From a5fdf7996fc228bb56b49903e0a9fc3a979238e0 Mon Sep 17 00:00:00 2001 From: Robin Sommer Date: Thu, 10 Apr 2014 08:32:33 -0700 Subject: [PATCH 1/7] Updating submodule(s). [nomail] --- aux/broctl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aux/broctl b/aux/broctl index f249570e3f..d99150801b 160000 --- a/aux/broctl +++ b/aux/broctl @@ -1 +1 @@ -Subproject commit f249570e3fb4c83e532cc0813786f0ff60c4dea9 +Subproject commit d99150801b7844e082b5421d1efe4050702d350e From 5d9fb1631c1a3eb48193cbf9009cf09390c6f2f6 Mon Sep 17 00:00:00 2001 From: Bernhard Amann Date: Thu, 10 Apr 2014 14:33:14 -0700 Subject: [PATCH 2/7] test for new ssl/tls dpd signature --- .../scripts.base.protocols.ssl.dpd/.stdout | 8 ++++++++ testing/btest/Traces/tls/ssl-v2.trace | Bin 0 -> 3908 bytes .../btest/scripts/base/protocols/ssl/dpd.test | 19 ++++++++++++++++++ 3 files changed, 27 insertions(+) create mode 100644 testing/btest/Baseline/scripts.base.protocols.ssl.dpd/.stdout create mode 100644 testing/btest/Traces/tls/ssl-v2.trace create mode 100644 testing/btest/scripts/base/protocols/ssl/dpd.test diff --git a/testing/btest/Baseline/scripts.base.protocols.ssl.dpd/.stdout b/testing/btest/Baseline/scripts.base.protocols.ssl.dpd/.stdout new file mode 100644 index 0000000000..b59ed28b18 --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.ssl.dpd/.stdout @@ -0,0 +1,8 @@ +Start test run +Client hello, 192.168.4.149, 91.227.4.92, 2 +Start test run +Client hello, 192.150.187.164, 194.127.84.106, 2 +Client hello, 192.150.187.164, 194.127.84.106, 769 +Client hello, 192.150.187.164, 194.127.84.106, 769 +Start test run +Client hello, 10.0.0.80, 68.233.76.12, 771 diff --git a/testing/btest/Traces/tls/ssl-v2.trace b/testing/btest/Traces/tls/ssl-v2.trace new file mode 100644 index 0000000000000000000000000000000000000000..a97ea3fa153f35b0d423f0579e128b4f2d74b984 GIT binary patch literal 3908 zcmd6qc{r47AII-!R@+Qt=8%*uogtMBCPfS9bVAvVAyQP9XlyY>(PB&tlC)ULDO(*m zsqDlcEtYgLozh81hiPB5sKhC$_r9kWr{VSYJJ)qz*WAy{_4$3j-{1ZGo|*PbrMWmj z0K=~@UjV@1<{ZV^xr{{s4)8r%KsVt@a!i4ipG~Wi99RZ`WzRZGU`Ya?p@5LK<^jRu zaU~`)bFA5ezFds^@`YIh0FFQ`$MARphRG?=g{jf#GXm}_{kD({R=_=4U%6jvNa>4U z0l*}&ED;%1z(kKL{cl{{1S=%v&{cCHU>!s!;N%n}V$vf-hn2`kcV0Xh{0OONjnT~( z#*V8y3DQIPG_Bdp<1hiK-ZXbaMntznGT=cNT4RX5ui_>kszKt-Z;AZ57{CD)h@z1} z0}=4?fR6z_30M*U9|!o;Socc|?Fbx~h`0QPsCub_$A2q~cp8%yyRjIh6_6p5RwztM z#HWF|)epWZkci0*bYYr1^3?uN0sMmp(j`m8KW{8SL_f*6L^Uuszifnf0TFkX6X3bQ z;o|`v&{zWeZk7NSh$A>uzU8tgB>7oF8{q&2!-zz{iitB)WXY58D+we9Zl$x4GHVjr z$T8$xxjcVv2-nMq#-gH2WCq!0124pPQ-~3rMMGB<81g@R@w|e9HUw=pqOz3GHAM#T z=b#On1Bdr`1~F8+*I-Q@sVtAFQn?|1n=GXt&Gp$7%$h!#Vgz3-Q)3o;zRCR6aBB>= z^ZvX2ztJhcbp9P7Mg({PHVLoXfoAuF>@||1riM^brr+r)f*%C{NXY|3l zDLz|2^L%eV^18F+7%zZvNYlZ4;b2&7_LRSBwD+o~>K#d$qSyUxffQA_E^QtuW?*q=&<@Bsz zaOhjq{UR^73*MI9|MNq+=8*0Q+r%?J9Pda|1U`7h!2W<7&)!ebQ?6Wg)0lNSB3^!m zkI9KD%fEuIoeZM~ro^-d9jCZ>-@xgSiqC3x+&-n(lHPK~V=&J*JoR@uZo#|tuQnU! zX?NNOSm+nlsfvBn(*|_9aVv`YL^}&I^D3^q!QnB0{W~Fe$Y4SkSkT?iSgF30zLm|1t~;YrTJ08>YMA|@#N5Bv z?3WbvLc)RtE%&r*)dx3r&5I@{q)o5rI1-e3GE-&YM~@o8_W|c=PgedKuu$7OtaLL31GS(dc9uGuzm5!f|Jt$p1!