is delayed a 5 minutes in case a better
result comes in.
