Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 09:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

FileAnalysis: checkpoint in middle of big reorganization.

Browse source 
- FileAnalysis::Info is now just a record used for logging, the fa_file
  record type is defined in init-bare.bro as the analogue to a
  connection record.

- Starting to transfer policy hook triggers and analyzer results to
  events.
This commit is contained in:
Jon Siwek 2013-04-09 15:49:58 -05:00
parent e73a261262
commit 641154f8e8
68 changed files with 855 additions and 871 deletions
Download patch file Download diff file Expand all files Collapse all files

30
src/file_analysis/Hash.h
View file

@ -5,7 +5,7 @@
#include "Val.h"
#include "OpaqueVal.h"
#include "Info.h"
#include "File.h"
#include "Action.h"
namespace file_analysis {
@ -26,51 +26,51 @@ public:
protected:
Hash(RecordVal* args, Info* info, HashVal* hv, const char* field);
Hash(RecordVal* args, File* file, HashVal* hv, const char* kind);
void Finalize();
HashVal* hash;
bool fed;
int result_field_idx;
const char* kind;
};
class MD5 : public Hash {
public:
static Action* Instantiate(RecordVal* args, Info* info)
{ return new MD5(args, info); }
static Action* Instantiate(RecordVal* args, File* file)
{ return file_hash ? new MD5(args, file) : 0; }
protected:
MD5(RecordVal* args, Info* info)
: Hash(args, info, new MD5Val(), "md5")
MD5(RecordVal* args, File* file)
: Hash(args, file, new MD5Val(), "md5")
{}
};
class SHA1 : public Hash {
public:
static Action* Instantiate(RecordVal* args, Info* info)
{ return new SHA1(args, info); }
static Action* Instantiate(RecordVal* args, File* file)
{ return file_hash ? new SHA1(args, file) : 0; }
protected:
SHA1(RecordVal* args, Info* info)
: Hash(args, info, new SHA1Val(), "sha1")
SHA1(RecordVal* args, File* file)
: Hash(args, file, new SHA1Val(), "sha1")
{}
};
class SHA256 : public Hash {
public:
static Action* Instantiate(RecordVal* args, Info* info)
{ return new SHA256(args, info); }
static Action* Instantiate(RecordVal* args, File* file)
{ return file_hash ? new SHA256(args, file) : 0; }
protected:
SHA256(RecordVal* args, Info* info)
: Hash(args, info, new SHA256Val(), "sha256")
SHA256(RecordVal* args, File* file)
: Hash(args, file, new SHA256Val(), "sha256")
{}
};