mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
Remove the -K/-J options for setting keys.
The options were never really used and do not seem especially useful; initialization with a seed file still works. This also fixes a bug with the initialization of the siphash key.
This commit is contained in:
Johanna Amann
parent
313647ce0e
commit
499ed5b566
6 changed files with 19 additions and 26 deletions
18
src/main.cc
18
src/main.cc
|
|
@ -190,8 +190,6 @@ void usage()
|
||||||
fprintf(stderr, " -G|--load-seeds <file> | load seeds from given file\n");
|
fprintf(stderr, " -G|--load-seeds <file> | load seeds from given file\n");
|
||||||
fprintf(stderr, " -H|--save-seeds <file> | save seeds to given file\n");
|
fprintf(stderr, " -H|--save-seeds <file> | save seeds to given file\n");
|
||||||
fprintf(stderr, " -I|--print-id <ID name> | print out given ID\n");
|
fprintf(stderr, " -I|--print-id <ID name> | print out given ID\n");
|
||||||
fprintf(stderr, " -J|--set-seed <seed> | set the random number seed\n");
|
|
||||||
fprintf(stderr, " -K|--md5-hashkey <hashkey> | set key for MD5-keyed hashing\n");
|
|
||||||
fprintf(stderr, " -N|--print-plugins | print available plugins and exit (-NN for verbose)\n");
|
fprintf(stderr, " -N|--print-plugins | print available plugins and exit (-NN for verbose)\n");
|
||||||
fprintf(stderr, " -P|--prime-dns | prime DNS\n");
|
fprintf(stderr, " -P|--prime-dns | prime DNS\n");
|
||||||
fprintf(stderr, " -Q|--time | print execution time summary to stderr\n");
|
fprintf(stderr, " -Q|--time | print execution time summary to stderr\n");
|
||||||
|
|
@ -459,7 +457,6 @@ int main(int argc, char** argv)
|
||||||
char* debug_streams = 0;
|
char* debug_streams = 0;
|
||||||
int parse_only = false;
|
int parse_only = false;
|
||||||
int bare_mode = false;
|
int bare_mode = false;
|
||||||
int seed = 0;
|
|
||||||
int dump_cfg = false;
|
int dump_cfg = false;
|
||||||
int to_xml = 0;
|
int to_xml = 0;
|
||||||
int do_watchdog = 0;
|
int do_watchdog = 0;
|
||||||
|
|
@ -491,8 +488,6 @@ int main(int argc, char** argv)
|
||||||
{"force-dns", no_argument, 0, 'F'},
|
{"force-dns", no_argument, 0, 'F'},
|
||||||
{"load-seeds", required_argument, 0, 'G'},
|
{"load-seeds", required_argument, 0, 'G'},
|
||||||
{"save-seeds", required_argument, 0, 'H'},
|
{"save-seeds", required_argument, 0, 'H'},
|
||||||
{"set-seed", required_argument, 0, 'J'},
|
|
||||||
{"md5-hashkey", required_argument, 0, 'K'},
|
|
||||||
{"print-plugins", no_argument, 0, 'N'},
|
{"print-plugins", no_argument, 0, 'N'},
|
||||||
{"prime-dns", no_argument, 0, 'P'},
|
{"prime-dns", no_argument, 0, 'P'},
|
||||||
{"time", no_argument, 0, 'Q'},
|
{"time", no_argument, 0, 'Q'},
|
||||||
|
|
@ -546,7 +541,7 @@ int main(int argc, char** argv)
|
||||||
opterr = 0;
|
opterr = 0;
|
||||||
|
|
||||||
char opts[256];
|
char opts[256];
|
||||||
safe_strncpy(opts, "B:e:f:G:H:I:i:J:K:n:p:R:r:s:T:t:U:w:x:X:z:CFNPQSWabdghv",
|
safe_strncpy(opts, "B:e:f:G:H:I:i:n:p:R:r:s:T:t:U:w:x:X:z:CFNPQSWabdghv",
|
||||||
sizeof(opts));
|
sizeof(opts));
|
||||||
|
|
||||||
#ifdef USE_PERFTOOLS_DEBUG
|
#ifdef USE_PERFTOOLS_DEBUG
|
||||||
|
|
@ -661,15 +656,6 @@ int main(int argc, char** argv)
|
||||||
id_name = optarg;
|
id_name = optarg;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'J':
|
|
||||||
seed = atoi(optarg);
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'K':
|
|
||||||
MD5((const u_char*) optarg, strlen(optarg), shared_hmac_md5_key);
|
|
||||||
hmac_key_set = true;
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'N':
|
case 'N':
|
||||||
++print_plugins;
|
++print_plugins;
|
||||||
break;
|
break;
|
||||||
|
|
@ -760,7 +746,7 @@ int main(int argc, char** argv)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
init_random_seed(seed, (seed_load_file && *seed_load_file ? seed_load_file : 0) , seed_save_file);
|
init_random_seed((seed_load_file && *seed_load_file ? seed_load_file : 0) , seed_save_file);
|
||||||
// DEBUG_MSG("HMAC key: %s\n", md5_digest_print(shared_hmac_md5_key));
|
// DEBUG_MSG("HMAC key: %s\n", md5_digest_print(shared_hmac_md5_key));
|
||||||
init_hash_function();
|
init_hash_function();
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -791,13 +791,14 @@ void bro_srandom(unsigned int seed)
|
||||||
srandom(seed);
|
srandom(seed);
|
||||||
}
|
}
|
||||||
|
|
||||||
void init_random_seed(uint32 seed, const char* read_file, const char* write_file)
|
void init_random_seed(const char* read_file, const char* write_file)
|
||||||
{
|
{
|
||||||
static const int bufsiz = 20;
|
static const int bufsiz = 20;
|
||||||
uint32 buf[bufsiz];
|
uint32 buf[bufsiz];
|
||||||
memset(buf, 0, sizeof(buf));
|
memset(buf, 0, sizeof(buf));
|
||||||
int pos = 0; // accumulates entropy
|
int pos = 0; // accumulates entropy
|
||||||
bool seeds_done = false;
|
bool seeds_done = false;
|
||||||
|
uint32 seed = 0;
|
||||||
|
|
||||||
if ( read_file )
|
if ( read_file )
|
||||||
{
|
{
|
||||||
|
|
@ -870,7 +871,7 @@ void init_random_seed(uint32 seed, const char* read_file, const char* write_file
|
||||||
if ( ! siphash_key_set )
|
if ( ! siphash_key_set )
|
||||||
{
|
{
|
||||||
assert(sizeof(buf)-64 == 16);
|
assert(sizeof(buf)-64 == 16);
|
||||||
memcpy(shared_siphash_key, buf+64, 16);
|
memcpy(shared_siphash_key, reinterpret_cast<const char*>(buf)+64, 16);
|
||||||
siphash_key_set = true;
|
siphash_key_set = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -195,8 +195,7 @@ extern void hmac_md5(size_t size, const unsigned char* bytes,
|
||||||
// over the "seed" argument. If write_file is given, the seeds are written
|
// over the "seed" argument. If write_file is given, the seeds are written
|
||||||
// to that file.
|
// to that file.
|
||||||
//
|
//
|
||||||
extern void init_random_seed(uint32 seed, const char* load_file,
|
extern void init_random_seed(const char* load_file, const char* write_file);
|
||||||
const char* write_file);
|
|
||||||
|
|
||||||
// Retrieves the initial seed computed after the very first call to
|
// Retrieves the initial seed computed after the very first call to
|
||||||
// init_random_seed(). Repeated calls to init_random_seed() will not affect
|
// init_random_seed(). Repeated calls to init_random_seed() will not affect
|
||||||
|
|
|
||||||
|
|
@ -1,2 +1,3 @@
|
||||||
|
Ok error
|
||||||
171249.90868
|
171249.90868
|
||||||
171249.90868
|
Ok error
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,8 @@
|
||||||
# Test the quality of HLL once by checking adding a large number of IP entries.
|
# Test the quality of HLL once by checking adding a large number of IP entries.
|
||||||
#
|
#
|
||||||
# @TEST-EXEC: bro %INPUT > out
|
# @TEST-EXEC: bro %INPUT > out
|
||||||
# @TEST-EXEC: BRO_SEED_FILE="" bro %INPUT >> out
|
# @TEST-EXEC: BRO_SEED_FILE="" bro %INPUT > out2
|
||||||
|
# @TEST-EXEC: head -n1 out2 >> out
|
||||||
# @TEST-EXEC: btest-diff out
|
# @TEST-EXEC: btest-diff out
|
||||||
|
|
||||||
event bro_init()
|
event bro_init()
|
||||||
|
|
@ -15,5 +16,10 @@ event bro_init()
|
||||||
hll_cardinality_add(cp, count_to_v4_addr(base+i));
|
hll_cardinality_add(cp, count_to_v4_addr(base+i));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ( |hll_cardinality_estimate(cp) - 170000| > 10000 )
|
||||||
|
print "Big error";
|
||||||
|
else
|
||||||
|
print "Ok error";
|
||||||
|
|
||||||
print hll_cardinality_estimate(cp);
|
print hll_cardinality_estimate(cp);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@
|
||||||
3912865238
|
3912865238
|
||||||
3596260151
|
3596260151
|
||||||
517973768
|
517973768
|
||||||
3606168384
|
1462428821
|
||||||
119014752
|
0
|
||||||
1013039866
|
2278350848
|
||||||
2458585167
|
32767
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue