From 3f3344d007f767123727365abfed2997bd1f1dfa Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Wed, 5 Sep 2018 18:07:42 -0500 Subject: [PATCH 1/5] Add krb5 devel package to Travis docker containers Added the kerberos devel package to the debian-based docker containers so that fewer tests are skipped. --- testing/scripts/travis-job | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/testing/scripts/travis-job b/testing/scripts/travis-job index 6edf13922a..12b23262fd 100644 --- a/testing/scripts/travis-job +++ b/testing/scripts/travis-job @@ -83,16 +83,16 @@ install_in_docker() { distro_cmds="yum -y install cmake make gcc gcc-c++ flex bison libpcap-devel openssl-devel git openssl which" ;; debian_9) - distro_cmds="apt-get update; apt-get -y install cmake make gcc g++ flex bison python libpcap-dev libssl-dev zlib1g-dev git sqlite3 curl bsdmainutils" + distro_cmds="apt-get update; apt-get -y install cmake make gcc g++ flex bison python libpcap-dev libssl-dev zlib1g-dev libkrb5-dev git sqlite3 curl bsdmainutils" ;; fedora_28) distro_cmds="yum -y install cmake make gcc gcc-c++ flex bison libpcap-devel openssl-devel git sqlite findutils which; ln -s /usr/bin/python3 /usr/local/bin/python" ;; ubuntu_16.04) - distro_cmds="apt-get update; apt-get -y install cmake make gcc g++ flex bison python libpcap-dev libssl-dev zlib1g-dev git sqlite3 curl bsdmainutils" + distro_cmds="apt-get update; apt-get -y install cmake make gcc g++ flex bison python libpcap-dev libssl-dev zlib1g-dev libkrb5-dev git sqlite3 curl bsdmainutils" ;; ubuntu_18.04) - distro_cmds="apt-get update; apt-get -y install cmake make gcc g++ flex bison python3 libpcap-dev libssl-dev zlib1g-dev git sqlite3 curl bsdmainutils; ln -s /usr/bin/python3 /usr/local/bin/python" + distro_cmds="apt-get update; apt-get -y install cmake make gcc g++ flex bison python3 libpcap-dev libssl-dev zlib1g-dev libkrb5-dev git sqlite3 curl bsdmainutils; ln -s /usr/bin/python3 /usr/local/bin/python" ;; *) echo "Error: distro ${distro} is not recognized by this script" From 563fc8c6aef87f2674d660bd38e22638d5aec237 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Wed, 5 Sep 2018 20:46:09 -0500 Subject: [PATCH 2/5] Fix a typo and indentation in the configure script --- configure | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configure b/configure index a26a4bc5a2..ee2dcbe383 100755 --- a/configure +++ b/configure @@ -56,7 +56,7 @@ Usage: $0 [OPTION]... [VAR=VALUE]... --disable-auxtools don't build or install auxiliary tools --disable-perftools don't try to build with Google Perftools --disable-python don't try to build python bindings for broker - --disable-broker-tests don'e try to build Broker unit tests + --disable-broker-tests don't try to build Broker unit tests Required Packages in Non-Standard Locations: --with-openssl=PATH path to OpenSSL install root @@ -223,7 +223,7 @@ while [ $# -ne 0 ]; do append_cache_entry DISABLE_RUBY_BINDINGS BOOL true append_cache_entry INSTALL_BROCCOLI BOOL yes ;; - --disable-broctl) + --disable-broctl) append_cache_entry INSTALL_BROCTL BOOL false ;; --disable-auxtools) From d3347bc90fb994ff8aa687e87a68733afb49fd63 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Wed, 5 Sep 2018 20:47:18 -0500 Subject: [PATCH 3/5] Update the install documentation Added krb5 headers and libraries to the list of optional dependencies. Removed an obsolete section on installing a new compiler on old FreeBSD versions. The system compiler can build Bro on all currently supported versions of FreeBSD. --- doc/install/install.rst | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/doc/install/install.rst b/doc/install/install.rst index dee3ba0d0c..87b84d7fda 100644 --- a/doc/install/install.rst +++ b/doc/install/install.rst @@ -72,21 +72,6 @@ To install the required dependencies, you can use: sudo pkg install bash cmake swig30 bison python py27-sqlite3 py27-ipaddress - For older versions of FreeBSD (especially FreeBSD 9.x), the system compiler - is not new enough to compile Bro. For these systems, you will have to install - a newer compiler using pkg; the ``clang34`` package should work. - - You will also have to define several environment variables on these older - systems to use the new compiler and headers similar to this before calling - configure: - - .. console:: - - export CC=clang34 - export CXX=clang++34 - export CXXFLAGS="-stdlib=libc++ -I${LOCALBASE}/include/c++/v1 -L${LOCALBASE}/lib" - export LDFLAGS="-pthread" - * Mac OS X: Compiling source code on Macs requires first installing either Xcode_ @@ -123,6 +108,7 @@ build time: * gperftools (tcmalloc is used to improve memory and CPU usage) * jemalloc (http://www.canonware.com/jemalloc/) * PF_RING (Linux only, see :doc:`Cluster Configuration <../configuration/index>`) + * krb5 libraries and headers * ipsumdump (for trace-summary; http://www.cs.ucla.edu/~kohler/ipsumdump) Geolocation is probably the most interesting and can be installed From 35241fc1f15b21947e8c5c7c778b52228cc98192 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Wed, 5 Sep 2018 21:37:51 -0500 Subject: [PATCH 4/5] Update NEWS Listed the bro package website (packages.bro.org) instead of github.com/bro/packages, as the bro package website is much easier to use when browsing the list of available packages. Also wrapped a long line in the text. --- NEWS | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index e38a0452e6..d55d95accc 100644 --- a/NEWS +++ b/NEWS @@ -257,8 +257,8 @@ New Functionality - ssl_server_hello - ssl_encrypted_data - If you use these events, you can make your scripts work on old and new versions - of Bro by wrapping the event definition in an "@if", for example:: + If you use these events, you can make your scripts work on old and new + versions of Bro by wrapping the event definition in an "@if", for example:: @if ( Version::at_least("2.6") || ( Version::number == 20500 && Version::info$commit >= 944 ) ) event ssl_client_hello(c: connection, version: count, record_version: count, possible_ts: time, client_random: string, session_id: string, ciphers: index_vec, comp_methods: index_vec) @@ -541,7 +541,7 @@ Removed Functionality - We no longer maintain any Bro plugins as part of the Bro distribution. Most of the plugins that used to be in aux/plugins have been moved over to use the Bro Package Manager instead. See - https://github.com/bro/packages for a list of Bro packages currently + https://packages.bro.org for a list of Bro packages currently available. - The "ocsp_request" event no longer has "requestorName" parameter. From d1ed09bddbd5b4b84cd53127e8d82ef2c822d787 Mon Sep 17 00:00:00 2001 From: Daniel Thayer Date: Wed, 5 Sep 2018 22:26:33 -0500 Subject: [PATCH 5/5] Added a documentation comment for the Input::Event type --- scripts/base/frameworks/input/main.bro | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/base/frameworks/input/main.bro b/scripts/base/frameworks/input/main.bro index e5676002d4..0839602a7a 100644 --- a/scripts/base/frameworks/input/main.bro +++ b/scripts/base/frameworks/input/main.bro @@ -4,6 +4,7 @@ module Input; export { + ## Type that describes what kind of change occurred. type Event: enum { ## New data has been imported. EVENT_NEW = 0,