Fixed some tests.

2025-10-02 14:48:21 +00:00 · 2013-08-12 15:31:31 -04:00 · 2013-08-12 15:31:31 -04:00 · 95161a920c
commit 95161a920c
parent 091c8f3ebc
7 changed files with 35 additions and 13 deletions
--- a/doc/scripts/DocSourcesList.cmake
+++ b/doc/scripts/DocSourcesList.cmake
@ -70,6 +70,8 @@ rest_target(${CMAKE_BINARY_DIR}/scripts base/bif/plugins/Bro_TCP.events.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/scripts base/bif/plugins/Bro_TCP.functions.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/scripts base/bif/plugins/Bro_Teredo.events.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/scripts base/bif/plugins/Bro_UDP.events.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/scripts base/bif/plugins/Bro_Unified2.events.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/scripts base/bif/plugins/Bro_Unified2.types.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/scripts base/bif/plugins/Bro_ZIP.events.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/scripts base/bif/reporter.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/scripts base/bif/strings.bif.bro)
@ -77,6 +79,7 @@ rest_target(${CMAKE_BINARY_DIR}/scripts base/bif/top-k.bif.bro)
 rest_target(${CMAKE_BINARY_DIR}/scripts base/bif/types.bif.bro)
 rest_target(${psd} base/files/extract/main.bro)
 rest_target(${psd} base/files/hash/main.bro)
 rest_target(${psd} base/files/unified2/main.bro)
 rest_target(${psd} base/frameworks/analyzer/main.bro)
 rest_target(${psd} base/frameworks/cluster/main.bro)
 rest_target(${psd} base/frameworks/cluster/nodes/manager.bro)
--- a/scripts/base/files/unified2/main.bro
+++ b/scripts/base/files/unified2/main.bro
@ -16,10 +16,14 @@ export {
 	global alert: event(f: fa_file, ev: Unified2::IDSEvent, pkt: Unified2::Packet);
 	type Info: record {
 		## The last received IDS event.  This is primarily used 
 		## for tying together Unified2 events and packets.
 		current_event: Unified2::IDSEvent &optional;
 	};
 	redef record fa_file += {
 		## Add a field to store per-file state about Unified2
 		## files.
 		unified2: Info &optional;
 	};
 }
@ -48,8 +52,13 @@ event bro_init()
 event file_new(f: fa_file)
 	{
 	local file_dir = "";
 	local parts = split_all(f$source, /\/[^\/]*$/);
 	if ( |parts| == 3 )
 		file_dir = parts[1];
 	if ( f$source in watch_file || 
-		compress_path(extract_path(f$source)) == compress_path(watch_dir) )
+		compress_path(watch_dir) == file_dir )
 		{
 		Files::add_analyzer(f, Files::ANALYZER_UNIFIED2);
 		f$unified2 = Info();
--- a/scripts/base/init-bare.bro
+++ b/scripts/base/init-bare.bro
@ -2704,9 +2704,12 @@ export {
 		impact_flag:        count;
 		impact:             count;
 		blocked:            count;
-		mpls_label:         count  &optional; ## Not available in "legacy" IDS events.
+		## Not available in "legacy" IDS events.
-		vlan_id:            count  &optional; ## Not available in "legacy" IDS events.
+		mpls_label:         count  &optional; 
-		packet_action:      count  &optional; ## Only available in "legacy" IDS events.
+		## Not available in "legacy" IDS events.
 		vlan_id:            count  &optional; 
