Modification to the Communication framework API.

- Simplified the communication API and made it easier to change to encrypted connections by not having separate variables to define encrypted and unencrypted ports. - Now, to enable listening without configuring nodes just load the frameworks/communication/listen script. - If encrypted listening is desired set the following: redef Communication::listen_encrypted=T; - Accompanying test updates.
2025-10-14 20:48:21 +00:00 · 2011-10-07 13:29:26 -04:00 · 2011-10-07 13:29:26 -04:00 · da9b8cc283
commit da9b8cc283
parent 250fb3c352
16 changed files with 38 additions and 64 deletions
--- a/scripts/base/frameworks/cluster/load.bro
+++ b/scripts/base/frameworks/cluster/load.bro
@ -21,10 +21,10 @@ redef peer_description = Cluster::node;

 # Don't load the listening script until we're a bit more sure that the
 # cluster framework is actually being enabled.
-@load frameworks/communication/listen-clear
+@load frameworks/communication/listen

 ## Set the port that this node is supposed to listen on.
-redef Communication::listen_port_clear = Cluster::nodes[Cluster::node]$p;
+redef Communication::listen_port = Cluster::nodes[Cluster::node]$p;

@if ( Cluster::local_node_type() == Cluster::MANAGER )
@load ./nodes/manager
--- a/scripts/base/frameworks/communication/main.bro
+++ b/scripts/base/frameworks/communication/main.bro
@ -8,12 +8,18 @@ module Communication;
 export {
 	redef enum Log::ID += { LOG };
 	
-	const default_port_ssl = 47756/tcp &redef;
-	const default_port_clear = 47757/tcp &redef;
+	## Which interface to listen on (0.0.0.0 for any interface).
+	const listen_interface = 0.0.0.0 &redef;
+	
+	## Which port to listen on.
+	const listen_port = 47757/tcp &redef;
+	
+	## This defines if a listening socket should use encryption.
+	const listen_encrypted = F &redef;

 	## Default compression level.  Compression level is 0-9, with 0 = no 
 	## compression.
-	global default_compression = 0 &redef;
+	global compression_level = 0 &redef;

 	type Info: record {
 		ts:                  time   &log;
@ -77,11 +83,8 @@ export {
 		## Whether to use SSL-based communication.
 		ssl: bool &default = F;

-		## Take-over state from this host (activated by loading hand-over.bro)
-		hand_over: bool &default = F;
-
 		## Compression level is 0-9, with 0 = no compression.
-		compression: count &default = default_compression;
+		compression: count &default = compression_level;

 		## The remote peer.
 		peer: event_peer &optional;
@ -135,7 +138,7 @@ function do_script_log(p: event_peer, msg: string)
 function connect_peer(peer: string)
 	{
 	local node = nodes[peer];
-	local p = node$ssl ? default_port_ssl : default_port_clear;
+	local p = listen_port;

 	if ( node?$p )
 		p = node$p;
@ -238,7 +241,7 @@ event remote_connection_established(p: event_peer)
 			}

 		if ( ! found )
-			set_compression_level(p, default_compression);
+			set_compression_level(p, compression_level);
 		}

 	complete_handshake(p);
--- a/scripts/policy/frameworks/communication/listen-clear.bro
+++ b/scripts/policy/frameworks/communication/listen-clear.bro
@ -1,20 +0,0 @@
-##! Listen for other Bro instances to make unencrypted connections.
-
-@load base/frameworks/communication
-
-module Communication;
-
-export {
-	## Which port to listen on for clear connections.
-	const listen_port_clear = Communication::default_port_clear &redef;
-	
-	## Which IP address to bind to (0.0.0.0 for any interface).
-	const listen_if_clear = 0.0.0.0 &redef;
-	
-}
-
-event bro_init() &priority=-10
-	{
-	enable_communication();
-	listen(listen_if_clear, listen_port_clear, F);
-	}
--- a/scripts/policy/frameworks/communication/listen-ssl.bro
+++ b/scripts/policy/frameworks/communication/listen-ssl.bro
@ -1,21 +0,0 @@
-##! Listen for other Bro instances and encrypt the connection with SSL.
-
-@load base/frameworks/communication
-
-module Communication;
-
-export {
-	## Which port to listen on for SSL encrypted connections.
-	const listen_port_ssl = Communication::default_port_ssl &redef;
-	
-	## Which IP address to bind to for SSL encrypted connections
-	## (0.0.0.0 for any interface).
-	const listen_if_ssl = 0.0.0.0 &redef;
-	
-}
-
-event bro_init() &priority=-10
-	{
-	enable_communication();
-	listen(listen_if_ssl, listen_port_ssl, T);
-	}
--- a/scripts/policy/frameworks/communication/listen.bro
+++ b/scripts/policy/frameworks/communication/listen.bro
@ -0,0 +1,12 @@
+##! Loading this script will make the Bro instance listen for remote 
+##! Bro instances to connect.
+
+@load base/frameworks/communication
+
+module Communication;
+
+event bro_init() &priority=-10
+	{
+	enable_communication();
+	listen(listen_interface, listen_port, listen_encrypted);
+	}
--- a/scripts/policy/frameworks/control/controllee.bro
+++ b/scripts/policy/frameworks/control/controllee.bro
@ -1,7 +1,7 @@
@load base/frameworks/control
 # If an instance is a controllee, it implicitly needs to listen for remote
 # connections.
-@load frameworks/communication/listen-clear
+@load frameworks/communication/listen

 module Control;

--- a/scripts/test-all-policy.bro
+++ b/scripts/test-all-policy.bro
@ -9,8 +9,7 @@

 # The base/ scripts are all loaded by default and not included here.

-# @load frameworks/communication/listen-clear.bro
-# @load frameworks/communication/listen-ssl.bro
+# @load frameworks/communication/listen.bro
 # @load frameworks/control/controllee.bro
 # @load frameworks/control/controller.bro
@load frameworks/dpd/detect-protocols.bro