Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Somehow I ended up with a lot of crud after merging with master. Fixing it.

Browse source
This commit is contained in:
Gregor Maier 2011-06-24 17:15:01 -07:00
parent 9f7d4980ea
commit 30c4b774aa
24 changed files with 1 additions and 71 deletions
Download patch file Download diff file Expand all files Collapse all files

1
policy/nfs.bro
View file

@ -1,4 +1,3 @@
# $Id$
@load udp @load udp

2
policy/portmapper.bro
View file

@ -120,8 +120,6 @@ export {
# the request was answered, F it was attempted but not answered. # the request was answered, F it was attempted but not answered.
# If there's an entry in the set, then the access won't lead to a # If there's an entry in the set, then the access won't lead to a
# NOTICE (unless the connection is hot for some other reason). # NOTICE (unless the connection is hot for some other reason).
# If there's an entry in the set, then the access won't lead to a
# NOTICE (unless the connection is hot for some other reason).
const RPC_do_not_complain: set[string, bool] = { const RPC_do_not_complain: set[string, bool] = {
["pm_null", [T, F]], ["pm_null", [T, F]],
} &redef; } &redef;

2
src/Analyzer.cc
View file

@ -40,8 +40,6 @@
#include "Syslog-binpac.h" #include "Syslog-binpac.h"
#include "ConnSizeAnalyzer.h" #include "ConnSizeAnalyzer.h"
#include <algorithm>
// Keep same order here as in AnalyzerTag definition! // Keep same order here as in AnalyzerTag definition!
const Analyzer::Config Analyzer::analyzer_configs[] = { const Analyzer::Config Analyzer::analyzer_configs[] = {
{ AnalyzerTag::Error, "<ERROR>", 0, 0, 0, false }, { AnalyzerTag::Error, "<ERROR>", 0, 0, 0, false },

2
src/BroString.cc
View file

@ -12,8 +12,6 @@
#include "BroString.h" #include "BroString.h"
#include "Var.h" #include "Var.h"
#include <algorithm>
#ifdef DEBUG #ifdef DEBUG
#define DEBUG_STR(msg) DBG_LOG(DBG_STRING, msg) #define DEBUG_STR(msg) DBG_LOG(DBG_STRING, msg)
#else #else

2
src/ContentLine.cc
View file

@ -5,8 +5,6 @@
#include "ContentLine.h" #include "ContentLine.h"
#include "TCP.h" #include "TCP.h"
#include <algorithm>
ContentLine_Analyzer::ContentLine_Analyzer(Connection* conn, bool orig) ContentLine_Analyzer::ContentLine_Analyzer(Connection* conn, bool orig)
: TCP_SupportAnalyzer(AnalyzerTag::ContentLine, conn, orig) : TCP_SupportAnalyzer(AnalyzerTag::ContentLine, conn, orig)
{ {

2
src/DNS_Mgr.cc
View file

@ -36,8 +36,6 @@
#include "Net.h" #include "Net.h"
#include "Var.h" #include "Var.h"
#include <algorithm>
extern "C" { extern "C" {
extern int select(int, fd_set *, fd_set *, fd_set *, struct timeval *); extern int select(int, fd_set *, fd_set *, fd_set *, struct timeval *);

2
src/Discard.cc
View file

@ -10,8 +10,6 @@
#include "Var.h" #include "Var.h"
#include "Discard.h" #include "Discard.h"
#include <algorithm>
Discarder::Discarder() Discarder::Discarder()
{ {
ip_hdr = internal_type("ip_hdr")->AsRecordType(); ip_hdr = internal_type("ip_hdr")->AsRecordType();

2
src/File.cc
View file

@ -31,8 +31,6 @@
#include "Serializer.h" #include "Serializer.h"
#include "Event.h" #include "Event.h"
#include <algorithm>
// Timer which on dispatching rotates the file. // Timer which on dispatching rotates the file.
class RotateTimer : public Timer { class RotateTimer : public Timer {
public: public:

2
src/FileAnalyzer.cc
View file

@ -4,8 +4,6 @@
#include "FileAnalyzer.h" #include "FileAnalyzer.h"
#include <algorithm>
#ifdef HAVE_LIBMAGIC #ifdef HAVE_LIBMAGIC
magic_t File_Analyzer::magic = 0; magic_t File_Analyzer::magic = 0;
magic_t File_Analyzer::magic_mime = 0; magic_t File_Analyzer::magic_mime = 0;

2
src/ICMP.cc
View file

@ -11,8 +11,6 @@
#include "Event.h" #include "Event.h"
#include "ICMP.h" #include "ICMP.h"
#include <algorithm>
ICMP_Analyzer::ICMP_Analyzer(Connection* c) ICMP_Analyzer::ICMP_Analyzer(Connection* c)
: TransportLayerAnalyzer(AnalyzerTag::ICMP, c) : TransportLayerAnalyzer(AnalyzerTag::ICMP, c)
{ {

