Adding a documentation coverage test.

- The CMake targets for generating reST docs from policy scripts are now automatically generated via the genDocSourcesList.sh script - Fixed a lot of parsing errors in policy scripts that I saw along the way
2025-10-17 14:08:20 +00:00 · 2011-07-23 20:55:06 -05:00 · 2011-07-23 20:55:06 -05:00 · 78e2d768c7
commit 78e2d768c7
parent 454fd9578e
21 changed files with 157 additions and 70 deletions
--- a/doc/scripts/DocSourcesList.cmake
+++ b/doc/scripts/DocSourcesList.cmake
@ -1,3 +1,6 @@
+# DO NOT EDIT
+# This file is auto-generated from the genDocSourcesList.sh script.
+#
 # This is a list of Bro script sources for which to generate reST documentation.
 # It will be included inline in the CMakeLists.txt found in the same directory
 # in order to create Makefile targets that define how to generate reST from
@ -15,118 +18,106 @@ rest_target(${CMAKE_BINARY_DIR}/src bro.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/src const.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/src event.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/src logging.bif.bro)
+rest_target(${CMAKE_BINARY_DIR}/src reporter.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/src strings.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/src types.bif.bro)
-
-rest_target(${psd} bro.init)
-rest_target(${psd} site.bro)
-
 rest_target(${psd} frameworks/cluster/base/main.bro)
 rest_target(${psd} frameworks/cluster/base/node/manager.bro)
 rest_target(${psd} frameworks/cluster/base/node/proxy.bro)
 rest_target(${psd} frameworks/cluster/base/node/worker.bro)
 rest_target(${psd} frameworks/cluster/base/setup-connections.bro)
-
 rest_target(${psd} frameworks/communication/base/main.bro)
 rest_target(${psd} frameworks/communication/listen-clear.bro)
 rest_target(${psd} frameworks/communication/listen-ssl.bro)
-
+rest_target(${psd} frameworks/control/base/main.bro)
+rest_target(${psd} frameworks/control/controllee.bro)
+rest_target(${psd} frameworks/control/controller.bro)
 rest_target(${psd} frameworks/dpd/base/main.bro)
-rest_target(${psd} frameworks/dpd/packet-segment-logging.bro)
 rest_target(${psd} frameworks/dpd/detect-protocols.bro)
-
+rest_target(${psd} frameworks/dpd/packet-segment-logging.bro)
 rest_target(${psd} frameworks/intel/base.bro)
-
 rest_target(${psd} frameworks/logging/base.bro)
 rest_target(${psd} frameworks/logging/plugins/ascii.bro)
-
 rest_target(${psd} frameworks/metrics/base/main.bro)
 rest_target(${psd} frameworks/metrics/conn-example.bro)
 rest_target(${psd} frameworks/metrics/http-example.bro)
-
-rest_target(${psd} frameworks/notice/base.bro)
-rest_target(${psd} frameworks/notice/weird.bro)
-
-rest_target(${psd} frameworks/packet-filter/base.bro)
+rest_target(${psd} frameworks/notice/action-filters.bro)
+rest_target(${psd} frameworks/notice/base/actions/drop.bro)
+rest_target(${psd} frameworks/notice/base/actions/email_admin.bro)
+rest_target(${psd} frameworks/notice/base/actions/page.bro)
+rest_target(${psd} frameworks/notice/base/main.bro)
+rest_target(${psd} frameworks/notice/base/weird.bro)
+rest_target(${psd} frameworks/notice/extend-email/hostnames.bro)
+rest_target(${psd} frameworks/packet-filter/base/main.bro)
 rest_target(${psd} frameworks/packet-filter/netstats.bro)
-
