Merge branch 'BIT-1927' of https://github.com/hosom/bro

* 'BIT-1927' of https://github.com/hosom/bro:
  Fix for BIT-1927: notice/extend-email relocation

And updated coverage unit tests.

BIT-1927 #close

CHANGES

@@ -1,4 +1,12 @@
 
+2.5-569 | 2018-05-10 11:24:07 -0500
+
+  * BIT-1927: relocate notice/extend-email/ scripts to policy/ dir and
+    load it from local.bro to allow users to control whether it is used.
+    (Stephen Hosom)
+
+  * Sort output of the missing-file-initially.bro test (Daniel Thayer)
+
 2.5-565 | 2018-05-08 15:29:53 -0500
 
   * BIT-1926: add unit tests for misc. HTTP patches (Corelight)

VERSION

@@ -1 +1 @@
-2.5-565
+2.5-569

scripts/base/frameworks/notice/__load__.bro

@@ -8,10 +8,6 @@
 @load ./actions/page
 @load ./actions/add-geodata
 
-# There shouldn't be any default overhead from loading these since they 
-# *should* only do anything when notices have the ACTION_EMAIL action applied.
-@load ./extend-email/hostnames
-
 # The cluster framework must be loaded first.
 @load base/frameworks/cluster
 

scripts/policy/frameworks/notice/__load__.bro

@@ -0,0 +1,3 @@
+# There shouldn't be any default overhead from loading these since they
+# *should* only do anything when notices have the ACTION_EMAIL action applied.
+@load ./extend-email/hostnames

scripts/policy/frameworks/notice/extend-email/hostnames.bro

@@ -3,7 +3,7 @@
 ##! :bro:type:`Notice::Info`'s *src* and *dst* fields as determined by a
 ##! DNS lookup.
 
-@load ../main
+@load base/frameworks/notice/main
 
 module Notice;
 

scripts/site/local.bro

@@ -85,6 +85,9 @@
 # Detect SHA1 sums in Team Cymru's Malware Hash Registry.
 @load frameworks/files/detect-MHR
 
+# Extend email alerting to include hostnames
+@load policy/frameworks/notice/extend-email/hostnames
+
 # Uncomment the following line to enable detection of the heartbleed attack. Enabling
 # this might impact performance a bit.
 # @load policy/protocols/ssl/heartbleed

scripts/test-all-policy.bro

@@ -34,6 +34,8 @@
 @load frameworks/files/entropy-test-all-files.bro
 #@load frameworks/files/extract-all-files.bro
 @load frameworks/files/hash-all-files.bro
+@load frameworks/notice/__load__.bro
+@load frameworks/notice/extend-email/hostnames.bro
 @load files/x509/log-ocsp.bro
 @load frameworks/packet-filter/shunt.bro
 @load frameworks/software/version-changes.bro

testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log

@@ -226,7 +226,6 @@ scripts/base/init-default.bro
     scripts/base/frameworks/notice/actions/email_admin.bro
     scripts/base/frameworks/notice/actions/page.bro
     scripts/base/frameworks/notice/actions/add-geodata.bro
-    scripts/base/frameworks/notice/extend-email/hostnames.bro
     scripts/base/frameworks/notice/non-cluster.bro
     scripts/base/frameworks/notice/actions/pp-alarms.bro
   scripts/base/frameworks/dpd/__load__.bro

testing/btest/Baseline/plugins.hooks/output

@@ -626,7 +626,6 @@
 0.000000   MetaHookPost  LoadFile(0, .<...>/gridftp.bro) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/hll_unique.bro) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/hooks.bif.bro) -> -1
-0.000000   MetaHookPost  LoadFile(0, .<...>/hostnames.bro) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/inactivity.bro) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/info.bro) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/init.bro) -> -1
@@ -1420,7 +1419,6 @@
 0.000000   MetaHookPre   LoadFile(0, .<...>/gridftp.bro)
 0.000000   MetaHookPre   LoadFile(0, .<...>/hll_unique.bro)
 0.000000   MetaHookPre   LoadFile(0, .<...>/hooks.bif.bro)
-0.000000   MetaHookPre   LoadFile(0, .<...>/hostnames.bro)
 0.000000   MetaHookPre   LoadFile(0, .<...>/inactivity.bro)
 0.000000   MetaHookPre   LoadFile(0, .<...>/info.bro)
 0.000000   MetaHookPre   LoadFile(0, .<...>/init.bro)
@@ -2218,7 +2216,6 @@
 0.000000 | HookLoadFile  .<...>/gridftp.bro
 0.000000 | HookLoadFile  .<...>/hll_unique.bro
 0.000000 | HookLoadFile  .<...>/hooks.bif.bro
-0.000000 | HookLoadFile  .<...>/hostnames.bro
 0.000000 | HookLoadFile  .<...>/image.sig
 0.000000 | HookLoadFile  .<...>/inactivity.bro
 0.000000 | HookLoadFile  .<...>/info.bro