2
src/IOSource.cc
View file

@ -10,8 +10,6 @@
#include "util.h" #include "util.h"
#include "IOSource.h" #include "IOSource.h"
#include <algorithm>
IOSourceRegistry io_sources; IOSourceRegistry io_sources;
IOSourceRegistry::~IOSourceRegistry() IOSourceRegistry::~IOSourceRegistry()

4
src/NFS.cc
View file

@ -204,8 +204,6 @@ int NFS_Interp::RPC_BuildReply(RPC_CallInfo* c, BifEnum::rpc_status rpc_status,
event = nfs_proc_readdir; event = nfs_proc_readdir;
break; break;
default: default:
if ( c->Proc() < BifEnum::NFS3::PROC_END_OF_PROCS ) if ( c->Proc() < BifEnum::NFS3::PROC_END_OF_PROCS )
{ {
@ -614,8 +612,6 @@ RecordVal* NFS_Interp::nfs3_readdir_reply(bool isplus, const u_char*& buf,
{ {
rep->Assign(1, nfs3_post_op_attr(buf,n)); rep->Assign(1, nfs3_post_op_attr(buf,n));
} }
return rep;
}
return rep; return rep;
} }

2
src/NFS.h
View file

@ -92,6 +92,4 @@ public:
}; };
#endif
#endif #endif

1
src/Portmap.cc
View file

@ -80,7 +80,6 @@ int PortmapperInterp::RPC_BuildReply(RPC_CallInfo* c, BifEnum::rpc_status status
Val *reply = 0; Val *reply = 0;
int success = (status == BifEnum::RPC_SUCCESS); int success = (status == BifEnum::RPC_SUCCESS);
switch ( c->Proc() ) { switch ( c->Proc() ) {
case PMAPPROC_NULL: case PMAPPROC_NULL:
event = success ? pm_request_null : pm_attempt_null; event = success ? pm_request_null : pm_attempt_null;

15
src/RPC.cc
View file

@ -13,8 +13,6 @@
#include "RPC.h" #include "RPC.h"
#include "Sessions.h" #include "Sessions.h"
#include <algorithm>
namespace { // local namespace namespace { // local namespace
const bool DEBUG_rpc_resync = false; const bool DEBUG_rpc_resync = false;
} }
@ -48,17 +46,12 @@ RPC_CallInfo::RPC_CallInfo(uint32 arg_xid, const u_char*& buf, int& n, double ar
valid_call = false; valid_call = false;
v = 0; v = 0;
/*GM cookie = 0; */
} }
RPC_CallInfo::~RPC_CallInfo() RPC_CallInfo::~RPC_CallInfo()
{ {
delete [] call_buf; delete [] call_buf;
Unref(v); Unref(v);
/*GM
if (cookie)
delete cookie;
*/
} }
int RPC_CallInfo::CompareRexmit(const u_char* buf, int n) const int RPC_CallInfo::CompareRexmit(const u_char* buf, int n) const
@ -94,6 +87,7 @@ int RPC_Interpreter::DeliverRPC(const u_char* buf, int n, int rpclen,
if ( ! buf ) if ( ! buf )
return 0; return 0;
HashKey h(&xid, 1); HashKey h(&xid, 1);
RPC_CallInfo* call = calls.Lookup(&h); RPC_CallInfo* call = calls.Lookup(&h);
@ -106,9 +100,6 @@ int RPC_Interpreter::DeliverRPC(const u_char* buf, int n, int rpclen,
{ {
if ( ! call->CompareRexmit(buf, n) ) if ( ! call->CompareRexmit(buf, n) )
Weird("RPC_rexmit_inconsistency"); Weird("RPC_rexmit_inconsistency");
// XXX: Should we update start_time and last_time or not??
call->SetStartTime(start_time);
call->SetLastTime(last_time);
// TODO: Should we update start_time and last_time or // TODO: Should we update start_time and last_time or
// not?? // not??
@ -140,10 +131,6 @@ int RPC_Interpreter::DeliverRPC(const u_char* buf, int n, int rpclen,
calls.Insert(&h, call); calls.Insert(&h, call);
} }
// We now have a valid RPC_CallInfo (either the previous one in case
// of a rexmit or the current one).
// TODO: What to do in case of a rexmit_inconistency??
Event_RPC_Call(call);
// We now have a valid RPC_CallInfo (either the previous one // We now have a valid RPC_CallInfo (either the previous one
// in case of a rexmit or the current one). // in case of a rexmit or the current one).

