Merge branch 'master' of ssh://git.bro.org/bro

2025-10-05 08:08:19 +00:00 · 2018-06-08 16:41:07 +00:00 · 2018-06-08 16:41:07 +00:00 · 280e8c7dcc
commit 280e8c7dcc
parent 554e8cc73d b51e6f39dd
10 changed files with 53 additions and 29 deletions
--- a/19
+++ b/19
@ -1,5 +1,5 @@
-2.5-651 | 2018-06-08 16:37:38 +0000
+2.5-658 | 2018-06-08 16:41:07 +0000
  * Allow BRO_DEFAULT_LISTEN_ADDRESS to control broker listen address.
    This environment variable is now set to listen only on IPv4
@ -11,6 +11,23 @@
    (like `getenv`) from variable initializations in those particular
    frameworks. (Corelight)
 2.5-655 | 2018-06-08 10:43:03 -0500
  * Correct conn history field documentation (Corelight)
 2.5-652 | 2018-06-07 13:57:23 -0500
  * GH-131: disable krb ticket decryption on non-Linux (Corelight)
 2.5-651 | 2018-06-07 09:57:29 -0500
  * Fix signed/unsigned comparison compiler warning (Corelight)
 2.5-650 | 2018-06-06 16:20:18 -0500
  * Improve Broker performance (Corelight)
 >>>>>>> b51e6f39ddc641811d4875cda4543d3a60fb5a63
 2.5-648 | 2018-06-05 17:32:47 -0500
  * BIT-1936: improve Broxygen warnings (Corelight)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -144,10 +144,12 @@ if (LIBGEOIP_FOUND)
 endif ()
 set(USE_KRB5 false)
-find_package(LibKrb5)
+if ( ${CMAKE_SYSTEM_NAME} MATCHES Linux )
-if (LibKrb5_FOUND)
+  find_package(LibKrb5)
-   set(USE_KRB5 true)
+  if (LibKrb5_FOUND)
-   list(APPEND OPTLIBS ${LibKrb5_LIBRARY})
+     set(USE_KRB5 true)
     list(APPEND OPTLIBS ${LibKrb5_LIBRARY})
  endif ()
 endif ()
 set(HAVE_PERFTOOLS false)
--- a/2
+++ b/2
@ -1 +1 @@
-2.5-651
+2.5-658
--- a/aux/broctl
+++ b/aux/broctl
@ -1 +1 @@
-Subproject commit fc7abc2c5e459b51d60b2036db428053b5fb27f5
+Subproject commit 99ef926d09a144a9919dec01f6231692e170120e
--- a/aux/broker
+++ b/aux/broker
@ -1 +1 @@
-Subproject commit 81cf863bb26c39b88f6cf6d1d8439458a1586bee
+Subproject commit 9b56fea4999d4e11a5cd2caaafd934759015fab5
--- a/scripts/base/protocols/conn/main.bro
+++ b/scripts/base/protocols/conn/main.bro
@ -95,9 +95,12 @@ export {
 		##
 		## If the event comes from the originator, the letter is in
 		## upper-case; if it comes from the responder, it's in
-		## lower-case. Multiple packets of the same type will only be
+		## lower-case.  The 'a', 'c', 'd', 'i', 'q', and 't' flags are
-		## noted once (e.g. we only record one "d" in each direction,
+		## recorded a maximum of one time in either direction regardless
-		## regardless of how many data packets were seen.)
+		## of how many are actually seen.  However, 'f', 'h', 'r', or
 		## 's' may be recorded multiple times for either direction and
 		## only compressed when sharing a sequence number with the
 		## last-seen packet of the same flag type.
 		history:      string          &log &optional;
