suricata
suricata copied to clipboard
Issue 5259 - x509 time dependency update - v1
I dug a commit out of @chifflier 's repo then udpated x509-parser
to 0.13.0
. The code changes on our side seem minimal, however, SV bug-1450-02
now fails, and I'm not sure why.
@chifflier We'd also like to clear-up the audit warning on time
in in 6.0.x
. Any thoughts on the least behaviour changing way to do so?
Is this related? https://github.com/OISF/suricata-verify/pull/748
Is this related? OISF/suricata-verify#748
I tried it, doesn't help. Looks like that S-V test is good for current master tho.
Information:
field | test | baseline | % |
---|---|---|---|
tlpr1_stats_chk | |||
.flow.memuse | 490607488 | 523149568 | 93.78% |
Pipeline 6883
Is this related? OISF/suricata-verify#748
I tried it, doesn't help. Looks like that S-V test is good for current master tho.
Actually this is the correct SV PR for these changes. However, they also depend on the nom upgrade to 7.0 which isn't suitable for a backport to 6.
@chifflier Any thoughts on how we can get this backported? We'd like to clear the audit issues in our current release branch as well as master. It seems that the x509-parser
using nom7 might be the problem as the error types don't align. Should x509-parser
re-export its nom here so we can properly match on the error type?
Information:
field | test | baseline | % |
---|---|---|---|
tlpr1_stats_chk | |||
.flow.memuse | 490607488 | 523149568 | 93.78% |
Pipeline 6883
I'm looking at this. The differences in events are manageable I think. A bigger issue is that x509-parser 0.13 fails a private test I have, it just doesn't parse the cert correctly. 0.14 fixes it, but bumps MSRV to 1.53
In fact, with 0.14 I get a build failure on OpenBSD 7.0 (Rust 1.55):
CARGO_HOME="/home/victor/.cargo" CARGO_TARGET_DIR="/home/victor/builds/tUhkGdun/0/inliniac/suricata-ci/suricata/rust/target" /usr/local/bin/cargo build --release --features " "
error: failed to get `aes` as a dependency of package `suricata v7.0.0-dev (/home/victor/builds/tUhkGdun/0/inliniac/suricata-ci/suricata/rust)`
Caused by:
failed to load source for dependency `aes`
Caused by:
Unable to update registry `crates-io`
Caused by:
failed to update replaced source registry `crates-io`
Caused by:
failed to parse manifest at `/home/victor/builds/tUhkGdun/0/inliniac/suricata-ci/suricata/rust/vendor/time/Cargo.toml`
Caused by:
feature `edition2021` is required
The package requires the Cargo feature called `edition2021`, but that feature is not stabilized in this version of Cargo (1.55.0).
Consider trying a newer version of Cargo (this may require the nightly release).
See https://doc.rust-lang.org/nightly/cargo/reference/unstable.html#edition-2021 for more information about the status of this feature.
*** Error 101 in rust (Makefile:544 'all-local')
*** Error 1 in /home/victor/builds/tUhkGdun/0/inliniac/suricata-ci/suricata (Makefile:514 'all-recursive')
Merged in #7948, thanks!