 		## Only available in "legacy" IDS events.
 		packet_action:      count  &optional; 
 	};
 	type Unified2::Packet: record {
--- a/scripts/base/utils/paths.bro
+++ b/scripts/base/utils/paths.bro
@ -9,12 +9,13 @@ const absolute_path_pat = /(\/|[A-Za-z]:[\\\/]).*/;
 ## Returns: the first absolute path found in input string, else an empty string
 function extract_path(input: string): string
 	{
-	local dir_pattern = /([^\\\/]+)$/;
+	const dir_pattern = /(\/|[A-Za-z]:[\\\/])([^\"\ ]|(\\\ ))*/;
 	local parts = split_all(input, dir_pattern);
 	if ( |parts| < 3 )
 		return "";
-	return parts[1];
+	return parts[2];
 	}
 ## Compresses a given path by removing '..'s and the parent directory it
--- a/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
+++ b/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
@ -3,7 +3,7 @@
 #empty_field	(empty)
 #unset_field	-
 #path	loaded_scripts
-#open	2013-08-09-16-13-58
+#open	2013-08-12-19-04-42
 #fields	name
 #types	string
 scripts/base/init-bare.bro
@ -61,6 +61,8 @@ scripts/base/init-bare.bro
    build/scripts/base/bif/plugins/Bro_TCP.functions.bif.bro
    build/scripts/base/bif/plugins/Bro_Teredo.events.bif.bro
    build/scripts/base/bif/plugins/Bro_UDP.events.bif.bro
    build/scripts/base/bif/plugins/Bro_Unified2.events.bif.bro
    build/scripts/base/bif/plugins/Bro_Unified2.types.bif.bro
    build/scripts/base/bif/plugins/Bro_ZIP.events.bif.bro
  scripts/base/frameworks/logging/__load__.bro
    scripts/base/frameworks/logging/main.bro
@ -94,4 +96,4 @@ scripts/base/init-bare.bro
    build/scripts/base/bif/top-k.bif.bro
 scripts/policy/misc/loaded-scripts.bro
  scripts/base/utils/paths.bro
-#close	2013-08-09-16-13-58
+#close	2013-08-12-19-04-42
--- a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
+++ b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
@ -3,7 +3,7 @@
 #empty_field	(empty)
 #unset_field	-
 #path	loaded_scripts
-#open	2013-08-09-16-13-37
+#open	2013-08-12-19-05-30
 #fields	name
 #types	string
 scripts/base/init-bare.bro
@ -61,6 +61,8 @@ scripts/base/init-bare.bro
    build/scripts/base/bif/plugins/Bro_TCP.functions.bif.bro
    build/scripts/base/bif/plugins/Bro_Teredo.events.bif.bro
    build/scripts/base/bif/plugins/Bro_UDP.events.bif.bro
    build/scripts/base/bif/plugins/Bro_Unified2.events.bif.bro
    build/scripts/base/bif/plugins/Bro_Unified2.types.bif.bro
    build/scripts/base/bif/plugins/Bro_ZIP.events.bif.bro
  scripts/base/frameworks/logging/__load__.bro
    scripts/base/frameworks/logging/main.bro
@ -206,6 +208,8 @@ scripts/base/init-default.bro
    scripts/base/files/hash/main.bro
  scripts/base/files/extract/__load__.bro
    scripts/base/files/extract/main.bro
  scripts/base/files/unified2/__load__.bro
    scripts/base/files/unified2/main.bro
  scripts/base/misc/find-checksum-offloading.bro
 scripts/policy/misc/loaded-scripts.bro
-#close	2013-08-09-16-13-37
+#close	2013-08-12-19-05-30
--- a/testing/btest/Baseline/scripts.base.frameworks.file-analysis.logging/files.log
+++ b/testing/btest/Baseline/scripts.base.frameworks.file-analysis.logging/files.log
@ -3,8 +3,8 @@
 #empty_field	(empty)
 #unset_field	-
 #path	files
-#open	2013-07-25-16-57-31
+#open	2013-08-12-19-07-37
 #fields	ts	fuid	tx_hosts	rx_hosts	conn_uids	source	depth	analyzers	mime_type	filename	duration	local_orig	is_orig	seen_bytes	total_bytes	missing_bytes	overflow_bytes	timedout	parent_fuid	md5	sha1	sha256	extracted
 #types	time	string	table[addr]	table[addr]	table[string]	string	count	table[string]	string	string	interval	bool	bool	count	count	count	count	bool	string	string	string	string	string
-1362692527.009721	G75mcAsU764	192.150.187.43	141.142.228.5	UWkUyAuUGXf	HTTP	0	SHA256,DATA_EVENT,MD5,EXTRACT,SHA1	text/plain	-	0.000054	-	F	4705	4705	0	0	F	-	397168fd09991a0e712254df7bc639ac	1dd7ac0398df6cbc0696445a91ec681facf4dc47	4e7c7ef0984119447e743e3ec77e1de52713e345cde03fe7df753a35849bed18	G75mcAsU764-file
+1362692527.009721	G75mcAsU764	192.150.187.43	141.142.228.5	UWkUyAuUGXf	HTTP	0	UNIFIED2,SHA256,DATA_EVENT,MD5,EXTRACT,SHA1	text/plain	-	0.000054	-	F	4705	4705	0	0	F	-	397168fd09991a0e712254df7bc639ac	1dd7ac0398df6cbc0696445a91ec681facf4dc47	4e7c7ef0984119447e743e3ec77e1de52713e345cde03fe7df753a35849bed18	G75mcAsU764-file
-#close	2013-07-25-16-57-31
+#close	2013-08-12-19-07-37