From a3d78cc830c7e6f200f617560908e84cd6a8a9f5 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Mon, 5 Jan 2015 14:51:58 -0600 Subject: [PATCH] Revert "Workaround race condition in unified2 file module." This reverts commit 1a03a95f355bcc8e68aa096b074714a879fac902. --- .../scripts/base/files/unified2/alert.bro | 34 ++----------------- 1 file changed, 2 insertions(+), 32 deletions(-) diff --git a/testing/btest/scripts/base/files/unified2/alert.bro b/testing/btest/scripts/base/files/unified2/alert.bro index 189e35bd8e..eca1ca036c 100644 --- a/testing/btest/scripts/base/files/unified2/alert.bro +++ b/testing/btest/scripts/base/files/unified2/alert.bro @@ -1,4 +1,4 @@ -# @TEST-EXEC: bro -b %INPUT test_watch_file=$FILES/unified2.u2 +# @TEST-EXEC: bro -b %INPUT Unified2::watch_file=$FILES/unified2.u2 # @TEST-EXEC: btest-diff unified2.log @TEST-START-FILE sid_msg.map @@ -68,39 +68,9 @@ redef Unified2::gen_msg = @DIR+"/gen_msg.map"; redef Unified2::classification_config = @DIR+"/classification.config"; global i = 0; -# TODO: can't currently use Unified2::watch_file directly for the test as -# there's a race between reading that file and the map/classification -# config files, which leads to not all fields of the unified2.log being -# populated on occassion. -const test_watch_file: string = "" &redef; - -event start_test() - { - Input::add_analysis([$source=test_watch_file, - $reader=Input::READER_BINARY, - $mode=Input::STREAM, - $name=test_watch_file]); - } - -# TODO: this should be handled by unified2 module, but it's here for -# working around the issue mentioned in comment above. -event file_new(f: fa_file) - { - if ( f$source == test_watch_file ) - { - Files::add_analyzer(f, Files::ANALYZER_UNIFIED2); - f$u2_events = table(); - } - } - -event bro_init() - { - schedule 2sec { start_test() }; - } - event Unified2::alert(f: fa_file, ev: Unified2::IDSEvent, pkt: Unified2::Packet) { ++i; if ( i == 2 ) terminate(); - } + } \ No newline at end of file