@E}y2^J31}X*>JjCKt$e41>g!F zB527HF`M4@35aT1K(}gmTBe&KVhkMzjlgRF$Q`~NVjm-<=_E#L8CxVSZ_VLZ8ReF? z3)aM~=6z1Sck|_I_bS~_l#5fl^3O-KU-5BO3fml)JhLNd>37OX&jLfY*&E46_4OCw zl~wpW!{v3h`#u>m&8|A=rFz?*_$}Czd0_uxldFPSzf`fY+w;Srgs}L4(}g>k)egd2 zTIcbL670-_o*BoRZ^+ud+I#A%J-ZE_>gKXLeRdlt>GwSRd&j+xqn5KDY7E@> zY!yYA2<{4AlznRfz=Ixx&wYQEv?Ku73$|LI>R}`B| zWTx0PPfO)+tT`58WonIw?iWzfFND`xZb{v%HFdF`@x5!o&YQLkp_IedP(d&Z7%kcP z4c0Z5N}mV;-_GwQT{B0Kn6Cy*n|+7px7@FEVY(@pNmhUIPiFkpf8OJ^^+ z?5nA%$V^+D*=5?O?smQ?>MW(it93FeZs0LmT(-qv-HwanwOAyEhsKGora8oH8*Xui zibO2;D=faG`#_6j+|tB)!w;R}{mUYv2A+txH!ypZ*NyvKPbI{1I{l4{9F4ivu()d+ zZX)MpQs-P5=T6Z1N8~)#eAu~s99@{90*m*^W3z5>iKwSux6fV=>m?mU#r1`_kq7Y@=j_YV$94V@I^O|rm!Z+yC8JLwmXAY3$3z_P zgiS=Y7Uc6~LFxbdXo1oEpdjVHfWMHQ*5<;7ryXm+5%&l)KP5&5p z>B!0CO?t0!Z|Gcv>?N2BwDq3FX2x% zzejyORB)(j2Bt*L(RkHxYnmC)vd=n<}ACbf6`IM=Etm;4DZ?sbu-ay9cu6F z^uHb!F3CHwnm>hJwB8FpIJi8iGnJZYVr6Y$7@`$av477wZ|9&Ew>?4wgR)9;jxD#L zeS6d5B9r?XA*PFR1!v6kvuW`ala2e?5yY_Estdh6UGuke`jxe;DP*Ph*KDkH6EP>< zZ%p6?1vg}+b%$14o)v!3ne#Zgc_7O>ShA*l7nPcX?Dr68xdP6_=z;0lWI(n(bx<%+M?s1ojj~jc^h4rEr*EL6_q9; zR!fQdWQfSMEpmMfH%w$SLZTHS#wv{x$GSE&{hzLz;lD31>N;+f>t!n~RP0igkuLjV8( literal 0 HcmV?d00001 diff --git a/testing/btest/scripts/base/protocols/ssl/dpd.test b/testing/btest/scripts/base/protocols/ssl/dpd.test new file mode 100644 index 0000000000..ff1f6385ec --- /dev/null +++ b/testing/btest/scripts/base/protocols/ssl/dpd.test @@ -0,0 +1,19 @@ +# @TEST-EXEC: bro -C -b -r $TRACES/tls/ssl-v2.trace %INPUT +# @TEST-EXEC: bro -b -r $TRACES/tls/ssl.v3.trace %INPUT +# @TEST-EXEC: bro -b -r $TRACES/tls/tls1.2.trace %INPUT +# @TEST-EXEC: btest-diff .stdout + +@load base/frameworks/dpd +@load base/frameworks/signatures +@load-sigs base/protocols/ssl/dpd.sig + +event bro_init() + { + print "Start test run"; + } + +event ssl_client_hello(c: connection, version: count, possible_ts: time, client_random: string, session_id: string, ciphers: index_vec) &priority=5 + { + print "Client hello", c$id$orig_h, c$id$resp_h, version; + } + From c741ea7c507445d60c55930d77ccf4f0648048cd Mon Sep 17 00:00:00 2001 From: Bernhard Amann Date: Thu, 10 Apr 2014 14:34:12 -0700 Subject: [PATCH 3/7] Small logic fix for main ssl script. Thank you, Jon --- scripts/base/protocols/ssl/main.bro | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/base/protocols/ssl/main.bro b/scripts/base/protocols/ssl/main.bro index 75f7ad7364..5b974222a1 100644 --- a/scripts/base/protocols/ssl/main.bro +++ b/scripts/base/protocols/ssl/main.bro @@ -136,8 +136,10 @@ function finish(c: connection, remove_analyzer: bool) { log_record(c$ssl); if ( remove_analyzer && disable_analyzer_after_detection && c?$ssl && c$ssl?