 		## Number of packets that the originator sent.
 		## Only set if :bro:id:`use_conn_size_analyzer` = T.
--- a/src/analyzer/protocol/ncp/NCP.cc
+++ b/src/analyzer/protocol/ncp/NCP.cc
@ -80,7 +80,7 @@ void NCP_Session::DeliverFrame(const binpac::NCP::ncp_frame* frame)
 		}
 	}
-FrameBuffer::FrameBuffer(int header_length)
+FrameBuffer::FrameBuffer(size_t header_length)
 	{
 	hdr_len = header_length;
 	msg_buf = 0;
--- a/src/analyzer/protocol/ncp/NCP.h
+++ b/src/analyzer/protocol/ncp/NCP.h
@ -51,7 +51,7 @@ protected:
 class FrameBuffer {
 public:
-	explicit FrameBuffer(int header_length);
+	explicit FrameBuffer(size_t header_length);
 	virtual ~FrameBuffer();
 	// Returns -1 if frame is not ready, 0 if it else, and 1 if
@ -67,7 +67,7 @@ public:
 protected:
 	virtual void compute_msg_length() = 0;
-	int hdr_len;
+	size_t hdr_len;
 	u_char* msg_buf;
 	uint64 msg_len;
 	size_t buf_n;	// number of bytes in msg_buf
--- a/src/broker/Manager.cc
+++ b/src/broker/Manager.cc
@ -136,6 +136,7 @@ Manager::BrokerState::BrokerState(broker::broker_options options)
 Manager::Manager(bool reading_pcaps)
 	{
 	bound_port = 0;
 	peer_count = 0;
 	next_timestamp = 1;
 	SetIdle(false);
@ -205,7 +206,7 @@ bool Manager::Active()
 	if ( bound_port > 0 )
 		return true;
-	return bstate->endpoint.peers().size();
+	return peer_count > 0;
 	}
 void Manager::AdvanceTime(double seconds_since_unix_epoch)
@ -301,7 +302,7 @@ bool Manager::PublishEvent(string topic, std::string name, broker::vector args)
 	if ( bstate->endpoint.is_shutdown() )
 		return true;
-	if ( ! bstate->endpoint.peers().size() )
+	if ( peer_count == 0 )
 		return true;
 	DBG_LOG(DBG_BROKER, "Publishing event: %s",
@ -317,7 +318,7 @@ bool Manager::PublishEvent(string topic, RecordVal* args)
 	if ( bstate->endpoint.is_shutdown() )
 		return true;
-	if ( ! bstate->endpoint.peers().size() )
+	if ( peer_count == 0 )
 		return true;
 	if ( ! args->Lookup(0) )
@ -347,7 +348,7 @@ bool Manager::RelayEvent(std::string first_topic,
 	if ( bstate->endpoint.is_shutdown() )
 		return true;
-	if ( ! bstate->endpoint.peers().size() )
+	if ( peer_count == 0 )
 		return true;
 	DBG_LOG(DBG_BROKER, "Publishing %s-relay event: %s",
@ -381,7 +382,7 @@ bool Manager::RelayEvent(std::string first_topic,
 	if ( bstate->endpoint.is_shutdown() )
 		return true;
-	if ( ! bstate->endpoint.peers().size() )
+	if ( peer_count == 0 )
 		return true;
 	if ( ! args->Lookup(0) )
@ -413,7 +414,7 @@ bool Manager::PublishIdentifier(std::string topic, std::string id)
 	if ( bstate->endpoint.is_shutdown() )
 		return true;
-	if ( ! bstate->endpoint.peers().size() )
+	if ( peer_count == 0 )
 		return true;
 	ID* i = global_scope()->Lookup(id.c_str());
@ -453,7 +454,7 @@ bool Manager::PublishLogCreate(EnumVal* stream, EnumVal* writer,
 	if ( bstate->endpoint.is_shutdown() )
 		return true;
-	if ( ! bstate->endpoint.peers().size() )
+	if ( peer_count == 0 )
 		return true;
 	auto stream_id = stream->Type()->AsEnumType()->Lookup(stream->AsEnum());
@ -507,7 +508,7 @@ bool Manager::PublishLogWrite(EnumVal* stream, EnumVal* writer, string path, int
 	if ( bstate->endpoint.is_shutdown() )
 		return true;
-	if ( ! bstate->endpoint.peers().size() )
+	if ( peer_count == 0 )
 		return true;
 	auto stream_id_num = stream->AsEnum();
@ -1185,16 +1186,19 @@ void Manager::ProcessStatus(broker::status stat)
 		break;
 	case broker::sc::peer_added:
-	        assert(ctx);
+		++peer_count;
-	        log_mgr->SendAllWritersTo(*ctx);
+		assert(ctx);
 		log_mgr->SendAllWritersTo(*ctx);
 		event = Broker::peer_added;
 		break;
 	case broker::sc::peer_removed:
 		--peer_count;
 		event = Broker::peer_removed;
 		break;
 	case broker::sc::peer_lost:
 		--peer_count;
 		event = Broker::peer_lost;
 		break;
 	}
@ -1490,11 +1494,7 @@ bool Manager::TrackStoreQuery(StoreHandleVal* handle, broker::request_id id,
 const Stats& Manager::GetStatistics()
 	{
-	if ( bstate->endpoint.is_shutdown() )
+	statistics.num_peers = peer_count;
 		statistics.num_peers = 0;
 	else
 		statistics.num_peers = bstate->endpoint.peers().size();
 	statistics.num_stores = data_stores.size();
 	statistics.num_pending_queries = pending_queries.size();
--- a/src/broker/Manager.h
+++ b/src/broker/Manager.h
@ -414,6 +414,8 @@ private:
 	Stats statistics;
 	double next_timestamp;
 	bool reading_pcaps;
 	int peer_count;
 	static int script_scope;
 	static VectorType* vector_of_data_type;
		`@ -1 +1 @@`
			`Subproject commit fc7abc2c5e459b51d60b2036db428053b5fb27f5`				`Subproject commit 99ef926d09a144a9919dec01f6231692e170120e`
		`@ -1 +1 @@`
			`Subproject commit 81cf863bb26c39b88f6cf6d1d8439458a1586bee`				`Subproject commit 9b56fea4999d4e11a5cd2caaafd934759015fab5`