+rest_target(${psd} frameworks/reporter/base.bro)
 rest_target(${psd} frameworks/signatures/base.bro)
-
 rest_target(${psd} frameworks/software/base/main.bro)
 rest_target(${psd} frameworks/software/vulnerable.bro)
-
+rest_target(${psd} frameworks/time-machine/notice.bro)
 rest_target(${psd} integration/barnyard2/base.bro)
 rest_target(${psd} integration/barnyard2/event.bro)
 rest_target(${psd} integration/barnyard2/types.bro)
-
+rest_target(${psd} misc/analysis-groups.bro)
 rest_target(${psd} misc/loaded-scripts.bro)
-
-rest_target(${psd} protocols/conn/base/main.bro)
+rest_target(${psd} misc/trim-trace-file.bro)
 rest_target(${psd} protocols/conn/base/contents.bro)
 rest_target(${psd} protocols/conn/base/inactivity.bro)
-rest_target(${psd} protocols/conn/base/known-hosts.bro)
-rest_target(${psd} protocols/conn/base/known-services.bro)
-
-rest_target(${psd} protocols/dns/base/main.bro)
+rest_target(${psd} protocols/conn/base/main.bro)
+rest_target(${psd} protocols/conn/known-hosts.bro)
+rest_target(${psd} protocols/conn/known-services.bro)
+rest_target(${psd} protocols/dns/auth-addl.bro)
 rest_target(${psd} protocols/dns/base/consts.bro)
 rest_target(${psd} protocols/dns/base/detect.bro)
-rest_target(${psd} protocols/dns/auth-addl.bro)
-
+rest_target(${psd} protocols/dns/base/main.bro)
 rest_target(${psd} protocols/ftp/base.bro)
 rest_target(${psd} protocols/ftp/detect.bro)
 rest_target(${psd} protocols/ftp/file-extract.bro)
 rest_target(${psd} protocols/ftp/software.bro)
 rest_target(${psd} protocols/ftp/utils-commands.bro)
-
-rest_target(${psd} protocols/http/base/main.bro)
 rest_target(${psd} protocols/http/base/detect-intel.bro)
 rest_target(${psd} protocols/http/base/detect-sqli.bro)
 rest_target(${psd} protocols/http/base/file-extract.bro)
 rest_target(${psd} protocols/http/base/file-hash.bro)
 rest_target(${psd} protocols/http/base/file-ident.bro)
+rest_target(${psd} protocols/http/base/main.bro)
 rest_target(${psd} protocols/http/base/software.bro)
 rest_target(${psd} protocols/http/base/utils.bro)
-
-rest_target(${psd} protocols/http/headers.bro)
+rest_target(${psd} protocols/http/detect-MHR.bro)
 rest_target(${psd} protocols/http/detect-webapps.bro)
+rest_target(${psd} protocols/http/headers.bro)
+rest_target(${psd} protocols/http/partial-content.bro)
 rest_target(${psd} protocols/http/var-extraction-cookies.bro)
 rest_target(${psd} protocols/http/var-extraction-uri.bro)
-
 rest_target(${psd} protocols/irc/base.bro)
 rest_target(${psd} protocols/irc/dcc-send.bro)
-
 rest_target(${psd} protocols/mime/base.bro)
 rest_target(${psd} protocols/mime/file-extract.bro)
 rest_target(${psd} protocols/mime/file-hash.bro)
 rest_target(${psd} protocols/mime/file-ident.bro)
-
 rest_target(${psd} protocols/rpc/base.bro)
-
 rest_target(${psd} protocols/smtp/base/main.bro)
-rest_target(${psd} protocols/smtp/base/detect.bro)
 rest_target(${psd} protocols/smtp/base/software.bro)
-
+rest_target(${psd} protocols/smtp/detect-suspicious-orig.bro)
 rest_target(${psd} protocols/ssh/base.bro)
 rest_target(${psd} protocols/ssh/software.bro)
-
 rest_target(${psd} protocols/ssl/base.bro)
 rest_target(${psd} protocols/ssl/consts.bro)
 rest_target(${psd} protocols/ssl/known-certs.bro)
 rest_target(${psd} protocols/ssl/mozilla-ca-list.bro)
-
