mirror of
https://github.com/zeek/zeek.git
synced 2025-10-14 12:38:20 +00:00
Fix IRC analyzer supplying wrong type to irc_dcc_message event.
And other IRC policy tweaks.
This commit is contained in:
Jon Siwek
parent
a73ef6f0e1
commit
063ad9a103
3 changed files with 31 additions and 11 deletions
|
|
@ -71,6 +71,13 @@ event irc_nick_message(c: connection, is_orig: bool, who: string, newnick: strin
|
|||
{
|
||||
c$irc$command = "NICK";
|
||||
c$irc$value = newnick;
|
||||
}
|
||||
}
|
||||
|
||||
event irc_nick_message(c: connection, is_orig: bool, who: string, newnick: string) &priority=-5
|
||||
{
|
||||
if ( is_orig )
|
||||
{
|
||||
Log::write(IRC, c$irc);
|
||||
c$irc$nick = newnick;
|
||||
}
|
||||
|
|
@ -84,6 +91,13 @@ event irc_user_message(c: connection, is_orig: bool, user: string, host: string,
|
|||
c$irc$command = "USER";
|
||||
c$irc$value = user;
|
||||
c$irc$addl=fmt("%s %s %s", host, server, real_name);
|
||||
}
|
||||
}
|
||||
|
||||
event irc_user_message(c: connection, is_orig: bool, user: string, host: string, server: string, real_name: string) &priority=-5
|
||||
{
|
||||
if ( is_orig )
|
||||
{
|
||||
Log::write(IRC, c$irc);
|
||||
c$irc$user = user;
|
||||
}
|
||||
|
|
@ -93,8 +107,13 @@ event irc_join_message(c: connection, is_orig: bool, info_list: irc_join_list) &
|
|||
{
|
||||
set_session(c);
|
||||
if ( is_orig )
|
||||
{
|
||||
c$irc$command = "JOIN";
|
||||
}
|
||||
|
||||
event irc_join_message(c: connection, is_orig: bool, info_list: irc_join_list) &priority=5
|
||||
{
|
||||
if ( is_orig )
|
||||
{
|
||||
for ( l in info_list )
|
||||
{
|
||||
c$irc$value = l$channel;
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ event file_transferred(c: connection, prefix: string, descr: string,
|
|||
|
||||
irc$dcc_mime_type = mime_type;
|
||||
|
||||
if ( extract_file_types in mime_type )
|
||||
if ( extract_file_types == mime_type )
|
||||
{
|
||||
irc$extract_file = T;
|
||||
add irc$tags[EXTRACTED_FILE];
|
||||
|
|
@ -61,10 +61,6 @@ event file_transferred(c: connection, prefix: string, descr: string,
|
|||
local fname = generate_extraction_filename(extraction_prefix, c, suffix);
|
||||
irc$extraction_file = open(fname);
|
||||
}
|
||||
local tmp = c$irc$command;
|
||||
c$irc$command = "DCC";
|
||||
Log::write(IRC, c$irc);
|
||||
c$irc$command = tmp;
|
||||
}
|
||||
|
||||
event file_transferred(c: connection, prefix: string, descr: string,
|
||||
|
|
@ -76,6 +72,11 @@ event file_transferred(c: connection, prefix: string, descr: string,
|
|||
|
||||
local irc = dcc_expected_transfers[id$resp_h, id$resp_p];
|
||||
|
||||
local tmp = irc$command;
|
||||
irc$command = "DCC";
|
||||
Log::write(IRC, irc);
|
||||
irc$command = tmp;
|
||||
|
||||
if ( irc$extract_file && irc?$extraction_file )
|
||||
set_contents_file(id, CONTENTS_RESP, irc$extraction_file);
|
||||
|
||||
|
|
@ -99,7 +100,7 @@ event irc_dcc_message(c: connection, is_orig: bool,
|
|||
c$irc$dcc_file_name = argument;
|
||||
c$irc$dcc_file_size = size;
|
||||
local p = to_port(dest_port, tcp);
|
||||
expect_connection(c$id$orig_h, address, p, ANALYZER_FILE, 5 min);
|
||||
expect_connection(to_addr("0.0.0.0"), address, p, ANALYZER_FILE, 5 min);
|
||||
dcc_expected_transfers[address, p] = c$irc;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -668,9 +668,9 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
|
|||
vl->append(new Val(atoi(parts[4].c_str()), TYPE_COUNT));
|
||||
if ( parts.size() >= 6 )
|
||||
vl->append(new Val(atoi(parts[5].c_str()),
|
||||
TYPE_INT));
|
||||
TYPE_COUNT));
|
||||
else
|
||||
vl->append(new Val(0, TYPE_INT));
|
||||
vl->append(new Val(0, TYPE_COUNT));
|
||||
|
||||
ConnectionEvent(irc_dcc_message, vl);
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue