diff --git a/CHANGES b/CHANGES index 0f99bc6931..cc3bdac9c3 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,13 @@ +5.2.0-dev.313 | 2022-11-14 09:41:06 -0700 + + * Re-enable strcasestr on Windows, fix linking error (Tim Wojtulewicz) + + * Minor renaming changes to event handler stats bif, plus a test (Tim Wojtulewicz, Corelight) + + * Remove unneeded forward-declaration of select() (Tim Wojtulewicz, Corelight) + + * Rework setting adding ports to map slightly (Tim Wojtulewicz, Corelight) + 5.2.0-dev.307 | 2022-11-11 15:13:47 -0700 * Merged support for Microsoft Windows (Tomer Lev, Elad Solomon, Microsoft) diff --git a/VERSION b/VERSION index b3c0a982bf..3bf73d59ea 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -5.2.0-dev.307 +5.2.0-dev.313 diff --git a/scripts/base/init-bare.zeek b/scripts/base/init-bare.zeek index 767c33cb1a..c1f73949cc 100644 --- a/scripts/base/init-bare.zeek +++ b/scripts/base/init-bare.zeek @@ -797,9 +797,9 @@ type ReporterStats: record { ## .. zeek:see:: get_event_handler_call_counts type EventNameCounter: record { ## Name of the zeek event. - name: string &log; - ## Times it was queued, as captured by event hook. - times_queued: count &log; + name: string &log; + ## Times it was called, as counted by the event handlers. + times_called: count &log; } &log; type EventNameStats: vector of EventNameCounter; diff --git a/src/RunState.cc b/src/RunState.cc index 6a1d4c3387..67041cc915 100644 --- a/src/RunState.cc +++ b/src/RunState.cc @@ -40,13 +40,6 @@ extern "C" #include "zeek/plugin/Manager.h" #include "zeek/session/Manager.h" -#ifndef _MSC_VER -extern "C" - { - extern int select(int, fd_set*, fd_set*, fd_set*, struct timeval*); - } -#endif - static double last_watchdog_proc_time = 0.0; // value of above during last watchdog extern int signal_val; diff --git a/src/Val.cc b/src/Val.cc index cf1c2b37b6..c00fdbfe55 100644 --- a/src/Val.cc +++ b/src/Val.cc @@ -3972,10 +3972,9 @@ const PortValPtr& ValManager::Port(uint32_t port_num, TransportProto port_type) port_num = 0; } - uint32_t port_masked = PortVal::Mask(port_num, port_type); - if ( ports.find(port_masked) == ports.end() ) - ports[port_masked] = IntrusivePtr{AdoptRef{}, - new PortVal(PortVal::Mask(port_num, port_type))}; + auto port_masked = PortVal::Mask(port_num, port_type); + if ( ports.count(port_masked) == 0 ) + ports.insert({port_masked, make_intrusive(port_masked)}); return ports[port_masked]; } diff --git a/src/stats.bif b/src/stats.bif index 9adc49b16c..0cf113b921 100644 --- a/src/stats.bif +++ b/src/stats.bif @@ -485,17 +485,15 @@ function get_reporter_stats%(%): ReporterStats return r; %} -## Returns a list of event handlers that were called and the number of times -## each was called. +## Returns statistics about calls to event handlers. ## ## Returns: A record with event call statistics. ## -function get_event_handler_call_counts%(%): EventNameStats +function get_event_handler_stats%(%): EventNameStats %{ auto rval = zeek::make_intrusive(zeek::id::find_type("EventNameStats")); const auto& recordType = zeek::id::find_type("EventNameCounter"); - int i = 0; const auto& events = event_registry->UsedHandlers(); for ( const auto& name : events ) { @@ -507,8 +505,7 @@ function get_event_handler_call_counts%(%): EventNameStats auto eventStatRecord = zeek::make_intrusive(recordType); eventStatRecord->Assign(0, zeek::make_intrusive(name)); eventStatRecord->Assign(1, zeek::val_mgr->Count(handler->CallCount())); - rval->Assign(i, std::move(eventStatRecord)); - i++; + rval->Append(std::move(eventStatRecord)); } } diff --git a/src/util.cc b/src/util.cc index 6b01b1f28b..52b99e913d 100644 --- a/src/util.cc +++ b/src/util.cc @@ -1343,20 +1343,7 @@ const char* strpbrk_n(size_t len, const char* s, const char* charset) return nullptr; } -#if ! defined(HAVE_STRCASESTR) && ! defined(_MSC_VER) - -TEST_CASE("util strcasestr") - { - const char* s = "this is a string"; - const char* out = strcasestr(s, "is"); - CHECK(strcmp(out, "is a string") == 0); - - const char* out2 = strcasestr(s, "IS"); - CHECK(strcmp(out2, "is a string") == 0); - - const char* out3 = strcasestr(s, "not there"); - CHECK(strcmp(out2, s) == 0); - } +#if ! defined(HAVE_STRCASESTR) // This code is derived from software contributed to BSD by Chris Torek. char* strcasestr(const char* s, const char* find) @@ -1384,6 +1371,20 @@ char* strcasestr(const char* s, const char* find) return (char*)s; } + +TEST_CASE("util strcasestr") + { + const char* s = "this is a string"; + const char* out = strcasestr(s, "is"); + CHECK(strcmp(out, "is a string") == 0); + + const char* out2 = strcasestr(s, "IS"); + CHECK(strcmp(out2, "is a string") == 0); + + const char* out3 = strcasestr(s, "not there"); + CHECK(strcmp(out2, s) == 0); + } + #endif TEST_CASE("util atoi_n") diff --git a/testing/btest/Baseline/bifs.event-handler-stats/out b/testing/btest/Baseline/bifs.event-handler-stats/out new file mode 100644 index 0000000000..90d679233f --- /dev/null +++ b/testing/btest/Baseline/bifs.event-handler-stats/out @@ -0,0 +1 @@ +[[name=Broker::log_flush, times_called=2], [name=ChecksumOffloading::check, times_called=2], [name=NetControl::init, times_called=1], [name=analyzer_confirmation_info, times_called=1], [name=connection_established, times_called=1], [name=connection_state_remove, times_called=1], [name=file_new, times_called=1], [name=file_over_new_connection, times_called=1], [name=file_sniff, times_called=1], [name=file_state_remove, times_called=1], [name=filter_change_tracking, times_called=3], [name=get_file_handle, times_called=4], [name=http_begin_entity, times_called=2], [name=http_end_entity, times_called=2], [name=http_header, times_called=13], [name=http_message_done, times_called=2], [name=http_reply, times_called=1], [name=http_request, times_called=1], [name=net_done, times_called=1], [name=new_connection, times_called=1], [name=run_sync_hook, times_called=2], [name=zeek_done, times_called=1], [name=zeek_init, times_called=1]] diff --git a/testing/btest/bifs/event-handler-stats.zeek b/testing/btest/bifs/event-handler-stats.zeek new file mode 100644 index 0000000000..129a5d8809 --- /dev/null +++ b/testing/btest/bifs/event-handler-stats.zeek @@ -0,0 +1,7 @@ +# @TEST-EXEC: zeek -r $TRACES/http/get.trace %INPUT >out +# @TEST-EXEC: btest-diff out + +event zeek_done() +{ + print(get_event_handler_stats()); +} \ No newline at end of file