From 737b15aef9f36b3860d4890087980b27de6baab1 Mon Sep 17 00:00:00 2001 From: Bernhard Amann Date: Tue, 8 Oct 2013 13:02:55 -0700 Subject: [PATCH 1/4] add 3 more really new ciphers. --- scripts/base/protocols/ssl/consts.bro | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/scripts/base/protocols/ssl/consts.bro b/scripts/base/protocols/ssl/consts.bro index 5e3b9ec019..4db48663e8 100644 --- a/scripts/base/protocols/ssl/consts.bro +++ b/scripts/base/protocols/ssl/consts.bro @@ -434,6 +434,10 @@ export { const TLS_PSK_WITH_AES_256_CCM_8 = 0xC0A9; const TLS_PSK_DHE_WITH_AES_128_CCM_8 = 0xC0AA; const TLS_PSK_DHE_WITH_AES_256_CCM_8 = 0xC0AB; + # draft-agl-tls-chacha20poly1305-02 + const TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC13; + const TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC14; + const TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC15; const SSL_RSA_FIPS_WITH_DES_CBC_SHA = 0xFEFE; const SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = 0xFEFF; @@ -792,6 +796,9 @@ export { [TLS_PSK_WITH_AES_256_CCM_8] = "TLS_PSK_WITH_AES_256_CCM_8", [TLS_PSK_DHE_WITH_AES_128_CCM_8] = "TLS_PSK_DHE_WITH_AES_128_CCM_8", [TLS_PSK_DHE_WITH_AES_256_CCM_8] = "TLS_PSK_DHE_WITH_AES_256_CCM_8", + [TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256] = "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", + [TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256] = "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", + [TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256] = "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256", [SSL_RSA_FIPS_WITH_DES_CBC_SHA] = "SSL_RSA_FIPS_WITH_DES_CBC_SHA", [SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA] = "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA", [SSL_RSA_FIPS_WITH_DES_CBC_SHA_2] = "SSL_RSA_FIPS_WITH_DES_CBC_SHA_2", From 00b622f54d4fbe0fbf750933c8da559a21f2c2a7 Mon Sep 17 00:00:00 2001 From: Bernhard Amann Date: Tue, 8 Oct 2013 13:52:44 -0700 Subject: [PATCH 2/4] IANA assigned a couple of new tls extension numbers --- scripts/base/protocols/ssl/consts.bro | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/base/protocols/ssl/consts.bro b/scripts/base/protocols/ssl/consts.bro index 4db48663e8..732e06b21f 100644 --- a/scripts/base/protocols/ssl/consts.bro +++ b/scripts/base/protocols/ssl/consts.bro @@ -78,6 +78,9 @@ export { [13] = "signature_algorithms", [14] = "use_srtp", [15] = "heartbeat", + [16] = "application_layer_protocol_negotiation", + [17] = "status_request_v2", + [18] = "signed_certificate_timestamp", [35] = "SessionTicket TLS", [40] = "extended_random", [13172] = "next_protocol_negotiation", From 30d1b974007bee2b627149aac4919420445a8c0d Mon Sep 17 00:00:00 2001 From: Robin Sommer Date: Wed, 9 Oct 2013 13:22:25 -0700 Subject: [PATCH 3/4] Removing ICSI notary from default site config. This should not have been in there in the first place. --- scripts/site/local.bro | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/site/local.bro b/scripts/site/local.bro index 5b4af4d87e..2f4eed9865 100644 --- a/scripts/site/local.bro +++ b/scripts/site/local.bro @@ -59,9 +59,9 @@ # This script enables SSL/TLS certificate validation. @load protocols/ssl/validate-certs -# This script checks each SSL certificate hash against the ICSI certificate -# notary service. -@load protocols/ssl/notary +# Uncomment the following line to check each SSL certificate hash against the ICSI +# certificate notary service; see http://notary.icsi.berkeley.edu . +# @load protocols/ssl/notary # If you have libGeoIP support built in, do some geographic detections and # logging for SSH traffic. From ee01a67e061a6e83fc8d8c72f76cc360388eafdb Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Fri, 11 Oct 2013 13:27:04 -0500 Subject: [PATCH 4/4] Improve Broxygen end-of-sentence detection. This is used to display short summaries for things based on the first sentence in the comments for it, but wouldn't work well when e.g. a filename is used there. --- doc/scripts/example.bro | 4 ++++ src/BroDocObj.cc | 23 ++++++++++++++++++- .../autogen-reST-enums.rst | 6 ++--- .../doc.autogen-reST-example/example.rst | 13 +++++++++-- 4 files changed, 40 insertions(+), 6 deletions(-) diff --git a/doc/scripts/example.bro b/doc/scripts/example.bro index 2ff12bfa27..505b68e56b 100644 --- a/doc/scripts/example.bro +++ b/doc/scripts/example.bro @@ -167,6 +167,10 @@ export { # it's fine if the type is inferred, that information is self-documenting global var_without_explicit_type = "this works"; + ## The first.sentence for the summary text ends here. And this second + ## sentence doesn't show in the short description. + global dummy: string; + ############## functions/events ############ ## Summarize purpose of "a_function" here. diff --git a/src/BroDocObj.cc b/src/BroDocObj.cc index 4316b3113a..649c9c846d 100644 --- a/src/BroDocObj.cc +++ b/src/BroDocObj.cc @@ -74,6 +74,27 @@ int BroDocObj::LongestShortDescLen() const return max; } +static size_t end_of_first_sentence(string s) + { + size_t rval = 0; + + while ( (rval = s.find_first_of('.', rval)) != string::npos ) + { + if ( rval == s.size() - 1 ) + // Period is at end of string. + return rval; + + if ( isspace(s[rval + 1]) ) + // Period has a space after it. + return rval; + + // Period has some non-space character after it, keep looking. + ++rval; + } + + return rval; + } + void BroDocObj::FormulateShortDesc() { if ( ! reST_doc_strings ) @@ -87,7 +108,7 @@ void BroDocObj::FormulateShortDesc() { // The short description stops at the first sentence or the // first empty comment. - size_t end = it->find_first_of("."); + size_t end = end_of_first_sentence(*it); if ( end == string::npos ) { diff --git a/testing/btest/Baseline/doc.autogen-reST-enums/autogen-reST-enums.rst b/testing/btest/Baseline/doc.autogen-reST-enums/autogen-reST-enums.rst index 7ee7d86e66..c20ea7e602 100644 --- a/testing/btest/Baseline/doc.autogen-reST-enums/autogen-reST-enums.rst +++ b/testing/btest/Baseline/doc.autogen-reST-enums/autogen-reST-enums.rst @@ -20,11 +20,11 @@ Options Types ##### -======================================= ====================================== -:bro:type:`TestEnum1`: :bro:type:`enum` There's tons of ways an enum can look. +======================================= ======================================== +:bro:type:`TestEnum1`: :bro:type:`enum` There's tons of ways an enum can look... :bro:type:`TestEnum2`: :bro:type:`enum` The final comma is optional -======================================= ====================================== +======================================= ======================================== Redefinitions ############# diff --git a/testing/btest/Baseline/doc.autogen-reST-example/example.rst b/testing/btest/Baseline/doc.autogen-reST-example/example.rst index 2cb75a6b9f..64fb4cb06d 100644 --- a/testing/btest/Baseline/doc.autogen-reST-example/example.rst +++ b/testing/btest/Baseline/doc.autogen-reST-example/example.rst @@ -40,13 +40,15 @@ Options State Variables ############### -=========================================================================== ======================================= +=========================================================================== ================================================== :bro:id:`Example::a_var`: :bro:type:`bool` put some documentation for "a_var" here :bro:id:`Example::var_with_attr`: :bro:type:`count` :bro:attr:`&persistent` :bro:id:`Example::var_without_explicit_type`: :bro:type:`string` -=========================================================================== ======================================= + +:bro:id:`Example::dummy`: :bro:type:`string` The first.sentence for the summary text ends here. +=========================================================================== ================================================== Types ##### @@ -156,6 +158,13 @@ State Variables :Type: :bro:type:`string` :Default: ``"this works"`` +.. bro:id:: Example::dummy + + :Type: :bro:type:`string` + + The first.sentence for the summary text ends here. And this second + sentence doesn't show in the short description. + Types ##### .. bro:type:: Example::SimpleEnum