diff --git a/scripts/base/frameworks/tunnels/main.bro b/scripts/base/frameworks/tunnels/main.bro index 0fd37e8e59..1f0258e0a3 100644 --- a/scripts/base/frameworks/tunnels/main.bro +++ b/scripts/base/frameworks/tunnels/main.bro @@ -18,8 +18,6 @@ export { ## A tunnel connection has closed. CLOSE, ## No new connections over a tunnel happened in the past day. - ## TODO-Jon: Where is the "past day" coming from? Should be an - ## option. EXPIRE, }; @@ -72,7 +70,6 @@ export { ## Currently active tunnels. That is, tunnels for which new, encapsulated ## connections have been seen in the last day. - ## TODO-Jon: Do we we need the &synchronized here? global active: table[conn_id] of Info = table() &synchronized &read_expire=24hrs &expire_func=expire; } @@ -132,12 +129,6 @@ event new_connection(c: connection) &priority=5 event tunnel_changed(c: connection, e: EncapsulatingConnVector) &priority=5 { - ## TODO-Jon: Not sure I understand this. Shouldn't c$tunnel already be - ## registered? And what if a layer goes way, does that need to be - ## removed here? Or is that done separately? - ## - ## Also, conn/main.bro has a tunnel_changed handler at the same - ## priority that *sets* c$tunnel. That's seems undefine behaviour. if ( c?$tunnel ) register_all(c$tunnel); diff --git a/src/Analyzer.h b/src/Analyzer.h index 6fd1b3b444..6ccd7648d3 100644 --- a/src/Analyzer.h +++ b/src/Analyzer.h @@ -217,9 +217,7 @@ public: // Return whether the analyzer previously called ProtocolConfirmation() // at least once before. - // - // TODO-Jon: Why virtual? - virtual bool ProtocolConfirmed() const + bool ProtocolConfirmed() const { return protocol_confirmed; } // Report that we found a significant protocol violation which might diff --git a/src/Sessions.cc b/src/Sessions.cc index 7f62f42c7b..c754a14698 100644 --- a/src/Sessions.cc +++ b/src/Sessions.cc @@ -546,7 +546,7 @@ void NetSessions::DoNextPacket(double t, const struct pcap_pkthdr* hdr, Weird("truncated_inner_IP", ip_hdr, encapsulation); else if ( result > 0 ) - Weird("inner_IP_payload_mismatch", ip_hdr, encapsulation); + Weird("inner_IP_payload_length_mismatch", ip_hdr, encapsulation); if ( result != 0 ) { @@ -706,7 +706,6 @@ void NetSessions::DoNextInnerPacket(double t, const struct pcap_pkthdr* hdr, if ( hdr ) fake_hdr.ts = hdr->ts; else - // TODO-Jon: use network_time? fake_hdr.ts.tv_sec = fake_hdr.ts.tv_usec = 0; const u_char* pkt = 0; diff --git a/src/TunnelEncapsulation.h b/src/TunnelEncapsulation.h index 01819c0f20..9dcf134536 100644 --- a/src/TunnelEncapsulation.h +++ b/src/TunnelEncapsulation.h @@ -114,9 +114,6 @@ protected: /** * Abstracts an arbitrary amount of nested tunneling. */ - -// TODO-Jon: Rename EncapsulationChain or EncapsulationStack? I'd prefer to -// have notion in there that this covers multiple levels of encapsulations. class Encapsulation { public: Encapsulation() : conns(0) @@ -130,11 +127,6 @@ public: conns = 0; } - // TODO-Jon: I don't like the ptr-version of the ctor. When reading - // the code using that, I can't tell what it does with the pointer - // (i.e., that it deep-copied the object). Can we use just the - // reference version above? That may mean more "if ( not null )" at - // the caller end though. Encapsulation(const Encapsulation* other) { if ( other && other->conns ) diff --git a/src/event.bif b/src/event.bif index 8d4b1d28a1..0531bb8a18 100644 --- a/src/event.bif +++ b/src/event.bif @@ -146,7 +146,6 @@ event new_connection%(c: connection%); ## or from the outer encapsulation changing. Note that the connection's ## *tunnel* field is NOT automatically assigned to the new encapsulation value ## internally after this event is raised. -## TODO-Jon: I'm not sure what the last sentence is supposed to tell me? ## ## c: The connection whose tunnel/encapsulation changed. ##