mirror of
https://github.com/zeek/zeek.git
synced 2025-10-11 19:18:19 +00:00
Prefer explicit construction to coercion in record initialization
While we support initializing records via coercion from an expression
list, e.g.,
local x: X = [$x1=1, $x2=2];
this can sometimes obscure the code to readers, e.g., when assigning to
value declared and typed elsewhere. The language runtime has a similar
overhead since instead of just constructing a known type it needs to
check at runtime that the coercion from the expression list is valid;
this can be slower than just writing the readible code in the first
place, see #4559.
With this patch we use explicit construction, e.g.,
local x = X($x1=1, $x2=2);
This commit is contained in:
Benjamin Bannier
Christian Kreibich
parent
54f9e45597
commit
d5fd29edcd
139 changed files with 786 additions and 788 deletions
|
|
@ -59,13 +59,13 @@ export {
|
|||
|
||||
event zeek_init() &priority=5
|
||||
{
|
||||
Log::create_stream(NetControl::DROP_LOG, [$columns=DropInfo, $ev=log_netcontrol_drop, $path="netcontrol_drop", $policy=log_policy_drop]);
|
||||
Log::create_stream(NetControl::DROP_LOG, Log::Stream($columns=DropInfo, $ev=log_netcontrol_drop, $path="netcontrol_drop", $policy=log_policy_drop));
|
||||
}
|
||||
|
||||
function drop_connection(c: conn_id, t: interval, location: string &default="") : string
|
||||
{
|
||||
local e: Entity = [$ty=CONNECTION, $conn=c];
|
||||
local r: Rule = [$ty=DROP, $target=FORWARD, $entity=e, $expire=t, $location=location];
|
||||
local e = Entity($ty=CONNECTION, $conn=c);
|
||||
local r = Rule($ty=DROP, $target=FORWARD, $entity=e, $expire=t, $location=location);
|
||||
|
||||
if ( ! hook NetControl::drop_rule_policy(r) )
|
||||
return "";
|
||||
|
|
@ -88,8 +88,8 @@ function drop_connection(c: conn_id, t: interval, location: string &default="")
|
|||
|
||||
function drop_address(a: addr, t: interval, location: string &default="") : string
|
||||
{
|
||||
local e: Entity = [$ty=ADDRESS, $ip=addr_to_subnet(a)];
|
||||
local r: Rule = [$ty=DROP, $target=FORWARD, $entity=e, $expire=t, $location=location];
|
||||
local e = Entity($ty=ADDRESS, $ip=addr_to_subnet(a));
|
||||
local r = Rule($ty=DROP, $target=FORWARD, $entity=e, $expire=t, $location=location);
|
||||
|
||||
if ( ! hook NetControl::drop_rule_policy(r) )
|
||||
return "";
|
||||
|
|
|
|||
|
|
@ -383,7 +383,7 @@ global rule_entities: table[Entity, RuleType] of Rule;
|
|||
|
||||
event zeek_init() &priority=5
|
||||
{
|
||||
Log::create_stream(NetControl::LOG, [$columns=Info, $ev=log_netcontrol, $path="netcontrol", $policy=log_policy]);
|
||||
Log::create_stream(NetControl::LOG, Log::Stream($columns=Info, $ev=log_netcontrol, $path="netcontrol", $policy=log_policy));
|
||||
}
|
||||
|
||||
function entity_to_info(info: Info, e: Entity)
|
||||
|
|
@ -489,22 +489,22 @@ function rule_to_info(info: Info, r: Rule)
|
|||
|
||||
function log_msg(msg: string, p: PluginState)
|
||||
{
|
||||
Log::write(LOG, [$ts=network_time(), $category=MESSAGE, $msg=msg, $plugin=p$plugin$name(p)]);
|
||||
Log::write(LOG, Info($ts=network_time(), $category=MESSAGE, $msg=msg, $plugin=p$plugin$name(p)));
|
||||
}
|
||||
|
||||
function log_error(msg: string, p: PluginState)
|
||||
{
|
||||
Log::write(LOG, [$ts=network_time(), $category=ERROR, $msg=msg, $plugin=p$plugin$name(p)]);
|
||||
Log::write(LOG, Info($ts=network_time(), $category=ERROR, $msg=msg, $plugin=p$plugin$name(p)));
|
||||
}
|
||||
|
||||
function log_msg_no_plugin(msg: string)
|
||||
{
|
||||
Log::write(LOG, [$ts=network_time(), $category=MESSAGE, $msg=msg]);
|
||||
Log::write(LOG, Info($ts=network_time(), $category=MESSAGE, $msg=msg));
|
||||
}
|
||||
|
||||
function log_rule(r: Rule, cmd: string, state: InfoState, p: PluginState, msg: string &default="")
|
||||
{
|
||||
local info: Info = [$ts=network_time()];
|
||||
local info = Info($ts=network_time());
|
||||
info$category = RULE;
|
||||
info$cmd = cmd;
|
||||
info$state = state;
|
||||
|
|