 rest_target(${psd} protocols/syslog/base.bro)
 rest_target(${psd} protocols/syslog/consts.bro)
-
+rest_target(${psd} site/local.bro)
 rest_target(${psd} tuning/defaults/packet-fragments.bro)
 rest_target(${psd} tuning/defaults/remove-high-volume-notices.bro)
 rest_target(${psd} tuning/track-all-assets.bro)
-
 rest_target(${psd} utils/addrs.bro)
-rest_target(${psd} utils/conn_ids.bro)
+rest_target(${psd} utils/conn-ids.bro)
 rest_target(${psd} utils/directions-and-hosts.bro)
 rest_target(${psd} utils/files.bro)
 rest_target(${psd} utils/numbers.bro)
 rest_target(${psd} utils/paths.bro)
 rest_target(${psd} utils/pattern.bro)
+rest_target(${psd} utils/site.bro)
 rest_target(${psd} utils/strings.bro)
 rest_target(${psd} utils/thresholds.bro)
--- a/doc/scripts/genDocSourcesList.sh
+++ b/doc/scripts/genDocSourcesList.sh
@ -0,0 +1,62 @@
+#!/usr/bin/env bash
+
+# ./genDocSourcesList.sh [output file]
+#
+# Run this script to a generate file that's used to tell CMake about all the
+# possible scripts for which reST documentation can be created.
+#
+# The optional argument can be used to avoid overwriting the file CMake uses
+# by default.
+#
+# Specific scripts can be blacklisted below when e.g. they currently aren't
+# parseable or they just aren't meant to be documented.
+
+blacklist="__load__.bro|test-all.bro|all.bro"
+blacklist_addl="hot.conn.bro|ssl-old.bro"
+
+statictext="\
+# DO NOT EDIT
+# This file is auto-generated from the "genDocSourcesList.sh" script.
+#
+# This is a list of Bro script sources for which to generate reST documentation.
+# It will be included inline in the CMakeLists.txt found in the same directory
+# in order to create Makefile targets that define how to generate reST from
+# a given Bro script.
+#
+# Note: any path prefix of the script (2nd argument of rest_target macro)
+# will be used to derive what path under policy/ the generated documentation
+# will be placed.
+
+set(psd \${PROJECT_SOURCE_DIR}/policy)
+
+rest_target(\${CMAKE_CURRENT_SOURCE_DIR} example.bro internal)
+"
+
+if [[ $# -ge 1 ]]; then
+    outfile=$1
+else
+    outfile=DocSourcesList.cmake
+fi
+
+thisdir="$( cd "$( dirname "$0" )" && pwd )"
+sourcedir=${thisdir}/../..
+
+echo "$statictext" > $outfile
+
+bifs=`( cd ${sourcedir}/build/src && find . -name \*\.bro )`
+
+for file in $bifs
+do
+    f=${file:2}
+    echo "rest_target(\${CMAKE_BINARY_DIR}/src $f)" >> $outfile
+done
+
+policyfiles=`( cd ${sourcedir}/policy && find . -name \*\.bro )`
+
+for file in $policyfiles
+do
+    f=${file:2}
+    if [[ (! $f =~ $blacklist) && (! $f =~ $blacklist_addl)  ]]; then
+        echo "rest_target(\${psd} $f)" >> $outfile
+    fi
+done
--- a/policy/frameworks/cluster/base/node/worker.bro
+++ b/policy/frameworks/cluster/base/node/worker.bro
@ -18,5 +18,10 @@ redef record_all_packets = T;
 # do remote logging since we forward the notice event directly.
 event bro_init()
 	{
-	Log::add_filter(Notice::NOTICE, [$pred(n: Notice::Info) = { return F; }]);
+	Log::add_filter(Notice::NOTICE,
+		[
+		 $name="cluster-worker",
+		 $pred=function(rec: Notice::Info): bool { return F; }
+		]
+	);
 	}
--- a/policy/frameworks/cluster/base/setup-connections.bro
+++ b/policy/frameworks/cluster/base/setup-connections.bro
@ -1,3 +1,5 @@
+@load ./main
+@load frameworks/communication

