Merge remote-tracking branch 'origin/topic/vladg/sip'

* origin/topic/vladg/sip: Update NEWS. Update baselines. Spruce up SIP events.bif documentation a bit. Register SIP analyzer to well known port. Fix indenting issue in main.bro Add SIP btests. Small update for the SIP logs and DPD sig. SIP: Fix up DPD and the TCP analyzer a bit. SIP: Move to the new string BIFs SIP: Move to new analyzer format. Move the SIP analyzer to uint64 sequences, and a number of other small SIP fixes. Rely on content inspection and not just is_orig to determine client/server. Enable SIP in CMakeLists.txt Merge topic/seth/faf-updates. BIT-1370 #merged
2025-10-16 21:48:21 +00:00 · 2015-04-21 15:23:00 -07:00 · 2015-04-21 15:23:00 -07:00 · 5b32791edb
commit 5b32791edb
parent d1d53f4b08 7370829ff4
30 changed files with 1355 additions and 364 deletions
--- a/src/analyzer/protocol/sip/SIP.h
+++ b/src/analyzer/protocol/sip/SIP.h
@ -0,0 +1,31 @@
+#ifndef ANALYZER_PROTOCOL_SIP_SIP_H
+#define ANALYZER_PROTOCOL_SIP_SIP_H
+
+#include "events.bif.h"
+
+#include "analyzer/protocol/udp/UDP.h"
+#include "sip_pac.h"
+
+namespace analyzer { namespace SIP {
+
+class SIP_Analyzer : public analyzer::Analyzer {
+public:
+	SIP_Analyzer(Connection* conn);
+	virtual ~SIP_Analyzer();
+
+	// Overridden from Analyzer
+
+	virtual void Done();
+	virtual void DeliverPacket(int len, const u_char* data, bool orig,
+				   	   uint64 seq, const IP_Hdr* ip, int caplen);
+
+	static analyzer::Analyzer* Instantiate(Connection* conn)
+	{ return new SIP_Analyzer(conn); }
+
+protected:
+	binpac::SIP::SIP_Conn* interp;
+};
+
+} } // namespace analyzer::*
+
+#endif