@ -519,14 +519,14 @@ function log_rule(r: Rule, cmd: string, state: InfoState, p: PluginState, msg: s
|
|||
|
||||
function log_rule_error(r: Rule, msg: string, p: PluginState)
|
||||
{
|
||||
local info: Info = [$ts=network_time(), $category=ERROR, $msg=msg, $plugin=p$plugin$name(p)];
|
||||
local info = Info($ts=network_time(), $category=ERROR, $msg=msg, $plugin=p$plugin$name(p));
|
||||
rule_to_info(info, r);
|
||||
Log::write(LOG, info);
|
||||
}
|
||||
|
||||
function log_rule_no_plugin(r: Rule, state: InfoState, msg: string)
|
||||
{
|
||||
local info: Info = [$ts=network_time()];
|
||||
local info = Info($ts=network_time());
|
||||
info$category = RULE;
|
||||
info$state = state;
|
||||
info$msg = msg;
|
||||
|
|
@ -538,16 +538,16 @@ function log_rule_no_plugin(r: Rule, state: InfoState, msg: string)
|
|||
|
||||
function whitelist_address(a: addr, t: interval, location: string &default="") : string
|
||||
{
|
||||
local e: Entity = [$ty=ADDRESS, $ip=addr_to_subnet(a)];
|
||||
local r: Rule = [$ty=WHITELIST, $priority=whitelist_priority, $target=FORWARD, $entity=e, $expire=t, $location=location];
|
||||
local e = Entity($ty=ADDRESS, $ip=addr_to_subnet(a));
|
||||
local r = Rule($ty=WHITELIST, $priority=whitelist_priority, $target=FORWARD, $entity=e, $expire=t, $location=location);
|
||||
|
||||
return add_rule(r);
|
||||
}
|
||||
|
||||
function whitelist_subnet(s: subnet, t: interval, location: string &default="") : string
|
||||
{
|
||||
local e: Entity = [$ty=ADDRESS, $ip=s];
|
||||
local r: Rule = [$ty=WHITELIST, $priority=whitelist_priority, $target=FORWARD, $entity=e, $expire=t, $location=location];
|
||||
local e = Entity($ty=ADDRESS, $ip=s);
|
||||
local r = Rule($ty=WHITELIST, $priority=whitelist_priority, $target=FORWARD, $entity=e, $expire=t, $location=location);
|
||||
|
||||
return add_rule(r);
|
||||
}
|
||||
|
|
@ -561,8 +561,8 @@ function redirect_flow(f: flow_id, out_port: count, t: interval, location: strin
|
|||
$dst_h=addr_to_subnet(f$dst_h),
|
||||
$dst_p=f$dst_p
|
||||
);
|
||||
local e: Entity = [$ty=FLOW, $flow=flow];
|
||||
local r: Rule = [$ty=REDIRECT, $target=FORWARD, $entity=e, $expire=t, $location=location, $out_port=out_port];
|
||||
local e = Entity($ty=FLOW, $flow=flow);
|
||||
local r = Rule($ty=REDIRECT, $target=FORWARD, $entity=e, $expire=t, $location=location, $out_port=out_port);
|
||||
|
||||
return add_rule(r);
|
||||
}
|
||||
|
|
@ -570,19 +570,19 @@ function redirect_flow(f: flow_id, out_port: count, t: interval, location: strin
|
|||
function quarantine_host(infected: addr, dns: addr, quarantine: addr, t: interval, location: string &default="") : vector of string
|
||||
{
|
||||
local orules: vector of string = vector();
|
||||
local edrop: Entity = [$ty=FLOW, $flow=Flow($src_h=addr_to_subnet(infected))];
|
||||
local rdrop: Rule = [$ty=DROP, $target=FORWARD, $entity=edrop, $expire=t, $location=location];
|
||||
local edrop = Entity($ty=FLOW, $flow=Flow($src_h=addr_to_subnet(infected)));
|
||||
local rdrop = Rule($ty=DROP, $target=FORWARD, $entity=edrop, $expire=t, $location=location);
|
||||
orules += add_rule(rdrop);
|
||||
|
||||
local todnse: Entity = [$ty=FLOW, $flow=Flow($src_h=addr_to_subnet(infected), $dst_h=addr_to_subnet(dns), $dst_p=53/udp)];
|
||||
local todnse = Entity($ty=FLOW, $flow=Flow($src_h=addr_to_subnet(infected), $dst_h=addr_to_subnet(dns), $dst_p=53/udp));
|
||||
local todnsr = Rule($ty=MODIFY, $target=FORWARD, $entity=todnse, $expire=t, $location=location, $mod=FlowMod($dst_h=quarantine), $priority=+5);
|
||||
orules += add_rule(todnsr);
|
||||
|
||||
local fromdnse: Entity = [$ty=FLOW, $flow=Flow($src_h=addr_to_subnet(dns), $src_p=53/udp, $dst_h=addr_to_subnet(infected))];
|
||||
local fromdnse = Entity($ty=FLOW, $flow=Flow($src_h=addr_to_subnet(dns), $src_p=53/udp, $dst_h=addr_to_subnet(infected)));
|
||||
local fromdnsr = Rule($ty=MODIFY, $target=FORWARD, $entity=fromdnse, $expire=t, $location=location, $mod=FlowMod($src_h=dns), $priority=+5);
|
||||
orules += add_rule(fromdnsr);
