Merge remote-tracking branch 'origin/topic/jsiwek/smtp-refactor'

- While updating, I did some further work on the branch. - New function in the base/utils/files for extracting filenames from content-dispositions. - New script for entity excerpt extraction if you aren't interested in full extraction. The data goes a log field too. - Some renaming and reorganization of types. - Updated tests to work with new code. * origin/topic/jsiwek/smtp-refactor: Make the doc.coverage test happy. SMTP script refactor. (addresses #509) Conflicts: doc/scripts/DocSourcesList.cmake policy/protocols/smtp/__load__.bro policy/protocols/smtp/base/__load__.bro
2025-10-02 06:38:20 +00:00 · 2011-08-10 13:34:31 -04:00 · 2011-08-10 13:34:31 -04:00 · adc486c673
commit adc486c673
parent 78e69a0bc8 31622bd35f
17 changed files with 720 additions and 141 deletions
--- a/scripts/site/local.bro
+++ b/scripts/site/local.bro
@ -43,4 +43,12 @@ redef signature_files += "frameworks/signatures/detect-windows-shells.sig";
@load protocols/ssl/known-certs

 # Load the script to enable SSL/TLS certificate validation.
-@load protocols/ssl/validate-certs
+@load protocols/ssl/validate-certs
+
+# Uncomment this redef if you want to extract SMTP MIME entities for 
+# some file types.  The numbers given indicate how many bytes to extract for
+# the various mime types.
+redef SMTP::entity_excerpt_len += {
+#	["text/plain"] = 1024,
+#	["text/html"] = 1024,
+};