Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 09:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge remote-tracking branch 'origin/topic/jsiwek/scp-log-pp'

Browse source 
* origin/topic/jsiwek/scp-log-pp:
  Add a log postprocessing function that can SCP rotated logs to remote hosts.
This commit is contained in:
Seth Hall 2011-08-31 10:22:08 -04:00
commit 96c0a07027
2 changed files with 15 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

15
src/SSL-binpac.cc
View file

@ -7,6 +7,7 @@ SSL_Analyzer_binpac::SSL_Analyzer_binpac(Connection* c)
: TCP_ApplicationAnalyzer(AnalyzerTag::SSL, c) : TCP_ApplicationAnalyzer(AnalyzerTag::SSL, c)
{ {
interp = new binpac::SSL::SSL_Conn(this); interp = new binpac::SSL::SSL_Conn(this);
had_gap = false;
} }
SSL_Analyzer_binpac::~SSL_Analyzer_binpac() SSL_Analyzer_binpac::~SSL_Analyzer_binpac()
@ -36,12 +37,24 @@ void SSL_Analyzer_binpac::DeliverStream(int len, const u_char* data, bool orig)
if ( TCP()->IsPartial() ) if ( TCP()->IsPartial() )
return; return;
if ( had_gap )
// XXX: If only one side had a content gap, we could still try to
// deliver data to the other side if the script layer can handle this.
return;
interp->NewData(orig, data, data + len); try
{
interp->NewData(orig, data, data + len);
}
catch ( binpac::Exception const &e )
{
ProtocolViolation(fmt("Binpac exception: %s", e.c_msg()));
}
} }
void SSL_Analyzer_binpac::Undelivered(int seq, int len, bool orig) void SSL_Analyzer_binpac::Undelivered(int seq, int len, bool orig)
{ {
TCP_ApplicationAnalyzer::Undelivered(seq, len, orig); TCP_ApplicationAnalyzer::Undelivered(seq, len, orig);
had_gap = true;
interp->NewGap(orig, len); interp->NewGap(orig, len);
} }

1
src/SSL-binpac.h
View file

@ -30,6 +30,7 @@ public:
protected: protected:
binpac::SSL::SSL_Conn* interp; binpac::SSL::SSL_Conn* interp;
bool had_gap;
}; };