$analyzer_id ) + { disable_analyzer(c$id, c$ssl$analyzer_id); delete c$ssl$analyzer_id; + } } event ssl_client_hello(c: connection, version: count, possible_ts: time, client_random: string, session_id: string, ciphers: index_vec) &priority=5 From 13d8908a8db011b57f279801ca32f8c387fd8112 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Mon, 14 Apr 2014 15:57:51 -0500 Subject: [PATCH 4/7] Fix a memory leak in ASCII log writer. --- src/logging/writers/Ascii.cc | 2 + .../btest/core/leaks/ascii-log-rotation.bro | 75 +++++++++++++++++++ 2 files changed, 77 insertions(+) create mode 100644 testing/btest/core/leaks/ascii-log-rotation.bro diff --git a/src/logging/writers/Ascii.cc b/src/logging/writers/Ascii.cc index b926a6c55b..fc9567e9b7 100644 --- a/src/logging/writers/Ascii.cc +++ b/src/logging/writers/Ascii.cc @@ -175,6 +175,7 @@ bool Ascii::DoInit(const WriterInfo& info, int num_fields, const Field* const * return false; } + delete formatter; formatter = new formatter::JSON(this, tf); // Using JSON implicitly turns off the header meta fields. include_meta = false; @@ -186,6 +187,7 @@ bool Ascii::DoInit(const WriterInfo& info, int num_fields, const Field* const * desc.EnableEscaping(); desc.AddEscapeSequence(separator); formatter::Ascii::SeparatorInfo sep_info(separator, set_separator, unset_field, empty_field); + delete formatter; formatter = new formatter::Ascii(this, sep_info); } diff --git a/testing/btest/core/leaks/ascii-log-rotation.bro b/testing/btest/core/leaks/ascii-log-rotation.bro new file mode 100644 index 0000000000..a84f80ea90 --- /dev/null +++ b/testing/btest/core/leaks/ascii-log-rotation.bro @@ -0,0 +1,75 @@ +# Needs perftools support. +# +# @TEST-SERIALIZE: comm +# @TEST-GROUP: leaks +# +# @TEST-REQUIRES: bro --help 2>&1 | grep -q mem-leaks +# +# @TEST-EXEC: btest-bg-run receiver HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local bro -b -m ../receiver.bro +# @TEST-EXEC: sleep 1 +# @TEST-EXEC: btest-bg-run sender HEAP_CHECK_DUMP_DIRECTORY=. HEAPCHECK=local bro -b -m ../sender.bro +# @TEST-EXEC: sleep 1 +# @TEST-EXEC: btest-bg-wait 60 + +@TEST-START-FILE sender.bro + +@load base/frameworks/communication +@load base/protocols/dns + +redef Communication::nodes += { + ["foo"] = [$host = 127.0.0.1, $connect=T] +}; + +global write_count: count = 0; + +event do_write() + { + print "do_write"; + local cid: conn_id = conn_id($orig_h=1.2.3.4,$orig_p=1/tcp, + $resp_h=5.6.7.8,$resp_p=2/tcp); + local dns_info_dummy = DNS::Info($ts=network_time(), $uid="FAKE", + $id=cid, $proto=tcp); + Log::write(DNS::LOG, dns_info_dummy); + schedule .1sec { do_write() }; + ++write_count; + + if ( write_count == 200 ) + terminate(); + } + +event remote_connection_handshake_done(p: event_peer) + { + print "remote_connection_handshake_done", p; + schedule .1sec { do_write() }; + } + +event remote_connection_closed(p: event_peer) + { + print "remote_connection_closed", p; + } + +@TEST-END-FILE + +@TEST-START-FILE receiver.bro + +@load frameworks/communication/listen +@load base/protocols/dns + +redef Communication::nodes += { + ["foo"] = [$host = 127.0.0.1, $connect=F, $request_logs=T] +}; + +redef Log::default_rotation_interval = 2sec; + +event remote_connection_handshake_done(p: event_peer) + { + print "remote_connection_handshake_done", p; + } + +event