Skip to content

Quic encryption handling 8116 v2 #14502

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
catenacyber wants to merge 5 commits into from
Closed

Quic encryption handling 8116 v2 #14502

catenacyber wants to merge 5 commits into from

Conversation

@catenacyber
Copy link
Contributor

@catenacyber catenacyber commented Dec 16, 2025

Link to ticket: https://redmine.openinfosecfoundation.org/issues/
https://redmine.openinfosecfoundation.org/issues/8116
Describe changes:

  • quic: encryption-handling config parameters
  • udp: commit to allow app-layer such as quic to set bypass on parsing

SV_BRANCH=OISF/suricata-verify#2819

#14494 complete no draft

@catenacyber
quic: encryption-handling config parameters
594b668 
Ticket: 8116
@catenacyber
rust: move EncryptionHandling definition to its own file
70e8275 
as it is not specific to ssh anymore
@catenacyber
rust: rename EncryptionHandling
1b0e5af 
as it is no longer specific to SSH
@catenacyber
rust: from_str implementation for EncryptionHandling
5a186cb 
To move non-specific quic code to the right place
@catenacyber
app-layer: test bypass set for udp
b978a19 
Ticket: 8116

quic parsing on udp can request bypass.
But such a bypass was only handled for TCP protocols in
AppLayerParserParse
@catenacyber catenacyber mentioned this pull request Dec 16, 2025
Closed
@codecov
Copy link

codecov bot commented Dec 16, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 87.75510% with 6 lines in your changes missing coverage. Please review.
✅ Project coverage is 82.12%. Comparing base (af246ae) to head (b978a19).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #14502      +/-   ##
==========================================
- Coverage   82.12%   82.12%   -0.01%     
==========================================
  Files        1013     1014       +1     
  Lines      262327   262358      +31     
==========================================
+ Hits       215439   215456      +17     
- Misses      46888    46902      +14
Flag Coverage Δ
fuzzcorpus 59.30% <55.10%> (-0.01%) ⬇️
livemode 18.74% <6.12%> (-0.01%) ⬇️
pcap 44.63% <55.10%> (-0.01%) ⬇️
suricata-verify 65.00% <89.58%> (-0.01%) ⬇️
unittests 59.25% <27.08%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@suricata-qa
Copy link

suricata-qa commented Dec 18, 2025

WARNING:

field baseline test %
SURI_TLPW2_autofp_stats_chk
.uptime 147 142 96.6%

Pipeline = 28827

victorjulien
victorjulien reviewed Dec 18, 2025
View reviewed changes
rust/src/quic/quic.rs
if let Ok(eh) = EncryptionHandling::from_str(val) {
unsafe { ENCRYPTION_BYPASS_ENABLED = eh };
} else {
SCLogWarning!("Unknown value {} for quic.encryption-handling.", val);
Copy link
Member

@victorjulien victorjulien Dec 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we be strict here? It's a new setting so no reason to allow bad settings?

Copy link
Contributor Author

@catenacyber catenacyber Dec 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Going to LogError then

@catenacyber catenacyber mentioned this pull request Dec 18, 2025
Closed
@catenacyber
Copy link
Contributor Author

catenacyber commented Dec 18, 2025

Next version in #14509

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@victorjulien victorjulien victorjulien left review comments

@jasonish jasonish Awaiting requested review from jasonish jasonish is a code owner

@jufajardini jufajardini Awaiting requested review from jufajardini jufajardini is a code owner

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@catenacyber @suricata-qa @victorjulien