 module Cluster;

--- a/policy/frameworks/dpd/detect-protocols.bro
+++ b/policy/frameworks/dpd/detect-protocols.bro
@ -1,17 +1,20 @@
 ##! Finds connections with protocols on non-standard ports with DPD.

@load frameworks/notice
+@load utils/site

 module ProtocolDetector;

 export {
-	redef enum Notice += {
+	redef enum Notice::Type += {
 		Off_Port_Protocol_Found, # raised for each connection found
+		Protocol_Found,
+		Server_Found,
 	};

 	# Table of (protocol, resp_h, resp_p) tuples known to be uninteresting
 	# in the given direction.  For all other protocols detected on
-	# non-standard ports, we raise a ProtocolFound notice.  (More specific
+	# non-standard ports, we raise a Protocol_Found notice.  (More specific
 	# filtering can then be done via notice_filters.)
 	#
 	# Use 0.0.0.0 for to wildcard-match any resp_h.
@ -36,8 +39,8 @@ export {
 		# [ANALYZER_HTTP, 0.0.0.0, 6348/tcp] = BOTH, # Gnutella
 	} &redef;

-	# Set of analyzers for which we suppress ServerFound notices
-	# (but not ProtocolFound).  Along with avoiding clutter in the
+	# Set of analyzers for which we suppress Server_Found notices
+	# (but not Protocol_Found).  Along with avoiding clutter in the
 	# log files, this also saves memory because for these we don't
 	# need to remember which servers we already have reported, which
 	# for some can be a lot.
@ -99,20 +102,20 @@ function do_notice(c: connection, a: count, d: dir)
 	if ( d == BOTH )
 		return;

-	if ( d == INCOMING && is_local_addr(c$id$resp_h) )
+	if ( d == INCOMING && Site::is_local_addr(c$id$resp_h) )
 		return;

-	if ( d == OUTGOING && ! is_local_addr(c$id$resp_h) )
+	if ( d == OUTGOING && ! Site::is_local_addr(c$id$resp_h) )
 		return;

 	local p = get_protocol(c, a);
 	local s = fmt_protocol(p);

-	NOTICE([$note=ProtocolFound,
+	NOTICE([$note=Protocol_Found,
 		$msg=fmt("%s %s on port %s", id_string(c$id), s, c$id$resp_p),
 		$sub=s, $conn=c, $n=a]);

-	# We report multiple ServerFound's per host if we find a new
+	# We report multiple Server_Found's per host if we find a new
 	# sub-protocol.
 	local known = [c$id$resp_h, c$id$resp_p, p$a] in servers;

@ -123,7 +126,7 @@ function do_notice(c: connection, a: count, d: dir)

 	if ( (! known || newsub) && a !in suppress_servers )
 		{
-		NOTICE([$note=ServerFound,
+		NOTICE([$note=Server_Found,
 			$msg=fmt("%s: %s server on port %s%s", c$id$resp_h, s,
 				c$id$resp_p, (known ? " (update)" : "")),
 			$p=c$id$resp_p, $sub=s, $conn=c, $src=c$id$resp_h, $n=a]);
--- a/policy/frameworks/dpd/packet-segment-logging.bro
+++ b/policy/frameworks/dpd/packet-segment-logging.bro
@ -4,6 +4,8 @@
 ##! A caveat to logging packet data is that in some cases, the packet may
 ##! not be the packet that actually caused the protocol violation.

+@load ./base
+
 module DPD;

 export {
--- a/policy/frameworks/notice/action-filters.bro
+++ b/policy/frameworks/notice/action-filters.bro
@ -2,7 +2,7 @@
 ##!  This is completely and utterly not working right now!!!!!