remote_connection_closed(p: event_peer) + { + print "remote_connection_closed", p; + terminate(); + } + +@TEST-END-FILE From cb4eaf762c967aaede75a5da8ace06eca508f82e Mon Sep 17 00:00:00 2001 From: Matthias Vallentin Date: Tue, 15 Apr 2014 12:36:57 +0200 Subject: [PATCH 5/7] Fix bug when clearing Bloom filter contents. This patch fixes a bug that occurred when calling the BiF bloomfilter_clear, which used to not only clear the underlying bit vector but also set its size to zero. As a result, subsequent element access or computations using the bit vector size caused erroneous behavior. Reported by @colonelxc. --- src/probabilistic/BloomFilter.cc | 4 ++-- src/probabilistic/CounterVector.cc | 4 ++-- src/probabilistic/CounterVector.h | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/probabilistic/BloomFilter.cc b/src/probabilistic/BloomFilter.cc index f6e4017626..ef671268b9 100644 --- a/src/probabilistic/BloomFilter.cc +++ b/src/probabilistic/BloomFilter.cc @@ -72,7 +72,7 @@ bool BasicBloomFilter::Empty() const void BasicBloomFilter::Clear() { - bits->Clear(); + bits->Reset(); } bool BasicBloomFilter::Merge(const BloomFilter* other) @@ -190,7 +190,7 @@ bool CountingBloomFilter::Empty() const void CountingBloomFilter::Clear() { - cells->Clear(); + cells->Reset(); } bool CountingBloomFilter::Merge(const BloomFilter* other) diff --git a/src/probabilistic/CounterVector.cc b/src/probabilistic/CounterVector.cc index 317a28d851..8608015422 100644 --- a/src/probabilistic/CounterVector.cc +++ b/src/probabilistic/CounterVector.cc @@ -75,9 +75,9 @@ bool CounterVector::AllZero() const return bits->AllZero(); } -void CounterVector::Clear() +void CounterVector::Reset() { - bits->Clear(); + bits->Reset(); } CounterVector::count_type CounterVector::Count(size_type cell) const diff --git a/src/probabilistic/CounterVector.h b/src/probabilistic/CounterVector.h index d3efd1aa31..247a646eb1 100644 --- a/src/probabilistic/CounterVector.h +++ b/src/probabilistic/CounterVector.h @@ -86,7 +86,7 @@ public: /** * Sets all counters to 0. */ - void Clear(); + void Reset(); /** * Retrieves the number of cells in the storage. From 2a5b209f6d23689ef08fa3aa735e3ddb291c2a57 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Tue, 15 Apr 2014 12:50:10 -0500 Subject: [PATCH 6/7] Refactor initialization of ASCII log writer options. --- src/logging/writers/Ascii.cc | 203 ++++++++++++++++++++--------------- src/logging/writers/Ascii.h | 5 + 2 files changed, 122 insertions(+), 86 deletions(-) diff --git a/src/logging/writers/Ascii.cc b/src/logging/writers/Ascii.cc index fc9567e9b7..43ffe47308 100644 --- a/src/logging/writers/Ascii.cc +++ b/src/logging/writers/Ascii.cc @@ -24,43 +24,13 @@ Ascii::Ascii(WriterFrontend* frontend) : WriterBackend(frontend) tsv = false; use_json = false; formatter = 0; + + InitConfigOptions(); + init_options = InitFilterOptions(); } -Ascii::~Ascii() +void Ascii::InitConfigOptions() { - if ( ! ascii_done ) - { - fprintf(stderr, "internal