2
src/Reassem.cc
View file

@ -9,8 +9,6 @@
#include "Reassem.h" #include "Reassem.h"
#include "Serializer.h" #include "Serializer.h"
#include <algorithm>
const bool DEBUG_reassem = false; const bool DEBUG_reassem = false;
#ifdef DEBUG #ifdef DEBUG

2
src/RuleMatcher.cc
View file

@ -11,8 +11,6 @@
#include "Scope.h" #include "Scope.h"
#include "File.h" #include "File.h"
#include <algorithm>
// FIXME: Things that are not fully implemented/working yet: // FIXME: Things that are not fully implemented/working yet:
// //
// - "ip-options" always evaluates to false // - "ip-options" always evaluates to false

2
src/SmithWaterman.cc
View file

@ -11,8 +11,6 @@
#include "Var.h" #include "Var.h"
#include "util.h" #include "util.h"
#include <algorithm>
BroSubstring::BroSubstring(const BroSubstring& bst) BroSubstring::BroSubstring(const BroSubstring& bst)
: BroString((const BroString&) bst), _new(bst._new) : BroString((const BroString&) bst), _new(bst._new)
{ {

2
src/TCP.cc
View file

@ -12,8 +12,6 @@
#include "OSFinger.h" #include "OSFinger.h"
#include "Event.h" #include "Event.h"
#include <algorithm>
namespace { // local namespace namespace { // local namespace
const bool DEBUG_tcp_data_sent = false; const bool DEBUG_tcp_data_sent = false;
const bool DEBUG_tcp_connection_close = false; const bool DEBUG_tcp_connection_close = false;

2
src/TCP_Reassembler.cc
View file

@ -7,8 +7,6 @@
#include "TCP.h" #include "TCP.h"
#include "TCP_Endpoint.h" #include "TCP_Endpoint.h"
#include <algorithm>
// Only needed for gap_report events. // Only needed for gap_report events.
#include "Event.h" #include "Event.h"

2
src/UDP.cc
View file

@ -10,8 +10,6 @@
#include "NetVar.h" #include "NetVar.h"
#include "UDP.h" #include "UDP.h"
#include <algorithm>
UDP_Analyzer::UDP_Analyzer(Connection* conn) UDP_Analyzer::UDP_Analyzer(Connection* conn)
: TransportLayerAnalyzer(AnalyzerTag::UDP, conn) : TransportLayerAnalyzer(AnalyzerTag::UDP, conn)
{ {

4
src/XDR.cc
View file

@ -8,8 +8,6 @@
#include "XDR.h" #include "XDR.h"
#include <algorithm>
uint32 extract_XDR_uint32(const u_char*& buf, int& len) uint32 extract_XDR_uint32(const u_char*& buf, int& len)
{ {
if ( ! buf ) if ( ! buf )
@ -63,8 +61,6 @@ const u_char* extract_XDR_opaque(const u_char*& buf, int& len, int& n, int max_l
n = int(extract_XDR_uint32(buf, len)); n = int(extract_XDR_uint32(buf, len));
if ( ! buf ) if ( ! buf )
return 0; return 0;
if (short_buf_ok)
n = std::min(n, len);
if ( short_buf_ok ) if ( short_buf_ok )
n = std::min(n, len); n = std::min(n, len);

8
src/event.bif
View file

@ -165,14 +165,6 @@ event rpc_call%(c: connection, xid: count, prog: count, ver: count, proc: count,
# Generated for each (correctly formed) RPC_REPLY message received. # Generated for each (correctly formed) RPC_REPLY message received.
event rpc_reply%(c: connection, xid: count, status: rpc_status, reply_len: count%); event rpc_reply%(c: connection, xid: count, status: rpc_status, reply_len: count%);
# Generated for each RPC request / reply *pair* (if there is no reply, the event
# will be generated on timeout).
event rpc_dialogue%(c: connection, prog: count, ver: count, proc: count, status: rpc_status, start_time: time, call_len: count, reply_len: count%);
# Generated for each (correctly formed) RPC_CALL message received
event rpc_call%(c: connection, xid: count, prog: count, ver: count, proc: count, call_len: count%);
# Generated for each (correctly formed) RPC_REPLY message received
event rpc_reply%(c: connection, xid: count, status: rpc_status, reply_len: count%);
event pm_request_null%(r: connection%); event pm_request_null%(r: connection%);
event pm_request_set%(r: connection, m: pm_mapping, success: bool%); event pm_request_set%(r: connection, m: pm_mapping, success: bool%);
event pm_request_unset%(r: connection, m: pm_mapping, success: bool%); event pm_request_unset%(r: connection, m: pm_mapping, success: bool%);

5
src/util.h
View file

@ -13,11 +13,6 @@
// Expose C99 functionality from inttypes.h, which would otherwise not be // Expose C99 functionality from inttypes.h, which would otherwise not be
// available in C++. // available in C++.
#ifndef _ISOC99_SOURCE
# define _ISOC99_SOURCE
#endif
#define __STDC_LIMIT_MACROS
#define __STDC_CONSTANT_MACROS
#define __STDC_FORMAT_MACROS #define __STDC_FORMAT_MACROS
#include <inttypes.h> #include <inttypes.h>