-@load notice/base
+@load ./base

 module Notice;

--- a/policy/protocols/dns/base/main.bro
+++ b/policy/protocols/dns/base/main.bro
@ -1,4 +1,6 @@

+@load ./consts
+
 module DNS;

 export {
--- a/policy/protocols/ftp/base.bro
+++ b/policy/protocols/ftp/base.bro
@ -9,6 +9,7 @@

@load utils/paths
@load utils/numbers
+@load ./utils-commands

 module FTP;

--- a/policy/protocols/http/base/detect-sqli.bro
+++ b/policy/protocols/http/base/detect-sqli.bro
@ -1,6 +1,7 @@
 ##! SQL injection detection in HTTP.

@load frameworks/metrics
+@load ./main

 module HTTP;

--- a/policy/protocols/http/base/file-hash.bro
+++ b/policy/protocols/http/base/file-hash.bro
@ -1,6 +1,8 @@
 ##! Calculate hashes for HTTP body transfers.

-@load protocols/http
+@load ./main
+@load ./utils
+@load ./file-ident

 module HTTP;

--- a/policy/protocols/http/base/file-ident.bro
+++ b/policy/protocols/http/base/file-ident.bro
@ -1,8 +1,8 @@
 ##! This script is involved in the identification of file types in HTTP
 ##! response bodies.

-@load protocols/http
-
+@load ./main
+@load ./utils
@load frameworks/notice
@load frameworks/signatures

--- a/policy/protocols/http/base/utils.bro
+++ b/policy/protocols/http/base/utils.bro
@ -1,5 +1,7 @@
 ##! Utilities specific for HTTP processing.

+@load ./main
+
 module HTTP;

 export {
--- a/policy/protocols/http/partial-content.bro
+++ b/policy/protocols/http/partial-content.bro
@ -1,7 +1,8 @@
 ##! This script makes it possible for the HTTP analysis scripts to analyze
 ##! the apparent normal case of "206 Partial Content" responses.

-@load notice
+@load ./base
+@load frameworks/notice

 module HTTP;

--- a/policy/protocols/smtp/load.bro
+++ b/policy/protocols/smtp/load.bro
@ -1,4 +1,4 @@
@load protocols/smtp/base

-## This should be optional
+# This should be optional
@load protocols/smtp/detect-suspicious-orig
--- a/policy/protocols/smtp/base/main.bro
+++ b/policy/protocols/smtp/base/main.bro
@ -1,5 +1,6 @@
@load frameworks/notice
@load utils/addrs
+@load utils/directions-and-hosts

 module SMTP;

--- a/policy/protocols/smtp/base/software.bro
+++ b/policy/protocols/smtp/base/software.bro
@ -7,6 +7,7 @@
 ##!   a MS Exhange webmail interface as opposed to a desktop client.

@load frameworks/software
+@load ./main

 module SMTP;

--- a/policy/protocols/smtp/detect-suspicious-orig.bro
+++ b/policy/protocols/smtp/detect-suspicious-orig.bro
@ -1,7 +1,8 @@
-module SMTP;
-
@load frameworks/notice
@load protocols/smtp/base
+@load utils/directions-and-hosts
+
+module SMTP;

 export {
 	redef enum Notice::Type += {
--- a/policy/protocols/ssl/base.bro
+++ b/policy/protocols/ssl/base.bro
@ -1,4 +1,5 @@
@load frameworks/notice
+@load ./consts

 module SSL;

--- a/policy/protocols/syslog/base.bro
+++ b/policy/protocols/syslog/base.bro
@ -1,5 +1,7 @@
 ##! Core script support for logging syslog messages.

+@load ./consts
+
 module Syslog;

 export {
--- a/testing/btest/doc/coverage.test
+++ b/testing/btest/doc/coverage.test
@ -0,0 +1,7 @@
+# This tests that we're generating policy script documentation for all the
+# available policy scripts.  If this fails, then the genDocSources.sh needs
+# to be run to produce a new DocSourcesList.cmake or genDocSources.sh needs
+# to be updated to blacklist undesired scripts.
+#
+# @TEST-EXEC: $DIST/doc/scripts/genDocSourcesList.sh
+# @TEST-EXEC: cmp $DIST/doc/scripts/DocSourcesList.cmake ./DocSourcesList.cmake