error: finish missing\n"); - abort(); - } - - delete formatter; - } - -bool Ascii::WriteHeaderField(const string& key, const string& val) - { - string str = meta_prefix + key + separator + val + "\n"; - - return safe_write(fd, str.c_str(), str.length()); - } - -void Ascii::CloseFile(double t) - { - if ( ! fd ) - return; - - if ( include_meta && ! tsv ) - WriteHeaderField("close", Timestamp(0)); - - safe_close(fd); - fd = 0; - } - -bool Ascii::DoInit(const WriterInfo& info, int num_fields, const Field* const * fields) - { - assert(! fd); - - // Set some default values. output_to_stdout = BifConst::LogAscii::output_to_stdout; include_meta = BifConst::LogAscii::include_meta; use_json = BifConst::LogAscii::use_json; @@ -96,9 +66,15 @@ bool Ascii::DoInit(const WriterInfo& info, int num_fields, const Field* const * (const char*) tsfmt.Bytes(), tsfmt.Len() ); + } + +bool Ascii::InitFilterOptions() + { + const WriterInfo& info = Info(); // Set per-filter configuration options. - for ( WriterInfo::config_map::const_iterator i = info.config.begin(); i != info.config.end(); i++ ) + for ( WriterInfo::config_map::const_iterator i = info.config.begin(); + i != info.config.end(); ++i ) { if ( strcmp(i->first, "tsv") == 0 ) { @@ -158,6 +134,17 @@ bool Ascii::DoInit(const WriterInfo& info, int num_fields, const Field* const * json_timestamps.assign(i->second); } + if ( ! InitFormatter() ) + return false; + + return true; + } + +bool Ascii::InitFormatter() + { + delete formatter; + formatter = 0; + if ( use_json ) { formatter::JSON::TimeFormat tf = formatter::JSON::TS_EPOCH; @@ -175,22 +162,59 @@ bool Ascii::DoInit(const WriterInfo& info, int num_fields, const Field* const * return false; } - delete formatter; formatter = new formatter::JSON(this, tf); // Using JSON implicitly turns off the header meta fields. include_meta = false; } - else { // Use the default "Bro logs" format. desc.EnableEscaping(); desc.AddEscapeSequence(separator); formatter::Ascii::SeparatorInfo sep_info(separator, set_separator, unset_field, empty_field); - delete formatter; formatter = new formatter::Ascii(this, sep_info); } + return true; + } + +Ascii::~Ascii() + { + if ( ! ascii_done ) + { + fprintf(stderr, "internal error: finish missing\n"); + abort(); + } + + delete formatter; + } + +bool Ascii::WriteHeaderField(const string& key, const string& val) + { + string str = meta_prefix + key + separator + val + "\n"; + + return safe_write(fd, str.c_str(), str.length()); + } + +void Ascii::CloseFile(double t) + { + if ( ! fd ) + return; + + if ( include_meta && ! tsv ) + WriteHeaderField("close", Timestamp(0)); + + safe_close(fd); + fd = 0; + } + +bool Ascii::DoInit(const WriterInfo& info, int num_fields, const Field* const * fields) + { + assert(! fd); + + if ( ! init_options ) + return false; + string path = info.path; if ( output_to_stdout ) @@ -208,58 +232,65 @@ bool Ascii::DoInit(const WriterInfo& info, int num_fields, const Field* const * return false; } - if ( include_meta ) + if ( ! WriteHeader(path) ) { - string names; - string types; - - for ( int i = 0; i < num_fields; ++i ) - { - if ( i > 0 ) - { - names += separator; - types += separator; - } - - names += string(fields[i]->name); - types += fields[i]->TypeName().c_str(); - } - - if ( tsv ) - { - // A single TSV-style line is all we need. - string str = names + "\n"; - if ( ! safe_write(fd, str.c_str(), str.length()) ) - goto write_error; - - return true; - } - - string str = meta_prefix - + "separator " // Always use space as separator here. - + get_escaped_string(separator, false) - + "\n"; - - if ( ! safe_write(fd, str.c_str(), str.length()) ) - goto write_error; - - if ( ! (WriteHeaderField("set_separator", get_escaped_string(set_separator, false)) && - WriteHeaderField("empty_field", get_escaped_string(empty_field, false)) && - WriteHeaderField("unset_field", get_escaped_string(unset_field, false)) && - WriteHeaderField("path", get_escaped_string(path, false)) && - WriteHeaderField("open", Timestamp(0))) ) - goto write_error; - - if ( ! (WriteHeaderField("fields", names) - && WriteHeaderField("types", types)) ) - goto write_error; + Error(Fmt("error writing to %s: %s", fname.c_str(), Strerror(errno))); + return false; } return true; + } -write_error: - Error(Fmt("error writing to %s: %s", fname.c_str(), Strerror(errno))); - return false; +bool Ascii::WriteHeader(const string& path) + { + if ( ! include_meta ) + return true; + + string names; + string types; + + for ( int i = 0; i < NumFields(); ++i ) + { + if ( i > 0 ) + { + names += separator; + types += separator; + } + + names += string(Fields()[i]->name); + types += Fields()[i]->TypeName().c_str(); + } + + if ( tsv ) + { + // A single TSV-style line is all we need. + string str = names + "\n"; + if ( ! safe_write(fd, str.c_str(), str.length()) ) + return false; + + return true; + } + + string str = meta_prefix + + "separator " // Always use space as separator here. + + get_escaped_string(separator, false) + + "\n"; + + if ( ! safe_write(fd, str.c_str(), str.length()) ) + return false; + + if ( ! (WriteHeaderField("set_separator", get_escaped_string(set_separator, false)) && + WriteHeaderField("empty_field", get_escaped_string(empty_field, false)) && + WriteHeaderField("unset_field", get_escaped_string(unset_field, false)) && + WriteHeaderField("path", get_escaped_string(path, false)) && + WriteHeaderField("open", Timestamp(0))) ) + return false; + + if ( ! (WriteHeaderField("fields", names) && + WriteHeaderField("types", types)) ) + return false; + + return true; } bool Ascii::DoFlush(double network_time) @@ -296,7 +327,7 @@ bool Ascii::DoWrite(int num_fields, const Field* const * fields, if ( ! formatter->Describe(&desc, num_fields, fields, vals) ) return false; - desc.AddRaw("\n"); + desc.AddRaw("\n", 1); const char* bytes = (const char*)desc.Bytes(); int len = desc.Len(); diff --git a/src/logging/writers/Ascii.h b/src/logging/writers/Ascii.h index 15afdef62f..54402cc141 100644 --- a/src/logging/writers/Ascii.h +++ b/src/logging/writers/Ascii.h @@ -34,9 +34,13 @@ protected: private: bool IsSpecial(string path) { return path.find("/dev/") == 0; } + bool WriteHeader(const string& path); bool WriteHeaderField(const string& key, const string& value); void CloseFile(double t); string Timestamp(double t); // Uses current time if t is zero. + void InitConfigOptions(); + bool InitFilterOptions(); + bool InitFormatter(); int fd; string fname; @@ -58,6 +62,7 @@ private: string json_timestamps; threading::formatter::Formatter* formatter; + bool init_options; }; } From c9b40f1ca7bdbf9c0cb799477e695b93fcf3ba04 Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Tue, 15 Apr 2014 16:36:47 -0500 Subject: [PATCH 7/7] Change how input/logging threads set their name. Setting the thread name on every heartbeat uses a mild amount of cycles and there's not much benefit to doing it there to get the additional info regarding the number of processed messages since thread names usually get truncated to 16 characters and omit that part anyway. --- src/input/ReaderBackend.cc | 2 ++ src/logging/WriterBackend.cc | 1 + src/threading/MsgThread.cc | 9 --------- src/threading/MsgThread.h | 2 +- 4 files changed, 4 insertions(+), 10 deletions(-) diff --git a/src/input/ReaderBackend.cc b/src/input/ReaderBackend.cc index abf369dd54..4c7540609c 100644 --- a/src/input/ReaderBackend.cc +++ b/src/input/ReaderBackend.cc @@ -215,6 +215,8 @@ bool ReaderBackend::Init(const int arg_num_fields, if ( Failed() ) return true; + SetOSName(Fmt("bro: %s", Name())); + num_fields = arg_num_fields; fields = arg_fields; diff --git a/src/logging/WriterBackend.cc b/src/logging/WriterBackend.cc index 5e4230c8e3..35d3137c76 100644 --- a/src/logging/WriterBackend.cc +++ b/src/logging/WriterBackend.cc @@ -180,6 +180,7 @@ void WriterBackend::DisableFrontend() bool WriterBackend::Init(int arg_num_fields, const Field* const* arg_fields) { + SetOSName(Fmt("bro: %s", Name())); num_fields = arg_num_fields; fields = arg_fields; diff --git a/src/threading/MsgThread.cc b/src/threading/MsgThread.cc index c713f65986..cf1facbba5 100644 --- a/src/threading/MsgThread.cc +++ b/src/threading/MsgThread.cc @@ -254,15 +254,6 @@ void MsgThread::Heartbeat() SendIn(new HeartbeatMessage(this, network_time, current_time())); } -void MsgThread::HeartbeatInChild() - { - string n = Fmt("bro: %s (%" PRIu64 "/%" PRIu64 ")", Name(), - cnt_sent_in - queue_in.Size(), - cnt_sent_out - queue_out.Size()); - - SetOSName(n.c_str()); - } - void MsgThread::Finished() { child_finished = true; diff --git a/src/threading/MsgThread.h b/src/threading/MsgThread.h index c5ba5b676f..e0a6f6dc01 100644 --- a/src/threading/MsgThread.h +++ b/src/threading/MsgThread.h @@ -199,7 +199,7 @@ protected: /** Internal heartbeat processing. Called from child. */ - void HeartbeatInChild(); + void HeartbeatInChild() {} /** Returns true if a child command has reported a failure. In that case, we'll * be in the process of killing this thread and no further activity