|
||||
|
||||
local wle: Entity = [$ty=FLOW, $flow=Flow($src_h=addr_to_subnet(infected), $dst_h=addr_to_subnet(quarantine), $dst_p=80/tcp)];
|
||||
local wle = Entity($ty=FLOW, $flow=Flow($src_h=addr_to_subnet(infected), $dst_h=addr_to_subnet(quarantine), $dst_p=80/tcp));
|
||||
local wlr = Rule($ty=WHITELIST, $target=FORWARD, $entity=wle, $expire=t, $location=location, $priority=+5);
|
||||
orules += add_rule(wlr);
|
||||
|
||||
|
|
|
|||
|
|
@ -303,7 +303,7 @@ function create_acld(config: AcldConfig) : PluginState
|
|||
add netcontrol_acld_topics[config$acld_topic];
|
||||
|
||||
local host = cat(config$acld_host);
|
||||
local p: PluginState = [$acld_config=config, $plugin=acld_plugin, $acld_id=netcontrol_acld_current_id];
|
||||
local p = PluginState($acld_config=config, $plugin=acld_plugin, $acld_id=netcontrol_acld_current_id);
|
||||
|
||||
if ( [config$acld_port, host] in netcontrol_acld_peers )
|
||||
Reporter::warning(fmt("Peer %s:%s was added to NetControl acld plugin twice.", host, config$acld_port));
|
||||
|
|
|
|||
|
|
@ -117,7 +117,7 @@ global debug_plugin = Plugin(
|
|||
|
||||
function create_debug(do_something: bool, name: string) : PluginState
|
||||
{
|
||||
local p: PluginState = [$plugin=debug_plugin];
|
||||
local p = PluginState($plugin=debug_plugin);
|
||||
|
||||
# FIXME: Why's the default not working?
|
||||
p$config = table();
|
||||
|
|
@ -132,7 +132,7 @@ function create_debug(do_something: bool, name: string) : PluginState
|
|||
|
||||
function create_debug_error(name: string) : PluginState
|
||||
{
|
||||
local p: PluginState = copy([$plugin=debug_plugin]);
|
||||
local p = copy(PluginState($plugin=debug_plugin));
|
||||
p$config["name"] = name;
|
||||
p$config["all"] = "1";
|
||||
p$plugin$add_rule = debug_add_rule_error;
|
||||
|
|
@ -141,7 +141,7 @@ function create_debug_error(name: string) : PluginState
|
|||
|
||||
function create_debug_exists(name: string) : PluginState
|
||||
{
|
||||
local p: PluginState = copy([$plugin=debug_plugin]);
|
||||
local p = copy(PluginState($plugin=debug_plugin));
|
||||
p$config["name"] = name;
|
||||
p$config["all"] = "1";
|
||||
p$plugin$add_rule = debug_add_rule_exists;
|
||||
|
|
|
|||
|
|
@ -447,7 +447,7 @@ global openflow_plugin = Plugin(
|
|||
|
||||
function create_openflow(controller: OpenFlow::Controller, config: OfConfig &default=[]) : PluginState
|
||||
{
|
||||
local p: PluginState = [$plugin=openflow_plugin, $of_controller=controller, $of_config=config];
|
||||
local p = PluginState($plugin=openflow_plugin, $of_controller=controller, $of_config=config);
|
||||
|
||||
return p;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@ global packetfilter_plugin = Plugin(
|
|||
|
||||
function create_packetfilter() : PluginState
|
||||
{
|
||||
local p: PluginState = [$plugin=packetfilter_plugin];
|
||||
local p = PluginState($plugin=packetfilter_plugin);
|
||||
|
||||
return p;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ export {
|
|||
|
||||
event zeek_init() &priority=5
|
||||
{
|
||||
Log::create_stream(NetControl::SHUNT, [$columns=ShuntInfo, $ev=log_netcontrol_shunt, $path="netcontrol_shunt", $policy=log_policy_shunt]);
|
||||
Log::create_stream(NetControl::SHUNT, Log::Stream($columns=ShuntInfo, $ev=log_netcontrol_shunt, $path="netcontrol_shunt", $policy=log_policy_shunt));
|
||||
}
|
||||
|
||||
function shunt_flow(f: flow_id, t: interval, location: string &default="") : string
|
||||
|
|
@ -51,8 +51,8 @@ function shunt_flow(f: flow_id, t: interval, location: string &default="") : str
|
|||
$dst_h=addr_to_subnet(f$dst_h),
|
||||
$dst_p=f$dst_p
|
||||
);
|
||||
local e: Entity = [$ty=FLOW, $flow=flow];
|
||||
local r: Rule = [$ty=DROP, $target=MONITOR, $entity=e, $expire=t, $location=location];
|
||||
local e = Entity($ty=FLOW, $flow=flow);
|
||||
local r = Rule($ty=DROP, $target=MONITOR, $entity=e, $expire=t, $location=location);
|
||||
|
||||
local id = add_rule(r);
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue